在上一篇文http://blog.csdn.net/dushiwodecuo/article/details/79080237,通过AOP对@RequestBody注解进行的参数进行校验
那么对于 @PathVariable和@RequestParam 却没有对应的spring mvc 默认自带的校验机制 @Valid + BindingResult。那么此时该校验的话,只能代码上逐一进行校验。
先说明一下@PathVariable和@RequestParam;两个注解的用法。
格式:path/1/catalpaFlat
eg:
@GetMapping("path/{isInt}/{isString}")
public ResponseVO pathGet(@PathVariable Integer isInt,
@PathVariable String isString) {
log.info("int:" + isInt);
log.info("String:" + isString);
JSONObject resultJson = new JSONObject();
resultJson.put("isInt", isInt);
resultJson.put("isString", isString);
return new ResponseVO(HttpStatus.OK.value(), "pathGet", resultJson);
}
request:
http://localhost:8888/path/3/dadas
代码式校验
if(isInt < 2){
return new ResponseVO(HttpStatus.BAD_REQUEST.value(), "pathGet", "isInt must be more than 2");
}
代码式校验的话,个人觉得就有点儿不必要,除非是一些特殊需求
格式:query?isInt=2&isString=catalpaFlat
@GetMapping("query?")
public ResponseVO queryGet(@RequestParam Integer isInt,
@RequestParam String isString) {
log.info("int:" + isInt);
log.info("String:" + isString);
JSONObject resultJson = new JSONObject();
resultJson.put("isInt", isInt);
resultJson.put("isString", isString);
return new ResponseVO(HttpStatus.OK.value(), "queryGet", resultJson);
}
同样也需要代码式校验
if(isInt < 2){
return new ResponseVO(HttpStatus.BAD_REQUEST.value(), "queryGet", "isInt must be more than 2");
}
因为@Valid + BindingResult只能用于@ResponseBody这种类型注解。
可以感受到原版本都得在代码中进行校验,只要使用到@PathVariable和@RequestParam的都得进行一波参数校验,因此就想能不能像@Valid一样,为其添加注解式校验,这样代码量就减少并让代码优雅了很多。
以下代码再则是改良之后的代码:
- @ParameterValid 相当于@Valid,并且在其属性中进行配置参数校验规则
- @PathAndQueryParamValid 相当于AOP的切入点
@PathAndQueryParamValid
@GetMapping("path/{isInt}/{isString}")
public ResponseVO pathGet(@PathVariable @ParameterValid(type = Integer.class, msg = "isInt must be more than 2", isMin = true, min = 2) Integer isInt,
@PathVariable @ParameterValid(type = String.class, msg = "isString is empty") String isString) {
log.info("int:" + isInt);
log.info("String:" + isString);
JSONObject resultJson = new JSONObject();
resultJson.put("isInt", isInt);
resultJson.put("isString", isString);
return new ResponseVO(HttpStatus.OK.value(), "pathGet", resultJson);
}
@GetMapping("query")
@PathAndQueryParamValid
public ResponseVO queryGet(@RequestParam @ParameterValid(type = Integer.class, msg = "isInt must be more than 2 ", isMin = true, min = 2) Integer isInt,
@RequestParam @ParameterValid(type = String.class, msg = "isString is empty") String isString) {
log.info("int:" + isInt);
log.info("String:" + isString);
JSONObject resultJson = new JSONObject();
resultJson.put("isInt", isInt);
resultJson.put("isString", isString);
return new ResponseVO(HttpStatus.OK.value(), "queryGet", resultJson);
}
只是简单的用于方法类型注解:
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface PathAndQueryParamValid {
}
@ParameterValid 可以根据实际业务需求添加属于你的校验规则:
@Documented
@Target(ElementType.PARAMETER)
@Retention(RetentionPolicy.RUNTIME)
public @interface ParameterValid {
Class> type();
String msg();
boolean request() default true;
boolean isEmpty() default true;
boolean isBlank() default true;
boolean isNull() default false;
int min() default 0;
int max() default 0;
int[] section() default {0,0};
boolean isMin() default false;
boolean isMax() default false;
boolean isSection() default false;
}
@Aspect
@Component
public class PathAndQueryParamValidAspect {
private static final Logger log = LoggerFactory.getLogger(PathAndQueryParamValidAspect.class);
@Before("@annotation(paramValid)")
public void paramValid(JoinPoint joinPoint, PathAndQueryParamValid paramValid) {
String className = joinPoint.getTarget().getClass().getName();
String methodName = joinPoint.getSignature().getName();
Object[] param = joinPoint.getArgs();
try {
List errorLists = ParamValidSupport.get().validate(className, methodName,
ParameterValid.class, param);
if (errorLists != null) {
AdvanceResponseSupport.advanceResponse(
