Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Django REST Framework ValidationError always returns 400

Tags:

serialization

http-status-codes

django-rest-framework

I am trying to force ValidationError to return a different status code than 400. This is what I did:

class MyValidationError(ValidationError):
    status_code = HTTP_403_FORBIDDEN

and then in a serializer:

def validate_field(self, value):
    raise MyValidationError

Why do I get 400 here instead of 403? An interesting thing is that if I use PermissionDenied with a custom status code (I tried 204) instead of ValidationError, it works as expected.

like image 500
karlosss Avatar asked Jan 28 '23 17:01

karlosss

1 Answers

The Django RestFramework serializer validates all possible fields and finally returns set of errors.

That is, suppose you are expecting two validation errors in serializer, in that one validation error is raised by MyValidationError. In that case DRF obviously return HTTP 400 status code, because the design patterns of DRF not raising individual validation errors.

The serializer validation process done inside the is_valid() method and it raises ValidationError at the end of the method.

def is_valid(self, raise_exception=False):
    ....code
    ....code
    if self._errors and raise_exception:
        raise ValidationError(self.errors)

    return not bool(self._errors)

and the ValidationError class raises HTTP 400 

class ValidationError(APIException):
    status_code = status.HTTP_400_BAD_REQUEST
    default_detail = _('Invalid input.')
    default_code = 'invalid'
    .... code


Why PermissionDenaid returns custom status code?

In the is_valid() (source code) method, it catches only ValidationError 

if not hasattr(self, '_validated_data'):
    try:
        self._validated_data = self.run_validation(self.initial_data)
    except ValidationError as exc:
        self._validated_data = {}
        self._errors = exc.detail
    else:
        self._errors = {}
At that time, DRF directly raises a PermissionDenaid exception and returns its own status code, which is customized by you


Conclusion

DRF Serializer ValidationError never returns status code other that HTTP 400 because it catches other sub validation error exceptions(if any) and atlast raises a major ValidationError which return HTTP 400 status code by it's design pattern

Reference:
is_valid() source code
ValidationError class source code

like image 53
JPG Avatar answered Feb 09 '23 01:02

JPG
Sign in to Comment

Related questions

Hide Django rest framework Routers Api View Page
How can I pass user id into a serializer with request data?
How to enforce POST idempotency in DRF?
Django REST Framework - get related objects
DRF - Set max and min value of a Serializer field
How to serialize a Django MPTT family and keep it hierarchical?
Getting Permissions issue on sending the authenticated request to OAuth2.0 Django rest Framwork
Django DRF list of ids object
How do I change the 'results' fieldname in Django REST Framework to something else?
Django - post InMemoryUploadedFile to external REST api
Where to store auth token (frontend) and how to put it in http headers of multiple endpoints?
DRF many-to-one reverse lookup

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!