当我测试一个控制器时,我发现下面的代码可以正常工作。但我不明白为什么模型在postMap中返回后包含“passproperty”属性。PasspProperty类仅使用验证约束进行注解。在控制器中,它只在方法中使用@valid annotation进行注解,如下面的代码所示。
我在控制器中有以下Map:
获取:
@GetMapping("/accounts/change-password")
public ModelAndView changePass(Principal principal) {
ModelAndView mv = new ModelAndView("change-password");
mv.addObject("passProperties", new PassProperties());
return mv;
}职位:
@PostMapping("/accounts/change-password")
public ModelAndView changePass(@Valid PassProperties passProperties, BindingResult bindingResult, Principal principal) {
ModelAndView mv = new ModelAndView("change-password");
if (bindingResult.hasErrors() == false) {
User user = userService.findUser(principal.getName());
String oldPass = passProperties.getOldPass();
if (encoder.matches(oldPass, user.getPassword())) {
user.setPassword(encoder.encode(passProperties.getNewPass1()));
userService.saveUser(user);
mv.addObject("msg", "Hasło zostało zmienione");
} else {
mv.addObject("msg", "Stare hasło nie pasuje.");
}
}
return mv;
}编辑1
我添加了以下测试和输出。如您所见,返回的modelandview包含未添加到@postmapping方法中的passproperty。PasspProperties对象仅用@valid注解,而PasspProperties类中的字段则用@notnull、@length和@notblank约束注解。它没有像@modeldattribute这样的注解。测试:
@Test
void changePassPost_whenPassPropertiesHasNoErrors_returnsModelWithPassProperties_And_ChangesPassword() throws Exception {
User principal = new User ("user", "user", true, "LVL99");
PassProperties passProperties = new PassProperties();
passProperties.setOldPass("user");
passProperties.setNewPass1("zaq1");
passProperties.setNewPass2("zaq1");
when(userService.findUser("user")).thenReturn(principal);
when(encoder.encode(passProperties.getNewPass1())).thenReturn(passProperties.getNewPass1());
when(encoder.matches(anyString(),anyString())).thenReturn(true);
ModelAndView mv = mockMvc.perform(MockMvcRequestBuilders.post("/accounts/change-password")
.with(SecurityMockMvcRequestPostProcessors.csrf())
.with(SecurityMockMvcRequestPostProcessors.user(new UserDetailsImpl(principal)))
.param("oldPass", passProperties.getOldPass())
.param("newPass1", passProperties.getNewPass1())
.param("newPass2", passProperties.getNewPass2())
)
.andDo(MockMvcResultHandlers.print())
.andExpect(MockMvcResultMatchers.status().isOk())
.andExpect(MockMvcResultMatchers.model().attributeExists("passProperties"))
.andExpect(MockMvcResultMatchers.model().hasNoErrors())
.andExpect(MockMvcResultMatchers.view().name("change-password"))
.andReturn().getModelAndView();
System.out.println("-------------------------------");
System.out.println(mv.getModel().get("passProperties"));
System.out.println(mv.getModel().get("msg"));
System.out.println("-------------------------------");
ArgumentCaptor<User> userCaptor = ArgumentCaptor.forClass(User.class);
verify(encoder, times(1)).encode(passProperties.getNewPass1());
verify(userService, times(1)).saveUser(userCaptor.capture());
assertEquals(passProperties.getNewPass1(), userCaptor.getValue().getPassword());
assertEquals(passProperties.getNewPass1(), principal.getPassword());
}输出:
MockHttpServletRequest:
HTTP Method = POST
Request URI = /accounts/change-password
Parameters = {oldPass=[user], newPass1=[zaq1], newPass2=[zaq1], _csrf=[8fc305ee-f0eb-42a6-8588-cce3ffdba469]}
Headers = []
Body = null
Session Attrs = {SPRING_SECURITY_CONTEXT=org.springframework.security.core.context.SecurityContextImpl@a37a47df: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@a37a47df: Principal: com.example.JabaVeans.service.UserDetailsImpl@58e46572; Credentials: [PROTECTED]; Authenticated: true; Details: null; Granted Authorities: LVL99}
Handler:
Type = com.example.JabaVeans.controller.AccountsController
Method = com.example.JabaVeans.controller.AccountsController#changePass(PassProperties, BindingResult, Principal)
Async:
Async started = false
Async result = null
Resolved Exception:
Type = null
ModelAndView:
View name = change-password
View = null
Attribute = passProperties
value = PassProperties(oldPass=user, newPass1=zaq1, newPass2=zaq1)
errors = []
Attribute = msg
value = Hasło zostało zmienione
FlashMap:
Attributes = null
MockHttpServletResponse:
Status = 200
Error message = null
Headers = [Content-Language:"en", Content-Type:"text/html;charset=UTF-8", X-Content-Type-Options:"nosniff", X-XSS-Protection:"1; mode=block", Cache-Control:"no-cache, no-store, max-age=0, must-revalidate", Pragma:"no-cache", Expires:"0", X-Frame-Options:"DENY"]
Content type = text/html;charset=UTF-8
Body = <!DOCTYPE html>
Forwarded URL = null
Redirected URL = null
Cookies = []
-------------------------------
PassProperties(oldPass=user, newPass1=zaq1, newPass2=zaq1)
Hasło zostało zmienione
-------------------------------
2020-08-22 18:01:49.655 INFO 12964 --- [extShutdownHook] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Shutdown initiated...
2020-08-22 18:01:49.665 INFO 12964 --- [extShutdownHook] com.zaxxer.hikari.HikariDataSource : HikariPool-1 - Shutdown completed.
Process finished with exit code 0编辑2
我知道我可以在@postmapping中用新的passproperty覆盖“passproperty”来删除以前的值,但我真的很困惑为什么会发生这种情况。
1条答案
按热度按时间fgw7neuy1#
如果检查Passproperty类,可能它有一些验证注解,如@notnull、@min、@max、@email、@size等。使用控制器中的@valid注解,spring将根据您在类中定义的验证注解检查Passproperty对象是否有效。如果PasspProperties对象的某个字段无效,则该方法将不会启动,spring将基于该字段返回一个错误。
我相信passproperty有一些与密码相关的属性,比如oldpass、newpass。在您的代码中,@getmapping的changepass方法只是返回类passproperty的新对象示例。changepass的@postmapping正在接收一个passproperty对象,可能是由某个用户发送的,在这种情况下,就像我上面解释的那样,只有在所有验证都为true时(因为@valid annotation)才会工作。