new ResponseVO(HttpStatus.BAD_REQUEST.value(), "parameter empty", errorLists));
}
} catch (NotFoundException | NoSuchMethodException | ClassNotFoundException e) {
log.error("e-name:" + e.getClass().getName() + ": message:" + e.getMessage());
}
}
}
(这里还可以重构的,只是对int和string两种类型进行校验,还可以添加其他需求。把主要内容先呈现出来)
public class ParamValidSupport {
private static final Logger logger = LoggerFactory.getLogger(ParamValidSupport.class);
private static final String PARAM_TYPE_ERROR = "param type error";
private static final String INT_PARAM_ERROR = "Invalid interva";
private static final int INT_PARAM_TYPE_MAX_SIZE = 2;
private static final int INT_PARAM_SIZE_SUBSCRIPT_MIN = 0;
private static final int INT_PARAM_SIZE_SUBSCRIPT_MAX = 0;
private static final int STRING_SIZE = 2;
private static final char STRING_TYPE_END = '}';
private static final char STRING_TYPE_BEGIN = '{';
private static final char STRING_EMPTY_DOUBLE_CHARACTER = '"';
private static final char STRING_EMPTY_SINGLE_CHARACTER = '\'';
private static ParamValidSupport mInstance;
private ParamValidSupport() {
}
public static ParamValidSupport get() {
if (mInstance == null) {
synchronized (ParamValidSupport.class) {
if (mInstance == null) {
mInstance = new ParamValidSupport();
}
}
}
return mInstance;
}
/**
* 校验
*/
public List validate(String className, String methodName,
Class> annotationClass, Object[] args)
throws NotFoundException, NoSuchMethodException, ClassNotFoundException {
if (StringUtils.isBlank(className)) {
return null;
}
if (StringUtils.isBlank(methodName)) {
return null;
}
if (annotationClass == null) {
return null;
}
ClassPool pool = ClassPool.getDefault();
CtClass ct = pool.get(className);
CtMethod ctMethod = ct.getDeclaredMethod(methodName);
Object[][] parameterAnnotations = ctMethod.getParameterAnnotations();
List errorLists = new ArrayList<>();
for (int i = 0; i < parameterAnnotations.length; i++) {
Object[] parameterAnnotation = parameterAnnotations[i];
Object param = args[i];
for (Object object : parameterAnnotation) {
Annotation annotation = (Annotation) object;
Class extends Annotation> aClass = annotation.annotationType();
if (aClass.equals(annotationClass)) {
boolean isEmpty = ((ParameterValid) object).isEmpty();
if (isEmpty) {
ParameterValid parameterValid = (ParameterValid) object;
String errorMsg = parameterValid.msg();
if (Integer.class.isAssignableFrom(param.getClass())){
int paramInt = (int) param;
if (parameterValid.isMin() && paramInt < parameterValid.min()) {
errorLists.add(errorMsg);
}
if (parameterValid.isMax() && paramInt < parameterValid.max()) {
errorLists.add(errorMsg);
}
if (parameterValid.isSection()) {
int[] section = parameterValid.section();
if (section.length != INT_PARAM_TYPE_MAX_SIZE) {
logger.error(INT_PARAM_ERROR);
throw new ParameterValidException(INT_PARAM_ERROR);
}
if (!(paramInt > section[INT_PARAM_SIZE_SUBSCRIPT_MIN] && paramInt < section[INT_PARAM_SIZE_SUBSCRIPT_MAX])) {
errorLists.add(errorMsg);
} else if (!(paramInt > section[INT_PARAM_SIZE_SUBSCRIPT_MAX] && paramInt < section[INT_PARAM_SIZE_SUBSCRIPT_MIN])) {
errorLists.add(errorMsg);
}
}
}
if (String.class.isAssignableFrom(param.getClass())){
String paramStr = (String) param;
if (parameterValid.isNull()) {
if (StringUtils.isEmpty(paramStr)) {
errorLists.add(errorMsg);
}
} else {
if (parameterValid.isBlank()) {
if (StringUtils.isBlank(paramStr)) {
errorLists.add(errorMsg);
} else {
int length = paramStr.length();
char begin = paramStr.charAt(0);
char end = paramStr.charAt(length - 1);
if (STRING_TYPE_BEGIN == begin &&
STRING_TYPE_END == end) {
errorLists.add(errorMsg);
}
if (length == STRING_SIZE && STRING_EMPTY_DOUBLE_CHARACTER == begin
&& STRING_EMPTY_DOUBLE_CHARACTER == end) {
errorLists.add(errorMsg);
}
if (length == STRING_SIZE && STRING_EMPTY_SINGLE_CHARACTER == begin
&& STRING_EMPTY_SINGLE_CHARACTER == end) {
errorLists.add(errorMsg);
}
}
}
}
}
}
}
}
}
if (errorLists.size() != 0) {
return errorLists;
}
return null;
}
}