Skip to content

fix: Publishing Push Job Management API - 10 issues resolved - #34862#34874

Merged
hassandotcms merged 7 commits intomainfrom
claude/issue-34862-20260304-1534
Mar 13, 2026
Merged

fix: Publishing Push Job Management API - 10 issues resolved - #34862#34874
hassandotcms merged 7 commits intomainfrom
claude/issue-34862-20260304-1534

Conversation

@hassandotcms
Copy link
Contributor

@hassandotcms hassandotcms commented Mar 5, 2026

This PR addresses all 10 issues identified in the Publishing Push publishing job management REST endpoints:

HIGH Priority Fixes:

  1. DELETE /{bundleId} now returns 404 for non-existent bundles
  2. POST /push/{bundleId} validates date format before bundle lookup
  3. Added machine-readable enums for status query parameters

MEDIUM Priority Fixes:
4. Added allowableValues for deliveryStrategy parameter
5. Documented operation case-insensitivity vs deliveryStrategy case-sensitivity
6. Added date-time format and timezone requirements for date fields
7. Exposed filterKey in response views for API reproducibility

LOW Priority Fixes:
8. Documented purge async behavior and WebSocket notifications for API clients
9. Fixed bundleId examples to use correct ULID format
10. Added port range validation pattern for EndpointDetailView.port

Additional Security & Validation Improvements:

  • Added bundleId format validation to prevent XSS attacks
  • Fixed pagination validation to return 400 instead of silent clamping
  • Enhanced OpenAPI documentation with proper schema constraints

Resolves #34862

Generated with Claude Code

@claude @fmontes
fix: Publishing Push Job Management API - 10 issues resolved
abb21e9 
This commit addresses all 10 issues identified in the Publishing Push publishing job management REST endpoints:

**HIGH Priority Fixes:**
1. DELETE /{bundleId} now returns 404 for non-existent bundles
2. POST /push/{bundleId} validates date format before bundle lookup
3. Added machine-readable enums for status query parameters

**MEDIUM Priority Fixes:**
4. Added allowableValues for deliveryStrategy parameter
5. Documented operation case-insensitivity vs deliveryStrategy case-sensitivity
6. Added date-time format and timezone requirements for date fields
7. Exposed filterKey in response views for API reproducibility

**LOW Priority Fixes:**
8. Documented purge async behavior and WebSocket notifications for API clients
9. Fixed bundleId examples to use correct ULID format
10. Added port range validation pattern for EndpointDetailView.port

**Additional Security & Validation Improvements:**
- Added bundleId format validation to prevent XSS attacks
- Fixed pagination validation to return 400 instead of silent clamping
- Enhanced OpenAPI documentation with proper schema constraints

Resolves #34862

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-authored-by: Freddy Montes <fmontes@users.noreply.github.com>
@github-actions github-actions bot mentioned this pull request Mar 5, 2026
Open
4 tasks
@github-actions github-actions bot added the Area : Backend PR changes Java/Maven backend code label Mar 5, 2026
hassandotcms and others added 4 commits March 5, 2026 21:49
@hassandotcms @claude
fix: address review issues in Publishing API fixes
3952b14 
- Restore dual-check (bundle + audit table) for DELETE endpoint to
  prevent orphaned audit records from becoming undeletable
- Add DeliveryStrategyDeserializer to return clean error messages
  for invalid deliveryStrategy values without exposing Java class names
- Cache parsed dates in push endpoint to avoid redundant double parsing
- Update 3 pagination tests to expect 400 errors instead of clamping

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@hassandotcms @claude
chore: update openapi.yaml after build
61ad871 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@hassandotcms
Merge branch 'main' of https://github.com/dotCMS/core into claude/iss…
0c15433 
…ue-34862-20260304-1534
@hassandotcms
Merge branch 'main' of https://github.com/dotCMS/core into claude/iss…
ae07457 
…ue-34862-20260304-1534
@hassandotcms hassandotcms marked this pull request as ready for review March 10, 2026 13:05
@hassandotcms hassandotcms changed the title fix: Publishing Push Job Management API - 10 issues resolved fix: Publishing Push Job Management API - 10 issues resolved - #34862 Mar 13, 2026
@hassandotcms
fix: address PR review feedback - extract bundleId validation and com…
f43b4a6 
…piled Pattern

- Extract repeated bundleId validation into reusable validateBundleId() method
- Replace String.matches() with compiled static Pattern constant (BUNDLE_ID_PATTERN)
- Add default case to date-parsing switch for defensive consistency
@hassandotcms
Merge branch 'main' of https://github.com/dotCMS/core into claude/iss…
f0d9dee 
…ue-34862-20260304-1534
@hassandotcms hassandotcms added this pull request to the merge queue Mar 13, 2026
Merged via the queue into main with commit 5fce075 Mar 13, 2026
52 checks passed
@hassandotcms hassandotcms deleted the claude/issue-34862-20260304-1534 branch March 13, 2026 18:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fabrizzio-dotCMS fabrizzio-dotCMS fabrizzio-dotCMS approved these changes

@dario-daza dario-daza dario-daza approved these changes

@erickgonzalez erickgonzalez Awaiting requested review from erickgonzalez

@ihoffmann-dot ihoffmann-dot Awaiting requested review from ihoffmann-dot

Assignees

No one assigned

Labels

Area : Backend PR changes Java/Maven backend code

Projects

dotCMS - Product Planning
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

bug: Push Publishing Job Management API — 4 issues in error handling and input validation

5 participants

@hassandotcms @erickgonzalez @fabrizzio-dotCMS @dario-daza @ihoffmann-dot