-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(core) Add update and delete command Java/Rest APIs #4333
base: master
Are you sure you want to change the base?
feat(core) Add update and delete command Java/Rest APIs #4333
Conversation
…Instance DELETE /task/{taskId}/comment/{commentId} - deletes a comment of a given taskId and commentId DELETE /task/{taskId}/comment - deletes all comments of a given taskId PUT /task/comment - updates a comment DELETE /process-instance/{processInstanceId}/comment/{commentId} - deletes a comment of a given processInstanceId and commentId DELETE /process-instance/{processInstanceId}/comment. - deletes all comments of a given processInstanceId PUT /process-instance/comment - updates a comment related to: camunda#2551
…nd processInstance DELETE /task/{taskId}/comment/{commentId} - deletes a comment of a given taskId and commentId DELETE /task/{taskId}/comment - deletes all comments of a given taskId PUT /task/comment - updates a comment DELETE /process-instance/{processInstanceId}/comment/{commentId} - deletes a comment of a given processInstanceId and commentId DELETE /process-instance/{processInstanceId}/comment. - deletes all comments of a given processInstanceId PUT /process-instance/comment - updates a comment related to: camunda#2551
…k and processInstance DELETE /task/{taskId}/comment/{commentId} - deletes a comment of a given taskId and commentId DELETE /task/{taskId}/comment - deletes all comments of a given taskId PUT /task/comment - updates a comment DELETE /process-instance/{processInstanceId}/comment/{commentId} - deletes a comment of a given processInstanceId and commentId DELETE /process-instance/{processInstanceId}/comment. - deletes all comments of a given processInstanceId PUT /process-instance/comment - updates a comment related to: camunda#2551
Thank you for raising this. Best, |
Note to myself:
|
@yanavasileva any update on this? |
Thank you for your patience with this. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 The changes look good as a start.
Unfortunately, more aspects need to be covered, I left comments below. One more general note:
❌ There's a lot of code duplication in the code of the commands. Please merge the commands (for PI and task) similarly to DeleteAttachmentCmd
. That way, the maintenance of the code will be easier.
@@ -493,6 +493,34 @@ public void logAttachmentOperation(String operation, ExecutionEntity processInst | |||
} | |||
} | |||
|
|||
public void logCommentOperation(String operation, TaskEntity task, PropertyChange propertyChange) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note to myself:
❓ What about tenant checks?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
✍️ The new user operation logs must be documented here: https://docs.camunda.org/manual/latest/user-guide/process-engine/history/user-operation-log/#glossary-of-operations-logged-in-the-user-operation-log
Could you please raise a PR in the docs repo? (page)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
❌ ✍️ Along with the delete API, we need to add a revision
field to the entity. Documented here:
https://github.com/camunda/camunda-bpm-platform/blob/master/engine/src/main/java/org/camunda/bpm/engine/impl/persistence/entity/CommentEntity.java#L44
That will require changes in the ACT_HI_COMMENT
table and mybatis scripts.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🔧 Consider adding @throws AuthorizationException
note to the javadoc where applicable for the new APIs.
/** | ||
* Check if it is allowed to update a task | ||
*/ | ||
void checkUpdateTask(TaskEntity task); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
❌ After reading the docs, I think #checkTaskAssign()
#checkTaskWork()
check should be used to perform the command checks for the new commands.
Reference: https://docs.camunda.org/manual/latest/user-guide/process-engine/authorization-service/#additional-task-permissions (✍️ the table should be updated with the actions as well)
/** | |
* Check if it is allowed to update a task | |
*/ | |
void checkUpdateTask(TaskEntity task); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That makes sense for actions for comments using taskId.
How about update/delete comments using processInstanceId ?
Can we use this?
Line 256 in c307a42
public void checkUpdateProcessInstanceById(String processInstanceId) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That makes sense for actions for comments using taskId.
How about update/delete comments using processInstanceId ?
Can we use this?
Line 256 in c307a42
public void checkUpdateProcessInstanceById(String processInstanceId) {
Digging more into it, for me using checkTaskAssign makes more sense on this on as well. Let me know if you think otherwise.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@prajwolbhandari1, by bad for the wrong reference. #checkTaskWork()
should be used, it covers both API using task and process checks.
https://github.com/camunda/camunda-bpm-platform/blob/master/engine/src/main/java/org/camunda/bpm/engine/impl/cfg/auth/AuthorizationCommandChecker.java#L676C15-L676C28
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@prajwolbhandari1, by bad for the wrong reference.
#checkTaskWork()
should be used, it covers both API using task and process checks. https://github.com/camunda/camunda-bpm-platform/blob/master/engine/src/main/java/org/camunda/bpm/engine/impl/cfg/auth/AuthorizationCommandChecker.java#L676C15-L676C28
No worries Yana. I will make these changes. Thank you.
public void checkUpdateTask(TaskEntity task) { | ||
getAuthorizationManager().checkAuthorization(UPDATE, TASK, task.getId()); | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
❌ See above comment, reuse #checkTaskAssign()
.
public void checkUpdateTask(TaskEntity task) { | |
getAuthorizationManager().checkAuthorization(UPDATE, TASK, task.getId()); | |
} |
public void checkUpdateTask(TaskEntity task) { | ||
if (task != null && !getTenantManager().isAuthenticatedTenant(task.getTenantId())) { | ||
throw LOG.exceptionCommandWithUnauthorizedTenant("update the task '" + task.getId() + "'"); | ||
} | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
❌ See above comment, reuse #checkTaskAssign()
.
public void checkUpdateTask(TaskEntity task) { | |
if (task != null && !getTenantManager().isAuthenticatedTenant(task.getTenantId())) { | |
throw LOG.exceptionCommandWithUnauthorizedTenant("update the task '" + task.getId() + "'"); | |
} | |
} |
import org.camunda.bpm.engine.impl.persistence.entity.TaskEntity; | ||
|
||
/** | ||
* see https://github.com/camunda/camunda-bpm-platform/issues/2551 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
❌ Please remove all of the git ticket references from the code. The modern IDE and GitHub offer enough support to track the origins to ticket and pull request.
* see https://github.com/camunda/camunda-bpm-platform/issues/2551 |
where TASK_ID_ = #{taskId,jdbcType=VARCHAR} | ||
and ID_ = #{id,jdbcType=VARCHAR} | ||
</select> | ||
|
||
<select id="selectCommentByProcessInstanceIdAndCommentId" parameterType="map" resultMap="commentResultMap"> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💭 I see a different result map for above query. Maybe we need to consider that for this query as well? The type of FULL_MSG_
is different for postgresql.
thank you @yanavasileva. I will work on these changes as soon as possible. |
Closing due to lack of requested feedback. If you would like us to look at this, please provide the requested information to re-open the PR. |
I am done with all changes. I will raise PR as soon as possible. Sent from my iPhoneOn Jul 11, 2024, at 10:05 PM, github-actions[bot] ***@***.***> wrote:
Closed #4333.
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you commented.Message ID: ***@***.***>
|
@prajwolbhandari1, you can continue the work in this one, I reopened it for you. |
deletes a comment of a given taskId and commentId
deletes all comments of a given taskId
updates a comment
deletes a comment of a given processInstanceId and commentId
deletes all comments of a given processInstanceId
updates a comment
related to: #2551