Glue API - REST Schema Validation feature integration

Edit on GitHub
You are browsing a previous version of the document. The latest version is 202212.0.

Follow the steps below to install Rest schema validation feature API.

Prerequisites

To start feature integration, overview and install the necessary features:

NAME VERSION INTEGRATION GUIDE
Spryker Core 202212.0 Glue Application feature integration

1) Install the required modules using Composer

Run the following command(s) to install the required modules:

composer require spryker/rest-request-validator:"^1.0.0" --update-with-dependencies
Verification

Make sure that the following modules have been installed:

MODULE EXPECTED DIRECTORY
RestRequestValidator vendor/spryker/rest-request-validator

2) Set up Behavior

Set up the following behaviors.

Enable Console Command

Activate the console command provided by the module:

CLASS SPECIFICATION PREREQUISITES NAMESPACE
BuildValidationCacheConsole Generates a validation cache that is required for request validation None Spryker\Zed\RestRequestValidator\Communication\Console

src/Pyz/Zed/Console/ConsoleDependencyProvider.php

<?php

namespace Pyz\Zed\Console;

use Spryker\Zed\Kernel\Container;
use Spryker\Zed\RestRequestValidator\Communication\Console\BuildValidationCacheConsole;
use Spryker\Zed\Console\ConsoleDependencyProvider as SprykerConsoleDependencyProvider;

class ConsoleDependencyProvider extends SprykerConsoleDependencyProvider
{
    /**
     * @param \Spryker\Zed\Kernel\Container $container
     *
     * @return \Symfony\Component\Console\Command\Command[]
     */
    protected function getConsoleCommands(Container $container)
    {
        $commands = [
            new BuildValidationCacheConsole(),
        ];

        return $commands;
    }
}
Verification

To verify that BuildValidationCacheConsole is activated, make sure that the following command exists: console | grep glue:rest:build-request-validation-cache.

Generate Validation Cache

Run the following command to generate the validation cache:

console glue:rest:build-request-validation-cache
Verification

Make sure that cache has been generated successfully. To do so, verify the contents of the src/Generated/Glue/Validator directory. It should contain a directory structure according to your store setup. Each directory should contain a validation.cache file with a Yaml of default core validation rules.

- AT
    - validation.cache
- DE
    - validation.cache
...

Enable Request Validation

Activate the following plugin(s):

PLUGIN SPECIFICATION PREREQUISITES NAMESPACE
ValidateRestRequestAttributesPlugin Validates the request attributes section of POST and PATCH methods. None Spryker\Glue\RestRequestValidator\Plugin

src/Pyz/Glue/GlueApplication/GlueApplicationDependencyProvider.php

<?php

namespace Pyz\Glue\GlueApplication;

use Spryker\Glue\RestRequestValidator\Plugin\ValidateRestRequestAttributesPlugin;
use Spryker\Glue\GlueApplication\GlueApplicationDependencyProvider as SprykerGlueApplicationDependencyProvider;

class GlueApplicationDependencyProvider extends SprykerGlueApplicationDependencyProvider
{
    /**
     * @return \Spryker\Glue\GlueApplicationExtension\Dependency\Plugin\RestRequestValidatorPluginInterface[]
     */
    protected function getRestRequestValidatorPlugins(): array
    {
        return [
            new ValidateRestRequestAttributesPlugin(),
        ];
    }
}
Verification

Make sure that ValidateRestRequestAttributesPlugin has been activated:

  1. Make sure that there is a Glue API feature that uses validation configuration in your project.

  2. Create validation configuration: a. Create src/Pyz/Glue/YourModuleRestApi/Validation/{module}.validation.yaml. b. In the file, describe validation rules for endpoints. See Validate REST request format for more details. Example:

    access-tokens:
      post:
        username:
          - NotBlank
          - Email
        password:
          - NotBlank
    

    c. Collect the validation cache:

    console glue:rest:build-request-validation-cache
    
  3. Make a call to the endpoint you described in the validation file with invalid data. Request sample: POST http://example.org/access-tokens

{
    "data":
        {
            "type":"access-tokens",
            "attributes":
                {
                    "username":"tester",
                    "password": ""
                }
        }
}

You should get a validation error similar to the following response sample:

{
    "errors": [
        {
            "code": "901",
            "status": 422,
            "detail": "username => This value is not a valid email address."
        },
        {
            "code": "901",
            "status": 422,
            "detail": "password => This value should not be blank."
        }
    ]
}