apipie-rails 0.7.0 → 0.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/README.rst +20 -0
- data/lib/apipie/configuration.rb +8 -3
- data/lib/apipie/dsl_definition.rb +12 -1
- data/lib/apipie/param_description.rb +8 -4
- data/lib/apipie/swagger_generator.rb +2 -0
- data/lib/apipie/version.rb +1 -1
- data/spec/controllers/users_controller_spec.rb +23 -0
- data/spec/lib/param_description_spec.rb +68 -0
- metadata +3 -4
- data/Gemfile +0 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ca6da3e428a5c61d9015882992836106ba91778cda6a833fca9ddced24378ebc
|
4
|
+
data.tar.gz: 6268486cd2419034400e32020ed6869cb361ee997ec60f22170b97758b941c00
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 84ff46aa072d18ae94a7ceb5710c27ee085cfc2662d6da76dcd06457ea966be2b57a23e0d314922dc092ba1ffc786a6c861faaf71411088e3623ad34aa3c080b
|
7
|
+
data.tar.gz: 4bf22cb4b69ce75fbe795f21843baf25d4c2c7d545c36923cf884372fae2a0db80b01c52eecb1b9d3a838c137948f5bcb4eea1bf61941d6dc605e97c17bc8057
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,18 @@
|
|
1
1
|
Changelog
|
2
2
|
===========
|
3
3
|
|
4
|
+
## [v0.7.1](https://github.com/Apipie/apipie-rails/tree/v0.7.1) (2022-04-06)
|
5
|
+
[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.7.0...v0.7.1)
|
6
|
+
* Skip extra parameters while validating the keys. [#690](https://github.com/Apipie/apipie-rails/pull/690) (Omkar Joshi)
|
7
|
+
* Support defining security mechanisms for Swagger [#711](https://github.com/Apipie/apipie-rails/pull/711) (Dan Leyden)
|
8
|
+
* Update boolean handling of false [#749](https://github.com/Apipie/apipie-rails/pull/749) (Colin Bruce)
|
9
|
+
|
10
|
+
Note: Up until and including v0.6.x, apipie-rails was silently ignoring allow_blank == false on String validation.
|
11
|
+
when allow_blank is not specified, it default to false. to allow blank strings, you must specify it as a parameter.
|
12
|
+
|
13
|
+
Alternatively, if you want to revert to the previous behavior, you can set this configuration option:
|
14
|
+
`Apipie.configuration.ignore_allow_blank_false = true`.
|
15
|
+
|
4
16
|
## [v0.7.0](https://github.com/Apipie/apipie-rails/tree/v0.7.0) (2022-03-30)
|
5
17
|
[Full Changelog](https://github.com/Apipie/apipie-rails/compare/v0.6.0...v0.7.0)
|
6
18
|
* ArgumentError (invalid byte sequence in UTF-8) [#746](https://github.com/Apipie/apipie-rails/pull/746) (David Milanese)
|
data/README.rst
CHANGED
@@ -966,6 +966,9 @@ validate_presence
|
|
966
966
|
validate_key
|
967
967
|
Check the received params to ensure they are defined in the API. (false by default)
|
968
968
|
|
969
|
+
action_on_non_validated_keys
|
970
|
+
Either `:raise` or `:skip`. If `validate_key` fails, raise error or delete the non-validated key from the params and log the key (`:raise` by default)
|
971
|
+
|
969
972
|
process_params
|
970
973
|
Process and extract the parameter defined from the params of the request
|
971
974
|
to the api_params variable
|
@@ -1021,6 +1024,10 @@ authorize
|
|
1021
1024
|
show_all_examples
|
1022
1025
|
Set this to true to set show_in_doc=1 in all recorded examples
|
1023
1026
|
|
1027
|
+
ignore_allow_blank_false
|
1028
|
+
`allow_blank: false` was incorrectly ignored up until version 0.6.0, this bug was fixed in 0.7.0
|
1029
|
+
if you need the old behavior, set this to true
|
1030
|
+
|
1024
1031
|
link_extension
|
1025
1032
|
The extension to use for API pages ('.html' by default). Link extensions
|
1026
1033
|
in static API docs cannot be changed from '.html'.
|
@@ -1654,6 +1661,18 @@ There are several configuration parameters that determine the structure of the g
|
|
1654
1661
|
If ``true``: the ``additional-properties: false`` field will not be included in response object descriptions
|
1655
1662
|
|
1656
1663
|
|
1664
|
+
``config:swagger_security_definitions``
|
1665
|
+
If the API requires authentication, you can specify details of the authentication mechanisms supported as a (Hash) value here.
|
1666
|
+
See [https://swagger.io/docs/specification/2-0/authentication/] for details of what values can be specified
|
1667
|
+
By default, no security is defined.
|
1668
|
+
|
1669
|
+
``config.swagger_global_security``
|
1670
|
+
If the API requires authentication, you can specify which of the authentication mechanisms are supported by all API operations as an Array of hashes here.
|
1671
|
+
This should be used in conjunction with the mechanisms defined by ``swagger_security_definitions``.
|
1672
|
+
See [https://swagger.io/docs/specification/2-0/authentication/] for details of what values can be specified
|
1673
|
+
By default, no security is defined.
|
1674
|
+
|
1675
|
+
|
1657
1676
|
Known limitations of the current implementation
|
1658
1677
|
-------------------------------------------------
|
1659
1678
|
* There is currently no way to document the structure and content-type of the data returned from a method
|
@@ -1663,6 +1682,7 @@ Known limitations of the current implementation
|
|
1663
1682
|
* It is not possible to leverage all of the parameter type/format capabilities of swagger
|
1664
1683
|
* Only OpenAPI 2.0 is supported
|
1665
1684
|
* Responses are defined inline and not as a $ref
|
1685
|
+
* It is not possible to specify per-operation security requirements (only global)
|
1666
1686
|
|
1667
1687
|
====================================
|
1668
1688
|
Dynamic Swagger generation
|
data/lib/apipie/configuration.rb
CHANGED
@@ -5,13 +5,14 @@ module Apipie
|
|
5
5
|
:markup, :disqus_shortname,
|
6
6
|
:api_base_url, :doc_base_url, :required_by_default, :layout,
|
7
7
|
:default_version, :debug, :version_in_url, :namespaced_resources,
|
8
|
-
:validate, :validate_value, :validate_presence, :validate_key, :authenticate, :doc_path,
|
8
|
+
:validate, :validate_value, :validate_presence, :validate_key, :action_on_non_validated_keys, :authenticate, :doc_path,
|
9
9
|
:show_all_examples, :process_params, :update_checksum, :checksum_path,
|
10
10
|
:link_extension, :record, :languages, :translate, :locale, :default_locale,
|
11
|
-
:persist_show_in_doc, :authorize,
|
11
|
+
:persist_show_in_doc, :authorize, :ignore_allow_blank_false,
|
12
12
|
:swagger_include_warning_tags, :swagger_content_type_input, :swagger_json_input_uses_refs,
|
13
13
|
:swagger_suppress_warnings, :swagger_api_host, :swagger_generate_x_computed_id_field,
|
14
|
-
:swagger_allow_additional_properties_in_response, :swagger_responses_use_refs
|
14
|
+
:swagger_allow_additional_properties_in_response, :swagger_responses_use_refs,
|
15
|
+
:swagger_security_definitions, :swagger_global_security
|
15
16
|
|
16
17
|
alias_method :validate?, :validate
|
17
18
|
alias_method :required_by_default?, :required_by_default
|
@@ -152,6 +153,7 @@ module Apipie
|
|
152
153
|
@validate_value = true
|
153
154
|
@validate_presence = true
|
154
155
|
@validate_key = false
|
156
|
+
@action_on_non_validated_keys = :raise
|
155
157
|
@required_by_default = false
|
156
158
|
@api_base_url = HashWithIndifferentAccess.new
|
157
159
|
@doc_base_url = "/apipie"
|
@@ -159,6 +161,7 @@ module Apipie
|
|
159
161
|
@disqus_shortname = nil
|
160
162
|
@default_version = "1.0"
|
161
163
|
@debug = false
|
164
|
+
@ignore_allow_blank_false = false
|
162
165
|
@version_in_url = true
|
163
166
|
@namespaced_resources = false
|
164
167
|
@doc_path = "doc"
|
@@ -181,6 +184,8 @@ module Apipie
|
|
181
184
|
@swagger_generate_x_computed_id_field = false
|
182
185
|
@swagger_allow_additional_properties_in_response = false
|
183
186
|
@swagger_responses_use_refs = true
|
187
|
+
@swagger_security_definitions = {}
|
188
|
+
@swagger_global_security = []
|
184
189
|
end
|
185
190
|
end
|
186
191
|
end
|
@@ -262,7 +262,9 @@ module Apipie
|
|
262
262
|
if Apipie.configuration.validate_key?
|
263
263
|
params.reject{|k,_| %w[format controller action].include?(k.to_s) }.each_pair do |param, _|
|
264
264
|
# params allowed
|
265
|
-
|
265
|
+
if method_params.select {|_,p| p.name.to_s == param.to_s}.empty?
|
266
|
+
self.class._apipie_handle_validate_key_error params, param
|
267
|
+
end
|
266
268
|
end
|
267
269
|
end
|
268
270
|
|
@@ -290,6 +292,15 @@ module Apipie
|
|
290
292
|
end
|
291
293
|
end
|
292
294
|
|
295
|
+
def _apipie_handle_validate_key_error params, param
|
296
|
+
if Apipie.configuration.action_on_non_validated_keys == :raise
|
297
|
+
raise UnknownParam, param
|
298
|
+
elsif Apipie.configuration.action_on_non_validated_keys == :skip
|
299
|
+
params.delete(param)
|
300
|
+
Rails.logger.warn(UnknownParam.new(param).to_s)
|
301
|
+
end
|
302
|
+
end
|
303
|
+
|
293
304
|
def _apipie_save_method_params(method, params)
|
294
305
|
@method_params ||= {}
|
295
306
|
@method_params[method] = params
|
@@ -114,16 +114,20 @@ module Apipie
|
|
114
114
|
end
|
115
115
|
|
116
116
|
def validate(value)
|
117
|
-
return true if
|
118
|
-
return true if
|
117
|
+
return true if allow_nil && value.nil?
|
118
|
+
return true if allow_blank && value.blank?
|
119
119
|
value = normalized_value(value)
|
120
|
-
if (
|
121
|
-
error =
|
120
|
+
if (!allow_nil && value.nil?) || (blank_forbidden? && value.blank?) || !validator.valid?(value)
|
121
|
+
error = validator.error
|
122
122
|
error = ParamError.new(error) unless error.is_a? StandardError
|
123
123
|
raise error
|
124
124
|
end
|
125
125
|
end
|
126
126
|
|
127
|
+
def blank_forbidden?
|
128
|
+
!Apipie.configuration.ignore_allow_blank_false && !allow_blank && !validator.is_a?(Validator::BooleanValidator)
|
129
|
+
end
|
130
|
+
|
127
131
|
def process_value(value)
|
128
132
|
value = normalized_value(value)
|
129
133
|
if @validator.respond_to?(:process_value)
|
data/lib/apipie/version.rb
CHANGED
@@ -124,6 +124,29 @@ describe UsersController do
|
|
124
124
|
end
|
125
125
|
end
|
126
126
|
|
127
|
+
context "key validations are enabled and skip on non-validated keys" do
|
128
|
+
before do
|
129
|
+
Apipie.configuration.validate_value = false
|
130
|
+
Apipie.configuration.validate_presence = true
|
131
|
+
Apipie.configuration.validate_key = true
|
132
|
+
Apipie.configuration.action_on_non_validated_keys = :skip
|
133
|
+
end
|
134
|
+
|
135
|
+
it "should reply to valid request" do
|
136
|
+
expect { get :show, :params => { :id => 5, :session => 'secret_hash' }}.not_to raise_error
|
137
|
+
assert_response :success
|
138
|
+
end
|
139
|
+
|
140
|
+
it "should delete the param and not fail if an extra parameter is passed." do
|
141
|
+
expect { get :show, :params => { :id => 5 , :badparam => 'badfoo', :session => "secret_hash" }}.not_to raise_error
|
142
|
+
expect(controller.params.as_json).to eq({"session"=>"secret_hash", "id"=>"5", "controller"=>"users", "action"=>"show"})
|
143
|
+
end
|
144
|
+
|
145
|
+
after do
|
146
|
+
Apipie.configuration.action_on_non_validated_keys = :raise
|
147
|
+
end
|
148
|
+
end
|
149
|
+
|
127
150
|
context "presence and value validations are enabled" do
|
128
151
|
before do
|
129
152
|
Apipie.configuration.validate_value = true
|
@@ -113,6 +113,74 @@ describe Apipie::ParamDescription do
|
|
113
113
|
|
114
114
|
end
|
115
115
|
|
116
|
+
describe 'validate' do
|
117
|
+
context 'when allow_blank is ignored, as it was before 0.7.0' do
|
118
|
+
before do
|
119
|
+
Apipie.configuration.ignore_allow_blank_false = true
|
120
|
+
end
|
121
|
+
|
122
|
+
context 'when the parameter is a boolean' do
|
123
|
+
it "should not throw an exception when passed false" do
|
124
|
+
expect { Apipie::ParamDescription.new(method_desc, :param, :boolean).validate(false) }.to_not raise_error
|
125
|
+
end
|
126
|
+
|
127
|
+
it "should throw an exception when passed an empty value" do
|
128
|
+
expect { Apipie::ParamDescription.new(method_desc, :param, :boolean).validate('') }.to raise_error(Apipie::ParamInvalid)
|
129
|
+
end
|
130
|
+
end
|
131
|
+
|
132
|
+
context 'when the parameter is a string' do
|
133
|
+
context 'when allow_blank is specified as true' do
|
134
|
+
it "should throw an exception when passed an empty value" do
|
135
|
+
expect { Apipie::ParamDescription.new(method_desc, :param, String, allow_blank: true).validate('') }.to_not raise_error
|
136
|
+
end
|
137
|
+
end
|
138
|
+
context 'when allow_blank is specified as false' do
|
139
|
+
it "should throw an exception when passed an empty value" do
|
140
|
+
expect { Apipie::ParamDescription.new(method_desc, :param, String, allow_blank: false).validate('') }.to_not raise_error
|
141
|
+
end
|
142
|
+
end
|
143
|
+
context 'when allow_blank is not specified' do
|
144
|
+
it "should throw an exception when passed an empty value" do
|
145
|
+
expect { Apipie::ParamDescription.new(method_desc, :param, String).validate('') }.to_not raise_error
|
146
|
+
end
|
147
|
+
end
|
148
|
+
end
|
149
|
+
|
150
|
+
after do
|
151
|
+
Apipie.configuration.ignore_allow_blank_false = false
|
152
|
+
end
|
153
|
+
end
|
154
|
+
|
155
|
+
context 'when the parameter is a boolean' do
|
156
|
+
it "should not throw an exception when passed false" do
|
157
|
+
expect { Apipie::ParamDescription.new(method_desc, :param, :boolean).validate(false) }.to_not raise_error
|
158
|
+
end
|
159
|
+
|
160
|
+
it "should throw an exception when passed an empty value" do
|
161
|
+
expect { Apipie::ParamDescription.new(method_desc, :param, :boolean).validate('') }.to raise_error(Apipie::ParamInvalid)
|
162
|
+
end
|
163
|
+
end
|
164
|
+
|
165
|
+
context 'when the parameter is a string' do
|
166
|
+
context 'when allow_blank is specified as true' do
|
167
|
+
it "should throw an exception when passed an empty value" do
|
168
|
+
expect { Apipie::ParamDescription.new(method_desc, :param, String, allow_blank: true).validate('') }.to_not raise_error
|
169
|
+
end
|
170
|
+
end
|
171
|
+
context 'when allow_blank is specified as false' do
|
172
|
+
it "should throw an exception when passed an empty value" do
|
173
|
+
expect { Apipie::ParamDescription.new(method_desc, :param, String, allow_blank: false).validate('') }.to raise_error(Apipie::ParamInvalid)
|
174
|
+
end
|
175
|
+
end
|
176
|
+
context 'when allow_blank is not specified' do
|
177
|
+
it "should throw an exception when passed an empty value" do
|
178
|
+
expect { Apipie::ParamDescription.new(method_desc, :param, String).validate('') }.to raise_error(Apipie::ParamInvalid)
|
179
|
+
end
|
180
|
+
end
|
181
|
+
end
|
182
|
+
end
|
183
|
+
|
116
184
|
describe "concern substitution" do
|
117
185
|
|
118
186
|
let(:concern_dsl_data) { dsl_data.merge(:from_concern => true) }
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: apipie-rails
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.7.
|
4
|
+
version: 0.7.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Pavel Pokorny
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2022-
|
12
|
+
date: 2022-04-07 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: actionpack
|
@@ -164,7 +164,6 @@ files:
|
|
164
164
|
- ".rspec"
|
165
165
|
- APACHE-LICENSE-2.0
|
166
166
|
- CHANGELOG.md
|
167
|
-
- Gemfile
|
168
167
|
- MIT-LICENSE
|
169
168
|
- NOTICE
|
170
169
|
- PROPOSAL_FOR_RESPONSE_DESCRIPTIONS.md
|
@@ -357,7 +356,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
357
356
|
- !ruby/object:Gem::Version
|
358
357
|
version: '0'
|
359
358
|
requirements: []
|
360
|
-
rubygems_version: 3.
|
359
|
+
rubygems_version: 3.1.6
|
361
360
|
signing_key:
|
362
361
|
specification_version: 4
|
363
362
|
summary: Rails REST API documentation tool
|
data/Gemfile
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
./Gemfile.rails61
|