62 lines
2.6 KiB
Plaintext
62 lines
2.6 KiB
Plaintext
== Why is this an issue?
|
|
|
|
The request handler function in a `Controller` should set the appropriate HTTP status code based on the operation's success or failure.
|
|
This is done by returning a `Response` object with the appropriate status code.
|
|
|
|
If an exception is thrown during the execution of the handler, the status code should be in the range of 4xx or 5xx.
|
|
Examples of such codes are `BAD_REQUEST`, `UNAUTHORIZED`, `FORBIDDEN`, `NOT_FOUND`, `INTERNAL_SERVER_ERROR`, `BAD_GATEWAY`, `SERVICE_UNAVAILABLE`, etc.
|
|
|
|
The status code should be 1xx, 2xx, or 3xx if no exception is thrown and the operation is considered successful.
|
|
Such codes include `OK`, `CREATED`, `MOVED_PERMANENTLY`, `FOUND`, etc.
|
|
|
|
== How to fix it
|
|
|
|
=== Code examples
|
|
|
|
==== Noncompliant code example
|
|
|
|
[source,java,diff-id=1,diff-type=noncompliant]
|
|
----
|
|
@Controller
|
|
public class UserController {
|
|
public ResponseEntity<User> getUserById(Long userId) {
|
|
try {
|
|
User user = userService.getUserById(userId);
|
|
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(user); // Noncompliant: Setting 500 for a successful operation
|
|
} catch (Exception e) {
|
|
return ResponseEntity.status(HttpStatus.OK).build(); // Noncompliant: Setting 200 for exception
|
|
}
|
|
}
|
|
}
|
|
----
|
|
|
|
==== Compliant solution
|
|
|
|
[source,java,diff-id=1,diff-type=compliant]
|
|
----
|
|
@Controller
|
|
public class UserController {
|
|
public ResponseEntity<User> getUserById(Long userId) {
|
|
try {
|
|
User user = userService.getUserById(userId);
|
|
return ResponseEntity.ok(user); // Compliant: Setting 200 for a successful operation
|
|
} catch (Exception e) {
|
|
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build(); // Compliant: Setting 500 for exception
|
|
}
|
|
}
|
|
}
|
|
----
|
|
|
|
== Resources
|
|
|
|
=== Documentation
|
|
|
|
* https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/http/HttpStatus.html[Spring Java Documentation - HttpStatus]
|
|
* https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/http/ResponseEntity.html[Spring Java Documentation - ResponseEntity]
|
|
* https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-controller/ann-methods/responseentity.html[Spring Framework Documentation - ResponseEntity]
|
|
* https://docs.spring.io/spring-framework/reference/web/webmvc/mvc-ann-rest-exceptions.html[Spring Framework Documentation - Exception Handling]
|
|
|
|
=== Standards
|
|
|
|
* https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml[IANA - Hypertext Transfer Protocol (HTTP) Status Code Registry]
|