-
Notifications
You must be signed in to change notification settings - Fork 301
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integrated code lifecycle
: Improve access log handling
#9425
Conversation
WalkthroughThe pull request introduces enhancements to user authentication and logging mechanisms within the version control system. Key updates include the addition of the Changes
Possibly related PRs
Suggested labels
Suggested reviewers
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
Documentation and Community
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 27
🧹 Outside diff range comments (6)
src/main/java/de/tum/cit/aet/artemis/programming/web/repository/RepositoryActionType.java (1)
Line range hint
3-5
: Update JavaDoc to reflect new action types.The current JavaDoc comment describes the enum as determining if a repository action "only reads" or "updates". With the addition of more specific action types like CLONE, PULL, and PUSH, this description is no longer comprehensive.
Consider updating the JavaDoc to better reflect the expanded range of repository actions. For example:
/** * Represents various types of repository actions including read operations (e.g., get a file from the repo), * write operations (e.g., create a new file in the repo), and specific Git operations like clone, pull, and push. * Also includes failure states for certain operations. */src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)
Line range hint
1-57
: Consider minor improvements for better alignment with coding guidelines.The code generally adheres well to the provided guidelines. To further improve:
- Consider extracting the constant
"WWW-Authenticate"
to a static final field at the class level, following the practice of using static member references:private static final String WWW_AUTHENTICATE_HEADER = "WWW-Authenticate";Then use it in the
doFilterInternal
method:servletResponse.setHeader(WWW_AUTHENTICATE_HEADER, "Basic");
- To promote code reuse, consider extracting the common exception handling logic into a private method:
private void handleException(Exception e, HttpServletRequest request, HttpServletResponse response) throws IOException { if (e instanceof AuthenticationException) { localVCServletService.logFailedAttempt(request); throw (AuthenticationException) e; } else if (e instanceof LocalVCAuthException || e instanceof LocalVCForbiddenException || e instanceof LocalVCInternalException) { response.setStatus(localVCServletService.getHttpStatusForException((Exception) e, request.getRequestURI())); } }Then use it in the
doFilterInternal
method:try { localVCServletService.authenticateAndAuthorizeGitRequest(servletRequest, RepositoryActionType.READ); } catch (Exception e) { handleException(e, servletRequest, servletResponse); return; }These changes would further align the code with the guidelines for static member references and code reuse.
src/main/java/de/tum/cit/aet/artemis/programming/domain/VcsAccessLog.java (1)
Line range hint
1-83
: Overall structure looks good, with minor suggestions for improvement.The
VcsAccessLog
class is well-structured as a JPA entity. It follows good practices such as:
- Extending a common base class (DomainObject)
- Using appropriate JPA annotations
- Providing both parameterized and default constructors
- Using ZonedDateTime for timestamp
To further improve the class:
- Consider using
@Column(name = "timestamp", columnDefinition = "TIMESTAMP WITH TIME ZONE")
for the timestamp field to ensure consistent timezone handling across different databases.- The
ipAddress
field might benefit from validation to ensure it's a valid IP address format.Here's a suggestion for the timestamp field:
- @Column(name = "timestamp") + @Column(name = "timestamp", columnDefinition = "TIMESTAMP WITH TIME ZONE") private ZonedDateTime timestamp;Consider adding validation for the
ipAddress
field, either through a custom validator or by using a library like Apache Commons Validator.src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (3)
Line range hint
454-470
: Avoid Catching Generic 'Exception'Catching the generic
Exception
in theauthorizeUser
method can obscure the actual exceptions that occur and make debugging difficult. It's better to catch specific exceptions that you expect might be thrown within thetry
block.Consider catching specific exceptions:
-} catch (Exception e) { +} catch (IOException | GitAPIException e) { log.warn("Failed to obtain commit hash or store access log for repository {}. Error: {}", localVCRepositoryUri.getRelativeRepositoryPath().toString(), e.getMessage()); }
Line range hint
454-470
: Possible Resource Leak in Repository HandlingIn the
authorizeUser
method, theRepository
opened in thetry
block might not be properly closed, as it is not managed in a try-with-resources or finally block.Ensure that the
Repository
is closed after use:-try (Repository repository = resolveRepository(relativeRepositoryPath)) { +Repository repository = null; +try { + repository = resolveRepository(relativeRepositoryPath); commitHash = getLatestCommitHash(repository); } finally { + if (repository != null) { + repository.close(); + } }Alternatively, confirm that
resolveRepository
returns a resource that manages its own closure.
Line range hint
282-310
: Simplify Authentication LogicThe
authenticateUser
method contains nested conditions that could be simplified for better readability. Also, consider separating concerns by extracting parts of this method into smaller, focused methods.Refactor to improve readability:
- Extract the user retrieval logic.
- Separate VCS token validation into its own method.
- Simplify the password authentication flow.
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
📒 Files selected for processing (12)
- src/main/java/de/tum/cit/aet/artemis/programming/domain/VcsAccessLog.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/repository/VcsAccessLogRepository.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java (2 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (2 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (9 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (2 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (3 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ssh/SshGitCommand.java (2 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/web/repository/RepositoryActionType.java (1 hunks)
🧰 Additional context used
📓 Path-based instructions (12)
src/main/java/de/tum/cit/aet/artemis/programming/domain/VcsAccessLog.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/repository/VcsAccessLogRepository.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ssh/SshGitCommand.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/web/repository/RepositoryActionType.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports
🔇 Additional comments (17)
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (4)
1-11
: LGTM: Class declaration and imports are well-structured.The class name follows CamelCase convention, and the imports are specific without using star imports. The class adheres to the Single Responsibility Principle by focusing on pre-upload hook functionality.
13-20
: LGTM: Fields and constructor are well-implemented.The class uses constructor injection for dependency management, adhering to the dependency injection guideline. Fields are correctly declared as private final, following the least access principle. The constructor is simple and follows the KISS principle.
22-26
: LGTM:onBeginNegotiateRound
implementation looks good.The method correctly delegates the logging responsibility to
localVCServletService.addVCSAccessLogForCloneAndPull()
, adhering to the principle of delegating logic to appropriate services.
1-37
: Overall implementation aligns well with PR objectives.The
LocalVCFetchPreUploadHook
class effectively implements thePreUploadHook
interface to enhance access logging capabilities for repository operations. It follows coding guidelines, including proper naming conventions, dependency injection, and adherence to SOLID principles. The implementation ofonBeginNegotiateRound
provides the required logging functionality for clone and pull operations, which directly addresses the PR's goal of providing more granular logging for specific Git operations.To further improve the implementation:
- Consider adding unit tests to verify the behavior of the
onBeginNegotiateRound
method.- Evaluate if
onEndNegotiateRound
andonSendPack
methods need implementation for complete logging coverage.Great job on enhancing the access logging capabilities!
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1)
50-50
: 🧹 Nitpick (assertive)Approve with suggestions: Consider error handling and performance impact
The addition of VCS access logging for push requests is a valuable enhancement that aligns with the PR objectives. The placement of the new line is appropriate, occurring after authentication and authorization but before the request proceeds.
However, consider the following suggestions:
- Error Handling: Add try-catch block to handle potential exceptions from
addVCSAccessLogForPush
.- Performance: Ensure that this additional logging doesn't significantly impact request processing time, especially for high-frequency operations.
Consider refactoring the code as follows:
try { localVCServletService.authenticateAndAuthorizeGitRequest(servletRequest, RepositoryActionType.WRITE); + try { + this.localVCServletService.addVCSAccessLogForPush(servletRequest); + } catch (Exception e) { + log.error("Failed to log VCS access for push", e); + // Decide whether to proceed or return based on the criticality of logging + } } catch (LocalVCAuthException | LocalVCForbiddenException | LocalVCInternalException e) { servletResponse.setStatus(localVCServletService.getHttpStatusForException(e, servletRequest.getRequestURI())); return; } -this.localVCServletService.addVCSAccessLogForPush(servletRequest);This change ensures that any exceptions during logging are caught and logged, preventing them from interrupting the main flow of the request processing.
To verify the performance impact, you could run the following command:
This will help identify if there are any existing performance considerations or optimizations in the
LocalVCServletService
class that might be relevant to the new logging method.src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (2)
13-13
: LGTM: Import statement added correctly.The new import for
AuthenticationException
is necessary for the added exception handling and follows the coding guideline of avoiding star imports.
Line range hint
1-57
: Overall assessment: Good improvements with minor suggestions for refinement.The changes to
LocalVCFetchFilter.java
enhance its error handling capabilities, particularly for authentication failures. The code maintains good practices and generally adheres to the provided guidelines. The suggestions for extracting constants and refactoring exception handling would further improve code quality and maintainability.Great job on improving the robustness of the authentication process!
