import org.onap.cps.ncmp.impl.utils.http.UrlTemplateParameters;
import org.onap.cps.ncmp.rest.provmns.ErrorResponseBuilder;
import org.onap.cps.utils.JsonObjectMapper;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.RequestMapping;
private final JsonObjectMapper jsonObjectMapper;
private final OperationDetailsFactory operationDetailsFactory;
+ @Value("${app.ncmp.provmns.max-patch-operations:10}")
+ private Integer maxNumberOfPatchOperations;
+
@Override
public ResponseEntity<Object> getMoi(final HttpServletRequest httpServletRequest,
final Scope scope,
@Override
public ResponseEntity<Object> patchMoi(final HttpServletRequest httpServletRequest,
final List<PatchItem> patchItems) {
+ if (patchItems.size() > maxNumberOfPatchOperations) {
+ return errorResponseBuilder.buildErrorResponsePatch(HttpStatus.PAYLOAD_TOO_LARGE,
+ patchItems.size() + " operations in request, this exceeds the maximum of "
+ + maxNumberOfPatchOperations);
+ }
final RequestPathParameters requestPathParameters =
parameterMapper.extractRequestParameters(httpServletRequest);
try {
private static final Map<HttpStatus, String> ERROR_MAP = Map.of(
HttpStatus.NOT_FOUND, "IE_NOT_FOUND",
HttpStatus.NOT_ACCEPTABLE, "APPLICATION_LAYER_ERROR",
- HttpStatus.UNPROCESSABLE_ENTITY, "SERVER_LIMITATION"
+ HttpStatus.UNPROCESSABLE_ENTITY, "SERVER_LIMITATION",
+ HttpStatus.PAYLOAD_TOO_LARGE, "SERVER_LIMITATION"
);
/**
@Value('${rest.api.provmns-base-path}')
def provMnSBasePath
+ @Value('${app.ncmp.provmns.max-patch-operations:10}')
+ Integer maxNumberOfPatchOperations
+
def 'Get resource data request where #scenario.'() {
given: 'resource data url'
def getUrl = "$provMnSBasePath/v1/someUriLdnFirstPart/someClassName=someId"
inventoryPersistence.getYangModelCmHandle('cm-1') >> new YangModelCmHandle(id:'cm-1', dmiServiceName: 'someDmiService', dataProducerIdentifier: 'someDataProducerId', compositeState: new CompositeState(cmHandleState: READY))
and: 'policy executor throws exception (denied)'
policyExecutor.checkPermission(*_) >> {throw new RuntimeException()}
- when: 'put data resource request is performed'
+ when: 'patch data resource request is performed'
def response = mvc.perform(patch(url)
.contentType(new MediaType('application', 'json-patch+json'))
.content(patchJsonBody))
assert response.status == HttpStatus.NOT_ACCEPTABLE.value()
}
+ def 'Patch request with too many operations.'() {
+ given: 'resource data url'
+ def url = "$provMnSBasePath/v1/someUriLdnFirstPart/someClassName=someId"
+ and: 'a patch request with more operations than the max allowed'
+ def patchItems = []
+ for (def i = 0; i <= maxNumberOfPatchOperations; i++) {
+ patchItems.add(new PatchItem(op: 'REMOVE', path: 'someUriLdnFirstPart'))
+ }
+ def patchItemsJsonRequestBody = jsonObjectMapper.asJsonString(patchItems)
+ when: 'patch data resource request is performed'
+ def response = mvc.perform(patch(url)
+ .contentType(new MediaType('application', 'json-patch+json'))
+ .content(patchItemsJsonRequestBody))
+ .andReturn().response
+ then: 'response status is PAYLOAD_TOO_LARGE (413)'
+ assert response.status == HttpStatus.PAYLOAD_TOO_LARGE.value()
+ }
+
def 'Put resource data request where #scenario.'() {
given: 'resource data url'
def putUrl = "$provMnSBasePath/v1/someUriLdnFirstPart/someClassName=someId"
Code Review / cps.git / commitdiff