Improved example headers to not expose we're referring to test code. Used inline code instead of bold for technical terms (HTTP methods, HTML attributes etc.).
Original pull request: #184.
Moved Spring Security specific dependencies to a dedicated profile in pom.xml. JavaDoc polishing. Removed assertions on the response message.
Original pull request: #171.
Added integration tests to verify Spring Data REST works with Spring Security as expected. Added method level security to sample repositories and verified HTTP responses to consider those.
Added some words on security configuration in the reference documentation. This is also demonstrated by some canonical samples found in [0].
Original pull request: #171.
[0] https://github.com/spring-projects/spring-data-examples/issues/21
We now forward the ApplicationContext as ResourceLoader into the SpelAwareProxyProjectionFactory to make sure we use the correct class loader in a Spring Boot Dev Tools environment.
Instead of using the PersistentEntityResource to obtain the ETag we now calculate headers based on the domain object and PersistentEntity upfront. This prevents the failure of trying to read the ETag from a potentially projected proxy.
Excerpt projections defined in @RepositoryRestResource had to be discoverable (i.e. located in a sub-package of the domain type). RepositoryRestMvcConfiguration now uses an newly introduced constructor of ProjectionDefinitionConfiguration that automatically registers all projects in the given ResourceMappings.
Updated existing unit tests to use setBasePath. Added extra assertion to setBasePath to guard against sending in a URI with a protocol.
Original pull request: #178.
The preparation of the JsonNode that we map onto the domain object now correctly looks up fields by their mapped names. Previously we accidentally checked the incoming JSON for fields with raw unmapped property names with caused fields invalid detected or not detected if a custom Jackson naming strategy was in place.
We now support augmenting elements of a collection resource by using POST which previously only worked with PATCH requests. Took the chance to clean up RepositoryPropertyReferenceController by quite a bit and refactor functionality to discover the supported HTTP methods for a PersistentProperty into RootResourceInformation.
Instead of rendering an empty _embedded document for empty collections and pages we now explicitly trigger the creations of an EmbeddedWrapper for that empty, collection to preserve the collection's element type.
Tweaked ResourceProcessorHandlerMethodReturnValueHandler to invoke ResourceProcessor instances for those empty collections, too. PRHMRVH now checks the assignability of the raw resource type before analyzing the value type for a match.
RepositorySearchController now adds additional self links for the list of searches and a search execution.
Previously, RepositoryRestMvcConfiguration exposed its two ResourceSupportHttpMessageConverter beans as MappingJackson2HttpMessageConverters. This made it impossible for Spring Boot support for conditional beans to identify that they were type-constrained and, therefore, were not a suitable replacement for a general-purpose Mapping Jackson2HttpMessageConverter bean.
This commit updates RepositoryRestMvcConfiguration to expose both of its Jackson message converters as TypeConstrinaedMappingJackson2HttpMessageConverter instances. This will also Spring Boot to identify that their converters are type-constrained so that it can continue to auto-configure its general purpose converter. This is important as it allows Boot to provide a converter that honors the user’s configuration rather than Spring MVC’s default converter which does not. See spring-projects/spring-boot#2914 for details.
Original pull request: #174.
Before replacing the remove operation with a custom one that nulls out the object, we check whether the JSON Pointer points to an array element. If that's the case we skip the replacement and proceed.
We now also handle HttpRequestMethodNotSupportedException and UnsatisfiedServletRequestParameterException and traverse the chain before eventually rejecting the mapping attempt with the last exception found.
Related tickets: DATAREST-409.
Extended the serialization capabilities to explicitly treat projection proxies by wrapping them into a ProjectionResource and collecting links for the target backing the projection if the target is an exported resource.
Added a module that repackages the webjar version of the HAL browser. The repackaging is necessary to be able to control the exposure of the browser dynamically and prevent Spring Boot's auto-exposure of webjars from kicking in.
Tweaked BasePathAwareHandlerMapping to default the Accept header to the one defined in the configuration if none is present in the request or */* is given. This will make sure we default to a JSON dialect in case no header is set.
Previously the link pointing to representation descriptors of associations neither pointed to the ALPS controller nor to the representation descriptor.
Added an UnwrappingRepositoryInvokerFactory that transparently unwraps JDK 8 and Guava Optionals to make sure the consuming code works with values or plain nulls correctly.
RepositorySearchesResource now exposes the domain type for whom the searches are listed to allow implementations of ResourceProcessor add links by type more easily.
We no correctly handle the customized association path if @RestResource is used on an association. Took the chance to refactor the resource mapping subsystem quite significantly to improve the handling of property mappings. Those had been externalized before.
A lot of cleanups in RepositoryRestExceptionHandler: prefer static methods where possible. Removed delegates where only one client was calling the method. Consistent argument ordering with optional (nullable) parameters last.
Silenced logging in unit tests for RepositoryRestExceptionHandler.
We now inspect If-None-Match and If-Modified-Since headers on GET requests to item resources and return 304 Not Modified if appropriate.
Disable rendering of version property in Jackson serializer as it's reflected in the ETag.
Related tickets: DATAREST-160, DATAREST-471.