Hi Martin, Thanks, I agree - findOffices() shouldn't be executed at all. In fact, handleMethodExecution() returns before invoking application code in all other cases (step 1 for unauthorized access, step 3 for validation errors).
Any chance to have it fixed relatively soon? (maybe Andrea can answer this) Kind regards, Fabio On Thu, Apr 28, 2016 at 6:44 AM, Martin Grigorov <mgrigo...@apache.org> wrote: > Hi, > > > On Wed, Apr 27, 2016 at 12:07 PM, Fabio Fioretti < > windom.macroso...@gmail.com> wrote: > > > Hi all, > > > > Please consider the following simple implementation of > AbstractRestResource > > (6.22.0): > > > > @ResourcePath("/rest/api") > > public class MyRestResource extends > > AbstractRestResource<JsonWebSerialDeserial> > > { > > > > public MyRestResource () > > { > > super(new JsonWebSerialDeserial(new GsonObjectSerialDeserial())); > > } > > > > @MethodMapping(value = "/offices") > > public List<Office> findOffices( > > @RequestParam(value = "region", required = false) Integer regionId) > > { > > return findOfficesByRegion(regionId); > > } > > } > > > > My question relates to the findOffices method and its filtering regionId > > parameter when the value is not a valid integer. For example, consider > the > > request 'GET /rest/api/offices?region=AA'. > > > > At the second step of AbstractRestResource.handleMethodExecution, > > extractMethodParameters is invoked, which in turn triggers the conversion > > of all parameters through the static method toObject. > > > > When the conversion goes wrong and ConversionException is thrown, > toObject > > catches it, sets the response status to 400 and returns null! > > > > Now, when my findOffices is finally executed, I get a null regionId but I > > don't know whether it was not valid or the parameter was not present at > > all. Checking the response status downstream is also particularly hard > > because I have no getStatus (Tomcat 6 here, ouch!). > > > > To my mind, findOffices should return null instead of the unfiltered list > > of offices if the conversion went wrong, even because the response > > status is 400 (as set by toObject). However, how can I know it? > > > > Any suggestions? > > > > IMO this is a bug in the library. > #findOffices() should not be executed at all. > A response with status code 400 should be returned immediately after the > unsuccessful convention without giving a chance to the application code to > be executed. > > > > > Many thanks, > > Fabio > > >