The input validation features of Spyne are also mostly inherited from the Soap world and follows the behavior of Xml validation operations as closely as possible.
Input validation is an essential component of any distributed system exposed to a non-trusted environment. Examples of validation constraints that Spyne can apply are as follows:
Currently, data validation can be handled by two subsystems:
When validating Xml data, the differences between using “lxml” and “soft” validation are as follows:
them.
rejects unexpected namespaces.
| Criteria | lxml | soft |
|---|---|---|
| Unknown fields | reject | ignore |
| Unknown namespaces | reject | ignore |
| Supported transport protocols | SOAP/XML | any |
Note
The two validation sybsystems operate independently, you can use either one, but not both at the same time. The validator is indicated when instantiating the protocol, by passing either validator='soft' or validator='lxml' to the constructor.
#using 'soft' validation with HttpRpc
application = Application([NameOfMonthService],
tns='spyne.examples.multiprot',
in_protocol=HttpRpc(validator='soft'),
out_protocol=HttpRpc()
)
#using lxml validation with Soap
application = Application([UserService],
tns='spyne.examples.authentication',
interface=Wsdl11(),
in_protocol=Soap11(validator='lxml'),
out_protocol=Soap11()
)
This applies to all the primitive data types, and is suitable for simple logical conditions.
Note
Constraints applied at this level are reflected in the XML schema itself, thus a client that retrieves the WSDL of the service will be able to see what the constraints are.
Certain generic restrictions can be applied to any type. They are listed below, along with their default values
default = None - default value if the input is None.
this constraint only applies when the variable is actually provided in the input document and is ignored if it’s not. You should set min_occurs=1 if you want to force this variable to be present in incoming documents.
any positive integer. Note that if nillable=False, the validator will still accept null values.
greater than 1 will imply an iterable of objects as native Python type. It can be set to unbounded or decimal.Decimal('inf') to denote an array with infinitely many elements.
Note
You should not use float(‘inf’) as its behavior has inconsistencies between platforms and Python versions. See: https://github.com/arskom/spyne/pull/155
These rules can be combined, the example below illustrates how to create a mandatory string:
String(min_occurs=1, min_len=1, nillable=False)
Integers and other countable numerical data types (i.e. except Float or Double) can be compared with specific values, using the following keywords: ge, gt, le, lt (they correspond to >=, >, <=, <)
Integer(ge=1, le=12) #an integer between 1 and 12, i.e. 1 <= x <= 12
Strings can be validated against a regular expression:
Unicode(pattern = "[0-9]+") #must contain at least one digit, digits only
Length checks can be enforced as well:
Unicode(min_len = 5, max_len = 10)
If you want to keep an incoming bytestream as a str with a known encoding, that’s also possible with the String type. You can specify:
Which encoding the strings must be in
How to handle the situations in which a string cannot be decoded properly (to understand how this works, consult Python’s documentation)
String(encoding = 'win-1251')
String(unicode_errors = 'strict') #could be 'replace' or 'ignore'
These restrictions can be combined:
String(encoding='win-1251', max_len=20)
String(min_len=5, max_len=20, pattern='[a-z]')
Sometimes you may want to allow only a finite set of values, or values which can be difficult to describe in terms of an interval. If this is the case, you can explicitly indicate the set:
Integer(values=[1984, 13, 45, 42])
Unicode(values=[u"alpha", u"bravo", u"charlie"]) # note the 'u' prefix
Spyne offers several primitives for this purpose, they are defined in the ModelBase class, from which all the types are derived: https://github.com/arskom/spyne/blob/master/src/spyne/model/_base.py
These primitives are:
Since all data comes in as a byte stream, when you read it you get a string. So the validate_string hook is your first line of defense against invalid data.
At a later stage, the data can be converted to its native type. Once that conversion occurs, you can apply some additional checks. Validation in this stage is handled by the validate_native hook.
>>> stringNumber = '123'
>>> stringNumber
'123' # note the quotes, it is a string.
>>> number = int(stringNumber)
>>> number
123 # note the absence of quotes, it is a number.
>>> stringNumber == 123
False # makes sense.
>>> number == 123
True
In the example above, number is an actual number and can be validated with validate_native, whereas stringNumber is a byte stream and should be validated by validate_string.
A custom string type that can not contain the colon symbol ‘:’.
We’ll have to declare our own class, derived from Unicode (which, in turn, is derived from SimpleModel, which inherits from ModelBase).
class SpecialString(Unicode):
"""Custom string type that prohibits the use of colons"""
@staticmethod
def validate_string(cls, value):
if value is not None and ":" in value:
return False
return True
A custom numerical type that verifies if the number is prime.
This time both flavours of validation are combined: validate_string to see if it is a number, and then validate_native to see if it is prime.
import re
class Prime(Integer):
"""Custom integer type that only accepts primes."""
@staticmethod
def validate_string(cls, value):
"""See if it is an integer."""
return re.match("-?[0-9]+", value) is not None
@staticmethod
def validate_native(cls, value):
"""See if it is prime."""
#calling a hypothetical function that checks if it is prime
return is_prime(value)
Note
Constraints applied at this level do not modify the XML schema itself. So a client that retrieves the WSDL of the service will not be aware of these restrictions. Keep this in mind and make sure that validation rules that are not visible in the XML schema are documented elsewhere.
Note
When overriding validate_string or validate_native in a custom type class, the validation functions from the parent class are not invoked. If you wish to apply those validation functions as well, you must call them explicitly.
Now that you’ve also learned how to tame incoming data, you can have a look at the SQLAlchemy Integration document where we explain how to easily integrate with SQLAlchemy by showing how to map Spyne objects to table definitions and rows returned by database queries.
You could also have a look at the Working with RPC Metadata section where service metadata management apis are introduced.
Otherwise, please refer to the rest of the documentation or the mailing list if you have further questions.