You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@olingo.apache.org by Graham Pople <gr...@gmail.com> on 2015/03/20 09:58:50 UTC
Server-side validations
Hi,
I'm working on adding olingo 2 into my project currently, using the JPA
processor, and it's working great. But, I have JSR-349 validation
annotations that I want it to check before sending anything to the
database. E.g.:
@Entity
public class User {
// JSR-349 validation that this must be a valid email address
@Email(message = "Please provide your email address")
public String username;
...
}
I've gone through the code but can't see where I can hook in and run these
validation checks, and it's essential these be run. It's a security risk
to rely 100% on client-side validation, and some of the checks can't be put
into the database itself, e.g. that this field has to be a valid email
address. Can anyone help?
Re: Server-side validations
Posted by Graham Pople <gr...@gmail.com>.
Hi Chandan,
Thanks for the quick response. Yep I'm not requesting that the Olingo JPA
processor does the validations automatically for me, that's probably quite
a chunk of work and there can be a need for custom validation logic
sometimes.
I wasn't aware of the prePersist thing but after a quick look that seems to
do roughly what I need - thanks for the tip. I guess there's no way of
returning the validation failures back through OData though? So I could
display that on a form on the client-side?
regards,
Graham
On Fri, Mar 20, 2015 at 4:21 PM, V.A, Chandan <ch...@sap.com> wrote:
> Hello,
>
> Can these validations not be done in EntityListeners prePersist method
> for your use case as explained in JSR 338 – Java Persistence API 2.1
> Section 3.6?
>
> Because as of now there is no provision in Olingo JPA Processor library to
> do these validations. Olingo JPA Processor should adhere to section 3.6 of
> JSR 338 while doing validations and this is a new feature request. The
> feature request can be raised here -
> https://issues.apache.org/jira/browse/OLINGO
>
>
>
>
>
> Regards
>
> Chandan
>
>
>
> *From:* Graham Pople [mailto:grahampople@gmail.com]
> *Sent:* Friday, March 20, 2015 2:29 PM
> *To:* user@olingo.apache.org
> *Subject:* Server-side validations
>
>
>
> Hi,
>
> I'm working on adding olingo 2 into my project currently, using the JPA
> processor, and it's working great. But, I have JSR-349 validation
> annotations that I want it to check before sending anything to the
> database. E.g.:
>
> @Entity
> public class User {
>
> // JSR-349 validation that this must be a valid email address
>
> @Email(message = "Please provide your email address")
>
> public String username;
>
>
> ...
> }
>
> I've gone through the code but can't see where I can hook in and run these
> validation checks, and it's essential these be run. It's a security risk
> to rely 100% on client-side validation, and some of the checks can't be put
> into the database itself, e.g. that this field has to be a valid email
> address. Can anyone help?
>
RE: Server-side validations
Posted by "V.A, Chandan" <ch...@sap.com>.
Hello,
Can these validations not be done in EntityListeners prePersist method for your use case as explained in JSR 338 – Java Persistence API 2.1 Section 3.6?
Because as of now there is no provision in Olingo JPA Processor library to do these validations. Olingo JPA Processor should adhere to section 3.6 of JSR 338 while doing validations and this is a new feature request. The feature request can be raised here -https://issues.apache.org/jira/browse/OLINGO
Regards
Chandan
From: Graham Pople [mailto:grahampople@gmail.com]
Sent: Friday, March 20, 2015 2:29 PM
To: user@olingo.apache.org
Subject: Server-side validations
Hi,
I'm working on adding olingo 2 into my project currently, using the JPA processor, and it's working great. But, I have JSR-349 validation annotations that I want it to check before sending anything to the database. E.g.:
@Entity
public class User {
// JSR-349 validation that this must be a valid email address
@Email(message = "Please provide your email address")
public String username;
...
}
I've gone through the code but can't see where I can hook in and run these validation checks, and it's essential these be run. It's a security risk to rely 100% on client-side validation, and some of the checks can't be put into the database itself, e.g. that this field has to be a valid email address. Can anyone help?