Comments (8)
Sure! I can help with that. Sorry, been busy.
BTW FWIW there was a lot of pushback on my team against using spectree, concerns about adopting a less-well-established library into critical infrastructure. It would have helped a lot to ease their concerns if it were possible to fully disable validation & just use it for generating docs. I hope you'll consider adding this option in the future.
from spectree.
hi, can you please provide more details? Is it a request or a response validation you intend to skip? Can you show some minimal-reproducible example where it's not working as intended?
from spectree.
Ideally I'd like to have the option to skip both request & response validation.
I tried to strip it down as much as possible. I've got a view function like this:
from spectree import SpecTree
from pydantic import BaseModel
from spectree import Response
from flask.views import MethodView
from flask import jsonify
spec = SpecTree("flask", title="Settings Service", mode="strict")
class TestModel(BaseModel):
foo: str
bar: int
class TestView(MethodView):
@spec.validate(json=TestModel, resp=Response(HTTP_200=TestModel), skip_validation=True)
def post(self, service_name):
return jsonify({"foo": "zot", "bar": 0})
Then I import the view into a blueprint.py file like this:
from flask import Blueprint
from settings.views.v2.test_view import TestView
v2_blueprint = Blueprint("v2_views", __name__)
v2_blueprint.add_url_rule(
"/<string:service_name>/district/setting_definition/",
view_func=TestView.as_view("district_setting_definition_view"), methods=['POST']
)
Then app.py imports & registers the blueprint:
from flask import Flask
from settings.views.v2 import v2_blueprint
def create_app():
settings_app = Flask('settings')
settings_app.register_blueprint(v2_blueprint, url_prefix="/v2")
return settings_app
The generated spec looks good so I assume I have done this correctly. However the spec includes this 422 response:
[
{
"ctx": {},
"loc": [
"string"
],
"msg": "string",
"type": "string"
}
]
This test passes, as I would expect it to:
def test_skip_verify(self):
response = self.json_post(
"/v2/%s/district/setting_definition/" % self.service_name,
json_data={"foo": "hey", "bar": 10},
)
self.assertEqual(response.status_code, 200)
However if I change it to:
def test_skip_verify(self):
response = self.json_post(
"/v2/%s/district/setting_definition/" % self.service_name,
json_data={"something-completely-different": "hey"},
)
self.assertEqual(response.status_code, 200)
...it fails with a 422:
b'[{"loc":["foo"],"msg":"field required","type":"value_error.missing"},{"loc":["bar"],"msg":"field required","type":"value_error.missing"}]\n'
from spectree.
So skip
here means skip the response type validation. Not the request validation.
May I know why you don't want to have the request validation?
from spectree.
That makes a lot more sense, thank you for clarifying it only skips the response validation.
Skipping the request validation is not a hill I will die on. On reflection I think it's fine as-is -- I was wary about coupling API docs with validation, wanted to stay flexible & keep the code simple & explicit & easily traceable. I'm testing this out for a microservice that is already very complex. But on second thought the validation decorator tells future devs everything they need to know, and it seems likely we will always want at least simple type checking when there is request json.
I've run into a new problem: Although the API tests behave as expected, when I actually hit the endpoint with Postman the request json doesn't get validated. The response validation does work, but no matter what I pass in the request, there is no error and the Context object is always empty: Context(query=None, json=None, form=None, headers=None, cookies=None)
Do you have any idea what could cause this?
from spectree.
most likely you're not sending content-type: application/json
header there
from spectree.
facepalm yeah that was it. Thanks a million, guys.
BTW would you accept a PR to rename skip_validation
to skip_response_validation
? Might save others the confusion I went through
from spectree.
BTW would you accept a PR to rename
skip_validation
toskip_response_validation
? Might save others the confusion I went through
I guess we can add some documentation to make it more clearly. Changing the name may break some users. What do you think?
from spectree.
Related Issues (20)
- [Question] It's possible to use marshmallow instead of pydantic to define schemas? HOT 1
- [BUG] Spectree flask plugin is logging request validation errors twice HOT 2
- [Question] Is it possible to specify a BaseModel class as a Redoc Model? HOT 1
- Potentially leaky tests HOT 1
- Falcon: before in validate decorator not working?
- Key appended to Schema Component HOT 5
- Exclude routes from OpenAPI spec HOT 1
- Feature Request: Remove Duplicate Schema Components HOT 3
- feat: support `msgspec` as another schema definition
- feat: Disable publishing of /apidoc route HOT 1
- bug: annotations NameError issue caused by python bug HOT 1
- bug: spectree doesn't support pydantic 2.x but doesn't restrict in pyproject.toml HOT 1
- bug: don't support pydantic v2 HOT 5
- feat: add an abstract layer to support pydantic[v1]/pydantic[v2]/msgspec
- bug: Flask Response Validation Error Results in Exception, Unintended 500 content HOT 1
- bug: An empty request is not validated / the content type is not enforced HOT 1
- bug: SecuritySchemeData root_validator conflicts with alias HOT 2
- bug: field alias no longer respected (regression) HOT 6
- bug: List[int] in query params does not accept a list of size 1 in flask app HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spectree.