Conversation
New dependency Flyway migration New Repository
Bonus: GlobalExceptionhandler
…tOfReport # Conflicts: # backend/pom.xml # backend/src/main/resources/application.properties
* Add ADR for database schema management strategy detailing transition from Hibernate `ddl-auto=update` to Flyway * Update ADR for database schema management strategy and adjust editorconfig indentation settings
* Add Spring Security and OAuth2 dependencies - Done with Henrik and emily * got OAuth working, but need to configure login and logout * Changes by Alfred * Oauth functioning, CustomOAuth2UserService for handling of user(work in progress). flyway migration V2 up. working on logic for user check, oversee entity with role? * added another field for user - role,updated id to use uuid, removed flyway, added support for .env file in root. * pulled in main before push. * added test, and worked out some issues with the oAuth * Add enum for role * Add Role to User entity and add in Service to new user in database * Add Role to User entity and add in Service to new user in database * Add Role to Service to new user in database --------- Co-authored-by: Henrik <Henrikmattsson89@gmail.com> Co-authored-by: Emilyempa <emilypettersson@hotmail.com>
* First setup
* Adjusted margin.
* Logo
* Removed HTML suggested by code rabbit to make fragments pure and adjusted css styling
* Additional css adjustments
* Merged main. Commented out ("/") in AuthenticationController because RestController uses same endpoint as Controller. Adjusted styling for focus.
* ...and so it goes on... css
* Changes L to l
* Docs: Add DEVLOG.md * Chore: Add dependencies CI-pipeline * modified .github/workflows/ci.yml * Fixed errors from CodeRabbit * Fix: Delete plugins not compatible with java25 * Fix: resolve Checkstyle failures in CI job * Fix: Restored BackendApplication.java- trying to handle CI blockages * Fix: Resolve CI issues in BackendApplication.java * Fix: BackendApplication.java = final * Fix: Remove constructor and allow Spring to initiate this class * Fix: Add constructor,I think coderabbit is having a stroke * Fix: Checkstyle problems * Add CI plugins: Spotless, Checkstyle, SpotBugs, JaCoCo, OWASP * Add CI plugins: Spotless, Checkstyle, SpotBugs, JaCoCo, OWASP * Hunted errors in pom.xml, BackendApplication, checkstyle.xml manualy tested with mvn spotless:check mvn checkstyle:check mvn clean verify mvn pmd:check * Hunted errors in pom.xml, BackendApplication, checkstyle.xml manualy tested with mvn spotless:check mvn checkstyle:check mvn clean verify mvn pmd:check * fixed checkstyle errors * fixed Test-files errors * deleted owasp dependency-check-maven * deleted owasp dependency-check-maven * deleted public in AuthenticationIntegrationTest * Fix class naming convention in IndexController * Remove redundant SpotBugs exclusion file and improve constructor clarity in User entity * Remove redundant comment in User entity constructor --------- Co-authored-by: Ronja Fagerdahl <ronjafagerdahl@gmail.com> Co-authored-by: Jörgen Lindström <jorlind@telia.com> Co-authored-by: Martin Blomberg <martin.blomberg@outlook.com>
jennymakki
left a comment
jennymakki
left a comment
There was a problem hiding this comment.
Really nice test coverage for ReportController.
The tests clearly cover the happy path, validation errors, and fetching submitted reports.
alfredbrannare
left a comment
alfredbrannare
left a comment
There was a problem hiding this comment.
For some reason the test just loops this for me:
2025-12-15T10:46:52.311+01:00 INFO 7940 --- [backend] [backend-admin-0] o.a.k.c.a.i.AdminMetadataManager : [AdminClient clientId=backend-admin-0] Rebootstrapping with Cluster(id = null, nodes = [localhost:9092 (id: -1 rack: null isFenced: false)], partitions = [], controller = null)
Is there something I am missing?
I don't think Kafka was there last I review it?
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (2)
backend/src/test/java/org/fungover/zipp/controller/ReportControllerTest.java (2)
60-64: Consider extracting shared ObjectMapper and completing the future.The
ObjectMapperwithJavaTimeModuleis instantiated in multiple tests. Additionally, theCompletableFutureis never completed - if the controller awaits the result synchronously, this could cause issues.Consider extracting the ObjectMapper as a class field and completing the future:
+ private static final ObjectMapper mapper = new ObjectMapper() + .registerModule(new JavaTimeModule()); + @Test void createReport() throws Exception { Report firstReport = new Report("Candy paper", ReportType.DEBRIS, 50.0, 50.0, Instant.parse("2025-12-03T15:30:00Z"), ReportStatus.ACTIVE, null); - ObjectMapper mapper = new ObjectMapper(); - mapper.registerModule(new JavaTimeModule()); - CompletableFuture<SendResult<String, ReportResponse>> future = new CompletableFuture<>(); + future.complete(null); // Complete the future to avoid potential blocking when(template.send(anyString(), any())).thenReturn(future);
66-74: Consider extracting the OAuth2 login configuration.The
oauth2Login().attributes(...)pattern is repeated across all three tests. Extracting this to a helper method would improve maintainability.private static SecurityMockMvcRequestPostProcessors.OAuth2LoginConfigurer mockOAuth2Login() { return SecurityMockMvcRequestPostProcessors.oauth2Login().attributes(user -> { user.put("name", "Test User"); user.put("email", "test@gmail.com"); user.put("role", "USER"); }); }Then use:
.with(mockOAuth2Login()).with(csrf())
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
backend/src/test/java/org/fungover/zipp/controller/ReportControllerTest.java(1 hunks)
🧰 Additional context used
🧬 Code graph analysis (1)
backend/src/test/java/org/fungover/zipp/controller/ReportControllerTest.java (1)
backend/src/test/java/org/fungover/zipp/authtest/AuthenticationIntegrationTest.java (1)
SpringBootTest(24-66)
🔇 Additional comments (3)
backend/src/test/java/org/fungover/zipp/controller/ReportControllerTest.java (3)
39-44: Test configuration looks well-structured.The combination of
@Import(TestcontainersConfiguration.class)for database connectivity,@EnableAutoConfiguration(exclude = {KafkaAutoConfiguration.class})for Kafka isolation, and@Transactionalfor test rollback is appropriate for this integration test.
46-53: Appropriate use of autowiring and mocking.The
ReportServiceis properly autowired for real integration testing whileKafkaTemplateis correctly mocked to avoid external Kafka dependencies.
77-93: Validation test is well-structured.The test correctly validates that a
nulldescription triggers a 400 Bad Request response. The absence of Kafka mock setup is appropriate since validation occurs before any Kafka publishing.
backend/src/test/java/org/fungover/zipp/controller/ReportControllerTest.java
Show resolved
Hide resolved
|
@alfredbrannare I merged main into the branch. Now when you make a post , the report is send with kafka. Thats why I hade to mock it. |
Fagerdahl
left a comment
Fagerdahl
left a comment
There was a problem hiding this comment.
This is a solid test addition!
The coverage is good and it’s great to see both happy path and validation scenarios tested, including security context and CSRF handling.
A few small suggestions that could make the tests even clearer and less repetative going forward:
The test currently mixes integration-style setup (@SpringBootTest, Testcontainers, real ReportService) with mocked infrastructure (Kafka). This works, but it might be worth clarifying the intent: either a full integration test or a more focused controller/MVC test with a mocked service.
ObjectMapper setup is duplicated across tests and I don´t think we need that double set of JSON mappers.
I would consider reusing a single instance to keep the config in one place. for example:
private final ObjectMapper mapper = new ObjectMapper() .registerModule(new JavaTimeModule()); This would give us a little more dry code 🏜️
None of these are blocking a merge, the tests are already in good shape. These are mostly about clarity and long-term maintainability. And also educational SUBSTANCE for me as a reviewer 🥰
Nice work overall! Keep up the good work.
