Inconsistent url picking in case of "nested" id

[Leemur89]

Hello,

I have a case where my endpoint is like /api/v1/users/{user_id}/address/{address_id}

1. The system will try to create first a user doing a POST on /api/v1/users. It gets an id id1
2. Then it tries to do a POST to create an address (to test the PUT/DELETE) on /api/v1/users/{user_id}/address

BUT in my case I also have an endpoint /api/v1/users/{user_id}/address for which I have some specific setup on a specific user with id my_id (which I created before), hence on that one I'm using path_relation to force /api/v1/users/my_id/address

The problem is that on step 2 when the system tries to create an address, it will do it on /api/v1/users/my_id/address (the user preconfigured above) and not on /api/v1/users/id1/address. That will create an address with id idA

And finally, when testing /api/v1/users/{user_id}/address/{address_id}, it will actually call /api/v1/users/id1/address/idA which will fail with 404 because address idA belongs to user my_id and not to user id1

I hope this is clear enough. I'll try to provide sanitized OAS when I have more time.

Note that this happens only since v2.0.0, on v1 I did not have the problem. This is blocking me from upgrading to v2.

I tried to circumvent that issue by using path_relation directly on /api/v1/users/{user_id}/address/{address_id} (on another predetermined user and address), but then the DELETE is called first, making the subsequent GET/PUT fail (since v1 we cannot force the path on a method anymore, it is on the whole endpoint)

[robinmackaij]

I think I understand the setup / flow and I can see how the changes in v2 are breaking from what you have right now; reworking the path-related logic is one of the main reasons I made this a major release.

My initial feel is that you will need multiple PATH_MAPPING entries (/api/v1/users/{user_id}, /api/v1/user/{user_id}/address and /api/v1/users/{user_id}/address/{address_id}) with some custom Python code in the Relations, perhaps in combination with ID_MAPPINGS for these paths.

A sanitized OAS would be helpful, as would TRACE level logs of the particular test cases / keyword calls. If you're on the Robot Framework Slack (https://slack.robotframework.org/) feel free to drop me a DM with those.

OpenApiDriver does "reverse sort" the operations per path (PUT / POST / PATCH / GET / DELETE) and for any DELETE, an attempt is made to create the target resource first. I can imagine the final flow for this is different in v2 if path overrides happen, logs would definitely help in that regards.

Now I'm assuming this issue arises from OpenApiDriver runs and I'm curious whether you have experimented with a generated library to create specific test cases for this specific scenario.
I'm asking because for some complex API interactions, I've found it easier to create a dedicated suite with those scenarios and exclude those specific test cases from the OpenApiTools suite.