Here s my CODE to start with:
PersonController.java
#RequestMapping(value = "/person", method = RequestMethod.POST)
public ResponseEntity<?> addPerson(#Valid Person p, HttpServletResponse response) {
...
}
Person.java
public class Person {
#NotNull
String name;
#NotNull
int age;
String gender;
}
The requirement is: When a POST request is made to /person, I want an exception to be thrown if the user did not specify a key for the string Name in the BODY of the request. The annotation #NotNull does not do this.
Is there another annotation that I can use in Person.java to achieve this? If not, is there some validation I could do in the addPerson method to ensure that an exception is thrown if one of the mandatory parameters are not there?
Actually the #NotNull annotation does exactly what you want but unfortunately it can't do it on int type since it can't be null. In order for it to work you need to change the age to Integer and then after the spring does the binding of values if both parameters are passed and they have values the validation will pass. Otherwise if they are passed with empty value or not passed at all the value will be null and the validation will fail. Just make sure that you don't have some constructor for Person that initializes the attributes to some values.
If you don't want to change it and use an int you can add HttpServletRequest request to the method arguments and check if there is a parameter age present with:
request.getParameter('age');
If it is null then no parameter was passed at all.
Hint: It may be that you are missing some configuration and the annotation are not processed at all, something like <mvc:annotation-driven/> or #EnableWebMvc or maybe you are missing an actual validator implementation like Hibernate Validator. It is hard to tell without a sample of your configuration.
First, you need to encapsulate the fields in your domain-classes. The spring container will use these getters and setters to manipulate the object.
Then, you can add constraints to these getters and setters (Bean Validation). If you added them correctly, Spring will catch errors when using the #Valid annotation (which you did). These errors will be added to the BindingResult, and can be shown in a jsp by using the Spring form tags.
<form:errors path="field_that_was_manipulated_incorrectly" />
Related
If I have the DTO object, added as attribute model in controller. It has two business fileds, say
public class Owner {
private Long id;
private String firstName;
private String secondName;
}
in some spring form I'd like to change the first name only still using the Owner as DTO, and this form doesn't have the second name input at all. And I also don't want to place the second name to the form as hidden input for privacy reasons, for example, so I have the only input dealing with the first name in the form? Is there a way to place the DTO to the model with both first and second name and in the #PostMapping controller method still getting both first and second name in the #ModelAttribute parameter object of the method? i'm getting the second name null in this case.
If the model was added to model attribute via addAttribute("owner", owner), #SessionAttribute("owner") annotation over the #Controller-marked class together with using #ModelAttribute("owner") ownet in the controller method parameter is the decision that helps. With #SessionAttribute the data is not cleared by the form with all fields put to null values.
Explicit naming of #ModelAttribute("named_via_here") being the same as #SessionAttribute("named_via_here") is required (it may work without it, but not guaranteed)
I want to add validation on each #RequestParam in a controller method, like #NotNull for strings, #Min for integers. So I decided to have one model class with all request parameters. But now I want to map request parameters names to the fields in ModelAttribute. For instance, something like
class Model{
#Param("user-id") //is there any such way
#Min(1)
private Integer id;
}
I am not able to find any such functionality. Can someone help?
I have a post method receiving an object as parameter, in this object I have an attribute with annotations #ValidDate and #NotEmpty.
in another method I want to use the same object but I just want annotation #ValidDate on the attribute.
It's possible ?
the attribute :
#NotEmpty
#ValidDate
private String installDate;
the function :
public String findLinksByCriteria(#Valid #ModelAttribute LinkForm link, BindingResult bindingResult, Model uiModel) {
if (bindingResult.hasErrors()) {
return ViewConstants.LINK_SEARCH_VIEW;
}
Probably one of these thing with multiple solutions. You can remove the optional constraint and do it manually however if you want to keep it strictly within the context of the Bean Validation API then you can do it using validation groups.
https://docs.oracle.com/cd/E19798-01/821-1841/gkahp/index.html
Constraints may be added to one or more groups. Constraint groups are
used to create subsets of constraints, so only certain constraints
will be validated for a particular object. By default, all constraints
are included in the Default constraint group.
By using Spring's #Validated annotation rather than #Valid you can specify one or more groups of constraints to be applied for any given case.
There is a detailed example here:
http://blog.codeleak.pl/2014/08/validation-groups-in-spring-mvc.html
I have what appears to be a common problem within spring-mvc. Several of my domain object have fields that are not updatable so in my view I am not binding these fields.
For competeness sake The way these are excluded from the view is by editing the spring-roo scaffolded view setting the render attribute on the parameter to false.
As spring-mvc creates a new instance of the object rather than updating the existing object these fields are null. This means however that the object fails its validation before the control reaches the controller.
A lot of my entities will have extra fields that are not updatable in the view so I'd like to be able to come up with a generic solution rather than continually doing the same work over and over again (violating DRY).
How can one allow validation to occur in a consistent manner if fields are omitted from the view?
#RequestMapping(method = RequestMethod.PUT, produces = "text/html")
public String UserController.update(#Valid User user, BindingResult bindingResult, Model uiModel, HttpServletRequest httpServletRequest) {
if (bindingResult.hasErrors()) {
populateEditForm(uiModel, user);
return "admin/users/update";
}
uiModel.asMap().clear();
user.merge();
return "redirect:/admin/users/" + encodeUrlPathSegment(user.getId().toString(), httpServletRequest);
}
Possible Solutions:
Omit #Valid annotation from the controller.
