request body @pattern validation has no effect after upgrade to v6.0.0

RobYed commented 7 months ago

I upgraded tsoa from v5.1.1 to v6.0.0 in my project. After that a POST endpoint does not evaluate a (nested) @pattern validation annotation anymore and just passes the request to the controller.

Sorting

I'm submitting a ...
- [x] bug report
- [ ] feature request
- [ ] support request
I confirm that I
- [x] used the search to make sure that a similar issue hasn't already been submit

Expected Behavior

Given the following CreateParticipantRequestDto interface and docs for the request body, I expect tsoa to reject any request which does not contain a valid pseudonym value:

/**
 * The pseudonym is the unique identifier of a participant.
 *
 * @pattern ^[a-z]+-[0-9]+$ The pseudonym is only allowed to consist of lower case characters
 * @example "abcd-1234"
 */
export type Pseudonym = string;

export interface ParticipantDto {
  pseudonym: Pseudonym;
  study: string;
  studyCenter: string | null;

  /**
   * The optional examination wave in which the participant participates.
   *
   * @isInt
   */
  examinationWave: number | null;
}

export type CreateParticipantRequestDto = Partial<
  Pick<
    ParticipantDto,
    | 'pseudonym'
    | 'studyCenter'
    | 'examinationWave'
  >
>;

Controller method:

@Post()
public async postParticipant(
    @Path() studyName: string,
    @Body() participant: CreateParticipantRequestDto
): Promise<CreateParticipantResponseDto> {
    // ...
}

If I send this request body, I expect tsoa to reject the request because the pseudonym does not match the @pattern regex.

{
    "pseudonym": "QTest-0001",
    "studyCenter": "test_sz",
    "examinationWave": 1,
}

Current Behavior

The @pattern validation does not lead to a rejected request if the body is invalid.

However, the @isInt validation in the above example does work as expected.

Possible Solution

Steps to Reproduce

see code snippets above

Context (Environment)

Version of the library: 6.0.0 Version of NodeJS: v20.3.0

Confirm you were using yarn not npm: [ ]

Detailed Description

Breaking change?

github-actions[bot] commented 7 months ago

Hello there RobYed 👋

Thank you for opening your very first issue in this project.

We will try to get back to you as soon as we can.👀

gcv-epalmer commented 7 months ago

I see you're using a Partial and a Pick in your interfaces, we have found some other issues when using these utility types: https://github.com/lukeautry/tsoa/issues/1515

For a workaround, I'm betting if you hardcoded the interface without using Pick/Partial that you'd get your validation back

RobYed commented 7 months ago

@gcv-epalmer Thanks for your quick response. Yes, you are right. When I turn CreateParticipantRequestDto into a usual interface, everything works as expected. However, this is something we don't want to do. A fix would be great :)

WoH commented 7 months ago

@RobYed Would you like to open a PR?

RobYed commented 7 months ago

@WoH I would like to. However, I do not have any glue of the codebase. Also I don't know what changed from v5.1.1 to v6.0.0. I currently don't have the time to familiarise myself with it :/

lukeautry / tsoa