[英]passing two domain objects in one json in grails jax rs
I am using jaxrs:0.10 and I have default generated resources for a domain OrderDetails
. 我正在使用jaxrs:0.10,并且已经为域OrderDetails
默认生成了资源。 And the client will POST
json which will contain domain OrderDetails
object as well as other two parameters userName
and password
, so that only authenticated users consume the resource. 客户端将发布POST
json,其中将包含域OrderDetails
对象以及其他两个参数userName
和password
,以便只有经过身份验证的用户才能使用该资源。 I can simply save to database for domain OrderDetails
only without authentation(iethe JSON is same as the domain.) by posting a JSON but by adding the other two parameters for authentication is a bit different thing. 通过发布JSON,但通过添加其他两个用于身份验证的参数,我可以简单地仅将域OrderDetails
保存到数据库中而无需身份验证(即JSON与域相同)。 How to accomplish this task, my need is : 如何完成这项任务,我的需要是:
1)The client posts the json with userName,password and OrderDetails
object. 1)客户端使用用户名,密码和OrderDetails
对象发布json。 2)I need to authenticate the user credentials for OrderDetails
object to save to the database. 2)我需要验证OrderDetails
对象的用户凭据才能保存到数据库。
For time being user credentials will the static. 暂时的用户凭据将是静态的。
My code for domain OrderDetails
is : 我对域OrderDetails
代码是:
class OrderDetails {
Date orderDate
Long orderNumber
Float subTotal
Float shipping
Float discount
Float netTotalPaid
boolean creditApplied
Long transactionId
String specialInstruction
DeliveryStatus deliveryStatus
Long memberId
String localOffice
static constraints = {
orderDate nullable: true
orderNumber nullable: true
subTotal nullable: true
shipping nullable: true
discount nullable: true
netTotalPaid nullable: true
creditApplied nullable: true
transactionId nullable: true
specialInstruction nullable: true
deliveryStatus nullable: true
memberId nullable: true
localOffice nullable: true
}
}
And the generated Resources are : 生成的资源是:
@Path('/api/v1/orderDetails')
@Consumes(['application/json'])
@Produces(['application/json'])
class OrderDetailsCollectionResource {
def orderDetailsResourceService
@POST
Response create(OrderDetails dto) {
created orderDetailsResourceService.create(dto)
}
@GET
Response readAll() {
ok orderDetailsResourceService.readAll()
}
@Path('/{id}')
OrderDetailsResource getResource(@PathParam('id') Long id) {
new OrderDetailsResource(orderDetailsResourceService: orderDetailsResourceService, id:id)
}
}
And : 和:
@Consumes(['application/json'])
@Produces(['application/json'])
class OrderDetailsResource {
def orderDetailsResourceService
def id
@GET
Response read() {
ok orderDetailsResourceService.read(id)
}
@PUT
Response update(OrderDetails dto) {
dto.id = id
ok orderDetailsResourceService.update(dto)
}
@DELETE
void delete() {
orderDetailsResourceService.delete(id)
}
}
Your wrapper: 您的包装器:
class AuthOrder {
OrderDetails orderDetails;
Token userToken;
Password password;
}
Now you expect an AuthOrder-Json-Object instead of an OrderDetails. 现在,您期望使用AuthOrder-Json-Object而不是OrderDetails。 In your GET/PUT/DELETE-Operations you read the user and password and check if it is allowed to do the job. 在GET / PUT / DELETE-Operations中,您读取用户和密码,并检查是否允许其执行此工作。 Then pass on the OrderDetails-Object. 然后传递OrderDetails-Object。
For the json-rest-authentication in general I suggest you to read how-do-people-handle-authentication-for-restful-apis-technology-agnostic 对于一般的json-rest-authentication,我建议您阅读如何为静态apis技术不可知的人处理身份验证
EDIT: Example for @PUT; 编辑:@PUT的示例;
@Consumes(['application/json'])
@Produces(['application/json'])
class OrderDetailsResource {
def orderDetailsResourceService
def id
@GET
Response read() {
ok orderDetailsResourceService.read(id)
}
@PUT
Response update(AuthOrder dto) {
if (validateUser(dto.getUserName, dto.getUserPassword)) {
OrderDetails orderDetails= dto.getOrderDetails();
dto.id = id
ok orderDetailsResourceService.update(dto)
} else
//not ok response
}
}
@DELETE
void delete() {
orderDetailsResourceService.delete(id)
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.