This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

What does "ArrayElementCount" in JSON Threat Protection Policy means?

Posted on 05-28-2015 09:27 AM
Not applicable
Reply posted on --/--/---- --:-- AM

Can I use "ArrayElementCount" to determine how many employees are there in a department?

Here is my JSON:

{
  "dept": "Dev",
  "Employees": [{
    "empName": "Name1",
    "id": 123
  }, {
    "empName": "Name2",
    "id": 456
  }]
}

I want to basically limit the number of employees in a department to 1. Over here, we have 2 employees for the dept. Can i use JSON threat protection to implement this?

Solved Solved
1 7 685
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

Hi Mohit, thanks for the question .

When testing this myself, I see that it's not behaving as I would expect. In other words when I pass in an array that has a length greater than the limit specified in the policy, the policy does not trigger a fault.

I think this may be a bug in the implementation of the policy.

As a workaround, you could build a custom JS callout to check this. If you need help with that let me know, and I'll work up some code for you. or look here

View solution in original post

Jump to Solution
0 Likes
7 REPLIES 7

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

Hi Mohit, thanks for the question .

When testing this myself, I see that it's not behaving as I would expect. In other words when I pass in an array that has a length greater than the limit specified in the policy, the policy does not trigger a fault.

I think this may be a bug in the implementation of the policy.

As a workaround, you could build a custom JS callout to check this. If you need help with that let me know, and I'll work up some code for you. or look here

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to DChiesa
Reply posted on --/--/---- --:-- AM

Thanks Dino. I do have a JS workaround for it. I just wanted to know if we could implement this via JSON threat Protection.

Is there some log that is being released everytime after APIGEE fixes the bug? It would be good to know the bug fixes provided by APIGEE after every release.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
birute
Staff
In response to
Reply posted on --/--/---- --:-- AM

@Mohit Rupani check out this page http://apigee.com/docs/release-notes/content/apigee-release-notes . This page provides release notes for Apigee Edge cloud and on-premises products. It also includes release notes archives.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to birute
Reply posted on --/--/---- --:-- AM

Thanks @Birute

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to DChiesa
Reply posted on --/--/---- --:-- AM

@Dino : Since we are on this topic, can you guide me as to how to use JSON threat protection properly? Is there some link I can look into to understand its usage better?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
DChiesa
Staff
In response to
Reply posted on --/--/---- --:-- AM

@Mohit Rupani - Just the documentation. I think maybe you've already seen this: http://apigee.com/docs/api-services/reference/json-threat-protection-policy If this page isn't clear enough, let me know, and I'll try to make it better.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
davidmehi
Staff
Reply posted on --/--/---- --:-- AM

Make sure the header Content-Type: application/json is set, otherwise the policy won't check it because it doesn't know the payload is JSON.

Jump to Solution
0 Likes