Bug[API] Controllers and OpenAPI response mismatch

[paulespinosa]

Overview

The OpenAPI definition specifies that the API will return data following the ApiResponse schema. However, the API returns different data not matching the ApiResponse schema.

Known controller/spec issues found in the host controller.

Action Items

• [x] Locate controller response and OpenAPI definition mismatches
• [x] Decide which schema the API response should follow (creating a new one if necessary)
• [x] Implement a test that will validate the API is responding with data that follows the OpenAPI definition
• [x] Have the API return data that matches the OpenAPI schema

Resources/Instructions

Known mismatch issues: Create Host

• OpenAPI: $ref: "../openapi.yaml#/components/schemas/ApiResponse"
• Controller: return Host.from_dict(host), 201

Get all hosts

• OpenAPI: $ref: "../openapi.yaml#/components/schemas/ApiResponse"
• Controller: return resp, 200

[Joshua-Douglas]

Good find @paulespinosa!

connexion provides response validation, but it is disabled by default.

We should enable this option to find issues like this sooner. We will still need to add test cases to send a request to the hosts endpoints, since those endpoints are currently untested.

[Joshua-Douglas]

Hey @johnwroge,

Assigned you this issue. Let me know if you need any help or would like anyone to review your proposed changes.

To make sure this change doesn't break any of our existing endpoints I suggest you add some test cases to cover each of the non-authentication endpoints used by the frontend app (you'll need to review which, if any, endpoints this includes).

[paulespinosa]

@Joshua-Douglas @johnwroge An idea: Wait until the new config system lands in the main branch and then add Response Validation. Have Response Validation enabled only for development/testing because it might have a performance impact down the line.

[tylerthome]

Resolved as of #637