Integrated code lifecycle: Improve access log handling

[SimonEntholzer]

Checklist

General

• I tested all changes and their related features with all corresponding user types on a test server.
• Language: I followed the guidelines for inclusive, diversity-sensitive, and appreciative language.
• I chose a title conforming to the naming conventions for pull requests.

Server

• Important: I implemented the changes with a very good performance and prevented too many (unnecessary) and too complex database calls.
• I strictly followed the principle of data economy for all database calls.
• I strictly followed the server coding and design guidelines.
• I documented the Java code using JavaDoc style.

Changes affecting Programming Exercises

• High priority: I tested all changes and their related features with all corresponding user types on a test server configured with the integrated lifecycle setup (LocalVC and LocalCI).
• I tested all changes and their related features with all corresponding user types on a test server configured with Gitlab and Jenkins.

Motivation and Context

The access log can only distinguish between READ and WRITE. It would be nice, if instructors could see the difference between Clone, push and pull operations.

Description

Add more granular access logging for SSH and HTTPS git repository accesses.

Steps for Testing

With an instructor, participate in an exercise, by cloning over SSH and/or HTTPs, and pull / push.
Go to the exercise participation, open the participation's repository and go to the access log view.
Check that all operations on the repository were logged correctly.

Testserver States

Note

These badges show the state of the test servers.
Green = Currently available, Red = Currently locked
Click on the badges to get to the test servers.

Review Progress

Code Review

• Code Review 1
• Code Review 2

Manual Tests

• Test 1
• Test 2

Test Coverage

Screenshots

Summary by CodeRabbit

• New Features

  • Enhanced logging and tracking for Git operations, including new repository action types such as CLONE, PULL, and PUSH.
  • Introduced new classes and methods for handling upload negotiations and logging access during these processes.
  • Support for asynchronous processing in access logging functions to improve performance.
  • Added a new setter method for modifying repository action types.
  • New methods for retrieving participation records based on repository URIs across multiple repositories.

• Bug Fixes

  • Improved exception handling for authentication failures, ensuring better logging of failed attempts.

• Documentation

  • Expanded method documentation to include details about setting pre/post receive/upload hooks and relevant Git references.

• Refactor

  • Streamlined methods for user authentication and repository action handling to enhance readability and maintainability.
  • Improved clarity in user authorization handling.

[coderabbitai]

Walkthrough

The pull request enhances user authentication, authorization, and logging within the version control system. Key modifications include the addition of a new enum constant VCS_ACCESS_TOKEN for authentication scenarios and significant updates to the LocalVCServletService class, which now features improved error handling and new logging methods for repository access actions. New classes have been introduced to manage upload negotiations, and several methods have been updated to support asynchronous processing. The overall structure of the affected classes has been improved for better readability and maintainability.

Changes

File	Change Summary
src/main/java/de/tum/cit/aet/artemis/programming/domain/AuthenticationMechanism.java	Added enum constant VCS_ACCESS_TOKEN.
src/main/java/de/tum/cit/aet/artemis/programming/domain/VcsAccessLog.java	Added method setRepositoryActionType(RepositoryActionType repositoryActionType).
src/main/java/de/tum/cit/aet/artemis/programming/repository/VcsAccessLogRepository.java	Removed method findNewestByParticipationIdWhereCommitHashIsNull; added method findNewestByParticipationId(@Param("participationId") long participationId).
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java	Updated doFilterInternal to include exception handling for AuthenticationException.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java	Added class LocalVCFetchPreUploadHook with methods for logging during upload negotiations.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java	Added class LocalVCFetchPreUploadHookSSH with methods for logging during upload negotiations.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java	Updated doFilterInternal to include logging for push requests.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java	Enhanced methods for authentication and authorization; added multiple new methods for logging and handling repository actions.
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java	Updated methods to support asynchronous processing; added method updateRepositoryActionType(...).
src/main/java/de/tum/cit/aet/artemis/programming/web/repository/RepositoryActionType.java	Expanded enum RepositoryActionType with new constants: CLONE, PULL, PUSH, CLONE_FAIL, PULL_FAIL, PUSH_FAIL.
src/main/java/de/tum/cit/aet/artemis/programming/repository/ProgrammingExerciseStudentParticipationRepository.java	Added methods findByRepositoryUri(...) and findByRepositoryUriElseThrow(...).
src/main/java/de/tum/cit/aet/artemis/programming/repository/SolutionProgrammingExerciseParticipationRepository.java	Added methods findByRepositoryUri(...) and findByRepositoryUriElseThrow(...).
src/main/java/de/tum/cit/aet/artemis/programming/repository/TemplateProgrammingExerciseParticipationRepository.java	Added methods findByRepositoryUri(...) and findByRepositoryUriElseThrow(...).
src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java	Added method setUploadPackFactory(...) to support upload operations.

Possibly related PRs

• Integrated code lifecycle: Add access tokens for authentication to LocalVC repositories #8929: This PR introduces access tokens for authentication to LocalVC repositories, which is directly related to the changes in the main PR that enhance user authentication mechanisms, including the addition of a new enum constant for VCS access tokens.
• Integrated code lifecycle: Add custom auth for build agents #8671: This PR adds custom authentication for build agents, which involves modifications to the LocalVCServletService class, similar to the changes made in the main PR regarding user authentication and authorization.
• Integrated code lifecycle: Add access log for repositories #9184: This PR adds access logs for repositories, which aligns with the logging enhancements in the main PR, particularly the new logging methods introduced in the LocalVCServletService class.

Suggested labels

tests, bugfix, documentation

Suggested reviewers

• JohannesStoehr
• florian-glombik
• pzdr7
• EneaGore

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai or @coderabbitai title anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 27

🧹 Outside diff range comments (6)

src/main/java/de/tum/cit/aet/artemis/programming/web/repository/RepositoryActionType.java (1)

Line range hint 3-5: Update JavaDoc to reflect new action types.

The current JavaDoc comment describes the enum as determining if a repository action "only reads" or "updates". With the addition of more specific action types like CLONE, PULL, and PUSH, this description is no longer comprehensive.

Consider updating the JavaDoc to better reflect the expanded range of repository actions. For example:

/**
 * Represents various types of repository actions including read operations (e.g., get a file from the repo),
 * write operations (e.g., create a new file in the repo), and specific Git operations like clone, pull, and push.
 * Also includes failure states for certain operations.
 */

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)

Line range hint 1-57: Consider minor improvements for better alignment with coding guidelines.

The code generally adheres well to the provided guidelines. To further improve:

1. Consider extracting the constant "WWW-Authenticate" to a static final field at the class level, following the practice of using static member references:

private static final String WWW_AUTHENTICATE_HEADER = "WWW-Authenticate";

Then use it in the doFilterInternal method:

servletResponse.setHeader(WWW_AUTHENTICATE_HEADER, "Basic");

2. To promote code reuse, consider extracting the common exception handling logic into a private method:

private void handleException(Exception e, HttpServletRequest request, HttpServletResponse response) throws IOException {
    if (e instanceof AuthenticationException) {
        localVCServletService.logFailedAttempt(request);
        throw (AuthenticationException) e;
    } else if (e instanceof LocalVCAuthException || e instanceof LocalVCForbiddenException || e instanceof LocalVCInternalException) {
        response.setStatus(localVCServletService.getHttpStatusForException((Exception) e, request.getRequestURI()));
    }
}

Then use it in the doFilterInternal method:

try {
    localVCServletService.authenticateAndAuthorizeGitRequest(servletRequest, RepositoryActionType.READ);
} catch (Exception e) {
    handleException(e, servletRequest, servletResponse);
    return;
}

These changes would further align the code with the guidelines for static member references and code reuse.

src/main/java/de/tum/cit/aet/artemis/programming/domain/VcsAccessLog.java (1)

Line range hint 1-83: Overall structure looks good, with minor suggestions for improvement.

