Fail validation on unexpected input #457
Comments
|
Hi @HoneyryderChuck - this is missing. The underlying parser, the Representable gem, doesn't support this out-of-the-box. You could probably do that manually in a "virtual" populator, since it receives the parsed fragment. BTW, the "clearing out" is due to the parsing gem, which existed many years before strong_parameters, any similar behavior is not intended. 😜 |
|
@apotonick thx for the reply.
Where do I find a tutorial on how to use a virtual populator?
I guess it makes sense to have this as the "default" behaviour, as this was probably done more to support url-encoded form validation, and JSON schema validation requirement came later. I'd say that one could keep it as the default, and "opt in" to an explicit failure. How hard would this be to implement? |
Hi. this might be interpreted as a usability issue with the library, but I don't want to create an account with gitter, as it requests for too much information from my github account, making it difficult to join. If I may be so bold to suggest smth, a mailing list would have a lower barrier of entry.
Complete Description of Issue
I'm using reform contracts in the context of trailblazer for schema validation of a REST API. I've seen that unexpected properties being sent in a JSON payload will just be "cleared out", instead of generating an error. It has been said to me that this mimmicks the behaviour of rails strong parameters, which will also remove unexpected input, so I don't really have an issue with that. But I'd like to opt-in on different behaviour, i.e. fail the validation and generate errors like "Unexpected attribute" for wrong input. An example would be this kind of payload:
{"user": {"firzt_name": "John", "last_name": "Doe"} }In this case, I'd like to generate an error for the
firzt_namekey, as the contract only states thefirst_nameandlast_nameproperties.Is this actually configurable? Or is it completely missing?
The text was updated successfully, but these errors were encountered: