I got the following test entity:
public class Test {
public String id;
public String name;
}
My test resource looks like this:
#Path("test")
#Consumes(MediaType.APPLICATION_JSON)
#Produces(MediaType.APPLICATION_JSON)
public class TestResource {
#Path("{id}")
#POST
public Test test(#Valid Test test){
return test;
}
}
If I do a POST with name as request body, I will end up with an entity which has a name but no id set. If I want to have set the id, I define a #PathParam("id") String id and then set the id with test.id = id. That is what I am using right now.
In this case, if I put a #NotNull constraint to the ID, the validation fails.
How can I 'put' the parsed ID to the request body, before the validation is happening? Ideal, not manually in any case.
You should remove the #NotNull annotation and ensure that no ID is given from the POST request. And in your GET endpoints ensure that the field is not null, probably with an own annotation. I did this with my own annotation #TestIdNull(false).
In your code you would place the annotation like this:
#Path("{id}")
#POST
public Test test(#TestIdNull(true) Test test){
return test;
}
while the annotation interface looks quite simple:
#Target({ElementType.PARAMETER,ElementType.TYPE_USE})
#Retention(RetentionPolicy.RUNTIME)
#Documented
#Constraint(validatedBy = PetIdNullValidator.class)
public #interface TestIdNull {
String message() default "Post request. ID value forbidden.";
boolean value() default true;
Class<?>[] groups() default {};
Class<? extends Payload>[] payload() default {};
}
and the implementation would be
#Provider
#NoArgsConstructor
public class TestIdNullValidator implements ConstraintValidator<TestIdNull, Test> {
private boolean switchNullCheck;
/**
* {#inheritDoc}
*/
#Override
public void initialize(final TestIdNull constraintAnnotation) {
switchNullCheck = constraintAnnotation.value();
}
/**
* {#inheritDoc}
*/
#Override
public boolean isValid(final Test test, final ConstraintValidatorContext context) {
if (null == test) {
return true;
}
context.disableDefaultConstraintViolation();
context.buildConstraintViolationWithTemplate("ENTER YOUR MESSAGE HERE").addConstraintViolation();
return switchNullCheck ? test.id() == null : test.id() != null;
}
}
On your "way back" (the GET methods) you must ensure the ID is not null with placing the annotation to your DTO. Code could look like this:
#TestIdNull(false)
final Test test = mapper.map(entity, Test.class);
I know it's not a very elegant way but your idea placing the ID in a POST first and then validate is not possible I'm afraid.
Related
Rest Controller:
#RequestMapping(value = "/admin/rest/new-subscriptions")
public List<NewSubscriptionDTO> getNewSubscriptions() {
NewSubscriptionDTO dto = new NewSubscriptionDTO();
dto.setId("54");
dto.setName("John Doe");
return Arrays.asList(dto);
}
NewSubscriptionDTO:
package dermatica.web.admin.rx;
import com.fasterxml.jackson.annotation.JsonProperty;
import org.joda.time.DateTime;
import java.io.Serializable;
public class NewSubscriptionDTO implements Serializable {
private String id;
private String name;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}
I get the following exception:
no properties discovered to create BeanSerializer (to avoid exception,
disable SerializationFeature.FAIL_ON_EMPTY_BEANS)
If I annotate the fields with #JsonProperty it work fine.
Is there a way for the serialization to work automatically without needing this annotation?
#JsonProperty auto-generates a getter/setter that Jackson uses to read/write to the fields during serialization/deserialization. Here are some alternative approaches:
Provide your own public getters/setters for all fields
Make the fields public, generally frowned upon, but if you're creating a simple DTO, that may be acceptable.
Setting ObjectMapper Visibility for FIELD to ANY (see here)
Disable the FAIL_ON_EMPTY_BEANS exception (see here)
Given that your DTO class has getters and setters, this should work without #JsonProperty. I wasn't able to reproduce the exact error message you showed, but here are some suggestions that may help:
[Controller] Explicitly specify the method type as GET, either using method = GET or #GetMapping - not necessary, but it's good to be explicit
[Controller] Make sure you annotate the controller class with #RestController, indicating the response is serialized to JSON and wrapped in an HttpResponse object.