Christmas magic is just around the corner ✨
|
what happened- all were green five minutes ago??? I approved and all looked good. I did not see I was assigned to review this until now!! Sorry that you had to wait 🌸 @LolloGro |
LolloGro
dismissed stale reviews from Fagerdahl and alfredbrannare
via
e92f3b6
|
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
backend/src/test/java/org/fungover/zipp/controller/ReportControllerTest.java (1)
91-94: Remove unusedattackervariable.Same issue as the previous test—the
attackerUser is never used and should be removed.Apply this diff:
@Test void createReportWithImagesShouldReturnCreatedReport() { - User attacker = new User(); - attacker.setId(UUID.randomUUID()); - attacker.setEmail("attacker@example.com"); - attacker.setProviderId("attacker-999"); - Report inputReport = new Report("Report with images", ReportType.DEBRIS, 59.3293, 18.0686, List.of("https://example.com/image1.jpg", "https://example.com/image2.jpg"));
🧹 Nitpick comments (3)
backend/src/main/java/org/fungover/zipp/repository/UserRepository.java (1)
5-5: LGTM! The@Repositoryannotation is explicit but optional.Spring Data JPA automatically detects repositories that extend
JpaRepository, so@Repositoryis technically redundant. However, it explicitly documents the component's role and causes no harm.Also applies to: 10-10
backend/src/test/java/org/fungover/zipp/controller/ReportControllerEndpointTest.java (1)
97-98: Remove unnecessary JavaTimeModule registration.The
JavaTimeModuleis no longer needed since theReportDTO no longer containsInstantfields after the refactoring.Apply this diff:
- ObjectMapper mapper = new ObjectMapper(); - mapper.registerModule(new JavaTimeModule()); + ObjectMapper mapper = new ObjectMapper();backend/src/test/java/org/fungover/zipp/controller/ReportControllerTest.java (1)
67-70: Remove unusedattackervariable.The
attackerUser created here is never used in the test. This is leftover dead code from the DTO refactoring that removed the attacker field from theReportconstructor.Apply this diff:
@Test void createReportShouldReturnCreatedReportWithStatus201() { - User attacker = new User(); - attacker.setId(UUID.randomUUID()); - attacker.setEmail("attacker@example.com"); - attacker.setProviderId("attacker-999"); - Report inputReport = new Report("Test description", ReportType.ACCIDENT, 59.3293, 18.0686, null);
📜 Review details
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (5)
backend/pom.xml(1 hunks)backend/src/main/java/org/fungover/zipp/dto/Report.java(1 hunks)backend/src/main/java/org/fungover/zipp/repository/UserRepository.java(1 hunks)backend/src/test/java/org/fungover/zipp/controller/ReportControllerEndpointTest.java(1 hunks)backend/src/test/java/org/fungover/zipp/controller/ReportControllerTest.java(2 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- backend/pom.xml
🧰 Additional context used
🧬 Code graph analysis (1)
backend/src/test/java/org/fungover/zipp/controller/ReportControllerEndpointTest.java (1)
backend/src/test/java/org/fungover/zipp/authtest/AuthenticationIntegrationTest.java (1)
SpringBootTest(24-66)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
- GitHub Check: PR Build
- GitHub Check: Jenkins
- GitHub Check: Build, Test & Analyze
🔇 Additional comments (3)
backend/src/test/java/org/fungover/zipp/controller/ReportControllerEndpointTest.java (1)
73-91: LGTM! Proper Kafka mock setup for POST test.The test correctly mocks the
KafkaTemplate.send()method before performing the POST request, ensuring the asynchronous Kafka publish doesn't cause test failures.backend/src/test/java/org/fungover/zipp/controller/ReportControllerTest.java (1)
72-72: LGTM! Constructor calls correctly updated.The
Reportconstructor calls have been properly updated to match the new DTO signature, including theimageUrlsparameter.Also applies to: 96-97
backend/src/main/java/org/fungover/zipp/dto/Report.java (1)
11-17: LGTM! DTO refactoring improves API design.The simplified
ReportDTO correctly separates client input concerns from server-managed fields (user, timestamp, status). This improves security and consistency by preventing clients from setting these values. All usages throughout the codebase have been updated to match the new constructor signature: (description, eventType, latitude, longitude, imageUrls).
