We now explicitly manually merge array nodes that contain complex objects. Previously arrays would've been skipped and the subsequent Jackson update would wipe out all properties not contained in the original document even on PATCH requests.
Removed RepositoryRestConfiguration.addCorsMapping(…) as we currently don't have any other shortcut methods for configuration like this.
Tweaked the setup of (now Repository)CorsConfigurationAccessor to be created earlier so that we avoid recreation for every lookup. Introduced a NoOpStringValueResolver to be used by default so that we don't need to deal with the case of the resolver being null at the end of the call chain. Replaced constructor of RepositoryCorsConfigurationAccessor with corresponding Lombok annotation.
Updated reference documentation accordingly.
Original pull request: #233.
We now support CORS configuration mechanisms introduced in Spring 4.2. CORS can be configured on multiple levels: Repository interface, Repository REST controller and global level. Spring Data REST CORS configuration is isolated so Spring Web MVC'S CORS configuration does not apply to Spring Data REST resources.
Multiple configuration sources are merged so different aspects of CORS can be configured in separate locations.
@CrossOrigin
interface PersonRepository extends CrudRepository<Person, Long> {}
@RepositoryRestController
@RequestMapping("/person")
public class PersonController {
@CrossOrigin(maxAge = 3600)
@RequestMapping(method = RequestMethod.GET, "/xml/{id}", produces = MediaType.APPLICATION_XML_VALUE)
public Person retrieve(@PathVariable Long id) {
// ...
}
}
@Component
public class SpringDataRestCustomization extends RepositoryRestConfigurerAdapter {
@Override
public void configureRepositoryRestConfiguration(RepositoryRestConfiguration config) {
config.addCorsMapping("/person/**")
.allowedOrigins("http://domain2.com")
.allowedMethods("PUT", "DELETE")
.allowedHeaders("header1", "header2", "header3")
.exposedHeaders("header1", "header2")
.allowCredentials(false).maxAge(3600);
}
}
Previously, MappedProperties didn't handle Jackson properties correctly, that do not expose a PersistentProperty, e.g. transient ones. That led to potential nullPointerExceptions in clients as the guarding hasPersistentPropertyForField(…) still answered true, as the backing cache contained an entry with a null value. We now skip those properties completely.
We now resolve default configured Pageable without dropping them if their Sort is empty. Previously, any default Pageable was dropped if its Sort was empty which caused null being handed to controller methods of @RepositoryRestController instances.
Original pull request: #231.
Switched to use @RequiredArgsConstructor where possible. Slightly rearranged test cases. Inlined JacksonMappingAwareSortTranslator to not expose it as bean unless necessary. Use static Jackson BeanClassIntrospector to avoid unnecessary recreation.
Original pull request: #222.
We now consider Jackson field names when resolving Sort arguments. Domain model properties annotated with @JsonProperty("sales") can be specified by their Jackson-mapped field name in sort arguments. Field names are mapped to their according persistent property names to be used in repository query method sorting. Unknown field names are silently dropped.
Original pull request: #222.
We now use CollectionFactory.createApproximateMap(…) to avoid picking up persistence technology specific Map implementations that might cause issues (e.g. requiring a Session in the case of Hibernate).
Related tickets: DATAREST-864.
Previously, NestedEntitySerializer failed to handle Maps correctly as the logic to convert the found values to nested resources tried to handle the values as is, not explicitly looking at the values instead.
We now use an explicit code path to turn the values into resources so that links pointing to other resources are rendered correctly.
Original pull request: #219.
The previously static ObjectMapper used by JsonPatchPatchHandler now has to be provided by clients instantiating the handler.
Original pull request: #224.
PUT requests are supposed to replace the state of the resource with the request payload. However, Spring Data REST already handles a couple of domain object propoerties in a special way as theri values map to dedicated HTTP features: identifiers (URIs), last-modified dates (header) etc.
For users, it might be worthwhile to exclude other properties from being set by applying the payload, like properties that are completely under the control of the server, e.g. creation user and date, last modifying user etc. So far, users didn't have any means to exclude those properties as the handling of PUT requests treated every missing property of the payload as null value.
DomainObjectMerger now checks whether a property is actually writable before applying the implicit null value. The application can be disabled by annotation a property with @ReadOnlyProperty.
Previously, RepositoryRestMvcConfiguration declared a BeanPostProcessor instance in a non-static bean factory method. That required Spring to instantiate the configuration class and keeping it in uninitialized state, which could in turn cause issues downstream.