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java (1)
9-9
: LGTM: New import added correctly.The import for
org.eclipse.jgit.transport.UploadPack
is correctly added and follows the coding guideline of avoiding star imports.src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (2)
73-73
: LGTM: Improved variable declaration placementMoving the
user
variable declaration to the beginning of the method enhances code readability and follows the principle of single responsibility. This change is in line with our coding guidelines and best practices.
Line range hint
1-95
: Overall assessment: Changes align with PR objectives and maintain code qualityThe modifications to
SshGitLocationResolverService.java
successfully implement enhanced access logging for SSH git repository accesses. The code changes adhere to the provided coding guidelines and maintain good practices such as separation of concerns and improved readability.The suggested minor improvement to the placement of the logging call would further enhance the robustness of the implementation. Overall, these changes effectively contribute to the PR's goal of providing more granular logging for repository operations.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ssh/SshGitCommand.java (2)
24-24
: LGTM: New import statement is correctly added.The new import for
LocalVCFetchPreUploadHookSSH
follows the proper naming convention and avoids star imports, adhering to the coding guidelines.
Line range hint
1-114
: Overall assessment: Changes are appropriate and align with project guidelines.The modifications to
SshGitCommand.java
successfully integrate the new pre-upload hook functionality for SSH operations. The changes adhere to the provided coding guidelines, including proper naming conventions, dependency injection, and maintaining single responsibility.While the changes themselves are minimal and focused, the growing complexity of the
run
method suggests an opportunity for refactoring to improve code maintainability. Consider implementing the suggested refactoring to break down therun
method into smaller, more focused methods.No security vulnerabilities or performance issues were introduced by these changes. The implementation appears to be correct and consistent with the PR objectives of improving access log handling for repository operations.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (3)
10-10
: Import statements are appropriateThe addition of the
org.springframework.scheduling.annotation.Async
import is necessary for the asynchronous method annotations introduced.
64-64
: Review the impact of makingupdateCommitHash
asynchronousAnnotating
updateCommitHash
with@Async
offloads its execution to a separate thread. Ensure that there are no dependencies on the immediate completion of this method elsewhere in the application, which could lead to inconsistencies if the commit hash update hasn't occurred yet.Consider whether any subsequent operations rely on the commit hash being updated synchronously.
Line range hint
48-85
: Ensure thread safety of shared resources in asynchronous contextWith the introduction of asynchronous method execution, verify that all shared resources accessed within these methods, such as
vcsAccessLogRepository
, are thread-safe. This is crucial to prevent concurrency issues like race conditions or data inconsistencies.Most Spring Data repositories are thread-safe, but if there are any custom implementations or mutable shared state, additional synchronization might be necessary.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (2)
214-215
: Verify Impact of Adding 'AuthenticationException' to Method SignatureThe method
authenticateAndAuthorizeGitRequest
now throwsAuthenticationException
. Please verify that all callers of this method handle the new exception appropriately to prevent any unintended side effects or unhandled exceptions in the application flow.
282-283
: Ensure Callers Handle New 'AuthenticationException'The
authenticateUser
method's signature now includesthrows AuthenticationException
. It's important to ensure that all callers of this method are updated to handle this exception properly to maintain robust error handling throughout the codebase.
src/main/java/de/tum/cit/aet/artemis/programming/web/repository/RepositoryActionType.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/repository/VcsAccessLogRepository.java
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
...in/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java
Outdated
Show resolved
Hide resolved
...in/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 17
🧹 Outside diff range comments (2)
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (1)
Line range hint
75-89
: Consider extracting the authorization logic into a separate method.To further improve code clarity and adhere to the single responsibility principle, consider extracting the authorization logic into a separate private method. This would make the
resolveRootDirectory
method more concise and easier to read.Here's a suggested refactoring:
private void authorizeUserAccess(String repositoryTypeOrUserName, Object user, ProgrammingExercise exercise, RepositoryActionType repositoryAction, ServerSession session, LocalVCRepositoryUri localVCRepositoryUri) { if (session.getAttribute(SshConstants.IS_BUILD_AGENT_KEY) && repositoryAction == RepositoryActionType.READ) { // We already checked for build agent authenticity return; } try { localVCServletService.authorizeUser(repositoryTypeOrUserName, user, exercise, repositoryAction, AuthenticationMechanism.SSH, session.getClientAddress().toString(), localVCRepositoryUri); } catch (LocalVCForbiddenException e) { log.error("User {} does not have access to the repository {}", user.getLogin(), localVCRepositoryUri.getRelativeRepositoryPath()); throw new AccessDeniedException("User does not have access to this repository", e); } }Then, in the
resolveRootDirectory
method:authorizeUserAccess(repositoryTypeOrUserName, user, exercise, repositoryAction, session, localVCRepositoryUri);This refactoring would improve the method's readability and maintainability.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)
Line range hint
281-293
: Security Issue: Avoid Logging Passwords in Plain TextIn the
authenticateUser
method, logging the password in plain text poses a significant security risk. Sensitive information like passwords should never be logged, even during failed login attempts, as this could lead to credential exposure if logs are accessed by unauthorized parties.Apply the following change to remove the password from the log message:
if (!StringUtils.isEmpty(password)) { - log.warn("Failed login attempt for user {} with password {} due to issue: {}", username, password, e.getMessage()); + log.warn("Failed login attempt for user {} due to issue: {}", username, e.getMessage()); }
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
📒 Files selected for processing (6)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (2 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (8 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (1 hunks)
🧰 Additional context used
📓 Path-based instructions (6)
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports
🔇 Additional comments (6)
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (2)
1-10
: LGTM: Package declaration and imports are well-organized.The package declaration is correct, and the imports are specific without using wildcard imports, adhering to the coding guidelines.