Pros
Easy to implement.
Easy to understand.
Cons
Means changing the controller method for every update on every object.
Validation is not occuring in the same place as all of the rest of the application.
No easy way to return the binding errors back to the view (need to validate the object afterwards)
Add Custom Validator for methods that need omitted fields
Example:
#InitBinder
public void initBinder(WebDataBinder binder, HttpServletRequest request) {
if (request.getMethod().equals("PUT")) {
binder.setDisallowedFields("registrationDate", "password");
Validator validator = binder.getValidator();
Validator userUpdateValidator = new UserUpdateValidator();
binder.setValidator(userUpdateValidator);
}
}
Pros
Clear flow.
Cons
Suffers wildly from DRY problems. This means that If the domain object is altered in any way I need to revalidate.
Field validation is not the same as Hibernate validation when saving.
No tangible benefits over omitting validation and manually validating.
Would consider if?
Custom validator could delegate to standard JSR-303 validator but just omit fields.
Remove JSR-303 annotations from the domain object
Not an option this means that there is no validation on an object before saving. Worse I believe it will affect the DDL that is producted for database, removing constraints from the DB itself. Only put in here for completeness sake
Lookup domain object before validation occurs
The idea of this solution is to lookup the existing domain object before updating. Copying any not null fields to the old object from the request.
Pros
- The validation can go through the normal cycle.
- The validation doesn't need to change depending on what method you are implying.
Cons
Database access before hitting the controller has a bit of a smell.
I can't see any way to implement this.
Won't work for fields that need to be omitted during other stages of the object lifecycle. For example if adding a timestamp during creation.
I would like to know how to implement either a validator that delegates to the standard JSR-303 validator or alternatively how to lookup the object before modifying it. Or if anyone has any other possible solutions?
Either of these solutions allow for the treatment to be consistent over multiple objects.
Hopefully either would allow for added annotations such as.
#RooCreateOnly which means the domain object could be annotated as such leaving all the validation definitions in the one place.
The last option can be achieved with the #ModelAttribute annotation.
Create a method that returns your domain object and add the #ModelAttribute annotation to it. Then add the same annotation to the domain object argument of the method where you want to use that object. Spring will first load the object from the ModelAttribute method then merge it with the posted data.
Example:
#ModelAttribute("foobar")
public User fetchUser() {
return loadUser();
}
#RequestMapping(method = RequestMethod.PUT, produces = "text/html")
public String update(#ModelAttribute("foobar") #Valid User user, BindingResult bindingResult, Model uiModel, HttpServletRequest httpServletRequest) {
return etc();
}
You can use the disabled property for the input tags in your jspx file containing the form for the fields that you want to mark as read-only.
Also make sure you clear the z attribute relating the field so that Roo will ignore the tag if there is any change made to the entity later on.
Cheers!
I'm posting another answer totally unrelated to my previous one.
There is another solution: wrap your domain object into special form object that only expose the fields you want to validate.
Example:
public class UserForm {
private final User user = new User();
// User has many fields, but here we only want lastName
#NotEmpty // Or whatever validation you want
public String getLastName() {
return this.user.getLastName();
}
public void setLastName(String lastName) {
this.user.setLastName(lastName);
}
public User getUser() {
return this.user;
}
}
I have a form:
<form action="/processform">
<input name="firstname" value="john" />
<input name="lastname" value="doe" />
</form>
I have a Person object:
public class Person {
private String firstname;
private String lastname;
// ... getters & setters ...
}
I want to receive this data, perform validation on it, and post it to a datastore.
How do I write a controller to do this? I understand that I could pass the parameters in as request parameters, but I think the "proper" way to do this is somehow bind the data from the form to the Person object and then receive that Person object in the controller and call a Validate object that is configured to receive the Person object.
After much reading, this step has confounded me. Can someone show me what is needed to "bind" the data, "validate" (e.g. a validator), and "process" the data (e.g. the controller, and in particular what gets passed to it as parameters)?
Here was the answer I was looking for, I didn't understand that Spring, by default, will take all of the parameters from the form submission (such as "firstname" and "lastname") and can create the object for you by calling the setter methods of these parameters.
The controller:
#Controller
public class MyFormProcessor {
#RequestMapping("/formsubmit")
public String handleForm(#Valid Person person, BindingResult errors, Map<String,Object> model){
// ...handle form...
}
}
Spring is essentially doing the following magic before calling handleForm for this request (obviously in a more extendable way than I depict for this simple example):
Person person = new Person();
person.setFirstname( request.getParameter("firstname") );
person.setLastname( request.getParameter("lastname") );
handleForm(person, anErrorsObject, new Model());
For validation you can either create your own validator (which I won't mention anything about here), or if you include Hibernate Validator in the classpath, then you can annotate the Person class (example below) and when you add the #Valid annotation as I depicted in the example above the Hibernate validator will validate the class based on those annotations and post any errors to the error object (a BindingResult object is an extension of Springs' Errors, and for simple examples the Errors object is the interesting component).
JSR-303 validation annotated Person class (for use with the #Valid option):
public class Person {
#NotNull
#Size(min=3, max=20)
private String firstname;
#NotNull
#Size(min=3, max=20)
private String lastname;
// ... getters & setters ...
}
Spring has a complete tutorial showing every aspect that you need. It's called "Petclinic". You can check it out from:
git https://github.com/SpringSource/spring-petclinic