We now use a static method so that the container can obtain the bean instance without having to create an instance of the configuration class and thus deferring its initialization.
Spring 4.3's HeaderContentNegotiationStrategy switched from looking up the Accept header via the method returning a single (potentially comma separated) one to the method returning multiple headers in the first place. We now added an override of HttpServletRequestWrapper.getHeaders(…) to out custom adapter defaulting the media type to make sure the defaulting is visible and thus the right handler methods are looked up.
That previously missing caused the DelegatingHandlerMapping selecting the redirect to the HAL browser in case a request to the API root was sent without an accept header as the defaulting of the header to application/hal+json wasn't properly exposed anymore and the redirect to the browser — declaring a produces clause of text/html — was not causing any media type mismatch anymore.
Previously we handed the original entity to the AfterSaveEvent. This should work in most cases but actually repositories are allowed to return a completely different instance so that we now hand over the instance returned by the repository interaction to avoid potentially occurring issues.
Deprecated the ResourceProcessor invoking infrastructure in place here in favor of the types moved to Spring HATEOAS. Refactored our codebase to make use of these newly introduced types right away.
Related tickets: spring-projects/spring-hateoas#362.
We now forward the AutowireCapableBeanFactory contained in the ApplicationContext to the HalHandlerInstantiator to make sure Jackson components can use dependency injection to access Spring managed beans.
Upgraded to Spring HATEOAS 0.21 snapshots to see the changes necessary in HalHandlerInstantiator.
Related ticket: spring-projects/spring-hateoas#460.
A refactoring in the course of the 2.5 development dropped the application of explicit projection in case of excerpts being requested. This particularly applies to collection resources with explicit projection requests which need to get the explicit projection applied over the default excerpt projection potentially registered.
This is now fixed by the explicitly selected projection (if existing) always trumping the excerpt one.
Changed the implementation of ValidationErrors to be based on AbstractBeanPropertyBindingResult to consider the nesting implemented in superclasses and using a PersistentPropertyAccessor to lookup the property values.
ValidatingRepositoryEventListener now uses this implementation if a PersistentEntity can be obtained for the type under consideration, falling back to a DirectFieldBindingResult otherwise.
Until now, the controller handling a PUT request for an item resource defensively tried to set the identifier of the entity to update to guard against request payloads accidentally modifying the identifier of entities to be uploaded by using the raw identifier from the URI. Through the introduction of customized entity lookups this isn't necessarily the actual entity identifier anymore.
We now apply this defensive logic in the argument resolver for the incoming PersistentEntityResource where we have access to the object to update, can lookup the actual identifier directly and set it back after Jackson has applied the request body to the object to update.
Related tickets: DATAREST-724.
RepositoryPropertyReferenceController now uses a RepositoryInvoker instead of the ConversionService so that potentially applied customized entity lookups are considered during that lookup.
Extracted HttpHeadersPreparer to remove functionality and dependencies from the commons superclass of all Spring Data REST controllers in favor of a dedicated type.
Related tickets: DATAREST-724.
Upgraded to JSONPath 1.1.0 as 0.9 is not supported with Spring 4.2 anymore. Tweaked integration tests due to changed semantics and internals of JSONPath >= 1.0.
Extracted store specific tests into separate test modules to prevent classpath overlap between projects. Those tests are now executed in an "it" build profile to prevent the tests being packaged for distribution on release.
Use Map-based repositories and mapping contexts for test in the Core and WebMvc module.
Slightly changed the configuration API for lookup types on RepositoryRestConfiguration.
Related ticket: DATAREST-776.
Tweaked custom Jackson serialization to make sure nested entities are rendered as resources so that links to related resources can be collected on nested levels as well.
Extracted EmbeddedResourcesAssembler from PersistentEntityResourceAssembler so that embedded resources can also be build for nested entities. Extracted a ResourceProcessorInvoker from ResourceProcessorHandlerMethodReturnValueHandler to allow ResourceSupport instances created for nested entities get the ResourceProcessor instance registered for them invoked as well.
ProjectionDefinitionRegistrar now also allows the domain type of a repository being registered as excerpt, too.
Related tickets: DATAREST-776.
Added required solr.xml and moved core.properties to new location. Additionally registered a CloseHook to prevent SolrCore.close() failures.
Original pull request: #209.