Wrapping Raml around Django rest-api's

Overview
Ramlwrap is a toolkit for Django which allows a combination of rapid server prototyping as well as enforcement of API definition from the RAML api.

RAML (and swagger) allow for rapid specification of API's, but it can be hard to know if your engineers have programmed exactly what the API is, and that your code is enforcing the same schema that you have defined. Ramlwrap bridges the gap between the specification and the code. A developer provides a mapping table of URL to function, and the raml wrap builds a wrapper around those functions where validation of data occurs.

When coupled with auto documentation (raml2html) this allows a fully integrated specification and code deployment to occur.
Comments
  • CSRF Exemption Removed

    CSRF Exemption Removed

    This has a new set of tests specifically to look at issue #14, but even with the @csrf_exempt decorator removed, I can't find any issues.

    I don't think this is needed for a release right now, but I would like to merge it in ready for whatever feature comes next.

    opened by jmons 5
  • API examples

    API examples

    This will allow endpoints to have multiple named examples

    Example:

    responses:
        200:
            description: Card list and associated token requestors
            body:
              application/json:
                schema: !include json/get-available-cards-response.json
                examples:
                  Apple Wallet:
                    !include json/get-available-cards-response-apple-example.json
                  Google Wallet:
                    !include json/get-available-cards-response-google-example.json
    
    
    opened by Emad88 2
  • Where an API is both a GET and a POST there is an issue

    Where an API is both a GET and a POST there is an issue

    As part of porting tests to 'better' laid out RAML, I found this test case, but it doesn't work i.e. we have no users using this feature yet.

    It seems that (in the use case:

        displayName: The Get Request (requires auth)
        get:
            description: Get a feature
            responses:
                200:
                    description: A response
                    body:
                        application/json:
                            example: '{ "status": "ok", "logged_in_user":"no_user"}'
        post:
            description: Post a feature
            responses:
                200:
                    description: A response
                    body:
                        application/json:
                            example: '{ "status": "ok", "logged_in_user":"no_user"}'        
    

    in this instance, both GET and POST seem to be a ValidatedPOSTAPI rather then the right types (?)

    enhancement 
    opened by jmons 2
  • Custom error method on ValidationException

    Custom error method on ValidationException

    Not everyone agrees with a 422 error response - some people will want to customise this (we have specific example where the API is defined by another business unit who demand a specific error messaging etc)

    To solve this, Im proposing a setting RAMLWRAP_VALIDATION_ERROR_HANDLER (?) that will point at a function (or a string of a function?) that will be called.

    enhancement 
    opened by jmons 2
  • Pip Install Import issue

    Pip Install Import issue

    Trying to pip install for the first time and hitting an import issue when running Django.

      File "/home/bla/bla/bla/bla/venv/lib/python3.5/site-packages/ramlwrap/__init__.py", line 1, in <module>
        from RamlWrap import ramlwrap
    ImportError: No module named 'RamlWrap'
    
    opened by Jamian 2
  • ramlwrap can't handle django dynamic urls.

    ramlwrap can't handle django dynamic urls.

    There is an issue where django accepts dynamic URLs e.g. path/to/(?P<my_thing>[a-zA-Z0-9]+)/, but there's no way to translate this to the raml, and therefore ramlwrap.

    opened by The-Bees 1
  • F Custom Validation Exception

    F Custom Validation Exception

    Adding support for dynamic custom validation exceptions. Allows customisation of responses.

