There are more mandatory fields required than showed in Swagger

[vira-vira]

Attempted to
Create a new issue in Defect Dojo through API v2 using the minimal parameters marked as mandatory in the documentation. We use a POST Request with the endpoint /findings/
Documentation:
http://127.0.0.1:8080/api/v2/doc/
Screenshots of Swagger:

In Swagger, it shows that the minimum mandatory fields required for a POST Request in /findings are:

• test
• found_by
• title
• severity
• description
• mitigation
• impact

The expected behavior was
A 201 Created with a JSON response as stated in the docs.
We Got

500 Error

. In the server logs there is this traceback: 

Workaround
We created POST request with the following parameters:

• test
• found_by
• title
• severity
• description
• mitigation
• impact
• numerical_severity
• duplicate
• verified
• false_p

[valentijnscholten]

@vidhan13j07 could you check again in dev? We have fixed lots of schema inconsistencies and added an OpenAPI v3 schema as well. Actually it might be that the spec is correctly rendered based in the model fields, but the logic still assumes some extra fields to be present.

[devGregA]

@valentijnscholten I can have this validated.

[XiChen-Tibco]

@vira-vira Hi, could you give us more details about how to reproduce this error?

[valentijnscholten]

merged into dev / 2.2.0

[valentijnscholten]

The fix turned out to be incomplete, see for example #5019

[sokayvich-git]

In /import-scan/, environment variable is not marked as required in swagger, but results in 500 errors when using the netsparker import test_type without it.

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.