committee 5.2.0 → 5.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/committee/request_unpacker.rb +5 -1
- data/lib/committee/schema_validator/hyper_schema/response_validator.rb +14 -4
- data/lib/committee/schema_validator/hyper_schema.rb +1 -1
- data/lib/committee/schema_validator/open_api_3.rb +1 -1
- data/lib/committee/schema_validator/option.rb +12 -3
- data/lib/committee/version.rb +1 -1
- data/test/middleware/request_validation_open_api_3_test.rb +3 -3
- data/test/middleware/response_validation_test.rb +23 -0
- metadata +18 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f5faf4c2afbd4a226b5d7623150db5f5869f0ce2956ca4a81f202b1e015b48ed
|
4
|
+
data.tar.gz: 3e9e8ac314318d9c550820699b89e0ea1dffca1b4571c0d0551341d4f36208ae
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 727bda44ff877fbb9f6ce59b18c2a4dcff658fdf26f8dc8fa5e74d14d38b41f889ba611cc750e5010d8388eb27a605fa0b53724dfda7d74427df16104fb45103
|
7
|
+
data.tar.gz: 981548a85d07a247ffaa9a03a85daad03857d2fe8538d8d8c99b645f1919b35067a84757f042403f5335b22481c994c9b24cf2fef235c45d1dfb914de16e525b
|
@@ -46,7 +46,11 @@ module Committee
|
|
46
46
|
if @allow_form_params && %w[application/x-www-form-urlencoded multipart/form-data].include?(request.media_type)
|
47
47
|
# Actually, POST means anything in the request body, could be from
|
48
48
|
# PUT or PATCH too. Silly Rack.
|
49
|
-
|
49
|
+
begin
|
50
|
+
return [request.POST, true] if request.POST
|
51
|
+
ensure
|
52
|
+
request.body.rewind
|
53
|
+
end
|
50
54
|
end
|
51
55
|
|
52
56
|
[{}, false]
|
@@ -4,11 +4,12 @@ module Committee
|
|
4
4
|
module SchemaValidator
|
5
5
|
class HyperSchema
|
6
6
|
class ResponseValidator
|
7
|
-
attr_reader :validate_success_only
|
7
|
+
attr_reader :allow_blank_structures, :validate_success_only
|
8
8
|
|
9
9
|
def initialize(link, options = {})
|
10
10
|
@link = link
|
11
11
|
@validate_success_only = options[:validate_success_only]
|
12
|
+
@allow_blank_structures = options[:allow_blank_structures]
|
12
13
|
|
13
14
|
@validator = JsonSchema::Validator.new(target_schema(link))
|
14
15
|
end
|
@@ -39,9 +40,18 @@ module Committee
|
|
39
40
|
return if data == nil
|
40
41
|
end
|
41
42
|
|
42
|
-
if Committee::
|
43
|
-
|
44
|
-
|
43
|
+
if allow_blank_structures && @link.is_a?(Committee::Drivers::OpenAPI2::Link) && !@link.target_schema
|
44
|
+
return if data.nil?
|
45
|
+
end
|
46
|
+
|
47
|
+
begin
|
48
|
+
if Committee::Middleware::ResponseValidation.validate?(status, validate_success_only) && !@validator.validate(data)
|
49
|
+
errors = JsonSchema::SchemaError.aggregate(@validator.errors).join("\n")
|
50
|
+
raise InvalidResponse, "Invalid response.\n\n#{errors}"
|
51
|
+
end
|
52
|
+
rescue => e
|
53
|
+
raise InvalidResponse, "Invalid response.\n\nschema is undefined" if /undefined method .all_of. for nil/ =~ e.message
|
54
|
+
raise e
|
45
55
|
end
|
46
56
|
end
|
47
57
|
|
@@ -33,7 +33,7 @@ module Committee
|
|
33
33
|
data = JSON.parse(full_body) if parse_to_json
|
34
34
|
end
|
35
35
|
|
36
|
-
Committee::SchemaValidator::HyperSchema::ResponseValidator.new(link, validate_success_only: validator_option.validate_success_only).call(status, headers, data)
|
36
|
+
Committee::SchemaValidator::HyperSchema::ResponseValidator.new(link, validate_success_only: validator_option.validate_success_only, allow_blank_structures: validator_option.allow_blank_structures).call(status, headers, data)
|
37
37
|
end
|
38
38
|
|
39
39
|
def link_exist?
|
@@ -97,7 +97,7 @@ module Committee
|
|
97
97
|
end
|
98
98
|
|
99
99
|
def copy_coerced_data_to_params(request)
|
100
|
-
order = if validator_option.
|
100
|
+
order = if validator_option.parameter_overwrite_by_rails_rule
|
101
101
|
# (high priority) path_hash_key -> query_param -> request_body_hash
|
102
102
|
[validator_option.request_body_hash_key, validator_option.query_hash_key, validator_option.path_hash_key]
|
103
103
|
else
|
@@ -4,7 +4,8 @@ module Committee
|
|
4
4
|
module SchemaValidator
|
5
5
|
class Option
|
6
6
|
# Boolean Options
|
7
|
-
attr_reader :
|
7
|
+
attr_reader :allow_blank_structures,
|
8
|
+
:allow_form_params,
|
8
9
|
:allow_get_body,
|
9
10
|
:allow_query_params,
|
10
11
|
:check_content_type,
|
@@ -17,7 +18,7 @@ module Committee
|
|
17
18
|
:optimistic_json,
|
18
19
|
:validate_success_only,
|
19
20
|
:parse_response_by_content_type,
|
20
|
-
:
|
21
|
+
:parameter_overwrite_by_rails_rule
|
21
22
|
|
22
23
|
# Non-boolean options:
|
23
24
|
attr_reader :headers_key,
|
@@ -38,6 +39,7 @@ module Committee
|
|
38
39
|
@prefix = options[:prefix]
|
39
40
|
|
40
41
|
# Boolean options and have a common value by default
|
42
|
+
@allow_blank_structures = options.fetch(:allow_blank_structures, false)
|
41
43
|
@allow_form_params = options.fetch(:allow_form_params, true)
|
42
44
|
@allow_query_params = options.fetch(:allow_query_params, true)
|
43
45
|
@check_content_type = options.fetch(:check_content_type, true)
|
@@ -45,7 +47,14 @@ module Committee
|
|
45
47
|
@coerce_recursive = options.fetch(:coerce_recursive, true)
|
46
48
|
@optimistic_json = options.fetch(:optimistic_json, false)
|
47
49
|
@parse_response_by_content_type = options.fetch(:parse_response_by_content_type, true)
|
48
|
-
|
50
|
+
|
51
|
+
@parameter_overwrite_by_rails_rule =
|
52
|
+
if options.key?(:parameter_overwite_by_rails_rule)
|
53
|
+
Committee.warn_deprecated_until_6(true, "The option `parameter_overwite_by_rails_rule` is deprecated. Use `parameter_overwrite_by_rails_rule` instead.")
|
54
|
+
options[:parameter_overwite_by_rails_rule]
|
55
|
+
else
|
56
|
+
options.fetch(:parameter_overwrite_by_rails_rule, true)
|
57
|
+
end
|
49
58
|
|
50
59
|
# Boolean options and have a different value by default
|
51
60
|
@allow_get_body = options.fetch(:allow_get_body, schema.driver.default_allow_get_body)
|
data/lib/committee/version.rb
CHANGED
@@ -419,7 +419,7 @@ describe Committee::Middleware::RequestValidation do
|
|
419
419
|
assert_equal env['committee.query_hash']['integer'], 42
|
420
420
|
#assert_equal env['rack.request.query_hash'][:integer], 42 # this isn't hash indifferent hash because we use rack.request.query_hash
|
421
421
|
[204, {}, []]
|
422
|
-
end, schema: open_api_3_schema,
|
422
|
+
end, schema: open_api_3_schema, parameter_overwrite_by_rails_rule: false)
|
423
423
|
|
424
424
|
header "Content-Type", "application/json"
|
425
425
|
post '/overwrite_same_parameter?integer=42'
|
@@ -434,7 +434,7 @@ describe Committee::Middleware::RequestValidation do
|
|
434
434
|
assert_equal env['committee.request_body_hash'][:integer], 21
|
435
435
|
assert_equal env['committee.query_hash']['integer'], 42
|
436
436
|
[204, {}, []]
|
437
|
-
end, schema: open_api_3_schema,
|
437
|
+
end, schema: open_api_3_schema, parameter_overwrite_by_rails_rule: false)
|
438
438
|
|
439
439
|
params = {integer: 21}
|
440
440
|
|
@@ -454,7 +454,7 @@ describe Committee::Middleware::RequestValidation do
|
|
454
454
|
assert_equal env['committee.query_hash']['integer'], 84 # we can't use query_parameter :(
|
455
455
|
#assert_equal env['rack.request.query_hash'][:integer], 21 # this isn't hash indifferent hash because we use rack.request.query_hash
|
456
456
|
[204, {}, []]
|
457
|
-
end, schema: open_api_3_schema,
|
457
|
+
end, schema: open_api_3_schema, parameter_overwrite_by_rails_rule: false)
|
458
458
|
|
459
459
|
params = {integer: 21}
|
460
460
|
|
@@ -136,6 +136,29 @@ describe Committee::Middleware::ResponseValidation do
|
|
136
136
|