13-17
: LGTM: Fields are well-defined and follow best practices.The fields are correctly declared as private and final, adhering to the 'least access' principle. The naming conventions are followed, and the types seem appropriate for their purposes.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1)
Line range hint
1-55
: Overall, the change adheres to coding guidelines and maintains good practices.The addition of the VCS access log update:
- Maintains the Single Responsibility Principle for the
LocalVCPushFilter
class.- Doesn't introduce code duplication or complexity.
- Follows naming conventions and coding style guidelines.
- Uses dependency injection correctly (constructor injection for
LocalVCServletService
).- Keeps the code simple and readable (KISS principle).
The change successfully enhances the logging capabilities without negatively impacting the existing structure or violating coding guidelines.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)
13-13
: LGTM: Appropriate import added for AuthenticationExceptionThe new import for
AuthenticationException
is correctly placed and follows the coding guidelines by avoiding star imports.src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (2)
22-26
: Implementation ofonBeginNegotiateRound
is appropriateThe method correctly overrides
onBeginNegotiateRound
and appropriately logs the access vialocalVCServletService.updateVCSAccessLogForCloneAndPullHTTPS(request, cntOffered);
, aligning with the PR objectives to enhance access logging.
28-36
: Empty method implementations previously notedAs previously addressed, the methods
onEndNegotiateRound
andonSendPack
are currently empty. The past review comment regarding adding TODO comments is still applicable.
...in/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java
Outdated
Show resolved
Hide resolved
...in/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java
Outdated
Show resolved
Hide resolved
...in/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java
Outdated
Show resolved
Hide resolved
...in/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 3
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
📒 Files selected for processing (1)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (8 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports
🔇 Additional comments (3)
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (3)
712-750
: Good use of helper methods for code modularityThe addition of
getUserFromRequest
,getExerciseParticipationFromLocalVCRepositoryUri
, andgetExerciseParticipationFromRequest
enhances code modularity and reusability by encapsulating common logic. This improves readability and maintainability.
762-879
: Proper asynchronous logging methods addedThe new asynchronous methods for updating VCS access logs (
updateVCSAccessLogForCloneAndPullHTTPS
,updateVCSAccessLogForPushHTTPS
, and others) improve performance by offloading logging operations. Ensure that exceptions within these methods are appropriately logged since exceptions in asynchronous methods won't propagate back to the caller.
