committee 4.4.0 → 5.0.0

data/test/drivers_test.rb

@@ -37,20 +37,33 @@ describe Committee::Drivers do
     end
 
     it 'loads OpenAPI 3' do
-      s = Committee::Drivers.load_from_file(open_api_3_schema_path)
+      s = Committee::Drivers.load_from_file(open_api_3_schema_path, parser_options:{strict_reference_validation: true})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::OpenAPI3::Schema, s
     end
 
     it 'load OpenAPI 3 (patch version 3.0.1)' do
-      s = Committee::Drivers.load_from_file(open_api_3_0_1_schema_path)
+      s = Committee::Drivers.load_from_file(open_api_3_0_1_schema_path, parser_options:{strict_reference_validation: true})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::OpenAPI3::Schema, s
     end
 
+    it 'fails to load OpenAPI 3 with invalid reference' do
+      parser_options = { strict_reference_validation: true }
+      assert_raises(OpenAPIParser::MissingReferenceError) do
+        Committee::Drivers.load_from_file(open_api_3_invalid_reference_path, parser_options: parser_options)
+      end
+    end
+
+    # This test can be removed when the test above (raising on invalid reference) becomes default behavior?
+    it 'allows loading OpenAPI 3 with invalid reference as existing behavior' do
+      s = Committee::Drivers.load_from_file(open_api_3_invalid_reference_path, parser_options:{strict_reference_validation: false})
+      assert_kind_of Committee::Drivers::OpenAPI3::Schema, s
+    end
+
     it 'errors on an unsupported file extension' do
       e = assert_raises(StandardError) do
-        Committee::Drivers.load_from_file('test.xml')
+        Committee::Drivers.load_from_file('test.xml', parser_options:{strict_reference_validation: true})
       end
       assert_equal "Committee only supports the following file extensions: '.json', '.yaml', '.yml'", e.message
     end
@@ -58,13 +71,13 @@ describe Committee::Drivers do
 
   describe 'load_from_json(schema_path)' do
     it 'loads OpenAPI2' do
-      s = Committee::Drivers.load_from_json(open_api_2_schema_path)
+      s = Committee::Drivers.load_from_json(open_api_2_schema_path, parser_options:{strict_reference_validation: true})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::OpenAPI2::Schema, s
     end
 
     it 'loads Hyper-Schema' do
-      s = Committee::Drivers.load_from_json(hyper_schema_schema_path)
+      s = Committee::Drivers.load_from_json(hyper_schema_schema_path, parser_options:{strict_reference_validation: true})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::HyperSchema::Schema, s
     end
@@ -72,7 +85,7 @@ describe Committee::Drivers do
 
   describe 'load_from_yaml(schema_path)' do
     it 'loads OpenAPI3' do
-      s = Committee::Drivers.load_from_yaml(open_api_3_schema_path)
+      s = Committee::Drivers.load_from_yaml(open_api_3_schema_path, parser_options:{strict_reference_validation: true})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::OpenAPI3::Schema, s
     end
@@ -80,7 +93,7 @@ describe Committee::Drivers do
 
   describe 'load_from_data(schema_path)' do
     it 'loads OpenAPI3' do
-      s = Committee::Drivers.load_from_data(open_api_3_data)
+      s = Committee::Drivers.load_from_data(open_api_3_data, parser_options:{strict_reference_validation: false})
       assert_kind_of Committee::Drivers::Schema, s
       assert_kind_of Committee::Drivers::OpenAPI3::Schema, s
     end

data/test/middleware/base_test.rb

@@ -102,21 +102,14 @@ describe Committee::Middleware::Base do
   end
 
   describe 'initialize option' do
-    it "schema_path option with hyper-schema" do
-      # TODO: delete when 5.0.0 released because default value changed
-      b = Committee::Middleware::Base.new(nil, schema_path: hyper_schema_schema_path, parse_response_by_content_type: false)
-      assert_kind_of Committee::Drivers::HyperSchema::Schema, b.instance_variable_get(:@schema)
+    it "accepts OpenAPI3 parser config of strict_reference_validation and raises" do
+      assert_raises(OpenAPIParser::MissingReferenceError) do
+        Committee::Middleware::Base.new(nil, schema_path: open_api_3_invalid_reference_path, strict_reference_validation: true)
+      end
     end
 
