PUT /api/v1/settings/attributes/{id} – Multiple validation issues including invalid data types and lack of error handling

[sagarkumar-webkul]

API Issue Report

---

Title

PUT /api/v1/settings/attributes/{id} – Multiple validation issues including invalid data types and lack of error handling

---

Description

When updating an attribute using the PUT /api/v1/settings/attributes/{id} endpoint, the following issues have been identified:

1. is_required and is_unique accept non-boolean values
   These fields should only accept true or false, but the API currently accepts strings and other types without validation.

2. type field accepts any arbitrary string
   The type field should be restricted to valid predefined values (e.g., text, select, etc.). Currently, any text is accepted.

3. Invalid or non-existent ID causes a 500 Internal Server Error
   When a PUT request is sent with a non-existent ID, the API throws a 500 Internal Server Error instead of returning a proper 404 Not Found.

---

Preconditions

1. Framework Version: Krayin REST API
2. Commit ID: Not provided

---

Steps to Reproduce

Case 1 – is_required and is_unique accept invalid types:

1. Send a PUT request to /api/v1/settings/attributes/{id} with:

   {
     "code": "sample_code",
     "name": "Tax",
     "type": "select",
     "lookup_type": "lead types",
     "entity_type": "persons",
     "is_required": "yes",     // Invalid
     "is_unique": "maybe",     // Invalid
     "quick_add": 1,
     "is_user_defined": 1,
     "option_type": "options"
   }

Acutal Result