I have a Users Entity: <pre class="prettyprint"><code>public class SpringUsers implements Serializable { private String password; // other fields omitted @Basic @Column(name = "password") public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } } </code></pre> And its repository: <pre class="prettyprint"><code>public interface SpringUsersRepository extends CrudRepository<SpringUsers, Integer> { SpringUsers findByUsername(String username); List<SpringUsers> findByUserId(Integer userId); } </code></pre> And I have a controller method that should get a list of all registered users with the same userId (is internally used) as the currently authenticated user: <pre class="prettyprint"><code>public List<SpringUsers> getRegisteredUsers() { CustomUserDetails authenticatedUserDetails = getCustomUserDetails(); List<SpringUsers> registered = springUsersRepository.findByUserId( authenticatedUserDetails.getUserMyId()); return registered.stream().map(v -> { v.setPassword(null); return v; }).collect(Collectors.toList()); } </code></pre> I don't want to pass the password (even though it's encrypted) to the frontend - so I stream through the users and set the password to null, as you can see above. However, I'm wondering if there isn't a possibility to just not include the users' password in the query result in the first place? <hr> Version Info: Spring boot 1.4.0 & Hibernate 5.0.9.Final

Use @JsonIgnore, this will make it available in the back but will not return when transforming to json <pre class="prettyprint"><code>@Size(min = 8) @JsonIgnore private String password; </code></pre>

Exclude column from resultset in controller

I have a Users Entity:

public class SpringUsers implements Serializable {
    private String password;
    // other fields omitted
    @Basic
    @Column(name = "password")
    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }
}

And its repository:

public interface SpringUsersRepository extends CrudRepository<SpringUsers, Integer> {
    SpringUsers findByUsername(String username);
    List<SpringUsers> findByUserId(Integer userId);
}

And I have a controller method that should get a list of all registered users with the same userId (is internally used) as the currently authenticated user:

public List<SpringUsers> getRegisteredUsers() {
    CustomUserDetails authenticatedUserDetails = getCustomUserDetails();
    List<SpringUsers> registered = springUsersRepository.findByUserId(
        authenticatedUserDetails.getUserMyId());
    return registered.stream().map(v -> {
        v.setPassword(null);
        return v;
    }).collect(Collectors.toList());
}

I don't want to pass the password (even though it's encrypted) to the frontend - so I stream through the users and set the password to null, as you can see above.

However, I'm wondering if there isn't a possibility to just not include the users' password in the query result in the first place?

Version Info:

Spring boot 1.4.0 & Hibernate 5.0.9.Final

How do I ignore a column in JPA?

To ignore a field, annotate it with @Transient so it will not be mapped by hibernate.

What annotation can exclude fields and properties of entity from mapping in JPA?

When persisting Java objects into database records using an Object-Relational Mapping (ORM) framework, we often want to ignore certain fields. If the framework is compliant with the Java Persistence API (JPA), we can add the @Transient annotation to these fields.

What is getOne in JPA?

The getOne() method is used to retrieves an entity based on id and it is available in the JpaRepository interface. The getOne() method has been defined as below. T getOne(ID id); Using getOne() method we get a single record(entity) on basis of id.

Use @JsonIgnore, this will make it available in the back but will not return when transforming to json

@Size(min = 8)
@JsonIgnore
private String password;

You can use @Query to selectively include some fields:

// Include all fields you wanna query for using u.x syntax
// AFAIK there is no exclusion syntatic sugar
@Query("select u.id, u.username from SpringUsers u where u.id = ?1")
List<SpringUsers> findByUserId(Integer userId);

Also you can use Projections. First define the projection by introducing a projection interface:

interface NoPasswordUser {
    Long getId();
    String getUsername();
    // Do not include getPassword();
}

Then use it in your repository:

public interface SpringUsersRepository extends CrudRepository<SpringUsers, Integer> {
    NoPasswordUser findByUsername(String username);
    List<NoPasswordUser> findByUserId(Integer userId);
}

Anyway, It's better to not expose your entities through a REST or any remote interface. You can use DTOs for that matter, this post may be useful in this area.

Exclude column from resultset in controller | Spring data jpa

Tags:

java

spring-mvc

spring

hibernate

jpa

baao

People also ask

Video Answer

2 Answers

Vallemar

Ali Dehghani

Recent Activity

Donate For Us