Generic process endpoint

[antoinebhs]

PR Summary

• Generic endpoint for process execution (for other process types following)
• Avoid using deleteById after findById because deleteById do another findById + delete, use delete directly.

[coderabbitai]

Warning

Rate limit exceeded

@antoinebhs has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 14 minutes and 39 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 54b6819b-4c69-4a8b-97ba-539b49b71f6f

📥 Commits

Reviewing files that changed from the base of the PR and between 02284f9 and b482cb4.

📒 Files selected for processing (2)

• monitor-server/src/test/java/org/gridsuite/monitor/server/controllers/MonitorControllerTest.java
• monitor-server/src/test/java/org/gridsuite/monitor/server/services/MonitorServiceTest.java

📝 Walkthrough

Walkthrough

Replaces the security-analysis-specific execute endpoint with a generic process execute endpoint, adds a required userId request header passed to the service, updates API docs text, and refactors deleteExecution to use a cached entity reference and call repository delete(entity).

Changes

Cohort / File(s)	Summary
Controller — execute endpoint monitor-server/src/main/java/org/gridsuite/monitor/server/controllers/MonitorController.java	Renamed executeSecurityAnalysis → executeProcess, changed POST path from /execute/security-analysis → /execute, added required userId @RequestHeader, updated API response text, and passes userId to monitorService.executeProcess(...).
Service — deleteExecution refactor monitor-server/src/main/java/org/gridsuite/monitor/server/services/MonitorService.java	In deleteExecution, cache retrieved entity in a local variable, iterate steps via Optional.ofNullable(entity.getSteps())..., and replace executionRepository.deleteById(executionId) with executionRepository.delete(entity).
Tests — updated expectations monitor-server/src/test/java/org/gridsuite/monitor/server/controllers/MonitorControllerTest.java, monitor-server/src/test/java/org/gridsuite/monitor/server/services/MonitorServiceTest.java	Renamed tests and updated endpoint path/expectations for executeProcess; adjusted repository deletion verifications from deleteById(...) to delete(...).
Build manifest pom.xml	Test-related changes reflected in build/test context (no functional dependency changes).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Delete an execution #27: Similar changes to MonitorService.deleteExecution (entity access and deletion by entity).
• Launch process using config UUID #58: Related modifications to controller execute endpoint and addition of userId header in signatures/calls.
• Save launch parameters #24: Also updates MonitorController/service signatures to pass userId through execute flow.

Suggested reviewers

• FranckLecuyer
• khouadrired
• klesaulnier

Poem

🐰 A hop, a tweak, the endpoint's new and bright,
UserId tucked in, sent along the flight.
Old delete trimmed to hold the one true thing,
Steps counted gently — now the tidy spring.
🥕✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'Generic process endpoint' directly reflects the main change - converting a security-analysis-specific endpoint into a generic process execution endpoint.
Description check	✅ Passed	The description clearly relates to the changeset, explaining both the main refactoring (generic endpoint for process execution) and a secondary optimization (avoiding redundant deleteById calls).

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch generic-process-endpoint

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

monitor-server/src/main/java/org/gridsuite/monitor/server/controllers/MonitorController.java (1)

44-53: ⚠️ Potential issue | 🟠 Major

Breaking API contract without transition path.

Changing both the route and request shape (required userId header) breaks existing callers; CI already shows this via the test where monitorService.executeProcess(...) is never reached. Please either update all callers/tests in this PR or add a temporary backward-compatible mapping.

💡 Backward-compatible mapping option

-    `@PostMapping`("/execute")
+    `@PostMapping`({"/execute", "/execute/security-analysis"})

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@monitor-server/src/main/java/org/gridsuite/monitor/server/controllers/MonitorController.java`
around lines 44 - 53, The API change removed the previous route/shape and added
a required HEADER_USER_ID header, breaking callers; restore backward
compatibility by adding a secondary endpoint or making the header optional and
falling back to the old behavior: update MonitorController.executeProcess (or
add an overloaded method) to accept requests without HEADER_USER_ID (either by
marking `@RequestHeader`(HEADER_USER_ID, required = false) String userId and
deriving the original user identity when null, or by adding another `@PostMapping`
with the old route/signature that delegates to
monitorService.executeProcess(caseUuid, userId, processConfigUuid, isDebug));
ensure both handlers call monitorService.executeProcess so existing
tests/callers still reach monitorService.executeProcess and maintain the new
header-based flow for upgraded clients.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Outside diff comments:
In
`@monitor-server/src/main/java/org/gridsuite/monitor/server/controllers/MonitorController.java`:
- Around line 44-53: The API change removed the previous route/shape and added a
required HEADER_USER_ID header, breaking callers; restore backward compatibility
by adding a secondary endpoint or making the header optional and falling back to
the old behavior: update MonitorController.executeProcess (or add an overloaded
method) to accept requests without HEADER_USER_ID (either by marking
`@RequestHeader`(HEADER_USER_ID, required = false) String userId and deriving the
original user identity when null, or by adding another `@PostMapping` with the old
route/signature that delegates to monitorService.executeProcess(caseUuid,
userId, processConfigUuid, isDebug)); ensure both handlers call
monitorService.executeProcess so existing tests/callers still reach
monitorService.executeProcess and maintain the new header-based flow for
upgraded clients.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 8afe21a3-2042-4820-9038-561e417aba8a

📥 Commits

Reviewing files that changed from the base of the PR and between d3b3848 and 421299d.

