0

We are using @PreAuthorize with dynamic value. and at the request model we used bean validation means @NotEmpty,...

Code of controller:

@RestController
@RequestMapping(value = "/../{id}/...")
@PreAuthorize("hasAuthority(#id+'abc')")
public class TestController {

    @Autowired
    SerivceAbc service;

    @PostMapping("/test")
    public ResponseEntity<Object> validate(@PathVariable String id,
            @Valid @RequestBody RequestModel Request,
            ContentCachingRequestWrapper requestWrapper) {
        return ResponseEntity.ok(service.abc(Request, requestWrapper));
    }

    @ResponseStatus(HttpStatus.BAD_REQUEST)
    @ExceptionHandler( MethodArgumentNotValidException.class)
    ResponseEntity<Object> handleValidationExceptions(MethodArgumentNotValidException ex,
            ContentCachingRequestWrapper requestWrapper) {
        ResponseModel invalidResponse = service.invalidResponse(ex,
                requestWrapper);
        return ResponseEntity.badRequest().body(invalidResponse);
    }

    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
    @ExceptionHandler(Exception.class)
    ResponseEntity<Object> handleValidationExceptions(Exception ex, ContentCachingRequestWrapper requestWrapper) {
        ResponseModel invalidResponse = service.invalidResponse(ex,
                requestWrapper);
        return ResponseEntity.badRequest().body(invalidDssReponse);
    }
}

In the above code id is a dynamic value that is working fine when we call \test API with passing valid fields

but whenever any bean validation is called at that time it's not calling handleValidationExceptions method because of dynamic id.

if I'm trying to pass id as a parameter of handleValidationExceptions method I'm getting error:

java.lang.IllegalStateException: Could not resolve parameter [2] in org.springframework.http.ResponseEntity<java.lang.Object> com.controller.TestController.handleValidationExceptions(org.springframework.web.bind.MethodArgumentNotValidException,org.springframework.web.util.ContentCachingRequestWrapper,java.lang.String): No suitable resolver

Can anyone please suggest how can we use @PreAuthorize (dynamic value) with exceptionhandler?

Ken Chan
  • 84,777
  • 26
  • 143
  • 172
M123
  • 1,203
  • 4
  • 14
  • 31

1 Answers1

0

If you want to access @PathVariable in the exception handler, you can simply register its HandlerMethodArgumentResolver in the ExceptionHandlerExceptionResolver :

@Configuration
public class Config implements WebMvcConfigurer {

    @Override
    public void extendHandlerExceptionResolvers(List<HandlerExceptionResolver> resolvers) {

        for(HandlerExceptionResolver resolver : resolvers){
            if(resolver instanceof ExceptionHandlerExceptionResolver e){
                e.getArgumentResolvers().addResolver(new PathVariableMethodArgumentResolver());
            }
        }
    }
}

Then change the @ExceptionHandler to :

@ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(MethodArgumentNotValidException.class)
ResponseEntity<Object> handleValidationExceptions(MethodArgumentNotValidException ex, @PathVariable String id) {
   
}
Ken Chan
  • 84,777
  • 26
  • 143
  • 172