根据上一章,我们了解到SpringMvc提供了@Valid,使我们非常方便的进行后台验证。例如:
import javax.validation.Valid;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindingResult;
import org.springframework.validation.DataBinder;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class UserController {
@InitBinder
public void initBinder(DataBinder binder) {
binder.setValidator(new UserValidator());
}
@RequestMapping("login")
public String login(@Valid User user, BindingResult result) {
if (result.hasErrors())
return "redirect:user/login";
return "redirect:/";
}
}
如上段代码所示,方法参数加上@Valid注解后,后面必须紧跟着一个BindingResult或Error参数,有多少个验证参数就得加几个BindingResult,这是SpringMVC里用着让人最不爽的地方。
如果在方法中不加BindingResult参数,则验证失败后会抛出异常。那么我们就可以用一个统一的拦截器统一处理验证异常。这样我们就可以将验证失败处理交给框架去做,而不用在业务模块加验证处理方法。实现代码如下:
package org.springframework.samples.mvc;
import org.apache.log4j.Logger;
import org.springframework.mvc.extensions.ajax.AjaxUtils;
import org.springframework.validation.BindException;
import org.springframework.validation.FieldError;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.context.request.WebRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.Serializable;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* 统一处理验证失败异常
* 使用此切片后@Valid注解验证的参数后不用再加Errors或Bindingesult
* @author yg.huang
* @version v1.0
* DATE 2016/11/25
*/
@ControllerAdvice
public class ValidateControllerAdvice {
Logger logger=Logger.getLogger(ValidateControllerAdvice.class);
/**
* bean校验未通过异常
*
* @see javax.validation.Valid
* @see org.springframework.validation.Validator
* @see org.springframework.validation.DataBinder
*/
@ExceptionHandler(BindException.class)
public String validExceptionHandler(BindException e, WebRequest request, HttpServletResponse response) {
List<FieldError> fieldErrors=e.getBindingResult().getFieldErrors();
for (FieldError error:fieldErrors){
logger.error(error.getField()+":"+error.getDefaultMessage());
}
request.setAttribute("fieldErrors",fieldErrors,WebRequest.SCOPE_REQUEST);
if(AjaxUtils.isAjaxRequest(request)){
Map<String,Object> attrMap=new HashMap<String, Object>();
String[] atrrNames=request.getAttributeNames(WebRequest.SCOPE_REQUEST);
for(String attr:atrrNames){
Object value=request.getAttribute(attr,WebRequest.SCOPE_REQUEST);
if(value instanceof Serializable){
attrMap.put(attr,value);
}
}
AjaxUtils.writeJson(attrMap,response);
return null;
}
return "/validError";
}
}
使用@ExceptionHandler(BindException.class)来注明此拦截器只处理数据绑定异常。可以从BindException中获取到哪些字段验证失败,然后将验证失败的字段集合放到request中,交给前台展示。这个ControllerAdvice可以处理两种请求,如果是普通请求则验证失败后跳转到validError.jsp,在这个jsp中输出失败的字段。如果是Ajax请求,则将失败字段转换成Json输出至response,交由前台处理。前台如果是Ajax提交,可以使用统一的Ajax提交方法,失败后alert出失败信息。下面给出AjaxUtil源码:
package org.springframework.mvc.extensions.ajax;
import com.fasterxml.jackson.core.JsonEncoding;
import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.log4j.Logger;
import org.springframework.web.context.request.WebRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class AjaxUtils {
private static Logger logger=Logger.getLogger(AjaxUtils.class);
private static ObjectMapper mapper = new ObjectMapper();
/**
* 验证是否是ajax请求
* @param webRequest
* @return
*/
public static boolean isAjaxRequest(WebRequest webRequest) {
String requestedWith = webRequest.getHeader("X-Requested-With");
return requestedWith != null ? "XMLHttpRequest".equals(requestedWith) : false;
}
public static boolean isAjaxUploadRequest(WebRequest webRequest) {
return webRequest.getParameter("ajaxUpload") != null;
}
public static void writeJson(Object value, HttpServletResponse response){
JsonGenerator jsonGenerator = null;
try {
jsonGenerator=mapper.getFactory().createGenerator(response.getOutputStream(), JsonEncoding.UTF8);
if(jsonGenerator!=null){
jsonGenerator.writeObject(value);
}
} catch (IOException e) {
logger.error(e);
}
}
private AjaxUtils(){}
}
