committee 3.3.0 → 5.0.0

data/lib/committee/schema_validator/open_api_3/request_validator.rb

@@ -11,11 +11,11 @@ module Committee
           @validator_option = validator_option
         end
 
-        def call(request, params, headers)
+        def call(request, path_params, query_params, body_params, headers)
           content_type = ::Committee::SchemaValidator.request_media_type(request)
           check_content_type(request, content_type) if @validator_option.check_content_type
 
-          @operation_object.validate_request_params(params, headers, @validator_option)
+          @operation_object.validate_request_params(path_params, query_params, body_params, headers, @validator_option)
         end
 
         private
@@ -24,6 +24,7 @@ module Committee
           # support post, put, patch only
           return true unless request.post? || request.put? || request.patch?
           return true if @operation_object.valid_request_content_type?(content_type)
+          return true if @operation_object.optional_body? && empty_request?(request)
 
           message = if valid_content_types.size > 1
                       types = valid_content_types.map {|x| %{"#{x}"} }.join(', ')
@@ -37,6 +38,14 @@ module Committee
         def valid_content_types
           @operation_object&.request_content_types
         end
+
+        def empty_request?(request)
+          return true if !request.body
+
+          data = request.body.read
+          request.body.rewind
+          data.empty?
+        end
       end
     end
   end

data/lib/committee/schema_validator/open_api_3/router.rb

@@ -22,8 +22,10 @@ module Committee
         end
 
         def operation_object(request)
+          return nil unless includes_request?(request)
+
           path = request.path
-          path = path.gsub(@prefix_regexp, '') if prefix_request?(request)
+          path = path.gsub(@prefix_regexp, '') if @prefix_regexp
 
           request_method = request.request_method.downcase
 

data/lib/committee/schema_validator/open_api_3.rb

@@ -14,15 +14,10 @@ module Committee
       def request_validate(request)
         return unless link_exist?
 
-        path_params = validator_option.coerce_path_params ? coerce_path_params : {}
-
         request_unpack(request)
-
-        request.env[validator_option.params_key]&.merge!(path_params) unless path_params.empty?
-
         request_schema_validation(request)
 
-        copy_coerced_data_to_query_hash(request)
+        copy_coerced_data_to_params(request)
       end
 
       def response_validate(status, headers, response, test_method = false)
@@ -30,8 +25,16 @@ module Committee
         response.each do |chunk|
           full_body << chunk
         end
-        data = full_body.empty? ? {} : JSON.parse(full_body)
 
+        parse_to_json = !validator_option.parse_response_by_content_type || 
+                        headers.fetch('Content-Type', nil)&.start_with?('application/json')
+        data = if parse_to_json
+          full_body.empty? ? {} : JSON.parse(full_body)
+        else
+          full_body
+        end
+
+        # TODO: refactoring name
         strict = test_method
         Committee::SchemaValidator::OpenAPI3::ResponseValidator.
             new(@operation_object, validator_option).
@@ -42,23 +45,32 @@ module Committee
         !@operation_object.nil?
       end
 
-      def coerce_form_params(_parameter)
-        # Empty because request_schema_validation checks and coerces
-      end
-
       private
 
       attr_reader :validator_option
 
       def coerce_path_params
-        @operation_object.coerce_path_parameter(@validator_option)
+        return Committee::Utils.indifferent_hash unless validator_option.coerce_path_params
+        Committee::RequestUnpacker.indifferent_params(@operation_object.coerce_path_parameter(@validator_option))
       end
 
       def request_schema_validation(request)
         return unless @operation_object
 
         validator = Committee::SchemaValidator::OpenAPI3::RequestValidator.new(@operation_object, validator_option: validator_option)
-        validator.call(request, request.env[validator_option.params_key], header(request))
+        validator.call(request, path_params(request), query_params(request), body_params(request), header(request))
+      end
+
+      def path_params(request)
+        request.env[validator_option.path_hash_key]
+      end
+
+      def query_params(request)
+        request.env[validator_option.query_hash_key]
+      end
+
+      def body_params(request)
+        request.env[validator_option.request_body_hash_key]
       end
 
       def header(request)
@@ -66,22 +78,36 @@ module Committee
       end
 
       def request_unpack(request)
-        request.env[validator_option.params_key], request.env[validator_option.headers_key] = Committee::RequestUnpacker.new(
-            request,
-            allow_form_params:  validator_option.allow_form_params,
-            allow_get_body:     validator_option.allow_get_body,
-            allow_query_params: validator_option.allow_query_params,
-            coerce_form_params: validator_option.coerce_form_params,
-            optimistic_json:    validator_option.optimistic_json,
-            schema_validator:   self
-        ).call
+        unpacker = Committee::RequestUnpacker.new(
+          allow_form_params:  validator_option.allow_form_params,
+          allow_get_body:     validator_option.allow_get_body,
+          allow_query_params: validator_option.allow_query_params,
+          optimistic_json:    validator_option.optimistic_json,
+        )
+
+        request.env[validator_option.headers_key] = unpacker.unpack_headers(request)
+
+        request_param, is_form_params = unpacker.unpack_request_params(request)
+        request.env[validator_option.request_body_hash_key] = request_param
+        request.env[validator_option.path_hash_key] = coerce_path_params
+
+        query_param = unpacker.unpack_query_params(request)
+        query_param.merge!(request_param) if request.get? && validator_option.allow_get_body
+        request.env[validator_option.query_hash_key] = query_param
       end
 
-      def copy_coerced_data_to_query_hash(request)
-        return if request.env["rack.request.query_hash"].nil? || request.env["rack.request.query_hash"].empty?
+      def copy_coerced_data_to_params(request)
+        order = if validator_option.parameter_overwite_by_rails_rule
+          # (high priority) path_hash_key -> query_param -> request_body_hash          
+          [validator_option.request_body_hash_key, validator_option.query_hash_key, validator_option.path_hash_key]
+        else
+          # (high priority) path_hash_key -> request_body_hash -> query_param
+          [validator_option.query_hash_key, validator_option.request_body_hash_key, validator_option.path_hash_key]
+        end
 
-        request.env["rack.request.query_hash"].keys.each do |k|
-          request.env["rack.request.query_hash"][k] = request.env[validator_option.params_key][k]
+        request.env[validator_option.params_key] = Committee::Utils.indifferent_hash
+        order.each do |key|
+          request.env[validator_option.params_key].merge!(Committee::Utils.deep_copy(request.env[key]))
         end
       end
     end

data/lib/committee/schema_validator/option.rb

@@ -15,17 +15,26 @@ module Committee
                   :coerce_query_params,
                   :coerce_recursive,
                   :optimistic_json,
-                  :validate_success_only
+                  :validate_success_only,
+                  :parse_response_by_content_type,
+                  :parameter_overwite_by_rails_rule
 
       # Non-boolean options:
       attr_reader :headers_key,
                   :params_key,
+                  :query_hash_key,
+                  :request_body_hash_key,
+                  :path_hash_key,
                   :prefix
 
       def initialize(options, schema, schema_type)
         # Non-boolean options
-        @headers_key         = options[:headers_key] || "committee.headers"
-        @params_key          = options[:params_key] || "committee.params"
+        @headers_key         = options[:headers_key]    || "committee.headers"
+        @params_key          = options[:params_key]     || "committee.params"
+        @query_hash_key      = options[:query_hash_key] || "committee.query_hash"
+        @path_hash_key      = options[:path_hash_key] || "committee.path_hash"
+        @request_body_hash_key = options[:request_body_hash_key] || "committee.request_body_hash"
+
         @prefix              = options[:prefix]
 
