flask - something more strict than @api.expect for input data?
Instead of using a dictionary for your fields, try using a RequestParser (flask-restplus accepts both as documented here. That way, you can call parser.parse_args(strict=True) which will throw a 400 Bad Request exception if any unknown fields are present in your input data.
my_resource_parser = api.parser()my_resource_parser.add_argument('name', type=str, default='string: name', required=True)my_resource_parser.add_argument('state', type=str, default='string: state')@api.route('/my-resource/<id>')class MyResource(Resource): def post(self): args = my_resource_parser.parse_args(strict=True) ...For more guidance on how to use the request_parser with your resource, check out the ToDo example app in the flask-restplus repo.
Here is another answer to complete the one from @shiv. The following code snippet allows you to have your payload documented in the Swagger doc generated by Flask Restplus. Taken from the documentation about the expect decorator:
my_resource_parser = api.parser()my_resource_parser.add_argument('name', type=str, default='string: name', required=True)my_resource_parser.add_argument('state', type=str, default='string: state')@api.route('/my-resource/<id>', endpoint='with-parser')class MyResource(Resource): @api.expect(my_resource_parser) def post(self): args = my_resource_parser.parse_args(strict=True) ...
For those that want to continue using the api.model rather than request parser, it's possible to iterate over your input (assuming list) versus the model. The model behaves like a dictionary.
from flask_restplus import abortdef check_exact(response_list, model): for response_dict in response_list: for key in response_dict: if key not in model: abort(400, "Non-specified fields added", field=key)...
@ns.expect(my_model, validate=True)def post(self, token): """Add new set of responses """ check_exact(api.payload['responses'], my_model) ...