committee 3.3.0 → 4.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/committee.rb +2 -3
- data/lib/committee/drivers.rb +5 -5
- data/lib/committee/errors.rb +12 -0
- data/lib/committee/middleware/request_validation.rb +4 -8
- data/lib/committee/middleware/response_validation.rb +3 -7
- data/lib/committee/request_unpacker.rb +1 -1
- data/lib/committee/schema_validator/hyper_schema.rb +8 -1
- data/lib/committee/schema_validator/open_api_3.rb +8 -1
- data/lib/committee/schema_validator/open_api_3/operation_wrapper.rb +8 -4
- data/lib/committee/schema_validator/open_api_3/router.rb +3 -1
- data/lib/committee/schema_validator/option.rb +8 -1
- data/lib/committee/test/methods.rb +17 -8
- data/lib/committee/test/schema_coverage.rb +101 -0
- data/lib/committee/validation_error.rb +3 -2
- data/test/bin/committee_stub_test.rb +5 -1
- data/test/committee_test.rb +1 -1
- data/test/middleware/base_test.rb +9 -3
- data/test/middleware/request_validation_open_api_3_test.rb +24 -6
- data/test/middleware/request_validation_test.rb +7 -1
- data/test/middleware/response_validation_open_api_3_test.rb +48 -2
- data/test/middleware/response_validation_test.rb +7 -1
- data/test/middleware/stub_test.rb +4 -0
- data/test/request_unpacker_test.rb +32 -3
- data/test/schema_validator/hyper_schema/router_test.rb +4 -0
- data/test/schema_validator/open_api_3/operation_wrapper_test.rb +15 -7
- data/test/schema_validator/open_api_3/request_validator_test.rb +3 -0
- data/test/schema_validator/open_api_3/response_validator_test.rb +12 -5
- data/test/test/methods_new_version_test.rb +3 -0
- data/test/test/methods_test.rb +145 -3
- data/test/test/schema_coverage_test.rb +216 -0
- data/test/test_helper.rb +9 -1
- metadata +8 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 19c70ee2e436755ddf7b0b59b213ab7c00b60e67ce52520b956b889121b24e4c
|
4
|
+
data.tar.gz: 06066adc6056231938d36d93a98c5d7318d9c1ff367784265d66c0eb271fb7b6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bfbcc7aa85c676291125ed16b20badadda3eb8d895b6834cdc884602345c6ed3a052ecbdd381615b8bbca49815d884407cf8cc2f8cbbe05702593b5cc171f568
|
7
|
+
data.tar.gz: cc454350c3d04969ad3f24c1922b887a6e319cea4f0a869b647ef439dbc9f5f83f3922bde82abdeb0994a540e53d5e68345e76d7291b408e42cd2f5a4df9eec1
|
data/lib/committee.rb
CHANGED
@@ -16,9 +16,7 @@ module Committee
|
|
16
16
|
end
|
17
17
|
|
18
18
|
def self.warn_deprecated(message)
|
19
|
-
|
20
|
-
$stderr.puts(message)
|
21
|
-
end
|
19
|
+
warn("[DEPRECATION] #{message}")
|
22
20
|
end
|
23
21
|
end
|
24
22
|
|
@@ -31,3 +29,4 @@ require_relative "committee/validation_error"
|
|
31
29
|
|
32
30
|
require_relative "committee/bin/committee_stub"
|
33
31
|
require_relative "committee/test/methods"
|
32
|
+
require_relative "committee/test/schema_coverage"
|
data/lib/committee/drivers.rb
CHANGED
@@ -21,14 +21,14 @@ module Committee
|
|
21
21
|
# @param [String] schema_path
|
22
22
|
# @return [Committee::Driver]
|
23
23
|
def self.load_from_json(schema_path)
|
24
|
-
load_from_data(JSON.parse(File.read(schema_path)))
|
24
|
+
load_from_data(JSON.parse(File.read(schema_path)), schema_path)
|
25
25
|
end
|
26
26
|
|
27
27
|
# load and build drive from YAML file
|
28
28
|
# @param [String] schema_path
|
29
29
|
# @return [Committee::Driver]
|
30
30
|
def self.load_from_yaml(schema_path)
|
31
|
-
load_from_data(YAML.load_file(schema_path))
|
31
|
+
load_from_data(YAML.load_file(schema_path), schema_path)
|
32
32
|
end
|
33
33
|
|
34
34
|
# load and build drive from file
|
@@ -48,10 +48,10 @@ module Committee
|
|
48
48
|
# load and build drive from Hash object
|
49
49
|
# @param [Hash] hash
|
50
50
|
# @return [Committee::Driver]
|
51
|
-
def self.load_from_data(hash)
|
51
|
+
def self.load_from_data(hash, schema_path = nil)
|
52
52
|
if hash['openapi']&.start_with?('3.0.')
|
53
|
-
|
54
|
-
return Committee::Drivers::OpenAPI3::Driver.new.parse(
|
53
|
+
openapi = OpenAPIParser.parse_with_filepath(hash, schema_path)
|
54
|
+
return Committee::Drivers::OpenAPI3::Driver.new.parse(openapi)
|
55
55
|
end
|
56
56
|
|
57
57
|
driver = if hash['swagger'] == '2.0'
|
data/lib/committee/errors.rb
CHANGED
@@ -8,9 +8,21 @@ module Committee
|
|
8
8
|
end
|
9
9
|
|
10
10
|
class InvalidRequest < Error
|
11
|
+
attr_reader :original_error
|
12
|
+
|
13
|
+
def initialize(error_message=nil, original_error: nil)
|
14
|
+
@original_error = original_error
|
15
|
+
super(error_message)
|
16
|
+
end
|
11
17
|
end
|
12
18
|
|
13
19
|
class InvalidResponse < Error
|
20
|
+
attr_reader :original_error
|
21
|
+
|
22
|
+
def initialize(error_message=nil, original_error: nil)
|
23
|
+
@original_error = original_error
|
24
|
+
super(error_message)
|
25
|
+
end
|
14
26
|
end
|
15
27
|
|
16
28
|
class NotFound < Error
|
@@ -21,14 +21,14 @@ module Committee
|
|
21
21
|
rescue Committee::BadRequest, Committee::InvalidRequest
|
22
22
|
handle_exception($!, request.env)
|
23
23
|
raise if @raise
|
24
|
-
return @error_class.new(400, :bad_request, $!.message).render unless @ignore_error
|
24
|
+
return @error_class.new(400, :bad_request, $!.message, request).render unless @ignore_error
|
25
25
|
rescue Committee::NotFound => e
|
26
26
|
raise if @raise
|
27
|
-
return @error_class.new(404, :not_found, e.message).render unless @ignore_error
|
27
|
+
return @error_class.new(404, :not_found, e.message, request).render unless @ignore_error
|
28
28
|
rescue JSON::ParserError
|
29
29
|
handle_exception($!, request.env)
|
30
30
|
raise Committee::InvalidRequest if @raise
|
31
|
-
return @error_class.new(400, :bad_request, "Request body wasn't valid JSON.").render unless @ignore_error
|
31
|
+
return @error_class.new(400, :bad_request, "Request body wasn't valid JSON.", request).render unless @ignore_error
|
32
32
|
end
|
33
33
|
|
34
34
|
@app.call(request.env)
|
@@ -42,11 +42,7 @@ module Committee
|
|
42
42
|
if @error_handler.arity > 1
|
43
43
|
@error_handler.call(e, env)
|
44
44
|
else
|
45
|
-
|
46
|
-
[DEPRECATION] Using `error_handler.call(exception)` is deprecated and will be change to
|
47
|
-
`error_handler.call(exception, request.env)` in next major version.
|
48
|
-
MESSAGE
|
49
|
-
|
45
|
+
Committee.warn_deprecated('Using `error_handler.call(exception)` is deprecated and will be change to `error_handler.call(exception, request.env)` in next major version.')
|
50
46
|
@error_handler.call(e)
|
51
47
|
end
|
52
48
|
end
|
@@ -11,9 +11,9 @@ module Committee
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def handle(request)
|
14
|
-
|
15
|
-
status, headers, response = @app.call(request.env)
|
14
|
+
status, headers, response = @app.call(request.env)
|
16
15
|
|
16
|
+
begin
|
17
17
|
v = build_schema_validator(request)
|
18
18
|
v.response_validate(status, headers, response) if v.link_exist? && self.class.validate?(status, validate_success_only)
|
19
19
|
|
@@ -46,11 +46,7 @@ module Committee
|
|
46
46
|
if @error_handler.arity > 1
|
47
47
|
@error_handler.call(e, env)
|
48
48
|
else
|
49
|
-
|
50
|
-
[DEPRECATION] Using `error_handler.call(exception)` is deprecated and will be change to
|
51
|
-
`error_handler.call(exception, request.env)` in next major version.
|
52
|
-
MESSAGE
|
53
|
-
|
49
|
+
Committee.warn_deprecated('Using `error_handler.call(exception)` is deprecated and will be change to `error_handler.call(exception, request.env)` in next major version.')
|
54
50
|
@error_handler.call(e)
|
55
51
|
end
|
56
52
|
end
|
@@ -16,7 +16,7 @@ module Committee
|
|
16
16
|
def call
|
17
17
|
# if Content-Type is empty or JSON, and there was a request body, try to
|
18
18
|
# interpret it as JSON
|
19
|
-
params = if !@request.media_type || @request.media_type =~ %r{application
|
19
|
+
params = if !@request.media_type || @request.media_type =~ %r{application/(?:.*\+)?json}
|
20
20
|
parse_json
|
21
21
|
elsif @optimistic_json
|
22
22
|
begin
|
@@ -35,7 +35,14 @@ module Committee
|
|
35
35
|
response.each do |chunk|
|
36
36
|
full_body << chunk
|
37
37
|
end
|
38
|
-
|
38
|
+
|
39
|
+
data = {}
|
40
|
+
unless full_body.empty?
|
41
|
+
parse_to_json = !validator_option.parse_response_by_content_type ||
|
42
|
+
headers.fetch('Content-Type', nil)&.start_with?('application/json')
|
43
|
+
data = JSON.parse(full_body) if parse_to_json
|
44
|
+
end
|
45
|
+
|
39
46
|
Committee::SchemaValidator::HyperSchema::ResponseValidator.new(link, validate_success_only: validator_option.validate_success_only).call(status, headers, data)
|
40
47
|
end
|
41
48
|
|
@@ -30,7 +30,14 @@ module Committee
|
|
30
30
|
response.each do |chunk|
|
31
31
|
full_body << chunk
|
32
32
|
end
|
33
|
-
|
33
|
+
|
34
|
+
parse_to_json = !validator_option.parse_response_by_content_type ||
|
35
|
+
headers.fetch('Content-Type', nil)&.start_with?('application/json')
|
36
|
+
data = if parse_to_json
|
37
|
+
full_body.empty? ? {} : JSON.parse(full_body)
|
38
|
+
else
|
39
|
+
full_body
|
40
|
+
end
|
34
41
|
|
35
42
|
strict = test_method
|
36
43
|
Committee::SchemaValidator::OpenAPI3::ResponseValidator.
