feat(core) Add update and delete command Java/Rest APIs #4333
Conversation
…Instance
DELETE /task/{taskId}/comment/{commentId}
- deletes a comment of a given taskId and commentId
DELETE /task/{taskId}/comment
- deletes all comments of a given taskId
PUT /task/comment
- updates a comment
DELETE /process-instance/{processInstanceId}/comment/{commentId}
- deletes a comment of a given processInstanceId and commentId
DELETE /process-instance/{processInstanceId}/comment.
- deletes all comments of a given processInstanceId
PUT /process-instance/comment
- updates a comment
related to: camunda#2551
…nd processInstance
DELETE /task/{taskId}/comment/{commentId}
- deletes a comment of a given taskId and commentId
DELETE /task/{taskId}/comment
- deletes all comments of a given taskId
PUT /task/comment
- updates a comment
DELETE /process-instance/{processInstanceId}/comment/{commentId}
- deletes a comment of a given processInstanceId and commentId
DELETE /process-instance/{processInstanceId}/comment.
- deletes all comments of a given processInstanceId
PUT /process-instance/comment
- updates a comment
related to: camunda#2551
…k and processInstance
DELETE /task/{taskId}/comment/{commentId}
- deletes a comment of a given taskId and commentId
DELETE /task/{taskId}/comment
- deletes all comments of a given taskId
PUT /task/comment
- updates a comment
DELETE /process-instance/{processInstanceId}/comment/{commentId}
- deletes a comment of a given processInstanceId and commentId
DELETE /process-instance/{processInstanceId}/comment.
- deletes all comments of a given processInstanceId
PUT /process-instance/comment
- updates a comment
related to: camunda#2551
|
Thank you for raising this. Best, |
|
Note to myself:
|
|
@yanavasileva any update on this? |
|
Thank you for your patience with this. |
There was a problem hiding this comment.
👍 The changes look good as a start.
Unfortunately, more aspects need to be covered, I left comments below. One more general note:
❌ There's a lot of code duplication in the code of the commands. Please merge the commands (for PI and task) similarly to DeleteAttachmentCmd. That way, the maintenance of the code will be easier.
| @@ -493,6 +493,34 @@ public void logAttachmentOperation(String operation, ExecutionEntity processInst | |||
| } | |||
| } | |||
|
|
|||
| public void logCommentOperation(String operation, TaskEntity task, PropertyChange propertyChange) { | |||
There was a problem hiding this comment.
Note to myself:
❓ What about tenant checks?
There was a problem hiding this comment.
✍️ The new user operation logs must be documented here: https://docs.camunda.org/manual/latest/user-guide/process-engine/history/user-operation-log/#glossary-of-operations-logged-in-the-user-operation-log
Could you please raise a PR in the docs repo? (page)
There was a problem hiding this comment.
❌ ✍️ Along with the delete API, we need to add a revision field to the entity. Documented here:
https://github.com/camunda/camunda-bpm-platform/blob/master/engine/src/main/java/org/camunda/bpm/engine/impl/persistence/entity/CommentEntity.java#L44
That will require changes in the ACT_HI_COMMENT table and mybatis scripts.
There was a problem hiding this comment.
🔧 Consider adding @throws AuthorizationException note to the javadoc where applicable for the new APIs.
| /** | ||
| * Check if it is allowed to update a task | ||
| */ | ||
| void checkUpdateTask(TaskEntity task); | ||
|
|
There was a problem hiding this comment.
❌ After reading the docs, I think #checkTaskAssign()#checkTaskWork() check should be used to perform the command checks for the new commands.
Reference: https://docs.camunda.org/manual/latest/user-guide/process-engine/authorization-service/#additional-task-permissions (✍️ the table should be updated with the actions as well)
| /** | |
| * Check if it is allowed to update a task | |
| */ | |
| void checkUpdateTask(TaskEntity task); |
There was a problem hiding this comment.
That makes sense for actions for comments using taskId.
How about update/delete comments using processInstanceId ?