assert_equal 200, last_response.status
|
137
137
|
end
|
138
138
|
|
139
|
+
it "passes through a valid response for OpenAPI when data=nil, target_schema=empty, allow_blank_structures=true" do
|
140
|
+
@app = new_rack_app("null", {},
|
141
|
+
allow_blank_structures: true, schema: open_api_2_schema)
|
142
|
+
get "/api/pets/cat"
|
143
|
+
assert_equal 200, last_response.status
|
144
|
+
end
|
145
|
+
|
146
|
+
it "invalid responses for OpenAPI when data=nil, target_schema=empty, allow_blank_structures=false" do
|
147
|
+
@app = new_rack_app("null", {},
|
148
|
+
allow_blank_structures: false, schema: open_api_2_schema)
|
149
|
+
get "/api/pets/cat"
|
150
|
+
assert_equal 500, last_response.status
|
151
|
+
assert_match(/Invalid response/i, last_response.body)
|
152
|
+
end
|
153
|
+
|
154
|
+
it "passes through a valid response for OpenAPI when data=nil, target_schema=present, allow_blank_structures=true" do
|
155
|
+
@app = new_rack_app("null", {},
|
156
|
+
allow_blank_structures: true, schema: open_api_2_schema)
|
157
|
+
get "/api/pets/dog"
|
158
|
+
assert_equal 500, last_response.status
|
159
|
+
assert_match(/nil is not an array/i, last_response.body)
|
160
|
+
end
|
161
|
+
|
139
162
|
it "detects an invalid response for OpenAPI" do
|
140
163
|
@app = new_rack_app("{_}", {}, schema: open_api_2_schema)
|
141
164
|
get "/api/pets"
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: committee
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.
|
4
|
+
version: 5.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brandur
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2024-
|
13
|
+
date: 2024-06-17 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: json_schema
|
@@ -39,6 +39,9 @@ dependencies:
|
|
39
39
|
- - ">="
|
40
40
|
- !ruby/object:Gem::Version
|
41
41
|
version: '1.5'
|
42
|
+
- - "<"
|
43
|
+
- !ruby/object:Gem::Version
|
44
|
+
version: '3.1'
|
42
45
|
type: :runtime
|
43
46
|
prerelease: false
|
44
47
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -46,6 +49,9 @@ dependencies:
|
|
46
49
|
- - ">="
|
47
50
|
- !ruby/object:Gem::Version
|
48
51
|
version: '1.5'
|
52
|
+
- - "<"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '3.1'
|
49
55
|
- !ruby/object:Gem::Dependency
|
50
56
|
name: openapi_parser
|
51
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -78,16 +84,16 @@ dependencies:
|
|
78
84
|
name: rack-test
|
79
85
|
requirement: !ruby/object:Gem::Requirement
|
80
86
|
requirements:
|
81
|
-
- - "
|
87
|
+
- - ">="
|
82
88
|
- !ruby/object:Gem::Version
|
83
|
-
version: '0
|
89
|
+
version: '0'
|
84
90
|
type: :development
|
85
91
|
prerelease: false
|
86
92
|
version_requirements: !ruby/object:Gem::Requirement
|
87
93
|
requirements:
|
88
|
-
- - "
|
94
|
+
- - ">="
|
89
95
|
- !ruby/object:Gem::Version
|
90
|
-
version: '0
|
96
|
+
version: '0'
|
91
97
|
- !ruby/object:Gem::Dependency
|
92
98
|
name: rake
|
93
99
|
requirement: !ruby/object:Gem::Requirement
|
@@ -263,7 +269,11 @@ files:
|
|
263
269
|
homepage: https://github.com/interagent/committee
|
264
270
|
licenses:
|
265
271
|
- MIT
|
266
|
-
metadata:
|
272
|
+
metadata:
|
273
|
+
bug_tracker_uri: https://github.com/interagent/committee/issues
|
274
|
+
changelog_uri: https://github.com/interagent/committee/blob/master/CHANGELOG.md
|
275
|
+
rubygems_mfa_required: 'true'
|
276
|
+
source_code_uri: https://github.com/interagent/committee
|
267
277
|
post_install_message:
|
268
278
|
rdoc_options: []
|
269
279
|
require_paths:
|
@@ -279,7 +289,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
279
289
|
- !ruby/object:Gem::Version
|
280
290
|
version: '0'
|
281
291
|
requirements: []
|
282
|
-
rubygems_version: 3.
|
292
|
+
rubygems_version: 3.5.3
|
283
293
|
signing_key:
|
284
294
|
specification_version: 4
|
285
295
|
summary: A collection of Rack middleware to support JSON Schema.
|