-    it "schema_path option with OpenAPI2" do
-      # TODO: delete when 5.0.0 released because default value changed
-      b = Committee::Middleware::Base.new(nil, schema_path: open_api_2_schema_path, parse_response_by_content_type: false)
-      assert_kind_of Committee::Drivers::OpenAPI2::Schema, b.instance_variable_get(:@schema)
-    end
-
-    it "schema_path option with OpenAPI3" do
-      # TODO: delete when 5.0.0 released because default value changed
-      b = Committee::Middleware::Base.new(nil, schema_path: open_api_3_schema_path, parse_response_by_content_type: false)
+    it "does not raise by default even with invalid reference OpenAPI3 specification" do
+      b = Committee::Middleware::Base.new(nil, schema_path: open_api_3_invalid_reference_path, strict_reference_validation: false)
       assert_kind_of Committee::Drivers::OpenAPI3::Schema, b.instance_variable_get(:@schema)
     end
   end

data/test/middleware/request_validation_open_api_3_test.rb

@@ -34,12 +34,12 @@ describe Committee::Middleware::RequestValidation do
     params = { "datetime_string" => "2016-04-01T16:00:00.000+09:00" }
 
     check_parameter = lambda { |env|
-      assert_equal DateTime, env['committee.query_hash']["datetime_string"].class
+      assert_equal DateTime, env['test.query_hash']["datetime_string"].class
       assert_equal String, env['rack.request.query_hash']["datetime_string"].class
       [200, {}, []]
     }
 
-    @app = new_rack_app_with_lambda(check_parameter, schema: open_api_3_schema, coerce_date_times: true, query_hash_key: "committee.query_hash")
+    @app = new_rack_app_with_lambda(check_parameter, schema: open_api_3_schema, coerce_date_times: true, query_hash_key: "test.query_hash")
 
     get "/string_params_coercer", params
     assert_equal 200, last_response.status
@@ -49,7 +49,7 @@ describe Committee::Middleware::RequestValidation do
     params = { "datetime_string" => "2016-04-01T16:00:00.000+09:00" }
 
     check_parameter = lambda { |env|
-      assert_equal nil, env['committee.query_hash']
+      assert_nil env['committee.query_hash']
       assert_equal DateTime, env['rack.request.query_hash']["datetime_string"].class
       [200, {}, []]
     }
@@ -65,7 +65,7 @@ describe Committee::Middleware::RequestValidation do
 
     @app = new_rack_app(schema: open_api_3_schema, allow_get_body: true)
 
-    get "/get_endpoint_with_requered_parameter", { no_problem: true }, { input: params.to_json }
+    get "/get_endpoint_with_required_parameter", { no_problem: true }, { input: params.to_json }
     assert_equal 200, last_response.status
   end
 
@@ -74,7 +74,7 @@ describe Committee::Middleware::RequestValidation do
 
     @app = new_rack_app(schema: open_api_3_schema, allow_get_body: false)
 
-    get "/get_endpoint_with_requered_parameter", { no_problem: true }, { input: params.to_json }
+    get "/get_endpoint_with_required_parameter", { no_problem: true }, { input: params.to_json }
     assert_equal 400, last_response.status
   end
 
@@ -170,8 +170,7 @@ describe Committee::Middleware::RequestValidation do
     }
 
     check_parameter = lambda { |env|
-      # hash = env["committee.query_hash"] # 5.0.x-
-      hash = env["rack.request.query_hash"]
+      hash = env["committee.query_hash"]
       assert_equal DateTime, hash['nested_array'].first['update_time'].class
       assert_equal 1, hash['nested_array'].first['per_page']
 
@@ -377,8 +376,7 @@ describe Committee::Middleware::RequestValidation do
 
   it "passes through a valid request for OpenAPI3" do
     check_parameter = lambda { |env|
-      # assert_equal 3, env['committee.query_hash']['limit'] #5.0.x-
-      assert_equal 3, env['rack.request.query_hash']['limit'] #5.0.x-
+      assert_equal 3, env['committee.query_hash']['limit'] #5.0.x-
       [200, {}, []]
     }
 
@@ -412,43 +410,121 @@ describe Committee::Middleware::RequestValidation do
     get "/coerce_path_params/1"
   end
 
-  it "corce string and save path hash" do
-    @app = new_rack_app_with_lambda(lambda do |env|
-      assert_equal env['committee.params']['integer'], 21
-      assert_equal env['committee.params'][:integer], 21
-      assert_equal env['committee.path_hash']['integer'], 21
-      assert_equal env['committee.path_hash'][:integer], 21
-      [204, {}, []]
-    end, schema: open_api_3_schema)
+  describe "overwrite same parameter (old rule)" do
+    # (high priority) path_hash_key -> request_body_hash -> query_param
+    it "set query parameter to committee.params and query hash" do
+      @app = new_rack_app_with_lambda(lambda do |env|
+        assert_equal env['committee.params']['integer'], 42
+        assert_equal env['committee.params'][:integer], 42
+        assert_equal env['committee.query_hash']['integer'], 42
+        #assert_equal env['rack.request.query_hash'][:integer], 42 # this isn't hash indifferent hash because we use rack.request.query_hash
+        [204, {}, []]
+      end, schema: open_api_3_schema, parameter_overwite_by_rails_rule: false)
+
+      header "Content-Type", "application/json"
+      post '/overwrite_same_parameter?integer=42'
+      assert_equal 204, last_response.status
+    end
 
-    header "Content-Type", "application/json"
-    post '/parameter_option_test/21'
-    assert_equal 204, last_response.status
+    it "request body precedence over query parameter" do
+      @app = new_rack_app_with_lambda(lambda do |env|
+        assert_equal env['committee.params']['integer'], 21
+        assert_equal env['committee.params'][:integer], 21
+        assert_equal env['committee.request_body_hash']['integer'], 21
+        assert_equal env['committee.request_body_hash'][:integer], 21
+        assert_equal env['committee.query_hash']['integer'], 42
+        [204, {}, []]
+      end, schema: open_api_3_schema, parameter_overwite_by_rails_rule: false)
+
+      params = {integer: 21}
+
+      header "Content-Type", "application/json"
+      post '/overwrite_same_parameter?integer=42', JSON.generate(params)
+      assert_equal 204, last_response.status
+    end
+
+    it "path parameter precedence over request body" do
+      @app = new_rack_app_with_lambda(lambda do |env|
+        assert_equal env['committee.params']['integer'], 84
+        assert_equal env['committee.params'][:integer], 84
+        assert_equal env['committee.path_hash']['integer'], 84
+        assert_equal env['committee.path_hash'][:integer], 84
+        assert_equal env['committee.request_body_hash']['integer'], 21
+        assert_equal env['committee.request_body_hash'][:integer], 21
+        assert_equal env['committee.query_hash']['integer'], 84 # we can't use query_parameter :(
+        #assert_equal env['rack.request.query_hash'][:integer], 21 # this isn't hash indifferent hash because we use rack.request.query_hash
+        [204, {}, []]
+      end, schema: open_api_3_schema, parameter_overwite_by_rails_rule: false)
+
+      params = {integer: 21}
+
+      header "Content-Type", "application/json"
+      post '/overwrite_same_parameter/84?integer=42', JSON.generate(params)
+      assert_equal 204, last_response.status
+    end
   end
 
-  it "corce string and save request body hash" do
-    @app = new_rack_app_with_lambda(lambda do |env|
-      assert_equal env['committee.params']['integer'], 21 # use path parameter
-      assert_equal env['committee.params'][:integer], 21
-      assert_equal env['committee.request_body_hash']['integer'], 42
-      assert_equal env['committee.request_body_hash'][:integer], 42
-      [204, {}, []]
-    end, schema: open_api_3_schema)
+  describe "overwrite same parameter (new rule and seme to Rails)" do
+    # (high priority) path_hash_key -> query_param -> request_body_hash
+    it "set request body to committee.params and query hash" do
+      @app = new_rack_app_with_lambda(lambda do |env|
+        assert_equal env['committee.params']['integer'], 21
+        assert_equal env['committee.params'][:integer], 21
+        assert_equal env['committee.request_body_hash']['integer'], 21
+        assert_equal env['committee.request_body_hash'][:integer], 21
+        [204, {}, []]
+      end, schema: open_api_3_schema)
 
-    params = {integer: 42}
+      params = {integer: 21}
 
-    header "Content-Type", "application/json"
-    post '/parameter_option_test/21', JSON.generate(params)
-    assert_equal 204, last_response.status
+      header "Content-Type", "application/json"
+      post '/overwrite_same_parameter', JSON.generate(params)
+      assert_equal 204, last_response.status
+    end
+
+    it "query parameter precedence over request body" do
+      @app = new_rack_app_with_lambda(lambda do |env|
+        assert_equal env['committee.params']['integer'], 42
+        assert_equal env['committee.params'][:integer], 42
+        assert_equal env['committee.request_body_hash']['integer'], 21
+        assert_equal env['committee.request_body_hash'][:integer], 21
+        assert_equal env['committee.query_hash']['integer'], 42
+        [204, {}, []]
+      end, schema: open_api_3_schema)
+
+      params = {integer: 21}
+
+      header "Content-Type", "application/json"
+      post '/overwrite_same_parameter?integer=42', JSON.generate(params)
+      assert_equal 204, last_response.status
+    end
+
+    it "path path parameter precedence over query parameter" do
+      @app = new_rack_app_with_lambda(lambda do |env|
+        assert_equal env['committee.params']['integer'], 84
+        assert_equal env['committee.params'][:integer], 84
+        assert_equal env['committee.request_body_hash']['integer'], 21
+        assert_equal env['committee.request_body_hash'][:integer], 21
+        assert_equal env['committee.query_hash']['integer'], 84 # we can't use query_parameter :(
+        assert_equal env['committee.path_hash']['integer'], 84
+        assert_equal env['committee.path_hash'][:integer], 84
+        [204, {}, []]
+      end, schema: open_api_3_schema)
+
+      params = {integer: 21}
+
+      header "Content-Type", "application/json"
+      post '/overwrite_same_parameter/84?integer=42', JSON.generate(params)
+      assert_equal 204, last_response.status
+    end
   end
 
   it "unpacker test" do
     @app = new_rack_app_with_lambda(lambda do |env|
-      assert_equal env['committee.params']['integer'], 42
-      assert_equal env['committee.params'][:integer], 42
-      # overwrite by request body...
-      assert_equal env['rack.request.query_hash']['integer'], 42
-      # assert_equal env['rack.request.query_hash'][:integer], 42
+      assert_equal '21', env['committee.params']['integer'] # query parameter has precedence
+      assert_equal '21', env['committee.params'][:integer]
+      assert_equal '21', env['rack.request.query_hash']['integer']
+      assert_equal 42, env['committee.request_body_hash']['integer']
       [204, {}, []]
     end, schema: open_api_3_schema, raise: true)
 
@@ -461,11 +537,11 @@ describe Committee::Middleware::RequestValidation do
     @app = new_rack_app(schema: open_api_3_schema)
 
     e = assert_raises(RuntimeError) {
-      head "/characters", {}
+      custom_request('TRACE', "/characters")
     }
 
-    assert_equal 'Committee OpenAPI3 not support head method', e.message
-  end
+    assert_equal 'Committee OpenAPI3 not support trace method', e.message
+  end  
 
   describe 'check header' do
     [
@@ -482,7 +558,7 @@ describe Committee::Middleware::RequestValidation do
       value = h[:value]
       expected = h[:expected]
       describe "when #{check_header}" do
-        %w(get post put patch delete).each do |method|
+        %w(get post put patch delete options).each do |method|
           describe method do
             describe description do
               it (expected[:error].nil? ? 'should pass' : 'should fail') do

data/test/middleware/request_validation_test.rb

@@ -306,21 +306,6 @@ describe Committee::Middleware::RequestValidation do
     assert_equal 200, last_response.status
   end
 
-  it "calls error_handler (has a arg) when request is invalid" do
-    called_err = nil
-    pr = ->(e) { called_err = e }
-    @app = new_rack_app(schema: hyper_schema, error_handler: pr)
-    header "Content-Type", "application/json"
-    params = {
-      "name" => 1
-    }
-    _, err = capture_io do
-      post "/apps", JSON.generate(params)
-    end
-    assert_kind_of Committee::InvalidRequest, called_err
-    assert_match(/\[DEPRECATION\]/i, err)
-  end
-
   it "calls error_handler (has two args) when request is invalid" do
     called_err = nil
     pr = ->(e, _env) { called_err = e }
@@ -341,18 +326,6 @@ describe Committee::Middleware::RequestValidation do
     assert_match(/valid json/i, last_response.body)
   end
 
-  it "calls error_handler (has a arg) when it rescues JSON errors" do
-    called_err = nil
-    pr = ->(e) { called_err = e }
-    @app = new_rack_app(schema: hyper_schema, error_handler: pr)
-    header "Content-Type", "application/json"
-    _, err = capture_io do
-      post "/apps", "{x:y}"
-    end
-    assert_kind_of JSON::ParserError, called_err
-    assert_match(/\[DEPRECATION\]/i, err)
-  end
-
   it "calls error_handler (has two args) when it rescues JSON errors" do
     called_err = nil
     pr = ->(e, _env) { called_err = e }
@@ -435,7 +408,7 @@ describe Committee::Middleware::RequestValidation do
     assert_equal 200, last_response.status
   end
 
-  it "corce form params" do
+  it "coerce form params" do
     check_parameter = lambda { |env|
       assert_equal 3, env['committee.params']['age']
       assert_equal 3, env['committee.request_body_hash']['age']

data/test/middleware/response_validation_open_api_3_test.rb

@@ -64,6 +64,12 @@ describe Committee::Middleware::ResponseValidation do
     assert_equal 204, last_response.status
   end
 
+  it "passes through a 304 (not modified) response" do
+    @app = new_response_rack("", {}, {schema: open_api_3_schema}, {status: 304})
+    post "/validate"
+    assert_equal 304, last_response.status
+  end
+
   it "passes through a valid response with prefix" do
     @app = new_response_rack(JSON.generate(CHARACTERS_RESPONSE), {}, schema: open_api_3_schema, prefix: "/v1")
     get "/v1/characters"
@@ -86,7 +92,7 @@ describe Committee::Middleware::ResponseValidation do
     end
   end
 
-  it "not parameter requset" do
+  it "not parameter request" do
     @app = new_response_rack({integer: '1'}.to_json, {}, schema: open_api_3_schema, raise: true)
 
     assert_raises(Committee::InvalidResponse) do
@@ -136,7 +142,7 @@ describe Committee::Middleware::ResponseValidation do
       header = h[:header]
       expected = h[:expected]
       describe "when #{check_header}" do
-        %w(get post put patch delete).each do |method|
+        %w(get post put patch delete options).each do |method|
           describe method do
             describe description do
               if expected[:error].nil?
@@ -228,6 +234,42 @@ describe Committee::Middleware::ResponseValidation do
     end
   end
 
+  it "strict and invalid status" do    
+    @app = new_response_rack(JSON.generate(CHARACTERS_RESPONSE), {}, {schema: open_api_3_schema, strict: true}, {status: 201})
+    get "/characters"
+    assert_equal 500, last_response.status
+  end
+
+  it "strict and invalid status with raise" do
+    @app = new_response_rack(JSON.generate(CHARACTERS_RESPONSE), {}, {schema: open_api_3_schema, strict: true, raise: true}, {status: 201})
+
+    assert_raises(Committee::InvalidResponse) do
+      get "/characters"
+    end
+  end
+
+  it "strict and invalid content type" do
+    @app = new_response_rack("abc", 
+      {}, 
+      {schema: open_api_3_schema, strict: true},
+      {content_type: 'application/text'}
+    )
+    get "/characters"
+    assert_equal 500, last_response.status
+  end
+
+  it "strict and invalid content type with raise" do
+    @app = new_response_rack("abc",
+      {},
+      {schema: open_api_3_schema, strict: true, raise: true},
+      {content_type: 'application/text'}
+    )
+
+    assert_raises(Committee::InvalidResponse) do
+      get "/characters"
+    end
+  end
+
   private
 
