committee 2.5.1 → 3.0.0.alpha

data/lib/committee/middleware/response_validation.rb

@@ -1,32 +1,18 @@
 module Committee::Middleware
   class ResponseValidation < Base
-    attr_reader :validate_success_only
+    attr_reader :validate_errors
 
     def initialize(app, options = {})
       super
-      @validate_success_only = options.fetch(:validate_success_only, true)
-
-      unless options[:validate_errors].nil?
-        @validate_success_only = !options[:validate_errors]
-        Committee.warn_deprecated("Committee: validate_errors option is deprecated; " \
-        "please use validate_success_only=#{@validate_success_only}.")
-      end
-
+      @validate_errors = options[:validate_errors]
       @error_handler = options[:error_handler]
     end
 
     def handle(request)
       status, headers, response = @app.call(request.env)
 
-      link, _ = @router.find_request_link(request)
-      if validate?(status) && link
-        full_body = ""
-        response.each do |chunk|
-          full_body << chunk
-        end
-        data = full_body.empty? ? {} : JSON.parse(full_body)
-        Committee::ResponseValidator.new(link, validate_success_only: validate_success_only).call(status, headers, data)
-      end
+      v = build_schema_validator(request)
+      v.response_validate(status, headers, response) if v.link_exist? && validate?(status)
 
       [status, headers, response]
     rescue Committee::InvalidResponse
@@ -40,7 +26,7 @@ module Committee::Middleware
     end
 
     def validate?(status)
-      Committee::ResponseValidator.validate?(status, validate_success_only: validate_success_only)
+      status != 204 and validate_errors || (200...300).include?(status)
     end
   end
 end

data/lib/committee/middleware/stub.rb

@@ -1,3 +1,5 @@
+# Don't Support OpenAPI3
+
 module Committee::Middleware
   class Stub < Base
     def initialize(app, options={})
@@ -12,6 +14,8 @@ module Committee::Middleware
       @cache = options[:cache]
 
       @call = options[:call]
+
+      raise Committee::NotSupportOpenAPI3.new("OpenAPI3 not support stub") unless @schema.support_stub?
     end
 
     def handle(request)
@@ -20,7 +24,7 @@ module Committee::Middleware
         headers = { "Content-Type" => "application/json" }
 
         data, schema = cache(link) do
-          Committee::ResponseGenerator.new.call(link)
+          Committee::SchemaValidator::HyperSchema::ResponseGenerator.new.call(link)
         end
 
         if @call

data/lib/committee/parameter_coercer.rb

@@ -1,3 +1,4 @@
+# TODO: Support OpenAPI3
 module Committee
   class ParameterCoercer
     def initialize(params, schema, options = {})

data/lib/committee/request_unpacker.rb

@@ -7,8 +7,7 @@ module Committee
       @allow_query_params = options[:allow_query_params]
       @coerce_form_params = options[:coerce_form_params]
       @optimistic_json    = options[:optimistic_json]
-      @coerce_recursive   = options[:coerce_recursive]
-      @schema             = options[:schema]
+      @schema_validator   = options[:schema_validator]
     end
 
     def call
@@ -31,9 +30,7 @@ module Committee
         # PUT or PATCH too. Silly Rack.
         p = @request.POST
 
-        if @coerce_form_params && @schema
-          Committee::StringParamsCoercer.new(p, @schema, coerce_recursive: @coerce_recursive).call!
-        end
+        @schema_validator.coerce_form_params(p) if @coerce_form_params
 
         p
       else

data/lib/committee/schema_validator/hyper_schema.rb

@@ -0,0 +1,92 @@
+class Committee::SchemaValidator
+  class HyperSchema
+    attr_reader :link, :param_matches, :validator_option
+
+    def initialize(router, request, validator_option)
+      @link, @param_matches = router.find_request_link(request)
+      @validator_option = validator_option
+    end
+
+    def request_validate(request)
+      # Attempts to coerce parameters that appear in a link's URL to Ruby
+      # types that can be validated with a schema.
+      param_matches_hash = validator_option.coerce_path_params ? coerce_path_params : {}
+
+      # Attempts to coerce parameters that appear in a query string to Ruby
+      # types that can be validated with a schema.
+      coerce_query_params(request) if validator_option.coerce_query_params
+
+      request_unpack(request)
+
+      request.env[validator_option.params_key].merge!(param_matches_hash) if param_matches_hash
+
+      request_schema_validation(request)
+      parameter_coerce!(request, link, validator_option.params_key)
+      parameter_coerce!(request, link, "rack.request.query_hash") if link_exist? && !request.GET.nil? && !link.schema.nil?
+    end
+
+    def response_validate(status, headers, response)
+      return unless link_exist?
+
+      full_body = ""
+      response.each do |chunk|
+        full_body << chunk
+      end
+      data = JSON.parse(full_body)
+      Committee::SchemaValidator::HyperSchema::ResponseValidator.new(link, validate_errors: validator_option.validate_errors).call(status, headers, data)
+    end
+
+    def link_exist?
+      !link.nil?
+    end
+
+    def coerce_form_params(parameter)
+      return unless link.schema
+      Committee::SchemaValidator::HyperSchema::StringParamsCoercer.new(parameter, link.schema).call!
+    end
+
+    private
+
+      def coerce_path_params
+        return unless link_exist?
+
+        Committee::SchemaValidator::HyperSchema::StringParamsCoercer.new(param_matches, link.schema, coerce_recursive: validator_option.coerce_recursive).call!
+        param_matches
+      end
+
+      def coerce_query_params(request)
+        return unless link_exist?
+        return if request.GET.nil? || link.schema.nil?
+
+        Committee::SchemaValidator::HyperSchema::StringParamsCoercer.new(request.GET, link.schema, coerce_recursive: validator_option.coerce_recursive).call!
+      end
+
+      def request_unpack(request)
+        request.env[validator_option.params_key], request.env[validator_option.headers_key] = Committee::RequestUnpacker.new(
+            request,
+            allow_form_params:  validator_option.allow_form_params,
+            allow_query_params: validator_option.allow_query_params,
+            coerce_form_params: validator_option.coerce_form_params,
+            optimistic_json:    validator_option.optimistic_json,
+            schema_validator:   self
+        ).call
+      end
+
+      def request_schema_validation(request)
+        return unless link_exist?
+        validator = Committee::SchemaValidator::HyperSchema::RequestValidator.new(link, check_content_type: validator_option.check_content_type, check_header: validator_option.check_header)
+        validator.call(request, request.env[validator_option.params_key], request.env[validator_option.headers_key])
+      end
+
+      def parameter_coerce!(request, link, coerce_key)
+        return unless link_exist?
+
+        Committee::ParameterCoercer.
+            new(request.env[coerce_key],
+                link.schema,
+                coerce_date_times: validator_option.coerce_date_times,
+                coerce_recursive: validator_option.coerce_recursive).
+            call!
+      end
+  end
+end

data/lib/committee/{request_validator.rb → schema_validator/hyper_schema/request_validator.rb}

@@ -1,5 +1,5 @@
 module Committee
-  class RequestValidator
+  class SchemaValidator::HyperSchema::RequestValidator
     def initialize(link, options = {})
       @link = link
       @check_content_type = options.fetch(:check_content_type, true)

data/lib/committee/{response_generator.rb → schema_validator/hyper_schema/response_generator.rb}

@@ -1,5 +1,5 @@
 module Committee
-  class ResponseGenerator
+  class SchemaValidator::HyperSchema::ResponseGenerator
     def call(link)
       schema = target_schema(link)
       data = generate_properties(link, schema)

data/lib/committee/{response_validator.rb → schema_validator/hyper_schema/response_validator.rb}

@@ -1,18 +1,18 @@
 module Committee
-  class ResponseValidator
-    attr_reader :validate_success_only
+  class SchemaValidator::HyperSchema::ResponseValidator
+    attr_reader :validate_errors
 
     def initialize(link, options = {})
       @link = link
-      @validate_success_only = options[:validate_success_only]
+      @validate_errors = options[:validate_errors]
 
       @validator = JsonSchema::Validator.new(target_schema(link))
     end
 
     def self.validate?(status, options = {})
-      validate_success_only = options[:validate_success_only]
+      validate_errors = options[:validate_errors]
 
-      status != 204 and !validate_success_only || (200...300).include?(status)
+      status != 204 and validate_errors || (200...300).include?(status)
     end
 
     def call(status, headers, data)
@@ -41,7 +41,7 @@ module Committee
         return if data == nil
       end
 
-      if self.class.validate?(status, validate_success_only: validate_success_only) && !@validator.validate(data)
+      if self.class.validate?(status, validate_errors: validate_errors) && !@validator.validate(data)
         errors = JsonSchema::SchemaError.aggregate(@validator.errors).join("\n")
         raise InvalidResponse, "Invalid response.\n\n#{errors}"
       end

data/lib/committee/{router.rb → schema_validator/hyper_schema/router.rb}

@@ -1,9 +1,11 @@
 module Committee
-  class Router
-    def initialize(schema, options = {})
-      @prefix = options[:prefix]
+  class SchemaValidator::HyperSchema::Router
+    def initialize(schema, validator_option)
+      @prefix = validator_option.prefix
       @prefix_regexp = /\A#{Regexp.escape(@prefix)}/.freeze if @prefix
       @schema = schema
+
+      @validator_option = validator_option
     end
 
     def includes?(path)
@@ -23,12 +25,16 @@ module Committee
         else
           nil
         end
-      end.compact.sort_by(&:first).first
+      end.compact.sort.first
       link_with_matches.nil? ? nil : link_with_matches.slice(1, 2)
     end
 
     def find_request_link(request)
       find_link(request.request_method, request.path_info)
     end
+
+    def build_schema_validator(request)
+      Committee::SchemaValidator::HyperSchema.new(self, request, @validator_option)
+    end
   end
 end

data/lib/committee/{string_params_coercer.rb → schema_validator/hyper_schema/string_params_coercer.rb}

@@ -9,7 +9,7 @@ module Committee
   # +call+ returns a hash of all params which could be coerced - coercion
   # errors are simply ignored and expected to be handled later by schema
   # validation.
-  class StringParamsCoercer
+  class SchemaValidator::HyperSchema::StringParamsCoercer
     def initialize(query_hash, schema, options = {})
       @query_hash = query_hash
       @schema = schema

data/lib/committee/schema_validator/open_api_3.rb

@@ -0,0 +1,67 @@
+class Committee::SchemaValidator
+  class OpenAPI3
+    def initialize(router, request, validator_option)
+      @router = router
+      @request = request
+      @operation_object = router.operation_object(request)
+      @validator_option = validator_option
+    end
+
+    def request_validate(request)
+      path_params = validator_option.coerce_path_params ? coerce_path_params : {}
+      # coerce_query_params(request) if validator_option.coerce_query_params
+
+      request_unpack(request)
+
+      request.env[validator_option.params_key]&.merge!(path_params) unless path_params.empty?
+
+      request_schema_validation(request)
+
+      @operation_object&.coerce_request_parameter(request.env["rack.request.query_hash"], validator_option) if !request.GET.nil? && !request.env["rack.request.query_hash"].empty?
+    end
+
+    def response_validate(status, headers, response)
+      full_body = ""
+      response.each do |chunk|
+        full_body << chunk
+      end
+      data = JSON.parse(full_body)
+      Committee::SchemaValidator::OpenAPI3::ResponseValidator.new(@operation_object, validator_option).call(status, headers, data)
+    end
+
+    def link_exist?
+      !@operation_object.nil?
+    end
+
+    def coerce_form_params(_parameter)
+      # nothing because when request_schema_validation, check and coerce
+    end
+
+    private
+
+    attr_reader :validator_option
+
+    def coerce_path_params
+      return {} unless link_exist?
+      @operation_object.coerce_path_parameter(@validator_option)
+    end
+
+    def request_schema_validation(request)
+      return unless @operation_object
+
+      validator = Committee::SchemaValidator::OpenAPI3::RequestValidator.new(@operation_object, validator_option: validator_option)
+      validator.call(request, request.env[validator_option.params_key], request.env[validator_option.headers_key])
+    end
+
+    def request_unpack(request)
+      request.env[validator_option.params_key], request.env[validator_option.headers_key] = Committee::RequestUnpacker.new(
+          request,
+          allow_form_params:  validator_option.allow_form_params,
+          allow_query_params: validator_option.allow_query_params,
+          coerce_form_params: validator_option.coerce_form_params,
+          optimistic_json:    validator_option.optimistic_json,
+          schema_validator:   self
+      ).call
+    end
+  end
+end

