Struts(二十四):短路验证&重写实现转换验证失败时短路&非字段验证
短路验证:
若对一个字段使用多个验证器,默认情况下会执行所有的验证。若希望前面的验证器没有通过,后面的验证器就不再执行,可以使用短路验证。
1、如下拦截器,如果输入字符串,提交表单后,默认是会出现三个错误:字段转换失败、conversion验证失败、取值范围失败。
<!DOCTYPE validators PUBLIC
"-//Apache Struts//XWork Validator 1.0.2//EN"
"http://struts.apache.org/dtds/xwork-validator-1.0.2.dtd"> <validators>
<field name="age">
<field-validator type="conversion">
<message>Conversion error!</message>
</field-validator>
<field-validator type="int">
<param name="max">180</param>
<param name="min">1</param>
<message key="ageErrorMsg"></message>
</field-validator>
</field>
</validators>
2、如果使用短路验证,则如果输入字符串,提交表单后,默认是会出现两个错误:字段转换失败、conversion验证失败。
<!DOCTYPE validators PUBLIC
"-//Apache Struts//XWork Validator 1.0.2//EN"
"http://struts.apache.org/dtds/xwork-validator-1.0.2.dtd"> <validators>
<field name="age">
<field-validator type="conversion" short-circuit="true">
<message>Conversion error!</message>
</field-validator>
<field-validator type="int">
<param name="max">180</param>
<param name="min">1</param>
<message key="ageErrorMsg"></message>
</field-validator>
</field>
</validators>
重写实现转换失败时短路:
若类型转换失败,默认情况下会执行后边的额拦截器,还会进行验证。可以通过修改ConversionErrorInterceptor源代码的方式,实现当类型转换失败时,不再执行后边的验证拦截器,从而直接返回input的result。
从上边的例子中我们知道,只要我们输入的字段类型不合法必定会在错误信息中包含示:类型转换失败错误信息。
那么,怎么避免这个错误信息呢?
首先,从struts2-core.jar根目录下的struts-default.xml中的default-stack(默认拦截器栈)中我们得知,类型转化是通过params(com.opensymphony.xwork2.interceptor.ParametersInterceptor
* Copyright 2002-2007,2009 The Apache Software Foundation.
package com.opensymphony.xwork2.interceptor; import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.security.AcceptedPatternsChecker;
import com.opensymphony.xwork2.security.ExcludedPatternsChecker;
import com.opensymphony.xwork2.ValidationAware;
import com.opensymphony.xwork2.XWorkConstants;
import com.opensymphony.xwork2.conversion.impl.InstantiatingNullHandler;
import com.opensymphony.xwork2.conversion.impl.XWorkConverter;
import com.opensymphony.xwork2.inject.Inject;
import com.opensymphony.xwork2.util.ClearableValueStack;
import com.opensymphony.xwork2.util.LocalizedTextUtil;
import com.opensymphony.xwork2.util.MemberAccessValueStack;
import com.opensymphony.xwork2.util.ValueStack;
import com.opensymphony.xwork2.util.ValueStackFactory;
import com.opensymphony.xwork2.util.logging.Logger;
import com.opensymphony.xwork2.util.logging.LoggerFactory;
import com.opensymphony.xwork2.util.reflection.ReflectionContextState; import java.util.Collection;
import java.util.Comparator;
import java.util.Map;
import java.util.TreeMap; /**
* <!-- START SNIPPET: description -->
* This interceptor sets all parameters on the value stack.
*
* This interceptor gets all parameters from {@link ActionContext#getParameters()} and sets them on the value stack by
* calling {@link ValueStack#setValue(String, Object)}, typically resulting in the values submitted in a form
* request being applied to an action in the value stack. Note that the parameter map must contain a String key and
* often containers a String[] for the value.
*
* The interceptor takes one parameter named 'ordered'. When set to true action properties are guaranteed to be
* set top-down which means that top action's properties are set first. Then it's subcomponents properties are set.
* The reason for this order is to enable a 'factory' pattern. For example, let's assume that one has an action
* that contains a property named 'modelClass' that allows to choose what is the underlying implementation of model.
* By assuring that modelClass property is set before any model properties are set, it's possible to choose model
* implementation during action.setModelClass() call. Similiarily it's possible to use action.setPrimaryKey()
* property set call to actually load the model class from persistent storage. Without any assumption on parameter
* order you have to use patterns like 'Preparable'.
