You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@validates_schema(pass_original=True)defcheck_unknown_fields(self, data, original_data):
forkeyinoriginal_data:
ifkeynotinself.fields:
raiseValidationError('Unknown field name {}'.format(key))
Doing this removes the error but also won't raise any error for
http POST http://127.0.0.1:5000/user/ name=Test id=whatever
If we want to get an error for this, then another fix could be
@validates_schema(pass_original=True)defcheck_unknown_fields(self, data, original_data):
forkey, valueinoriginal_data.items():
ifkeynotinself.fields:
raiseValidationError(_('Unknown field name {field}.').format(field=key))
ifself.fields[key].dump_onlyandvalueisnotmissing:
raiseValidationError(_('Field {field} is dump_only.').format(field=key))
which also raises a different message for dump_only and unknown fields.
Another fix would be to stop webargs from parsing dump_only fields in the first place so that they don't appear in original_data. After all, I don't see the point in adding those fields since they are ignored in the next step.
I'm using webargs to parse API requests using the
Schema
I get from theDocument
and I have an issue with dump_only fields.Consider a document/resource
user
with dump_onlyid
field.When sending a request like this:
webargs searches for all attributes in the query locations and
original_data
incheck_unknown_fields
is:Then, since
id
is not inloadable_fields
,check_unknown_fields
raises an error.This happens when I'm reusing the
Schema
in webargs, not on typical umongo usage like in the Flask example.Possible fixes/workarounds:
Stick to the version of
check_unknown_fields
suggested in Marshmallow's documentation:Doing this removes the error but also won't raise any error for
If we want to get an error for this, then another fix could be
which also raises a different message for dump_only and unknown fields.
Another fix would be to stop webargs from parsing
dump_only
fields in the first place so that they don't appear inoriginal_data
. After all, I don't see the point in adding those fields since they are ignored in the next step.It would happen here:
This could be changed into
But this would also silently mask cases where data is provided to a
dump_only
field:so maybe this is not any better.
Besides, I'm not familiar enough with webargs' insides to be confident with this change.
Anyway, if we want to raise an error if a dump_only field receives a value, we should make sure it is not "missing".
What do you think about the
value is not missing
test alternative?The text was updated successfully, but these errors were encountered: