堆栈内存溢出
  简体   繁体   English

其余哪些操作可使用发布或删除?

[英]which crud operation in rest to use post or delete?

 原文  2018-06-28 03:47:20       spring/ rest/ spring-boot/ architecture

问题描述

i have created a bank application where i want to write a rest service to delete account . 我创建了一个银行应用程序,我想在其中编写休息服务以删除帐户。 so for that we need an account no . 因此我们需要一个帐号。 for that i think for security reasons i cant pass account no in url . 出于安全考虑,我认为我无法在url中传递帐号no。 so i am passing it in request body . 所以我在请求正文中传递了它。 i think if i try using it with delete it runs fine but again that could be a security issue . 我认为,如果我尝试将其与delete一起使用,它将运行良好,但再次可能是安全问题。 so in that case will i need to use post instead of delete so that i can pass account no in request body ? 所以在那种情况下,我需要使用post而不是delete以便我可以在请求正文中传递帐号no吗? 

     @PostMapping("/account")
        public void deleteAccount(@RequestBody @Valid final AccountNoDto accountNoDto) {
            return accountService.deleteAccount(accountNoDto);
        }
or

  @DeleteMapping("/account/{accountNo}")
    public void deleteAccount(@PathVariable Long accountNo) {
        return accountService.deleteAccount(accountNo);
    }

2 个解决方案

解决方案1
 2 已采纳  2018-06-28 04:23:49

You should use @DeleteMapping because you are deleting a record. 您应该使用@DeleteMapping,因为您要删除一条记录。 The HTTP verbs should be compliant with what the function does. HTTP动词应与该功能兼容。

But dont send the account Number along with the endPoint. 但是不要将帐号和端点一起发送。 Write the endpoint as - 将端点写为- 

@DeleteMapping("/account")

The Account Number should be retrived at the backend from the token you will be sending along with the request.So All requests GET,POST,PUT,DELETE will have the same uri and the account number will be fetched from the token at the backend. 应该在后端从您将与请求一起发送的令牌中检索帐号。因此,所有请求GET,POST,PUT,DELETE都将具有相同的uri,并且将从后端的令牌中获取帐号。 If you want to know how it is done in spring read about SecurityContextHolder class 如果您想知道春季如何完成此操作,请阅读有关SecurityContextHolder类的信息。

解决方案2
 0  2018-06-28 03:56:46

Idealy we use @DeleteMapping for delete operation and we use @PostMapping for new creation and updation of data . 理念上,我们使用@DeleteMapping进行删除操作,并使用@PostMapping进行新的数据创建和更新。 I dont think account id is that much sensitive information to reveal in url. 我不认为帐户ID是要在网址中显示的敏感信息。 You can go for @DeleteMapping 你可以去@DeleteMapping

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 扩展 crud 存储库时如何使用自己的查询进行保存操作? - How to use own query for save operation when extending crud repository? CRUD操作中的ClassCastException - ClassCastException in CRUD operation 用于CRUD操作的REST API的演示Spring Boot应用程序抛出404 not found错误 - Demo Spring Boot application for REST apis for CRUD operation throws 404 not found error 如何在我的 angular 应用程序中调用和使用 spring REST POST API 返回没有正文的字符串? - How to call and use the spring REST POST API in my angular app which is returning string without body? 无法通过弹簧休止端点执行删除操作 - Unable to do delete operation through spring rest endpoints Spring Data中的Rest操作如何与Rest一起使用 - How does delete operation work with Rest in Spring Data 用于显示和CRUD操作的实体类 - Entity class for display and for CRUD operation 如何在包含一对多关系的类中执行删除操作 - How to perform delete operation in classes which consists one to many relationship 将DELETE请求用于REST中不完全删除 - Use DELETE request for not purely deletion in REST 使用Spring MVC的Couchbase Crud操作 - Couchbase crud operation using spring mvc
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM