Add @SessionAttribute with Servlet-based support

Issue: SPR-13894
spring-projects · Jan 26, 2016 · 698f923 · 698f923
1 parent 7df3a32
commit 698f923
Show file tree

Hide file tree

Showing 9 changed files with 394 additions and 42 deletions.
diff --git a/spring-web/src/main/java/org/springframework/web/bind/annotation/RequestMapping.java b/spring-web/src/main/java/org/springframework/web/bind/annotation/RequestMapping.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2015 the original author or authors.
+ * Copyright 2002-2016 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -126,6 +126,10 @@
  * {@link org.springframework.validation.Errors} argument.
  * Instead a {@link org.springframework.web.bind.MethodArgumentNotValidException}
  * exception is raised.
+ * <li>{@link SessionAttribute @SessionAttribute} annotated parameters for access
+ * to existing, permanent session attributes (e.g. user authentication object)
+ * as opposed to model attributes temporarily stored in the session as part of
+ * a controller workflow via {@link SessionAttributes}.
  * <li>{@link org.springframework.http.HttpEntity HttpEntity&lt;?&gt;} parameters
  * (Servlet-only) for access to the Servlet request HTTP headers and contents.
  * The request stream will be converted to the entity body using

diff --git a/spring-web/src/main/java/org/springframework/web/bind/annotation/SessionAttribute.java b/spring-web/src/main/java/org/springframework/web/bind/annotation/SessionAttribute.java
@@ -0,0 +1,73 @@
+/*
+ * Copyright 2002-2015 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.web.bind.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+import org.springframework.core.annotation.AliasFor;
+
+/**
+ * Annotation to bind a method parameter to a session attribute.
+ *
+ * <p>The main motivation is to provide convenient access to existing, permanent
+ * session attributes (e.g. user authentication object) with an optional/required
+ * check and a cast to the target method parameter type.
+ *
+ * <p>For use cases that require adding or removing session attributes consider
+ * injecting {@code org.springframework.web.context.request.WebRequest} or
+ * {@code javax.servlet.http.HttpSession} into the controller method.
+ *
+ * <p>For temporary storage of model attributes in the session as part of the
+ * workflow for a controller, consider using {@link SessionAttributes} instead.
+ *
+ * @author Rossen Stoyanchev
+ * @since 4.3
+ * @see RequestMapping
+ * @see SessionAttributes
+ */
+@Target(ElementType.PARAMETER)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface SessionAttribute {
+
+	/**
+	 * Alias for {@link #name}.
+	 */
+	@AliasFor("name")
+	String value() default "";
+
+	/**
+	 * The name of the session attribute to bind to.
+	 * <p>The default name is inferred from the method parameter name.
+	 */
+	@AliasFor("value")
+	String name() default "";
+
+	/**
+	 * Whether the session attribute is required.
+	 * <p>Defaults to {@code true}, leading to an exception being thrown
+	 * if the attribute is missing in the session or there is no session.
+	 * Switch this to {@code false} if you prefer a {@code null} or Java 1.8+
+	 * {@code java.util.Optional} if the attribute doesn't exist.
+	 */
+	boolean required() default true;
+
+}
diff --git a/.../springframework/web/servlet/mvc/method/annotation/ExceptionHandlerExceptionResolver.java b/.../springframework/web/servlet/mvc/method/annotation/ExceptionHandlerExceptionResolver.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2015 the original author or authors.
+ * Copyright 2002-2016 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -290,6 +290,9 @@ public Map<ControllerAdviceBean, ExceptionHandlerMethodResolver> getExceptionHan
 	protected List<HandlerMethodArgumentResolver> getDefaultArgumentResolvers() {
 		List<HandlerMethodArgumentResolver> resolvers = new ArrayList<HandlerMethodArgumentResolver>();
 
+		// Annotation-based argument resolution
+		resolvers.add(new SessionAttributeMethodArgumentResolver());
+
 		// Type-based argument resolution
 		resolvers.add(new ServletRequestMethodArgumentResolver());
 		resolvers.add(new ServletResponseMethodArgumentResolver());

diff --git a/...a/org/springframework/web/servlet/mvc/method/annotation/RequestMappingHandlerAdapter.java b/...a/org/springframework/web/servlet/mvc/method/annotation/RequestMappingHandlerAdapter.java
@@ -600,6 +600,7 @@ private List<HandlerMethodArgumentResolver> getDefaultArgumentResolvers() {
 		resolvers.add(new RequestHeaderMapMethodArgumentResolver());
 		resolvers.add(new ServletCookieValueMethodArgumentResolver(getBeanFactory()));
 		resolvers.add(new ExpressionValueMethodArgumentResolver(getBeanFactory()));
+		resolvers.add(new SessionAttributeMethodArgumentResolver());
 
 		// Type-based argument resolution
 		resolvers.add(new ServletRequestMethodArgumentResolver());
@@ -639,6 +640,7 @@ private List<HandlerMethodArgumentResolver> getDefaultInitBinderArgumentResolver
 		resolvers.add(new MatrixVariableMethodArgumentResolver());
 		resolvers.add(new MatrixVariableMapMethodArgumentResolver());
 		resolvers.add(new ExpressionValueMethodArgumentResolver(getBeanFactory()));
+		resolvers.add(new SessionAttributeMethodArgumentResolver());
 
 		// Type-based argument resolution
 		resolvers.add(new ServletRequestMethodArgumentResolver());
@@ -788,46 +790,50 @@ protected ModelAndView invokeHandlerMethod(HttpServletRequest request,
 			HttpServletResponse response, HandlerMethod handlerMethod) throws Exception {
 
 		ServletWebRequest webRequest = new ServletWebRequest(request, response);
+		try {
+			WebDataBinderFactory binderFactory = getDataBinderFactory(handlerMethod);
+			ModelFactory modelFactory = getModelFactory(handlerMethod, binderFactory);
+
+			ServletInvocableHandlerMethod invocableMethod = createInvocableHandlerMethod(handlerMethod);
+			invocableMethod.setHandlerMethodArgumentResolvers(this.argumentResolvers);
+			invocableMethod.setHandlerMethodReturnValueHandlers(this.returnValueHandlers);
+			invocableMethod.setDataBinderFactory(binderFactory);
+			invocableMethod.setParameterNameDiscoverer(this.parameterNameDiscoverer);
+
+			ModelAndViewContainer mavContainer = new ModelAndViewContainer();
+			mavContainer.addAllAttributes(RequestContextUtils.getInputFlashMap(request));
+			modelFactory.initModel(webRequest, mavContainer, invocableMethod);
+			mavContainer.setIgnoreDefaultModelOnRedirect(this.ignoreDefaultModelOnRedirect);
+
+			AsyncWebRequest asyncWebRequest = WebAsyncUtils.createAsyncWebRequest(request, response);
+			asyncWebRequest.setTimeout(this.asyncRequestTimeout);
+
+			WebAsyncManager asyncManager = WebAsyncUtils.getAsyncManager(request);
+			asyncManager.setTaskExecutor(this.taskExecutor);
+			asyncManager.setAsyncWebRequest(asyncWebRequest);
+			asyncManager.registerCallableInterceptors(this.callableInterceptors);
+			asyncManager.registerDeferredResultInterceptors(this.deferredResultInterceptors);
+
+			if (asyncManager.hasConcurrentResult()) {
+				Object result = asyncManager.getConcurrentResult();
+				mavContainer = (ModelAndViewContainer) asyncManager.getConcurrentResultContext()[0];
+				asyncManager.clearConcurrentResult();
+				if (logger.isDebugEnabled()) {
+					logger.debug("Found concurrent result value [" + result + "]");
+				}
+				invocableMethod = invocableMethod.wrapConcurrentResult(result);
+			}
 
-		WebDataBinderFactory binderFactory = getDataBinderFactory(handlerMethod);
-		ModelFactory modelFactory = getModelFactory(handlerMethod, binderFactory);
-
-		ServletInvocableHandlerMethod invocableMethod = createInvocableHandlerMethod(handlerMethod);
-		invocableMethod.setHandlerMethodArgumentResolvers(this.argumentResolvers);
-		invocableMethod.setHandlerMethodReturnValueHandlers(this.returnValueHandlers);
-		invocableMethod.setDataBinderFactory(binderFactory);
-		invocableMethod.setParameterNameDiscoverer(this.parameterNameDiscoverer);
-
-		ModelAndViewContainer mavContainer = new ModelAndViewContainer();
-		mavContainer.addAllAttributes(RequestContextUtils.getInputFlashMap(request));
-		modelFactory.initModel(webRequest, mavContainer, invocableMethod);
-		mavContainer.setIgnoreDefaultModelOnRedirect(this.ignoreDefaultModelOnRedirect);
-
-		AsyncWebRequest asyncWebRequest = WebAsyncUtils.createAsyncWebRequest(request, response);
-		asyncWebRequest.setTimeout(this.asyncRequestTimeout);
-
-		WebAsyncManager asyncManager = WebAsyncUtils.getAsyncManager(request);
-		asyncManager.setTaskExecutor(this.taskExecutor);
-		asyncManager.setAsyncWebRequest(asyncWebRequest);
-		asyncManager.registerCallableInterceptors(this.callableInterceptors);
-		asyncManager.registerDeferredResultInterceptors(this.deferredResultInterceptors);
-
-		if (asyncManager.hasConcurrentResult()) {
-			Object result = asyncManager.getConcurrentResult();
-			mavContainer = (ModelAndViewContainer) asyncManager.getConcurrentResultContext()[0];
-			asyncManager.clearConcurrentResult();
-			if (logger.isDebugEnabled()) {
-				logger.debug("Found concurrent result value [" + result + "]");
+			invocableMethod.invokeAndHandle(webRequest, mavContainer);
+			if (asyncManager.isConcurrentHandlingStarted()) {
+				return null;
 			}
-			invocableMethod = invocableMethod.wrapConcurrentResult(result);
-		}
 
-		invocableMethod.invokeAndHandle(webRequest, mavContainer);
-		if (asyncManager.isConcurrentHandlingStarted()) {
-			return null;
+			return getModelAndView(mavContainer, modelFactory, webRequest);
+		}
+		finally {
+			webRequest.requestCompleted();
 		}
-
-		return getModelAndView(mavContainer, modelFactory, webRequest);
 	}
 
 	/**

diff --git a/...ngframework/web/servlet/mvc/method/annotation/SessionAttributeMethodArgumentResolver.java b/...ngframework/web/servlet/mvc/method/annotation/SessionAttributeMethodArgumentResolver.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2002-2016 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.web.servlet.mvc.method.annotation;
+
+import javax.servlet.ServletException;
+
+import org.springframework.core.MethodParameter;
+import org.springframework.web.bind.ServletRequestBindingException;
+import org.springframework.web.bind.annotation.SessionAttribute;
+import org.springframework.web.bind.annotation.ValueConstants;
+import org.springframework.web.context.request.NativeWebRequest;
+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.method.annotation.AbstractNamedValueMethodArgumentResolver;
+
+/**
+ * Resolves method arguments annotated with an @{@link SessionAttribute}.
+ *
+ * @author Rossen Stoyanchev
+ * @since 4.3
+ */
+public class SessionAttributeMethodArgumentResolver extends AbstractNamedValueMethodArgumentResolver {
+
+
+	@Override
+	public boolean supportsParameter(MethodParameter parameter) {
+		return parameter.hasParameterAnnotation(SessionAttribute.class);
+	}
+
+
+	@Override
+	protected NamedValueInfo createNamedValueInfo(MethodParameter parameter) {
+		SessionAttribute annot = parameter.getParameterAnnotation(SessionAttribute.class);
+		return new NamedValueInfo(annot.name(), annot.required(), ValueConstants.DEFAULT_NONE);
+	}
+
+	@Override
+	protected Object resolveName(String name, MethodParameter parameter, NativeWebRequest request){
+		return request.getAttribute(name, RequestAttributes.SCOPE_SESSION);
+	}
+
+	@Override
+	protected void handleMissingValue(String name, MethodParameter parameter) throws ServletException {
+		throw new ServletRequestBindingException("Missing session attribute '" + name +
+				"' of type " +  parameter.getNestedParameterType().getSimpleName());
+	}
+
+}
diff --git a/...ework/web/servlet/mvc/method/annotation/RequestMappingHandlerAdapterIntegrationTests.java b/...ework/web/servlet/mvc/method/annotation/RequestMappingHandlerAdapterIntegrationTests.java
@@ -68,6 +68,7 @@
 import org.springframework.web.bind.annotation.RequestPart;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.bind.annotation.ResponseStatus;
+import org.springframework.web.bind.annotation.SessionAttribute;
 import org.springframework.web.bind.annotation.SessionAttributes;
 import org.springframework.web.bind.support.ConfigurableWebBindingInitializer;
 import org.springframework.web.bind.support.SessionStatus;
@@ -148,12 +149,13 @@ public void teardown() {
 	public void handle() throws Exception {
 		Class<?>[] parameterTypes = new Class<?>[] { int.class, String.class, String.class, String.class, Map.class,
 				Date.class, Map.class, String.class, String.class, TestBean.class, Errors.class, TestBean.class,
-				Color.class, HttpServletRequest.class, HttpServletResponse.class, User.class, OtherUser.class,
-				Model.class, UriComponentsBuilder.class };
+				Color.class, HttpServletRequest.class, HttpServletResponse.class, TestBean.class,
+				User.class, OtherUser.class, Model.class, UriComponentsBuilder.class };
 
 		String datePattern = "yyyy.MM.dd";
 		String formattedDate = "2011.03.16";
 		Date date = new GregorianCalendar(2011, Calendar.MARCH, 16).getTime();
+		TestBean sessionAttribute = new TestBean();
 
 		request.addHeader("Content-Type", "text/plain; charset=utf-8");
 		request.addHeader("header", "headerValue");
@@ -171,6 +173,7 @@ public void handle() throws Exception {
 		Map<String, String> uriTemplateVars = new HashMap<String, String>();
 		uriTemplateVars.put("pathvar", "pathvarValue");
 		request.setAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE, uriTemplateVars);
+		request.getSession().setAttribute("sessionAttribute", sessionAttribute);
 
 		HandlerMethod handlerMethod = handlerMethod("handle", parameterTypes);
 		ModelAndView mav = handlerAdapter.handle(request, response, handlerMethod);
@@ -215,6 +218,8 @@ public void handle() throws Exception {
 		assertEquals(User.class, model.get("user").getClass());
 		assertEquals(OtherUser.class, model.get("otherUser").getClass());
 
+		assertSame(sessionAttribute, model.get("sessionAttribute"));
+
 		assertEquals(new URI("http://localhost/contextPath/main/path"), model.get("url"));
 	}
 
@@ -363,6 +368,7 @@ public String handle(
 						 	Color customArg,
 						 	HttpServletRequest request,
 						 	HttpServletResponse response,
+							@SessionAttribute TestBean sessionAttribute,
 						 	User user,
 						 	@ModelAttribute OtherUser otherUser,
 						 	Model model,
@@ -373,6 +379,7 @@ public String handle(
 					.addAttribute("dateParam", dateParam).addAttribute("paramMap", paramMap)
 					.addAttribute("paramByConvention", paramByConvention).addAttribute("value", value)
 					.addAttribute("customArg", customArg).addAttribute(user)
+					.addAttribute("sessionAttribute", sessionAttribute)
 					.addAttribute("url", builder.path("/path").build().toUri());
 
 			assertNotNull(request);