committee 4.0.0 → 4.4.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/committee.rb +3 -3
- data/lib/committee/drivers/open_api_2/driver.rb +0 -1
- data/lib/committee/errors.rb +12 -0
- data/lib/committee/middleware/request_validation.rb +4 -11
- data/lib/committee/middleware/response_validation.rb +7 -7
- data/lib/committee/request_unpacker.rb +46 -60
- data/lib/committee/schema_validator/hyper_schema.rb +41 -27
- data/lib/committee/schema_validator/open_api_3.rb +34 -21
- data/lib/committee/schema_validator/open_api_3/operation_wrapper.rb +8 -4
- data/lib/committee/schema_validator/open_api_3/router.rb +3 -1
- data/lib/committee/schema_validator/option.rb +22 -3
- data/lib/committee/test/methods.rb +27 -11
- data/lib/committee/test/schema_coverage.rb +101 -0
- data/lib/committee/utils.rb +28 -0
- data/lib/committee/validation_error.rb +3 -2
- data/test/bin/committee_stub_test.rb +5 -1
- data/test/committee_test.rb +1 -1
- data/test/middleware/base_test.rb +9 -3
- data/test/middleware/request_validation_open_api_3_test.rb +82 -6
- data/test/middleware/request_validation_test.rb +16 -0
- data/test/middleware/response_validation_open_api_3_test.rb +26 -2
- data/test/middleware/response_validation_test.rb +11 -0
- data/test/middleware/stub_test.rb +4 -0
- data/test/request_unpacker_test.rb +51 -110
- data/test/schema_validator/hyper_schema/router_test.rb +4 -0
- data/test/schema_validator/open_api_3/operation_wrapper_test.rb +14 -3
- data/test/schema_validator/open_api_3/request_validator_test.rb +3 -0
- data/test/schema_validator/open_api_3/response_validator_test.rb +12 -5
- data/test/test/methods_new_version_test.rb +16 -4
- data/test/test/methods_test.rb +151 -7
- data/test/test/schema_coverage_test.rb +216 -0
- data/test/test_helper.rb +20 -0
- metadata +41 -10
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3a1c74892e2e3abf70f99999312c39aa6e85d0fe8323b73d534ff231c3d7f443
|
4
|
+
data.tar.gz: 0be5e25f5dc94b28aa1d0055f7403e2ca8e59199567d128a7ea2d459a833d4cd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1c8f4286e8be5cd6331e8ca323963bed83c2e0e2960037a78fa0aa78e23f3d684ee931336a4f5e4ce55f4b7dd83f7cf9873ea704979ed53e5cbc47599f3ebc98
|
7
|
+
data.tar.gz: bc840cb4285ecc917613162d6b9837c419e88464a96724b06bf90f07236bf725cc5d099e17c8ecc5cc64f948ff5b35a513a9387ed948c56bcad664d71487313d
|
data/lib/committee.rb
CHANGED
@@ -16,12 +16,11 @@ module Committee
|
|
16
16
|
end
|
17
17
|
|
18
18
|
def self.warn_deprecated(message)
|
19
|
-
|
20
|
-
$stderr.puts(message)
|
21
|
-
end
|
19
|
+
warn("[DEPRECATION] #{message}")
|
22
20
|
end
|
23
21
|
end
|
24
22
|
|
23
|
+
require_relative "committee/utils"
|
25
24
|
require_relative "committee/drivers"
|
26
25
|
require_relative "committee/errors"
|
27
26
|
require_relative "committee/middleware"
|
@@ -31,3 +30,4 @@ require_relative "committee/validation_error"
|
|
31
30
|
|
32
31
|
require_relative "committee/bin/committee_stub"
|
33
32
|
require_relative "committee/test/methods"
|
33
|
+
require_relative "committee/test/schema_coverage"
|
data/lib/committee/errors.rb
CHANGED
@@ -8,9 +8,21 @@ module Committee
|
|
8
8
|
end
|
9
9
|
|
10
10
|
class InvalidRequest < Error
|
11
|
+
attr_reader :original_error
|
12
|
+
|
13
|
+
def initialize(error_message=nil, original_error: nil)
|
14
|
+
@original_error = original_error
|
15
|
+
super(error_message)
|
16
|
+
end
|
11
17
|
end
|
12
18
|
|
13
19
|
class InvalidResponse < Error
|
20
|
+
attr_reader :original_error
|
21
|
+
|
22
|
+
def initialize(error_message=nil, original_error: nil)
|
23
|
+
@original_error = original_error
|
24
|
+
super(error_message)
|
25
|
+
end
|
14
26
|
end
|
15
27
|
|
16
28
|
class NotFound < Error
|
@@ -7,9 +7,6 @@ module Committee
|
|
7
7
|
super
|
8
8
|
|
9
9
|
@strict = options[:strict]
|
10
|
-
|
11
|
-
# deprecated
|
12
|
-
@allow_extra = options[:allow_extra]
|
13
10
|
end
|
14
11
|
|
15
12
|
def handle(request)
|
@@ -21,14 +18,14 @@ module Committee
|
|
21
18
|
rescue Committee::BadRequest, Committee::InvalidRequest
|
22
19
|
handle_exception($!, request.env)
|
23
20
|
raise if @raise
|
24
|
-
return @error_class.new(400, :bad_request, $!.message).render unless @ignore_error
|
21
|
+
return @error_class.new(400, :bad_request, $!.message, request).render unless @ignore_error
|
25
22
|
rescue Committee::NotFound => e
|
26
23
|
raise if @raise
|
27
|
-
return @error_class.new(404, :not_found, e.message).render unless @ignore_error
|
24
|
+
return @error_class.new(404, :not_found, e.message, request).render unless @ignore_error
|
28
25
|
rescue JSON::ParserError
|
29
26
|
handle_exception($!, request.env)
|
30
27
|
raise Committee::InvalidRequest if @raise
|
31
|
-
return @error_class.new(400, :bad_request, "Request body wasn't valid JSON.").render unless @ignore_error
|
28
|
+
return @error_class.new(400, :bad_request, "Request body wasn't valid JSON.", request).render unless @ignore_error
|
32
29
|
end
|
33
30
|
|
34
31
|
@app.call(request.env)
|
@@ -42,11 +39,7 @@ module Committee
|
|
42
39
|
if @error_handler.arity > 1
|
43
40
|
@error_handler.call(e, env)
|
44
41
|
else
|
45
|
-
|
46
|
-
[DEPRECATION] Using `error_handler.call(exception)` is deprecated and will be change to
|
47
|
-
`error_handler.call(exception, request.env)` in next major version.
|
48
|
-
MESSAGE
|
49
|
-
|
42
|
+
Committee.warn_deprecated('Using `error_handler.call(exception)` is deprecated and will be change to `error_handler.call(exception, request.env)` in next major version.')
|
50
43
|
@error_handler.call(e)
|
51
44
|
end
|
52
45
|
end
|
@@ -7,13 +7,17 @@ module Committee
|
|
7
7
|
|
8
8
|
def initialize(app, options = {})
|
9
9
|
super
|
10
|
+
|
11
|
+
unless options[:strict].nil?
|
12
|
+
Committee.warn_deprecated("Committee: Committee::Middleware::ResponseValidation doesn't support strict option now but we'll support this option. This change break backward compatibility so please remove strict option from ResponseValidation")
|
13
|
+
end
|
10
14
|
@validate_success_only = @schema.validator_option.validate_success_only
|
11
15
|
end
|
12
16
|
|
13
17
|
def handle(request)
|
14
|
-
|
15
|
-
status, headers, response = @app.call(request.env)
|
18
|
+
status, headers, response = @app.call(request.env)
|
16
19
|
|
20
|
+
begin
|
17
21
|
v = build_schema_validator(request)
|
18
22
|
v.response_validate(status, headers, response) if v.link_exist? && self.class.validate?(status, validate_success_only)
|
19
23
|
|
@@ -46,11 +50,7 @@ module Committee
|
|
46
50
|
if @error_handler.arity > 1
|
47
51
|
@error_handler.call(e, env)
|
48
52
|
else
|
49
|
-
|
50
|
-
[DEPRECATION] Using `error_handler.call(exception)` is deprecated and will be change to
|
51
|
-
`error_handler.call(exception, request.env)` in next major version.
|
52
|
-
MESSAGE
|
53
|
-
|
53
|
+
Committee.warn_deprecated('Using `error_handler.call(exception)` is deprecated and will be change to `error_handler.call(exception, request.env)` in next major version.')
|
54
54
|
@error_handler.call(e)
|
55
55
|
end
|
56
56
|
end
|
@@ -2,84 +2,82 @@
|
|
2
2
|
|
3
3
|
module Committee
|
4
4
|
class RequestUnpacker
|
5
|
-
|
6
|
-
|
5
|
+
class << self
|
6
|
+
# Enable string or symbol key access to the nested params hash.
|
7
|
+
#
|
8
|
+
# (Copied from Sinatra)
|
9
|
+
def indifferent_params(object)
|
10
|
+
case object
|
11
|
+
when Hash
|
12
|
+
new_hash = Committee::Utils.indifferent_hash
|
13
|
+
object.each { |key, value| new_hash[key] = indifferent_params(value) }
|
14
|
+
new_hash
|
15
|
+
when Array
|
16
|
+
object.map { |item| indifferent_params(item) }
|
17
|
+
else
|
18
|
+
object
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
7
22
|
|
23
|
+
def initialize(options={})
|
8
24
|
@allow_form_params = options[:allow_form_params]
|
9
25
|
@allow_get_body = options[:allow_get_body]
|
10
26
|
@allow_query_params = options[:allow_query_params]
|
11
|
-
@coerce_form_params = options[:coerce_form_params]
|
12
27
|
@optimistic_json = options[:optimistic_json]
|
13
|
-
@schema_validator = options[:schema_validator]
|
14
28
|
end
|
15
29
|
|
16
|
-
|
30
|
+
# reutrn params and is_form_params
|
31
|
+
def unpack_request_params(request)
|
17
32
|
# if Content-Type is empty or JSON, and there was a request body, try to
|
18
33
|
# interpret it as JSON
|
19
|
-
params = if
|
20
|
-
parse_json
|
34
|
+
params = if !request.media_type || request.media_type =~ %r{application/(?:.*\+)?json}
|
35
|
+
parse_json(request)
|
21
36
|
elsif @optimistic_json
|
22
37
|
begin
|
23
|
-
parse_json
|
38
|
+
parse_json(request)
|
24
39
|
rescue JSON::ParserError
|
25
40
|
nil
|
26
41
|
end
|
27
42
|
end
|
28
43
|
|
29
|
-
params
|
30
|
-
|
31
|
-
|
44
|
+
return [params, false] if params
|
45
|
+
|
46
|
+
if @allow_form_params && %w[application/x-www-form-urlencoded multipart/form-data].include?(request.media_type)
|
32
47
|
# Actually, POST means anything in the request body, could be from
|
33
48
|
# PUT or PATCH too. Silly Rack.
|
34
|
-
|
35
|
-
|
36
|
-
@schema_validator.coerce_form_params(p) if @coerce_form_params
|
37
|
-
|
38
|
-
p
|
39
|
-
else
|
40
|
-
{}
|
49
|
+
return [request.POST, true] if request.POST
|
41
50
|
end
|
42
51
|
|
43
|
-
|
44
|
-
[indifferent_params(@request.GET).merge(params), headers]
|
45
|
-
else
|
46
|
-
[params, headers]
|
47
|
-
end
|
52
|
+
[{}, false]
