Comments (8)
Actually, it does not appear that RESTplus documents validators in Swagger. If that is the case, the existing functionality should be sufficient as you are getting the improved error messaging/validation from Marshmallow while also maintaining the equivalent level of documentation.
@flayman if you disagree feel free to reopen for discussion.
from flask_accepts.
Hi. Sorry, it's been a long weekend here. There are validators on the one hand, and constraints on the other. Marshmallow deals seems to deal with all constraints through validators. Flask-restplus and Swagger use json schema, which has constraints you see as dictionary properties. For example:
...
"definitions": {
"MySchema": {
"type": "object",
"properties": {
"createdBy": {
"type": "integer",
"format": "int32"
},
"name": {
"type": "string",
"maxLength": 25
},
"description": {
"type": "string",
"x-nullable": true
}
},
"required": [
"name"
]
},
...
The maxLength property there will cause Swagger to reject input longer than 25 characters with a response like:
{
"errors": {
"name": "'asdfasdfasdfasdfasdfasdfasdgsdgasdfherfjhsdf hdfhsdfhsd fh sdfh sdfh sdfhsd fhs dfhsd f hsdfh sdfh sdfh sdfh' is too long"
},
"message": "Input payload validation failed"
}
This is not such an issue, as you say, because Marshmallow will reject it and you just pass the error back in the response. However, this is more consistent and it's a safety valve. It seems to me that you need to try to build the swagger.json to be correct since it is the description of the API. There are other advantages, such as that some clients may be able to do client side validation. The constraints are not part of the documentation, but the example values that are generated will make use of default values. That's very handy.
from flask_accepts.
Ah okay, I see. On the one hand, Marshmallow provides better error messages, including the length parameter instead of just "too long":
{'name': ['Longer than maximum length 25.']}
The error is going to be raised from wherever the point of failure is, so if we were to manually map any Marshmallow validation to json schema internally, the Marshmallow errors would still be what came back from the API itself, making the mapping pointless if that is all it affects.
To that end, are there other uses or tools that consume the swagger.json file? Considering I didn't see anything in the generated swagger docs regarding validation, I didn't see much value in creating an internal mapping of validators and the user can provide either kind. However, if there is tooling that takes the swagger.json as input then it would seem more valuable to create a bridge for mapping marshmallow validation to RESTplus.
from flask_accepts.
I don't really know. It would be useful to invite comment from the flask-restplus maintainers. To be clear, I'm not one. This is probably really more of a pure Swagger thing. The maintainers will be better able to comment on completeness. I feel confident in saying that support for a lot more of the types will be needed though.
from flask_accepts.
By the way, good work on all of this. It's looking good. The code is well structured and you're very quick to put out releases.
from flask_accepts.
As far as types go, that list was recently expanded (see here)
There's still a number that map to Raw that might not need to, and a few that have been missed by the first pass. Agreed it would be good to flesh that out more.
from flask_accepts.
To that end, are there other uses or tools that consume the swagger.json file?
Inside flask-restplus, not that I'm aware of. Outside flask-restplus, yes. There's a large number of tools for autogenerating clients that focus on using the swagger.json. Here is one such examples we've used at work:
https://swagger.io/tools/swagger-codegen/
from flask_accepts.
Got it. In that case my opinion on mapping validators across Marshmallow and RESTplus internally in flask_accepts
is not a priority because:
- All of the validation methods from both RESTplus and Marshmallow can already be used. This includes validation errors being bundled together in cases where both
reqparse
andmarshmallow
raised exceptions - RESTplus doesn't display the validation data anywhere in the docs, meaning there is no loss of documentation experience when using marshmallow through flask_accepts
- This mapping would be a lot of work, with the only known benefit be for a user of flask_accepts that was also exporting the Swagger spec into some third party tool.
This is certainly revisitable should interest arise, but for now I won't pursue this.
from flask_accepts.
Related Issues (20)
- When using the @responds decorator, X-Fields headers are automatically applied to the swagger request HOT 2
- Swagger fails to load when a schema does not have a default set in one of the fields. HOT 4
- Marshmallow schema for form data HOT 1
- Query parameter and header schemas do not respect the data key attribute HOT 1
- Passing a schema type to the `schema` argument of @accepts ignores the type's Meta attributes
- Marshmallow 4 breaking changes
- Overriding flask_restx field
- Nested Marshmallow Schemas throwing error on Swagger HOT 5
- Partial param for Schema loading HOT 4
- [Q] Customize schema_errors? HOT 2
- Only swagger generation for end-point HOT 10
- What is the best practice for file uploads? HOT 2
- Working with UUIDs, Marshmallow & 'missing' fields
- Nested schemas with many=true do not generate a list of schemas in the swagger docs HOT 6
- The new partial keyword of accepts() breaks the marshmallow schema
- Using multiple different schemas in accepts decorator raises KeyError if there is a ValidationError
- Cookie header validation works on gunicorn, does not on NGINX
- Static typing on request.parsed_obj
- More forgiving loading of the JSON schema payload ignoring the mimetype
- Skip response fields where value is None
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flask_accepts.