    • Default function as normal.
    • Can now add the FULL path to the custom function to override the default.
    • Basic UT to cover functionality and ensure default still called.
    opened by Jamian 1
  • JSON Decode fails, returning 400 malformed

    JSON Decode fails, returning 400 malformed

    json.loads(request.body) raising errors as the body is in bytes, which json loads doesn't accept, results in a 400 malformed being returned for what appears to be seemingly fine json exmaples.

    bug 
    opened by Jamian 1
  • More flexible content type

    More flexible content type

    • Updating content-type validation to get the first value (in case of optional extras in the content-type header) and using that to validate against raml file
    • If no content-type is found in the request, return 415 error
    • unit tests to support the above
    • removal of django 1.11 support
    • also deleted duplicate fatal exception declaration
    opened by Rizzle93 0
  • Support multiple content types in request body

    Support multiple content types in request body

    • Update to allow multiple content-types in the request body of schema
    • validation to check incoming request content type matches one defined in the schema (will only validate if the schema defines a content_type)
    • unit tests
    opened by Rizzle93 0
  • Bump pyyaml from 5.3 to 5.4

    Bump pyyaml from 5.3 to 5.4

    Bumps pyyaml from 5.3 to 5.4.

    Changelog

    Sourced from pyyaml's changelog.

    5.4 (2021-01-19)

    5.3.1 (2020-03-18)

    • yaml/pyyaml#386 -- Prevents arbitrary code execution during python/object/new constructor
    Commits
    • 58d0cb7 5.4 release
    • a60f7a1 Fix compatibility with Jython
    • ee98abd Run CI on PR base branch changes
    • ddf2033 constructor.timezone: _copy & deepcopy
    • fc914d5 Avoid repeatedly appending to yaml_implicit_resolvers
    • a001f27 Fix for CVE-2020-14343
    • fe15062 Add 3.9 to appveyor file for completeness sake
    • 1e1c7fb Add a newline character to end of pyproject.toml
    • 0b6b7d6 Start sentences and phrases for capital letters
    • c976915 Shell code improvements
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • APIs that raise KeyErrors return 401s

    APIs that raise KeyErrors return 401s

    The way ramlwrap catches KeyErrors in utils/validation/Endpoint.serve means that if an API throws a KeyError, it will be caught here and a 401 status code will be returned. It should catch the KeyError for a missing method mapping seperately, so that the API's key error will eventually result in a 500 status code.

    bug V2.X 
    opened by The-Bees 0
  • Windows compatibility issue

    Windows compatibility issue

    There is a report from a user about a compatibility issue with windows - I think this might be to do with initial importing of the RAML / Swagger, but I'll have to check (There's also no confirmation that the bug is still in v1.0.0 but it was present in the alpha version from last year.

    bug V2.X 
    opened by jmons 1
Releases(2.3.7)
  • 2.3.7(Jan 21, 2022)

    A bug report where there is over-enthusiastic validation of content type - previous to this version, a request against an API with (for example) application/json would be validated as such:

    • Content-Type: application/json would be valid
    • Content-Type: application/json; charset=UTF-8 would be invalid

    Whilst arguably technically correct, we all agreed this was an unintentional over validation, and the change now allows for following directives on the Content-Type. There is no validation of the directives.

    Many thanks to @Rizzle93 for her patch and tests.

    Source code(tar.gz)
    Source code(zip)
  • 2.3.6(Dec 27, 2021)

  • 2.3.5(Nov 19, 2021)

    Many thanks to @Rizzle93 who has added some excellent additions to allow multiple content types on both up and down streams. Now validation won't fail if you want to define and allow those extra options.

    Source code(tar.gz)
    Source code(zip)
  • 2.3.4(Mar 10, 2021)

    Whilst most API's will result in a JSON or XML, or another UTF-8 based data language, sometimes we want to build API's which return a binary file. The team at CPI hit this issue recently, and the great @jenniferagrimes has offered this minor patch to allow Ramlwrap to support it.

    This is a non-breaking change and only needed if you have API's which are not returning JSON/XML etc.

    Source code(tar.gz)
    Source code(zip)
  • 2.3.3(Aug 20, 2020)

    Many thanks to @timharveyuk and @Emad88 who have provided fixes for a couple of edge cases:

    • Handling empty status codes (e.g. a status code with no body or description) (#55)
    • Passing the Base URI into the documentation template so that it can be used to generate correct full urls
    Source code(tar.gz)
    Source code(zip)
  • 2.3.1(Jun 24, 2020)

    Tim Harvey has added code that allows the Documentation to handle multiple responses. 200's still go into the original response fields on the endpoint object, but there is now an array of response objects which allow you to produce better documentation for non-200 status's (204's, redirects, error codes etc).

