Jackson - Deserialize with JsonView

Question

I am trying to restrict which properties from a JSON object are deserialised using Jackson JSONViews. The aim is to use this to prevent consumers of my API from submitting data that they shouldn't.

The problem is, I have either misunderstood JSONViews or I am doing something wrong. See below.

I started trying to do this in Spring but have noticed that even the simple test below doesn't work.

Account Class

public class Account {

    @Id
    private String id;

    private String name;

    private List<String> items;

    private List<User> users;

    @JsonView(AccountViews.Private.class)
    public void setId(String id) {
        this.id = id;
    }

    @JsonView(AccountViews.Public.class)
    public void setName(String name) {
        this.name = name;
    }

    @JsonView(AccountViews.Public.class)
    public void setItems(List<String> items) {
        this.items = items;
    }

    @JsonView(AccountViews.Private.class)
    public void setUsers(List<User> users) {
        this.users = users;
    }
}

Views

public class AccountViews {

    public interface Public {}

    public interface Private extends Public {}

}

Test

@Test
public void testDeserialization(){

        ObjectMapper mapper = new ObjectMapper();
        mapper.disable(MapperFeature.DEFAULT_VIEW_INCLUSION);

        Account account = mapper.readerWithView(AccountViews.Public.class).forType(Account.class).readValue("{ \"name\": \"account1\", \"items\": [\"item1\"], \"users\": [ { \"firstname\": \"user1_firstname\", \"lastname\": \"user1_lastname\" }] }");

        assertEquals(account.getName(), "account1");
        assertNull(account.getUsers());

}

Unforunately, the 2nd assertion fails because Users has a user object inside.

Basically, even though "users" is a property of Account, I don't want the value to be deserialized because I have used the JSONView (AccountViews.Public.class). However, whatever I try it always seems to be deserialized and is present on the account object.

Any help much appreciated.

Error

`java.lang.AssertionError: expected null, but was:<[User@609db43b]>
at org.junit.Assert.fail(Assert.java:88)
at org.junit.Assert.failNotNull(Assert.java:755)
at org.junit.Assert.assertNull(Assert.java:737)
at org.junit.Assert.assertNull(Assert.java:747)
at`

Move the annotations on the getters/setters to the fields. Does it work? — cassiomolin, Apr 04 '17 at 21:11
Nope - afraid not. I tried that too but ended up with annotating the setters. — user2294382, Apr 04 '17 at 21:19
The code that you have posted is working in my machine. I can see `users` getting skipped during deserialization. I am using Jackson 2.7.5 — Justin Jose, Apr 11 '17 at 05:29

Jackson - Deserialize with JsonView

0 Answers0