From #3828 (review)

• Loopback generated JSON Schema omits this declaration. build-schema.ts:353.
• Omitting this declaration causes ajv validation to pass when a required element (which is a reference to a different object) is set to null.
• Adding the declaration: "type: 'object'" to generated schemas enables ajv validation to correctly fail when a required referenced property is present but the value set to null.

From #3828 (comment)

I was thinking about adding a new test to packages/rest/src/__tests__/acceptance/validation/validation.acceptance.ts. Apparently, we already have a test to verify that request bodies containing only null are rejected:

https://github.com/strongloop/loopback-next/blob/512d37d4f8165ab02c522f071eb1862bf57125b8/packages/rest/src/__tests__/acceptance/validation/validation.acceptance.ts#L95-L101

If I understand your scenario correctly, then you want to reject requests when a required property is set to null. I think the simplest option is to define such property in the existing Product model and then add a new test to verify what happens when it's set to null. Just make sure to make the new property optional so that existing tests pass.

Alternatively, you can create a new context() block where you define a model & a controller that are specific to your scenario only. This is better in the long run, because we don't want the existing Product controller to grow super large to cover all different property types & definitions.

From #3828 (comment)

I think the change in behavior may be caused by #3895, where we started to add additionalProperties: false to schema emitted for models in strict mode (which is the default).

When I change the definition of Product model in the acceptance test and disable strict mode, then your new test fails as expected. (Unfortunately, there is one more test that fails too.)

Obviously, we don't want to change all existing tests to start testing the scenario with strict: false and no longer test the default setup with strict: true. To support non-strict mode, we need to create a new group of tests in validation.acceptance.ts that will use a new model with strict: false.

Let me ask you a question: how are your models configured? Do you use the default "strict" model behavior, or are you disabling it via model settings? If you are using strict mode, then I think you should be find a this pull request is not needed for your app.

IMO, we need to add tests to cover the following scenarios:

• For an Entity (model) defined with strict: false, test validation of values '' (an empty string - Validation passes when an required complex property value is set to an empty string. #3804), null (fix: emit "type: 'object'," for schema definitions #3828).
• For an Entity (model) defined with strict: true, test validation of values '' and null.

I feel it's crucial to verify the outcome of AJV validation before the proposed changes and after the change to ensure we are getting the desired behavior. I consider the changes made in the existing tests as "unit-level" - we know what schema is emitted, but don't verify that it gives the desired behavior during validation.

Hi @bajtos, Thanks for the feedback. I have updated the tests for

• For an Entity (model) defined with strict: false, test validation of values '' (an empty string - Validation passes when an required complex property value is set to an empty string. #3804), null (fix: emit "type: 'object'," for schema definitions #3828).
• For an Entity (model) defined with strict: true, test validation of values '' and null.

And in addition added tests for when the body of the request is a string, which was the initial reason I discovered the issue.

Let me know if these tests are what you were expecting and if there is any other work that required. Cheers