Schema validation and error detail settings by get params

CHANGELOG.md

@@ -7,13 +7,15 @@ Updates should follow the [Keep a CHANGELOG](http://keepachangelog.com/) princip
 * Support for semantic versioning api.
 * [BC] DefaultHandler response code 404 instead 400
 * [BC] Added Container to API Decider
+* [BC] Output Configurator, Allows different methods for output configuration. Needs to be added to config services.
 
 #### Added
 * CorsPreflightHandlerInterface - resolve multiple service registered handler error
 * Lazy API handlers
 
 #### Added
 * Button to copy `Body` content in api console
+* Ability to disable schema validation and provide additional error info with get parameters. 
 
 #### Changed
 * Handler tag wrapper has changed class from `btn` to `label`

README.md

@@ -40,6 +40,13 @@ application:
     Api: Tomaj\NetteApi\Presenters\*Presenter
 ```
 
+Then register your preffered output configurator in *config.neon* services: 
+
+```neon
+services:
+    apiOutputConfigurator: Tomaj\NetteApi\Output\Configurator\QueryConfigurator
+```
+
 And add route to you RouterFactory:
 
 ```php

src/Output/Configurator/ConfiguratorInterface.php

@@ -0,0 +1,14 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tomaj\NetteApi\Output\Configurator;
+
+use Nette\Application\Request;
+
+interface ConfiguratorInterface
+{
+    public function validateSchema(?Request $request = null): bool;
+
+    public function showErrorDetail(?Request $request = null): bool;
+}

src/Output/Configurator/DebuggerConfigurator.php

@@ -0,0 +1,21 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tomaj\NetteApi\Output\Configurator;
+
+use Nette\Application\Request;
+use Tracy\Debugger;
+
+class DebuggerConfigurator implements ConfiguratorInterface
+{
+    public function validateSchema(?Request $request = null): bool
+    {
+        return !Debugger::$productionMode;
+    }
+
+    public function showErrorDetail(?Request $request = null): bool
+    {
+        return !Debugger::$productionMode;
+    }
+}

src/Output/Configurator/EnvConfigurator.php

@@ -0,0 +1,28 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tomaj\NetteApi\Output\Configurator;
+
+use Nette\Application\Request;
+
+class EnvConfigurator implements ConfiguratorInterface
+{
+    public function validateSchema(?Request $request = null): bool
+    {
+        $appEnv = getenv("APP_ENV");
+        if ($appEnv === "production") {
+            return false;
+        }
+        return true;
+    }
+
+    public function showErrorDetail(?Request $request = null): bool
+    {
+        $appEnv = getenv("APP_ENV");
+        if ($appEnv === "production") {
+            return false;
+        }
+        return true;
+    }
+}

src/Output/Configurator/QueryConfigurator.php

@@ -0,0 +1,36 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tomaj\NetteApi\Output\Configurator;
+
+use Nette\Application\Request;
+
+class QueryConfigurator implements ConfiguratorInterface
+{
+    /*
+    ### Disable schema validation in not production environment
+    Include get parameter no_schema_validate in your request to disable schema validation. This is useful for testing purposes.
+    * schema validation is disabled by default in production environment for performance reasons
+
+    ### Add additional info to error response 
+    Include get parameter error_detail in your request to show additional info in error response. This is useful for debugging purposes.
+    */
+    public function validateSchema(?Request $request = null): bool
+    {
+        if ($request === null) {
+            return false;
+        }
+        $getParams = $request->getParameters();
+        return !isset($getParams['no_schema_validate']);
+    }
+
+    public function showErrorDetail(?Request $request = null): bool
+    {
+        if ($request === null) {
+            return false;
+        }
+        $getParams = $request->getParameters();
+        return isset($getParams['error_detail']);
+    }
+}

src/Presenters/ApiPresenter.php

@@ -21,6 +21,7 @@
 use Tomaj\NetteApi\RateLimit\RateLimitInterface;
 use Tomaj\NetteApi\Response\JsonApiResponse;
 use Tracy\Debugger;
+use Tomaj\NetteApi\Output\Configurator\ConfiguratorInterface;
 
 final class ApiPresenter implements IPresenter
 {
@@ -33,6 +34,9 @@ final class ApiPresenter implements IPresenter
     /** @var Container @inject */
     public $context;
 
+    /** @var ConfiguratorInterface @inject */
+    public $outputConfigurator;
+
     /**
      * CORS header settings
      *
@@ -83,7 +87,7 @@ public function run(Request $request): IResponse
         $paramsProcessor = new ParamsProcessor($handler->params());
         if ($paramsProcessor->isError()) {
             $this->response->setCode(Response::S400_BAD_REQUEST);
-            if (!Debugger::$productionMode) {
+            if ($this->outputConfigurator->showErrorDetail($request)) {
                 $response = new JsonResponse(['status' => 'error', 'message' => 'wrong input', 'detail' => $paramsProcessor->getErrors()]);
             } else {
                 $response = new JsonResponse(['status' => 'error', 'message' => 'wrong input']);
@@ -94,7 +98,8 @@ public function run(Request $request): IResponse
         try {
             $response = $handler->handle($params);
             $code = $response->getCode();
-            if (!Debugger::$productionMode) {  /// If not production mode, validate output
+
+            if ($this->outputConfigurator->validateSchema($request)) {  /// If not production mode or no no_schema_validate parameter present, validate output
                 $outputValid = count($handler->outputs()) === 0; // back compatibility for handlers with no outputs defined
                 $outputValidatorErrors = [];
                 foreach ($handler->outputs() as $output) {
@@ -115,7 +120,7 @@ public function run(Request $request): IResponse
                 }
             }
         } catch (Throwable $exception) {
-            if (!Debugger::$productionMode) {
+            if ($this->outputConfigurator->showErrorDetail($request)) {
                 $response = new JsonApiResponse(Response::S500_INTERNAL_SERVER_ERROR, ['status' => 'error', 'message' => 'Internal server error', 'detail' => $exception->getMessage()]);
             } else {
                 $response = new JsonApiResponse(Response::S500_INTERNAL_SERVER_ERROR, ['status' => 'error', 'message' => 'Internal server error']);