How to catch duplicate column value exception in Spring - spring

I have written my DAO layer and service layer for my database using Spring.
In some of the tables we have unique constraints for some columns. If we try to insert the duplicate values for those columns, how do we catch those exceptions specifically based on the column name? Basically I need to know which column caused the query failure.

DAO operations which violate a unique key will throw a DataIntegrityViolationException. However, you won't easily be able to extract the specific column name from this, it's just not that detailed.
If you need this information, you should consider querying the database before you run the insert/update, checking that the constraint won't be violated. If that check fails, then you have your information.

Related

Validating restrictions in Hibernate EntityListener

I would like to make complex validations when save or update an Entity.
For example I'd like to check is one of the entity's property is unique, but trough complex conditions I can't declare in unique constraints.
I use #PrePersist for new entities, and #Pre/PostUpdate for existing ones. #PrePersist works well in all cases, but different errors occurred while updating existing entities.
If I inject my CRUD service into listener, and check is there any existing records based on property value I get stack overflow exception - I think because every time I call CRUD service find method Hibernate tries to update the entity before run query, and the causes SO-.
It is not a good practice to user CRUD service in EntityListener?
The other problem I don't know how to solve, if value cannot be persisted, I'd like to throw custom exception to inform the frontend about it.
If I call saveAndFlush() just my exception is thrown. But If I use just save() a TransactionSystemException is also thrown after my custom exception and that TransactionSystemException will be populated to frontend instead of my exception.
org.springframework.transaction.TransactionSystemException: Could not commit JPA transaction; nested exception is javax.persistence.RollbackException: Error while committing the transaction
How can I prevent RollbackException?
Is it a good idea at all to check these restrictions in EntityListener? My goal is to implement a layer where these restrictions automatically validated.
I would like to make complex validations when save or update an Entity. For example I'd like to check is one of the entity's property is unique, but trough complex conditions I can't declare in unique constraints.
You should probably use database that has support for this then because you will have a hard time getting this right and fast without that. PostgreSQL allows you to specify partial unique indexes, which essentially are unique constraints for a subset of the data. You can do e.g. create unique index abc on tbl (tenant_id, some_code) where deleted = false
If this doesn't work for you, you will probably have to use the SERIALIZABLE isolation level to ensure correctness, or use some kind of global lock.

Validate data cannot be deleted if referenced by other table

I create REST API application using Spring & JPA using Spring Boot.
I've Employee table which referenced by many tables like Family, ID Card, etc (more than 5 tables) and implement soft delete (set mark_for_delete = true)
I want add validation if employee data still referenced by other table, i want throw exception that said "can not delete employee"
What is the best way to do this validation?
Thanks
You could use a table that stores the number of references that has an Employee.
Anytime you insert or update the Family, ID Card, etc you should update this. To make the validation just verify the number of references is 0.
Doing that way you can add more tables if necessary without change the validation code.

What is the proper way to catch and handle ORA-00001 SQLException with JDBC?

I'm creating a simple form that stores entered data in an extremely simple Oracle database table via a Java Servlet using JDBC. That table is using the email address as a primary key. If a user submits a form multiple times with the same email address, the execute function fails and throws a SQLException. The exception's string is the following:
java.sql.SQLException: ORA-00001: unique constraint (...removed...) violated
In this scenario, I would like to catch this exception and deal with it by telling the user that the form cannot be submitted multiple times with the same email address. What is the proper way to handle ORA-00001 separately and differently from any of the other SQLExceptions that can be thrown by execute? A string compare could obviously work here, but that seems like a poor solution.
If you don't need to be DBMS independent use SQLException.getErrorCode()
It returns the vendor specific numeric error code. For ORA-0001 this would be 1

Force Hibernate to issue DELETEs prior to INSERTs to avoid unique constraint violations?

Background: http://jeffkemponoracle.com/2011/03/11/handling-unique-constraint-violations-by-hibernate
Our table is:
BOND_PAYMENTS (BOND_PAYMENT_ID, BOND_NUMBER, PAYMENT_ID)
There is a Primary key constraint on BOND_PAYMENT_ID, and a Unique constraint on (BOND_NUMBER, PAYMENT_ID).
The application uses Hibernate, and allows a user to view all the Payments linked to a particular Bond; and it allows them to create new links, and delete existing links. Once they’ve made all their desired changes on the page, they hit “Save”, and Hibernate does its magic to run the required SQL on the database. Apparently, Hibernate works out which records need to be deleted, which need to be inserted, and leaves the rest untouched. Unfortunately, it does the INSERTs first, then it does the DELETEs.
If the user deletes a link to a payment, then changes their mind and re-inserts a link to the same payment, Hibernate quite happily tries to insert it then delete it. Since these inserts/deletes are running as separate SQL statements, Oracle validates the constraint immediately on the first insert and issues ORA-00001 unique constraint violated.
We know of only two options:
Make the constraint deferrable
Remove the unique constraint
Option 2 is not very palatable, because the constraint provides excellent protection from nasty application bugs that might allow inconsistent data to be saved. We went with option 1.
ALTER TABLE bond_payments ADD
CONSTRAINT bond_payment_uk UNIQUE (bond_number, payment_id)
DEFERRABLE INITIALLY DEFERRED;
The downside is that the index created to police this constraint is now a non-unique index, so may be somewhat less efficient for queries. We have decided this is not as great a detriment for this particular case. Another downside (advised by Gary) is that it may suffer from a particular Oracle bug - although I believe we will be immune (at least, mostly) due to the way the application works.
Are there any other options we should consider?
From the problem you described, it's not clear if you have an entity BondPayment or if you have a Bond linked directly to a Payment. For now, I suppose you have the link between Payment and Bond through BondPayment. In this case, Hibernate is doing the right thing, and you'll need to add some logic in your app to retrieve the link and remove it (or change it). Something like this:
bond.getBondPayment().setPayment(newPayment);
You are probably doing something like this:
BondPayment bondPayment = new BondPayment();
bondPayment.setPayment(newPayment);
bondPayment.setBond(bond);
bond.setBondPayment(bondPayment);
In the first case, the BondPayment.id is kept, and you are just changing the payment for it. In the second case, it's a brand new BondPayment, and it will conflict with an existing record in the database.
I said that Hibernate is doing the right thing because it threats BondPayment as a "regular" entity, whose lifecycle is defined by your app. It's the same as having a User with a unique constraint on login, and you are trying to insert a second record with a duplicate login. Hibernate will accept (it doesn't knows if the login exists in the database) and your database will refuse.

Oracle Row Level Security in multi-tenant app / default values for new records

Task
Retrofit an existing application to use a multi-tenant approach. It shall be possible to create tenants and each user's session should reference exactly one active tenant. Each tenant should only be able to see and update his partition of the database schema.
Approach
Create an Oracle application context that contains the tenant id
Add a tenant id column to any table that should be scoped
Create a predicate function that returns "tenant_id = sys_context('tenant_context', 'tenant_id')" for SELECT, INSERT, UPDATE and delete
Add an appropiate policy via dbms_rls to register the predicate function
This works like a charm without touching the existing application for SELECT, UPDATE and DELETE
Question
When inserting the tenant_id column doesn't get set and a security exception comes up. Is there any way that is as sleek as the predicate function to always set security related fields? I'd rather not add triggers to 300+ tables.
Sometimes asking a question provides the answer. I wasn't aware that you may use non-constant expressions in column's default values, so
alter table XXX
add column tenant_id default sys_context('tenant_context', 'tenant_id');
actually solves my problem.

Resources