*
* Because parameter names are effectively OGNL statements, it is important that security be taken in to account.
* This interceptor will not apply any values in the parameters map if the expression contains an assignment (=),
* multiple expressions (,), or references any objects in the context (#). This is all done in the {@link
* #acceptableName(String)} method. In addition to this method, if the action being invoked implements the {@link
* ParameterNameAware} interface, the action will be consulted to determine if the parameter should be set.
*
* In addition to these restrictions, a flag ({@link ReflectionContextState#DENY_METHOD_EXECUTION}) is set such that
* no methods are allowed to be invoked. That means that any expression such as <i>person.doSomething()</i> or
* <i>person.getName()</i> will be explicitely forbidden. This is needed to make sure that your application is not
* exposed to attacks by malicious users.
*
* While this interceptor is being invoked, a flag ({@link ReflectionContextState#CREATE_NULL_OBJECTS}) is turned
* on to ensure that any null reference is automatically created - if possible. See the type conversion documentation
* and the {@link InstantiatingNullHandler} javadocs for more information.
*
* Finally, a third flag ({@link XWorkConverter#REPORT_CONVERSION_ERRORS}) is set that indicates any errors when
* converting the the values to their final data type (String[] -> int) an unrecoverable error occured. With this
* flag set, the type conversion errors will be reported in the action context. See the type conversion documentation
* and the {@link XWorkConverter} javadocs for more information.
*
* If you are looking for detailed logging information about your parameters, turn on DEBUG level logging for this
* interceptor. A detailed log of all the parameter keys and values will be reported.
*
* <b>Note:</b> Since XWork 2.0.2, this interceptor extends {@link MethodFilterInterceptor}, therefore being
* able to deal with excludeMethods / includeMethods parameters. See [Workflow Interceptor]
* (class {@link DefaultWorkflowInterceptor}) for documentation and examples on how to use this feature.
* <!-- END SNIPPET: description -->
*
* <u>Interceptor parameters:</u>
*
* <!-- START SNIPPET: parameters -->
*
* <ul>
* <li>ordered - set to true if you want the top-down property setter behaviour</li>
* <li>acceptParamNames - a comma delimited list of regular expressions to describe a whitelist of accepted parameter names.
* Don't change the default unless you know what you are doing in terms of security implications</li>
* <li>excludeParams - a comma delimited list of regular expressions to describe a blacklist of not allowed parameter names</li>
* <li>paramNameMaxLength - the maximum length of parameter names; parameters with longer names will be ignored; the default is 100 characters</li>
* </ul>
*
* <!-- END SNIPPET: parameters -->
*
* <u>Extending the interceptor:</u>
*
* <!-- START SNIPPET: extending -->
*
* The best way to add behavior to this interceptor is to utilize the {@link ParameterNameAware} interface in your
* actions. However, if you wish to apply a global rule that isn't implemented in your action, then you could extend
* this interceptor and override the {@link #acceptableName(String)} method.
*
* <!-- END SNIPPET: extending -->
*
*
* <!-- START SNIPPET: extending-warning -->
* Using {@link ParameterNameAware} could be dangerous as {@link ParameterNameAware#acceptableParameterName(String)} takes precedence
* over ParametersInterceptor which means if ParametersInterceptor excluded given parameter name you can accept it with
* {@link ParameterNameAware#acceptableParameterName(String)}.
*
* The best idea is to define very tight restrictions with ParametersInterceptor and relax them per action with
* {@link ParameterNameAware#acceptableParameterName(String)}
* <!-- END SNIPPET: extending-warning -->
*
*
* <u>Example code:</u>
*
* <pre>
* <!-- START SNIPPET: example -->
* <action name="someAction" class="com.examples.SomeAction">
* <interceptor-ref name="params"/>
* <result name="success">good_result.ftl</result>
* </action>
* <!-- END SNIPPET: example -->
* </pre>
*
* @author Patrick Lightbody
*/
public class ParametersInterceptor extends MethodFilterInterceptor { private static final Logger LOG = LoggerFactory.getLogger(ParametersInterceptor.class); protected static final int PARAM_NAME_MAX_LENGTH = 100; private int paramNameMaxLength = PARAM_NAME_MAX_LENGTH;
private boolean devMode = false; protected boolean ordered = false; private ValueStackFactory valueStackFactory;
private ExcludedPatternsChecker excludedPatterns;
private AcceptedPatternsChecker acceptedPatterns; @Inject
public void setValueStackFactory(ValueStackFactory valueStackFactory) {
this.valueStackFactory = valueStackFactory;
} @Inject(XWorkConstants.DEV_MODE)
public void setDevMode(String mode) {
devMode = "true".equalsIgnoreCase(mode);
} @Inject
public void setExcludedPatterns(ExcludedPatternsChecker excludedPatterns) {
this.excludedPatterns = excludedPatterns;
} @Inject
public void setAcceptedPatterns(AcceptedPatternsChecker acceptedPatterns) {
this.acceptedPatterns = acceptedPatterns;
} /**
* If the param name exceeds the configured maximum length it will not be
* accepted.
*
* @param paramNameMaxLength Maximum length of param names
*/
public void setParamNameMaxLength(int paramNameMaxLength) {
this.paramNameMaxLength = paramNameMaxLength;
} static private int countOGNLCharacters(String s) {
int count = 0;
for (int i = s.length() - 1; i >= 0; i--) {
char c = s.charAt(i);
if (c == '.' || c == '[') count++;
}
return count;
} /**
* Compares based on number of '.' and '[' characters (fewer is higher)
*/
static final Comparator<String> rbCollator = new Comparator<String>() {
public int compare(String s1, String s2) {
int l1 = countOGNLCharacters(s1),
l2 = countOGNLCharacters(s2);
return l1 < l2 ? -1 : (l2 < l1 ? 1 : s1.compareTo(s2));
} }; @Override
public String doIntercept(ActionInvocation invocation) throws Exception {
Object action = invocation.getAction();
if (!(action instanceof NoParameters)) {
ActionContext ac = invocation.getInvocationContext();
final Map<String, Object> parameters = retrieveParameters(ac); if (LOG.isDebugEnabled()) {
LOG.debug("Setting params " + getParameterLogMap(parameters));
} if (parameters != null) {
Map<String, Object> contextMap = ac.getContextMap();
try {
ReflectionContextState.setCreatingNullObjects(contextMap, true);
ReflectionContextState.setDenyMethodExecution(contextMap, true);
ReflectionContextState.setReportingConversionErrors(contextMap, true); ValueStack stack = ac.getValueStack();
setParameters(action, stack, parameters);
} finally {
ReflectionContextState.setCreatingNullObjects(contextMap, false);
ReflectionContextState.setDenyMethodExecution(contextMap, false);
ReflectionContextState.setReportingConversionErrors(contextMap, false);
}
}
}
return invocation.invoke();
} /**
* Gets the parameter map to apply from wherever appropriate
*
* @param ac The action context
* @return The parameter map to apply
*/
protected Map<String, Object> retrieveParameters(ActionContext ac) {
return ac.getParameters();
} /**
* Adds the parameters into context's ParameterMap
*
* @param ac The action context
* @param newParams The parameter map to apply
* <p/>
* In this class this is a no-op, since the parameters were fetched from the same location.
* In subclasses both retrieveParameters() and addParametersToContext() should be overridden.
*/
protected void addParametersToContext(ActionContext ac, Map<String, Object> newParams) {
} protected void setParameters(final Object action, ValueStack stack, final Map<String, Object> parameters) {
Map<String, Object> params;
Map<String, Object> acceptableParameters;
if (ordered) {
params = new TreeMap<String, Object>(getOrderedComparator());
acceptableParameters = new TreeMap<String, Object>(getOrderedComparator());
params.putAll(parameters);
} else {
params = new TreeMap<String, Object>(parameters);
acceptableParameters = new TreeMap<String, Object>();
} for (Map.Entry<String, Object> entry : params.entrySet()) {
String name = entry.getKey();
Object value = entry.getValue();
if (isAcceptableParameter(name, action)) {
acceptableParameters.put(name, entry.getValue());
}
} ValueStack newStack = valueStackFactory.createValueStack(stack);
boolean clearableStack = newStack instanceof ClearableValueStack;
if (clearableStack) {
//if the stack's context can be cleared, do that to prevent OGNL
//from having access to objects in the stack, see XW-641
((ClearableValueStack)newStack).clearContextValues();
Map<String, Object> context = newStack.getContext();
ReflectionContextState.setCreatingNullObjects(context, true);
ReflectionContextState.setDenyMethodExecution(context, true);
ReflectionContextState.setReportingConversionErrors(context, true); //keep locale from original context
context.put(ActionContext.LOCALE, stack.getContext().get(ActionContext.LOCALE));
} boolean memberAccessStack = newStack instanceof MemberAccessValueStack;
if (memberAccessStack) {
//block or allow access to properties
//see WW-2761 for more details
MemberAccessValueStack accessValueStack = (MemberAccessValueStack) newStack;
accessValueStack.setAcceptProperties(acceptedPatterns.getAcceptedPatterns());
accessValueStack.setExcludeProperties(excludedPatterns.getExcludedPatterns());
} for (Map.Entry<String, Object> entry : acceptableParameters.entrySet()) {
String name = entry.getKey();
Object value = entry.getValue();
try {
newStack.setParameter(name, value);
} catch (RuntimeException e) {
if (devMode) {
notifyDeveloperParameterException(action, name, e.getMessage());
}
}
} if (clearableStack && (stack.getContext() != null) && (newStack.getContext() != null))
stack.getContext().put(ActionContext.CONVERSION_ERRORS, newStack.getContext().get(ActionContext.CONVERSION_ERRORS)); addParametersToContext(ActionContext.getContext(), acceptableParameters);
} protected void notifyDeveloperParameterException(Object action, String property, String message) {
String developerNotification = LocalizedTextUtil.findText(ParametersInterceptor.class, "devmode.notification",
ActionContext.getContext().getLocale(), "Developer Notification:\n{0}",
new Object[]{
"Unexpected Exception caught setting '" + property + "' on '" + action.getClass() + ": " + message
}
);
LOG.error(developerNotification);
// see https://issues.apache.org/jira/browse/WW-4066
if (action instanceof ValidationAware) {
Collection<String> messages = ((ValidationAware) action).getActionMessages();
messages.add(message);
((ValidationAware) action).setActionMessages(messages);
}
} /**
* Checks if name of parameter can be accepted or thrown away
*
* @param name parameter name
* @param action current action
* @return true if parameter is accepted
*/
protected boolean isAcceptableParameter(String name, Object action) {
ParameterNameAware parameterNameAware = (action instanceof ParameterNameAware) ? (ParameterNameAware) action : null;
return acceptableName(name) && (parameterNameAware == null || parameterNameAware.acceptableParameterName(name));
} /**
* Gets an instance of the comparator to use for the ordered sorting. Override this
* method to customize the ordering of the parameters as they are set to the
* action.
*
* @return A comparator to sort the parameters
*/
protected Comparator<String> getOrderedComparator() {
return rbCollator;
} protected String getParameterLogMap(Map<String, Object> parameters) {
if (parameters == null) {
return "NONE";
} StringBuilder logEntry = new StringBuilder();
for (Map.Entry entry : parameters.entrySet()) {
logEntry.append(String.valueOf(entry.getKey()));
logEntry.append(" => ");
if (entry.getValue() instanceof Object[]) {
Object[] valueArray = (Object[]) entry.getValue();
logEntry.append("[ ");
if (valueArray.length > 0 ) {
for (int indexA = 0; indexA < (valueArray.length - 1); indexA++) {
Object valueAtIndex = valueArray[indexA];
logEntry.append(String.valueOf(valueAtIndex));
logEntry.append(", ");
}
logEntry.append(String.valueOf(valueArray[valueArray.length - 1]));
}
logEntry.append(" ] ");
} else {
logEntry.append(String.valueOf(entry.getValue()));
}
} return logEntry.toString();
} protected boolean acceptableName(String name) {
boolean accepted = isWithinLengthLimit(name) && !isExcluded(name) && isAccepted(name);
if (devMode && accepted) { // notify only when in devMode
LOG.debug("Parameter [#0] was accepted and will be appended to action!", name);
}
return accepted;
} protected boolean isWithinLengthLimit( String name ) {
boolean matchLength = name.length() <= paramNameMaxLength;
if (!matchLength) {
notifyDeveloper("Parameter [#0] is too long, allowed length is [#1]", name, String.valueOf(paramNameMaxLength));
}
return matchLength;
} protected boolean isAccepted(String paramName) {
AcceptedPatternsChecker.IsAccepted result = acceptedPatterns.isAccepted(paramName);
if (result.isAccepted()) {
return true;
}
notifyDeveloper("Parameter [#0] didn't match accepted pattern [#1]!", paramName, result.getAcceptedPattern());
return false;
} protected boolean isExcluded(String paramName) {
ExcludedPatternsChecker.IsExcluded result = excludedPatterns.isExcluded(paramName);
if (result.isExcluded()) {
notifyDeveloper("Parameter [#0] matches excluded pattern [#1]!", paramName, result.getExcludedPattern());
return true;
}
return false;
} private void notifyDeveloper(String message, String... parameters) {
if (devMode) {
LOG.warn(message, parameters);
} else {
if (LOG.isDebugEnabled()) {
LOG.debug(message, parameters);
}
}
} /**
* Whether to order the parameters or not
*
* @return True to order
*/
public boolean isOrdered() {
return ordered;
} /**
* Set whether to order the parameters by object depth or not
*
* @param ordered True to order them
*/
public void setOrdered(boolean ordered) {
this.ordered = ordered;
} /**
* Sets a comma-delimited list of regular expressions to match
* parameters that are allowed in the parameter map (aka whitelist).
* <p/>
* Don't change the default unless you know what you are doing in terms
* of security implications.
*
* @param commaDelim A comma-delimited list of regular expressions
*/
public void setAcceptParamNames(String commaDelim) {
acceptedPatterns.setAcceptedPatterns(commaDelim);
} /**
* Sets a comma-delimited list of regular expressions to match
* parameters that should be removed from the parameter map.
*
* @param commaDelim A comma-delimited list of regular expressions
*/
public void setExcludeParams(String commaDelim) {
excludedPatterns.setExcludedPatterns(commaDelim);
} }
)拦截器来实现的,而类型转化失败信息是被conversionError(org.apache.struts2.interceptor.StrutsConversionErrorInterceptor,它的父类是com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor
/*
* Copyright 2002-2007,2009 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.opensymphony.xwork2.interceptor; import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.ValidationAware;
import com.opensymphony.xwork2.conversion.impl.XWorkConverter;
import com.opensymphony.xwork2.util.ValueStack;
import org.apache.commons.lang3.StringEscapeUtils; import java.util.HashMap;
import java.util.Map; /**
* <!-- START SNIPPET: description -->
* ConversionErrorInterceptor adds conversion errors from the ActionContext to the Action's field errors.
*
* <p/>
* This interceptor adds any error found in the {@link ActionContext}'s conversionErrors map as a field error (provided
* that the action implements {@link ValidationAware}). In addition, any field that contains a validation error has its
* original value saved such that any subsequent requests for that value return the original value rather than the value
* in the action. This is important because if the value "abc" is submitted and can't be converted to an int, we want to
* display the original string ("abc") again rather than the int value (likely 0, which would make very little sense to
* the user).
*
*
* <!-- END SNIPPET: description -->
*
* <p/> <u>Interceptor parameters:</u>
*
* <!-- START SNIPPET: parameters -->
*
* <ul>
*
* <li>None</li>
*
* </ul>
*
* <!-- END SNIPPET: parameters -->
*
* <p/> <u>Extending the interceptor:</u>
*
* <p/>
*
* <!-- START SNIPPET: extending -->
*
* Because this interceptor is not web-specific, it abstracts the logic for whether an error should be added. This
* allows for web-specific interceptors to use more complex logic in the {@link #shouldAddError} method for when a value
* has a conversion error but is null or empty or otherwise indicates that the value was never actually entered by the
* user.
*
* <!-- END SNIPPET: extending -->
*
* <p/> <u>Example code:</u>
*
* <pre>
* <!-- START SNIPPET: example -->
* <action name="someAction" class="com.examples.SomeAction">
* <interceptor-ref name="params"/>
* <interceptor-ref name="conversionError"/>
* <result name="success">good_result.ftl</result>
* </action>
* <!-- END SNIPPET: example -->
* </pre>
*
* @author Jason Carreira
*/
public class ConversionErrorInterceptor extends AbstractInterceptor { public static final String ORIGINAL_PROPERTY_OVERRIDE = "original.property.override"; protected Object getOverrideExpr(ActionInvocation invocation, Object value) {
return escape(value);
} protected String escape(Object value) {
return "\"" + StringEscapeUtils.escapeJava(String.valueOf(value)) + "\"";
} @Override
public String intercept(ActionInvocation invocation) throws Exception { ActionContext invocationContext = invocation.getInvocationContext();
Map<String, Object> conversionErrors = invocationContext.getConversionErrors();
ValueStack stack = invocationContext.getValueStack(); HashMap<Object, Object> fakie = null; for (Map.Entry<String, Object> entry : conversionErrors.entrySet()) {
String propertyName = entry.getKey();
Object value = entry.getValue(); if (shouldAddError(propertyName, value)) {
String message = XWorkConverter.getConversionErrorMessage(propertyName, stack); Object action = invocation.getAction();
if (action instanceof ValidationAware) {
ValidationAware va = (ValidationAware) action;
va.addFieldError(propertyName, message);
} if (fakie == null) {
fakie = new HashMap<Object, Object>();
} fakie.put(propertyName, getOverrideExpr(invocation, value));
}
} if (fakie != null) {
// if there were some errors, put the original (fake) values in place right before the result
stack.getContext().put(ORIGINAL_PROPERTY_OVERRIDE, fakie);
invocation.addPreResultListener(new PreResultListener() {
public void beforeResult(ActionInvocation invocation, String resultCode) {
Map<Object, Object> fakie = (Map<Object, Object>) invocation.getInvocationContext().get(ORIGINAL_PROPERTY_OVERRIDE); if (fakie != null) {
invocation.getStack().setExprOverrides(fakie);
}
}
});
}
return invocation.invoke();
} protected boolean shouldAddError(String propertyName, Object value) {
return true;
}
}
)拦截器处理的。因此,我们要处理上边的错误信息,必须从conversionError拦截器下手,来修改其源代码才可以解决上边提到的问题。
在工程src下创建com.opensymphony.xwork2.interceptor包,在该包下创建ConversionErrorInterceptor.java类,把com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor源代码拷贝到新建类中,修改类文件如下:
/*
* Copyright 2002-2007,2009 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.opensymphony.xwork2.interceptor; import com.opensymphony.xwork2.Action;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.ValidationAware;
import com.opensymphony.xwork2.conversion.impl.XWorkConverter;
import com.opensymphony.xwork2.util.ValueStack;
import org.apache.commons.lang3.StringEscapeUtils; import java.util.HashMap;
import java.util.Map; /**
* <!-- START SNIPPET: description --> ConversionErrorInterceptor adds
* conversion errors from the ActionContext to the Action's field errors.
*
* <p/>
* This interceptor adds any error found in the {@link ActionContext}'s
* conversionErrors map as a field error (provided that the action implements
* {@link ValidationAware}). In addition, any field that contains a validation
* error has its original value saved such that any subsequent requests for that
* value return the original value rather than the value in the action. This is
* important because if the value "abc" is submitted and can't be converted to
* an int, we want to display the original string ("abc") again rather than the
* int value (likely 0, which would make very little sense to the user).
*
*
* <!-- END SNIPPET: description -->
*
* <p/>
* <u>Interceptor parameters:</u>
*
* <!-- START SNIPPET: parameters -->
*
* <ul>
*
* <li>None</li>
*
* </ul>
*
* <!-- END SNIPPET: parameters -->
*
* <p/>
* <u>Extending the interceptor:</u>
*
* <p/>
*
* <!-- START SNIPPET: extending -->
*
* Because this interceptor is not web-specific, it abstracts the logic for
* whether an error should be added. This allows for web-specific interceptors
* to use more complex logic in the {@link #shouldAddError} method for when a
* value has a conversion error but is null or empty or otherwise indicates that
* the value was never actually entered by the user.
