Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatically parse number values #257

Closed
wjdhamilton opened this issue Jul 6, 2015 · 8 comments
Closed

Automatically parse number values #257

wjdhamilton opened this issue Jul 6, 2015 · 8 comments

Comments

@wjdhamilton
Copy link

I'm not sure if this is strictly the correct thing to do, but I have been looking to use this gem in a rails project as a substitute for strong parameters. The Rails params object is presented as a hash where all the values are strings, so there are no numbers in the params hash. JSON::Validator does not accept strings as numbers even if the string can be parsed as a valid number. However, I think it would make sense if it did since that would make it more permissive and easier to use in use-cases such as this.
@RST-J
Copy link
Contributor

RST-J commented Jul 6, 2015

In your use case this probably makes sense - although I have an alternative suggestion for you:
Write your schemas such that they validate strings by a regular expression that makes sure the given values are within the integer or number range you expect them to be.

In general it is a big and important difference whether a value is a number or a string.

P.S.: Just out of curiosity, why do think about not using strong parameters anymore? Using strong parameters together with validations on the model level is a well established - i.e. well tested - approach.

@wjdhamilton
Copy link
Author

That is a very good idea! Thanks for your help

Sent from my iPhone

On 6 Jul 2015, at 14:53, Jonas Peschla [email protected] wrote:

In your use case this probably makes sense - although I have an alternative suggestion for you:
Write your schemas such that they validate strings by a regular expression that makes sure the given values are within the integer or number range you expect them to be.

In general it is a big and important difference whether a value is a number or a string.


Reply to this email directly or view it on GitHub.

@iainbeeston
Copy link
Contributor

I've used the gem many times in this way. But coercing data types is the
job of rails, not json-schema

On Mon, 6 Jul 2015 at 15:00 wjdhamilton [email protected] wrote:

That is a very good idea! Thanks for your help

Sent from my iPhone

On 6 Jul 2015, at 14:53, Jonas Peschla [email protected]
wrote:

In your use case this probably makes sense - although I have an
alternative suggestion for you:
Write your schemas such that they validate strings by a regular
expression that makes sure the given values are within the integer or
number range you expect them to be.

In general it is a big and important difference whether a value is a
number or a string.


Reply to this email directly or view it on GitHub.


Reply to this email directly or view it on GitHub
#257 (comment)
.

@RST-J
Copy link
Contributor

RST-J commented Jul 6, 2015

Of course you can do this, I just wanted to point out that there are dragons here which one should be clearly aware of. All attributes which should not be updated arbitrarily must be blacklisted which is inherently more dangerous than whitelisting allowed ones (strict can do the job here, but not if some fields may be omitted in the requests ...).

@iainbeeston
Copy link
Contributor

Yeah that's true. I'd only recommend it if you have a specific list of allowed properties

@wjdhamilton
Copy link
Author

I can use strong parameters, but I read an interesting article by thoughtbot (https://robots.thoughtbot.com/validating-json-schemas-with-an-rspec-matcher) which talked about using this gem to validate api responses in your tests. And then I started thinking that it would also be a great basis for documenting your api. This then lead me to think that if you could also use them for whitelisting parameters then you could tie the whole thing together in a gem which generates the schema with the model, uses it to generate the docs and the test etc. etc. I have really no idea how to make such a thing work but I thought the best place to start would be to see if I could use json-schema to whitelist parameters in something I'm working on for wife. And here I am.

@iainbeeston
Copy link
Contributor

I have an unfinished blog post all about this... (Maybe I should try to
find some time to finish it off)
On Mon, 6 Jul 2015 at 4:11 pm, wjdhamilton [email protected] wrote:

I can use strong parameters, but I read an interesting article by
thoughtbot (
https://robots.thoughtbot.com/validating-json-schemas-with-an-rspec-matcher)
which talked about using this gem to validate api responses in your tests.
And then I started thinking that it would also be a great basis for
documenting your api. This then lead me to think that if you could also use
them for whitelisting parameters then you could tie the whole thing
together in a gem which generates the schema with the model, uses it to
generate the docs and the test etc. etc. I have really no idea how to make
such a thing work but I thought the best place to start would be to see if
I could use json-schema to whitelist parameters in something I'm working on
for wife. And here I am.


Reply to this email directly or view it on GitHub
#257 (comment)
.

@wjdhamilton
Copy link
Author

You should! It could be a really cool approach to building apis.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@iainbeeston @RST-J @wjdhamilton