    Source code(tar.gz)
    Source code(zip)
  • 2.3.0(May 18, 2020)

    Thanks to Emanuele Franceschini and Tim Harvey, RamlWrap 2.3(+) now supports multiple examples in both documentation and stubs.

    For the stubbed approach, if you're using early versions of python, "which" example used is 'undefined' due to Python2's dictionary ordering, but hopefully by this point in time everyone is on Python3, which the first one is being used.

    Source code(tar.gz)
    Source code(zip)
  • 2.2.2(Feb 21, 2020)

    To Quote Tim:

    New ramlwrap allows you to specify a validation error handler that also receives the request object so that we can have different logging or other behaviour depending on api being called

    also dependency update for pyyaml for its security release.

    Source code(tar.gz)
    Source code(zip)
  • 2.1.1.1(Jan 17, 2020)

  • 2.1.1(Jan 17, 2020)

    @Emad88 has kindly added in a reference scanner in the documentation area which allows for more accurate documentation pages to be generated when using schema.

    Source code(tar.gz)
    Source code(zip)
  • 2.1.0rc1(Sep 3, 2019)

  • 2.0.0(Feb 17, 2018)

    This release (with many thanks to @Jamian and @Rizzle93) comes with two main new usability features, and a couple of technology fixes:

    • Dynamic URLs (which makes REST api's much easier to write). This is now done by changing your function map to not just be a pointer but an array passed in containing both the function and a regex to use for that variable:
    • GET and POST urls: in previous versions the api only supported a GET or a POST for a particular url, but now it supports pretty much all versions (although examples of HEAD and UPDATE etc we could do with some feed back and real world examples of people using them

    Technology changes:

    • The dependancy upon pyraml has been dropped which allows us to support a wider range of raml edge cases without waiting for pyraml to be updated.
    • Now should support from Django 1.7 - 1.11 for Python 2.7 and Django 1.9 - 2.0 for Python 3.
    Source code(tar.gz)
    Source code(zip)
  • v1.0.1rc5(Mar 28, 2017)

    Many thanks to @Jamian for adding this feature. This now supports the use of a Django Setting to replace the stock exception handling on a JSON schema validation.

    Source code(tar.gz)
    Source code(zip)
  • v1.0.1rc4(Mar 18, 2017)

    Our great collaborator @3ur3ka found some issues when using Ramlwrap with api's designed to be used in a webapp (i.e. after login has been called). Mainly this is to do with CSRF, and also was made more complex by using the DjangoRestFramework which we didn't need.

    Source code(tar.gz)
    Source code(zip)
  • v1.0.1rc3(Mar 15, 2017)

  • v1.0.1rc2(Mar 15, 2017)

  • 1.0.1rc1(Mar 14, 2017)

    The 1.0.0 branch functionally worked, but had a bug in the init which caused it to not work when installed via pip (i.e. worked in our local release branches).

    Source code(tar.gz)
    Source code(zip)
  • v1.0.0(Mar 14, 2017)

Owner
Jmons
Jmons
Notes-Django: an advanced project to save notes in Django. where users are able to Create, Read, Update and Delete their notes.

An advanced software to keep you notes. It allows users to perform CRUD operations on theirs Notes. Was implemented Authorization and Authentication

Edilson Pateguana 1 Feb 05, 2022
A real-time photo feed using Django and Pusher

BUILD A PHOTO FEED USING DJANGO Here, we will learn about building a photo feed using Django. This is similar to instagram, but a stripped off version

samuel ogundipe 4 Jan 01, 2020
React.JS - Django Application Template

OTS React.JS - DJango Web Application (UNTESTED) This repository servers as a template for creating React.JS - Django Web Applications. Note that the

Darryl See Wei Shen 5 Aug 19, 2022
xsendfile etc wrapper

Django Sendfile This is a wrapper around web-server specific methods for sending files to web clients. This is useful when Django needs to check permi

John Montgomery 476 Dec 01, 2022
A Django app to accept payments from various payment processors via Pluggable backends.

