I have the followin situation:
My Endpoint consumes an Object A that results in the backend depending on the requesting user to Object B or C. So the problem is, that Object A has all the fields of Object B and C. As a result I want to ignore request fields for a specific user group because they are always null and are irgnored in the backend.
Is there a way to set a .ignore option for request fields so I can provide the example JSON request body when using the http-request.snippet?
Related
I have a Spring Boot application with springfox-swagger-ui. I need to:
Make Swagger UI display input field for a parameter that does not appear among the request handler params in my controller. For example, the request contains a hashCode parameter, which I verify with a HandlerInterceptorAdapter and then I don't need anymore, thus I don't list it among the request handler params. But I want to have it in Swagger UI.
Remove an input field from Swagger UI that corresponds to a parameter that I have in my request handler in my controller. For example, the request contains a userId, which I use to construct an User object with a HandlerMethodArgumentResolver and then inject it into the request handler by adding a parameter of type User. Thus I don't want Swagger UI to create User input field, but instead a userId input field.
To summarize, I need to show an input field in Swagger UI that does not correspond to any request handler parameter, and I need to hide an input field in Swagger UI that corresponds to a request handler parameter. How to do this?
I would like to use API-Gateway (plus Lambda) to realize a PetStore Restful API. One of the API entry point is and the body of the POST request needs to contain 'name'. See the PetStore definition snippet below:
/pets/
POST
definitions:
NewPet:
required:
- name
properties:
name:
type: string
tag:
type: string
Can I make API-Gateway smart enough to reject requests that does not contain the required field (in this case, 'name'), without calling the Lambda (yes, I understand I am able to check the input fields inside the Lambda function, but I wonder if I can avoid it)? -- this would save a lot of time and complexity to deal with the corner case.
This can be achieved through using request validation set in the "method request" settings.
If you want to validate the request body rather than query string you need to create a model;
APIs > {ApiName} > Models
In the sidebar.
Create your model using JSON Schema
In the API Gateway, choose to validate the request body then select your created model in the dropdown.
API Gateway config page
Given a controller which will create/update/delete/query for User:
Get /users query the list
Post /users add a new user
Get /users/1 query a single record
Delete /users/1 delete a single record
Put /users/1 update a single record
Note the last Put method to action /users/1 which means the user of identify 1 should be updated with the data in the request.
However suppose the user with identify 1 have the following properties(partially):
{username:uname,location:sg}
Now given the following requests:
PUT /user/1
username=hg
PUT /user/1
username=hg&location=
We should set the username to hg, but how do we handle the location? Should it be set null or left as it is in the database?
Generally we may use the Data binding like spring mvc in the controller:
#RequestMapping(value="/{userId}",method="PUT")
public String update(#PathVariable String userId, User user){
//merge the model, suppose the `user` contains all the properties of the user
user = entityManager.merge(user);
entityManager.persist(user);
return "user/show"
}
In this case, once the two example requests are executed, the location will set to null in the database, which may or not what the client want.
Normally, we should use the Patch to update the partial properties of the resource, however not all the framework support that method.
And what's more, even the Patch method is supported like this:
#RequestMapping(value="/{userId}",method="PATCH")
public String updatePartial(#PathVariable String userId, User user){
//just set the properties no null
User userInDB=entityManager.find(userId);
//iterator all the properties, set the property which is not null or empty to the userInDB
entityManager.persist(userInDB);
return "user/show"
}
As shown, we have to check the properties of the model, it would be tedious once the model have some deep nested beans.
What's your general practice when handling this kind of situation?
The best practice is to use mentioned PATCH method if partial (in the meaning of fields) request is being sent. Then, all the fields that are present in the request should be modified - set to null value e.g.
When it comes to PUT you should not accept partial requests - since this is not compatible with the standards. When a request is syntactically correct you should modify all the fields unless DB constraints prevents you to do so. So if a particular user can (in terms of the system) set location to null value, he/she should be allowed to do so. If it's not possible you should raise bad request exception and return 400 status code along with the message.
In Web API v2 when you supply data in the POST body that are not part of the model, they are ignored by the framework. This is fine in most cases, but I need to check this and return an error response, so the user doesn't get unexpected results (he expects these wrong parameters to do something...).
So how do I check for this? The model will be null, but when the framework has parsed the data and returned a null-model, I can no longer access the body through Request.Content. So what options are there?
One way is to derive your DTO class from DynamicObject. Check out my blog post: http://lbadri.wordpress.com/2014/01/28/detecting-extra-fields-in-asp-net-web-api-request/
Is it possible to use the Spring validation framework with Spring MVC to validate the presence and value of an HTTP request header?
To check the presence of a request header, you don't need the validation framework. Request header parameters are mandatory by default, and if a mandatory header is missing in a request, Spring MVC automatically responds with 400 Bad Request.
So the following code automatically checks the presence of the header "Header-Name"...
#PostMapping("/action")
public ResponseEntity<String> doAction(#RequestHeader("Header-Name") String headerValue) {
// ...
}
... and if the header shall be optional, the annotation would need to be replaced by:
#RequestHeader(name = "Header-Name", required = false)
To check the value of a request header, the Spring validation framework can be used. To do this, you need to
Add #Validated to the controller class. This is a workaround needed until this feature is implemented.
Add the JSR-303 annotation to the request header parameter, e.g.
#RequestHeader("Header-Name") #Pattern(regexp = "[A-Za-z]*") String headerValue
Note however that this will result in a 500 in case of an invalid header value. Check this question for how to also get the correct status code (i.e. 400) for this case.
I don't see how this would be possible, since the validation framework only operates on your domain objects, not on the HTTP request itself. Specifically, the Validator interface doesn't specify any methods that take the HttpServletRequest object, which is what you'd need to have access to in order to grab the headers and test them.
Using the validation framework feels like the wrong solution to whatever problem you're trying to solve, especially since it's hard to know how there'd be a unique HTTP request header for a given form submission. Are you looking to test for an HTTP header that should always be present in requests to your app? Then you might want to consider implementing a HandlerInterceptor, which will intercept and process all requests to pages that you've mapped in any HanderMappings. Are you looking to test for an HTTP header that should always be present in any page view of your app? Then you'd want to implement a Filter, which operates outside of the context of Spring MVC.