diff --git a/.talismanrc b/.talismanrc index 2d28bcd489..c8a1888f7d 100644 --- a/.talismanrc +++ b/.talismanrc @@ -1,6 +1,8 @@ fileignoreconfig: - filename: app/dao/api_key_dao.py checksum: c44cbd8ae02fb1d551a1f0941365c11977564a6444950ee2b0282ee4b5fd1314 +- filename: app/schema_validation/__init__.py + checksum: 9487ddbb105a20f5fd495eb4426b7c27ee3be1894b69a189363363ed616722c0 - filename: poetry.lock checksum: eb38a16cd7377f2d20690e9b607e9ed0858ca35a8e3647fb42bb8021c333df44 - filename: tests/app/dao/test_api_key_dao.py diff --git a/app/schema_validation/__init__.py b/app/schema_validation/__init__.py index dff8976615..76b0d20609 100644 --- a/app/schema_validation/__init__.py +++ b/app/schema_validation/__init__.py @@ -65,7 +65,8 @@ def validate( json_to_validate, schema, ): - """Validate a JSON object against a schema. If the validation fails raise a ValidationError. + """Validate a JSON object against a schema. If the validation fails, log the JSON object with redacted + personalisation and ICN information, and raise a ValidationError. Args: json_to_validate (dict): The JSON object to validate. @@ -77,40 +78,46 @@ def validate( Returns: dict: The JSON object with redacted personalisation and ICN information """ + # Ensure that json_to_validate is a dictionary + if not isinstance(json_to_validate, dict): + current_app.logger.info('Validation failed for: %s', json_to_validate) + errors = [{'error': 'ValidationError', 'message': 'Payload is not json.'}] + error_message = json.dumps({'status_code': 400, 'errors': errors}) + raise ValidationError(error_message) + validator = Draft7Validator(schema, format_checker=format_checker) errors = list(validator.iter_errors(json_to_validate)) - if errors: - if isinstance(json_to_validate, dict): - # Redact "personalisation" - if 'personalisation' in json_to_validate: - if isinstance(json_to_validate.get('personalisation'), dict): - json_to_validate['personalisation'] = { - key: '' for key in json_to_validate['personalisation'] - } - else: - json_to_validate['personalisation'] = '' - - # Redact ICN - if 'recipient_identifier' in json_to_validate: - if ( - isinstance(json_to_validate.get('recipient_identifier'), dict) # Short circuit dictionary check - and json_to_validate['recipient_identifier'].get('id_type') == 'ICN' - ): - json_to_validate['recipient_identifier']['id_value'] = '' - else: - json_to_validate['recipient_identifier'] = '' + if len(errors) > 0: + # Redact "personalisation" + if 'personalisation' in json_to_validate: + if isinstance(json_to_validate.get('personalisation'), dict): + json_to_validate['personalisation'] = {key: '' for key in json_to_validate['personalisation']} + else: + json_to_validate['personalisation'] = '' + + # Redact ICN + if 'recipient_identifier' in json_to_validate: + if ( + isinstance(json_to_validate.get('recipient_identifier'), dict) # Short circuit dictionary check + and json_to_validate['recipient_identifier'].get('id_type') == 'ICN' + ): + json_to_validate['recipient_identifier']['id_value'] = '' + else: + json_to_validate['recipient_identifier'] = '' current_app.logger.info('Validation failed for: %s', json_to_validate) raise ValidationError(build_error_message(errors)) - # Validate personalisation files - if isinstance(json_to_validate, dict) and json_to_validate.get('personalisation'): - json_to_validate['personalisation'], errors = decode_personalisation_files( - json_to_validate.get('personalisation', {}) - ) - if errors: - error_message = json.dumps({'status_code': 400, 'errors': errors}) - current_app.logger.info('Validation failed for: %s', json_to_validate) - raise ValidationError(error_message) + try: + if json_to_validate.get('personalisation'): + json_to_validate['personalisation'], errors = decode_personalisation_files( + json_to_validate.get('personalisation', {}) + ) + if len(errors) > 0: + error_message = json.dumps({'status_code': 400, 'errors': errors}) + raise ValidationError(error_message) + except AttributeError: + current_app.logger.info('Validation failed for: %s', json_to_validate) + raise ValidationError('Payload is not json.') return json_to_validate