2

注册控制器不允许通过以下方式发送帐户 ID 字段:

@InitBinder
public void initBinder(WebDataBinder binder) {
    binder.setDisallowedFields("id");
    binder.setRequiredFields("username","password","emailAddress");
} 

@RequestMapping(method = { RequestMethod.POST, RequestMethod.PUT })
public String handleRegistration(@ModelAttribute Account account, BindingResult result) {
    if (result.hasErrors()) {
        return "customer/register";
    }

我运行以下测试以确保不允许使用 ID:

@Test
public void testPutRequestWithIdPassedRegistrationController() throws Exception {
    this.mockMvc.perform(post("/customer/register")
            .param("id", "1")
            .param("username", "shouldBeIgnored")
            .param("password", "123")
            .param("emailAddress", "testIgnored@gmail.com")
            .param("address.country", "RU")
            .param("address.city", "Nsk")
            .param("address.street", "Lenin"))
            .andExpect(model().hasErrors())
            .andExpect(view().name("customer/register"));
}

但测试失败原因:java.lang.AssertionError: Expected binding/validation errors

这里的比较是尝试在不通过不可为空的字段的情况下创建帐户的测试并且它通过了很好,这意味着setRequiredFields工作正常:

@Test
public void testPutRequestWithoutNeededFieldsRegistrationController() throws Exception {
    this.mockMvc.perform(post("/customer/register"))
            .andDo(print())
            .andExpect(status().isOk())
            .andExpect(view().name("customer/register"))
            .andExpect(model().hasErrors())
            .andExpect(model().errorCount(3));
}

为什么它会以这种方式工作?我如何确定不允许使用该 id?

4

1 回答 1

3

Spring 不会将不允许的字段视为错误。它只是将它们存储suppressedFieldsBindException. 在调试期间,我可以通过以下方式访问它:

((BindingResult)getModelAndView(result).getModelMap().get("org.springframework.validation.BindingResult.account")).getSuppressedFields()

hasErrors()方法调用时。

因此,为了确保不使用 id,我只是通过 params 传递它,然后检查具有该名称的帐户(它是一个唯一字段)是否具有另一个 id 值:

String notExistingId = "999";
String newUserName = "newUser";
this.mockMvc.perform(post("/customer/register")
        .param("id", notExistingId)
        .param("username", newUserName)
        .param("password", "123")
        .param("emailAddress", "testIgnored@gmail.com")
        .param("address.country", "RU")
        .param("address.city", "Nsk")
        .param("address.street", "Lenin"))
        .andExpect(model().hasNoErrors())
        .andExpect(view().name("redirect:/index.htm"));
Optional<Account> account = accountService.getAccount(newUserName);
assertTrue( "Account with the username should exist", account.isPresent());
assertNotSame("Account id should not be equal to the id we try to pass with parameters",
        Long.parseLong(notExistingId),
        account.get().getId());
于 2013-11-17T03:20:22.470 回答