chore: Added validation to DTOs used by CustomBenefit Resource.

Author: Justin-MacIntosh

builder-api/src/main/java/org/acme/controller/CustomBenefitResource.java

@@ -3,6 +3,7 @@
 import io.quarkus.logging.Log;
 import io.quarkus.security.identity.SecurityIdentity;
 import jakarta.inject.Inject;
+import jakarta.validation.Valid;
 import jakarta.ws.rs.*;
 import jakarta.ws.rs.core.Context;
 import jakarta.ws.rs.core.MediaType;
@@ -74,29 +75,22 @@ public Response getCustomBenefits(
     public Response createCustomBenefit(
         @Context SecurityIdentity identity,
         @PathParam("screenerId") String screenerId,
-        CreateCustomBenefitRequest request
+        @Valid CreateCustomBenefitRequest request
     ) {
         String userId = AuthUtils.getUserId(identity);
 
-        // Validate request
-        if (request.name == null || request.name.isBlank()) {
-            return Response.status(Response.Status.BAD_REQUEST)
-                    .entity(Map.of("error", "Name is required"))
-                    .build();
-        }
-
         // Create new Benefit with server-generated ID
         String newBenefitId = UUID.randomUUID().toString();
         Benefit newBenefit = new Benefit(
             newBenefitId,
-            request.name,
-            request.description,
+            request.name(),
+            request.description(),
             userId,
             Collections.emptyList()
         );
 
         // Create corresponding BenefitDetail
-        BenefitDetail benefitDetail = new BenefitDetail(newBenefitId, request.name, request.description);
+        BenefitDetail benefitDetail = new BenefitDetail(newBenefitId, request.name(), request.description());
 
         try {
             // Check to make sure screener exists
@@ -159,7 +153,7 @@ public Response updateCustomBenefit(
         @Context SecurityIdentity identity,
         @PathParam("screenerId") String screenerId,
         @PathParam("benefitId") String benefitId,
-        UpdateCustomBenefitRequest request
+        @Valid UpdateCustomBenefitRequest request
     ) {
         String userId = AuthUtils.getUserId(identity);
 
@@ -271,17 +265,10 @@ public Response addCheckToBenefit(
         @Context SecurityIdentity identity,
         @PathParam("screenerId") String screenerId,
         @PathParam("benefitId") String benefitId,
-        AddCheckRequest request
+        @Valid AddCheckRequest request
     ) {
         String userId = AuthUtils.getUserId(identity);
 
-        // Validate request
-        if (request.checkId == null || request.checkId.isBlank()) {
-            return Response.status(Response.Status.BAD_REQUEST)
-                    .entity(Map.of("error", "checkId is required"))
-                    .build();
-        }
-
         if (!isUserAuthorizedForScreener(userId, screenerId)) {
             return Response.status(Response.Status.UNAUTHORIZED).build();
         }
@@ -296,9 +283,11 @@ public Response addCheckToBenefit(
             }
 
             // Find the EligibilityCheck - first try user's custom checks, then library checks
-            Optional<EligibilityCheck> checkOpt = eligibilityCheckRepository.getPublishedCustomCheck(userId, request.checkId);
+            Optional<EligibilityCheck> checkOpt = (
+                eligibilityCheckRepository.getPublishedCustomCheck(userId, request.checkId())
+            );
             if (checkOpt.isEmpty()) {
-                checkOpt = libraryApiMetadataService.getById(request.checkId);
+                checkOpt = libraryApiMetadataService.getById(request.checkId());
             }
 
             if (checkOpt.isEmpty()) {
@@ -440,7 +429,7 @@ public Response updateCheckParameters(
             List<CheckConfig> checkListAfterUpdate = new ArrayList<>();
             for (CheckConfig check : checks) {
                 if (check.getCheckId().equals(checkId)) {
-                    check.setParameters(request.parameters != null ? request.parameters : new HashMap<>());
+                    check.setParameters(request.parameters() != null ? request.parameters() : new HashMap<>());
                     checkUpdated = true;
                 }
                 checkListAfterUpdate.add(check);

builder-api/src/main/java/org/acme/model/dto/CustomBenefit/AddCheckRequest.java

@@ -1,5 +1,7 @@
 package org.acme.model.dto.CustomBenefit;
 
-public class AddCheckRequest {
-    public String checkId;
-}
+import org.acme.api.validation.AtLeastOneProvided;
+
+@AtLeastOneProvided(fields = {"checkId"})
+public record AddCheckRequest(String checkId) {}
+

builder-api/src/main/java/org/acme/model/dto/CustomBenefit/CreateCustomBenefitRequest.java

@@ -1,6 +1,8 @@
 package org.acme.model.dto.CustomBenefit;
 
-public class CreateCustomBenefitRequest {
-    public String name;
-    public String description;
-}
+import jakarta.validation.constraints.NotBlank;
+
+public record CreateCustomBenefitRequest(
+    @NotBlank(message = "Custom Benefit name must be provided.") String name,
+    String description
+) {}

builder-api/src/main/java/org/acme/model/dto/CustomBenefit/UpdateCheckParametersRequest.java

@@ -2,6 +2,7 @@
 
 import java.util.Map;
 
-public class UpdateCheckParametersRequest {
-    public Map<String, Object> parameters;
-}
+import org.acme.api.validation.AtLeastOneProvided;
+
+@AtLeastOneProvided(fields = {"parameters"})
+public record UpdateCheckParametersRequest(Map<String, Object> parameters) {}

builder-api/src/main/java/org/acme/model/dto/CustomBenefit/UpdateCustomBenefitRequest.java

@@ -1,5 +1,8 @@
 package org.acme.model.dto.CustomBenefit;
 
+import org.acme.api.validation.AtLeastOneProvided;
+
+@AtLeastOneProvided(fields = {"name", "description"})
 public class UpdateCustomBenefitRequest {
     public String name;
     public String description;