Uploaded image for project: 'RESTEasy'
  1. RESTEasy
  2. RESTEASY-1186

Constraint violations produced by invalid parameters of a JAXRS resource method are not immediately returned in the Response returned by the method, causing business methods to be called with invalid values.

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 3.1.0.Beta1, 3.0.20.Final
    • 3.0.10.Final
    • jaxrs
    • None
    • Hide

      public class QueryBeanParam {

      @Size(min = 1)
      @QueryParam("foo")
      private String param;

      public String getParam()

      { return param; }

      }

      public interface ValidResource

      { Response getAll(@Valid QueryBeanParam beanParam); }

      public class RootResource implements ValidResource {

      @GET
      @Override
      public Response getAll(@BeanParam QueryBeanParam beanParam)

      { System.out.println("beanParam invalid value: " + beanParam.getParam()); // the line above is still called even with an invalid value passed to //beanParam#getparam, but the returned Response contains the list of //violations. return Response.ok().build(); }

      }

      public class ValidRootResource {

      @GET
      public Response getAll(@Valid @BeanParam QueryBeanParam beanParam)

      { System.out.println("beanParam invalid value: " + beanParam.getParam()); // the line above is NOT called, as expected, when an invalid value is //passed to //beanParam#getparam. Notice the @Valid annotation is placed //on the class and not on any interface return Response.ok().build(); }

      }

      Show
      public class QueryBeanParam { @Size(min = 1) @QueryParam("foo") private String param; public String getParam() { return param; } } public interface ValidResource { Response getAll(@Valid QueryBeanParam beanParam); } public class RootResource implements ValidResource { @GET @Override public Response getAll(@BeanParam QueryBeanParam beanParam) { System.out.println("beanParam invalid value: " + beanParam.getParam()); // the line above is still called even with an invalid value passed to //beanParam#getparam, but the returned Response contains the list of //violations. return Response.ok().build(); } } public class ValidRootResource { @GET public Response getAll(@Valid @BeanParam QueryBeanParam beanParam) { System.out.println("beanParam invalid value: " + beanParam.getParam()); // the line above is NOT called, as expected, when an invalid value is //passed to //beanParam#getparam. Notice the @Valid annotation is placed //on the class and not on any interface return Response.ok().build(); } }

    Description

      When a JAXRS resource class implements an interface containing Bean Validation constraints on method parameters, any constraint violations caught by the registered ExceptionMapper are not throw until the method returns, allowing the method to continue with invalid parameter values. When the Bean Validation constraints are placed directly on the JAXRS class methods instead of on an implemented interface, the method behaves as expected by immediately returning a Response containing the violations.

      Attachments

        Issue Links

          is related to

          Bug - A problem that impairs or prevents the functions of the product. RESTEASY-2503 After first invocation on an EJB, class/field/property constraints don't get checked

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              rsigal@redhat.com Ronald Sigal
              etayjboss99 Eric Taylor (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: