Ramlwrap is a toolkit for Django which allows a combination of rapid server prototyping as well as enforcement of API definition from the RAML api. RAML (and swagger) allow for rapid specification of API's, but it can be hard to know if your engineers have programmed exactly what the API is, and that your code is enforcing the same schema that you have defined. Ramlwrap bridges the gap between the specification and the code. A developer provides a mapping table of URL to function, and the raml wrap builds a wrapper around those functions where validation of data occurs. When coupled with auto documentation (raml2html) this allows a fully integrated specification and code deployment to occur.
Wrapping Raml around Django rest-api's
Overview
Comments
-
CSRF Exemption Removed
opened by jmons 5This has a new set of tests specifically to look at issue #14, but even with the
@csrf_exemptdecorator removed, I can't find any issues.I don't think this is needed for a release right now, but I would like to merge it in ready for whatever feature comes next.
-
API examples
opened by Emad88 2This will allow endpoints to have multiple named examples
Example:
responses: 200: description: Card list and associated token requestors body: application/json: schema: !include json/get-available-cards-response.json examples: Apple Wallet: !include json/get-available-cards-response-apple-example.json Google Wallet: !include json/get-available-cards-response-google-example.json -
Where an API is both a GET and a POST there is an issue
opened by jmons 2As part of porting tests to 'better' laid out RAML, I found this test case, but it doesn't work i.e. we have no users using this feature yet.
It seems that (in the use case:
displayName: The Get Request (requires auth) get: description: Get a feature responses: 200: description: A response body: application/json: example: '{ "status": "ok", "logged_in_user":"no_user"}' post: description: Post a feature responses: 200: description: A response body: application/json: example: '{ "status": "ok", "logged_in_user":"no_user"}'in this instance, both GET and POST seem to be a
enhancementValidatedPOSTAPIrather then the right types (?) -
Custom error method on ValidationException
opened by jmons 2Not everyone agrees with a 422 error response - some people will want to customise this (we have specific example where the API is defined by another business unit who demand a specific error messaging etc)
To solve this, Im proposing a setting
enhancementRAMLWRAP_VALIDATION_ERROR_HANDLER(?) that will point at a function (or a string of a function?) that will be called. -
Pip Install Import issue
opened by Jamian 2Trying to pip install for the first time and hitting an import issue when running Django.
File "/home/bla/bla/bla/bla/venv/lib/python3.5/site-packages/ramlwrap/__init__.py", line 1, in <module> from RamlWrap import ramlwrap ImportError: No module named 'RamlWrap' -
ramlwrap can't handle django dynamic urls.
opened by The-Bees 1There is an issue where django accepts dynamic URLs e.g.
path/to/(?P<my_thing>[a-zA-Z0-9]+)/, but there's no way to translate this to the raml, and therefore ramlwrap. -
F Custom Validation Exception
opened by Jamian 1Adding support for dynamic custom validation exceptions. Allows customisation of responses.
- Default function as normal.
- Can now add the FULL path to the custom function to override the default.
- Basic UT to cover functionality and ensure default still called.
-
JSON Decode fails, returning 400 malformed
opened by Jamian 1json.loads(request.body) raising errors as the body is in bytes, which json loads doesn't accept, results in a 400 malformed being returned for what appears to be seemingly fine json exmaples.
bug -
More flexible content type
opened by Rizzle93 0- Updating content-type validation to get the first value (in case of optional extras in the content-type header) and using that to validate against raml file
- If no content-type is found in the request, return 415 error
- unit tests to support the above
- removal of django 1.11 support
- also deleted duplicate fatal exception declaration
-
Support multiple content types in request body
opened by Rizzle93 0- Update to allow multiple content-types in the request body of schema
- validation to check incoming request content type matches one defined in the schema (will only validate if the schema defines a content_type)
- unit tests
-
Bump pyyaml from 5.3 to 5.4
opened by dependabot[bot] 0Bumps pyyaml from 5.3 to 5.4.