Django-Merchant Django-Merchant is a django application that enables you to use multiple payment processors from a single API. Gateways Following gate

Agiliq 997 Dec 24, 2022
Pinax is an open-source platform built on the Django Web Framework.

Symposion Pinax Pinax is an open-source platform built on the Django Web Framework. It is an ecosystem of reusable Django apps, themes, and starter pr

Pinax Project 295 Mar 20, 2022
Django API without Django REST framework.

Django API without DRF This is a API project made with Django, and without Django REST framework. This project was done with: Python 3.9.8 Django 3.2.

Regis Santos 3 Jan 19, 2022
Media-Management with Grappelli

Django FileBrowser Media-Management with Grappelli. The FileBrowser is an extension to the Django administration interface in order to: browse directo

Patrick Kranzlmueller 913 Dec 28, 2022
Utilities for implementing a modified pre-order traversal tree in django.

django-mptt Utilities for implementing Modified Preorder Tree Traversal with your Django Models and working with trees of Model instances. Project hom

2.7k Jan 01, 2023
Management commands to help backup and restore your project database and media files

Django Database Backup This Django application provides management commands to help backup and restore your project database and media files with vari

687 Jan 04, 2023
Indonesia's negative news detection using gaussian naive bayes with Django+Scikir Learn

Introduction Indonesia's negative news detection using gaussian naive bayes build with Django and Scikit Learn. There is also any features, are: Input

Harifzi Ham 1 Dec 30, 2021
Django React Flight Rezervation

Django Intro & Installation python -m venv venv source ./venv/Scripts/activate pip install Django pip install djangorestframework pip install python-d

HILMI SARIOGLU 2 May 26, 2022
RedisTimeSeries python client

redistimeseries-py Deprecation notice As of redis-py 4.0.0 this library is deprecated. It's features have been merged into redis-py. Please either ins

98 Dec 08, 2022
A drop-in replacement for django's ImageField that provides a flexible, intuitive and easily-extensible interface for quickly creating new images from the one assigned to the field.

django-versatileimagefield A drop-in replacement for django's ImageField that provides a flexible, intuitive and easily-extensible interface for creat

Jonathan Ellenberger 490 Dec 13, 2022
TinyApp - A Python (Django) Full Stack Application for shortening URLs

TinyApp A Python (Django) Full Stack Application for shortening URLs. How to sta

Li Deng 1 Jan 23, 2022
Django Email Sender

Email-Sender Django Email Sender Installation 1.clone Repository & Install Packages git clone https://github.com/telman03/Email-Sender.git pip install

Telman Gadimov 0 Dec 26, 2021
A small and lightweight imageboard written with Django

Yuu A small and lightweight imageboard written with Django. What are the requirements? Python 3.7.x PostgreSQL 14.x Redis 5.x FFmpeg 4.x Why? I don't

mint.lgbt 1 Oct 30, 2021
GameStop clone with Django

GameStop clone with Django This is my side project with GameStop clone Author: HackerApe GitHub Profile: View Profile LinkedIn Profile: View Profile

Dmitriy Shin 2 Dec 26, 2021
PWA is a simple Django app to develope and deploy a Progressive Web Application.

PWA PWA is a simple Django app to develope and deploy a Progressive Web Application. Detailed documentation is in the "docs" directory. Quick start Ad

Nima 6 Dec 09, 2022
A CTF leaderboard for the submission of flags during a CTF challenge. Built using Django.

🚩 CTF Leaderboard The goal of this project is to provide a simple web page to allow the participants of an CTF to enter their found flags. Also the l

Maurice Bauer 2 Jan 17, 2022