fix: add pagination to /rest/v1/root_cres and cap per_page on list endpoints#849
Open
shiwani42 wants to merge 1 commit intoOWASP:mainfrom
Open
fix: add pagination to /rest/v1/root_cres and cap per_page on list endpoints#849shiwani42 wants to merge 1 commit intoOWASP:mainfrom
shiwani42 wants to merge 1 commit intoOWASP:mainfrom
Conversation
…dpoints /rest/v1/root_cres had no pagination, returning all root CREs in a single unbounded query. Add get_root_cres_with_pagination() in db.py and update the endpoint to accept page/per_page params, returning page and total_pages metadata alongside data. /rest/v1/all_cres already supported pagination but accepted any positive integer for per_page, allowing a single request to fetch the entire dataset. Introduce MAX_PER_PAGE = 100 and cap per_page on both list endpoints. Format-based responses (Markdown, CSV, OSCAL) on root_cres are intentional full-export flows and are not paginated.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #847
What changed
/rest/v1/root_cresAdded
get_root_cres_with_pagination(page, per_page)todb.pyusing SQLAlchemy's.paginate(). The endpoint now acceptspageandper_pagequery params and returnspageandtotal_pagesalongsidedatain the JSON response, consistent with/rest/v1/all_cres.Format-based responses (Markdown, CSV, OSCAL) are intentional full-export flows and remain unpaginated.
/rest/v1/all_cresAdded
MAX_PER_PAGE = 100constant.per_pageis now capped atMAX_PER_PAGEon both list endpoints, preventing a single request from fetching the entire dataset.Tests
test_get_root_cres_with_paginationindb_test.pytest_find_root_cresinweb_main_test.pyto reflect the new response shapetest_root_cres_per_page_capandtest_all_cres_per_page_capinweb_main_test.py