我正在使用mybatis来执行所有数据库操作。我也在使用Angular前端,因此客户端中的验证是使用angular-validation-ghiscoding
和本机HTML5验证进行的。我想验证bank-end中的数据,但我不想使用注释。
以下是代码示例:
@RequestMapping(value = SecureApiResources.URI_UPDATE_ACCOUNT, method = RequestMethod.POST, produces = "application/json")
public @ResponseBody Account updateAccount(
@RequestBody final AccountRequestUpdate accountRequest) { // Object to be validated (accountRequest)
Account account = accountMapper.getAccountOfMerchant(authContextHolder.getMerchantId(), authContextHolder.getDefaultAccountId());
if (account == null) {
HttpErrors httpErrors = new HttpErrors(
SecureApiResources.ERROR_ACCOUNTS_NOT_FOUND);
throw new EntityNotFoundException(httpErrors);
}
int resultUpdate;
try {
// In this point I should validate the accountRequest object
account.setAccountName(accountRequest.getAccountName());
account.setCommercialName(accountRequest.getCommerciaName());
account.setCountry(accountRequest.getCountry());
account.setCity(accountRequest.getCity());
resultUpdate = accountMapper.updateMerchant(account);
if (resultUpdate == 0) {
HttpErrors httpErrors = new HttpErrors(
SecureApiResources.ERROR_ACCOUNTS_NOT_FOUND);
throw new EntityNotFoundException(httpErrors);
}
} catch (Exception e) {
HttpErrors httpErrors = new HttpErrors(
SecureApiResources.ERROR_SQL_NOT_EXECUTE);
throw new EntityNotFoundException(httpErrors);
}
return account;
}
在同一个班级,我有一个方法来创建一个帐户,然后我收到另一个模型对象(AccountRequestCreate accountRequest
)。
如果没有xml既没有注释,哪个可能是最推荐的选项?
答案 0 :(得分:3)
最推荐的方法是使用@Valid
或@Validated
注释,但由于您对此不完全正常,您可以Autowire
javax.validation.Validator
进入您的控制器并手动执行验证:
@Controller
public class SomeController {
@Autowired private Validator validator;
@RequestMapping(...)
public ResponseEntity<?> someHandler(@RequestBody SomeBody body) {
Set<ConstraintViolation<SomeBody>> violations = validator.validate(body);
if (!violations.isEmpty()) {
List<String> messages = violations
.stream()
.map(ConstraintViolation::getMessage)
.collect(Collectors.toList());
return ResponseEntity.badRequest().body(messages);
}
// the rest of controller
}
}
使用这种方法,您将在所有其他控制器中重复验证逻辑,这不是一个好主意。您也违反了DRY
原则。
正如我所说,使用@Valid
或@Validated
为您的bean添加注释更好:
@RequestMapping(...)
public ResponseEntity<?> someHandler(@RequestBody @Valid SomeBody body) { ... }
如果传递的bean违反了至少一个验证规则,则会抛出MethodArgumentNotValidException
。为了处理该异常,您可以编写一个ControllerAdvice
来捕获异常并返回一个合适的HTTP响应,比如400 Bad Request
:
@ControllerAdvice
public class ValidationAdvice {
@ExceptionHandler(MethodArgumentNotValidException.class)
public ResponseEntity<?> handleValidationError(MethodArgumentNotValidException ex) {
List<String> validationErrors = ex.getBindingResult()
.getAllErrors()
.stream()
.map(ObjectError::getDefaultMessage)
.collect(Collectors.toList());
return ResponseEntity.badRequest().body(validatioErrors);
}
}