| @Test | ||
| void returnsSubmittedReport() throws Exception { | ||
| Report firstReport = new Report("Candy paper", ReportType.DEBRIS, 50.0, 50.0, null); | ||
|
|
||
| reportService.createReport(reportUser, firstReport); | ||
|
|
||
| mockMvc.perform(get("/api/reports").with(SecurityMockMvcRequestPostProcessors.oauth2Login().attributes(user -> { | ||
| user.put("name", "Test User"); | ||
| user.put("email", "test@gmail.com"); | ||
| user.put("role", "USER"); | ||
| })).with(csrf())).andExpect(status().isOk()).andExpect(jsonPath("$[0].status").value("ACTIVE")); | ||
| } |
There was a problem hiding this comment.
Add Kafka mock setup to prevent potential NPE.
The reportService.createReport() call on line 114 likely triggers Kafka publishing internally. Unlike the createReport test (lines 79-80), this test doesn't configure the mock's behavior with when(template.send(...)).thenReturn(...). If the service tries to access methods on the SendResult, this could cause a NullPointerException.
Apply this diff to add the Kafka mock setup:
@Test
void returnsSubmittedReport() throws Exception {
Report firstReport = new Report("Candy paper", ReportType.DEBRIS, 50.0, 50.0, null);
+ CompletableFuture<SendResult<String, ReportResponse>> future = new CompletableFuture<>();
+ when(template.send(anyString(), any())).thenReturn(future);
+
reportService.createReport(reportUser, firstReport);Note: The csrf() on line 120 is unnecessary for GET requests but harmless.
🤖 Prompt for AI Agents
In
backend/src/test/java/org/fungover/zipp/controller/ReportControllerEndpointTest.java
around lines 110 to 121, the test calls reportService.createReport(...) but does
not configure the Kafka template mock, which can cause an NPE when the service
publishes; before invoking createReport, stub the Kafka template's send(...) to
return a completed future containing a mocked SendResult (or otherwise a
non-null Future/SendResult) so any accessors on the result won't NPE — create a
mock SendResult, wrap it in a completed CompletableFuture (or the project's
equivalent) and set up when(template.send(any())).thenReturn(thatFuture)
immediately before reportService.createReport(...).
0x0xoscar
left a comment
0x0xoscar
left a comment
There was a problem hiding this comment.
Tests look good and are easy to follow.
Agree with CodeRabbits note about mocking Kafka in the last test to be safe, but otherwise looks good to merge. Well done!
Fagerdahl
left a comment
Fagerdahl
left a comment
There was a problem hiding this comment.
This is a solid test addition!
The coverage is good and it’s great to see both happy path and validation scenarios tested, including security context and CSRF handling.
A few small suggestions that could make the tests even clearer and less repetative going forward:
The test currently mixes integration-style setup (https://github.com/SpringBootTest, Testcontainers, real ReportService) with mocked infrastructure (Kafka). This works, but it might be worth clarifying the intent: either a full integration test or a more focused controller/MVC test with a mocked service.
ObjectMapper setup is duplicated across tests and I don´t think we need that double set of JSON mappers.
I would consider reusing a single instance to keep the config in one place. for example:
private final ObjectMapper mapper = new ObjectMapper() .registerModule(new JavaTimeModule()); This would give us a little more dry code 🏜️
None of these are blocking a merge, the tests are already in good shape. These are mostly about clarity and long-term maintainability. And also educational SUBSTANCE for me as a reviewer 🥰
Nice work overall! Keep up the good work.
Christmas magic is just around the corner ✨
Patseroni
left a comment
Patseroni
left a comment
There was a problem hiding this comment.
Late review. =)
But all tests worked for me without any issues.
12 participants
Test for report controller:
Summary by CodeRabbit
Refactor
Tests
Chores
✏️ Tip: You can customize this high-level summary in your review settings.