📒 Files selected for processing (2)

• monitor-server/src/main/java/org/gridsuite/monitor/server/controllers/MonitorController.java
• monitor-server/src/main/java/org/gridsuite/monitor/server/services/MonitorService.java

[coderabbitai]

🧹 Nitpick comments (2)

monitor-server/src/test/java/org/gridsuite/monitor/server/services/MonitorServiceTest.java (1)

578-578: Consider updating verification for consistency with the new delete approach.

This test still verifies that deleteById(executionId) is never called, but the production code now uses delete(entity). While this test still passes (since neither method is called when the entity isn't found), updating it to verify the current implementation would be more accurate.

♻️ Suggested update for consistency

         verify(executionRepository).findById(executionId);
         verifyNoInteractions(reportRestService);
         verifyNoInteractions(resultService);
-        verify(executionRepository, never()).deleteById(executionId);
+        verify(executionRepository, never()).delete(any(ProcessExecutionEntity.class));

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@monitor-server/src/test/java/org/gridsuite/monitor/server/services/MonitorServiceTest.java`
at line 578, The test currently verifies that
executionRepository.deleteById(executionId) is never called, but production now
uses executionRepository.delete(entity); update the assertion in
MonitorServiceTest to verify that executionRepository.delete(...) is never
called instead (e.g., verify(executionRepository, never()).delete(any()) or
never().delete(any(Execution.class))) so the test matches the current delete
approach and intent; reference executionRepository and the delete(entity) usage
in the production code when making the change.

monitor-server/src/test/java/org/gridsuite/monitor/server/controllers/MonitorControllerTest.java (1)

70-106: Test correctly updated for the generic endpoint.

The endpoint path /v1/execute and required userId header correctly align with the controller's @PostMapping("/execute") and HEADER_USER_ID constant.

Consider using exact matchers in verification for consistency. The verification on line 105 uses any(String.class) for userId and any(UUID.class) for processConfigUuid, but both values are known in the test. The second test (executeProcessWithConfigNotFoundShouldReturnError) already uses exact values for verification, creating an inconsistency.

Suggested tighter verification

-        verify(monitorService).executeProcess(eq(caseUuid), any(String.class), any(UUID.class), eq(expectedDebugValue));
+        verify(monitorService).executeProcess(eq(caseUuid), eq("user1"), eq(processConfigUuid), eq(expectedDebugValue));

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
`@monitor-server/src/test/java/org/gridsuite/monitor/server/controllers/MonitorControllerTest.java`
around lines 70 - 106, The test executeProcessShouldReturnExecutionId currently
uses loose matchers for userId and processConfigUuid; tighten verification by
replacing any(String.class) and any(UUID.class) with exact matches (eq("user1")
and eq(processConfigUuid)) in the verify call for monitorService.executeProcess,
and likewise update the when(...) stub for monitorService.executeProcess to use
eq(caseUuid), eq("user1"), eq(processConfigUuid), eq(expectedDebugValue) so the
mocked interaction and the verification both assert the concrete values
generated in the test (refer to executeProcessShouldReturnExecutionId,
monitorService.executeProcess, and the request built by
MockHttpServletRequestBuilder).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In
`@monitor-server/src/test/java/org/gridsuite/monitor/server/controllers/MonitorControllerTest.java`:
- Around line 70-106: The test executeProcessShouldReturnExecutionId currently
uses loose matchers for userId and processConfigUuid; tighten verification by
replacing any(String.class) and any(UUID.class) with exact matches (eq("user1")
and eq(processConfigUuid)) in the verify call for monitorService.executeProcess,
and likewise update the when(...) stub for monitorService.executeProcess to use
eq(caseUuid), eq("user1"), eq(processConfigUuid), eq(expectedDebugValue) so the
mocked interaction and the verification both assert the concrete values
generated in the test (refer to executeProcessShouldReturnExecutionId,
monitorService.executeProcess, and the request built by
MockHttpServletRequestBuilder).

In
`@monitor-server/src/test/java/org/gridsuite/monitor/server/services/MonitorServiceTest.java`:
- Line 578: The test currently verifies that
executionRepository.deleteById(executionId) is never called, but production now
uses executionRepository.delete(entity); update the assertion in
MonitorServiceTest to verify that executionRepository.delete(...) is never
called instead (e.g., verify(executionRepository, never()).delete(any()) or
never().delete(any(Execution.class))) so the test matches the current delete
approach and intent; reference executionRepository and the delete(entity) usage
in the production code when making the change.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 14b7541b-2ecc-419b-943e-27c6bac0cbec

📥 Commits

Reviewing files that changed from the base of the PR and between 421299d and 02284f9.

📒 Files selected for processing (2)

• monitor-server/src/test/java/org/gridsuite/monitor/server/controllers/MonitorControllerTest.java
• monitor-server/src/test/java/org/gridsuite/monitor/server/services/MonitorServiceTest.java

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud