Spring @JsonView restriction does not work for request-body without @JsonProperty

I have an api entity User with internal and external business fields

My goals: - Restrict Controller from seeing external field if endpoint POST /internal is being used - Restrict Controller from seeing internal field if endpoint POST /external is being used

@PostMapping("/internal")
public UserV1 postInternal(@RequestBody @JsonView(Views.Internal.class) UserV1 user) {
    requireNull(user.externalId(), "'externalId' must be null for /internal endpoint");
    return user;
}

For some reason this code only works if i annotated field with two annotations

public record UserV2(
    ...
    @JsonView(Views.External.class)
    @JsonProperty("externalId") // Without this annotation JsonView is ignored by Controller
    String externalId
) {}

Repo that reproduce this issue https://github.com/bitxon/spring-json-view-experiment

Repo description - UserV2 works fine for Request Body because it has both annotation @JsonView and @JsonProperty - UserV1 does not work for Request Body because it has only @JsonView

Comment From: bitxon

I dived deeper to a problem, appears that issue is on Jackson side fortunately this issue fixed in latest Jackson version 2.15.0

Solution

dependencies {
    ...
    implementation 'com.fasterxml.jackson.core:jackson-databind:2.15.0'
}