TechQA.

flask - something more strict than @api.expect for input data?

11.5k views Asked by At

In my flask-restplus API I'd like not only to check that input data, like in the following example

resource_fields = api.model('Resource', {
    'name': fields.String(default = 'string: name', required = True),
    'state': fields.String(default = 'string: state'),
})

@api.route('/my-resource/<id>')
class MyResource(Resource):
    @api.expect(resource_fields, validate=True)
    def post(self):
        ...

must have 'name' field and may have 'state' field, but also to check that there are no other fields (and to raise an error if this happens). Is there another decorator for this? Can I check the correctness of the input data by a custom function?

python flask flask-restplus
Original Q&A
3

There are 3 answers

3
shiv On BEST ANSWER

Instead of using a dictionary for your fields, try using a RequestParser (flask-restplus accepts both as documented here. That way, you can call parser.parse_args(strict=True) which will throw a 400 Bad Request exception if any unknown fields are present in your input data.

my_resource_parser = api.parser()
my_resource_parser.add_argument('name', type=str, default='string: name', required=True)
my_resource_parser.add_argument('state', type=str, default='string: state')

@api.route('/my-resource/<id>')
class MyResource(Resource):
    def post(self):
        args = my_resource_parser.parse_args(strict=True)
        ...

For more guidance on how to use the request_parser with your resource, check out the ToDo example app in the flask-restplus repo.

0
Alexis.Rolland On

Here is another answer to complete the one from @shiv. The following code snippet allows you to have your payload documented in the Swagger doc generated by Flask Restplus. Taken from the documentation about the expect decorator:

my_resource_parser = api.parser()
my_resource_parser.add_argument('name', type=str, default='string: name', required=True)
my_resource_parser.add_argument('state', type=str, default='string: state')

@api.route('/my-resource/<id>', endpoint='with-parser')
class MyResource(Resource):
    @api.expect(my_resource_parser)
    def post(self):
        args = my_resource_parser.parse_args(strict=True)
        ...
3
Nick Jenkins On

For those that want to continue using the api.model rather than request parser, it's possible to iterate over your input (assuming list) versus the model. The model behaves like a dictionary.

from flask_restplus import abort

def check_exact(response_list, model):
    for response_dict in response_list:
        for key in response_dict:
            if key not in model:
                abort(400, "Non-specified fields added", field=key)

...

@ns.expect(my_model, validate=True)
def post(self, token):
    """Add new set of responses
    """
    check_exact(api.payload['responses'], my_model)
    ...

Related Questions in PYTHON

Related Questions in FLASK

Related Questions in FLASK-RESTPLUS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions