Ralph Hopman created FINERACT-2568:
--------------------------------------
Summary: Remove unnecessary @Consumes annotations from GET and
DELETE endpoints
Key: FINERACT-2568
URL: https://issues.apache.org/jira/browse/FINERACT-2568
Project: Apache Fineract
Issue Type: Improvement
Reporter: Ralph Hopman
Assignee: Ralph Hopman
HTTP {{GET}} and {{DELETE}} operations typically do not accept a request body.
However, many JAX-RS API resource classes in the codebase annotate these
methods with {{{}@Consumes(\{ MediaType.APPLICATION_JSON }){}}}. This is
misleading, as it implies the endpoint expects a request body when it does not.
There are two variants of this issue:
# *Method-level:* {{@Consumes}} is placed directly on {{@GET}} or {{@DELETE}}
methods that have no body parameter. For example, the {{retrieveAll}} method in
{{SavingsProductsApiResource}} or the {{delete}} method in
{{{}UsersApiResource{}}}.
# *Class-level:* {{@Consumes}} is placed on the class, which causes it to
apply to _all_ methods — including {{@GET}} and {{@DELETE}} methods that should
not have it. For example, {{{}NotesApiResource{}}}, {{{}SearchApiResource{}}},
{{{}HookApiResource{}}}, and others.
h3. Scope
A thorough analysis of the codebase identifies approximately *138 affected
files* across all modules ({{{}fineract-provider{}}}, {{{}fineract-core{}}},
{{{}fineract-accounting{}}}, {{{}fineract-branch{}}}, {{{}fineract-charge{}}},
{{{}fineract-document{}}}, {{{}fineract-investor{}}}, {{{}fineract-loan{}}},
{{{}fineract-loan-origination{}}}, {{{}fineract-mix{}}},
{{{}fineract-progressive-loan{}}}, {{{}fineract-rates{}}},
{{{}fineract-security{}}}, {{{}fineract-tax{}}},
{{{}fineract-working-capital-loan{}}}).
h3. Proposed Changes
* Remove {{@Consumes(\{ MediaType.APPLICATION_JSON })}} from all {{@GET}}
methods (they never accept a body).
* Remove {{@Consumes(\{ MediaType.APPLICATION_JSON })}} from {{@DELETE}}
methods that do not accept a body parameter. {{@DELETE}} methods that _do_
accept a body (e.g., in {{{}DatatablesApiResource{}}},
{{{}EntityDatatableChecksApiResource{}}},
{{{}CreditBureauIntegrationApiResource{}}},
{{{}ReportMailingJobApiResource{}}}) will be left unchanged.
* For class-level {{@Consumes}} annotations on classes that contain {{@GET}}
or {{@DELETE}} methods: remove the class-level annotation and add {{@Consumes}}
to each individual {{@POST}} / {{@PUT}} method that needs it.
* Special case: {{EchoHeadersApiResource}} uses {{@Consumes(\{
MediaType.WILDCARD })}} on a {{@GET}} intentionally and will not be modified.
* Remove unused {{Consumes}} and {{MediaType}} imports where applicable.
h3. Motivation
* Improved API correctness and clarity for consumers of the REST API.
* More accurate OpenAPI / Swagger documentation generation ({{{}@Consumes{}}}
affects the generated spec).
* Aligns with JAX-RS best practices.
h3. Risk Assessment
Low. This is a metadata-only change on the JAX-RS annotations. It does not
alter any business logic, request routing, or response behavior. {{GET}} and
{{DELETE}} requests without a body were never actually consuming JSON — the
annotation was simply ignored by the runtime.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
