创建自定义JSR303的验证约束(Creating custom constraints)

转载：http://clongjava.iteye.com/blog/1317649

由于输入验证在软件开发中是必须的一件事情，特别是与用户交互的软件产品，验证用户的潜在输入错误是必不可少的一件事情，然而各种开源的验证框架也很多，为了一统标准，jsr303规范横空出世了，它定义了一些标准的验证约束，标准毕竟是标准，它不可能定义到所有的验证约束，它只是提供了一些基本的常用的约束，不过它提供了一个可拓展的自定义验证约束。下面就来说说怎么样自定义一个约束.

      为了创建一个自定义约束，以下三个步骤是必须的。
• Create a constraint annotation (首先定义一个约束注解)
• Implement a validator(第二步是实现这个验证器)
• Define a default error message(最后添加一条默认的错误消息即可)

    假定有这么一个要求，要验证用户的两次输入密码必须是相同的，非常常见的一个要求。下面就基于这个要求来自定义一个约束。

package org.leochen.samples;

import javax.validation.Constraint;
import javax.validation.Payload;
import java.lang.annotation.*;

/**
 * User: leochen
 * Date: 11-12-8
 * Time: 下午11:31
 */

@Target({ElementType.TYPE,ElementType.ANNOTATION_TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Constraint(validatedBy = MatchesValidator.class)
@Documented
public @interface Matches {
    String message() default "{constraint.not.matches}";
    Class<?>[] groups() default {};
    Class<? extends Payload>[] payload() default {};

    String field();
    String verifyField();
}

 从上到下来说吧，@Target表示注解可出现在哪些地方，比如可以出现在class上,field,method,又或者是在另外一个annotation上，这里限制只能出现在类和另外一个注解上，@Retention表示该注解的保存范围是哪里,RUNTIME表示在源码(source)、编译好的.class文件中保留信息，在执行的时候会把这一些信息加载到JVM中去的．@Constraint比较重要，表示哪个验证器提供验证。@interface表明这是一个注解,和class一样都是关键字,message(),groups()和payload()这三个方法是一个标准的约束所具备的，其中message()是必须的，{constraint.not.matches}表示该消息是要插值计算的，也就是说是要到资源文件中寻找这个key的，如果不加{}就表示是一个普通的消息，直接文本显示,如果消息中有需要用到{或}符号的，需要进行转义,用{和}来表示。groups()表示该约束属于哪个验证组,在验证某个bean部分属性是特别有用(也说不清了，具体可以查看Hibernate Validator的文档细看) default必须是一个类型为Class<?>[]的空数组,attribute payload that can be used by clients of the Bean Validation API to assign custom payload objects to a constraint. This attribute is not used by the API itself.下面连个字段是我们添加进去的，表示要验证字段的名称，比如password和confirmPassword.

    下面就来实现这个约束。

package org.leochen.samples;

import org.apache.commons.beanutils.BeanUtils;

import javax.validation.ConstraintValidator;
import javax.validation.ConstraintValidatorContext;
import java.lang.reflect.InvocationTargetException;

/**
 * User: leochen
 * Date: 11-12-8
 * Time: 下午11:39
 */
public class MatchesValidator implements ConstraintValidator<Matches,Object>{
    private String field;
    private String verifyField;

    public void initialize(Matches matches) {
        this.field = matches.field();
        this.verifyField = matches.verifyField();
    }

    public boolean isValid(Object value, ConstraintValidatorContext context) {
        try {
            String fieldValue= BeanUtils.getProperty(value,field);
            String verifyFieldValue = BeanUtils.getProperty(value,verifyField);
            boolean valid = (fieldValue == null) && (verifyFieldValue == null);
            if(valid){
                return true;
            }

            boolean match = (fieldValue!=null) && fieldValue.equals(verifyFieldValue);
            if(!match){
                String messageTemplate = context.getDefaultConstraintMessageTemplate();
                context.disableDefaultConstraintViolation();
                context.buildConstraintViolationWithTemplate(messageTemplate)
                        .addNode(verifyField)
                        .addConstraintViolation();
            }
            return match;
        } catch (IllegalAccessException e) {
            e.printStackTrace();
        } catch (InvocationTargetException e) {
            e.printStackTrace();
        } catch (NoSuchMethodException e) {
            e.printStackTrace();
        }
        return true;
    }
}

 我们必须要实现ConstraintValidator这个接口,下面就来具体看看这个接口是怎么定义的吧：

package javax.validation;

import java.lang.annotation.Annotation;

public interface ConstraintValidator<A extends Annotation, T> {
    /**
     * Initialize the validator in preparation for isValid calls.
     * The constraint annotation for a given constraint declaration
     * is passed.
     * <p/>
     * This method is guaranteed to be called before any use of this instance for
     * validation.
     *
     * @param constraintAnnotation annotation instance for a given constraint declaration
     */
    void initialize(A constraintAnnotation);

    /**
     * Implement the validation logic.
     * The state of <code>value</code> must not be altered.
     *
     * This method can be accessed concurrently, thread-safety must be ensured
     * by the implementation.
     *
     * @param value object to validate
     * @param context context in which the constraint is evaluated
     *
     * @return false if <code>value</code> does not pass the constraint
     */
    boolean isValid(T value, ConstraintValidatorContext context);
}

 A 表示边界范围为java.lang.annotation.Annotation即可,这个T参数必须满足下面两个限制条件：

<!-- Generated by javadoc (build 1.6.0_20) on Fri Jun 04 05:41:40 PDT 2010 -->

<noscript></noscript>

• T must resolve to a non parameterized type (T 必须能被解析为非参数化的类型,通俗讲就是要能解析成具体类型，比如Object,Dog,Cat之类的，不能是一个占位符)
• or generic parameters of T must be unbounded wildcard types(或者也可以是一个无边界范围含有通配符的泛型类型)

我们在initialize (A  constraintAnnotation) 方法中获取到要验证的两个字段的名称，在isValid方法中编写验证规则。

String fieldValue= BeanUtils.getProperty(value,field);
String verifyFieldValue = BeanUtils.getProperty(value,verifyField);

 通过反射获取验证字段的值，由于我们要实现的是一个密码和确认密码一致的问题，而这两个字段类型都是java.lang.String类型，所以我们直接通过BeanUtils来获取他们各自的值。

String messageTemplate = context.getDefaultConstraintMessageTemplate();
                context.disableDefaultConstraintViolation();
                context.buildConstraintViolationWithTemplate(messageTemplate)
                        .addNode(verifyField)
                        .addConstraintViolation();

 以上是我们把验证出错的消息放在哪个字段上显示，一般我们是在确认密码上显示密码不一致的消息。

好了这样我们的自定义约束就完成了，下面来使用并测试吧。

假如我们要验证这么一个formbean

package org.leochen.samples;

/**
 * User: leochen
 * Date: 11-12-20
 * Time: 下午4:04
 */
@Matches(field = "password", verifyField = "confirmPassword",
                 message = "{constraint.confirmNewPassword.not.match.newPassword}")
public class TwoPasswords {
    private String password;
    private String confirmPassword;

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }

    public String getConfirmPassword() {
        return confirmPassword;
    }

    public void setConfirmPassword(String confirmPassword) {
        this.confirmPassword = confirmPassword;
    }
}

 在路径下放入我们的资源文件：ValidationMessages.properties（名字必须叫这个，不然你就费好大一番劲，何苦呢是不是，基于约定来）

javax.validation.constraints.AssertFalse.message = must be false
javax.validation.constraints.AssertTrue.message  = must be true
javax.validation.constraints.DecimalMax.message  = must be less than or equal to {value}
javax.validation.constraints.DecimalMin.message  = must be greater than or equal to {value}
javax.validation.constraints.Digits.message      = numeric value out of bounds (<{integer} digits>.<{fraction} digits> expected)
javax.validation.constraints.Future.message      = must be in the future
javax.validation.constraints.Max.message         = must be less than or equal to {value}
javax.validation.constraints.Min.message         = must be greater than or equal to {value}
javax.validation.constraints.NotNull.message     = may not be null
javax.validation.constraints.Null.message        = must be null
javax.validation.constraints.Past.message        = must be in the past
javax.validation.constraints.Pattern.message     = must match "{regexp}"
javax.validation.constraints.Size.message        = size must be between {min} and {max}

org.hibernate.validator.constraints.CreditCardNumber.message = invalid credit card number
org.hibernate.validator.constraints.Email.message            = not a well-formed email address
org.hibernate.validator.constraints.Length.message           = length must be between {min} and {max}
org.hibernate.validator.constraints.NotBlank.message         = may not be empty
org.hibernate.validator.constraints.NotEmpty.message         = may not be empty
org.hibernate.validator.constraints.Range.message            = must be between {min} and {max}
org.hibernate.validator.constraints.SafeHtml.message         = may have unsafe html content
org.hibernate.validator.constraints.ScriptAssert.message     = script expression "{script}" didn't evaluate to true
org.hibernate.validator.constraints.URL.message              = must be a valid URL



## custom constraints

constraint.not.matches=two fields not matches
constraint.confirmNewPassword.not.match.newPassword=two password not the same

 单元测试如下：

package org.leochen.samples;

import org.junit.BeforeClass;
import org.junit.Test;

import javax.validation.ConstraintViolation;
import javax.validation.Validation;
import javax.validation.Validator;
import javax.validation.ValidatorFactory;

import java.util.Set;

import static junit.framework.Assert.assertEquals;
import static junit.framework.Assert.assertNotNull;

/**
 * User: leochen
 * Date: 11-12-20
 * Time: 下午4:06
 */
public class TwoPasswordsTest {
    private static Validator validator;

    @BeforeClass
    public static void setUp() {
        ValidatorFactory factory = Validation.buildDefaultValidatorFactory();
        validator = factory.getValidator();
    }


    @Test
    public void testBuildDefaultValidatorFactory() {
        ValidatorFactory factory = Validation.buildDefaultValidatorFactory();
        Validator validator = factory.getValidator();

        assertNotNull(validator);
    }

    @Test
    public void testPasswordEqualsConfirmPassword() {
        TwoPasswords bean = new TwoPasswords();
        bean.setPassword("110");
        bean.setConfirmPassword("110");

        Set<ConstraintViolation<TwoPasswords>> constraintViolations = validator.validate(bean);
        for (ConstraintViolation<TwoPasswords> constraintViolation : constraintViolations) {
            System.out.println(constraintViolation.getMessage());
        }

        assertEquals("newPassword and confirmNewPassword should be the same.", 0, constraintViolations.size());
    }

    @Test
    public void testPasswordNotEqualsConfirmPassword() {
        TwoPasswords bean = new TwoPasswords();
        bean.setPassword("110");
        bean.setConfirmPassword("111");

        Set<ConstraintViolation<TwoPasswords>> constraintViolations = validator.validate(bean);

        assertEquals(1, constraintViolations.size());
        assertEquals("two password not the same", constraintViolations.iterator().next().getMessage());
    }

    @Test
    public void testIfTwoPasswordWereNullShouldPast() {
        TwoPasswords bean = new TwoPasswords();
        bean.setPassword(null);
        bean.setConfirmPassword(null);

        Set<ConstraintViolation<TwoPasswords>> constraintViolations = validator.validate(bean);

        assertEquals(0, constraintViolations.size());
    }

    @Test
    public void testIfOneIsNullAndOtherIsNotShouldNotPast() {
        TwoPasswords bean = new TwoPasswords();
        bean.setPassword(null);
        bean.setConfirmPassword("110");

        Set<ConstraintViolation<TwoPasswords>> constraintViolations = validator.validate(bean);

        assertEquals(1, constraintViolations.size());
        assertEquals("two password not the same", constraintViolations.iterator().next().getMessage());
    }
}

 测试全部通过的