         # Boolean options and have a common value by default
@@ -35,6 +44,8 @@ module Committee
         @check_header        = options.fetch(:check_header, true)
         @coerce_recursive    = options.fetch(:coerce_recursive, true)
         @optimistic_json     = options.fetch(:optimistic_json, false)
+        @parse_response_by_content_type = options.fetch(:parse_response_by_content_type, true)
+        @parameter_overwite_by_rails_rule = options.fetch(:parameter_overwite_by_rails_rule, true)
 
         # Boolean options and have a different value by default
         @allow_get_body      = options.fetch(:allow_get_body, schema.driver.default_allow_get_body)

data/lib/committee/schema_validator.rb

@@ -4,7 +4,7 @@ module Committee
   module SchemaValidator
     class << self
       def request_media_type(request)
-        request.content_type.to_s.split(";").first.to_s
+        request.media_type.to_s
       end
 
       # @param [String] prefix

data/lib/committee/test/methods.rb

@@ -3,27 +3,40 @@
 module Committee
   module Test
     module Methods
-      def assert_schema_conform
+      def assert_schema_conform(expected_status = nil)
         assert_request_schema_confirm unless old_behavior
-        assert_response_schema_confirm
+        assert_response_schema_confirm(expected_status)
       end
 
       def assert_request_schema_confirm
         unless schema_validator.link_exist?
-          request = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema."
+          request = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema (prefix: #{committee_options[:prefix].inspect})."
           raise Committee::InvalidRequest.new(request)
         end
 
         schema_validator.request_validate(request_object)
       end
 
-      def assert_response_schema_confirm
+      def assert_response_schema_confirm(expected_status = nil)
         unless schema_validator.link_exist?
-          response = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema."
+          response = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema (prefix: #{committee_options[:prefix].inspect})."
           raise Committee::InvalidResponse.new(response)
         end
 
         status, headers, body = response_data
+
+        if expected_status.nil?
+          Committee.need_good_option('Pass expected response status code to check it against the corresponding schema explicitly.')
+        elsif expected_status != status
+          response = "Expected `#{expected_status}` status code, but it was `#{status}`."
+          raise Committee::InvalidResponse.new(response)
+        end
+
+        if schema_coverage
+          operation_object = router.operation_object(request_object)
+          schema_coverage&.update_response_coverage!(operation_object.original_path, operation_object.http_method, status)
+        end
+
         schema_validator.response_validate(status, headers, [body], true) if validate_response?(status)
       end
 
@@ -55,18 +68,16 @@ module Committee
         @schema_validator ||= router.build_schema_validator(request_object)
       end
 
+      def schema_coverage
+        return nil unless schema.is_a?(Committee::Drivers::OpenAPI3::Schema)
+
+        coverage = committee_options.fetch(:schema_coverage, nil)
+
+        coverage.is_a?(SchemaCoverage) ? coverage : nil
+      end
+
       def old_behavior
-        old_assert_behavior = committee_options.fetch(:old_assert_behavior, nil)
-        if old_assert_behavior.nil?
-          warn <<-MSG
-          [DEPRECATION] now assert_schema_conform check response schema only.
-            but we will change check request and response in future major version.
-            so if you want to conform response only, please use assert_response_schema_confirm,
-            or you can suppress this message and keep old behavior by setting old_assert_behavior=true.
-          MSG
-          old_assert_behavior = true
-        end
-        old_assert_behavior
+        committee_options.fetch(:old_assert_behavior, false)
       end
     end
   end

data/lib/committee/test/schema_coverage.rb

@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+
+module Committee
+  module Test
+    class SchemaCoverage
+      attr_reader :schema
+
+      class << self
+        def merge_report(first, second)
+          report = first.dup
+          second.each do |k, v|
+            if v.is_a?(Hash)
+              if report[k].nil?
+                report[k] = v
+              else
+                report[k] = merge_report(report[k], v)
+              end
+            else
+              report[k] ||= v
+            end
+          end
+          report
+        end
+
+        def flatten_report(report)
+          responses = []
+          report.each do |path_name, path_coverage|
+            path_coverage.each do |method, method_coverage|
+              responses_coverage = method_coverage['responses']
+              responses_coverage.each do |response_status, is_covered|
+                responses << {
+                  path: path_name,
+                  method: method,
+                  status: response_status,
+                  is_covered: is_covered,
+                }
+              end
+            end
+          end
+          {
+            responses: responses,
+          }
+        end
+      end
+
+      def initialize(schema)
+        raise 'Unsupported schema' unless schema.is_a?(Committee::Drivers::OpenAPI3::Schema)
+
+        @schema = schema
+        @covered = {}
+      end
+
+      def update_response_coverage!(path, method, response_status)
+        method = method.to_s.downcase
+        response_status = response_status.to_s
+
+        @covered[path] ||= {}
+        @covered[path][method] ||= {}
+        @covered[path][method]['responses'] ||= {}
+        @covered[path][method]['responses'][response_status] = true
+      end
+
+      def report
+        report = {}
+
+        schema.open_api.paths.path.each do |path_name, path_item|
+          report[path_name] = {}
+          path_item._openapi_all_child_objects.each do |object_name, object|
+            next unless object.is_a?(OpenAPIParser::Schemas::Operation)
+
+            method = object_name.split('/').last&.downcase
+            next unless method
+
+            report[path_name][method] ||= {}
+
+            # TODO: check coverage on request params/body as well?
+
+            report[path_name][method]['responses'] ||= {}
+            object.responses.response.each do |response_status, _|
+              is_covered = @covered.dig(path_name, method, 'responses', response_status) || false
+              report[path_name][method]['responses'][response_status] = is_covered
+            end
+            if object.responses.default
+              is_default_covered = (@covered.dig(path_name, method, 'responses') || {}).any? do |status, is_covered|
+                is_covered && !object.responses.response.key?(status)
+              end
+              report[path_name][method]['responses']['default'] = is_default_covered
+            end
+          end
+        end
+
+        report
+      end
+
+      def report_flatten
+        self.class.flatten_report(report)
+      end
+    end
+  end
+end
+

data/lib/committee/utils.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module Committee
+    module Utils
+        # Creates a Hash with indifferent access.
+        #
+        # (Copied from Sinatra)
+        def self.indifferent_hash
+            Hash.new { |hash,key| hash[key.to_s] if Symbol === key }
+        end
+
+        def self.deep_copy(from)
+            if from.is_a?(Hash)
+                h = Committee::Utils.indifferent_hash
+                from.each_pair do |k, v|
+                h[k] = deep_copy(v)
+                end
+                return h
+            end
+
+            if from.is_a?(Array)
+                return from.map{ |v| deep_copy(v) }
+            end
+
+            return from
+        end
+    end
+end

data/lib/committee/validation_error.rb

@@ -2,12 +2,13 @@
 
 module Committee
   class ValidationError
-    attr_reader :id, :message, :status
+    attr_reader :id, :message, :status, :request
 
-    def initialize(status, id, message)
+    def initialize(status, id, message, request = nil)
       @status = status
       @id = id
       @message = message
+      @request = request
     end
 
     def error_body

data/lib/committee/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Committee
+    VERSION = '5.0.0'.freeze
+end

data/lib/committee.rb

@@ -6,6 +6,8 @@ require "json_schema"
 require "rack"
 require 'openapi_parser'
 
+require_relative "committee/version"
+
 module Committee
   def self.debug?
     ENV["COMMITTEE_DEBUG"]
@@ -15,13 +17,17 @@ module Committee
     $stderr.puts(message) if debug?
   end
 
-  def self.warn_deprecated(message)
-    if !$VERBOSE.nil?
-      $stderr.puts(message)
-    end
+  def self.need_good_option(message)
+    warn(message)
+  end
+
+  def self.warn_deprecated_until_6(cond, message)
+    raise "remove deprecated!"  unless Committee::VERSION.start_with?("5")
+    warn("[DEPRECATION] #{message}") if cond
   end
 end
 
