Better validation of action events

[chdorner]

Rasa version: Tested on 2.3.4, bug should still exist on currently latest main@eb408bb2d216de3a1cd1f72799d7b80eceeb1fd2

Rasa SDK version (if used & relevant): 2.3.1

Rasa X version (if used & relevant): 0.36.0 and later (not relevant however)

Python version: 3.8.6

Operating system (windows, osx, ...): Mac OS 11.2.1

Issue:
This came out of this Rasa X issue (see @tmbo's comment here for a summary).

The validation of action responses are quite optimistic, allowing actions to create invalid events (i.e. "entities": {} instead of the valid "entities": []), resulting on a bunch of different issues downstream in Rasa X, since so far Rasa X seems to trust that events sent over the broker are valid.

Here's a handy example repo made by @rgstephens to illustrate the issue: RasaHQ/action-execute-convo-issue. Note that this is actually a bug in the action code that should, however, be caught by Rasa OSS and have the error (invalid event) logged.

Definition of done

• amend json schema in action_response_format_spec method to cover in detail every top level key in the top 3 most important events: UserUttered, SlotSet, ActionExecuted, while the rest 20 events can be covered on the surface, using oneOf json schema constraint (more details in Notion)
• add event validation to server.py
• add tests
• submit new issue to update docs with detailed description of the schema
• submit separate issue to tackle response validation in action.py

[tmbo]

Same validation should be applied to events getting send to the http server of rasa open source (eg in the append events endpoint)

[b-quachtran]

@TyDunn A customer is reporting that this issue is affecting them, any chance this can get bumped up in priority?