   def new_response_rack(response, headers = {}, options = {}, rack_options = {})
@@ -235,8 +277,9 @@ describe Committee::Middleware::ResponseValidation do
     options[:parse_response_by_content_type] = true if options[:parse_response_by_content_type] == nil
 
     status = rack_options[:status] || 200
+    content_type = rack_options[:content_type] || "application/json"
     headers = {
-      "Content-Type" => "application/json"
+      "Content-Type" => content_type
     }.merge(headers)
     Rack::Builder.new {
       use Committee::Middleware::ResponseValidation, options

data/test/middleware/response_validation_test.rb

@@ -85,6 +85,12 @@ describe Committee::Middleware::ResponseValidation do
     assert_equal 204, last_response.status
   end
 
+  it "passes through a 304 (not modified) response" do
+    @app = new_rack_app("", {}, app_status: 304, schema: hyper_schema)
+    get "/apps"
+    assert_equal 304, last_response.status
+  end
+
   it "skip validation when 4xx" do
     @app = new_rack_app("[{x:y}]", {}, schema: hyper_schema, validate_success_only: true, app_status: 400)
     get "/apps"
@@ -99,17 +105,6 @@ describe Committee::Middleware::ResponseValidation do
     assert_match(/valid json/i, last_response.body)
   end
 
-  it "calls error_handler (has a arg) when it rescues JSON errors" do
-    called_err = nil
-    pr = ->(e) { called_err = e }
-    @app = new_rack_app("[{x:y}]", {}, schema: hyper_schema, error_handler: pr)
-    _, err = capture_io do
-      get "/apps"
-    end
-    assert_kind_of JSON::ParserError, called_err
-    assert_match(/\[DEPRECATION\]/i, err)
-  end
-
   it "calls error_handler (has two args) when it rescues JSON errors" do
     called_err = nil
     pr = ->(e, _env) { called_err = e }
@@ -132,20 +127,6 @@ describe Committee::Middleware::ResponseValidation do
     end
   end
 
-  it "calls error_handler (has a arg) when it rescues JSON errors" do
-    called_err = nil
-    pr = ->(e) { called_err = e }
-    @app = new_rack_app("[{x:y}]", {}, raise: true, schema: hyper_schema, error_handler: pr)
-    assert_raises(Committee::InvalidResponse) do
-      _, err = capture_io do
-        get "/apps"
-      end
-
-      assert_kind_of JSON::ParserError, called_err
-      assert_match(/\[DEPRECATION\]/i, err)
-    end
-  end
-
   it "calls error_handler (has two args) when it rescues JSON errors" do
     called_err = nil
     pr = ->(e, _env) { called_err = e }

data/test/schema_validator/hyper_schema/response_validator_test.rb

@@ -38,6 +38,11 @@ describe Committee::SchemaValidator::HyperSchema::ResponseValidator do
     call
   end
 
+  it "passes through a 304 Not Modified response" do
+    @status, @headers, @data = 304, {}, nil
+    call
+  end
+
   it "passes through a valid list response for for rel instances links" do
     @link = @list_link
 
@@ -91,6 +96,11 @@ describe Committee::SchemaValidator::HyperSchema::ResponseValidator do
     call
   end
 
+  it "allows no Content-Type for 304 Not Modified" do
+    @status, @headers = 304, {}
+    call
+  end
+
   it "raises errors generated by json_schema" do
     @data.merge!("name" => "%@!")
     e = assert_raises(Committee::InvalidResponse) { call }

data/test/schema_validator/hyper_schema/string_params_coercer_test.rb

@@ -11,7 +11,7 @@ describe Committee::SchemaValidator::HyperSchema::StringParamsCoercer do
   end
 
   it "doesn't coerce params not in the schema" do
-    check_convert("onwer", "admin", "admin")
+    check_convert("owner", "admin", "admin")
   end
 
   it "skips values for string param" do