验证 Jackson 中的嵌套对象

Question

我有一个spring项目，使用jackson进行json序列化和反序列化。

我已经定义了这些 DTO，

CertManDTO，

public class CertManDTO implements Serializable {

    private static final long serialVersionUID = 1L;

    private Long id;

    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
    private UUID certificateId;

    @NotNull
    private Long orgId;

    @NotNull
    private CertificateType certificateType;

    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
    @NotNull
    private PublicCertificateDTO publicCertificate;

    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
    private PrivateCertificateDTO privateCertificate;

    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
    private ZonedDateTime expiryDate;

    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
    private ZonedDateTime createdDate;

    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
    private ZonedDateTime updatedDate;

    // Getters and setters
}

PublicCertificateDTO，

public class PublicCertificateDTO implements Serializable {

    private static final long serialVersionUID = 1L;

    @JsonIgnore
    private Long id;

    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
    @NotNull
    private String certificate;

    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
    @NotNull
    private String dnsZone;

    // Getters and setters
}

PrivateCertificateDTO，

public class PrivateCertificateDTO implements Serializable {

    private static final long serialVersionUID = 1L;

    @JsonIgnore
    private Long id;

    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
    private String pkcs12;

    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
    private String privateCertificatePassword;

    // Getters and setters
}

你可以在上面看到我已经为certificate和dnzZone字段设置了@NotNull注释。

但是，发布此 JSON 似乎解析成功。这只发生在嵌套对象上。

{  
   "orgId":"1001",
   "certificateType":"Single Use",
   "privateCertificate":{  
      "pkcs12":"test",
      "certificatePassword":"Test"
   },
   "publicCertificate":{  

   }
}

如果我发布以下内容，验证将失败，因为 @NotNull 设置为 publicCertificate

{  
   "orgId":"1001",
   "certificateType":"Single Use",
   "privateCertificate":{  
      "pkcs12":"test",
      "certificatePassword":"Test"
   }
}

我确实在RestController 中为@RequestBody 设置了@Valid。

知道是什么原因造成的吗？

Answer 1

您似乎忘记在嵌套 DTO 中添加 @Valid 注释。试试下面的代码：

@JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
@NotNull
@Valid
private PublicCertificateDTO publicCertificate;

Answer 2

我一发布问题就遇到了这个blog post 关于bean 验证的问题。您需要@Valid 来验证嵌套对象。

因此将 CertManDTO 重构为，

public class CertManDTO implements Serializable {

    private static final long serialVersionUID = 1L;

    private Long id;

    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
    private UUID certificateId;

    @NotNull
    private Long orgId;

    @NotNull
    private CertificateType certificateType;

    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
    @NotNull
    @Valid
    private PublicCertificateDTO publicCertificate;

    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
    private PrivateCertificateDTO privateCertificate;

    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
    private ZonedDateTime expiryDate;

    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
    private ZonedDateTime createdDate;

    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
    private ZonedDateTime updatedDate;

    // Getters and setters
}