How to set automatically assigned values and enforce that they do not change?
Petter Reinholdtsen
pere at hungry.com
Thu Jun 15 10:20:04 CEST 2017
[Petter Reinholdtsen]
> So my question is simply - is this the correct approach to set the
> value automatically and ensure it never is modified by a API client?
Note, when I tested this approach, runtest complained what PUT no longer
worked. Not quite sure how to hit the create path but not the update
path. Guidence would be most welcome. :)
This is the patch I am using.
diff --git a/core-webapp/src/main/java/no/arkivlab/hioa/nikita/webapp/service/impl/DocumentDescriptionService.java b/core-webapp/src/main/java/no/arkivlab/hioa/nikita/webapp/service/impl/DocumentDescriptionService.java
index ac7abb1..992383c 100644
--- a/core-webapp/src/main/java/no/arkivlab/hioa/nikita/webapp/service/impl/DocumentDescriptionService.java
+++ b/core-webapp/src/main/java/no/arkivlab/hioa/nikita/webapp/service/impl/DocumentDescriptionService.java
@@ -4,6 +4,7 @@ import nikita.model.noark5.v4.DocumentDescription;
import nikita.model.noark5.v4.DocumentObject;
import nikita.repository.n5v4.IDocumentDescriptionRepository;
import nikita.util.exceptions.NoarkEntityNotFoundException;
+import nikita.util.exceptions.NikitaMalformedInputDataException;
import no.arkivlab.hioa.nikita.webapp.service.interfaces.IDocumentDescriptionService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -13,6 +14,7 @@ import org.springframework.data.domain.Sort;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
+import static nikita.config.N5ResourceMappings.DOCUMENT_DESCRIPTION_ASSOCIATION_DATE;
import javax.persistence.EntityManager;
import javax.persistence.Query;
@@ -69,11 +71,17 @@ public class DocumentDescriptionService implements IDocumentDescriptionService {
public DocumentDescription save(DocumentDescription documentDescription){
String username = SecurityContextHolder.getContext().getAuthentication().getName();
+ Date now = new Date();
+ if (null != documentDescription.getAssociationDate()) {
+ String msg = "Setting " + DOCUMENT_DESCRIPTION_ASSOCIATION_DATE + " is not permitted.";
+ throw new NikitaMalformedInputDataException(msg);
+ }
documentDescription.setSystemId(UUID.randomUUID().toString());
- documentDescription.setCreatedDate(new Date());
+ documentDescription.setCreatedDate(now);
documentDescription.setOwnedBy(username);
documentDescription.setCreatedBy(username);
documentDescription.setDeleted(false);
+ documentDescription.setAssociationDate(now);
return documentDescriptionRepository.save(documentDescription);
}
@@ -378,6 +386,12 @@ public class DocumentDescriptionService implements IDocumentDescriptionService {
existingDocumentDescription.setDocumentNumber(incomingDocumentDescription.getDocumentNumber());
}
+ // Reject changes to values we are not allowed to modify
+ if (existingDocumentDescription.getAssociationDate() != incomingDocumentDescription.getAssociationDate()) {
+ String msg = "Modifying " + DOCUMENT_DESCRIPTION_ASSOCIATION_DATE + " is not permitted.";
+ throw new NikitaMalformedInputDataException(msg);
+ }
+
existingDocumentDescription.setVersion(version);
documentDescriptionRepository.save(existingDocumentDescription);
return existingDocumentDescription;
--
Happy hacking
Petter Reinholdtsen
More information about the nikita-noark
mailing list