I'm exposing a REST API. In POST method,How to check if the Request body is not empty and also how to check whether the user is passing correct attribute name in the request body?
Hi Joe,
for checking if a request is empty you can add some logic to an OnRequest handler of your REST API. This involves some extra work as a GET request always has an empty request body.
* Add an OnRequest handler to your exposed API
* Add a reference to the GetURLMethod and SetStatusCode of the HttpRequestHandler extension
* Create a User Exception with a name of e.g. ApiException
* Add GetURLMethod to the OnRequest handler flow
* Add an If statement with a condition of GetURLMethod.Method = "POST" and Trim(Request.RequestText) = ""
* If true add a SetStatusCode action with a code of 400. End the true branch with an APIException.
* The false branch should end with a regular End.
This will help you to verify if a request has any value and exits out with a BadRequest if not.
Validating parameters should be done in the actualy endpoint action just like you would validate input parameters of a regular server action. So you define the request payload as a structure with proper "Name in Json" values. OutSystems will deserialize the RequestText (now it should definitly have a value) and you use the deserialized values in your flow. Exit with Status code of 400 and an ApiException just like in the OnRequest handler.
Best
Stefan
Thank you so much for the quick response stefan
I did a quick example, so you could easily access the suggestion Stefan presented. (OML here)
I just want to complement with the recommendation of taking into consideration the difference between validations done in the services level and validations done in API level.
So, ask your self, do you want a group of controls/validations to be done in a specific service? Do it inside the service, as Stefan recomended, maybe this approach serves the most cases.
But if you have to implement some kind of validation/controls, that must be applied to all services, consider doing it in the OnRequest, althought it envolves more complexity, promotes maintainability and standard patterns, since you don't need to implement the same controls in each service you add to your API.
So in this example specifically, I whould consider:
Regarding validations and exeptions
I recomend you to manage business errors and validations via strutured error output, with different error codes per each validation, personalized messages etc, for example the Name not empty validation you mentioned.
In terms of raising exeptions, I recommend you use it for tecnhical errors, for example the POST method control, or the empty body, or the request header control, as I added in the OML example.
Check the OML, I applied all this concept examples.
Cheers, have fun coding.
JAS
Hello Jose.Thank you so much.One more doubt.So if my JSON Request body is something like {"FirstName":"Joe","LastName":"Jeeva"}What if someone try to insert a attribute which is not there like{age:20}How can i validate attribute names? is there any way?
Hi Joe!
If the request contains attributes or structures that are not mapped on your request, they will be ignored. So, I would not invest a lot of time in controling all possible scenarios, since there are inifite possibilities. If you have specific fields that you want to control, just map them on your request and manage the way you desire.
Cheers, have fun coding.JAS
Thank you😊