Previously the backend identifier derived from the URI was set as identifier on the object to be created in a PUT request. However, in case a custom entity lookup is used, this is not the identifier but an arbitrary property pointed to through user defined code, mostly a method reference.
We now use the newly introduced MethodInvocationRecorder API in Spring Data Commons to be able to obtain the property that is supposed to be used and set that to the value calculated. This requires the entity type for which the custom lookup is configured to be non-final as the invocation recording is build on top of proxies.
Related tickets: DATACMNS-1449.
Adapted RepositoryRestMvcConfiguration to now create a shared fallback ObjectMapper and avoid to register it as Spring Bean. Adapted test cases that previously were relying on such a bean being present.
Adapted test cases to verify on the correct ALPS document structure (see spring-projects/spring-hateoas#665).
ExposureConfiguration exposes methods to register AggregateResourceHttpMethodsFilter and AssociationResourceHttpMethodsFilter (both applied by type or globally) to customize the supported HTTP methods by collection, item and association resources. It also provides shortcuts for common use cases like disabling PUT for item resources etc.
We now recommend to implement RepositoryRestConfigurer directly as its declared methods are now default methods. We also introduced a static factory method to easily create a configurer to customize RepositoryRestConfiguration via a Lambda expression.
Moved test case setups that use that deprecated API to the new one.
The default exposure of repository methods is now controlled via RepositoryRestConfiguration.setExposeRepositoryMethodsByDefault(…). That allows us to remove the additional API from RepositoryDetectionStrategy as the mere detection is an orthogonal topic.
Also added RepositoryRestConfiguration.disableDefaultExposure() to set the RepositoryDetectionStategy to ANNOTATED and disables default method exposure in one go. That can be exposed via a Spring Boot configuration property downstream.
Spring Framework 5.0.2 changes the default for the Allow-Credentials header to false. We now adapted our test case to that and also drop the expectation to see the request URL in the Allow-Origin header as that is only returned if Allow-Credentials is true, which it now isn't by default.
Additional cleanups in QuerydslAwareRootResourceInformationHandlerMethodArgumentResolver to make sure a QuerydslRepositoryInvokerAdapter is only applied if the QuerydslPredicateBuilder actually exposes a predicate. Extracted a couple of methods to make sure the mapping pipeline reads nicely.