I would like to know if there is some way to filter the properties of an object that a resource receives.
Let me explain myself: lets say we have this object:
UserDTO
public final class IniciativaDocument {
private String id;
private String name;
private String surname;
private String address;
private Double balance;
}
And for a resource I only need the properties "name" and "surname" but for other I only need "address" and "id". Is there any way to make the uneeded variables null automatically with something like Jackson?
My goal for this is that if the client sends a request with a field that isnt needed that I don't have to make it null before saving it to the database because that field is not supposed to be initialized when registering.
Thanks.
EDIT 1
For more clarity: this is for a matter of security and easiness.
Imagine I am a hacker and somehow know the fields a DTO
class has. I could easily send a POST
request like this to a service wich is to register users:
{
"id": "wrong",
"name": "Wrong",
"balance": 20000
}
For my service I would only need id
and name
but the hacker is sending a balance
field too.
What I want to do is that as I receive this object, I can set my endpoint /api/v1/users
(which is to register) to put any initialized field that isn't id
or name
to null
.
You might say I could just make sure it's 0 or set it to null manually. Yeah, that's true, but I want to find out if there's an automatic and more comfortable way of doing this with annotations or something similar.
EDIT 2
Resource example:
@Component
@Path("iniciativas")
@Produces(MediaType.APPLICATION_JSON)
public final class IniciativasEndpoint {
@POST
public Response crearIniciativa(@Valid @NotNull(message = CONSTRAINT_BODY_NOT_NULL) @ConvertGroup(to = IniciativasGroup.Create.class)
final IniciativaDTO iniciativaDTO,
@Context UriInfo uriInfo) {
return Response.ok().build();
}
}
You can use Jackson's JsonIgnore Property
for this like:
@JsonInclude(Include.NON_NULL)
public final class IniciativaDocument {
private String id;
private String name;
private String surname;
private String address;
}
So Basically what it does is, when it is mapping this class to Json
it will ignore all fields with null
value. And if you want it not to apply on whole class you can do it on fields as well.
AND If you want to achieve it through front-end
then you can use this great api GraphQL , so basically in request you will specify what fields you require and it will return only those fields.
Use a post-matching filter: You can implement ContainerRequestFilter
and annotate your Filter with @PostMaching
(javax.ws.rs.container.PreMatching) and manipulate the your request with its data there.
Define an @interface for your Filter:
@NameBinding
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.TYPE, ElementType.METHOD })
public @interface AnnotationForYourFilter {}
Annotate the sub-resource you want with @AnnotationForYourFilter and you are done.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.