[DTO] You don't need to extend Serializable (see here).
The final controller would look like this:
#RestController
public class MyController {
#GetMapping(value = "/admin/rest/new-subscriptions")
public List<MyDTO> getDTO() {
MyDTO dto = new MyDTO();
dto.setId("54");
dto.setName("John Doe");
return Collections.singletonList(dto);
}
}
Response:
[{"id":"54","name":"John Doe"}]
I am writing an integration test for a java component that calls some local service (in port 8888). I am able to intercept the call by passing the port as an argument to the MockWebServer, like this:
MockWebServer server= new MockWebServer();
server.start(8888);
server.enqueue(new MockResponse().setBody("{ \"score\": \"1.0\", \"match\": true, \"id\":\"faq.faq8\"}")
.addHeader("Content-Type", "application/json"));
Now the actual call is something like this:
ResponseEntity<Response> responseEntity = restTemplate.exchange(url.toUriString(), HttpMethod.POST,
requestEntity, Response.class);
And the response class looks like this:
public static class Response implements Serializable {
/* Serial UUID. */
private static final long serialVersionUID = -7548720302478842018L;
private boolean match;
private float score;
private String id;
public boolean isMatch() {
return match;
}
public float getScore() {
return score;
}
public String getId() {
return id;
}
}
I can make the response score and match fields to be whatever I want, but the id field is always null. I honestly have no idea why.
Problem: We are upgrading from a legacy system, so solutions are constrained. I am trying to route to an unauthorized controller if a specific query string is present. If it is not present, the user is routed to the authorized controller. This is on ASP.Net Core 2.1.
Is it possible to set the controller to route based on query string? I've tried
[/home/[action]?query={query}] -> Leads to runtime error due to '?'
[/home/[action]/{query}] - > maps to /home/index/1 (not what I need)
Thanks for any help!
Edit: Alternatively, is it possible to have a separate controller Action that depends on the query parameter?
public IActionResult Index(){}
public IActionResult Index([FromQuery]string query){}
Routing doesn't seem to distinguish between these two.
You can use IActionConstraint and IParameterModelConvention interfaces for that. In short, create an IActionConstraint like this:
public class RequiredFromQueryActionConstraint : IActionConstraint
{
private readonly string _parameter;
public RequiredFromQueryActionConstraint(string parameter)
{
_parameter = parameter;
}
public int Order => 999;
public bool Accept(ActionConstraintContext context)
{
if (!context.RouteContext.HttpContext.Request.Query.ContainsKey(_parameter))
{
return false;
}
return true;
}
}
If a matching parameter is not found on the request's query string, then it will return false from the Accept method.
Than create RequiredFromQueryAttribute class like this:
public class RequiredFromQueryAttribute : FromQueryAttribute, IParameterModelConvention
{
public void Apply(ParameterModel parameter)
{
if (parameter.Action.Selectors != null && parameter.Action.Selectors.Any())
{
parameter.Action.Selectors.Last().ActionConstraints.Add(new RequiredFromQueryActionConstraint(parameter.BindingInfo?.BinderModelName ?? parameter.ParameterName));
}
}
}
Than you could decorate your mandatory query string parameters with this attribute:
[Route("api/[controller]")]
public class ValuesController : Controller
{
[HttpGet("{id}")]
public string Get(int id, [RequiredFromQuery]string foo, [RequiredFromQuery]string bar)
{
return id + " " + foo + " " + bar;
}
}
From now than, only the following URL GET api/values/5?foo=a&bar=b would lead into the action above, all other combinations of parameters would result in response with status 404, which you can eventually replace with what you want.
You can find more info at this link https://www.strathweb.com/2016/09/required-query-string-parameters-in-asp-net-core-mvc/
I have a simple web controller to return an User entity.