281-282
:⚠️ Potential issueUpdate exception handling for
authenticateUser
The method
authenticateUser
now throwsAuthenticationException
. Ensure that any methods invokingauthenticateUser
handle or declare this exception to prevent unhandled exceptions at runtime.You can run the following script to verify proper exception handling:
#!/bin/bash # Description: Find method calls to 'authenticateUser' without handling 'AuthenticationException'. # Expected result: All method calls should handle or declare 'AuthenticationException'. # Find all calls to 'authenticateUser' and display the context. rg --type java -A 5 -B 5 'authenticateUser\('
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One architecture test about async is failing
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 8
🧹 Outside diff range comments (1)
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (1)
Line range hint
92-104
: Prefer primitive types over wrapper classes forparticipationId
The parameter
participationId
instoreCodeEditorAccessLog
is of typeLong
. If null values are not acceptable, consider changing it to the primitive typelong
to avoid unnecessary boxing and potentialNullPointerException
.Apply this change:
-public void storeCodeEditorAccessLog(Repository repo, User user, Long participationId) throws GitAPIException { +public void storeCodeEditorAccessLog(Repository repo, User user, long participationId) throws GitAPIException {
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
📒 Files selected for processing (5)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (2 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (9 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (4 hunks)
🧰 Additional context used
📓 Path-based instructions (5)
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports
🔇 Additional comments (5)
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1)
11-34
: Well-implemented PreUploadHook with appropriate loggingThe
LocalVCFetchPreUploadHook
class correctly implements thePreUploadHook
interface. It uses constructor injection for dependency management, adhering to best practices outlined in the coding guidelines. TheonBeginNegotiateRound
method effectively updates the VCS access log, aligning with the PR objectives to enhance access logging capabilities for SSH and HTTPS git repository accesses.src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1)
19-23
:⚠️ Potential issueAdd null checks for constructor parameters to prevent
NullPointerException
.To ensure robustness, add null checks for the constructor parameters
localVCServletService
,serverSession
, androotDir
.Apply this diff to implement null checks:
+import java.util.Objects; public LocalVCFetchPreUploadHookSSH(LocalVCServletService localVCServletService, ServerSession serverSession, Path rootDir) { + this.localVCServletService = Objects.requireNonNull(localVCServletService, "localVCServletService must not be null"); + this.serverSession = Objects.requireNonNull(serverSession, "serverSession must not be null"); + this.rootDir = Objects.requireNonNull(rootDir, "rootDir must not be null"); - this.localVCServletService = localVCServletService; - this.serverSession = serverSession; - this.rootDir = rootDir; }Likely invalid or redundant comment.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)
13-13
: LGTM: Enhanced exception handling for authentication failuresThe addition of the
AuthenticationException
import and the new catch block correctly handle authentication exceptions by logging failed attempts before rethrowing the exception. This improves error handling and aligns with best practices.Also applies to: 48-52
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (2)
48-48
: Handle exceptions within the asynchronousstoreAccessLog
methodAs per previous review comments, exceptions thrown in
@Async
methods may not surface and could be silently ignored. Consider adding exception handling within this method to catch and log any exceptions.
78-83
: Handle exceptions inupdateRepositoryActionType
methodAlthough
updateRepositoryActionType
is not annotated with@Async
, it's intended to be called from an asynchronous context. Exceptions thrown within this method may not be propagated and could lead to silent failures. Consider adding exception handling to ensure any exceptions are properly logged.
...in/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java
Show resolved
Hide resolved
...in/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java
Show resolved
Hide resolved
...in/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actionable comments posted: 11
📜 Review details
Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE
📒 Files selected for processing (5)
- src/main/java/de/tum/cit/aet/artemis/programming/repository/ProgrammingExerciseStudentParticipationRepository.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/repository/SolutionProgrammingExerciseParticipationRepository.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/repository/TemplateProgrammingExerciseParticipationRepository.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/ProgrammingExerciseParticipationService.java (1 hunks)
- src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (10 hunks)
🧰 Additional context used
📓 Path-based instructions (5)
src/main/java/de/tum/cit/aet/artemis/programming/repository/ProgrammingExerciseStudentParticipationRepository.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/repository/SolutionProgrammingExerciseParticipationRepository.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/repository/TemplateProgrammingExerciseParticipationRepository.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/ProgrammingExerciseParticipationService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_importssrc/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)
Pattern
src/main/java/**/*.java
: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports
🔇 Additional comments (7)
src/main/java/de/tum/cit/aet/artemis/programming/repository/TemplateProgrammingExerciseParticipationRepository.java (2)
51-51
: LGTM! Method adheres to coding guidelines.The
findByRepositoryUri
method is well-implemented and follows the provided coding guidelines:
- Follows CamelCase naming convention
- Adheres to the single responsibility principle
- Uses the @param annotation correctly for SQL parameter mapping
- Follows the least access principle
51-55
: Overall, excellent additions to the repository interface.The new methods
findByRepositoryUri
andfindByRepositoryUriElseThrow
are well-implemented, adhere to coding guidelines, and enhance the repository's functionality. They provide a clean and consistent way to fetch TemplateProgrammingExerciseParticipation entities by repository URI, which aligns well with the PR's objective of improving access log handling for SSH and HTTPS git repository accesses.These changes contribute positively to the codebase and support the goal of providing more granular logging capabilities.
