From 33bfa07d5eaafa23eaf5464cb9e2b9ec2e161a4e Mon Sep 17 00:00:00 2001 From: "Vila,Jordi (IT EDP)" Date: Thu, 28 May 2026 13:52:35 +0200 Subject: [PATCH 1/2] Pop up forbidden exception on project components get --- .../services/ComponentCatalogService.java | 13 ++++++++++-- .../services/ComponentCatalogServiceTest.java | 21 +++++++++++++++++++ 2 files changed, 32 insertions(+), 2 deletions(-) diff --git a/src/main/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogService.java b/src/main/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogService.java index ab0aa26..6ebf91c 100644 --- a/src/main/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogService.java +++ b/src/main/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogService.java @@ -3,14 +3,15 @@ import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.tuple.Pair; import org.opendevstack.component_provisioner.client.component_catalog.v1.api.CatalogItemUserActionMessageDefinitionsApi; -import org.opendevstack.component_provisioner.client.component_catalog.v1.api.ProjectComponentsApi; import org.opendevstack.component_provisioner.client.component_catalog.v1.model.*; import org.opendevstack.component_provisioner.config.ApplicationPropertiesConfiguration; +import org.opendevstack.component_provisioner.server.controllers.exceptions.UserNotAllowedException; import org.opendevstack.component_provisioner.server.controllers.model.ProjectComponentStatus; import org.opendevstack.component_provisioner.server.services.exceptions.CatalogClientException; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.cache.annotation.CacheConfig; import org.springframework.cache.annotation.Cacheable; +import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatusCode; import org.springframework.http.ResponseEntity; import org.springframework.stereotype.Service; @@ -170,7 +171,15 @@ public ProjectComponentExtendedInfo getProjectComponentById(String accessToken, var apiClient = apiClientsBuilder.componentCatalogApiClient(accessToken, componentCatalogServiceProps.getBaseRestUrl().toString()); var componentsApi = apiClientsBuilder.projectComponentsApi(apiClient); - return componentsApi.getProjectComponentById(projectKey, componentId); + try { + return componentsApi.getProjectComponentById(projectKey, componentId); + } catch (HttpStatusCodeException e) { + if (e.getStatusCode().value() == HttpStatus.FORBIDDEN.value()) { + log.warn("Forbidden response from component catalog for project '{}', componentId '{}': {}", projectKey, componentId, e.getMessage()); + throw new UserNotAllowedException("Access to component catalog is forbidden for project '" + projectKey + "', componentId '" + componentId + "'"); + } + throw e; + } } private Map> obfuscateParameters(Map> parameters) { diff --git a/src/test/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogServiceTest.java b/src/test/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogServiceTest.java index dd3b4b6..b89db19 100644 --- a/src/test/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogServiceTest.java +++ b/src/test/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogServiceTest.java @@ -585,4 +585,25 @@ void givenAProjectKeyAndComponentId_whenGetProjectComponentExtendedInfoIsCalled_ verify(projectComponentsApi).getProjectComponentById(projectKey, componentId); } + @Test + void givenComponentCatalogReturns403_whenGetProjectComponentByIdIsCalled_thenThrowsUserNotAllowedException() throws MalformedURLException { + // given + String accessToken = "bearerToken"; + var projectKey = "PRJ"; + var componentId = "CID"; + + URL baseUrl = URI.create("http://component-catalog").toURL(); + when(componentCatalogServiceProps.getBaseRestUrl()).thenReturn(baseUrl); + when(apiClientsBuilder.componentCatalogApiClient(accessToken, baseUrl.toString())) + .thenReturn(componentCatalogApiClient); + when(apiClientsBuilder.projectComponentsApi(componentCatalogApiClient)) + .thenReturn(projectComponentsApi); + when(projectComponentsApi.getProjectComponentById(projectKey, componentId)) + .thenThrow(new HttpClientErrorException(HttpStatus.FORBIDDEN)); + + // when / then + assertThatThrownBy(() -> componentCatalogService.getProjectComponentById(accessToken, projectKey, componentId)) + .isInstanceOf(org.opendevstack.component_provisioner.server.controllers.exceptions.UserNotAllowedException.class); + } + } \ No newline at end of file From 94af2798fea04a5d5569e0dbb7cdf578dca0d965 Mon Sep 17 00:00:00 2001 From: "Vila,Jordi (IT EDP)" Date: Thu, 28 May 2026 13:59:28 +0200 Subject: [PATCH 2/2] Increase unit tests coverage for non 403 exceptions handling --- .../services/ComponentCatalogServiceTest.java | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/src/test/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogServiceTest.java b/src/test/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogServiceTest.java index b89db19..2fef6ee 100644 --- a/src/test/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogServiceTest.java +++ b/src/test/java/org/opendevstack/component_provisioner/server/services/ComponentCatalogServiceTest.java @@ -606,4 +606,26 @@ void givenComponentCatalogReturns403_whenGetProjectComponentByIdIsCalled_thenThr .isInstanceOf(org.opendevstack.component_provisioner.server.controllers.exceptions.UserNotAllowedException.class); } + @Test + void givenComponentCatalogReturnsNon403HttpError_whenGetProjectComponentByIdIsCalled_thenRethrowsOriginalException() throws MalformedURLException { + // given + String accessToken = "bearerToken"; + var projectKey = "PRJ"; + var componentId = "CID"; + var originalException = new HttpClientErrorException(HttpStatus.INTERNAL_SERVER_ERROR); + + URL baseUrl = URI.create("http://component-catalog").toURL(); + when(componentCatalogServiceProps.getBaseRestUrl()).thenReturn(baseUrl); + when(apiClientsBuilder.componentCatalogApiClient(accessToken, baseUrl.toString())) + .thenReturn(componentCatalogApiClient); + when(apiClientsBuilder.projectComponentsApi(componentCatalogApiClient)) + .thenReturn(projectComponentsApi); + when(projectComponentsApi.getProjectComponentById(projectKey, componentId)) + .thenThrow(originalException); + + // when / then + assertThatThrownBy(() -> componentCatalogService.getProjectComponentById(accessToken, projectKey, componentId)) + .isSameAs(originalException); + } + } \ No newline at end of file