|
48
53
|
end
|
49
54
|
|
50
|
-
|
51
|
-
|
52
|
-
# Creates a Hash with indifferent access.
|
53
|
-
#
|
54
|
-
# (Copied from Sinatra)
|
55
|
-
def indifferent_hash
|
56
|
-
Hash.new { |hash,key| hash[key.to_s] if Symbol === key }
|
55
|
+
def unpack_query_params(request)
|
56
|
+
@allow_query_params ? self.class.indifferent_params(request.GET) : {}
|
57
57
|
end
|
58
58
|
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
new_hash = indifferent_hash
|
66
|
-
object.each { |key, value| new_hash[key] = indifferent_params(value) }
|
67
|
-
new_hash
|
68
|
-
when Array
|
69
|
-
object.map { |item| indifferent_params(item) }
|
70
|
-
else
|
71
|
-
object
|
59
|
+
def unpack_headers(request)
|
60
|
+
env = request.env
|
61
|
+
base = env.keys.grep(/HTTP_/).inject({}) do |headers, key|
|
62
|
+
headerized_key = key.gsub(/^HTTP_/, '').gsub(/_/, '-')
|
63
|
+
headers[headerized_key] = env[key]
|
64
|
+
headers
|
72
65
|
end
|
66
|
+
|
67
|
+
base['Content-Type'] = env['CONTENT_TYPE'] if env['CONTENT_TYPE']
|
68
|
+
base
|
73
69
|
end
|
74
70
|
|
75
|
-
|
76
|
-
|
71
|
+
private
|
72
|
+
|
73
|
+
def parse_json(request)
|
74
|
+
return nil if request.request_method == "GET" && !@allow_get_body
|
77
75
|
|
78
|
-
body =
|
76
|
+
body = request.body.read
|
79
77
|
# if request body is empty, we just have empty params
|
80
78
|
return nil if body.length == 0
|
81
79
|
|
82
|
-
|
80
|
+
request.body.rewind
|
83
81
|
hash = JSON.parse(body)
|
84
82
|
# We want a hash specifically. '42', 42, and [42] will all be
|
85
83
|
# decoded properly, but we can't use them here.
|
@@ -87,19 +85,7 @@ module Committee
|
|
87
85
|
raise BadRequest,
|
88
86
|
"Invalid JSON input. Require object with parameters as keys."
|
89
87
|
end
|
90
|
-
indifferent_params(hash)
|
91
|
-
end
|
92
|
-
|
93
|
-
def headers
|
94
|
-
env = @request.env
|
95
|
-
base = env.keys.grep(/HTTP_/).inject({}) do |headers, key|
|
96
|
-
headerized_key = key.gsub(/^HTTP_/, '').gsub(/_/, '-')
|
97
|
-
headers[headerized_key] = env[key]
|
98
|
-
headers
|
99
|
-
end
|
100
|
-
|
101
|
-
base['Content-Type'] = env['CONTENT_TYPE'] if env['CONTENT_TYPE']
|
102
|
-
base
|
88
|
+
self.class.indifferent_params(hash)
|
103
89
|
end
|
104
90
|
end
|
105
91
|
end
|
@@ -11,18 +11,8 @@ module Committee
|
|
11
11
|
end
|
12
12
|
|
13
13
|
def request_validate(request)
|
14
|
-
# Attempts to coerce parameters that appear in a link's URL to Ruby
|
15
|
-
# types that can be validated with a schema.
|
16
|
-
param_matches_hash = validator_option.coerce_path_params ? coerce_path_params : {}
|
17
|
-
|
18
|
-
# Attempts to coerce parameters that appear in a query string to Ruby
|
19
|
-
# types that can be validated with a schema.
|
20
|
-
coerce_query_params(request) if validator_option.coerce_query_params
|
21
|
-
|
22
14
|
request_unpack(request)
|
23
15
|
|
24
|
-
request.env[validator_option.params_key].merge!(param_matches_hash) if param_matches_hash
|
25
|
-
|
26
16
|
request_schema_validation(request)
|
27
17
|
parameter_coerce!(request, link, validator_option.params_key)
|
28
18
|
parameter_coerce!(request, link, "rack.request.query_hash") if link_exist? && !request.GET.nil? && !link.schema.nil?
|
@@ -35,7 +25,14 @@ module Committee
|
|
35
25
|
response.each do |chunk|
|
36
26
|
full_body << chunk
|
37
27
|
end
|
38
|
-
|
28
|
+
|
29
|
+
data = {}
|
30
|
+
unless full_body.empty?
|
31
|
+
parse_to_json = !validator_option.parse_response_by_content_type ||
|
32
|
+
headers.fetch('Content-Type', nil)&.start_with?('application/json')
|
33
|
+
data = JSON.parse(full_body) if parse_to_json
|
34
|
+
end
|
35
|
+
|
39
36
|
Committee::SchemaValidator::HyperSchema::ResponseValidator.new(link, validate_success_only: validator_option.validate_success_only).call(status, headers, data)
|
40
37
|
end
|
41
38
|
|
@@ -43,16 +40,10 @@ module Committee
|
|
43
40
|
!link.nil?
|
44
41
|
end
|
45
42
|
|
46
|
-
def coerce_form_params(parameter)
|
47
|
-
return unless link_exist?
|
48
|
-
return unless link.schema
|
49
|
-
Committee::SchemaValidator::HyperSchema::StringParamsCoercer.new(parameter, link.schema).call!
|
50
|
-
end
|
51
|
-
|
52
43
|
private
|
53
44
|
|
54
45
|
def coerce_path_params
|
55
|
-
return unless link_exist?
|
46
|
+
return {} unless link_exist?
|
56
47
|
|
57
48
|
Committee::SchemaValidator::HyperSchema::StringParamsCoercer.new(param_matches, link.schema, coerce_recursive: validator_option.coerce_recursive).call!
|
58
49
|
param_matches
|
@@ -66,15 +57,38 @@ module Committee
|
|
66
57
|
end
|
67
58
|
|
68
59
|
def request_unpack(request)
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
60
|
+
unpacker = Committee::RequestUnpacker.new(
|
61
|
+
allow_form_params: validator_option.allow_form_params,
|
62
|
+
allow_get_body: validator_option.allow_get_body,
|
63
|
+
allow_query_params: validator_option.allow_query_params,
|
64
|
+
optimistic_json: validator_option.optimistic_json,
|
65
|
+
)
|
66
|
+
|
67
|
+
request.env[validator_option.headers_key] = unpacker.unpack_headers(request)
|
68
|
+
|
69
|
+
# Attempts to coerce parameters that appear in a link's URL to Ruby
|
70
|
+
# types that can be validated with a schema.
|
71
|
+
param_matches_hash = validator_option.coerce_path_params ? coerce_path_params : {}
|
72
|
+
|
73
|
+
# Attempts to coerce parameters that appear in a query string to Ruby
|
74
|
+
# types that can be validated with a schema.
|
75
|
+
coerce_query_params(request) if validator_option.coerce_query_params
|
76
|
+
|
77
|
+
query_param = unpacker.unpack_query_params(request)
|
78
|
+
request_param, is_form_params = unpacker.unpack_request_params(request)
|
79
|
+
coerce_form_params(request_param) if validator_option.coerce_form_params && is_form_params
|
80
|
+
request.env[validator_option.request_body_hash_key] = request_param
|
81
|
+
|
82
|
+
request.env[validator_option.params_key] = Committee::Utils.indifferent_hash
|
83
|
+
request.env[validator_option.params_key].merge!(Committee::Utils.deep_copy(query_param))
|
84
|
+
request.env[validator_option.params_key].merge!(Committee::Utils.deep_copy(request_param))
|
85
|
+
request.env[validator_option.params_key].merge!(Committee::Utils.deep_copy(param_matches_hash))
|
86
|
+
end
|
87
|
+
|
88
|
+
def coerce_form_params(parameter)
|
89
|
+
return unless link_exist?
|
90
|
+
return unless link.schema
|
91
|
+
Committee::SchemaValidator::HyperSchema::StringParamsCoercer.new(parameter, link.schema).call!
|
78
92
|
end
|
79
93
|
|
80
94
|
def request_schema_validation(request)
|
@@ -14,12 +14,7 @@ module Committee
|
|
14
14
|
def request_validate(request)
|
15
15
|
return unless link_exist?
|
16
16
|
|
17
|
-
path_params = validator_option.coerce_path_params ? coerce_path_params : {}
|
18
|
-
|
19
17
|
request_unpack(request)
|
20
|
-
|
21
|
-
request.env[validator_option.params_key]&.merge!(path_params) unless path_params.empty?