This entity has a property nonEditableProperty that cannot be updated.
It's works fine on the web controller, the nonEditableProperty value is listed but on the UserControllerTest it doesn't work and the returned value is always null.
The annotation #JsonProperty(access = JsonProperty.Access.READ_ONLY) seems to be ignored during the test serialization.
Does anyone have any clue for this issue?
Should I load some Jackson configuration for the tests?
#Getter
#Entity
class User implements Serializable {
#Id
#GeneratedValue(strategy = GenerationType.AUTO)
private Integer id;
private String name;
#JsonProperty(access = JsonProperty.Access.READ_ONLY)
private String nonEditableProperty;
User() {
}
public User(String name, String nonEditableProperty) {
this.name = name;
this.nonEditableProperty = nonEditableProperty;
}
}
#RestController
#AllArgsConstructor
#RequestMapping("users")
public class UserController {
private final UserRepository userRepository;
#GetMapping
public Collection<User> getAllUsers() {
return (Collection<User>) userRepository.findAll();
}
#GetMapping(path = "/{id}")
public User getUser(#PathVariable Integer id) {
return userRepository.findOne(id);
}
}
#RunWith(SpringRunner.class)
#SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
public class UserControllerTest {
#Autowired
TestRestTemplate testRestTemplate;
#Test
public void getUserShouldReturnData() {
ResponseEntity<User> response = testRestTemplate.getForEntity("/users/{id}", User.class, 1);
assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);
assertThat(response.getBody().getName()).isEqualTo("Muhammed SuiƧmez");
assertThat(response.getBody().getNonEditableProperty()).isEqualTo("Non editable property");
}
}
testRestTemplate.getForEntity(URI url, Class<T> responseType) Fetches the api response by hitting url and then converts response to the type given by responseType
Though the API response fetched by hitting URL received the nonEditableProperty value (parse inputMessage.getBody here), While deserializing it to responseType the value was lost, because of READ_ONLY Jackson property.
I am trying to restrict which properties from a JSON object are deserialised using Jackson JSONViews. The aim is to use this to prevent consumers of my API from submitting data that they shouldn't.
The problem is, I have either misunderstood JSONViews or I am doing something wrong. See below.
I started trying to do this in Spring but have noticed that even the simple test below doesn't work.
Account Class
public class Account {
#Id
private String id;
private String name;
private List<String> items;
private List<User> users;
#JsonView(AccountViews.Private.class)
public void setId(String id) {
this.id = id;
}
#JsonView(AccountViews.Public.class)
public void setName(String name) {
this.name = name;
}
#JsonView(AccountViews.Public.class)
public void setItems(List<String> items) {
this.items = items;
}
#JsonView(AccountViews.Private.class)
public void setUsers(List<User> users) {
this.users = users;
}
}
Views
public class AccountViews {
public interface Public {}
public interface Private extends Public {}
}
Test
#Test
public void testDeserialization(){
ObjectMapper mapper = new ObjectMapper();
mapper.disable(MapperFeature.DEFAULT_VIEW_INCLUSION);
Account account = mapper.readerWithView(AccountViews.Public.class).forType(Account.class).readValue("{ \"name\": \"account1\", \"items\": [\"item1\"], \"users\": [ { \"firstname\": \"user1_firstname\", \"lastname\": \"user1_lastname\" }] }");
assertEquals(account.getName(), "account1");
assertNull(account.getUsers());
}
Unforunately, the 2nd assertion fails because Users has a user object inside.
Basically, even though "users" is a property of Account, I don't want the value to be deserialized because I have used the JSONView (AccountViews.Public.class). However, whatever I try it always seems to be deserialized and is present on the account object.
Any help much appreciated.
Error
`java.lang.AssertionError: expected null, but was:<[User#609db43b]>
at org.junit.Assert.fail(Assert.java:88)
at org.junit.Assert.failNotNull(Assert.java:755)
at org.junit.Assert.assertNull(Assert.java:737)
at org.junit.Assert.assertNull(Assert.java:747)
at`