api: Use drf serializers to sanitize query params (!1367) · Merge requests · Platform / Development / swh-web

Merged Renaud Boyer requested to merge rboyer/swh-web:snapshot-serializer into master 2 months ago

We should use drf serializers to validate & handle API calls' query parameters in order to:

avoid 500 errors with missing parameters or invalid inputs (especially when int-ing them)
simplify validation (choices, min/max values, required, etc.)

This MR adds a query_params_serializer parameter, an optional drf serializer class, to the api_route decorator which, if provided, validates request.query_params data and then passes the validated_data to the decorated view.

This mechanism is applied to the snapshot API endpoint and should be applied to other endpoints in subsequent MRs.

fixes SWH-WEBAPP-6AT

Edited 2 months ago by Renaud Boyer

Activity

Please register or sign in to reply

api: Use drf serializers to sanitize query params

Merge request reports

Activity