src/main/java/de/tum/cit/aet/artemis/programming/repository/SolutionProgrammingExerciseParticipationRepository.java (1)
46-51
: Overall, the changes look good and align with the PR objectives.The new methods
findByRepositoryUri
andfindByRepositoryUriElseThrow
enhance the repository's functionality by allowing queries based on repository URI. This aligns well with the PR's objective of improving access logging capabilities for SSH and HTTPS git repository accesses.The changes adhere to the coding guidelines, follow Java best practices, and integrate seamlessly with the existing codebase. The use of
Optional
and default methods in the interface demonstrates good design choices.To further improve the code:
- Consider adding an explicit JPQL query for
findByRepositoryUri
.- Specify the exception type in the
findByRepositoryUriElseThrow
method signature.These minor enhancements would improve code readability and API documentation.
src/main/java/de/tum/cit/aet/artemis/programming/repository/ProgrammingExerciseStudentParticipationRepository.java (1)
85-85
: LGTM: New methodfindByRepositoryUri
added.The new method
findByRepositoryUri
is a well-structured addition to the repository interface. It follows Spring Data JPA conventions, usesOptional
for potentially absent results, and employs the@Param
annotation correctly. This method enhances the repository's functionality by allowing retrieval of participation records based on their repository URI.src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (3)
133-133
: Good practice: Define a constant for 'buildjob_user'Defining
BUILD_USER_NAME
as a constant enhances maintainability and reduces the risk of typographical errors across the codebase.
777-777
: 🧹 Nitpick (assertive)Use constant for 'Authorization' header
The string
"Authorization"
is hardcoded when retrieving the authorization header. For consistency and maintainability, use the existing constantAUTHORIZATION_HEADER
instead.Apply this diff:
- String authorizationHeader = request.getHeader("Authorization"); + String authorizationHeader = request.getHeader(LocalVCServletService.AUTHORIZATION_HEADER);Repeat this change in all methods where the authorization header is retrieved.
Likely invalid or redundant comment.
713-750
:⚠️ Potential issueConsider handling potential null values in
getUserFromRequest
In the
getUserFromRequest
method, if theAuthorization
header is missing, callingextractUsernameAndPassword(authorizationHeader)
may throw an exception or lead to unexpected behavior.Apply this diff to add a null check for
authorizationHeader
:public User getUserFromRequest(HttpServletRequest request) throws LocalVCAuthException { String authorizationHeader = request.getHeader(LocalVCServletService.AUTHORIZATION_HEADER); + if (authorizationHeader == null) { + throw new LocalVCAuthException("Authorization header is missing"); + } UsernameAndPassword usernameAndPassword = extractUsernameAndPassword(authorizationHeader); return userRepository.findOneByLogin(usernameAndPassword.username()).orElseThrow(LocalVCAuthException::new); }Likely invalid or redundant comment.
...t/aet/artemis/programming/repository/TemplateProgrammingExerciseParticipationRepository.java
Show resolved
Hide resolved
...t/aet/artemis/programming/repository/SolutionProgrammingExerciseParticipationRepository.java
Outdated
Show resolved
Hide resolved
...it/aet/artemis/programming/repository/ProgrammingExerciseStudentParticipationRepository.java
Show resolved
Hide resolved
...it/aet/artemis/programming/repository/ProgrammingExerciseStudentParticipationRepository.java
Outdated
Show resolved
Hide resolved
...java/de/tum/cit/aet/artemis/programming/service/ProgrammingExerciseParticipationService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Outdated
Show resolved
Hide resolved
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java
Show resolved
Hide resolved
|
(cherry picked from commit fc00f56)
Checklist
General
Server
Motivation and Context
The access log can only distinguish between READ and WRITE. It would be nice, if instructors could see the difference between Clone, push and pull operations.
Description
Add more granular access logging for SSH and HTTPS git repository accesses.
Steps for Testing
With an instructor, participate in an exercise, by cloning over SSH and/or HTTPs, and pull / push.
Go to the exercise participation, open the participation's repository and go to the access log view.
Check that all operations on the repository were logged correctly.
Testserver States
Note
These badges show the state of the test servers.
Green = Currently available, Red = Currently locked
Click on the badges to get to the test servers.
Review Progress
Code Review
Manual Tests
Test Coverage
Server
Screenshots
Here you can see how the access logs looks, after accessing a student repository with the different access mechanisms. Note that the push at #6 has the same hash, because I did not commit anything there.
Summary by CodeRabbit
Summary by CodeRabbit
New Features
Bug Fixes
Documentation
Refactor