- edited description
Additional properties not causing validation failure in inline (nested) object definitions
Current behavior
- Consumer is setting a field in the response PactDslJsonBody (inside an array) in Pact definition which is not present on Provider swagger spec.
- We are using ValidatedPactProviderRule
- Tests are passing.
Expected behavior
Fail the test with proper messages.
Version used
- com.atlassian.oai:swagger-request-validator-core:1.4.5
- com.atlassian.oai:swagger-request-validator-pact:1.4.5
Swagger
paths:
/v1/Users/{userId}/organization-permissions:
get:
summary: Gives back a users permissions to organizations
tags:
- Users
- Organization
produces:
- "application/json"
parameters:
-
name: userId
in: path
description: The id of the user
required: true
type: string
maxLength: 255
responses:
200:
description: Ok
schema:
$ref: '#/definitions/OrgPermissionsResponse'
404:
description: User does not exist.
schema:
$ref: '#/definitions/NonScimError'
500:
description: Internal server error.
schema:
$ref: '#/definitions/NonScimError'
definitions:
OrgPermissionsResponse:
type: object
description: |
An object containing a list of organisations and the permissions that the given user has on them.
properties:
organisationPermissions:
type: array
items:
orgId:
type: string
permissions:
type: array
items:
type: string
productList:
type: array
items:
type: string
Pact definition
@Pact(provider = PROVIDER_ID, consumer = CONSUMER_ID)
public PactFragment getOrganizationPermissions(PactDslWithProvider builder) {
PactDslJsonBody pactDslJsonBody = new PactDslJsonBody();
pactDslJsonBody.array("organisationPermissions")
.object()
.stringValue("orgId", "test-org-id")
.array("permissions").string(MANAGE_PERMISSION).closeArray()
// Extra fields in response : products
.array("products").string(IDENTITY_MANAGER).closeArray()
.closeObject()
.closeArray();
return builder
.uponReceiving("a request to get organization permissions")
.method("GET")
.path("/v1/Users/" + USER_ID + "/organization-permissions")
.headers(ImmutableMap.of("Authorization", "Bearer pactToken"))
.willRespondWith()
.status(200)
.body(pactDslJsonBody.asBody())
.toFragment();
}
Comments (8)
-
reporter -
reporter - edited description
-
I tried to reproduce the problem on a branch but am not having much luck:
In this test I am simulating having additional fields in the response body and it is failing appropriately.
Could you take a look at the test and see if you can spot what Im doing differently to you?
Also - can I double check that you don't have a
.swagger-validator
orswagger-validator.properties
config somewhere that might be overriding the validation level to make it non-error? (you should be able to set a breakpoint at com/atlassian/oai/validator/pact/ValidatedPactProviderRule.java:88 and check for what the contents of the validation report are) -
Ok - Ive worked out what the problem is.
There are two things going on here:
- In your example the array definitions are actually malformed - the properties on the inner objects need to be under
properties
e.g.
properties: organisationPermissions: type: array items: type: string // HERE properties: // HERE orgId: type: string permissions: type: array items: type: string productList: type: array items: type: string
- Looks like there is a bug where the
additionalProperties
check isn't working for inline object definitions within arrays or objects
- In your example the array definitions are actually malformed - the properties on the inner objects need to be under
-
As a workaround for now - if you split your schema definitions out and use a
$ref
the validation will be applied correctlye.g.
OrgPermissionsResponse: type: object description: | An object containing a list of organisations and the permissions that the given user has on them. properties: organisationPermissions: type: array items: $ref: '#/definitions/OrgPermission' OrgPermission: type: object properties: orgId: type: string permissions: type: array items: type: string productList: type: array items: type: string
-
- changed title to Additional properties not causing validation failure in inline (nested) object definitions
-
- changed status to open
-
- changed status to resolved
Available in v1.4.7
- Log in to comment