The VcsAccessLog class is well-structured as a JPA entity. It follows good practices such as:

• Extending a common base class (DomainObject)
• Using appropriate JPA annotations
• Providing both parameterized and default constructors
• Using ZonedDateTime for timestamp

To further improve the class:

1. Consider using @Column(name = "timestamp", columnDefinition = "TIMESTAMP WITH TIME ZONE") for the timestamp field to ensure consistent timezone handling across different databases.
2. The ipAddress field might benefit from validation to ensure it's a valid IP address format.

Here's a suggestion for the timestamp field:

-    @Column(name = "timestamp")
+    @Column(name = "timestamp", columnDefinition = "TIMESTAMP WITH TIME ZONE")
     private ZonedDateTime timestamp;

Consider adding validation for the ipAddress field, either through a custom validator or by using a library like Apache Commons Validator.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (3)

Line range hint 454-470: Avoid Catching Generic 'Exception'

Catching the generic Exception in the authorizeUser method can obscure the actual exceptions that occur and make debugging difficult. It's better to catch specific exceptions that you expect might be thrown within the try block.

Consider catching specific exceptions:

-} catch (Exception e) {
+} catch (IOException | GitAPIException e) {
     log.warn("Failed to obtain commit hash or store access log for repository {}. Error: {}", localVCRepositoryUri.getRelativeRepositoryPath().toString(), e.getMessage());
}

---

Line range hint 454-470: Possible Resource Leak in Repository Handling

In the authorizeUser method, the Repository opened in the try block might not be properly closed, as it is not managed in a try-with-resources or finally block.

Ensure that the Repository is closed after use:

-try (Repository repository = resolveRepository(relativeRepositoryPath)) {
+Repository repository = null;
+try {
+    repository = resolveRepository(relativeRepositoryPath);
     commitHash = getLatestCommitHash(repository);
} finally {
+    if (repository != null) {
+        repository.close();
+    }
}

Alternatively, confirm that resolveRepository returns a resource that manages its own closure.

---

Line range hint 282-310: Simplify Authentication Logic

The authenticateUser method contains nested conditions that could be simplified for better readability. Also, consider separating concerns by extracting parts of this method into smaller, focused methods.

Refactor to improve readability:

• Extract the user retrieval logic.
• Separate VCS token validation into its own method.
• Simplify the password authentication flow.

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between 3779e88 and 1c848b6.

📒 Files selected for processing (12)

• src/main/java/de/tum/cit/aet/artemis/programming/domain/VcsAccessLog.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/repository/VcsAccessLogRepository.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java (2 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (2 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (9 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (2 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (3 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ssh/SshGitCommand.java (2 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/web/repository/RepositoryActionType.java (1 hunks)

🧰 Additional context used

📓 Path-based instructions (12)

src/main/java/de/tum/cit/aet/artemis/programming/domain/VcsAccessLog.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/repository/VcsAccessLogRepository.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ssh/SshGitCommand.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/web/repository/RepositoryActionType.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

🔇 Additional comments (17)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (4)

1-11: LGTM: Class declaration and imports are well-structured.

The class name follows CamelCase convention, and the imports are specific without using star imports. The class adheres to the Single Responsibility Principle by focusing on pre-upload hook functionality.

---

13-20: LGTM: Fields and constructor are well-implemented.

The class uses constructor injection for dependency management, adhering to the dependency injection guideline. Fields are correctly declared as private final, following the least access principle. The constructor is simple and follows the KISS principle.

---

22-26: LGTM: onBeginNegotiateRound implementation looks good.

The method correctly delegates the logging responsibility to localVCServletService.addVCSAccessLogForCloneAndPull(), adhering to the principle of delegating logic to appropriate services.

---

1-37: Overall implementation aligns well with PR objectives.

The LocalVCFetchPreUploadHook class effectively implements the PreUploadHook interface to enhance access logging capabilities for repository operations. It follows coding guidelines, including proper naming conventions, dependency injection, and adherence to SOLID principles. The implementation of onBeginNegotiateRound provides the required logging functionality for clone and pull operations, which directly addresses the PR's goal of providing more granular logging for specific Git operations.

To further improve the implementation:

1. Consider adding unit tests to verify the behavior of the onBeginNegotiateRound method.
2. Evaluate if onEndNegotiateRound and onSendPack methods need implementation for complete logging coverage.

Great job on enhancing the access logging capabilities!

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1)

50-50: 🧹 Nitpick (assertive)

Approve with suggestions: Consider error handling and performance impact

The addition of VCS access logging for push requests is a valuable enhancement that aligns with the PR objectives. The placement of the new line is appropriate, occurring after authentication and authorization but before the request proceeds.

However, consider the following suggestions:

1. Error Handling: Add try-catch block to handle potential exceptions from addVCSAccessLogForPush.
2. Performance: Ensure that this additional logging doesn't significantly impact request processing time, especially for high-frequency operations.

Consider refactoring the code as follows:

 try {
     localVCServletService.authenticateAndAuthorizeGitRequest(servletRequest, RepositoryActionType.WRITE);
+    try {
+        this.localVCServletService.addVCSAccessLogForPush(servletRequest);
+    } catch (Exception e) {
+        log.error("Failed to log VCS access for push", e);
+        // Decide whether to proceed or return based on the criticality of logging
+    }
 }
 catch (LocalVCAuthException | LocalVCForbiddenException | LocalVCInternalException e) {
     servletResponse.setStatus(localVCServletService.getHttpStatusForException(e, servletRequest.getRequestURI()));
     return;
 }
-this.localVCServletService.addVCSAccessLogForPush(servletRequest);

This change ensures that any exceptions during logging are caught and logged, preventing them from interrupting the main flow of the request processing.

To verify the performance impact, you could run the following command:

This will help identify if there are any existing performance considerations or optimizations in the LocalVCServletService class that might be relevant to the new logging method.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (2)

13-13: LGTM: Import statement added correctly.

The new import for AuthenticationException is necessary for the added exception handling and follows the coding guideline of avoiding star imports.

---

Line range hint 1-57: Overall assessment: Good improvements with minor suggestions for refinement.

The changes to LocalVCFetchFilter.java enhance its error handling capabilities, particularly for authentication failures. The code maintains good practices and generally adheres to the provided guidelines. The suggestions for extracting constants and refactoring exception handling would further improve code quality and maintainability.

Great job on improving the robustness of the authentication process!

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java (1)

9-9: LGTM: New import added correctly.

The import for org.eclipse.jgit.transport.UploadPack is correctly added and follows the coding guideline of avoiding star imports.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (2)

73-73: LGTM: Improved variable declaration placement

Moving the user variable declaration to the beginning of the method enhances code readability and follows the principle of single responsibility. This change is in line with our coding guidelines and best practices.

---

Line range hint 1-95: Overall assessment: Changes align with PR objectives and maintain code quality

The modifications to SshGitLocationResolverService.java successfully implement enhanced access logging for SSH git repository accesses. The code changes adhere to the provided coding guidelines and maintain good practices such as separation of concerns and improved readability.

The suggested minor improvement to the placement of the logging call would further enhance the robustness of the implementation. Overall, these changes effectively contribute to the PR's goal of providing more granular logging for repository operations.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ssh/SshGitCommand.java (2)

24-24: LGTM: New import statement is correctly added.

The new import for LocalVCFetchPreUploadHookSSH follows the proper naming convention and avoids star imports, adhering to the coding guidelines.

---

Line range hint 1-114: Overall assessment: Changes are appropriate and align with project guidelines.

The modifications to SshGitCommand.java successfully integrate the new pre-upload hook functionality for SSH operations. The changes adhere to the provided coding guidelines, including proper naming conventions, dependency injection, and maintaining single responsibility.

While the changes themselves are minimal and focused, the growing complexity of the run method suggests an opportunity for refactoring to improve code maintainability. Consider implementing the suggested refactoring to break down the run method into smaller, more focused methods.

No security vulnerabilities or performance issues were introduced by these changes. The implementation appears to be correct and consistent with the PR objectives of improving access log handling for repository operations.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (3)

10-10: Import statements are appropriate

The addition of the org.springframework.scheduling.annotation.Async import is necessary for the asynchronous method annotations introduced.

---

64-64: Review the impact of making updateCommitHash asynchronous

Annotating updateCommitHash with @Async offloads its execution to a separate thread. Ensure that there are no dependencies on the immediate completion of this method elsewhere in the application, which could lead to inconsistencies if the commit hash update hasn't occurred yet.

Consider whether any subsequent operations rely on the commit hash being updated synchronously.

---

Line range hint 48-85: Ensure thread safety of shared resources in asynchronous context

With the introduction of asynchronous method execution, verify that all shared resources accessed within these methods, such as vcsAccessLogRepository, are thread-safe. This is crucial to prevent concurrency issues like race conditions or data inconsistencies.

Most Spring Data repositories are thread-safe, but if there are any custom implementations or mutable shared state, additional synchronization might be necessary.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (2)

214-215: Verify Impact of Adding 'AuthenticationException' to Method Signature

The method authenticateAndAuthorizeGitRequest now throws AuthenticationException. Please verify that all callers of this method handle the new exception appropriately to prevent any unintended side effects or unhandled exceptions in the application flow.

---

282-283: Ensure Callers Handle New 'AuthenticationException'

The authenticateUser method's signature now includes throws AuthenticationException. It's important to ensure that all callers of this method are updated to handle this exception properly to maintain robust error handling throughout the codebase.

[coderabbitai]

Actionable comments posted: 17

🧹 Outside diff range comments (2)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (1)

Line range hint 75-89: Consider extracting the authorization logic into a separate method.

To further improve code clarity and adhere to the single responsibility principle, consider extracting the authorization logic into a separate private method. This would make the resolveRootDirectory method more concise and easier to read.

Here's a suggested refactoring:

private void authorizeUserAccess(String repositoryTypeOrUserName, Object user, ProgrammingExercise exercise, 
                                 RepositoryActionType repositoryAction, ServerSession session, 
                                 LocalVCRepositoryUri localVCRepositoryUri) {
    if (session.getAttribute(SshConstants.IS_BUILD_AGENT_KEY) && repositoryAction == RepositoryActionType.READ) {
        // We already checked for build agent authenticity
        return;
    }
    
    try {
        localVCServletService.authorizeUser(repositoryTypeOrUserName, user, exercise, repositoryAction, 
            AuthenticationMechanism.SSH, session.getClientAddress().toString(), localVCRepositoryUri);
    } catch (LocalVCForbiddenException e) {
        log.error("User {} does not have access to the repository {}", user.getLogin(), localVCRepositoryUri.getRelativeRepositoryPath());
        throw new AccessDeniedException("User does not have access to this repository", e);
    }
}

Then, in the resolveRootDirectory method:

authorizeUserAccess(repositoryTypeOrUserName, user, exercise, repositoryAction, session, localVCRepositoryUri);

This refactoring would improve the method's readability and maintainability.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)

Line range hint 281-293: Security Issue: Avoid Logging Passwords in Plain Text

In the authenticateUser method, logging the password in plain text poses a significant security risk. Sensitive information like passwords should never be logged, even during failed login attempts, as this could lead to credential exposure if logs are accessed by unauthorized parties.

Apply the following change to remove the password from the log message:

if (!StringUtils.isEmpty(password)) {
-    log.warn("Failed login attempt for user {} with password {} due to issue: {}", username, password, e.getMessage());
+    log.warn("Failed login attempt for user {} due to issue: {}", username, e.getMessage());
}

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between 1c848b6 and 055e470.

📒 Files selected for processing (6)

• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (2 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (8 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (1 hunks)

🧰 Additional context used

📓 Path-based instructions (6)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/SshGitLocationResolverService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

🔇 Additional comments (6)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (2)

1-10: LGTM: Package declaration and imports are well-organized.

The package declaration is correct, and the imports are specific without using wildcard imports, adhering to the coding guidelines.

---

13-17: LGTM: Fields are well-defined and follow best practices.

The fields are correctly declared as private and final, adhering to the 'least access' principle. The naming conventions are followed, and the types seem appropriate for their purposes.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCPushFilter.java (1)

Line range hint 1-55: Overall, the change adheres to coding guidelines and maintains good practices.

