Release/13.3#338
Merged
Merged
Conversation
- Introduced SubmissionAnonymisationConfigProperties for configuration settings. - Added EXPIRED status to SubmissionStatus enum. - Enhanced GrantAttachmentRepository and GrantMandatoryQuestionRepository with delete methods for submissions. - Updated SubmissionRepository with methods for anonymising submissions and deleting related data. - Implemented SubmissionAnonymisationScheduler to handle scheduled anonymisation of submissions. - Created SubmissionAnonymisationService to manage the anonymisation process, including S3 object deletion and database cleanup. - Added application properties for submission anonymisation configuration. - Created database migration to document the new EXPIRED status in the submission table.
- Removed Lombok annotations: @builder, @AllArgsConstructor, and @NoArgsConstructor. - Simplified the class by retaining only @Getter and @Setter annotations. - Adjusted the default value for daysBeforeExpiry to 90, ensuring clarity in configuration settings.
- Updated deleteAttachment method to accept an S3 URI instead of just the object key. - Extracted bucket name and key from the S3 URI for improved flexibility. - Added logging to indicate which bucket and object are being deleted. - Ensured deletion from both the specified bucket and the attachments bucket.
- Updated the S3 deletion logic to abort anonymisation if any deletion fails, ensuring the submission remains in IN_PROGRESS for retry. - Enhanced logging to provide clearer context on failures during S3 object deletion, improving traceability and error handling.
…tion - Introduced a new `batchSize` property in `SubmissionAnonymisationConfigProperties` with a default value of 500. - Updated `SubmissionRepository` to include pagination support in the `findByStatusAndLastUpdatedBefore` method. - Modified `SubmissionAnonymisationScheduler` to utilize the new pagination feature when retrieving submissions for anonymisation.
- Introduced a new property `submission-anonymisation-scheduler.batchSize` with a value of 500 in the application properties file to enhance the configuration of the submission anonymisation process.
…advert closure handling - Modified the SubmissionRepository to add a new method that retrieves submissions based on status, last updated date, and advert closure. - Updated the SubmissionAnonymisationScheduler to utilize the new repository method for fetching submissions due for anonymisation.
![aikido-pr-checks[bot]](https://avatars.githubusercontent.com/in/898896?s=60&v=4){kind=small}
|
|
||
| List<Submission> findByStatusAndLastUpdatedBefore(SubmissionStatus status, LocalDateTime cutoff); | ||
| @Query(value = """ | ||
| SELECT gs.* FROM grant_submission gs |
There was a problem hiding this comment.
findByStatusAndLastUpdatedBeforeAndAdvertClosed uses 'SELECT gs.*' which selects all columns. Replace the wildcard with an explicit list of needed columns.
Suggested change
| SELECT gs.* FROM grant_submission gs | |
| SELECT gs.id, gs.applicant_id, gs.scheme_id, gs.application_id, gs.version, gs.created, gs.created_by, gs.last_updated, gs.last_updated_by, gs.submitted_date, gs.application_name, gs.submission_name, gs.status, gs.definition, gs.gap_id, gs.last_required_checks_export FROM grant_submission gs |
Details
✨ AI Reasoning
A new repository method was added that relies on a native SQL query returning all columns via a table-level wildcard. Selecting all columns by wildcard makes the code fragile to schema changes, may expose unintended data, and can hurt performance. Replacing the wildcard with an explicit, minimal column list clarifies data dependencies and reduces risk.
Reply @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.