Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

writeOnly field

See original GitHub issue

Swagger spec supports a readOnly field, but I can’t find support for a writeOnly field (like one may use for a sensitive piece of information like a pan or credentials of some sort). Is there a reason for this omission?

Issue Analytics

State:
Created 8 years ago
Comments:19 (10 by maintainers)

Top GitHub Comments

8reactions

rjmaxcommented, May 23, 2016

Thanks all - perhaps a bit more context would be helpful. In the Azure API sets, we see that attributes generally follow one of four patterns:

Write only - e.g. secrets, which can be set, but you wouldn’t want to return to the client.
Read only - e.g. server-generated values, such as created/modified timestamps
Read + write once - immutable properties, such as resource geographical location
Read + write many - I guess this is the normal case 😃

In the case of #1, let’s take the case of a VM password. We need the user to set it, but don’t want to return the password back to the client. It would seem peculiar to model the password as a separate resource, since the password is of no standalone utility - its benefit is only in the context of that particular resource.

2reactions

ePaulcommented, Apr 19, 2016

@adamaltman @slavcodev The idea mentioned by @casualjim (and @webron) is to have two schemas, one for the “write” use case, the other one for the read one, which are referenced by the operations (in parameter or response definition). In order to duplicate less code, you can have a third one with the fields which are common for both read and write, and then refer to this with an allOf reference. Using writeOnly and readOnly is only a shortcut for this.

definitions:
   CommonExample:
      type: object
      properties:
         readAndWrite:
            type: string
   ReadExample:
      allOf:
        - $ref: '#/definitions/CommonExample'
        - type: object
          properties:
             readOnlyProperty:
                type: string
   WriteExample:
      allOf:
        - $ref: '#/definitions/CommonExample'
        - type: object
          properties:
             writeOnlyProperty:
                type: string
paths:
   /example
     put:
        parameters:
           - in: body
             required: true
             schema:
                $ref: '#/definitions/WriteExample'
        ...
     get:
        ...
        responses:
           '200':
              schema:
                 $ref: '#/definitions/ReadExample'