committee 1.0.6 → 1.0.7
Sign up to get free protection for your applications and to get access to all the features.
@@ -3,6 +3,7 @@ module Committee::Middleware
|
|
3
3
|
def initialize(app, options={})
|
4
4
|
super
|
5
5
|
@prefix = options[:prefix]
|
6
|
+
@strict = options[:strict]
|
6
7
|
|
7
8
|
# deprecated
|
8
9
|
@allow_extra = options[:allow_extra]
|
@@ -10,12 +11,19 @@ module Committee::Middleware
|
|
10
11
|
|
11
12
|
def call(env)
|
12
13
|
request = Rack::Request.new(env)
|
14
|
+
env[@params_key] = Committee::RequestUnpacker.new(request).call
|
13
15
|
if link = @router.routes_request?(request, prefix: @prefix)
|
14
16
|
validator = Committee::RequestValidator.new(link)
|
15
|
-
validator.call(request)
|
16
|
-
|
17
|
+
validator.call(request, env[@params_key])
|
18
|
+
@app.call(env)
|
19
|
+
else
|
20
|
+
if @strict
|
21
|
+
render_error(404, :not_found,
|
22
|
+
"That request method and path combination isn't defined.")
|
23
|
+
else
|
24
|
+
@app.call(env)
|
25
|
+
end
|
17
26
|
end
|
18
|
-
@app.call(env)
|
19
27
|
rescue Committee::BadRequest, Committee::InvalidRequest
|
20
28
|
render_error(400, :bad_request, $!.message)
|
21
29
|
rescue MultiJson::LoadError
|
@@ -1,16 +1,13 @@
|
|
1
1
|
module Committee
|
2
2
|
class RequestValidator
|
3
|
-
attr_accessor :data
|
4
|
-
|
5
3
|
def initialize(link, options = {})
|
6
4
|
@link = link
|
7
5
|
end
|
8
6
|
|
9
|
-
def call(request)
|
7
|
+
def call(request, data)
|
10
8
|
check_content_type!(request)
|
11
|
-
@data = Committee::RequestUnpacker.new(request).call
|
12
9
|
if @link.schema
|
13
|
-
valid, errors = @link.schema.validate(
|
10
|
+
valid, errors = @link.schema.validate(data)
|
14
11
|
if !valid
|
15
12
|
errors = JsonSchema::SchemaError.aggregate(errors).join("\n")
|
16
13
|
raise InvalidRequest, "Invalid request.\n\n#{errors}"
|
@@ -21,9 +18,11 @@ module Committee
|
|
21
18
|
private
|
22
19
|
|
23
20
|
def check_content_type!(request)
|
24
|
-
|
25
|
-
|
26
|
-
|
21
|
+
if request.content_type
|
22
|
+
unless Rack::Mime.match?(@link.enc_type, request.content_type)
|
23
|
+
raise Committee::InvalidRequest,
|
24
|
+
%{"Content-Type" request header must be set to "#{@link.enc_type}".}
|
25
|
+
end
|
27
26
|
end
|
28
27
|
end
|
29
28
|
end
|
@@ -57,6 +57,18 @@ describe Committee::Middleware::RequestValidation do
|
|
57
57
|
assert_equal 200, last_response.status
|
58
58
|
end
|
59
59
|
|
60
|
+
it "routes to paths not in schema" do
|
61
|
+
@app = new_rack_app
|
62
|
+
get "/not-a-resource"
|
63
|
+
assert_equal 200, last_response.status
|
64
|
+
end
|
65
|
+
|
66
|
+
it "doesn't route to paths not in schema when in strict mode" do
|
67
|
+
@app = new_rack_app(strict: true)
|
68
|
+
get "/not-a-resource"
|
69
|
+
assert_equal 404, last_response.status
|
70
|
+
end
|
71
|
+
|
60
72
|
private
|
61
73
|
|
62
74
|
def new_rack_app(options = {})
|
@@ -9,18 +9,23 @@ describe Committee::RequestValidator do
|
|
9
9
|
@schema.expand_references!
|
10
10
|
# POST /apps/:id
|
11
11
|
@link = @link = @schema.properties["app"].links[0]
|
12
|
+
@request = Rack::Request.new({
|
13
|
+
"CONTENT_TYPE" => "application/json",
|
14
|
+
})
|
12
15
|
end
|
13
16
|
|
14
17
|
it "passes through a valid request" do
|
15
|
-
|
18
|
+
data = {
|
16
19
|
"name" => "heroku-api",
|
17
20
|
}
|
18
|
-
call(
|
21
|
+
call(data)
|
19
22
|
end
|
20
23
|
|
21
24
|
it "detects an invalid request Content-Type" do
|
22
25
|
e = assert_raises(Committee::InvalidRequest) {
|
23
|
-
|
26
|
+
@request =
|
27
|
+
Rack::Request.new("CONTENT_TYPE" => "application/x-www-form-urlencoded")
|
28
|
+
call({})
|
24
29
|
}
|
25
30
|
message =
|
26
31
|
%{"Content-Type" request header must be set to "application/json".}
|
@@ -28,11 +33,11 @@ describe Committee::RequestValidator do
|
|
28
33
|
end
|
29
34
|
|
30
35
|
it "detects a parameter of the wrong pattern" do
|
31
|
-
|
36
|
+
data = {
|
32
37
|
"name" => "%@!"
|
33
38
|
}
|
34
39
|
e = assert_raises(Committee::InvalidRequest) do
|
35
|
-
call(
|
40
|
+
call(data)
|
36
41
|
end
|
37
42
|
message = %{Invalid request.\n\n#/name: failed schema #/definitions/app/links/0/schema/properties/name: Expected string to match pattern "/^[a-z][a-z0-9-]{3,30}$/", value was: %@!.}
|
38
43
|
assert_equal message, e.message
|
@@ -40,15 +45,7 @@ describe Committee::RequestValidator do
|
|
40
45
|
|
41
46
|
private
|
42
47
|
|
43
|
-
def call(
|
44
|
-
Committee::RequestValidator.new(@link).call(request)
|
45
|
-
end
|
46
|
-
|
47
|
-
def request(params)
|
48
|
-
env = {
|
49
|
-
"CONTENT_TYPE" => "application/json",
|
50
|
-
"rack.input" => StringIO.new(MultiJson.encode(params))
|
51
|
-
}
|
52
|
-
Rack::Request.new(env)
|
48
|
+
def call(data)
|
49
|
+
Committee::RequestValidator.new(@link).call(@request, data)
|
53
50
|
end
|
54
51
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: committee
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.7
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2014-05-
|
13
|
+
date: 2014-05-25 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: json_schema
|