rohskiddo/UMBRA
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
UMBRA/backend/app/schemas/todo.py
Kyle Pope 2f58282c31 M-01+M-03: Add input validation and extra=forbid to all request schemas 
- Add max_length constraints to all string fields in request schemas,
  matching DB column limits (title:255, description:5000, etc.)
- Add min_length=1 to required name/title fields
- Add ConfigDict(extra="forbid") to all request schemas to reject
  unknown fields (prevents silent field injection)
- Add Path(ge=1, le=2147483647) to all integer path parameters across
  all routers to prevent integer overflow → 500 errors
- Add max_length to TOTP inline schemas (code:6, mfa_token:256, etc.)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-27 15:43:55 +08:00

54 lines
1.6 KiB
Python
Raw Blame History

from pydantic import BaseModel, ConfigDict, Field
from datetime import datetime, date, time
from typing import Optional, Literal
TodoPriority = Literal["none", "low", "medium", "high"]
RecurrenceRule = Literal["daily", "weekly", "monthly"]
class TodoCreate(BaseModel):
model_config = ConfigDict(extra="forbid")
title: str = Field(min_length=1, max_length=255)
description: Optional[str] = Field(None, max_length=5000)
priority: TodoPriority = "medium"
due_date: Optional[date] = None
due_time: Optional[time] = None
category: Optional[str] = Field(None, max_length=100)
recurrence_rule: Optional[RecurrenceRule] = None
project_id: Optional[int] = None
class TodoUpdate(BaseModel):
model_config = ConfigDict(extra="forbid")
title: Optional[str] = Field(None, min_length=1, max_length=255)
description: Optional[str] = Field(None, max_length=5000)
priority: Optional[TodoPriority] = None
due_date: Optional[date] = None
due_time: Optional[time] = None
completed: Optional[bool] = None
category: Optional[str] = Field(None, max_length=100)
recurrence_rule: Optional[RecurrenceRule] = None
project_id: Optional[int] = None
class TodoResponse(BaseModel):
id: int
title: str
description: Optional[str]
priority: str
due_date: Optional[date]
due_time: Optional[time]
completed: bool
completed_at: Optional[datetime]
category: Optional[str]
recurrence_rule: Optional[str]
reset_at: Optional[datetime]
next_due_date: Optional[date]
project_id: Optional[int]
created_at: datetime
updated_at: datetime
model_config = ConfigDict(from_attributes=True)
Reference in New Issue View Git Blame Copy Permalink