Can we use this?
There was a problem hiding this comment.
That makes sense for actions for comments using taskId.
How about update/delete comments using processInstanceId ?
Can we use this?
Digging more into it, for me using checkTaskAssign makes more sense on this on as well. Let me know if you think otherwise.
There was a problem hiding this comment.
@prajwolbhandari1, by bad for the wrong reference. #checkTaskWork() should be used, it covers both API using task and process checks.
https://github.com/camunda/camunda-bpm-platform/blob/master/engine/src/main/java/org/camunda/bpm/engine/impl/cfg/auth/AuthorizationCommandChecker.java#L676C15-L676C28
There was a problem hiding this comment.
@prajwolbhandari1, by bad for the wrong reference.
#checkTaskWork()should be used, it covers both API using task and process checks. https://github.com/camunda/camunda-bpm-platform/blob/master/engine/src/main/java/org/camunda/bpm/engine/impl/cfg/auth/AuthorizationCommandChecker.java#L676C15-L676C28
No worries Yana. I will make these changes. Thank you.
| public void checkUpdateTask(TaskEntity task) { | ||
| getAuthorizationManager().checkAuthorization(UPDATE, TASK, task.getId()); | ||
| } | ||
|
|
There was a problem hiding this comment.
❌ See above comment, reuse #checkTaskAssign().
| public void checkUpdateTask(TaskEntity task) { | |
| getAuthorizationManager().checkAuthorization(UPDATE, TASK, task.getId()); | |
| } |
| public void checkUpdateTask(TaskEntity task) { | ||
| if (task != null && !getTenantManager().isAuthenticatedTenant(task.getTenantId())) { | ||
| throw LOG.exceptionCommandWithUnauthorizedTenant("update the task '" + task.getId() + "'"); | ||
| } | ||
| } | ||
|
|
There was a problem hiding this comment.
❌ See above comment, reuse #checkTaskAssign().
| public void checkUpdateTask(TaskEntity task) { | |
| if (task != null && !getTenantManager().isAuthenticatedTenant(task.getTenantId())) { | |
| throw LOG.exceptionCommandWithUnauthorizedTenant("update the task '" + task.getId() + "'"); | |
| } | |
| } |
| import org.camunda.bpm.engine.impl.persistence.entity.TaskEntity; | ||
|
|
||
| /** | ||
| * see https://github.com/camunda/camunda-bpm-platform/issues/2551 |
There was a problem hiding this comment.
❌ Please remove all of the git ticket references from the code. The modern IDE and GitHub offer enough support to track the origins to ticket and pull request.
| * see https://github.com/camunda/camunda-bpm-platform/issues/2551 |
| where TASK_ID_ = #{taskId,jdbcType=VARCHAR} | ||
| and ID_ = #{id,jdbcType=VARCHAR} | ||
| </select> | ||
|
|
||
| <select id="selectCommentByProcessInstanceIdAndCommentId" parameterType="map" resultMap="commentResultMap"> |
There was a problem hiding this comment.
💭 I see a different result map for above query. Maybe we need to consider that for this query as well? The type of FULL_MSG_ is different for postgresql.
|
thank you @yanavasileva. I will work on these changes as soon as possible. |
github-actions
bot
added
group:stale
yanavasileva
changed the title
github-actions
bot
added
group:stale
|
Closing due to lack of requested feedback. If you would like us to look at this, please provide the requested information to re-open the PR. |
|
I am done with all changes. I will raise PR as soon as possible. Sent from my iPhoneOn Jul 11, 2024, at 10:05 PM, github-actions[bot] ***@***.***> wrote:
Closed #4333.
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you commented.Message ID: ***@***.***>
|
|
@prajwolbhandari1, you can continue the work in this one, I reopened it for you. |
deletes a comment of a given taskId and commentId
deletes all comments of a given taskId
updates a comment
deletes a comment of a given processInstanceId and commentId
deletes all comments of a given processInstanceId
updates a comment
related to: #2551