committee 1.7.3 → 1.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 08d72b960842e3d882e0f819b9f8464d9a7932dc
-  data.tar.gz: 6c6a91b3a7abac8af97f9656772682657bd0ac14
+  metadata.gz: 173ee1ad63a2f3bbd80eb012363b1825186ccf0c
+  data.tar.gz: aada311d9d39946ba34e456cf63d3505ff22558d
 SHA512:
-  metadata.gz: 6d9a2d07de3c322de9095c4f60d5c23321ed732c587b78f6b8ce6a5d91be9142e57a186b7b1cda0fe7ae28be3c8667da136744da81c3674baa4b27d22d8a4081
-  data.tar.gz: b0776703f87405d4dd0f1b5b770e913820afe8ed6ea1da7cd73841c31e44cc805da9cfa9cdf3dd21ac9c41a1e1f89b2a7dc03a1365899a8f6783ed8e42405f37
+  metadata.gz: b7d52505a1d958dfd6181834f790a5567a1d6b1f13a8e81f56b4bd7ae60aa83030bb1af920a2ed6cc090fc235f3bd5d683619af072bd94e89be6094486852edf
+  data.tar.gz: 67952f61e059649f6a55d06d92d39e49ec4476f4ffa40ec0e9f0b27c0cb74115c3666268f4927b73f75fac200cbd753cb8d653ba4d238ec712d370ce79320bff

data/lib/committee/middleware/request_validation.rb

@@ -4,6 +4,7 @@ module Committee::Middleware
       super
       @allow_form_params  = options.fetch(:allow_form_params, true)
       @allow_query_params = options.fetch(:allow_query_params, true)
+      @check_content_type = options.fetch(:check_content_type, true)
       @optimistic_json    = options.fetch(:optimistic_json, false)
       @raise              = options[:raise]
       @strict             = options[:strict]
@@ -21,7 +22,7 @@ module Committee::Middleware
       ).call
 
       if link = @router.find_request_link(request)
-        validator = Committee::RequestValidator.new(link)
+        validator = Committee::RequestValidator.new(link, check_content_type: @check_content_type)
         validator.call(request, request.env[@params_key])
         @app.call(request.env)
       elsif @strict

data/lib/committee/request_unpacker.rb

@@ -14,7 +14,11 @@ module Committee
       params = if !@request.media_type || @request.media_type =~ %r{application/.*json}
         parse_json
       elsif @optimistic_json
-        parse_json rescue MultiJson::LoadError nil
+        begin
+          parse_json
+        rescue MultiJson::LoadError
+          nil
+        end
       end
 
       params = if params

data/lib/committee/request_validator.rb

@@ -2,10 +2,11 @@ module Committee
   class RequestValidator
     def initialize(link, options = {})
       @link = link
+      @check_content_type = options.fetch(:check_content_type, true)
     end
 
     def call(request, data)
-      check_content_type!(request, data)
+      check_content_type!(request, data) if @check_content_type
       if @link.schema
         valid, errors = @link.schema.validate(data)
         if !valid
@@ -17,9 +18,14 @@ module Committee
 
     private
 
+    def request_media_type(request)
+      request.content_type.to_s.split(";").first.to_s
+    end
+
     def check_content_type!(request, data)
-      if request.media_type && !empty_request?(request)
-        unless Rack::Mime.match?(request.media_type, @link.enc_type)
+      content_type = request_media_type(request)
+      if content_type && !empty_request?(request)
+        unless Rack::Mime.match?(content_type, @link.enc_type)
           raise Committee::InvalidRequest,
             %{"Content-Type" request header must be set to "#{@link.enc_type}".}
         end
@@ -28,7 +34,7 @@ module Committee
 
     def empty_request?(request)
       # small optimization: assume GET and DELETE don't have bodies
-      return true if request.get? || request.delete?
+      return true if request.get? || request.delete? || !request.body
 
       data = request.body.read
       request.body.rewind

data/lib/committee/response_validator.rb

@@ -45,9 +45,9 @@ module Committee
     end
 
     def check_content_type!(response)
-      unless Rack::Mime.match?(response_media_type(response), @link.enc_type)
+      unless Rack::Mime.match?(response_media_type(response), @link.media_type)
         raise Committee::InvalidResponse,
-          %{"Content-Type" response header must be set to "#{@link.enc_type}".}
+          %{"Content-Type" response header must be set to "#{@link.media_type}".}
       end
     end
   end

data/test/middleware/request_validation_test.rb

@@ -84,6 +84,16 @@ describe Committee::Middleware::RequestValidation do
     end
   end
 
+  it "optionally skip content_type check" do
+    @app = new_rack_app(check_content_type: false)
+    params = {
+      "name" => "cloudnasium"
+    }
+    header "Content-Type", "text/html"
+    post "/apps", MultiJson.encode(params)
+    assert_equal 200, last_response.status
+  end
+
   private
 
   def new_rack_app(options = {})

data/test/request_unpacker_test.rb

@@ -42,6 +42,16 @@ describe Committee::RequestUnpacker do
     assert_equal({ "x" => "y" }, params)
   end
 
+  it "returns {} when unpacking non-JSON with optimistic_json" do
+    env = {
+      "CONTENT_TYPE" => "application/x-www-form-urlencoded",
+      "rack.input"   => StringIO.new('x=y&foo=42'),
+    }
+    request = Rack::Request.new(env)
+    params = Committee::RequestUnpacker.new(request, optimistic_json: true).call
+    assert_equal({}, params)
+  end
+
   it "unpacks an empty hash on an empty request body" do
     env = {
       "CONTENT_TYPE" => "application/json",

data/test/request_validator_test.rb

@@ -16,6 +16,11 @@ describe Committee::RequestValidator do
     })
   end
 
+  it "passes through a valid request with Content-Type options" do
+    @headers = { "Content-Type" => "application/json; charset=utf-8" }
+    call({})
+  end
+
   it "passes through a valid request" do
     data = {
       "name" => "heroku-api",
@@ -49,6 +54,15 @@ describe Committee::RequestValidator do
     assert_equal message, e.message
   end
 
+  it "allows skipping content_type check" do
+    @request =
+      Rack::Request.new({
+        "CONTENT_TYPE" => "application/x-www-form-urlencoded",
+        "rack.input"   => StringIO.new("{}"),
+      })
+    call({}, check_content_type: false)
+  end
+
   it "detects an missing parameter in GET requests" do
     # GET /apps/search?query=...
     @link = @link = @schema.properties["app"].links[5]
@@ -83,7 +97,7 @@ describe Committee::RequestValidator do
 
   private
 
-  def call(data)
-    Committee::RequestValidator.new(@link).call(@request, data)
+  def call(data, options={})
+    Committee::RequestValidator.new(@link, options).call(@request, data)
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: committee
 version: !ruby/object:Gem::Version
-  version: 1.7.3
+  version: 1.8.0
 platform: ruby
 authors:
 - Brandur
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-04-13 00:00:00.000000000 Z
+date: 2015-07-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json_schema
@@ -161,9 +161,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.4.5
 signing_key: 
 specification_version: 4
 summary: A collection of Rack middleware to support JSON Schema.
 test_files: []
-has_rdoc: