-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unexpected interaction between Joi.object().unknown() and stripUnknown #983
Comments
I'd say those rules are in conflict, and in many cases joi doesn't try to solve this as it's unnecessary added complexity. How would you even decide which rule wins ? |
That's why I propose an extra value that informs Joi which one should win. The problem comes into play when you don't know exactly which schema you're dealing with, but would prefer that it remove unknown keys over throwing an error only if those keys would cause an error in the first place. For example, when using Joi as the basis for validating objects that go into a document store, you don't have specific knowledge about the schema you can apply to decide whether to strip unknown keys. The problem becomes much more difficult when dealing with nested object types where some allow unknown keys and some do not -- in that case, there isn't even a single value of |
As you can see from above, I hesitated between breaking or non breaking. After thinking about it, I considered that, like in a few other already existing cases in joi, the local choice should win over the global options. I will thus consider this a bug and support it without any extra configuration value. Anyone considering this is a mistake can come to me fast before I release, but I believe this is the least surprising behavior joi should adopt. (And sorry for the delay) |
@Marsup Thanks for taking the time to address this. Note that I was able to find a workaround for users who may be unable to upgrade. Using |
I'm having a similar issue. I'm using both option in the same direction, meaning I don't want extraneous keys. So contrary to what was previously said, global settings won over local settings
Here is an example of the above mentioned conflict : const joi = require('joi');
const schema = {
user: joi.string()
}
const joiObject = joi.object(schema).unknown(false);
const input = {
user: 'root',
hello: 'hello',
}
const {error, value} = joiObject.validate(input, { stripUnknown: true });
console.log('ERROR');
console.log(JSON.stringify(error, null, 2));
console.log('INPUT');
console.log(JSON.stringify(input, null, 2));
console.log('OUTPUT');
console.log(JSON.stringify(value, null, 2)); output :
Error shouldn't be null. |
@AdrienHorgnies The trick here is that The
To put it another way, I'm having trouble making sense of this statement:
I can't imagine a situation when you would want both -- for the keys to be stripped and to get an error. You usually want one or the other, and |
@cdhowie The situation is that I am validating a configuration file. I wanted to be able to validate the file, warn the user about any extraneous keys (warnings based on validation errors) but still go on with what was valid (stripped input, I cannot ignore extraneous keys as I'm using I thought that would be a nice feature and that Joi was the right one to do the job. It's already almost there. |
@AdrienHorgnies A workaround would be validating twice. To warn the user, validate with To obtain just the valid data with bad keys removed, validate with |
There are indeed plenty of solutions I could implement. I presented a use case that highlighted the feature that it could be. |
Context
What are you trying to achieve or the steps to reproduce ?
There's a bit of ambiguity between the
object().unknown()
schema and the{ stripUnknown: { objects: true } }
validation options. I would expect thestripUnknown
option to leave unknown keys alone if the schema declares that it allows unknown keys, but this is not the case; it removes unknown keys regardless of whether the schema permits them.This puts me in a rather difficult position of having to know which schemas permit unknown keys and which do not, so that I can supply the correct
stripUnknown
option during validation. My requirements:This particular use case seems to be missing from Joi. Perhaps we could add
{ stripUnknown: { objects: 'unallowed' } }
to cover this? I'm more than happy to submit a PR to add this but want to make sure that this approach would be accepted before I start working on it.Which result you had ?
What did you expect ?
The text was updated successfully, but these errors were encountered: