Add option to enforce validation based on referenced WoT model #1650

thjaeckle · 2023-06-10T08:10:38Z

Currently, Ditto's WoT Integration does not ensure/enforce the referenced model.

As the reference implementation, Eclipse Thingweb did also not do that we thought that would be a common practice to move validation to eg producers of messages.

In practice I now see that an enforcement of the model by Ditto would have great benefits and is the best place to add validation.
This would eg ensure that different API consumers always modify a thing only in the intended and modeled way.

That would be especially important if the Ditto managed twin is used in an Event driven system, where changes of the twin state is reacted to by eg issuing a command downlink to an actual device (using "desired properties" approach).

This issue should track:

new config option to enable wot validation
implementation and making configurable all of the below:
- validation of attributes on thing level
- validation of properties of features
- validation of desired properties of features (ignoring "required" constraints)
- validation of thing messages
- validation of feature messages
- whether to allow modifying non modeled attributes/properties or to reject them
- whether to allow sending of non modeled messages (wot actions/events) or to reject them

I expect this to be quite difficult to do, as we have to extract the JsonSchema parts from WoT TM models and apply them.
Both when eg a complete thing is modified and also partially, when eg only a single feature or even property or even part of a property is modified.

thjaeckle · 2023-06-10T10:16:53Z

I think that we need to validate always what the target state of the complete thing (or feature if only a feature was modifier) would be against the model.

So after enforcement (different permissions should not yield different validation results), but before applying a modify command to the persistence.

We should also monitor how much time validation takes, by adding metrics (spans) to the existing signal processing trace.

It would ne nice to have the validation as separate Java Module so that it could also be used as a library.

thjaeckle · 2023-06-28T18:54:41Z

Another idea on the enforcement:
Configure a list of auth subjects (also supporting wildcards) for which validation is not done.

I am thinking especially about eg connections where we don't necessarily rely on a user input to validate.
Whereas for api users, eg authenticated via JWT and the http api, it would be important to validate all provided data.

* restructuring of "ditto-wot" module to enable re-usability of non-pekko/non-Ditto specifics * adding "validator" concept and first sample implementation (WIP) Signed-off-by: Thomas Jäckle <[email protected]>

…hingModel Signed-off-by: Thomas Jäckle <[email protected]>

…desired properties validation * taking care of e.g. "ditto:category" defined * first validation error will provide the error output (which is for now simpler and results in quicker obtained validation errors) Signed-off-by: Thomas Jäckle <[email protected]>

* validating features and properties as part of "modify thing" * handling "ditto:category" correctly * ensuring completeness of defined features * validation on creation/modification * of thing * of attributes * on attribute * on features * on feature Signed-off-by: Thomas Jäckle <[email protected]>

…property Signed-off-by: Thomas Jäckle <[email protected]>

* restructuring of "ditto-wot" module to enable re-usability of non-pekko/non-Ditto specifics * adding "validator" concept and first sample implementation (WIP) Signed-off-by: Thomas Jäckle <[email protected]>

…hingModel Signed-off-by: Thomas Jäckle <[email protected]>

…desired properties validation * taking care of e.g. "ditto:category" defined * first validation error will provide the error output (which is for now simpler and results in quicker obtained validation errors) Signed-off-by: Thomas Jäckle <[email protected]>

* restructuring of "ditto-wot" module to enable re-usability of non-pekko/non-Ditto specifics * adding "validator" concept and first sample implementation (WIP) Signed-off-by: Thomas Jäckle <[email protected]>

…hingModel Signed-off-by: Thomas Jäckle <[email protected]>

…desired properties validation * taking care of e.g. "ditto:category" defined * first validation error will provide the error output (which is for now simpler and results in quicker obtained validation errors) Signed-off-by: Thomas Jäckle <[email protected]>

* validating features and properties as part of "modify thing" * handling "ditto:category" correctly * ensuring completeness of defined features * validation on creation/modification * of thing * of attributes * on attribute * on features * on feature Signed-off-by: Thomas Jäckle <[email protected]>

…property Signed-off-by: Thomas Jäckle <[email protected]>

* enforce modifying thing definition + feature definition * enhance configuration options

…the thing for validationError paths

…their responses * also updated some dependencies * simplified DefaultWotThingModelValidator a little

…iding "type" (valid for e.g. "oneOf") use * update json-schema-validator library

…ation in smaller pieces * strict split between config reading in DefaultWotThingModelValidation and static functionality in Internal* classes

* based on either DittoHeaders or on ThingDefinition/FeatureDefinition URLs

* fixed and harmonized other traces while doing that in order to get correct parent hierarchy of spans

…ased on the WoT model * restructured some too long methods * fixed remaining TODOs

…ctionality

* also for dynamic part * changed config structure a bit in order to better fit Helm YAML config

…e corner cases * e.g. deeply nested updates, removing definition via PATCH * enabled WoT based validation by default

* first choosing potentially new definition and only as fall-back the old one

…gs update

…on "minLength"

#1650 provide WoT TM validation

thjaeckle changed the title ~~Add option to enforce validatation based on referenced WoT model~~ Add option to enforce validation based on referenced WoT model Jun 10, 2023

thjaeckle added this to the 3.4.0 milestone Jun 16, 2023

thjaeckle added this to Ditto Planning Jun 16, 2023

thjaeckle moved this to Todo in Ditto Planning Jun 16, 2023

thjaeckle removed this from the 3.4.0 milestone Aug 25, 2023

thjaeckle removed this from Ditto Planning Jan 23, 2024

thjaeckle added the WoT Web of Things related enhancements label Jan 30, 2024

thjaeckle added this to the 3.6.0 milestone Feb 24, 2024

thjaeckle self-assigned this Feb 24, 2024

thjaeckle added this to Ditto Planning Feb 24, 2024

thjaeckle moved this to In Progress in Ditto Planning Feb 24, 2024

thjaeckle mentioned this issue May 6, 2024

#1650 provide WoT TM validation #1936

Merged

12 tasks

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue May 13, 2024

eclipse-ditto#1650 prepare validation of features as Submodels of a T…

5fdbba7

…hingModel Signed-off-by: Thomas Jäckle <[email protected]>

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jun 10, 2024

eclipse-ditto#1650: added validation of feature properties + feature …

f84e14c

…property Signed-off-by: Thomas Jäckle <[email protected]>

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jun 18, 2024

eclipse-ditto#1650 prepare validation of features as Submodels of a T…

f11bcb2

…hingModel Signed-off-by: Thomas Jäckle <[email protected]>

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 prepare validation of features as Submodels of a T…

2de51cd

…hingModel Signed-off-by: Thomas Jäckle <[email protected]>

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650: added validation of feature properties + feature …

99b0a39

…property Signed-off-by: Thomas Jäckle <[email protected]>

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 enforce "MergeThing" command

56d1eb9

* enforce modifying thing definition + feature definition * enhance configuration options

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 fix path handling, always using absolute paths to …

35c7074

…the thing for validationError paths

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 provided javadoc for validation interfaces

05cd1e9

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 first steps of (thing) message (action) validation

2e1491c

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 update dependencies

4745aee

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 added validation for actions / inbox messages and …

b4e3233

…their responses * also updated some dependencies * simplified DefaultWotThingModelValidator a little

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 provided validation for events / outbox messages

75ee80b

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 added SingleDataSchema implementation without prov…

d2bf636

…iding "type" (valid for e.g. "oneOf") use * update json-schema-validator library

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 provide dynamic configuration of WoT validation

9cfd1b2

* based on either DittoHeaders or on ThingDefinition/FeatureDefinition URLs

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 added tracing for wot_validation

5069f4d

* fixed and harmonized other traces while doing that in order to get correct parent hierarchy of spans

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 fix BackgroundSyncActorTest

7228a8a

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 added validations when deleting parts of a thing b…

2ed2641

…ased on the WoT model * restructured some too long methods * fixed remaining TODOs

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 added unit tests covering the added validation fun…

9c2ed96

…ctionality

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 provided Helm configuration for WoT TM validation

d0c3051

* also for dynamic part * changed config structure a bit in order to better fit Helm YAML config

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 hardened validation implementation, supporting mor…

48ffa81

…e corner cases * e.g. deeply nested updates, removing definition via PATCH * enabled WoT based validation by default

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 provided more unit tests

1f0d538

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 fix merge thing when updating definition

99a5311

* first choosing potentially new definition and only as fall-back the old one

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 fix skipping required properties check

9069625

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 29, 2024

eclipse-ditto#1650 added documentation for new WoT TM based validation

608894f

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Jul 30, 2024

eclipse-ditto#1650 fixed path for updating attributes as part of thin…

208fa97

…gs update

thjaeckle added a commit to beyonnex-io/ditto that referenced this issue Aug 1, 2024

eclipse-ditto#1650 don't generate neutral string default value based …

7aadc82

…on "minLength"

thjaeckle closed this as completed in #1936 Aug 26, 2024

thjaeckle added a commit that referenced this issue Aug 26, 2024

Merge pull request #1936 from beyonnex-io/wot-tm-validation

e4ce12e

#1650 provide WoT TM validation

github-project-automation bot moved this from In Progress to Done in Ditto Planning Aug 26, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add option to enforce validation based on referenced WoT model #1650

Add option to enforce validation based on referenced WoT model #1650

thjaeckle commented Jun 10, 2023 •

edited

Loading

thjaeckle commented Jun 10, 2023

thjaeckle commented Jun 28, 2023

Add option to enforce validation based on referenced WoT model #1650

Add option to enforce validation based on referenced WoT model #1650

Comments

thjaeckle commented Jun 10, 2023 • edited Loading

thjaeckle commented Jun 10, 2023

thjaeckle commented Jun 28, 2023

thjaeckle commented Jun 10, 2023 •

edited

Loading