Skip to content
Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
477 lines (411 sloc) 11.8 KB
"""
Example of JSON body validation in POST with various kinds of specs and views.
"""
try:
from http import HTTPStatus
except ImportError:
import httplib as HTTPStatus
from flask import Blueprint
from flask import Flask
from flask import jsonify
from flask import request
from flasgger import Schema
from flasgger import Swagger
from flasgger import SwaggerView
from flasgger import fields
from flasgger import swag_from
from flasgger import validate
# Examples include intentionally invalid defaults to demonstrate validation.
_TEST_META_SKIP_FULL_VALIDATION = True
app = Flask(__name__)
swag = Swagger(app)
test_specs_1 = {
"tags": [
"users"
],
"parameters": [
{
"name": "body",
"in": "body",
"required": True,
"schema": {
"id": "User",
"required": [
"username",
"age"
],
"properties": {
"username": {
"type": "string",
"description": "The user name.",
"default": "Sirius Black"
},
"age": {
"type": "integer",
"description": "The user age (should be integer)",
"default": "180"
},
"tags": {
"type": "array",
"description": "optional list of tags",
"default": [
"wizard",
"hogwarts",
"dead"
],
"items": {
"type": "string"
}
}
}
}
}
],
"responses": {
"200": {
"description": "A single user item",
"schema": {
"$ref": "#/definitions/User"
}
}
}
}
@app.route("/manualvalidation", methods=['POST'])
@swag_from("test_validation.yml")
def manualvalidation():
"""
In this example you need to call validate() manually
passing received data, Definition (schema: id), specs filename
"""
data = request.json
validate(data, 'User', "test_validation.yml")
return jsonify(data)
@app.route("/validateannotation", methods=['POST'])
@swag.validate('User')
@swag_from("test_validation.yml")
def validateannotation():
"""
In this example you use validate(schema_id) annotation on the
method in which you want to validate received data
"""
data = request.json
return jsonify(data)
@app.route("/autovalidation", methods=['POST'])
@swag_from("test_validation.yml", validation=True)
def autovalidation():
"""
Example using auto validation from yaml file.
In this example you don't need to call validate() because
`validation=True` on @swag_from does that for you.
In this case it will use the same provided filename
and will extract the schema from `in: body` definition
and the data will default to `request.json`
or you can specify:
@swag_from('file.yml',
validation=True,
definition='User',
data=lambda: request.json, # any callable
)
"""
data = request.json
return jsonify(data)
@app.route("/autovalidationfromspecdict", methods=['POST'])
@swag_from(test_specs_1, validation=True)
def autovalidation_from_spec_dict():
"""
Example using data from dict to validate.
In this example you don't need to call validate() because
`validation=True` on @swag_from does that for you.
In this case it will use the same provided filename
and will extract the schema from `in: body` definition
and the data will default to `request.json`
or you can specify:
@swag_from('file.yml',
validation=True,
definition='User',
data=lambda: request.json, # any callable
)
"""
data = request.json
return jsonify(data)
class User(Schema):
username = fields.Str(required=True, default="Sirius Black")
# wrong default "180" to force validation error
age = fields.Int(required=True, min=18, default="180")
tags = fields.List(fields.Str(), default=["wizard", "hogwarts", "dead"])
class UserPostView(SwaggerView):
tags = ['users']
parameters = User
responses = {
200: {
'description': 'A single user item',
'schema': User
}
}
validation = True
def post(self):
"""
Example using marshmallow Schema
validation=True forces validation of parameters in body
---
# This value overwrites the attributes above
deprecated: true
"""
return jsonify(request.json)
app.add_url_rule(
'/schemevalidation',
view_func=UserPostView.as_view('schemevalidation'),
methods=['POST']
)
# ensure the same works for blueprints
example_blueprint = Blueprint(
"example", __name__, url_prefix='/blueprint')
@example_blueprint.route("/autovalidationfromdocstring", methods=['POST'])
@swag.validate('Officer')
def autovalidation_from_docstring():
"""
Test validation using JsonSchema
The default payload is invalid, try it, then change the age to a
valid integer and try again
---
tags:
- officer
parameters:
- name: body
in: body
required: true
schema:
id: Officer
required:
- name
- age
properties:
name:
type: string
description: The officer's name.
default: "James T. Kirk"
age:
type: integer
description: The officer's age (should be integer)
default: "138"
tags:
type: array
description: optional list of tags
default: ["starfleet", "captain", "enterprise", "dead"]
items:
type: string
responses:
200:
description: A single officer item
schema:
$ref: '#/definitions/Officer'
"""
data = request.json
return jsonify(data)
@example_blueprint.route('/manualvalidation', methods=['POST'])
@swag_from("test_validation.yml")
def manualvalidation_bp():
"""
In this example you need to call validate() manually
passing received data, Definition (schema: id), specs filename
"""
data = request.json
validate(data, 'User', "test_validation.yml")
return jsonify(data)
@example_blueprint.route('/autovalidation', methods=['POST'])
@swag_from("test_validation.yml", validation=True)
def autovalidation_bp():
"""
Example using auto validation from yaml file.
In this example you don't need to call validate() because
`validation=True` on @swag_from does that for you.
In this case it will use the same provided filename
and will extract the schema from `in: body` definition
and the data will default to `request.json`
or you can specify:
@swag_from('file.yml',
validation=True,
definition='User',
data=lambda: request.json, # any callable
)
"""
data = request.json
return jsonify(data)
@example_blueprint.route("/autovalidationfromspecdict", methods=['POST'])
@swag_from(test_specs_1, validation=True)
def autovalidation_from_spec_dict_bp():
"""
Example using data from dict to validate.
In this example you don't need to call validate() because
`validation=True` on @swag_from does that for you.
In this case it will use the same provided filename
and will extract the schema from `in: body` definition
and the data will default to `request.json`
or you can specify:
@swag_from('file.yml',
validation=True,
definition='User',
data=lambda: request.json, # any callable
)
"""
data = request.json
return jsonify(data)
class BPUserPostView(SwaggerView):
tags = ['users']
parameters = User
responses = {
200: {
'description': 'A single user item',
'schema': User
}
}
validation = True
def post(self):
"""
Example using marshmallow Schema
validation=True forces validation of parameters in body
---
# This value overwrites the attributes above
deprecated: true
"""
return jsonify(request.json)
example_blueprint.add_url_rule(
'/schemevalidation',
view_func=BPUserPostView.as_view('schemevalidation'),
methods=['POST']
)
app.register_blueprint(example_blueprint)
def test_swag(client, specs_data):
"""
This test is runs automatically in Travis CI
:param client: Flask app test client
:param specs_data: {'url': {swag_specs}} for every spec in app
"""
apispec = specs_data.get('/apispec_1.json')
assert apispec is not None
paths = apispec.get('paths')
expected_user_paths = (
'/autovalidation',
'/validateannotation',
'/autovalidationfromspecdict',
'/blueprint/autovalidation',
'/blueprint/autovalidationfromspecdict',
'/blueprint/manualvalidation',
'/blueprint/schemevalidation',
'/manualvalidation',
'/schemevalidation',
)
expected_officer_paths = (
'/blueprint/autovalidationfromdocstring',
)
invalid_users = (
"""
{
"username": "Sirius Black",
"age": "180",
"tags": [
"wizard",
"hogwarts",
"dead"
]
}
""",
"""
{
"age": 180,
"tags": [
"wizard"
]
}
""",
)
valid_users = (
"""
{
"username": "Sirius Black",
"age": 180,
"tags": [
"wizard",
"hogwarts",
"dead"
]
}
""",
"""
{
"username": "Ronald Weasley",
"age": 22
}
""",
)
invalid_officers = (
"""
{
"name": "James T. Kirk",
"age": "138",
"tags": [
"captain",
"enterprise",
"dead"
]
}
""",
"""
{
"age": 138,
"tags": [
"captain"
]
}
""",
)
valid_officers = (
"""
{
"name": "James T. Kirk",
"age": 138,
"tags": [
"captain",
"enterprise",
"dead"
]
}
""",
"""
{
"name": "Jean-Luc Picard",
"age": 60
}
""",
)
assert paths is not None and len(paths) > 0
definitions = apispec.get('definitions')
assert definitions is not None
assert definitions.get('User') is not None
assert definitions.get('Officer') is not None
for expected_path in expected_user_paths:
assert paths.get(expected_path) is not None
for invalid_user in invalid_users:
response = client.post(
expected_path, data=invalid_user,
content_type='application/json')
assert response.status_code == HTTPStatus.BAD_REQUEST
for valid_user in valid_users:
response = client.post(
expected_path, data=valid_user,
content_type='application/json')
assert response.status_code == HTTPStatus.OK
for expected_path in expected_officer_paths:
assert paths.get(expected_path) is not None
for invalid_officer in invalid_officers:
response = client.post(
expected_path, data=invalid_officer,
content_type='application/json')
assert response.status_code == HTTPStatus.BAD_REQUEST
for valid_officer in valid_officers:
response = client.post(
expected_path, data=valid_officer,
content_type='application/json')
assert response.status_code == HTTPStatus.OK
if __name__ == "__main__":
app.run(debug=True)
You can’t perform that action at this time.