committee 4.1.0 → 4.4.0

data/lib/committee/schema_validator/open_api_3/operation_wrapper.rb

@@ -17,13 +17,17 @@ module Committee
           request_operation.original_path
         end
 
+        def http_method
+          request_operation.http_method
+        end
+
         def coerce_path_parameter(validator_option)
           options = build_openapi_parser_path_option(validator_option)
           return {} unless options.coerce_value
 
           request_operation.validate_path_params(options)
         rescue OpenAPIParser::OpenAPIError => e
-          raise Committee::InvalidRequest.new(e.message)
+          raise Committee::InvalidRequest.new(e.message, original_error: e)
         end
 
         # @param [Boolean] strict when not content_type or status code definition, raise error
@@ -32,7 +36,7 @@ module Committee
 
           return request_operation.validate_response_body(response_body, response_validate_options(strict, check_header))
         rescue OpenAPIParser::OpenAPIError => e
-          raise Committee::InvalidResponse.new(e.message)
+          raise Committee::InvalidResponse.new(e.message, original_error: e)
         end
 
         def validate_request_params(params, headers, validator_option)
@@ -109,7 +113,7 @@ module Committee
           # bad performance because when we coerce value, same check
           request_operation.validate_request_parameter(params, headers, build_openapi_parser_get_option(validator_option))
         rescue OpenAPIParser::OpenAPIError => e
-          raise Committee::InvalidRequest.new(e.message)
+          raise Committee::InvalidRequest.new(e.message, original_error: e)
         end
 
         def validate_post_request_params(params, headers, validator_option)
@@ -120,7 +124,7 @@ module Committee
           request_operation.validate_request_parameter(params, headers, schema_validator_options)
           request_operation.validate_request_body(content_type, params, schema_validator_options)
         rescue => e
-          raise Committee::InvalidRequest.new(e.message)
+          raise Committee::InvalidRequest.new(e.message, original_error: e)
         end
 
         def response_validate_options(strict, check_header)

data/lib/committee/schema_validator/open_api_3/router.rb

@@ -22,8 +22,10 @@ module Committee
         end
 
         def operation_object(request)
+          return nil unless includes_request?(request)
+
           path = request.path
-          path = path.gsub(@prefix_regexp, '') if prefix_request?(request)
+          path = path.gsub(@prefix_regexp, '') if @prefix_regexp
 
           request_method = request.request_method.downcase
 

data/lib/committee/schema_validator/option.rb

@@ -21,12 +21,24 @@ module Committee
       # Non-boolean options:
       attr_reader :headers_key,
                   :params_key,
+                  :query_hash_key,
+                  :request_body_hash_key,
+                  :path_hash_key,
                   :prefix
 
       def initialize(options, schema, schema_type)
         # Non-boolean options
-        @headers_key         = options[:headers_key] || "committee.headers"
-        @params_key          = options[:params_key] || "committee.params"
+        @headers_key         = options[:headers_key]    || "committee.headers"
+        @params_key          = options[:params_key]     || "committee.params"
+        @query_hash_key      = if options[:query_hash_key].nil?
+          Committee.warn_deprecated('Committee: please set query_hash_key = rack.request.query_hash because we\'ll change default value in next major version.') 
+          'rack.request.query_hash'
+        else
+          options.fetch(:query_hash_key)
+        end
+        @path_hash_key      = options[:path_hash_key] || "committee.path_hash"
+        @request_body_hash_key = options[:request_body_hash_key] || "committee.request_body_hash"
+
         @prefix              = options[:prefix]
 
         # Boolean options and have a common value by default

data/lib/committee/test/methods.rb

@@ -3,27 +3,40 @@
 module Committee
   module Test
     module Methods
-      def assert_schema_conform
+      def assert_schema_conform(expected_status = nil)
         assert_request_schema_confirm unless old_behavior
-        assert_response_schema_confirm
+        assert_response_schema_confirm(expected_status)
       end
 
       def assert_request_schema_confirm
         unless schema_validator.link_exist?
-          request = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema."
+          request = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema (prefix: #{committee_options[:prefix].inspect})."
           raise Committee::InvalidRequest.new(request)
         end
 
         schema_validator.request_validate(request_object)
       end
 
-      def assert_response_schema_confirm
+      def assert_response_schema_confirm(expected_status = nil)
         unless schema_validator.link_exist?
-          response = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema."
+          response = "`#{request_object.request_method} #{request_object.path_info}` undefined in schema (prefix: #{committee_options[:prefix].inspect})."
           raise Committee::InvalidResponse.new(response)
         end
 
         status, headers, body = response_data
+
+        if expected_status.nil?
+          Committee.warn_deprecated('Pass expected response status code to check it against the corresponding schema explicitly.')
+        elsif expected_status != status
+          response = "Expected `#{expected_status}` status code, but it was `#{status}`."
+          raise Committee::InvalidResponse.new(response)
+        end
+
+        if schema_coverage
+          operation_object = router.operation_object(request_object)
+          schema_coverage&.update_response_coverage!(operation_object.original_path, operation_object.http_method, status)
+        end
+
         schema_validator.response_validate(status, headers, [body], true) if validate_response?(status)
       end
 
@@ -55,15 +68,18 @@ module Committee
         @schema_validator ||= router.build_schema_validator(request_object)
       end
 
+      def schema_coverage
+        return nil unless schema.is_a?(Committee::Drivers::OpenAPI3::Schema)
+
+        coverage = committee_options.fetch(:schema_coverage, nil)
+
+        coverage.is_a?(SchemaCoverage) ? coverage : nil
+      end
+
       def old_behavior
         old_assert_behavior = committee_options.fetch(:old_assert_behavior, nil)
         if old_assert_behavior.nil?
-          warn <<-MSG
-          [DEPRECATION] now assert_schema_conform check response schema only.
-            but we will change check request and response in future major version.
-            so if you want to conform response only, please use assert_response_schema_confirm,
-            or you can suppress this message and keep old behavior by setting old_assert_behavior=true.
-          MSG
+          Committee.warn_deprecated('Now assert_schema_conform check response schema only. but we will change check request and response in future major version. so if you want to conform response only, please use assert_response_schema_confirm, or you can suppress this message and keep old behavior by setting old_assert_behavior=true.')
           old_assert_behavior = true
         end
         old_assert_behavior

data/lib/committee/test/schema_coverage.rb

@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+
+module Committee
+  module Test
+    class SchemaCoverage
+      attr_reader :schema
+
+      class << self
+        def merge_report(first, second)
+          report = first.dup
+          second.each do |k, v|
+            if v.is_a?(Hash)
+              if report[k].nil?
+                report[k] = v
+              else
+                report[k] = merge_report(report[k], v)
+              end
+            else
+              report[k] ||= v
+            end
+          end
+          report
+        end
+
+        def flatten_report(report)
+          responses = []
+          report.each do |path_name, path_coverage|
+            path_coverage.each do |method, method_coverage|
+              responses_coverage = method_coverage['responses']
+              responses_coverage.each do |response_status, is_covered|
+                responses << {
+                  path: path_name,
+                  method: method,
+                  status: response_status,
+                  is_covered: is_covered,
+                }
+              end
+            end
+          end
+          {
+            responses: responses,
+          }
+        end
+      end
+
+      def initialize(schema)
+        raise 'Unsupported schema' unless schema.is_a?(Committee::Drivers::OpenAPI3::Schema)
+
+        @schema = schema
+        @covered = {}
+      end
+
+      def update_response_coverage!(path, method, response_status)
+        method = method.to_s.downcase
+        response_status = response_status.to_s
+
+        @covered[path] ||= {}
+        @covered[path][method] ||= {}
+        @covered[path][method]['responses'] ||= {}
+        @covered[path][method]['responses'][response_status] = true
+      end
+
+      def report
+        report = {}
+
+        schema.open_api.paths.path.each do |path_name, path_item|
+          report[path_name] = {}
+          path_item._openapi_all_child_objects.each do |object_name, object|
+            next unless object.is_a?(OpenAPIParser::Schemas::Operation)
+
+            method = object_name.split('/').last&.downcase
+            next unless method
+
+            report[path_name][method] ||= {}
+
+            # TODO: check coverage on request params/body as well?
+
+            report[path_name][method]['responses'] ||= {}
+            object.responses.response.each do |response_status, _|
+              is_covered = @covered.dig(path_name, method, 'responses', response_status) || false
+              report[path_name][method]['responses'][response_status] = is_covered
+            end
+            if object.responses.default
+              is_default_covered = (@covered.dig(path_name, method, 'responses') || {}).any? do |status, is_covered|
+                is_covered && !object.responses.response.key?(status)
+              end
+              report[path_name][method]['responses']['default'] = is_default_covered
+            end
+          end
+        end
+
+        report
+      end
+
+      def report_flatten
+        self.class.flatten_report(report)
+      end
+    end
+  end
+end
+

data/lib/committee/utils.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module Committee
+    module Utils
+        # Creates a Hash with indifferent access.
+        #
+        # (Copied from Sinatra)
+        def self.indifferent_hash
+            Hash.new { |hash,key| hash[key.to_s] if Symbol === key }
+        end
+
+        def self.deep_copy(from)
+            if from.is_a?(Hash)
+                h = Committee::Utils.indifferent_hash
+                from.each_pair do |k, v|
+                h[k] = deep_copy(v)
+                end
+                return h
+            end
+
+            if from.is_a?(Array)
+                return from.map{ |v| deep_copy(v) }
+            end
+
+            return from
+        end
+    end
+end

data/lib/committee/validation_error.rb

@@ -2,12 +2,13 @@
 
 module Committee
   class ValidationError
-    attr_reader :id, :message, :status
+    attr_reader :id, :message, :status, :request
 
-    def initialize(status, id, message)
+    def initialize(status, id, message, request = nil)
       @status = status
       @id = id
       @message = message
+      @request = request
     end
 
     def error_body

data/test/committee_test.rb

@@ -42,7 +42,7 @@ describe Committee do
 
       $VERBOSE = true
       Committee.warn_deprecated "blah"
-      assert_equal "blah\n", $stderr.string
+      assert_equal "[DEPRECATION] blah\n", $stderr.string
     ensure
       $stderr = old_stderr
       $VERBOSE = old_verbose

data/test/middleware/request_validation_open_api_3_test.rb

@@ -34,11 +34,27 @@ describe Committee::Middleware::RequestValidation do
     params = { "datetime_string" => "2016-04-01T16:00:00.000+09:00" }
 
     check_parameter = lambda { |env|
+      assert_equal DateTime, env['committee.query_hash']["datetime_string"].class
+      assert_equal String, env['rack.request.query_hash']["datetime_string"].class
+      [200, {}, []]
+    }
+
+    @app = new_rack_app_with_lambda(check_parameter, schema: open_api_3_schema, coerce_date_times: true, query_hash_key: "committee.query_hash")
+
+    get "/string_params_coercer", params
+    assert_equal 200, last_response.status
+  end
+
+  it "passes given a datetime and with coerce_date_times enabled on GET endpoint overwrite query_hash" do
+    params = { "datetime_string" => "2016-04-01T16:00:00.000+09:00" }
+
+    check_parameter = lambda { |env|
+      assert_equal nil, env['committee.query_hash']
       assert_equal DateTime, env['rack.request.query_hash']["datetime_string"].class
       [200, {}, []]
     }
 
-    @app = new_rack_app_with_lambda(check_parameter, schema: open_api_3_schema, coerce_date_times: true)
+    @app = new_rack_app_with_lambda(check_parameter, schema: open_api_3_schema, coerce_date_times: true, query_hash_key: "rack.request.query_hash")
 
     get "/string_params_coercer", params
     assert_equal 200, last_response.status
@@ -154,7 +170,8 @@ describe Committee::Middleware::RequestValidation do
     }
 
     check_parameter = lambda { |env|
-      hash = env['rack.request.query_hash']
+      # hash = env["committee.query_hash"] # 5.0.x-
+      hash = env["rack.request.query_hash"]
       assert_equal DateTime, hash['nested_array'].first['update_time'].class
       assert_equal 1, hash['nested_array'].first['per_page']
 
@@ -331,7 +348,7 @@ describe Committee::Middleware::RequestValidation do
       get "/coerce_path_params/#{not_an_integer}", nil
     end
 
