Eric Freese Eric Freese - 1 year ago 67
Java Question

Is it possible to update only a subset of attributes on an entity using Spring MVC with JPA?

I'm working with Spring Roo, using Spring MVC and JPA for persistence with a MySQL database. I'm very new to Spring MVC and Java in general but have worked with CakePHP and Rails.

I have a

entity that contains personal details in addition to a password. Something like this (excluding a lot of Roo-generated functionality in additional .aj files):

public class User {

@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name = "ID")
private Long id;

@Column(name = "PASSWORD", length = 32)
private String password;

@Column(name = "FIRST_NAME", length = 25)
private String firstName;

@Column(name = "LAST_NAME", length = 25)
private String lastName;

@Column(name = "ADDRESS", length = 255)
private String address;

// The appropriate getters and setters

Then I have an edit action in my
controller that I created following conventions from Roo's auto-generated scaffolding:

@RequestMapping(value="/edit", method = RequestMethod.GET)
public String editForm(Model uiModel) {
String username = (String) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
uiModel.addAttribute("user", User.findUserByUsername(username).getSingleResult());
return "account/edit";

And a JSPX view to render the form, again following Roo's conventions:

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<div xmlns:field="urn:jsptagdir:/WEB-INF/tags/form/fields" xmlns:form="urn:jsptagdir:/WEB-INF/tags/form" xmlns:jsp="" version="2.0">
< contentType="text/html;charset=UTF-8"/>
<jsp:output omit-xml-declaration="yes"/>
<form:update id="" label="Personal Details" modelAttribute="user" path="/account" versionField="none">
<field:input id="" field="firstName" label="First Name" />
<field:input id="" field="lastName" label="Last Name" />
<field:textarea id="" field="address" label="Street Address" />

I do not want the form to update the password, just the provided fields (first name, last name, and address).

The update action, again following Roo convention:

@RequestMapping(method = RequestMethod.PUT, produces = "text/html")
public String edit(@Valid User user, BindingResult bindingResult, Model uiModel, HttpServletRequest httpServletRequest) {
if (bindingResult.hasErrors()) {
uiModel.addAttribute("user", user);
return "account/edit";
return "redirect:/account";

The user object is updated perfectly, but the problem is that it overwrites the password field with null because it's not provided as an input in the form, and thus set to null in the User object passed to the form submit request handler. The problem doesn't show up with the Roo generated scaffolding because they provide form inputs for all of the columns. So I could add it as a hidden field but that doesn't sound like a good idea. And I get the feeling there's a much better way to do it...

TL;DR How can I update only the entity attributes provided in a form without overwriting the other attributes?

In other words, how can I make Spring/JPA generate the SQL

UPDATE user SET firstname=?, lastname=?, address=?

instead of

UPDATE user SET firstname=?, lastname=?, address=?, password=?

Code samples would be fantastic since I'm new to all of this :)

Thank you!

UPDATE: I was able to make it work using yglodt's suggestion, adding the following method to my User model:

public void mergeWithExistingAndUpdate() {
final User existingUser = User.findUser(this.getId());



and calling that from my controller action instead of user.merge():


Answer Source

I usually solve this in the service layer.

You can read the entity you want to update from the DB, and overwrite the attributes which you are getting from your form.

This way you change only the attributes you want.

Code example:

public class UserService {

    @Resource(name = "sessionFactory")
    private SessionFactory  sessionFactory;

    public void mergeWithExistingAndUpdate(final Person personFromPost) {

        final Session session = sessionFactory.getCurrentSession();

        final Person existingPerson = (Person) session.get(Person.class, personFromPost.getId());

        // set here explicitly what must/can be overwritten by the html form POST
        existingPerson.setPassword(Utils.encodePassword(personFromPost.getPassword())); // to get the idea

        existingPerson.setDateModified(new Date());




There is in fact a Spring-way to solve this issue, using @SessionAttributes, see this anwer:

I did not yet test it, but it looks promising.


Eventually I tested it and it works as expected.

There is one thing however which can make you shoot in your foot:

If you open several tabs with the same form, the opening of the last tab overwrites the sessionAttribute of the others, and, on submit, can potentially corrupt your data. There is a solution in this blog post:

But at the end, if you never open multiple tabs for editing, you will not have a problem anyway.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download