fix(go-server): skip readOnly fields in AssertXxxRequired#24170
Open
halfcrazy wants to merge 1 commit into
Open
fix(go-server): skip readOnly fields in AssertXxxRequired#24170halfcrazy wants to merge 1 commit into
halfcrazy wants to merge 1 commit into
Conversation
Contributor
There was a problem hiding this comment.
1 issue found across 3 files
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
AssertXxxRequired is only invoked on decoded request bodies, but it enforced every entry of a schema's required list, including readOnly properties. Per OpenAPI 3.x, readOnly properties are produced by the server and MUST NOT be sent by the client, so a schema legitimately listing a readOnly property as required (e.g. Redfish/JSON:API identity fields like id, @odata.type) caused the generated controller to reject every valid request that omitted the readOnly field. Skip readOnly entries in the requiredVars loop in model.mustache so non-readOnly required fields are still validated while readOnly ones are not enforced on request bodies. Add a regression test using a spec with a readOnly+required id and a non-readOnly required name.
9eabd9c to
c58951d
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
AssertXxxRequired is only invoked on decoded request bodies, but it enforced every entry of a schema's required list, including readOnly properties. Per OpenAPI 3.x, readOnly properties are produced by the server and MUST NOT be sent by the client, so a schema legitimately listing a readOnly property as required (e.g. Redfish/JSON:API identity fields like id, @odata.type) caused the generated controller to reject every valid request that omitted the readOnly field.
Skip readOnly entries in the requiredVars loop in model.mustache so non-readOnly required fields are still validated while readOnly ones are not enforced on request bodies. Add a regression test using a spec with a readOnly+required id and a non-readOnly required name.
fix #24168
PR checklist
Commit all changed files.
This is important, as CI jobs will verify all generator outputs of your HEAD commit as it would merge with master.
These must match the expectations made by your contribution.
You may regenerate an individual generator by passing the relevant config(s) as an argument to the script, for example
./bin/generate-samples.sh bin/configs/java*.IMPORTANT: Do NOT purge/delete any folders/files (e.g. tests) when regenerating the samples as manually written tests may be removed.
@lwj5
Summary by cubic
Skip readOnly fields during
go-servermodel validation so request bodies can omit server-produced fields without failing. Non-readOnly required fields are still enforced, and readOnly fields are excluded from required checks, recursion, and constraints, matching OpenAPI 3.model.mustacheto excludereadOnlyfields from the required map, from recursion inAssertXxxRequired, and fromAssertXxxConstraints.readonly-required.yamland tests inGoServerCodegenTestto ensureidis skipped,nameis enforced, and nestedMetais not recursed into.Written for commit c58951d. Summary will update on new commits.