Python中文网

一个关于 编程问题的解答网站.

有 Java 编程相关的问题?

你可以在下面搜索框中键入要查询的问题!

RESTweb服务中get方法中的java invoke post方法

1 月,3 周 Questions & Answers

我正在为一个项目开发一个RESTful web服务。移动应用程序应该提供一个id,WS需要在get方法中使用该id从数据库检索信息。现在,我通过PathParam传递id,作为get方法uri的一部分。我可以通过使用post方法捕获id,然后在get方法中调用此post方法来获取id吗?或者我该怎么做?我认为在get方法中使用PathParam传递id不是一个安全的好主意

@GET
@Path("/MachineDetail/{machineId}")
@Produces(MediaType.APPLICATION_JSON)
public MachineDetail returnMachineDetail(@PathParam("machineId") int machineId ) throws Exception {
    System.err.println("test");

    PreparedStatement query = null;
    String myString = "";
    Connection conn = null;

    List<Issue> issueList = new ArrayList<Issue>();
    int i = 0;

    MachineDetail machineDetail = new MachineDetail();
    Machine machine = null;
    Machinedocolink machinedocolink = null;
    Manufacturer manufacturer = null;
    Issue issue = null;
    int manufacturerId = 0;
    int machineid = machineId;

    try {
        conn = db.DBConn().getConnection();
        //conn = db.DBConnLocal();

        // get info from machine table
        query = conn.prepareStatement("SELECT * FROM USER04419.MACHINE WHERE MACHINEID = "
                        + machineid);
        ResultSet rsMachine = query.executeQuery();

        while (rsMachine.next()) {
            manufacturerId = rsMachine.getInt("MANUFACTURERID");
            myString = myString + rsMachine.getString("LOCATION") + "!!!!!"
                    + rsMachine.getInt("MACHINEID") + "!!!!!"
                    + rsMachine.getInt("MACHINEID");

            Long maintainenceDate = rsMachine.getDate("MAINTDATE")
                    .getTime();
            Long dateInstalled = rsMachine.getDate("DATEINSTALLED")
                    .getTime();
            machine = new Machine();
            machine.setMachineId(rsMachine.getInt("MACHINEID"));
            machine.setLocation(rsMachine.getString("LOCATION"));
            machine.setMaintainenceDate(maintainenceDate);
            machine.setDateInstalled(dateInstalled);
            machine.setInstaller(rsMachine.getString("INSTALLER"));
            machine.setMachineCode(rsMachine.getString("MACHINECODE"));
            machine.setModel(rsMachine.getString("MODEL"));
            machine.setManufacturerID(rsMachine.getInt("MANUFACTURERID"));
            machine.setName(rsMachine.getString("NAME"));
            machine.setSoftware(rsMachine.getString("SOFTWARE"));

            machineDetail.setMachine(machine);
            myString = machine.toString();

        }

        // select info from manufacturer table
        query = conn
                .prepareStatement("SELECT * FROM MANUFACTURER WHERE MANUFACTURERID = "
                        + manufacturerId);
        ResultSet rsManufacturer = query.executeQuery();

        while (rsManufacturer.next()) {
            manufacturer = new Manufacturer();
            manufacturer.setManufacturerId(rsManufacturer
                    .getInt("MANUFACTURERID"));
            manufacturer.setManufacturerName(rsManufacturer
                    .getString("MANUFACTURERNAME"));
            machineDetail.setManufacturer(manufacturer);
            myString = myString + manufacturer.toString();

        }

        // get info from machinedocolink table
        query = conn
                .prepareStatement("SELECT * FROM MACHINEDOCOLINK WHERE MACHINEID = "
                        + machine.getMachineId());
        ResultSet rsMachinedocolink = query.executeQuery();

        while (rsMachinedocolink.next()) {
            machinedocolink = new Machinedocolink();
            machinedocolink.setMachinedocolinkId(rsMachinedocolink
                    .getInt("MACHINEDOCLINKID"));
            machinedocolink.setMachineId(rsMachinedocolink
                    .getInt("MACHINEID"));
            machinedocolink.setURLLink(rsMachinedocolink
                    .getString("URLLINK"));
            machinedocolink.setURLTitle(rsMachinedocolink
                    .getString("URLTITLE"));
            machineDetail.setMachinedocolink(machinedocolink);
            myString = myString + machinedocolink.toString();
        }

        // get info from issue table
        query = conn
                .prepareStatement("SELECT * FROM ISSUE WHERE MACHINEID = "
                        + machine.getMachineId());
        ResultSet rsIssue = query.executeQuery();

        while (rsIssue.next()) {
            issue = new Issue();
            issue.setIssueId(rsIssue.getInt("ISSUEID"));
            ;
            issue.setMachineId(rsIssue.getInt("MACHINEID"));
            issue.setPriority(rsIssue.getInt("PRIORITY"));
            issue.setUserId(rsIssue.getInt("USERID"));
            issue.setIssueTitle(rsIssue.getString("ISSUETITLE"));
            issue.setIssueStatus(rsIssue.getString("ISSUESTATUS"));

            Long creationDate = rsIssue.getDate("CREATIONDATE").getTime();
            Long executionDate = rsIssue.getDate("EXECUTIONDATE").getTime();
            issue.setCreationDate(creationDate);
            issue.setExecutionDate(executionDate);

            issueList.add(i, issue);
            i++;

        }
        machineDetail.setIssueList(issueList);
        myString = myString + machinedocolink.toString();

        query.close();

    } catch (Exception e) {
        e.printStackTrace();

    } finally {
        if (conn != null)
            conn.close();

    }

    return machineDetail;
    // return myString;
}

共 (2) 个答案

  1. # 1 楼答案

    可以通过两个不同的方法映射同一个方法,并通过GET和POST进行注释

    @GET invokeMethodGET(){ invokeMethod() }

    @POST invokeMethodPOST(){ invokeMethod() }

    public void invokeMethod(){ }

  2. # 2 楼答案

    从你的问题中我了解到,你有如下端点的资源

    获取http://example.com/rest/resource_name/1

    如果您已经用身份验证和授权保护了REST端点(除非您正在开发公共可访问的API),那么这是非常好的

    您关于在RESTweb服务中的GET方法中调用post方法的想法看起来不像RESTful