Comments (4)
luolingchun
commented on June 1, 2024
Can you write a detailed example?
Here's a decorator sample code for permission validation:
https://github.com/luolingchun/flask-api-demo/blob/master/src/app/api/user.py#L54
https://github.com/luolingchun/flask-api-demo/blob/master/src/app/api/admin.py#L31
https://github.com/luolingchun/flask-api-demo/blob/master/src/app/utils/jwt_tools.py#L52
By the way, user_id: str, **_ is a misuse of the attempt to support only a few parameters: path, query, form, body, header, cookie
Here is the help documentation: https://luolingchun.github.io/flask-openapi3/v2.x/Usage/Request/
from flask-openapi3.
simonjharris
commented on June 1, 2024
Here's a unit test MWE:
(This setup works with flask-pydantic)
import pytest
from pydantic import BaseModel
from flask_openapi3 import OpenAPI
from functools import wraps
app = OpenAPI(__name__)
class ForbiddenError(Exception):
pass
class TestModel(BaseModel):
field: str
@app.errorhandler(ForbiddenError)
def handle_forbidden_error(e):
return "Forbidden", 403
@pytest.fixture
def client():
client = app.test_client()
yield client
def intercept():
def middle(f):
@wraps(f)
def wrapper(*args, **kwargs):
raise ForbiddenError()
return wrapper
return middle
@app.post("/forbidden")
@intercept()
def forbidden_route(body: TestModel):
return "success", 200
def test_forbidden_error(client):
r = client.post("/forbidden")
assert r.status_code == 403
assert r.text == "Forbidden"
test_interception_decorator.py::test_forbidden_error FAILED [100%]
test_interception_decorator.py:49 (test_forbidden_error)
422 != 403
Expected :403
Actual :422
<Click to see difference>
client = <FlaskClient <OpenAPI 'test_interception_decorator'>>
def test_forbidden_error(client):
r = client.post("/forbidden")
> assert r.status_code == 403
E assert 422 == 403
E + where 422 = <WrapperTestResponse streamed [422 UNPROCESSABLE ENTITY]>.status_code
test_interception_decorator.py:52: AssertionError
from flask-openapi3.
luolingchun
commented on June 1, 2024
I compared flask-openapi3 and flask-pydantic and came to the following conclusion:
flask-pydanticuses a standalone@validate()decorator, so you can choose the@intercept()execution order.# Execute @validate() first and then @intercept(), # which will throw a validation error, just like flask-openapi3 here. @app.route("/", methods=["GET"]) @validate() @intercept() def get(query: QueryModel): ... # Execute @intercept() first and then @validate(), @intercept() throws an exception. @app.route("/", methods=["GET"]) @intercept() @validate() def get(query: QueryModel): ...
flask-openapi3does not have a@validate()decorator, so it must pass parameter validation before continuing execution.
from flask-openapi3.
simonjharris
commented on June 1, 2024
Thanks for your reply, I see your point here.
I did a bit more testing and noticed that if I remove the @wraps() within intercept, the test passes. I'm not sure if this expected behaviour.
from flask-openapi3.
Related Issues (20)
- Is there a work around to create non json request handlers?
- Option to output openapi3 instead of 3.1 HOT 1
- Shorthand way of describing that the response will be an array of items. HOT 1
- Every route gets a 422 response created HOT 3
- Make body required false
- Not required (optional) fields in multipart/form-data don't have types in swagger HOT 14
- Different endpoints in swagger "Try it out" fire to the same endpoint when they have the same function name HOT 4
- The default value defined in the form is invalid
- incompatibility with latest pydantic 2.5.2 HOT 3
- Apply multi responses to one HttpStatus or apply arbitrary str as responses key HOT 3
- Allow 422 response to specified model not only array HOT 3
- Optional null value with model_fields_set HOT 3
- Missing Pydantic Calculated Fields From openapi.json HOT 3
- How to add examples to swagger HOT 1
- Issues using flask-openapi3 when its views are decorated
- Swagger Validator Error when application is deployed HOT 3
- Pyinstller build breaks docs HOT 2
- Error when using 'gt' or 'lt' constraints in Pydantic Field()
- Release v4.0
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flask-openapi3.