*
* <!-- END SNIPPET: extending -->
*
* <p/>
* <u>Example code:</u>
*
* <pre>
* <!-- START SNIPPET: example -->
* <action name="someAction" class="com.examples.SomeAction">
* <interceptor-ref name="params"/>
* <interceptor-ref name="conversionError"/>
* <result name="success">good_result.ftl</result>
* </action>
* <!-- END SNIPPET: example -->
* </pre>
*
* @author Jason Carreira
*/
public class ConversionErrorInterceptor extends AbstractInterceptor { public static final String ORIGINAL_PROPERTY_OVERRIDE = "original.property.override"; protected Object getOverrideExpr(ActionInvocation invocation, Object value) {
return escape(value);
} protected String escape(Object value) {
return "\"" + StringEscapeUtils.escapeJava(String.valueOf(value)) + "\"";
} @Override
public String intercept(ActionInvocation invocation) throws Exception { ActionContext invocationContext = invocation.getInvocationContext();
Map<String, Object> conversionErrors = invocationContext.getConversionErrors();
ValueStack stack = invocationContext.getValueStack(); HashMap<Object, Object> fakie = null; for (Map.Entry<String, Object> entry : conversionErrors.entrySet()) {
String propertyName = entry.getKey();
Object value = entry.getValue(); if (shouldAddError(propertyName, value)) {
String message = XWorkConverter.getConversionErrorMessage(propertyName, stack); Object action = invocation.getAction();
if (action instanceof ValidationAware) {
ValidationAware va = (ValidationAware) action;
va.addFieldError(propertyName, message);
} if (fakie == null) {
fakie = new HashMap<Object, Object>();
} fakie.put(propertyName, getOverrideExpr(invocation, value));
}
} if (fakie != null) {
// if there were some errors, put the original (fake) values in
// place right before the result
stack.getContext().put(ORIGINAL_PROPERTY_OVERRIDE, fakie);
invocation.addPreResultListener(new PreResultListener() {
public void beforeResult(ActionInvocation invocation, String resultCode) {
Map<Object, Object> fakie = (Map<Object, Object>) invocation.getInvocationContext()
.get(ORIGINAL_PROPERTY_OVERRIDE); if (fakie != null) {
invocation.getStack().setExprOverrides(fakie);
}
}
});
} Object action = invocation.getAction();
if (action instanceof ValidationAware) {
ValidationAware validationAware = (ValidationAware) action;
if (validationAware.hasFieldErrors() || validationAware.hasActionErrors()) {
return "input";
}
} return invocation.invoke();
} protected boolean shouldAddError(String propertyName, Object value) {
return true;
}
}
主要修改intercept方法,在返回值之前添加代码:
Object action = invocation.getAction();
if (action instanceof ValidationAware) {
ValidationAware validationAware = (ValidationAware) action;
if (validationAware.hasFieldErrors() || validationAware.hasActionErrors()) {
return "input";
}
}
return invocation.invoke();
基于短路验证和上边代码修改,则如果输入字符串,提交表单后,默认是会出现一个错误:字段转换失败。
非字段验证:
示例:验证密码和确认密码是否一直。
index.jsp
<s:actionerror />
<s:form action="myValidation" method="post">
<s:password name="password" label="Password"></s:password>
<s:password name="password1" label="Password1"></s:password>
<s:submit label="Submit"></s:submit>
</s:form>
MyValidationAction.java
package com.dx.struts2.myvalidations;
import com.opensymphony.xwork2.ActionSupport;
public class MyValidationAction extends ActionSupport {
private static final long serialVersionUID = 1L;
private String password;
private String password1;
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getPassword1() {
return password1;
}
public void setPassword1(String password1) {
this.password1 = password1;
}
@Override
public String execute() throws Exception {
System.out.println("execute...");
return SUCCESS;
}
}
MyValidationAction-myValidation-validation.xml
<!DOCTYPE validators PUBLIC
"-//Apache Struts//XWork Validator 1.0.2//EN"
"http://struts.apache.org/dtds/xwork-validator-1.0.2.dtd"> <validators> <validator type="expression">
<param name="expression"><![CDATA[password==password1]]></param>
<message>Password is not equals Password1</message>
</validator>
</validators>
Struts(二十四):短路验证&重写实现转换验证失败时短路&非字段验证的更多相关文章
- 二十四、Struts2中的UI标签
二十四.Struts2中的UI标签 Struts2中UI标签的优势: 数据回显 页面布局和排版(Freemark),struts2提供了一些常用的排版(主题:xhtml默认 simple ajax) ...
- VMware vSphere 服务器虚拟化之二十四 桌面虚拟化之手动池管理物理机
VMware vSphere 服务器虚拟化之二十四 桌面虚拟化之手动池管理物理机 VMwareView手动池可以管理物理计算机 说明: 环境基于实验二十三 1.准备一台Windows 7的物理计算机名 ...
- 二十四. Python基础(24)--封装
二十四. Python基础(24)--封装 ● 知识结构 ● 类属性和__slots__属性 class Student(object): grade = 3 # 也可以写在__slots ...
