创建时忽略实体字段,Spring JPA
Ignore entity field while creation, Spring JPA
我正在尝试为实体内的某些字段创建一些默认值。
这是我的实体:
@Entity
@AllArgsConstructor
@NoArgsConstructor
@Data
@Table(name="users")
public class User extends BaseEntity{
@Column(name="email")
private String email;
@Column(name="password")
private String password;
@Column(name="tokens", insertable = false)
@ElementCollection(targetClass=String.class)
private List<String> tokens;
@Column(name="firstName")
private String firstName;
@Column(name="lastName")
private String lastName;
@Column(name="permission", insertable = false, columnDefinition="tinyint(1) default 0")
private Integer permission;
@Column(name="deleted", columnDefinition = "boolean default false", insertable = false)
private boolean deleted;
@Column(name="expirationDate", insertable = false)
@CreationTimestamp
@Temporal(TemporalType.TIMESTAMP)
private Date expirationDate;
}
我想从客户端接收的字段是:
email, password, firstName, lastName.
这是我接收输入并保存它的路线:
@PostMapping("/createUser")
public ResponseEntity<User> createUser(@RequestBody User user) {
try{
return ResponseEntity.ok()
.body(userService.addUser(user));
} catch (CustomException e){
throw new CustomException(e.getMessage());
}
}
通过注释 @RequestBody 我可以向服务器发送一个 json:
{
"email": "itshakbarcd45v@gmail.com",
"password": "123456",
"firstName": "Itzik",
"lastName": "Barabie",
"permission": 4,
"deleted": "true"
}
而且用户似乎可以为字段 permission 和 deleted 指定自己的值,然后我用 insertable = false.
进行了注释
这是返回的对象。
{
"userId": 6,
"createDate": "2022-02-14T22:38:21.892+00:00",
"updatedDate": "2022-02-14T22:38:21.892+00:00",
"deleted": true,
"email": "test@gmail.com",
"password": "85784496ddc1811f5b71ee2a2797924139c550f784bd72753bc4daa9e731e148a0e57067038b5d4a82e2cecf910505ad06ec49a12d777a81f471ef81f8bae9ef",
"tokens": null,
"firstName": "Itzik",
"lastName": "Barabie",
"permission": 4,
"expirationDate": "2022-02-14T22:38:21.892+00:00"
}
这是预期的行为?或者我错过了什么..
我知道 insertable = false 和 updateable = false 应该阻止任何手动插入或更新的尝试。
谢谢!
如果您只想限制 API 访问仅供服务层内部使用的字段,例如 permission/delete,那么您最好使用
@JsonIgnore
或
@JsonProperty
注解而不是@Insertable 或@Updatable。这将隐藏 API.
中的字段
@Entity
@AllArgsConstructor
@NoArgsConstructor
@Data
@Table(name="users")
public class User extends BaseEntity{
@Column(name="email")
private String email;
@Column(name="password")
private String password;
@Column(name="tokens", insertable = false)
@ElementCollection(targetClass=String.class)
private List<String> tokens;
@Column(name="firstName")
private String firstName;
@Column(name="lastName")
private String lastName;
@JsonIgnore
@Column(name="permission", columnDefinition="tinyint(1) default 0")
private Integer permission;
@JsonIgnore
@Column(name="deleted", columnDefinition = "boolean default false")
private boolean deleted;
@Column(name="expirationDate", insertable = false)
@CreationTimestamp
@Temporal(TemporalType.TIMESTAMP)
private Date expirationDate;
}
您还可以选择让字段在读取或写入期间有选择地隐藏。例如
@JsonProperty(access = JsonProperty.Access.READ_ONLY)
将显示 API 中的值,但不允许写入。
我正在尝试为实体内的某些字段创建一些默认值。
这是我的实体:
@Entity
@AllArgsConstructor
@NoArgsConstructor
@Data
@Table(name="users")
public class User extends BaseEntity{
@Column(name="email")
private String email;
@Column(name="password")
private String password;
@Column(name="tokens", insertable = false)
@ElementCollection(targetClass=String.class)
private List<String> tokens;
@Column(name="firstName")
private String firstName;
@Column(name="lastName")
private String lastName;
@Column(name="permission", insertable = false, columnDefinition="tinyint(1) default 0")
private Integer permission;
@Column(name="deleted", columnDefinition = "boolean default false", insertable = false)
private boolean deleted;
@Column(name="expirationDate", insertable = false)
@CreationTimestamp
@Temporal(TemporalType.TIMESTAMP)
private Date expirationDate;
}
我想从客户端接收的字段是:
email, password, firstName, lastName.
这是我接收输入并保存它的路线:
@PostMapping("/createUser")
public ResponseEntity<User> createUser(@RequestBody User user) {
try{
return ResponseEntity.ok()
.body(userService.addUser(user));
} catch (CustomException e){
throw new CustomException(e.getMessage());
}
}
通过注释 @RequestBody 我可以向服务器发送一个 json:
{
"email": "itshakbarcd45v@gmail.com",
"password": "123456",
"firstName": "Itzik",
"lastName": "Barabie",
"permission": 4,
"deleted": "true"
}
而且用户似乎可以为字段 permission 和 deleted 指定自己的值,然后我用 insertable = false.
这是返回的对象。
{
"userId": 6,
"createDate": "2022-02-14T22:38:21.892+00:00",
"updatedDate": "2022-02-14T22:38:21.892+00:00",
"deleted": true,
"email": "test@gmail.com",
"password": "85784496ddc1811f5b71ee2a2797924139c550f784bd72753bc4daa9e731e148a0e57067038b5d4a82e2cecf910505ad06ec49a12d777a81f471ef81f8bae9ef",
"tokens": null,
"firstName": "Itzik",
"lastName": "Barabie",
"permission": 4,
"expirationDate": "2022-02-14T22:38:21.892+00:00"
}
这是预期的行为?或者我错过了什么..
我知道 insertable = false 和 updateable = false 应该阻止任何手动插入或更新的尝试。
谢谢!
如果您只想限制 API 访问仅供服务层内部使用的字段,例如 permission/delete,那么您最好使用
@JsonIgnore
或
@JsonProperty
注解而不是@Insertable 或@Updatable。这将隐藏 API.
中的字段@Entity
@AllArgsConstructor
@NoArgsConstructor
@Data
@Table(name="users")
public class User extends BaseEntity{
@Column(name="email")
private String email;
@Column(name="password")
private String password;
@Column(name="tokens", insertable = false)
@ElementCollection(targetClass=String.class)
private List<String> tokens;
@Column(name="firstName")
private String firstName;
@Column(name="lastName")
private String lastName;
@JsonIgnore
@Column(name="permission", columnDefinition="tinyint(1) default 0")
private Integer permission;
@JsonIgnore
@Column(name="deleted", columnDefinition = "boolean default false")
private boolean deleted;
@Column(name="expirationDate", insertable = false)
@CreationTimestamp
@Temporal(TemporalType.TIMESTAMP)
private Date expirationDate;
}
您还可以选择让字段在读取或写入期间有选择地隐藏。例如
@JsonProperty(access = JsonProperty.Access.READ_ONLY)
将显示 API 中的值,但不允许写入。