|
@@ -17,13 +17,17 @@ module Committee
|
|
17
17
|
request_operation.original_path
|
18
18
|
end
|
19
19
|
|
20
|
+
def http_method
|
21
|
+
request_operation.http_method
|
22
|
+
end
|
23
|
+
|
20
24
|
def coerce_path_parameter(validator_option)
|
21
25
|
options = build_openapi_parser_path_option(validator_option)
|
22
26
|
return {} unless options.coerce_value
|
23
27
|
|
24
28
|
request_operation.validate_path_params(options)
|
25
29
|
rescue OpenAPIParser::OpenAPIError => e
|
26
|
-
raise Committee::InvalidRequest.new(e.message)
|
30
|
+
raise Committee::InvalidRequest.new(e.message, original_error: e)
|
27
31
|
end
|
28
32
|
|
29
33
|
# @param [Boolean] strict when not content_type or status code definition, raise error
|
@@ -32,7 +36,7 @@ module Committee
|
|
32
36
|
|
33
37
|
return request_operation.validate_response_body(response_body, response_validate_options(strict, check_header))
|
34
38
|
rescue OpenAPIParser::OpenAPIError => e
|
35
|
-
raise Committee::InvalidResponse.new(e.message)
|
39
|
+
raise Committee::InvalidResponse.new(e.message, original_error: e)
|
36
40
|
end
|
37
41
|
|
38
42
|
def validate_request_params(params, headers, validator_option)
|
@@ -109,7 +113,7 @@ module Committee
|
|
109
113
|
# bad performance because when we coerce value, same check
|
110
114
|
request_operation.validate_request_parameter(params, headers, build_openapi_parser_get_option(validator_option))
|
111
115
|
rescue OpenAPIParser::OpenAPIError => e
|
112
|
-
raise Committee::InvalidRequest.new(e.message)
|
116
|
+
raise Committee::InvalidRequest.new(e.message, original_error: e)
|
113
117
|
end
|
114
118
|
|
115
119
|
def validate_post_request_params(params, headers, validator_option)
|
@@ -120,7 +124,7 @@ module Committee
|
|
120
124
|
request_operation.validate_request_parameter(params, headers, schema_validator_options)
|
121
125
|
request_operation.validate_request_body(content_type, params, schema_validator_options)
|
122
126
|
rescue => e
|
123
|
-
raise Committee::InvalidRequest.new(e.message)
|
127
|
+
raise Committee::InvalidRequest.new(e.message, original_error: e)
|
124
128
|
end
|
125
129
|
|
126
130
|
def response_validate_options(strict, check_header)
|
@@ -22,8 +22,10 @@ module Committee
|
|
22
22
|
end
|
23
23
|
|
24
24
|
def operation_object(request)
|
25
|
+
return nil unless includes_request?(request)
|
26
|
+
|
25
27
|
path = request.path
|
26
|
-
path = path.gsub(@prefix_regexp, '') if
|
28
|
+
path = path.gsub(@prefix_regexp, '') if @prefix_regexp
|
27
29
|
|
28
30
|
request_method = request.request_method.downcase
|
29
31
|
|
@@ -15,7 +15,8 @@ module Committee
|
|
15
15
|
:coerce_query_params,
|
16
16
|
:coerce_recursive,
|
17
17
|
:optimistic_json,
|
18
|
-
:validate_success_only
|
18
|
+
:validate_success_only,
|
19
|
+
:parse_response_by_content_type
|
19
20
|
|
20
21
|
# Non-boolean options:
|
21
22
|
attr_reader :headers_key,
|
@@ -35,6 +36,12 @@ module Committee
|
|
35
36
|
@check_header = options.fetch(:check_header, true)
|
36
37
|
@coerce_recursive = options.fetch(:coerce_recursive, true)
|
37
38
|
@optimistic_json = options.fetch(:optimistic_json, false)
|
39
|
+
@parse_response_by_content_type = if options[:parse_response_by_content_type].nil?
|
40
|
+
Committee.warn_deprecated('Committee: please set parse_response_by_content_type = false because we\'ll change default value in next major version.')
|
41
|
+
false
|
42
|
+
else
|
43
|
+
options.fetch(:parse_response_by_content_type)
|
44
|
+
end
|
38
45
|
|
39
46
|
# Boolean options and have a different value by default
|
40
47
|
@allow_get_body = options.fetch(:allow_get_body, schema.driver.default_allow_get_body)
|
@@ -10,7 +10,7 @@ module Committee
|
|
10
10
|
|
11
11
|
def assert_request_schema_confirm
|
12
12
|
unless schema_validator.link_exist?
|
13
|
-
request = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema."
|
13
|
+
request = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema (prefix: #{committee_options[:prefix].inspect})."
|
14
14
|
raise Committee::InvalidRequest.new(request)
|
15
15
|
end
|
16
16
|
|
@@ -19,11 +19,17 @@ module Committee
|
|
19
19
|
|
20
20
|
def assert_response_schema_confirm
|
21
21
|
unless schema_validator.link_exist?
|
22
|
-
response = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema."
|
22
|
+
response = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema (prefix: #{committee_options[:prefix].inspect})."
|
23
23
|
raise Committee::InvalidResponse.new(response)
|
24
24
|
end
|
25
25
|
|
26
26
|
status, headers, body = response_data
|
27
|
+
|
28
|
+
if schema_coverage
|
29
|
+
operation_object = router.operation_object(request_object)
|
30
|
+
schema_coverage&.update_response_coverage!(operation_object.original_path, operation_object.http_method, status)
|
31
|
+
end
|
32
|
+
|
27
33
|
schema_validator.response_validate(status, headers, [body], true) if validate_response?(status)
|
28
34
|
end
|
29
35
|
|
@@ -55,15 +61,18 @@ module Committee
|
|
55
61
|
@schema_validator ||= router.build_schema_validator(request_object)
|
56
62
|
end
|
57
63
|
|
64
|
+
def schema_coverage
|
65
|
+
return nil unless schema.is_a?(Committee::Drivers::OpenAPI3::Schema)
|
66
|
+
|
67
|
+
coverage = committee_options.fetch(:schema_coverage, nil)
|
68
|
+
|
69
|
+
coverage.is_a?(SchemaCoverage) ? coverage : nil
|
70
|
+
end
|
71
|
+
|
58
72
|
def old_behavior
|
59
73
|
old_assert_behavior = committee_options.fetch(:old_assert_behavior, nil)
|
60
74
|
if old_assert_behavior.nil?
|
61
|
-
|
62
|
-
[DEPRECATION] now assert_schema_conform check response schema only.
|
63
|
-
but we will change check request and response in future major version.
|
64
|
-
so if you want to conform response only, please use assert_response_schema_confirm,
|
65
|
-
or you can suppress this message and keep old behavior by setting old_assert_behavior=true.
|
66
|
-
MSG
|
75
|
+
Committee.warn_deprecated('Now assert_schema_conform check response schema only. but we will change check request and response in future major version. so if you want to conform response only, please use assert_response_schema_confirm, or you can suppress this message and keep old behavior by setting old_assert_behavior=true.')
|
67
76
|
old_assert_behavior = true
|
68
77
|
end
|
69
78
|
old_assert_behavior
|
@@ -0,0 +1,101 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Committee
|
4
|
+
module Test
|
5
|
+
class SchemaCoverage
|
6
|
+
attr_reader :schema
|
7
|
+
|
8
|
+
class << self
|
9
|
+
def merge_report(first, second)
|
10
|
+
report = first.dup
|
11
|
+
second.each do |k, v|
|
12
|
+
if v.is_a?(Hash)
|
13
|
+
if report[k].nil?
|
14
|
+
report[k] = v
|
15
|
+
else
|
16
|
+
report[k] = merge_report(report[k], v)
|
17
|
+
end
|
18
|
+
else
|
19
|
+
report[k] ||= v
|
20
|
+
end
|
21
|
+
end
|
22
|
+
report
|
23
|
+
end
|
24
|
+
|
25
|
+
def flatten_report(report)
|
26
|
+
responses = []
|
27
|
+
report.each do |path_name, path_coverage|
|
28
|
+
path_coverage.each do |method, method_coverage|
|
29
|
+
responses_coverage = method_coverage['responses']
|
30
|
+
responses_coverage.each do |response_status, is_covered|
|
31
|
+
responses << {
|
32
|
+
path: path_name,
|
33
|
+
method: method,
|
34
|
+
status: response_status,
|
35
|
+
is_covered: is_covered,
|
36
|
+
}
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
{
|
41
|
+
responses: responses,
|
42
|
+
}
|
43
|
+
end
|
44
|
+
end
|
45
|
+
|
46
|
+
def initialize(schema)
|
47
|
+
raise 'Unsupported schema' unless schema.is_a?(Committee::Drivers::OpenAPI3::Schema)
|
48
|
+
|
49
|
+
@schema = schema
|
50
|
+
@covered = {}
|
51
|
+
end
|
52
|
+
|
53
|
+
def update_response_coverage!(path, method, response_status)
|
54
|
+
method = method.to_s.downcase
|
55
|
+
response_status = response_status.to_s
|
56
|
+
|
57
|
+
@covered[path] ||= {}
|
58
|
+
@covered[path][method] ||= {}
|
59
|
+
@covered[path][method]['responses'] ||= {}
|
60
|
+
@covered[path][method]['responses'][response_status] = true
|
61
|
+
end
|
62
|
+
|
63
|
+
def report
|
64
|
+
report = {}
|
65
|
+
|
66
|
+
schema.open_api.paths.path.each do |path_name, path_item|
|
67
|
+
report[path_name] = {}
|
68
|
+
path_item._openapi_all_child_objects.each do |object_name, object|
|
69
|
+
next unless object.is_a?(OpenAPIParser::Schemas::Operation)
|
70
|
+
|
71
|
+
method = object_name.split('/').last&.downcase
|
72
|
+
next unless method
|
73
|
+
|
74
|
+
report[path_name][method] ||= {}
|
75
|
+
|
76
|
+
# TODO: check coverage on request params/body as well?
|
77
|
+
|
78
|
+
report[path_name][method]['responses'] ||= {}
|
79
|
+
object.responses.response.each do |response_status, _|
|
80
|
+
is_covered = @covered.dig(path_name, method, 'responses', response_status) || false
|
81
|
+
report[path_name][method]['responses'][response_status] = is_covered
|
82
|
+
end
|
83
|
+
if object.responses.default
|
84
|
+
is_default_covered = (@covered.dig(path_name, method, 'responses') || {}).any? do |status, is_covered|
|
85
|
+
is_covered && !object.responses.response.key?(status)
|
86
|
+
end
|
87
|
+
report[path_name][method]['responses']['default'] = is_default_covered
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
report
|
93
|
+
end
|
94
|
+
|
95
|
+
def report_flatten
|
96
|
+
self.class.flatten_report(report)
|
97
|
+
end
|
98
|
+
end
|
99
|
+
end
|
100
|
+
end
|
101
|
+
|
@@ -2,12 +2,13 @@
|
|
2
2
|
|
3
3
|
module Committee
|
4
4
|
class ValidationError
|
5
|
-
attr_reader :id, :message, :status
|
5
|
+
attr_reader :id, :message, :status, :request
|
6
6
|
|
7
|
-
def initialize(status, id, message)
|
7
|
+
def initialize(status, id, message, request = nil)
|
8
8
|
@status = status
|
9
9
|
@id = id
|
10
10
|
@message = message
|
11
|
+
@request = request
|
11
12
|
end
|
12
13
|
|
13
14
|
def error_body
|
@@ -43,7 +43,11 @@ describe Committee::Bin::CommitteeStub, "app" do
|
|
43
43
|
end
|
44
44
|
|
45
45
|
def app
|
46
|
-
|
46
|
+
options = {}
|
47
|
+
# TODO: delete when 5.0.0 released because default value changed
|
48
|
+
options[:parse_response_by_content_type] = false
|
49
|
+
|
50
|
+
@bin.get_app(hyper_schema, options)
|
47
51
|
end
|
48
52
|
|
49
53
|
it "defaults to a 404" do
|