- (C/C++学习笔记) 二十四. 知识补充
二十四. 知识补充 ● 子类调用父类构造函数 ※ 为什么子类要调用父类的构造函数? 因为子类继承父类,会继承到父类中的数据,所以子类在进行对象初始化时,先调用父类的构造函数,这就是子类的实例化过程. ...
- 第三百二十四节,web爬虫,scrapy模块介绍与使用
第三百二十四节,web爬虫,scrapy模块介绍与使用 Scrapy是一个为了爬取网站数据,提取结构性数据而编写的应用框架. 其可以应用在数据挖掘,信息处理或存储历史数据等一系列的程序中.其最初是为了 ...
- 使用Typescript重构axios(二十四)——防御XSRF攻击
0. 系列文章 1.使用Typescript重构axios(一)--写在最前面 2.使用Typescript重构axios(二)--项目起手,跑通流程 3.使用Typescript重构axios(三) ...
- 学习笔记:CentOS7学习之二十四:expect-正则表达式-sed-cut的使用
目录 学习笔记:CentOS7学习之二十四:expect-正则表达式-sed-cut的使用 24.1 expect实现无交互登录 24.1.1 安装和使用expect 24.2 正则表达式的使用 24 ...
- Bootstrap<基础二十四> 缩略图
Bootstrap 缩略图.大多数站点都需要在网格中布局图像.视频.文本等.Bootstrap 通过缩略图为此提供了一种简便的方式.使用 Bootstrap 创建缩略图的步骤如下: 在图像周围添加带有 ...
- WCF技术剖析之二十四: ServiceDebugBehavior服务行为是如何实现异常的传播的?
原文:WCF技术剖析之二十四: ServiceDebugBehavior服务行为是如何实现异常的传播的? 服务端只有抛出FaultException异常才能被正常地序列化成Fault消息,并实现向客户 ...
随机推荐
- jQuery 3.0最终版发布,十大新特性眼前一亮
jQuery 3.0在日前发布了最终的全新版本.从2014年10月,jQuery团队对这个主要大版本进行维护开始,web开发者社区便一直在期待着这一刻的到来,终于在2016年6月他们迎来了这一个最终板 ...
- Mycat 分片规则详解--一致性hash分片
实现方式:基于hash算法的分片中,算法内部是把记录分片到一种叫做"bucket"(hash桶)的内部算法结构中的,然后hash桶与实际的分片节点一一对应,从此实现了分片.路由的功 ...
- vuex的学习笔记
什么是Vuex? vuex是一个专门为vue.js设计的集中式状态管理架构.状态?我把它理解为在data中的属性需要共享给其他vue组件使用的部分,就叫做状态.简单的说就是data中需要共用的属性. ...
- Webpack 引入bootstrap
Bootstrap中是一种事实上的界面标准,标准到现在的网站大量的使用它.如果可以使用webpack引入的bootstrap.css,就可以一个npm install完成项目的依赖,而不必手工的添加到 ...
- oralce数据库常用到的一些sql命令(加字段注释,修改数据之类)
最近开始接触oralce,整理了一下最近使用 pl/sql 常用到的一些sql命令 1.修改表中的数据 编写查询语句及条件,然后加上"FOR UPDATE","FOR U ...
- [福大软工] W班 总成绩排行榜
评分链接 作业1 作业2 作业3 作业4 总分排名
- 网络1711-1712班 c 语言评分总表一览
学号 姓名 作业地址 PTA实验作业5分 PTA排名2分 阅读代码2分 总结1分 代码规范扣分-2--0 总分 是否推荐博客 1 **莹 http://www.cnblogs.com/wwwwxy12 ...
- mvc架构模式概念
MVC模式是"Model-View-Controller"的缩写,中文翻译为"模式-视图-控制器".MVC应用程序总是由这三个部分组成.Event(事件)导致C ...
- 视频聊天插件:AnyChat使用攻略之iOS开发指南
AnyChat使用攻略之iOS开发指南 这套攻略主要指导刚开始使用AnyChat SDK For iOS的同学,快速搭建SDK环境,和实现音视频开发流程. (需要工程案例文件可联系我们) 在iOS平台 ...
- Swift 2.2 的新特性
导读:本文来自SwiftGG翻译组,作者@walkingway基于苹果Swift官方博客中Ted Kremenek所撰写的"Swift 2.2 Released!"文章进行了关于S ...