Changelog
Sourced from pyyaml's changelog.
5.4 (2021-01-19)
- yaml/pyyaml#407 -- Build modernization, remove distutils, fix metadata, build wheels, CI to GHA
- yaml/pyyaml#472 -- Fix for CVE-2020-14343, moves arbitrary python tags to UnsafeLoader
- yaml/pyyaml#441 -- Fix memory leak in implicit resolver setup
- yaml/pyyaml#392 -- Fix py2 copy support for timezone objects
- yaml/pyyaml#378 -- Fix compatibility with Jython
5.3.1 (2020-03-18)
- yaml/pyyaml#386 -- Prevents arbitrary code execution during python/object/new constructor
Commits
58d0cb75.4 releasea60f7a1Fix compatibility with Jythonee98abdRun CI on PR base branch changesddf2033constructor.timezone: _copy & deepcopyfc914d5Avoid repeatedly appending to yaml_implicit_resolversa001f27Fix for CVE-2020-14343fe15062Add 3.9 to appveyor file for completeness sake1e1c7fbAdd a newline character to end of pyproject.toml0b6b7d6Start sentences and phrases for capital lettersc976915Shell code improvements- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.
dependenciesDependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
-
APIs that raise KeyErrors return 401s
opened by The-Bees 0The way ramlwrap catches KeyErrors in
bug V2.Xutils/validation/Endpoint.servemeans that if an API throws a KeyError, it will be caught here and a 401 status code will be returned. It should catch the KeyError for a missing method mapping seperately, so that the API's key error will eventually result in a 500 status code. -
Windows compatibility issue
opened by jmons 1There is a report from a user about a compatibility issue with windows - I think this might be to do with initial importing of the RAML / Swagger, but I'll have to check (There's also no confirmation that the bug is still in v1.0.0 but it was present in the alpha version from last year.
bug V2.X
Releases(2.3.7)
-
2.3.7(Jan 21, 2022)
A bug report where there is over-enthusiastic validation of content type - previous to this version, a request against an API with (for example)
application/jsonwould be validated as such:Content-Type: application/jsonwould be validContent-Type: application/json; charset=UTF-8would be invalid
Whilst arguably technically correct, we all agreed this was an unintentional over validation, and the change now allows for following directives on the Content-Type. There is no validation of the directives.
Many thanks to @Rizzle93 for her patch and tests.
Source code(tar.gz)
Source code(zip)
-
2.3.6(Dec 27, 2021)
A minor release to allow Django 4.0 support (whilst also dropping Django 1.1) Many thanks to @timharveyuk
Source code(tar.gz)
Source code(zip)
-
2.3.5(Nov 19, 2021)
Many thanks to @Rizzle93 who has added some excellent additions to allow multiple content types on both up and down streams. Now validation won't fail if you want to define and allow those extra options.
Source code(tar.gz)
Source code(zip)
-
2.3.4(Mar 10, 2021)
Whilst most API's will result in a JSON or XML, or another UTF-8 based data language, sometimes we want to build API's which return a binary file. The team at CPI hit this issue recently, and the great @jenniferagrimes has offered this minor patch to allow Ramlwrap to support it.
This is a non-breaking change and only needed if you have API's which are not returning JSON/XML etc.
Source code(tar.gz)
Source code(zip)
-
2.3.3(Aug 20, 2020)
Many thanks to @timharveyuk and @Emad88 who have provided fixes for a couple of edge cases:
- Handling empty status codes (e.g. a status code with no body or description) (#55)
- Passing the Base URI into the documentation template so that it can be used to generate correct full urls
Source code(zip)
-
2.3.1(Jun 24, 2020)
Tim Harvey has added code that allows the Documentation to handle multiple responses. 200's still go into the original response fields on the endpoint object, but there is now an array of response objects which allow you to produce better documentation for non-200 status's (204's, redirects, error codes etc).
Source code(tar.gz)
Source code(zip)
-
2.3.0(May 18, 2020)
Thanks to Emanuele Franceschini and Tim Harvey, RamlWrap 2.3(+) now supports multiple examples in both documentation and stubs.
For the stubbed approach, if you're using early versions of python, "which" example used is 'undefined' due to Python2's dictionary ordering, but hopefully by this point in time everyone is on Python3, which the first one is being used.
Source code(tar.gz)
Source code(zip)
-
2.2.2(Feb 21, 2020)
To Quote Tim:
New ramlwrap allows you to specify a validation error handler that also receives the request object so that we can have different logging or other behaviour depending on api being called
also dependency update for pyyaml for its security release.
Source code(tar.gz)
Source code(zip)
-
2.1.1.1(Jan 17, 2020)
-
2.1.1(Jan 17, 2020)
@Emad88 has kindly added in a reference scanner in the documentation area which allows for more accurate documentation pages to be generated when using schema.
Source code(tar.gz)
Source code(zip)
-
2.1.0rc1(Sep 3, 2019)
The main feature release here is of the RamlWrap Docs (which can be seen on the test). More examples to come.
Source code(tar.gz)
Source code(zip)
-
2.0.0(Feb 17, 2018)
This release (with many thanks to @Jamian and @Rizzle93) comes with two main new usability features, and a couple of technology fixes:
- Dynamic URLs (which makes REST api's much easier to write). This is now done by changing your function map to not just be a pointer but an array passed in containing both the function and a regex to use for that variable:
- GET and POST urls: in previous versions the api only supported a GET or a POST for a particular url, but now it supports pretty much all versions (although examples of HEAD and UPDATE etc we could do with some feed back and real world examples of people using them
Technology changes:
- The dependancy upon pyraml has been dropped which allows us to support a wider range of raml edge cases without waiting for pyraml to be updated.
- Now should support from Django 1.7 - 1.11 for Python 2.7 and Django 1.9 - 2.0 for Python 3.
Source code(zip)
-
v1.0.1rc5(Mar 28, 2017)
Many thanks to @Jamian for adding this feature. This now supports the use of a Django Setting to replace the stock exception handling on a JSON schema validation.
Source code(tar.gz)
Source code(zip)
-
v1.0.1rc4(Mar 18, 2017)
Our great collaborator @3ur3ka found some issues when using Ramlwrap with api's designed to be used in a webapp (i.e. after login has been called). Mainly this is to do with CSRF, and also was made more complex by using the DjangoRestFramework which we didn't need.
Source code(tar.gz)
Source code(zip)
-
v1.0.1rc3(Mar 15, 2017)
Now containing bug fixes for the python3 request.body being a binary string.
Source code(tar.gz)
Source code(zip)
-
v1.0.1rc2(Mar 15, 2017)
Fixes a couple of python3 issues and now has a better build test that tests both 2 and 3 before accepting merges.
Source code(tar.gz)
Source code(zip)
-
1.0.1rc1(Mar 14, 2017)
The 1.0.0 branch functionally worked, but had a bug in the init which caused it to not work when installed via pip (i.e. worked in our local release branches).
Source code(tar.gz)
Source code(zip)
-
v1.0.0(Mar 14, 2017)
The first release of ramlwrap (as availible on pip as v1.0.0)
Source code(tar.gz)
Source code(zip)
Django-fast-export - Utilities for quickly streaming CSV responses to the client
django-fast-export Utilities for quickly streaming CSV responses to the client T
4 Aug 24, 2022
this is a simple backend for instagram with python and django
simple_instagram_backend this is a simple backend for instagram with python and django it has simple realations and api in 4 diffrent apps: 1-users: a
2 Oct 20, 2021
A drop-in replacement for django's ImageField that provides a flexible, intuitive and easily-extensible interface for quickly creating new images from the one assigned to the field.