-    assert_match(/expected integer, but received String: abc/i, e.message)
+    assert_match(/expected integer, but received String: \"abc\"/i, e.message)
   end
 
   it "optionally raises an error" do
@@ -360,7 +377,8 @@ describe Committee::Middleware::RequestValidation do
 
   it "passes through a valid request for OpenAPI3" do
     check_parameter = lambda { |env|
-      assert_equal 3, env['rack.request.query_hash']['limit']
+      # assert_equal 3, env['committee.query_hash']['limit'] #5.0.x-
+      assert_equal 3, env['rack.request.query_hash']['limit'] #5.0.x-
       [200, {}, []]
     }
 
@@ -374,7 +392,7 @@ describe Committee::Middleware::RequestValidation do
     get "/characters?limit=foo"
 
     assert_equal 400, last_response.status
-    assert_match(/expected integer, but received String: foo/i, last_response.body)
+    assert_match(/expected integer, but received String: \\"foo\\"/i, last_response.body)
   end
 
   it "ignores errors when ignore_error: true" do
@@ -394,6 +412,51 @@ describe Committee::Middleware::RequestValidation do
     get "/coerce_path_params/1"
   end
 
+  it "corce string and save path hash" do
+    @app = new_rack_app_with_lambda(lambda do |env|
+      assert_equal env['committee.params']['integer'], 21
+      assert_equal env['committee.params'][:integer], 21
+      assert_equal env['committee.path_hash']['integer'], 21
+      assert_equal env['committee.path_hash'][:integer], 21
+      [204, {}, []]
+    end, schema: open_api_3_schema)
+
+    header "Content-Type", "application/json"
+    post '/parameter_option_test/21'
+    assert_equal 204, last_response.status
+  end
+
+  it "corce string and save request body hash" do
+    @app = new_rack_app_with_lambda(lambda do |env|
+      assert_equal env['committee.params']['integer'], 21 # use path parameter
+      assert_equal env['committee.params'][:integer], 21
+      assert_equal env['committee.request_body_hash']['integer'], 42
+      assert_equal env['committee.request_body_hash'][:integer], 42
+      [204, {}, []]
+    end, schema: open_api_3_schema)
+
+    params = {integer: 42}
+
+    header "Content-Type", "application/json"
+    post '/parameter_option_test/21', JSON.generate(params)
+    assert_equal 204, last_response.status
+  end
+
+  it "unpacker test" do
+    @app = new_rack_app_with_lambda(lambda do |env|
+      assert_equal env['committee.params']['integer'], 42
+      assert_equal env['committee.params'][:integer], 42
+      # overwrite by request body...
+      assert_equal env['rack.request.query_hash']['integer'], 42
+      # assert_equal env['rack.request.query_hash'][:integer], 42
+      [204, {}, []]
+    end, schema: open_api_3_schema, raise: true)
+
+    header "Content-Type", "application/x-www-form-urlencoded"
+    post '/validate?integer=21', "integer=42"
+    assert_equal 204, last_response.status
+  end
+
   it "OpenAPI3 raise not support method" do
     @app = new_rack_app(schema: open_api_3_schema)
 
@@ -408,7 +471,7 @@ describe Committee::Middleware::RequestValidation do
     [
       { check_header: true, description: 'valid value', value: 1, expected: { status: 200 } },
       { check_header: true, description: 'missing value', value: nil, expected: { status: 400, error: 'missing required parameters: integer' } },
-      { check_header: true, description: 'invalid value', value: 'x', expected: { status: 400, error: 'expected integer, but received String: x' } },
+      { check_header: true, description: 'invalid value', value: 'x', expected: { status: 400, error: 'expected integer, but received String: \\"x\\"' } },
 
       { check_header: false, description: 'valid value', value: 1, expected: { status: 200 } },
       { check_header: false, description: 'missing value', value: nil, expected: { status: 200 } },
@@ -457,6 +520,16 @@ describe Committee::Middleware::RequestValidation do
     end
   end
 
+  it 'does not suppress application error' do
+    @app = new_rack_app_with_lambda(lambda { |_|
+      JSON.load('-') # invalid json
+    }, schema: open_api_3_schema, raise: true)
+
+    assert_raises(JSON::ParserError) do
+      get "/error", nil
+    end
+  end
+
   private
 
   def new_rack_app(options = {})