The addition of the VCS access log update:

1. Maintains the Single Responsibility Principle for the LocalVCPushFilter class.
2. Doesn't introduce code duplication or complexity.
3. Follows naming conventions and coding style guidelines.
4. Uses dependency injection correctly (constructor injection for LocalVCServletService).
5. Keeps the code simple and readable (KISS principle).

The change successfully enhances the logging capabilities without negatively impacting the existing structure or violating coding guidelines.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)

13-13: LGTM: Appropriate import added for AuthenticationException

The new import for AuthenticationException is correctly placed and follows the coding guidelines by avoiding star imports.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (2)

22-26: Implementation of onBeginNegotiateRound is appropriate

The method correctly overrides onBeginNegotiateRound and appropriately logs the access via localVCServletService.updateVCSAccessLogForCloneAndPullHTTPS(request, cntOffered);, aligning with the PR objectives to enhance access logging.

---

28-36: Empty method implementations previously noted

As previously addressed, the methods onEndNegotiateRound and onSendPack are currently empty. The past review comment regarding adding TODO comments is still applicable.

[coderabbitai]

Actionable comments posted: 3

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between 055e470 and 657f8dc.

📒 Files selected for processing (1)

• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (8 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

🔇 Additional comments (3)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (3)

712-750: Good use of helper methods for code modularity

The addition of getUserFromRequest, getExerciseParticipationFromLocalVCRepositoryUri, and getExerciseParticipationFromRequest enhances code modularity and reusability by encapsulating common logic. This improves readability and maintainability.

---

762-879: Proper asynchronous logging methods added

The new asynchronous methods for updating VCS access logs (updateVCSAccessLogForCloneAndPullHTTPS, updateVCSAccessLogForPushHTTPS, and others) improve performance by offloading logging operations. Ensure that exceptions within these methods are appropriately logged since exceptions in asynchronous methods won't propagate back to the caller.

---

281-282: ⚠️ Potential issue

Update exception handling for authenticateUser

The method authenticateUser now throws AuthenticationException. Ensure that any methods invoking authenticateUser handle or declare this exception to prevent unhandled exceptions at runtime.

You can run the following script to verify proper exception handling:

#!/bin/bash
# Description: Find method calls to 'authenticateUser' without handling 'AuthenticationException'.

# Expected result: All method calls should handle or declare 'AuthenticationException'.

# Find all calls to 'authenticateUser' and display the context.
rg --type java -A 5 -B 5 'authenticateUser\('

[JohannesStoehr]

One architecture test about async is failing

[coderabbitai]

Actionable comments posted: 8

🧹 Outside diff range comments (1)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (1)

Line range hint 92-104: Prefer primitive types over wrapper classes for participationId

The parameter participationId in storeCodeEditorAccessLog is of type Long. If null values are not acceptable, consider changing it to the primitive type long to avoid unnecessary boxing and potential NullPointerException.

Apply this change:

-public void storeCodeEditorAccessLog(Repository repo, User user, Long participationId) throws GitAPIException {
+public void storeCodeEditorAccessLog(Repository repo, User user, long participationId) throws GitAPIException {

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between 657f8dc and 1dfedd1.

📒 Files selected for processing (5)

• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (2 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (9 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (4 hunks)

🧰 Additional context used

📓 Path-based instructions (5)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

🔇 Additional comments (5)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHook.java (1)

11-34: Well-implemented PreUploadHook with appropriate logging

The LocalVCFetchPreUploadHook class correctly implements the PreUploadHook interface. It uses constructor injection for dependency management, adhering to best practices outlined in the coding guidelines. The onBeginNegotiateRound method effectively updates the VCS access log, aligning with the PR objectives to enhance access logging capabilities for SSH and HTTPS git repository accesses.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchPreUploadHookSSH.java (1)

19-23: ⚠️ Potential issue

Add null checks for constructor parameters to prevent NullPointerException.

To ensure robustness, add null checks for the constructor parameters localVCServletService, serverSession, and rootDir.

Apply this diff to implement null checks:

+import java.util.Objects;

 public LocalVCFetchPreUploadHookSSH(LocalVCServletService localVCServletService, ServerSession serverSession, Path rootDir) {
+    this.localVCServletService = Objects.requireNonNull(localVCServletService, "localVCServletService must not be null");
+    this.serverSession = Objects.requireNonNull(serverSession, "serverSession must not be null");
+    this.rootDir = Objects.requireNonNull(rootDir, "rootDir must not be null");
-    this.localVCServletService = localVCServletService;
-    this.serverSession = serverSession;
-    this.rootDir = rootDir;
 }

Likely invalid or redundant comment.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCFetchFilter.java (1)

13-13: LGTM: Enhanced exception handling for authentication failures

The addition of the AuthenticationException import and the new catch block correctly handle authentication exceptions by logging failed attempts before rethrowing the exception. This improves error handling and aligns with best practices.

Also applies to: 48-52

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/VcsAccessLogService.java (2)

48-48: Handle exceptions within the asynchronous storeAccessLog method

As per previous review comments, exceptions thrown in @Async methods may not surface and could be silently ignored. Consider adding exception handling within this method to catch and log any exceptions.

---

78-83: Handle exceptions in updateRepositoryActionType method

Although updateRepositoryActionType is not annotated with @Async, it's intended to be called from an asynchronous context. Exceptions thrown within this method may not be propagated and could lead to silent failures. Consider adding exception handling to ensure any exceptions are properly logged.

[coderabbitai]

Actionable comments posted: 11

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between 1dfedd1 and 8c7260e.

📒 Files selected for processing (5)

• src/main/java/de/tum/cit/aet/artemis/programming/repository/ProgrammingExerciseStudentParticipationRepository.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/repository/SolutionProgrammingExerciseParticipationRepository.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/repository/TemplateProgrammingExerciseParticipationRepository.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/ProgrammingExerciseParticipationService.java (1 hunks)
• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (10 hunks)

🧰 Additional context used

📓 Path-based instructions (5)

src/main/java/de/tum/cit/aet/artemis/programming/repository/ProgrammingExerciseStudentParticipationRepository.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/repository/SolutionProgrammingExerciseParticipationRepository.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/repository/TemplateProgrammingExerciseParticipationRepository.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/ProgrammingExerciseParticipationService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

🔇 Additional comments (7)

src/main/java/de/tum/cit/aet/artemis/programming/repository/TemplateProgrammingExerciseParticipationRepository.java (2)

51-51: LGTM! Method adheres to coding guidelines.

The findByRepositoryUri method is well-implemented and follows the provided coding guidelines:

• Follows CamelCase naming convention
• Adheres to the single responsibility principle
• Uses the @param annotation correctly for SQL parameter mapping
• Follows the least access principle

---

51-55: Overall, excellent additions to the repository interface.

The new methods findByRepositoryUri and findByRepositoryUriElseThrow are well-implemented, adhere to coding guidelines, and enhance the repository's functionality. They provide a clean and consistent way to fetch TemplateProgrammingExerciseParticipation entities by repository URI, which aligns well with the PR's objective of improving access log handling for SSH and HTTPS git repository accesses.

These changes contribute positively to the codebase and support the goal of providing more granular logging capabilities.

src/main/java/de/tum/cit/aet/artemis/programming/repository/SolutionProgrammingExerciseParticipationRepository.java (1)

46-51: Overall, the changes look good and align with the PR objectives.

The new methods findByRepositoryUri and findByRepositoryUriElseThrow enhance the repository's functionality by allowing queries based on repository URI. This aligns well with the PR's objective of improving access logging capabilities for SSH and HTTPS git repository accesses.

The changes adhere to the coding guidelines, follow Java best practices, and integrate seamlessly with the existing codebase. The use of Optional and default methods in the interface demonstrates good design choices.

To further improve the code:

1. Consider adding an explicit JPQL query for findByRepositoryUri.
2. Specify the exception type in the findByRepositoryUriElseThrow method signature.

These minor enhancements would improve code readability and API documentation.

src/main/java/de/tum/cit/aet/artemis/programming/repository/ProgrammingExerciseStudentParticipationRepository.java (1)

85-85: LGTM: New method findByRepositoryUri added.

The new method findByRepositoryUri is a well-structured addition to the repository interface. It follows Spring Data JPA conventions, uses Optional for potentially absent results, and employs the @Param annotation correctly. This method enhances the repository's functionality by allowing retrieval of participation records based on their repository URI.

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/LocalVCServletService.java (3)

133-133: Good practice: Define a constant for 'buildjob_user'

Defining BUILD_USER_NAME as a constant enhances maintainability and reduces the risk of typographical errors across the codebase.

---

777-777: 🧹 Nitpick (assertive)

Use constant for 'Authorization' header

The string "Authorization" is hardcoded when retrieving the authorization header. For consistency and maintainability, use the existing constant AUTHORIZATION_HEADER instead.

Apply this diff:

- String authorizationHeader = request.getHeader("Authorization");
+ String authorizationHeader = request.getHeader(LocalVCServletService.AUTHORIZATION_HEADER);

Repeat this change in all methods where the authorization header is retrieved.

Likely invalid or redundant comment.

---

713-750: ⚠️ Potential issue

Consider handling potential null values in getUserFromRequest

In the getUserFromRequest method, if the Authorization header is missing, calling extractUsernameAndPassword(authorizationHeader) may throw an exception or lead to unexpected behavior.

Apply this diff to add a null check for authorizationHeader:

public User getUserFromRequest(HttpServletRequest request) throws LocalVCAuthException {
    String authorizationHeader = request.getHeader(LocalVCServletService.AUTHORIZATION_HEADER);
+   if (authorizationHeader == null) {
+       throw new LocalVCAuthException("Authorization header is missing");
+   }
    UsernameAndPassword usernameAndPassword = extractUsernameAndPassword(authorizationHeader);
    return userRepository.findOneByLogin(usernameAndPassword.username()).orElseThrow(LocalVCAuthException::new);
}

Likely invalid or redundant comment.

[github-actions]

⚠️ Unable to deploy to test servers ⚠️

The docker build needs to run through before deploying.

[magaupp]

Tested on TS1, Code Editor log READ actions, SSH and HTTPS access show CLONE, PULL and PUSH actions.

[BBesrour]

code lgtm

[iyannsch]

Code LGTM! Awesome job! Maybe you could add some in-line comments with good keywords allowing other devs to
a) find the class later on
b) understand the UploadPack, ReceivePack,..

[SimonEntholzer]

Code LGTM! Awesome job! Maybe you could add some in-line comments with good keywords allowing other devs to a) find the class later on b) understand the UploadPack, ReceivePack,..

I included links to the git documentation, that will probably help developers looking into the Artemis localVC

[magaupp]

Re-approve

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: ASSERTIVE

📥 Commits

Files that changed from the base of the PR and between f85fd21 and 82d1f30.

📒 Files selected for processing (1)

• src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java (3 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java (1)

Pattern src/main/java/**/*.java: naming:CamelCase; principles:{single_responsibility,small_methods,no_duplication}; db:{perf_queries,datetime_not_timestamp}; rest:{stateless,singleton,delegate_logic,http_only,minimal_dtos}; dtos:{java_records,no_entities,min_data,single_resp}; di:constructor_injection; kiss:simple_code; file_handling:os_indep_paths; practices:{least_access,avoid_transactions,code_reuse,static_member_ref,prefer_primitives}; sql:{param_annotation,uppercase,avoid_subqueries};java:avoid_star_imports

🔇 Additional comments (2)

src/main/java/de/tum/cit/aet/artemis/programming/service/localvc/ArtemisGitServletService.java (2)

9-9: Import statement added correctly.

The UploadPack import is necessary for implementing the upload pack functionality.

---

67-73: UploadPackFactory set correctly with custom pre-upload hook.

The implementation correctly sets the UploadPackFactory and adds the LocalVCFetchPreUploadHook to distinguish between clone and pull operations.

[simonbohnen]

Reapprove

[HawKhiem]

I tested on TS3 as test user 20. Everything works as expected! After cloning it is logged that user 20 has participated. The submissions also increment upon pushing.