Skip to content

EligibilityCheck API Validation #298

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Justin-MacIntosh merged 2 commits into from
Feb 28, 2026
Merged

EligibilityCheck API Validation #298

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2362589
feat: Added API validation to EligibilityCheck API endpoints
Justin-MacIntosh Feb 26, 2026
87cfed3
CR Updates: Changed JsonServerExceptionMappers logging to WARN
Justin-MacIntosh Feb 28, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions builder-api/src/main/java/org/acme/api/error/JsonServerExceptionMappers.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package org.acme.api.error;

import io.quarkus.logging.Log;
import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.exc.MismatchedInputException;
Expand All @@ -12,6 +13,7 @@ public class JsonServerExceptionMappers {

@ServerExceptionMapper
public Response map(MismatchedInputException e) {
Log.warn(e);
// e.g. screenerName is object but DTO expects String
String field =
e.getPath() != null && !e.getPath().isEmpty()
Expand All @@ -26,6 +28,7 @@ public Response map(MismatchedInputException e) {

@ServerExceptionMapper
public Response map(JsonParseException e) {
Log.warn(e);
// malformed JSON like { "schema": }
return Response.status(Response.Status.BAD_REQUEST)
.type(MediaType.APPLICATION_JSON)
Expand All @@ -35,6 +38,7 @@ public Response map(JsonParseException e) {

@ServerExceptionMapper
public Response map(WebApplicationException e) {
Log.warn(e);
return Response.status(Response.Status.BAD_REQUEST)
.type(MediaType.APPLICATION_JSON)
.entity(ApiError.of("Malformed JSON."))
Expand All @@ -43,6 +47,7 @@ public Response map(WebApplicationException e) {

@ServerExceptionMapper
public Response map(JsonMappingException e) {
Log.warn(e);
// other mapping errors
return Response.status(Response.Status.BAD_REQUEST)
.type(MediaType.APPLICATION_JSON)
Expand Down
26 changes: 14 additions & 12 deletions builder-api/src/main/java/org/acme/controller/EligibilityCheckResource.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import io.quarkus.logging.Log;
import io.quarkus.security.identity.SecurityIdentity;
import jakarta.inject.Inject;
import jakarta.validation.Valid;
import jakarta.ws.rs.*;
import jakarta.ws.rs.core.Context;
import jakarta.ws.rs.core.MediaType;
Expand All @@ -11,9 +12,9 @@
import org.acme.auth.AuthUtils;
import org.acme.constants.CheckStatus;
import org.acme.model.domain.EligibilityCheck;
import org.acme.model.dto.CheckDmnRequest;
import org.acme.model.dto.CreateCheckRequest;
import org.acme.model.dto.UpdateCheckRequest;
import org.acme.model.dto.EligibilityCheck.CheckDmnRequest;
import org.acme.model.dto.EligibilityCheck.EditCheckRequest;
import org.acme.persistence.EligibilityCheckRepository;
import org.acme.persistence.StorageService;
import org.acme.service.DmnService;
Expand Down Expand Up @@ -124,10 +125,11 @@ public Response getCustomCheck(@Context SecurityIdentity identity, @PathParam("c
}

@PATCH
@Consumes(MediaType.APPLICATION_JSON)
@Path("/{checkId}")
public Response updateCustomCheck(@Context SecurityIdentity identity,
@PathParam("checkId") String checkId,
UpdateCheckRequest request){
@PathParam("checkId") String checkId,
@Valid EditCheckRequest request){
String userId = AuthUtils.getUserId(identity);

// Check if the check exists and is not archived
Expand All @@ -144,11 +146,11 @@ public Response updateCustomCheck(@Context SecurityIdentity identity,
}

// Partial update: only update fields that are provided (non-null)
if (request.description != null) {
existingCheck.setDescription(request.description);
if (request.description() != null) {
existingCheck.setDescription(request.description());
}
if (request.parameterDefinitions != null) {
existingCheck.setParameterDefinitions(request.parameterDefinitions);
if (request.parameterDefinitions() != null) {
existingCheck.setParameterDefinitions(request.parameterDefinitions());
}

try {
Expand All @@ -168,8 +170,8 @@ public Response updateCustomCheck(@Context SecurityIdentity identity,
@Path("/{checkId}/dmn")
public Response saveCheckDmn(@Context SecurityIdentity identity,
@PathParam("checkId") String checkId,
CheckDmnRequest saveDmnRequest){
String dmnModel = saveDmnRequest.dmnModel;
@Valid CheckDmnRequest saveDmnRequest){
String dmnModel = saveDmnRequest.dmnModel();

String userId = AuthUtils.getUserId(identity);
Optional<EligibilityCheck> checkOpt = eligibilityCheckRepository.getWorkingCustomCheck(userId, checkId);
Expand Down Expand Up @@ -202,8 +204,8 @@ public Response saveCheckDmn(@Context SecurityIdentity identity,
@Path("/{checkId}/dmn/validate")
public Response validateCheckDmn(@Context SecurityIdentity identity,
@PathParam("checkId") String checkId,
CheckDmnRequest validateDmnRequest){
String dmnModel = validateDmnRequest.dmnModel;
@Valid CheckDmnRequest validateDmnRequest){
String dmnModel = validateDmnRequest.dmnModel();

String userId = AuthUtils.getUserId(identity);
Optional<EligibilityCheck> checkOpt = eligibilityCheckRepository.getWorkingCustomCheck(userId, checkId);
Expand Down
7 changes: 0 additions & 7 deletions builder-api/src/main/java/org/acme/controller/ScreenerResource.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -174,13 +174,6 @@ public Response saveFormSchema(
return Response.status(400).entity(violations.toString()).build();
}

// // Make sure request.schema is not null
// if (request.schema() == null || request.schema().isNull()) {
// return Response.status(Response.Status.BAD_REQUEST)
// .entity(ApiError.of("schema cannot be null."))
// .build();
// }

String userId = AuthUtils.getUserId(identity);

// Fetch Screener record and confirm user is authorized
Expand Down
5 changes: 0 additions & 5 deletions builder-api/src/main/java/org/acme/model/dto/CheckDmnRequest.java
View file
Open in desktop

This file was deleted.

3 changes: 3 additions & 0 deletions builder-api/src/main/java/org/acme/model/dto/EligibilityCheck/CheckDmnRequest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
package org.acme.model.dto.EligibilityCheck;

public record CheckDmnRequest(String dmnModel) {}
Comment thread
prestoncabe marked this conversation as resolved.
11 changes: 11 additions & 0 deletions builder-api/src/main/java/org/acme/model/dto/EligibilityCheck/EditCheckRequest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
package org.acme.model.dto.EligibilityCheck;

import org.acme.api.validation.AtLeastOneProvided;
import org.acme.model.domain.ParameterDefinition;
import java.util.List;


@AtLeastOneProvided(fields = {"description", "parameterDefinitions"})
public record EditCheckRequest(
String description, List<ParameterDefinition> parameterDefinitions
) {}
9 changes: 0 additions & 9 deletions builder-api/src/main/java/org/acme/model/dto/UpdateCheckRequest.java
View file
Open in desktop

This file was deleted.

Loading