拒绝 POST/PUT 请求,如果 RequestBody 中存在任何未知字段。

huangapple go评论76阅读模式
英文:

Need to Reject POST/PUT request if any unknown field is present in RequestBody

问题

@Valid 检查对应字段是否有效。是否有办法在POST/PUT请求的JSON请求体中存在未知字段时拒绝请求?以下是我的示例DTO类和控制器。
对于下面的示例请求体(例如),请求应该被拒绝/抛出异常。
任何帮助或建议将不胜感激。

{
   "accountid" : "P12345",
   "name" : "Cardiology",
   "domain" : "Apollo"
}
public class Account {
    @NotEmpty(message = "accountid is required")
    private String accountid;
    
    @NotEmpty(message = "name is required")
    private String name;
    
    // getters & setters
}
public class BeanController {
    @PostMapping(path = "/accounts")
    public ResponseEntity<?> getAllAccounts(@RequestBody @Valid Account account) {
        System.out.println("::: Account is " + account + " :::");
        return ResponseEntity.ok().body("SUCCESS");
    }
}
英文:

@Valid check is working for respective fields. Is there any way to reject requests if any unknown fields are present in JSON requestbody of POST/PUT requests.Below is my sample DTO class and controller.
For below sample request body (for example), the request should be rejected/throw exception.
Any help or suggestion would be appreciated.

{
&quot;accountid&quot; : &quot;P12345&quot;,
&quot;name&quot; : &quot;Cardiology&quot;,
&quot;domain&quot; : &quot;Apollo&quot;
}

public class Account {

	@NotEmpty(message = &quot;accountid is required&quot;)
	private String accountid;

	@NotEmpty(message = &quot;name is required&quot;)
	private String name;

   //getters &amp; setters

}

**********************************************************************************************

public class BeanController {

	@PostMapping(path = &quot;/accounts&quot;)
	public ResponseEntity&lt;?&gt; getAllAccounts(@RequestBody @Valid Account account) {

		System.out.println(&quot;::: Account is &quot; + account + &quot; :::&quot;);

		return ResponseEntity.ok().body(&quot;SUCCESS&quot;);

	}
}

答案1

得分: 6

你可以通过使用 @JsonIgnoreProperties 来实现。

@JsonIgnoreProperties(ignoreUnknown = false)
public class Account {

    @NotEmpty(message = "accountid is required")
    private String accountid;

    @NotEmpty(message = "name is required")
    private String name;

   //getters & setters

}

application.yml 中添加以下属性以在最新版本的 spring-boot 中工作。

spring:
  jackson:
    deserialization:
      fail-on-unknown-properties: true
英文:

You can do it by using @JsonIgnoreProperties.

@JsonIgnoreProperties(ignoreUnknown = false)
public class Account {

    @NotEmpty(message = &quot;accountid is required&quot;)
    private String accountid;

    @NotEmpty(message = &quot;name is required&quot;)
    private String name;

   //getters &amp; setters

}

Add below properties in application.yml to working in spring-boot latest version.

spring:
  jackson:
    deserialization:
      fail-on-unknown-properties: true

huangapple
  • 本文由 发表于 2020年4月8日 18:30:59
  • 转载请务必保留本文链接:https://go.coder-hub.com/61098562.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定