rspec/rules/S3753/java/rule.adoc

A Spring ``++@Controller++`` that uses ``++@SessionAttributes++`` is designed to handle a stateful / multi-post form. Such ``++@Controller++``s use the specified ``++@SessionAttributes++`` to store data on the server between requests. That data should be cleaned up when the session is over, but unless ``++setComplete()++`` is called on the ``++SessionStatus++`` object from a ``++@RequestMapping++`` method, neither Spring nor the JVM will know it's time to do that. Note that the ``++SessionStatus++`` object must be passed to that method as a parameter.


== Noncompliant Code Example

----
@Controller
@SessionAttributes("hello")  // Noncompliant; this doesn't get cleaned up
public class HelloWorld {

  @RequestMapping("/greet", method = GET)
  public String greet(String greetee) {

    return "Hello " + greetee;
  }
}
----


== Compliant Solution

----
@Controller
@SessionAttributes("hello")
public class HelloWorld {

  @RequestMapping("/greet", method = GET)
  public String greet(String greetee) {

    return "Hello " + greetee;
  }

  @RequestMapping("/goodbye", method = POST)
  public String goodbye(SessionStatus status) {
    //... 
    status.setComplete();    
  }

}
----
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			A Spring ``++@Controller++`` that uses ``++@SessionAttributes++`` is designed to handle a stateful / multi-post form. Such ``++@Controller++``s use the specified ``++@SessionAttributes++`` to store data on the server between requests. That data should be cleaned up when the session is over, but unless ``++setComplete()++`` is called on the ``++SessionStatus++`` object from a ``++@RequestMapping++`` method, neither Spring nor the JVM will know it's time to do that. Note that the ``++SessionStatus++`` object must be passed to that method as a parameter.

Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			`== Noncompliant Code Example`

			`----`
			`@Controller`
			`@SessionAttributes("hello") // Noncompliant; this doesn't get cleaned up`
			`public class HelloWorld {`

			`@RequestMapping("/greet", method = GET)`
			`public String greet(String greetee) {`

			`return "Hello " + greetee;`
			`}`
			`}`
			`----`

Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00
Restructure one-lang rspecs 2021-04-28 16:49:39 +02:00			`== Compliant Solution`

			`----`
			`@Controller`
			`@SessionAttributes("hello")`
			`public class HelloWorld {`

			`@RequestMapping("/greet", method = GET)`
			`public String greet(String greetee) {`

			`return "Hello " + greetee;`
			`}`

			`@RequestMapping("/goodbye", method = POST)`
			`public String goodbye(SessionStatus status) {`
			`//...`
			`status.setComplete();`
			`}`

			`}`
			`----`
Fix the missing default metadata fields 2021-04-28 18:08:03 +02:00