SCA-5460: added support for updateType in AsyncCheckPolicyComplianceR…

[MuhammadAEws]

…equest

Summary by CodeRabbit

• New Features
  • Added support for specifying an update type when performing policy compliance checks, enabling more granular control over compliance validation workflows.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR extends AsyncCheckPolicyComplianceRequest with support for an UpdateType value. A new private updateType field is added with null default, alongside a new constructor overload and public getter/setter accessors. The WssServiceClientImpl#createHttpRequest method is then updated to extract the updateType from the request and conditionally include it as an APIConstants.PARAM_UPDATE_TYPE HTTP parameter in form data when present.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly describes the main change: adding support for updateType in AsyncCheckPolicyComplianceRequest, which aligns with the actual modifications.
Docstring Coverage	✅ Passed	Docstring coverage is 83.33% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch SCA-5460

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@wss-agent-client/src/main/java/org/whitesource/agent/client/WssServiceClientImpl.java`:
- Around line 473-475: The switch currently treats CHECK_POLICY_COMPLIANCE and
ASYNC_CHECK_POLICY_COMPLIANCE the same and unconditionally casts request to
AsyncCheckPolicyComplianceRequest, causing ClassCastException; update the
WssServiceClientImpl switch to handle the two cases separately: for
ASYNC_CHECK_POLICY_COMPLIANCE cast to AsyncCheckPolicyComplianceRequest and add
the updateType NVPair (using asyncCheckPolicyComplianceRequest.getUpdateType()),
and for CHECK_POLICY_COMPLIANCE treat request as CheckPolicyComplianceRequest
(no cast to Async...) and call handleCheckPolicyReq(nvps, request) accordingly
so jsonDiff is set without invalid casts; locate the logic around
AsyncCheckPolicyComplianceRequest, CheckPolicyComplianceRequest,
handleCheckPolicyReq, CHECK_POLICY_COMPLIANCE and ASYNC_CHECK_POLICY_COMPLIANCE
and split the branches to avoid the unsafe cast.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 72516b43-d3bf-479b-aafa-41da7a8ef3cf

📥 Commits

Reviewing files that changed from the base of the PR and between 514dbf6 and bed5b36.

📒 Files selected for processing (2)

• wss-agent-api/src/main/java/org/whitesource/agent/api/dispatch/AsyncCheckPolicyComplianceRequest.java
• wss-agent-client/src/main/java/org/whitesource/agent/client/WssServiceClientImpl.java

[coderabbitai]

⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify the mixed-case branch and unsafe cast context.
rg -nP --type=java -C4 'case CHECK_POLICY_COMPLIANCE|case ASYNC_CHECK_POLICY_COMPLIANCE|\(AsyncCheckPolicyComplianceRequest\)\s*request'

Repository: whitesource/agents

Length of output: 5796

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Locate the two request classes
fd -t f 'class CheckPolicyComplianceRequest' -a . >/dev/null 2>&1 || true
fd -t f 'CheckPolicyComplianceRequest' wss-agent-client/src/main/java -e* >/dev/null 2>&1 || true
fd -t f 'AsyncCheckPolicyComplianceRequest' wss-agent-client/src/main/java -e* >/dev/null 2>&1 || true

# Show the actual class declarations (and any inheritance) for both
for f in $(rg -l --type=java 'class\s+CheckPolicyComplianceRequest\b' wss-agent-client/src/main/java || true); do
  echo "---- $f ----"
  rg -n --type=java -m1 'class\s+CheckPolicyComplianceRequest\b' "$f"
  rg -n --type=java 'extends\s+|implements\s+' "$f" || true
done

for f in $(rg -l --type=java 'class\s+AsyncCheckPolicyComplianceRequest\b' wss-agent-client/src/main/java || true); do
  echo "---- $f ----"
  rg -n --type=java -m1 'class\s+AsyncCheckPolicyComplianceRequest\b' "$f"
  rg -n --type=java 'extends\s+|implements\s+' "$f" || true
done

# Inspect handleCheckPolicyReq signature/body to see expected request type
rg -n --type=java 'handleCheckPolicyReq\s*\(' wss-agent-client/src/main/java/org/whitesource/agent/client/WssServiceClientImpl.java
rg -n --type=java 'handleCheckPolicyReq\s*\(' wss-agent-client/src/main/java/org/whitesource/agent/client -S

Repository: whitesource/agents

Length of output: 576

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Find where these request types are declared (any module)
rg -l --type=java 'class\s+CheckPolicyComplianceRequest\b' .
rg -l --type=java 'class\s+AsyncCheckPolicyComplianceRequest\b' .

# Print the declaration lines + any extends/implements on those files
for f in $(rg -l --type=java 'class\s+CheckPolicyComplianceRequest\b' .); do
  echo "---- $f : CheckPolicyComplianceRequest ----"
  rg -n --type=java -m1 'class\s+CheckPolicyComplianceRequest\b' "$f"
  rg -n --type=java -m1 '(extends|implements)\s' "$f" || true
done

for f in $(rg -l --type=java 'class\s+AsyncCheckPolicyComplianceRequest\b' .); do
  echo "---- $f : AsyncCheckPolicyComplianceRequest ----"
  rg -n --type=java -m1 'class\s+AsyncCheckPolicyComplianceRequest\b' "$f"
  rg -n --type=java -m1 '(extends|implements)\s' "$f" || true
done

# Also check whether CheckPolicyComplianceRequest is an instance of AsyncCheckPolicyComplianceRequest via inheritance:
# search for "extends AsyncCheckPolicyComplianceRequest" / "implements AsyncCheckPolicyComplianceRequest" patterns
rg -n --type=java '(extends|implements)\s+AsyncCheckPolicyComplianceRequest' . || true