|
22
|
-
|
23
18
|
request_schema_validation(request)
|
24
19
|
|
25
20
|
copy_coerced_data_to_query_hash(request)
|
@@ -30,7 +25,14 @@ module Committee
|
|
30
25
|
response.each do |chunk|
|
31
26
|
full_body << chunk
|
32
27
|
end
|
33
|
-
|
28
|
+
|
29
|
+
parse_to_json = !validator_option.parse_response_by_content_type ||
|
30
|
+
headers.fetch('Content-Type', nil)&.start_with?('application/json')
|
31
|
+
data = if parse_to_json
|
32
|
+
full_body.empty? ? {} : JSON.parse(full_body)
|
33
|
+
else
|
34
|
+
full_body
|
35
|
+
end
|
34
36
|
|
35
37
|
strict = test_method
|
36
38
|
Committee::SchemaValidator::OpenAPI3::ResponseValidator.
|
@@ -42,16 +44,13 @@ module Committee
|
|
42
44
|
!@operation_object.nil?
|
43
45
|
end
|
44
46
|
|
45
|
-
def coerce_form_params(_parameter)
|
46
|
-
# Empty because request_schema_validation checks and coerces
|
47
|
-
end
|
48
|
-
|
49
47
|
private
|
50
48
|
|
51
49
|
attr_reader :validator_option
|
52
50
|
|
53
51
|
def coerce_path_params
|
54
|
-
|
52
|
+
return Committee::Utils.indifferent_hash unless validator_option.coerce_path_params
|
53
|
+
Committee::RequestUnpacker.indifferent_params(@operation_object.coerce_path_parameter(@validator_option))
|
55
54
|
end
|
56
55
|
|
57
56
|
def request_schema_validation(request)
|
@@ -66,22 +65,36 @@ module Committee
|
|
66
65
|
end
|
67
66
|
|
68
67
|
def request_unpack(request)
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
68
|
+
unpacker = Committee::RequestUnpacker.new(
|
69
|
+
allow_form_params: validator_option.allow_form_params,
|
70
|
+
allow_get_body: validator_option.allow_get_body,
|
71
|
+
allow_query_params: validator_option.allow_query_params,
|
72
|
+
optimistic_json: validator_option.optimistic_json,
|
73
|
+
)
|
74
|
+
|
75
|
+
request.env[validator_option.headers_key] = unpacker.unpack_headers(request)
|
76
|
+
|
77
|
+
request_param, is_form_params = unpacker.unpack_request_params(request)
|
78
|
+
request.env[validator_option.request_body_hash_key] = request_param
|
79
|
+
request.env[validator_option.path_hash_key] = coerce_path_params
|
80
|
+
|
81
|
+
query_param = unpacker.unpack_query_params(request)
|
82
|
+
|
83
|
+
request.env[validator_option.params_key] = Committee::Utils.indifferent_hash
|
84
|
+
request.env[validator_option.params_key].merge!(Committee::Utils.deep_copy(query_param))
|
85
|
+
request.env[validator_option.params_key].merge!(Committee::Utils.deep_copy(request.env[validator_option.request_body_hash_key]))
|
86
|
+
request.env[validator_option.params_key].merge!(Committee::Utils.deep_copy(request.env[validator_option.path_hash_key]))
|
78
87
|
end
|
79
88
|
|
80
89
|
def copy_coerced_data_to_query_hash(request)
|
81
90
|
return if request.env["rack.request.query_hash"].nil? || request.env["rack.request.query_hash"].empty?
|
82
91
|
|
92
|
+
query_hash_key = @validator_option.query_hash_key
|
93
|
+
return unless query_hash_key
|
94
|
+
|
95
|
+
request.env[query_hash_key] = {} unless request.env[query_hash_key]
|
83
96
|
request.env["rack.request.query_hash"].keys.each do |k|
|
84
|
-
request.env[
|
97
|
+
request.env[query_hash_key][k] = request.env[validator_option.params_key][k]
|
85
98
|
end
|
86
99
|
end
|
87
100
|
end
|