+require_relative "committee/utils"
 require_relative "committee/drivers"
 require_relative "committee/errors"
 require_relative "committee/middleware"
@@ -31,3 +37,4 @@ require_relative "committee/validation_error"
 
 require_relative "committee/bin/committee_stub"
 require_relative "committee/test/methods"
+require_relative "committee/test/schema_coverage"

data/test/bin/committee_stub_test.rb

@@ -43,7 +43,11 @@ describe Committee::Bin::CommitteeStub, "app" do
   end
 
   def app
-    @bin.get_app(hyper_schema, {})
+    options = {}
+    # TODO: delete when 5.0.0 released because default value changed
+    options[:parse_response_by_content_type] = false
+
+    @bin.get_app(hyper_schema, options)
   end
 
   it "defaults to a 404" do

data/test/committee_test.rb

@@ -31,18 +31,44 @@ describe Committee do
     end
   end
 
+  it "warns need_good_option" do
+    old_stderr = $stderr
+    $stderr = StringIO.new
+    begin
+      Committee.need_good_option "show"
+      assert_equal "show\n", $stderr.string
+    ensure
+      $stderr = old_stderr
+    end
+  end
+
   it "warns on deprecated unless $VERBOSE is nil" do
     old_stderr = $stderr
     old_verbose = $VERBOSE
     $stderr = StringIO.new
     begin
       $VERBOSE = nil
-      Committee.warn_deprecated "blah"
+      Committee.warn_deprecated_until_6 true, "blah"
       assert_equal "", $stderr.string
 
       $VERBOSE = true
-      Committee.warn_deprecated "blah"
-      assert_equal "blah\n", $stderr.string
+      Committee.warn_deprecated_until_6 true, "blah"
+      assert_equal "[DEPRECATION] blah\n", $stderr.string
+    ensure
+      $stderr = old_stderr
+      $VERBOSE = old_verbose
+    end
+  end
+
+
+  it "doesn't warns on deprecated if cond is false" do
+    old_stderr = $stderr
+    old_verbose = $VERBOSE
+    $stderr = StringIO.new
+    begin
+      $VERBOSE = true
+      Committee.warn_deprecated_until_6 false, "blah"
+      assert_equal "", $stderr.string
     ensure
       $stderr = old_stderr
       $VERBOSE = old_verbose

data/test/drivers/open_api_3/driver_test.rb

@@ -16,7 +16,7 @@ describe Committee::Drivers::OpenAPI3::Driver do
   end
 
   it "override methods" do
-    parser = OpenAPIParser.parse(open_api_3_data)
+    parser = OpenAPIParser.parse(open_api_3_data, strict_reference_validation: false)
     schema = @driver.parse(parser)
 
     assert_kind_of Committee::Drivers::OpenAPI3::Schema, schema

data/test/drivers_test.rb

@@ -37,20 +37,33 @@ describe Committee::Drivers do
     end
 
     it 'loads OpenAPI 3' do
-      s = Committee::Drivers.load_from_file(open_api_3_schema_path)
+      s = Committee::Drivers.load_from_file(open_api_3_schema_path, parser_options:{strict_reference_validation: true})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::OpenAPI3::Schema, s
     end
 
     it 'load OpenAPI 3 (patch version 3.0.1)' do
-      s = Committee::Drivers.load_from_file(open_api_3_0_1_schema_path)
+      s = Committee::Drivers.load_from_file(open_api_3_0_1_schema_path, parser_options:{strict_reference_validation: true})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::OpenAPI3::Schema, s
     end
 
+    it 'fails to load OpenAPI 3 with invalid reference' do
+      parser_options = { strict_reference_validation: true }
+      assert_raises(OpenAPIParser::MissingReferenceError) do
+        Committee::Drivers.load_from_file(open_api_3_invalid_reference_path, parser_options: parser_options)
+      end
+    end
+
+    # This test can be removed when the test above (raising on invalid reference) becomes default behavior?
+    it 'allows loading OpenAPI 3 with invalid reference as existing behavior' do
+      s = Committee::Drivers.load_from_file(open_api_3_invalid_reference_path, parser_options:{strict_reference_validation: false})
+      assert_kind_of Committee::Drivers::OpenAPI3::Schema, s
+    end
+
     it 'errors on an unsupported file extension' do
       e = assert_raises(StandardError) do
-        Committee::Drivers.load_from_file('test.xml')
+        Committee::Drivers.load_from_file('test.xml', parser_options:{strict_reference_validation: true})
       end
       assert_equal "Committee only supports the following file extensions: '.json', '.yaml', '.yml'", e.message
     end
@@ -58,13 +71,13 @@ describe Committee::Drivers do
 
   describe 'load_from_json(schema_path)' do
     it 'loads OpenAPI2' do
-      s = Committee::Drivers.load_from_json(open_api_2_schema_path)
+      s = Committee::Drivers.load_from_json(open_api_2_schema_path, parser_options:{strict_reference_validation: true})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::OpenAPI2::Schema, s
     end
 
     it 'loads Hyper-Schema' do
-      s = Committee::Drivers.load_from_json(hyper_schema_schema_path)
+      s = Committee::Drivers.load_from_json(hyper_schema_schema_path, parser_options:{strict_reference_validation: true})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::HyperSchema::Schema, s
     end
@@ -72,7 +85,7 @@ describe Committee::Drivers do
 
   describe 'load_from_yaml(schema_path)' do
     it 'loads OpenAPI3' do
-      s = Committee::Drivers.load_from_yaml(open_api_3_schema_path)
+      s = Committee::Drivers.load_from_yaml(open_api_3_schema_path, parser_options:{strict_reference_validation: true})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::OpenAPI3::Schema, s
     end
@@ -80,7 +93,7 @@ describe Committee::Drivers do
 
   describe 'load_from_data(schema_path)' do
     it 'loads OpenAPI3' do
-      s = Committee::Drivers.load_from_data(open_api_3_data)
+      s = Committee::Drivers.load_from_data(open_api_3_data, parser_options:{strict_reference_validation: false})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::OpenAPI3::Schema, s
     end

data/test/middleware/base_test.rb

@@ -102,18 +102,14 @@ describe Committee::Middleware::Base do
   end
 
   describe 'initialize option' do
-    it "schema_path option with hyper-schema" do
-      b = Committee::Middleware::Base.new(nil, schema_path: hyper_schema_schema_path)
-      assert_kind_of Committee::Drivers::HyperSchema::Schema, b.instance_variable_get(:@schema)
+    it "accepts OpenAPI3 parser config of strict_reference_validation and raises" do
+      assert_raises(OpenAPIParser::MissingReferenceError) do
+        Committee::Middleware::Base.new(nil, schema_path: open_api_3_invalid_reference_path, strict_reference_validation: true)
+      end
     end
 
-    it "schema_path option with OpenAPI2" do
-      b = Committee::Middleware::Base.new(nil, schema_path: open_api_2_schema_path)
-      assert_kind_of Committee::Drivers::OpenAPI2::Schema, b.instance_variable_get(:@schema)
-    end
-
-    it "schema_path option with OpenAPI3" do
-      b = Committee::Middleware::Base.new(nil, schema_path: open_api_3_schema_path)
+    it "does not raise by default even with invalid reference OpenAPI3 specification" do
+      b = Committee::Middleware::Base.new(nil, schema_path: open_api_3_invalid_reference_path, strict_reference_validation: false)
       assert_kind_of Committee::Drivers::OpenAPI3::Schema, b.instance_variable_get(:@schema)
     end
   end
@@ -121,6 +117,9 @@ describe Committee::Middleware::Base do
   private
 
   def new_rack_app(options = {})
+    # TODO: delete when 5.0.0 released because default value changed
+    options[:parse_response_by_content_type] = true if options[:parse_response_by_content_type] == nil
+
     Rack::Builder.new {
       use Committee::Middleware::RequestValidation, options
       run lambda { |_|