diff --git a/lib/taskana-core/src/main/java/pro/taskana/task/internal/AttachmentHandler.java b/lib/taskana-core/src/main/java/pro/taskana/task/internal/AttachmentHandler.java index 903e57ad69..3a2ff88f27 100644 --- a/lib/taskana-core/src/main/java/pro/taskana/task/internal/AttachmentHandler.java +++ b/lib/taskana-core/src/main/java/pro/taskana/task/internal/AttachmentHandler.java @@ -45,7 +45,7 @@ void insertAndDeleteAttachmentsOnTaskUpdate(TaskImpl newTaskImpl, TaskImpl oldTa newTaskImpl.setAttachments(newAttachments); for (Attachment attachment : newAttachments) { - verifyAttachment((AttachmentImpl) attachment, newTaskImpl.getDomain()); + verifyAttachment((AttachmentImpl) attachment, newTaskImpl.getDomain(), newTaskImpl.getId()); initAttachment((AttachmentImpl) attachment, newTaskImpl); } @@ -63,7 +63,7 @@ void insertNewAttachmentsOnTaskCreation(TaskImpl task) if (attachments != null) { for (Attachment attachment : attachments) { AttachmentImpl attachmentImpl = (AttachmentImpl) attachment; - verifyAttachment(attachmentImpl, task.getDomain()); + verifyAttachment(attachmentImpl, task.getDomain(), task.getId()); initAttachment(attachmentImpl, task); try { @@ -176,7 +176,7 @@ private void initAttachment(AttachmentImpl attachment, Task newTask) { } } - private void verifyAttachment(AttachmentImpl attachment, String domain) + private void verifyAttachment(AttachmentImpl attachment, String domain, String taskId) throws InvalidArgumentException, ClassificationNotFoundException { ClassificationSummary classification = attachment.getClassificationSummary(); if (classification == null) { @@ -186,6 +186,11 @@ private void verifyAttachment(AttachmentImpl attachment, String domain) throw new InvalidArgumentException("ClassificationKey of Attachment must not be empty."); } + if (attachment.getTaskId() != null && !attachment.getTaskId().equals(taskId)) { + throw new InvalidArgumentException( + "An attachments' taskId must be empty or equal to the id of the task it belongs to"); + } + ObjectReferenceImpl.validate(attachment.getObjectReference(), "ObjectReference", "Attachment"); classification = diff --git a/rest/taskana-rest-spring/src/test/java/pro/taskana/task/rest/TaskControllerIntTest.java b/rest/taskana-rest-spring/src/test/java/pro/taskana/task/rest/TaskControllerIntTest.java index 1093cc9dd5..00f2454111 100644 --- a/rest/taskana-rest-spring/src/test/java/pro/taskana/task/rest/TaskControllerIntTest.java +++ b/rest/taskana-rest-spring/src/test/java/pro/taskana/task/rest/TaskControllerIntTest.java @@ -37,6 +37,7 @@ import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.client.HttpStatusCodeException; +import org.testcontainers.shaded.com.google.common.collect.Lists; import pro.taskana.TaskanaConfiguration; import pro.taskana.classification.rest.models.ClassificationSummaryRepresentationModel; import pro.taskana.common.internal.util.Pair; @@ -45,6 +46,7 @@ import pro.taskana.rest.test.TaskanaSpringBootTest; import pro.taskana.sampledata.SampleDataGenerator; import pro.taskana.task.api.TaskState; +import pro.taskana.task.rest.models.AttachmentRepresentationModel; import pro.taskana.task.rest.models.IsReadRepresentationModel; import pro.taskana.task.rest.models.ObjectReferenceRepresentationModel; import pro.taskana.task.rest.models.TaskRepresentationModel; @@ -139,6 +141,31 @@ private TaskRepresentationModel getTaskResourceSample() { return taskRepresentationModel; } + private ObjectReferenceRepresentationModel getObjectReferenceResourceSample() { + ObjectReferenceRepresentationModel objectReference = new ObjectReferenceRepresentationModel(); + objectReference.setCompany("MyCompany1"); + objectReference.setSystem("MySystem1"); + objectReference.setSystemInstance("MyInstance1"); + objectReference.setType("MyType1"); + objectReference.setValue("00000001"); + return objectReference; + } + + private AttachmentRepresentationModel getAttachmentResourceSample() { + AttachmentRepresentationModel attachmentRepresentationModel = + new AttachmentRepresentationModel(); + attachmentRepresentationModel.setAttachmentId("A11010"); + attachmentRepresentationModel.setObjectReference(getObjectReferenceResourceSample()); + ClassificationSummaryRepresentationModel classificationSummaryRepresentationModel = + new ClassificationSummaryRepresentationModel(); + classificationSummaryRepresentationModel + .setClassificationId("CLI:100000000000000000000000000000000004"); + classificationSummaryRepresentationModel.setKey("L11010"); + attachmentRepresentationModel + .setClassificationSummary(classificationSummaryRepresentationModel); + return attachmentRepresentationModel; + } + private ObjectReferenceRepresentationModel getSampleSecondaryObjectReference(String suffix) { ObjectReferenceRepresentationModel objectReference = new ObjectReferenceRepresentationModel(); objectReference.setCompany("SecondaryCompany" + suffix); @@ -1518,6 +1545,27 @@ void should_CreateAndDeleteTask() { assertThat(responseDeleted.getStatusCode()).isEqualTo(HttpStatus.NO_CONTENT); } + @Test + void should_CreateTaskWithError_When_SpecifyingAttachmentWrong() { + TaskRepresentationModel taskRepresentationModel = getTaskResourceSample(); + AttachmentRepresentationModel attachmentRepresentationModel = getAttachmentResourceSample(); + attachmentRepresentationModel.setTaskId(taskRepresentationModel.getTaskId() + "wrongId"); + taskRepresentationModel.setAttachments(Lists.newArrayList(attachmentRepresentationModel)); + + String url = restHelper.toUrl(RestEndpoints.URL_TASKS); + HttpEntity auth = + new HttpEntity<>( + taskRepresentationModel, RestHelper.generateHeadersForUser("teamlead-1")); + + ThrowingCallable httpCall = + () -> TEMPLATE.exchange(url, HttpMethod.POST, auth, TASK_MODEL_TYPE); + + assertThatThrownBy(httpCall) + .extracting(HttpStatusCodeException.class::cast) + .extracting(HttpStatusCodeException::getStatusCode) + .isEqualTo(HttpStatus.BAD_REQUEST); + } + @Test void should_CreateAndDeleteTaskWithSecondaryObjectReferences_When_SpecifyingObjectReferences() { TaskRepresentationModel taskRepresentationModel = getTaskResourceSample(); @@ -1605,7 +1653,7 @@ void should_CreateTaskWithCorrectPriorityAndThenDeleteIt_When_NotSpecifyingManua /** * TSK-926: If Planned and Due Date is provided to create a task and not matching to service - * level throw an exception One is calculated by other other date +- service level. + * level throw an exception One is calculated by other date +- service level. */ @Test void should_ThrowException_When_CreatingTaskWithPlannedAndDueDateNotMatchingServiceLevel() { @@ -1741,6 +1789,36 @@ void should_ChangeValueOfModified_When_UpdatingTask() { assertThat(updatedTask).isNotNull(); assertThat(originalTask.getModified()).isBefore(updatedTask.getModified()); } + + @Test + void should_ThrowError_When_UpdatingTaskWithBadAttachment() { + String url = + restHelper.toUrl(RestEndpoints.URL_TASKS_ID, + "TKI:100000000000000000000000000000000000"); + HttpEntity httpEntityWithoutBody = + new HttpEntity<>(RestHelper.generateHeadersForUser("teamlead-1")); + + ResponseEntity responseGet = + TEMPLATE.exchange(url, HttpMethod.GET, httpEntityWithoutBody, TASK_MODEL_TYPE); + + final TaskRepresentationModel originalTask = responseGet.getBody(); + + AttachmentRepresentationModel attachmentRepresentationModel = getAttachmentResourceSample(); + attachmentRepresentationModel.setTaskId(originalTask.getTaskId() + "wrongId"); + originalTask.setAttachments(Lists.newArrayList(attachmentRepresentationModel)); + + + HttpEntity httpEntity = + new HttpEntity<>(originalTask, RestHelper.generateHeadersForUser("teamlead-1")); + + ThrowingCallable httpCall = + () -> TEMPLATE.exchange(url, HttpMethod.PUT, httpEntity, TASK_MODEL_TYPE); + + assertThatThrownBy(httpCall) + .extracting(HttpStatusCodeException.class::cast) + .extracting(HttpStatusCodeException::getStatusCode) + .isEqualTo(HttpStatus.BAD_REQUEST); + } } @Nested