data/lib/committee/schema_validator/open_api_3/operation_wrapper.rb

@@ -0,0 +1,98 @@
+module Committee
+  class SchemaValidator::OpenAPI3::OperationWrapper
+    # # @param request_operation [OpenAPIParser::RequestOperation]
+    def initialize(request_operation)
+      @request_operation = request_operation
+    end
+
+    def path_params
+      request_operation.path_params
+    end
+
+    def original_path
+      request_operation.original_path
+    end
+
+    def coerce_path_parameter(validator_option)
+      options = build_openapi_parser_path_option(validator_option)
+      return {} unless options.coerce_value
+
+      request_operation.validate_path_params(options)
+    end
+
+    def coerce_request_parameter(params, validator_option)
+      options = build_openapi_parser_get_option(validator_option)
+      return unless options.coerce_value
+
+      request_operation.validate_request_parameter(params, options)
+    end
+
+    def validate_response_params(status_code, content_type, params)
+      return request_operation.validate_response_body(status_code, content_type, params)
+    rescue OpenAPIParser::OpenAPIError => e
+      raise Committee::InvalidRequest.new(e.message)
+    end
+
+    def validate_request_params(params, validator_option)
+      ret, err = case request_operation.http_method
+            when 'get'
+              validate_get_request_params(params, validator_option)
+            when 'post'
+              validate_post_request_params(params, validator_option)
+            when 'put'
+              validate_post_request_params(params, validator_option)
+            when 'patch'
+              validate_post_request_params(params, validator_option)
+            when 'delete'
+              validate_get_request_params(params, validator_option)
+            else
+              raise "Committee OpenAPI3 not support #{request_operation.http_method} method"
+            end
+      raise err if err
+      ret
+    end
+
+    private
+
+    attr_reader :request_operation
+
+    # @!attribute [r] request_operation
+    #   @return [OpenAPIParser::RequestOperation]
+    
+    # @return [OpenAPIParser::SchemaValidator::Options]
+    def build_openapi_parser_path_option(validator_option)
+      coerce_value = validator_option.coerce_path_params
+      datetime_coerce_class = validator_option.coerce_date_times ? DateTime : nil
+      OpenAPIParser::SchemaValidator::Options.new(coerce_value: coerce_value,datetime_coerce_class: datetime_coerce_class)
+    end
+
+    # @return [OpenAPIParser::SchemaValidator::Options]
+    def build_openapi_parser_post_option(validator_option)
+      coerce_value = validator_option.coerce_form_params
+      datetime_coerce_class = validator_option.coerce_date_times ? DateTime : nil
+      OpenAPIParser::SchemaValidator::Options.new(coerce_value: coerce_value,datetime_coerce_class: datetime_coerce_class)
+    end
+
+    # @return [OpenAPIParser::SchemaValidator::Options]
+    def build_openapi_parser_get_option(validator_option)
+      coerce_value = validator_option.coerce_query_params
+      datetime_coerce_class = validator_option.coerce_date_times ? DateTime : nil
+      OpenAPIParser::SchemaValidator::Options.new(coerce_value: coerce_value,datetime_coerce_class: datetime_coerce_class)
+    end
+
+    def validate_get_request_params(params, validator_option)
+      # bad performance because when we coerce value, same check
+      request_operation.validate_request_parameter(params, build_openapi_parser_get_option(validator_option))
+    rescue OpenAPIParser::OpenAPIError => e
+      raise Committee::InvalidRequest.new(e.message)
+    end
+
+    def validate_post_request_params(params, validator_option)
+      # bad performance because when we coerce value, same check
+      # TODO: support other content type
+        return request_operation.validate_request_body('application/json', params, build_openapi_parser_post_option(validator_option))
+    rescue => e
+      raise Committee::InvalidRequest.new(e.message)
+    end
+  end
+end