django-versatileimagefield A drop-in replacement for django's ImageField that provides a flexible, intuitive and easily-extensible interface for creat
490 Dec 13, 2022
A standalone package to scrape financial data from listed Vietnamese companies via Vietstock
Scrape Financial Data of Vietnamese Listed Companies - Version 2 A standalone package to scrape financial data from listed Vietnamese companies via Vi
45 Nov 16, 2022
Visual DSL framework for django
Preface Processes change more often than technic. Domain Rules are situational and may differ from customer to customer. With diverse code and frequen
165 Jan 08, 2023
Twitter Bootstrap for Django Form - A simple Django template tag to work with Bootstrap
Twitter Bootstrap for Django Form - A simple Django template tag to work with Bootstrap
557 Oct 19, 2022
A Django chatbot that is capable of doing math and searching Chinese poet online. Developed with django, channels, celery and redis.
Django Channels Websocket Chatbot A Django chatbot that is capable of doing math and searching Chinese poet online. Developed with django, channels, c
8 Oct 28, 2022
Simple API written in Python using FastAPI to store and retrieve Books and Authors.
Simple API made with Python FastAPI WIP: Deploy in AWS with Terraform Simple API written in Python using FastAPI to store and retrieve Books and Autho
9 Oct 26, 2022
TinyMCE integration for Django
django-tinymce django-tinymce is a Django application that contains a widget to render a form field as a TinyMCE editor. Quickstart Install django-tin
1.1k Dec 26, 2022
django+bootstrap5 实现的 个人博客
项目状态: 正在开发中【目前已基本可用】 项目地址: https://github.com/find456789/django_blog django_blog django+bootstrap5 实现的 个人博客 特点 文章的历史版本管理(随时回退) rss、atom markdown 评论功能
3 Nov 16, 2021
Analytics services for Django projects
django-analytical The django-analytical application integrates analytics services into a Django project. Using an analytics service with a Django proj
1.1k Dec 31, 2022
Realworld - Realworld using Django and HTMX
Realworld - Realworld using Django and HTMX
53 Jan 05, 2023
Fast / fuzzy PostgreSQL counts for Django
Created by Stephen McDonald Introduction Up until PostgreSQL 9.2, COUNT queries generally required scanning every row in a database table. With millio
85 Oct 25, 2021
Wagtail - Vue - Django : The initial environment of full-stack local dev web app with wagtail and vue
Wagtail - Vue - Django : The initial environment of full-stack local dev web app with wagtail and vue. A demo to show how to use .vue files inside django app.
2 Oct 20, 2022
Cached file system for online resources in Python
Minato Cache & file system for online resources in Python Features Minato enables you to: Download & cache online recsources minato supports the follo
10 Jan 04, 2023
Forward and backwards compatibility layer for Django 1.4, 1.7, 1.8, 1.9, 1.10, and 1.11
django-compat Forward and backwards compatibility layer for Django 1.4 , 1.7 , 1.8, 1.9, 1.10 and 1.11 Consider django-compat as an experiment based o
106 Mar 28, 2022
Example project demonstrating using Django’s test runner with Coverage.py
Example project demonstrating using Django’s test runner with Coverage.py Set up with: python -m venv --prompt . venv source venv/bin/activate python
5 Nov 29, 2021
A set of high-level abstractions for Django forms
django-formtools Django's "formtools" is a set of high-level abstractions for Django forms. Currently for form previews and multi-step forms. This cod
621 Dec 30, 2022
This is a basic Todo Application API using Django Rest Framework
Todo Application This is a basic Todo Application API using Django Rest Framework. Todo Section - User can View his previously added todo items, creat
1 Aug 09, 2022
Modular search for Django
Haystack Author: Daniel Lindsley Date: 2013/07/28 Haystack provides modular search for Django. It features a unified, familiar API that allows you to
3.4k Jan 08, 2023