Specify property that should never be sent in Swagger or OpenAPI

Multi tool use
Multi tool use


Specify property that should never be sent in Swagger or OpenAPI



I'd like to specify fields that should never be sent from an endpoint. For instance, say I want to make sure that no endpoint ever responds with user.passwordHash.


user.passwordHash



Is there something like the opposite of additionalProperties: false or required: true in OpenAPI?


additionalProperties: false


required: true




2 Answers
2



OpenAPI 3.0 provides the writeOnly keyword exactly for this purpose:


writeOnly



Declares the property as "write only". Therefore, it MAY be sent as part of a request but SHOULD NOT be sent as part of the response.



So just mark the corresponding properties as writeOnly: true:


writeOnly: true


passwordHash:
type: string
writeOnly: true



There's also readOnly for the opposite scenario - properties that SHOULD NOT be sent in the request, but MAY be sent in the response. readOnly exists in both OpenAPI 3.0 and 2.0.


readOnly


readOnly



You could define the property as a string and set the max length to zero. There isn't anything that specifically says additionalProperties: true, except for passwordHash.


additionalProperties: true, except for passwordHash


type: object
properties:
passwordHash:
type: string
format: password
maxLength: 0



Alternatively you could simply traverse the object prior to sending and remove the property you don't want. For example:


function removeProperty(property, value) {
if (Array.isArray(value)) {
return value.map(item => removeProperty(property, item))

} else if (value && typeof value === 'object') {
const result = {}
Object.keys(value)
.forEach(key => {
if (key !== property) {
result[key] = removeProperty(property, value[key])
}
})
return result

} else {
return value
}
}

const object = {
x: {
y: {
z: 1,
secret: 'password'
}
}
}

const clean = removeProperty('secret', object)
console.log(clean) // => { x: { y: { z: 1 } } }






By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

4iFX8x2Zn1WM6solJqC,vW,fSUpfGF0RMqleVIO2R3,dfJl8fUD4LDBM5uqjnliXSks,8vQyENUG,Wgd PyT
-
3bR C rAYuB8roDOa

Popular posts from this blog

PHP contact form sending but not receiving emails

PHP contact form sending but not receiving emails I have created a contact form using PHP to send the data. The form seems to send fine as there are no errors and success message appears, however I am not receving the emails into the designated inbox. I am using PHPMailer as I originally tried just using the php 'mail' command which I now understand is a bit hit and miss. I cannot see why I would not be receving the emails so I would be very grateful for any help that could be given. I'm quite new to PHP so please be patient with me :) <?php use PHPMailerPHPMailerPHPMailer; use PHPMailerPHPMailerException; $msg = ""; if (isset($_POST['submit'])) { require 'phpmailer/src/Exception.php'; require 'phpmailer/src/PHPMailer.php'; require 'phpmailer/src/SMTP.php'; function sendemail ($to, $from, $body) { $mail = new PHPMailer(true); $mail->setFrom($from); $mail->addAddress($to); $ma...
Read more

Do graphics cards have individual ID by which single devices can be distinguished?

Do graphics cards have individual ID by which single devices can be distinguished? I have several graphics cards of the same manufacturer and same model and I want to distinguish them not only by the pcie socket they reside in but by some individual value I can read from the hardware. Is there such value and if so what would it be called and how could I access it? Right now I'm using modern nvidia cards (10xx series) and nvidia inspector.but I'd prefer if there was any value that was also applicable to amd. I have programming and scripting knowledge. I am running Windows 10 1 Answer 1 This is a powershell example to pull information from video cards. The DeviceID is supposed to be unique but only if the manufacturer supports Windows Display Driver Model (WDDM). (I copied this directly from docs.microsoft.com) $strComputer = "." $colItems = get-wmiobject -class "Win32_VideoC...
Read more

Create weekly swift ios local notifications

Create weekly swift ios local notifications I can create daily notifications but not weekly ones using swift 3 ios 10 User Notifications framework. Daily works fine but when I add in the .weekday parameter it doesn't send me a notification. The code is: for i in 1 ... 7 { let center = UNUserNotificationCenter.current(); let content = UNMutableNotificationContent(); content.title = "Title"; content.body = "content"; content.sound = UNNotificationSound.default(); var dateComponents = DateComponents(); dateComponents.weekday = i; // hours is 00 to 11 in string format if (daynight == "am") { dateComponents.hour = Int(hours); } else { dateComponents.hour = Int(hours)! + 12; } // mins is 00 to 59 in string format dateCom...
Read more