Skip to content

fix(API): validate JSON input for APIError.__init__() #597

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix(API): validate JSON input for APIError.__init__() #597

wants to merge 3 commits into from

Conversation

o-santi
Copy link

@o-santi o-santi commented May 16, 2025

What kind of change does this PR introduce?

Introduce validation that the error received on a request has the the correct JSON schema, as reported by #595.

What is the current behavior?

Currently, if a request is not successful, it will try to convert its response to JSON by using r.json(), correctly ensuring that the JSONDecodeError is dealt with in the try block. However, given that r.json() returns Any, it is not guaranteed to be a Dict[str, str] as the APIError.__init__() method expects, and thus if an error response returns a valid non-dict JSON object, such as text surrounded by quotes (a valid JSON string) the initializer will throw an AttributeError when trying to access one of the JSON object's methods.

What is the new behavior?

A simple APIErrorFromJSON pydantic model is introduced, to throw a ValidationError in the case of the response content not being JSON, or if it is valid JSON but not a valid expected schema. This simplifies the code a little bit, as JSONDecodeError does not need to be handled anymore, because it was thrown by the .json() method on the Response. I've also added a new test to ensure that this behavior is taken into account from now on.

Additional context

This could be handled by adding some check akin to isinstance(r.json(), dict), but this only handles the first layer of the validation, and it would need to validate that the keys are also of the expected type. This is exactly what pydantic does, so I believe it to be the better solution overall.

@o-santi
chore(API): validate JSON input for APIError.__init__()
0bbb2f0 
directly passing `r.json()` into APIError.__init__() is incorrect, as
it expects a `Dict[str, str]`. instead, it should first validate that
the json object is in fact the correct schema, by using a pydantic model
@o-santi o-santi requested a review from grdsdev as a code owner May 16, 2025 13:13
@o-santi o-santi mentioned this pull request May 16, 2025
Open
@silentworks silentworks changed the title chore(API): validate JSON input for APIError.__init__() fix(API): validate JSON input for APIError.__init__() May 16, 2025
@coveralls
Copy link

Pull Request Test Coverage Report for Build 15079111328

Details

  • 43 of 47 (91.49%) changed or added relevant lines in 5 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.5%) to 96.002%
Changes Missing Coverage Covered Lines Changed/Added Lines %
postgrest/_async/request_builder.py 3 5 60.0%
postgrest/_sync/request_builder.py 3 5 60.0%
Totals Coverage Status
Change from base Build 14993921150: 0.5%
Covered Lines: 1801
Relevant Lines: 1876
💛 - Coveralls

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@grdsdev grdsdev Awaiting requested review from grdsdev grdsdev is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@o-santi @coveralls @silentworks