Skip to content

Apollo OpenAPI 更新和创建 单个配置的时候,没有校验Value是否为空 #5375

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
3 tasks done
youngzil opened this issue Apr 3, 2025 · 1 comment · Fixed by #5376
Closed
3 tasks done

Apollo OpenAPI 更新和创建 单个配置的时候,没有校验Value是否为空 #5375

youngzil opened this issue Apr 3, 2025 · 1 comment · Fixed by #5376

Comments

@youngzil
Copy link
Contributor

youngzil commented Apr 3, 2025

描述bug

在接口层面没有校验参数的合法性,导致请求打到了数据库层才抛出异常

复现

通过如下步骤可以复现:

  1. 创建一个appid:test-demo,申请一个Token,用来管理这个appid
  2. 本地启动Apollo服务端
  3. 通过Apollo OpenAPI创建配置
 curl --location -i --request PUT 'http://127.0.0.1:18080/openapi/v1/envs/LOCAL/apps/test-demo/clusters/default/namespaces/application/items/testkey?createIfNotExists=true' \
--header 'Authorization: 20bf2d43e3a837523d8441cc72a59fb991b6832ad0c391e40c0947936f298035' \
--header 'Content-Type: application/json' \
--data '{
    "key": "testkey",
    "value": null,
    "comment": "test config update",
    "dataChangeCreatedBy":"apollo",
    "dataChangeLastModifiedBy":"apollo"
}'
  1. 返回报错信息
    {"exception":"org.springframework.dao.DataIntegrityViolationException","message":"could not execute statement; SQL [n/a]; constraint [null]; nested exception is org.hibernate.exception.ConstraintViolationException: could not execute statement [Cause: NULL not allowed for column \"Value\"; SQL statement:\ninsert into \"Item\" (\"Id\", \"DataChange_CreatedBy\", \"DataChange_CreatedTime\", \"DataChange_LastModifiedBy\", \"DataChange_LastTime\", \"DeletedAt\", \"IsDeleted\", \"Comment\", \"Key\", \"LineNum\", \"NamespaceId\", \"Type\", \"Value\") values (default, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) [23502-214]]","status":500.0,"timestamp":"2025-04-03T14:46:12.475"}

期望

可以在接口层面就提前校验参数的合法性

截图

Image

额外的细节和日志

  • 版本:
  • 错误日志
  • 配置:
  • 平台和操作系统
@dosubot DosuBot
Copy link

dosubot bot commented Apr 3, 2025

To address the issue of validating the "Value" field at the interface level in Apollo OpenAPI, you can use the @NotBlank annotation on the value field in the ServerConfig class. This annotation ensures that the field is not null and not empty, preventing SQL constraint violations related to null values.

Here's how you can apply the annotation:

@NotBlank(message = "ServerConfig.Value cannot be blank")
@Column(name = "`Value`", nullable = false)
@ApolloAuditLogDataInfluenceTableField(fieldName = "Value")
private String value;

This will ensure that the "Value" field is validated before reaching the database layer, thus avoiding the DataIntegrityViolationException you encountered [1].

To continue talking to Dosu, mention @dosu.

Help Dosu learn! Give it feedback: Great Response | Irrelevant Answer | Incorrect Sources | Too Verbose | Hallucination | Bug Report | Other

@youngzil youngzil mentioned this issue Apr 3, 2025
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(ItemController): Enhanced parameter verification for edit item youngzil/apollo
1 participant
@youngzil