虽然 spring 标准注释(@notblank、@notnull、@min、@size 等)涵盖了验证用户输入时的许多用例,但有时我们需要为更具体的输入类型创建自定义验证逻辑。在本文中,我将演示如何创建自定义注释以进行验证。
我们需要将 spring-boot-starter-validation 依赖项添加到我们的 pom.xml 文件中。
<dependency>
<groupid>org.springframework.boot</groupid>
<artifactid>spring-boot-starter-validation</artifactid>
</dependency>
让我们创建自定义注释来验证文件属性,例如文件扩展名、文件大小和 mime 类型。
@target({elementtype.field})
@retention(retentionpolicy.runtime)
@documented
@constraint(
validatedby = {fileextensionvalidator.class}
)
public @interface validfileextension {
string[] extensions() default {};
string message() default "{constraints.validfileextension.message}";
class<?>[] groups() default {};
class<? extends payload>[] payload() default {};
}
@target({elementtype.field})
@retention(retentionpolicy.runtime)
@documented
@constraint(
validatedby = {filemaxsizevalidator.class}
)
public @interface validfilemaxsize {
long maxsize() default long.max_value; // mb
string message() default "{constraints.validfilemaxsize.message}";
class<?>[] groups() default {};
class<? extends payload>[] payload() default {};
}
@target({elementtype.field})
@retention(retentionpolicy.runtime)
@documented
@constraint(
validatedby = {filemimetypevalidator.class}
)
public @interface validfilemimetype {
string[] mimetypes() default {};
string message() default "{constraints.validfilemimetype.message}";
class<?>[] groups() default {};
class<? extends payload>[] payload() default {};
}
让我们分解一下这些注释的组成部分:
public class fileextensionvalidator implements constraintvalidator<validfileextension, multipartfile> {
private list<string> extensions;
@override
public void initialize(validfileextension constraintannotation) {
extensions = list.of(constraintannotation.extensions());
}
@override
public boolean isvalid(multipartfile file, constraintvalidatorcontext constraintvalidatorcontext) {
if (file == null || file.isempty()) {
return true;
}
var extension = filenameutils.getextension(file.getoriginalfilename());
return stringutils.isnotblank(extension) && extensions.contains(extension.tolowercase());
}
}
public class filemaxsizevalidator implements constraintvalidator<validfilemaxsize, multipartfile> {
private long maxsizeinbytes;
@override
public void initialize(validfilemaxsize constraintannotation) {
maxsizeinbytes = constraintannotation.maxsize() * 1024 * 1024;
}
@override
public boolean isvalid(multipartfile file, constraintvalidatorcontext constraintvalidatorcontext) {
return file == null || file.isempty() || file.getsize() <= maxsizeinbytes;
}
}
@requiredargsconstructor
public class filemimetypevalidator implements constraintvalidator<validfilemimetype, multipartfile> {
private final tika tika;
private list<string> mimetypes;
@override
public void initialize(validfilemimetype constraintannotation) {
mimetypes = list.of(constraintannotation.mimetypes());
}
@sneakythrows
@override
public boolean isvalid(multipartfile file, constraintvalidatorcontext constraintvalidatorcontext) {
if (file == null || file.isempty()) {
return true;
}
var detect = tika.detect(tikainputstream.get(file.getinputstream()));
return mimetypes.contains(detect);
}
}
这些类是 constraintvalidator 接口的实现,包含实际的验证逻辑。
对于 filemimetypevalidator,我们将使用 apache tika(一个旨在从多种类型的文档中提取元数据和内容的工具包)。
让我们创建一个 testuploadrequest 类,用于处理文件上传,特别是 pdf 文件。
@data
public class testuploadrequest {
@notnull
@validfilemaxsize(maxsize = 10)
@validfileextension(extensions = {"pdf"})
@validfilemimetype(mimetypes = {"application/pdf"})
private multipartfile pdffile;
}
@restcontroller
@validated
@requestmapping("/test")
public class testcontroller {
@postmapping(value = "/upload", consumes = {mediatype.multipart_form_data_value})
public responseentity<string> testupload(@valid @modelattribute testuploadrequest request) {
return responseentity.ok("test upload");
}
}
还可以在类级别定义自定义验证注释来验证类内的字段组合。
让我们创建 @passwordmatches 注解来确保类中的两个密码字段匹配。
@target({elementtype.type})
@retention(retentionpolicy.runtime)
@documented
@constraint(
validatedby = {passwordmatchesvalidator.class}
)
public @interface passwordmatches {
string message() default "{constraints.passwordmatches.message}";
class<?>[] groups() default {};
class<? extends payload>[] payload() default {};
}
public interface passworddto {
string getpassword();
string getconfirmpassword();
}
public class passwordmatchesvalidator implements constraintvalidator<passwordmatches, passworddto> {
@override
public boolean isvalid(passworddto password, constraintvalidatorcontext constraintvalidatorcontext) {
return stringutils.equals(password.getpassword(), password.getconfirmpassword());
}
}
passworddto 接口是包含密码和确认密码字段的对象的接口。
passwordmatchesvalidator 类实现 constraintvalidator 接口,并包含验证密码和确认密码字段是否匹配的逻辑。
让我们创建一个 registeraccountrequest 类,用于处理用户注册数据。
@passwordmatches
@data
public class registeraccountrequest implements passworddto {
@notblank
private string username;
@notblank
@email
private string email;
@notblank
@tostring.exclude
private string password;
@notblank
@tostring.exclude
private string confirmpassword;
}
@RestController
@Validated
@RequestMapping("/auth")
public class AuthController {
@PostMapping("/register")
public ResponseEntity<String> register(@RequestBody @Valid RegisterAccountRequest request) {
return ResponseEntity.ok("register success");
}
}
在这篇短文中,我们发现创建自定义注释来验证字段或类是多么容易。本文中的代码可以在我的 github 上找到。
