An input validation rule is a specific use of the validation rule that evaluates conditions and then returns a collection of data for any discrepancies (errors) found. This validation case applies to inputs coming through all types of model API pages - API endpoints in ORIGAM terminology, SchemaItem Page in the model. And as such, it targets incoming HTTP requests.

The object of validation are the parameters mapped for the page of the incoming request.

In addition to that the engine exposes extra parameters that can be used in the rule:

• HttpMethod
• UserLanguages
• UserAgent
• BrowserCapabilities

This function can be used for:

• Validating authorization and evaluating whether the user role from which the request came (user or function) has sufficient rights to provide the required functionality or data.
• Validating parameter inputs before the workflow engine is launched (saving resources on workflow pages).

How to use the function

InputValidationRule parameter is property of any API page and it can use standard XSLT based validation rule. Empty XmlContainer (default empty XML structure, a kind of context store for this purpose) is used as a source of the transformation.

To be able to work with the parameters and validate them, they need to be defined in the rule first:

<xsl:param name="paramName"/>

Notes and hints:

• paramName used in the rule or transformation is linked to the parameter Name in the parameter mapping (the PageParameterMapping schema item typ).

• The parameter used in the API page URL is defined in the MappedParameter property.

  

  Parameter mapping settings702×661 61.6 KB

• WorkflowPage API type maps to workflow context stores and Data Page (SchemaItemName: XslDataPage ) maps to parameters in the SQL request (BusinessPartner_parId).

• Validation rule can leverage also the parameter HttpStatusCode when raising RuleException to distinguish the different problems.

More information about input validation rules can be found in this discussion.