Spring In Action for hybris developers

Spring In Action is considered a classic and nearly must-read for anyone who whats to start with Spring development. I would say it is enough to read the book briefly and get the main idea, which is:

The book consists of 4 parts:

  1. Core Spring: configuration, wiring, aspects, Spring Expression Language (SpEL).
  2. Spring on the web: MVC, Controllers, Controller advices, views, Spring web flow.
  3. Spring in the back end: Configuring JDBC, ORM, Working with NoSQL Databases, Caching, Securing methods.
  4. Integrating Spring: Calling remote services, Creating REST API, Messaging, Sending emails, Managing beans with JMX

I would say for hybris developer Part 1 should be too easy as it covers the very basics.

Part 2 (and also Part 1) is most useful for frontend devs who need to do some backend magic from time to time.

Part 3 has too many things that we don’t use because of hybris’s custom implementation.

Part 4 has some useful things for backend devs, I especially recommend to check the JMX part, as it allows monitoring hybris properties and changing values on-the-fly.

For the rest of the book I made some notes during my reading and want to share with you the things I was not aware of.

RequestMapping annotation tricks

Standard hybris code has example of parametrizing RequestMapping 

@RequestMapping(value = "/paymentinfo/{id}", method = RequestMethod.PUT)

and you also may be aware that you can use wildcards * and ** inside the path like this:

@RequestMapping("**/newsletter") // any path of any depth ending with "newsletter"

What is interesting is that the “value” can also be an array and you can write things like

@RequestMapping(value={"newsletter", "service/newsletter"}) // match only these 2 urls

Unit-testing Controllers

You can test controllers with MockMvc

The example is like this

public class HomeControllerTest {
 
    @Test
    public void testHomePage() throws Exception {
        HomeController controller = new HomeController();
        MockMvc mockMvc = standaloneSetup(controller).build();
        mockMvc.perform(get("/"))
            .andExpect(view().name("home")); // test expected view name
    }
}


Spring taglib has some interesting features

<%@ taglib uri="http://www.springframework.org/tags" prefix="s" %>

<s:htmlEscape> Sets the default HTML escape value for the current page
<s:escapeBody> Escapes the content in the body of the tag

Spring url tag can accept parameters (unlike the core c:url)

<s:url href="/spitter/{username}" var="spitterUrl">
<s:param name="username" value="jbauer" />
</s:url>

Controller methods do not necessarily need to return strings.

They can return arbitrary objects that will be injected into views

@RequestMapping(method=RequestMethod.GET)
public List<Spittle> spittles() {
    return spittleRepository.findSpittles(Long.MAX_VALUE, 20));
}

that works! We return object/list instead of String

Spring will find a view that corresponds the method name splittles and add to the model the var splittleList (derived from the returned object).

Not really convenient, but useful in some kind of API where all methods are like this. Using model is more explicit and convenient

ControllerAdvice

Using @ControllerAdvice and @ExceptionHandler to handle error pages.

Authorization

There is a possibility to control the Authorization process using @PreAuthorize and @PostAuthorize annotations and use @PreFilter/@PostFilter to filter elements out of collections returned from or passed into a method.
Summary:

  • @PreAuthorize Restricts access to a method before invocation based on the result of evaluating an expression
  • @PostAuthorize Allows a method to be invoked, but throws a security exception if the expression evaluates to false
  • @PostFilter Allows a method to be invoked, but filters the results of that method based on an expression
  • @PreFilter Allows a method to be invoked, but filters input prior to entering the method

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.