validate incoming JSON

Author: tburch

grails-app/resources/jsonblob/JsonBlobCollectionResource.groovy

@@ -1,6 +1,8 @@
 package jsonblob
 
+import grails.converters.JSON
 import org.bson.types.ObjectId
+import org.codehaus.groovy.grails.web.converters.exceptions.ConverterException
 import org.grails.jaxrs.provider.DomainObjectNotFoundException
 
 import javax.ws.rs.*
@@ -19,12 +21,12 @@ class JsonBlobCollectionResource  {
     @POST
     @Path('/jsonBlob')
     Response create(String json) {
-        def newBlob = jsonBlobResourceService.create(json)
-        def objectId = newBlob["_id"]
-        if (objectId) {
-            URI uri = UriBuilder.fromPath(objectId.toString()).build()
+        try {
+            JSON.parse(json)
+            def newBlob = jsonBlobResourceService.create(json)
+            URI uri = UriBuilder.fromPath(newBlob["_id"].toString()).build()
             Response.created(uri).entity(jsonService.writeValueAsString(newBlob?.blob)).build()
-        } else {
+        } catch (ConverterException ce) {
             Response.serverError().build()
         }
     }

grails-app/resources/jsonblob/JsonBlobResource.groovy

@@ -1,5 +1,8 @@
 package jsonblob
 
+import grails.converters.JSON
+import org.codehaus.groovy.grails.web.converters.exceptions.ConverterException
+
 import javax.ws.rs.*
 import javax.ws.rs.core.Response
 
@@ -19,8 +22,13 @@ class JsonBlobResource {
 
     @PUT
     Response update(String json) {
-        def updatedBlob = jsonBlobResourceService.update(id, json)
-        Response.ok(jsonService.writeValueAsString(updatedBlob?.blob)).build()
+        try {
+            JSON.parse(json)
+            def updatedBlob = jsonBlobResourceService.update(id, json)
+            Response.ok(jsonService.writeValueAsString(updatedBlob?.blob)).build()
+        } catch (ConverterException ce) {
+            Response.serverError().build()
+        }
     }
 
 //    @DELETE