Repository: whitesource/agents

Length of output: 957

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# 1) Find the switch(requestType) block inside WssServiceClientImpl
rg -n --type=java 'switch\s*\(\s*requestType\s*\)' wss-agent-client/src/main/java/org/whitesource/agent/client/WssServiceClientImpl.java
rg -n --type=java 'CHECK_POLICY_COMPLIANCE|ASYNC_CHECK_POLICY_COMPLIANCE' wss-agent-client/src/main/java/org/whitesource/agent/client/WssServiceClientImpl.java -n

# 2) Locate where requestType comes from (search for method that sets/uses requestType)
# Look for 'requestType =' assignments and the method signature that receives request + requestType.
rg -n --type=java '(requestType\s*=|private\s+.*requestType|public\s+.*requestType|enum\s+.*requestType)' wss-agent-client/src/main/java/org/whitesource/agent/client/WssServiceClientImpl.java || true

# 3) Inspect relevant methods by printing a small window around the shared cases
# We'll print around the line range for the switch branch.
sed -n '430,520p' wss-agent-client/src/main/java/org/whitesource/agent/client/WssServiceClientImpl.java | cat -n

# 4) Search for usage of CHECK_POLICY_COMPLIANCE in dispatch/other module code
rg -n --type=java '\bCHECK_POLICY_COMPLIANCE\b' . | head -n 50

Repository: whitesource/agents

Length of output: 7701

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect Request base classes for how request.type() is implemented
rg -n --type=java 'class\s+BaseRequest\b|interface\s+ServiceRequest\b|type\(\)\s*\{' -S wss-agent-api/src/main/java/org/whitesource/agent/api/dispatch || true
rg -n --type=java 'RequestType\s+type\s*\(\s*\)' -S . || true
rg -n --type=java '\btype\(\)\b' wss-agent-api/src/main/java/org/whitesource/agent/api/dispatch -S || true

# Inspect constructors / methods in the two request classes
sed -n '1,120p' wss-agent-api/src/main/java/org/whitesource/agent/api/dispatch/CheckPolicyComplianceRequest.java | cat -n
sed -n '1,160p' wss-agent-api/src/main/java/org/whitesource/agent/api/dispatch/AsyncCheckPolicyComplianceRequest.java | cat -n

rg -n --type=java '\bgetUpdateType\b|updateType' wss-agent-api/src/main/java/org/whitesource/agent/api/dispatch/CheckPolicyComplianceRequest.java
rg -n --type=java '\bgetUpdateType\b|updateType' wss-agent-api/src/main/java/org/whitesource/agent/api/dispatch/AsyncCheckPolicyComplianceRequest.java

# Re-open the exact switch case in WssServiceClientImpl for context
sed -n '420,510p' wss-agent-client/src/main/java/org/whitesource/agent/client/WssServiceClientImpl.java | cat -n

Repository: whitesource/agents

Length of output: 15899

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

sed -n '510,620p' wss-agent-client/src/main/java/org/whitesource/agent/client/WssServiceClientImpl.java | cat -n

Repository: whitesource/agents

Length of output: 5283

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

sed -n '1,220p' wss-agent-api/src/main/java/org/whitesource/agent/api/dispatch/BaseRequest.java | cat -n

Repository: whitesource/agents

Length of output: 6555

---

Split CHECK_POLICY_COMPLIANCE and ASYNC_CHECK_POLICY_COMPLIANCE to avoid ClassCastException.

WssServiceClientImpl handles both request types in the same switch block and immediately casts request to AsyncCheckPolicyComplianceRequest. For CHECK_POLICY_COMPLIANCE, callers pass CheckPolicyComplianceRequest (different class), so this cast can fail at runtime.

Proposed fix

             case CHECK_POLICY_COMPLIANCE:
+                jsonDiff = handleCheckPolicyReq(nvps, request);
+                break;
             case ASYNC_CHECK_POLICY_COMPLIANCE:
                 AsyncCheckPolicyComplianceRequest asyncCheckPolicyComplianceRequest = (AsyncCheckPolicyComplianceRequest) request;
-                if (asyncCheckPolicyComplianceRequest.getUpdateType() != null) nvps.add(new BasicNameValuePair(APIConstants.PARAM_UPDATE_TYPE, asyncCheckPolicyComplianceRequest.getUpdateType().toString()));
+                if (asyncCheckPolicyComplianceRequest.getUpdateType() != null) {
+                    nvps.add(new BasicNameValuePair(APIConstants.PARAM_UPDATE_TYPE, asyncCheckPolicyComplianceRequest.getUpdateType().toString()));
+                }
                 jsonDiff = handleCheckPolicyReq(nvps, request);
                 break;

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@wss-agent-client/src/main/java/org/whitesource/agent/client/WssServiceClientImpl.java`
around lines 473 - 475, The switch currently treats CHECK_POLICY_COMPLIANCE and
ASYNC_CHECK_POLICY_COMPLIANCE the same and unconditionally casts request to
AsyncCheckPolicyComplianceRequest, causing ClassCastException; update the
WssServiceClientImpl switch to handle the two cases separately: for
ASYNC_CHECK_POLICY_COMPLIANCE cast to AsyncCheckPolicyComplianceRequest and add
the updateType NVPair (using asyncCheckPolicyComplianceRequest.getUpdateType()),
and for CHECK_POLICY_COMPLIANCE treat request as CheckPolicyComplianceRequest
(no cast to Async...) and call handleCheckPolicyReq(nvps, request) accordingly
so jsonDiff is set without invalid casts; locate the logic around
AsyncCheckPolicyComplianceRequest, CheckPolicyComplianceRequest,
handleCheckPolicyReq, CHECK_POLICY_COMPLIANCE and ASYNC_CHECK_POLICY_COMPLIANCE
and split the branches to avoid the unsafe cast.