From cedfaa9e0b449a939a107794cdb2e61d323cc925 Mon Sep 17 00:00:00 2001 From: Stephen Finucane Date: Sat, 30 Nov 2019 18:48:35 +0000 Subject: tests: Provide a way to disable API schema The API schema validation is strict, in that it will error out with invalid keys in either the request or response. Unfortunately the API itself is not. We're hopefully going to fix this in a distant v2.0, but for now we need a way to ensure that the API does what it's supposed to, namely not set fields that don't exist or that the user isn't allowed to set, even if proper error codes aren't raised. This isn't actually used yet. That will come later. Signed-off-by: Stephen Finucane --- patchwork/tests/api/utils.py | 32 ++++++++++++++++++++++++++++---- patchwork/tests/api/validator.py | 34 ++++++++++++++++++++-------------- 2 files changed, 48 insertions(+), 18 deletions(-) diff --git a/patchwork/tests/api/utils.py b/patchwork/tests/api/utils.py index 0c232d0..c405f73 100644 --- a/patchwork/tests/api/utils.py +++ b/patchwork/tests/api/utils.py @@ -112,44 +112,68 @@ class APIClient(BaseAPIClient): self.factory = APIRequestFactory() def get(self, path, data=None, follow=False, **extra): + validate_request = extra.pop('validate_request', True) + validate_response = extra.pop('validate_response', True) + request = self.factory.get( path, data=data, SERVER_NAME='example.com', **extra) response = super(APIClient, self).get( path, data=data, follow=follow, SERVER_NAME='example.com', **extra) - validator.validate_data(path, request, response) + + validator.validate_data(path, request, response, validate_request, + validate_response) + return response def post(self, path, data=None, format=None, content_type=None, follow=False, **extra): + validate_request = extra.pop('validate_request', True) + validate_response = extra.pop('validate_response', True) + request = self.factory.post( path, data=data, format='json', content_type=content_type, SERVER_NAME='example.com', **extra) response = super(APIClient, self).post( path, data=data, format='json', content_type=content_type, follow=follow, SERVER_NAME='example.com', **extra) - validator.validate_data(path, request, response) + + validator.validate_data(path, request, response, validate_request, + validate_response) + return response def put(self, path, data=None, format=None, content_type=None, follow=False, **extra): + validate_request = extra.pop('validate_request', True) + validate_response = extra.pop('validate_response', True) + request = self.factory.put( path, data=data, format='json', content_type=content_type, SERVER_NAME='example.com', **extra) response = super(APIClient, self).put( path, data=data, format='json', content_type=content_type, follow=follow, SERVER_NAME='example.com', **extra) - validator.validate_data(path, request, response) + + validator.validate_data(path, request, response, validate_request, + validate_response) + return response def patch(self, path, data=None, format=None, content_type=None, follow=False, **extra): + validate_request = extra.pop('validate_request', True) + validate_response = extra.pop('validate_response', True) + request = self.factory.patch( path, data=data, format='json', content_type=content_type, SERVER_NAME='example.com', **extra) response = super(APIClient, self).patch( path, data=data, format='json', content_type=content_type, follow=follow, SERVER_NAME='example.com', **extra) - validator.validate_data(path, request, response) + + validator.validate_data(path, request, response, validate_request, + validate_response) + return response diff --git a/patchwork/tests/api/validator.py b/patchwork/tests/api/validator.py index ad4d7f1..9cead29 100644 --- a/patchwork/tests/api/validator.py +++ b/patchwork/tests/api/validator.py @@ -291,7 +291,8 @@ class DRFOpenAPIResponse(BaseOpenAPIResponse): return 'application/json' -def validate_data(path, request, response): +def validate_data(path, request, response, validate_request, + validate_response): if response.status_code == status.HTTP_405_METHOD_NOT_ALLOWED: return @@ -300,18 +301,23 @@ def validate_data(path, request, response): response = DRFOpenAPIResponse(response) # request - validator = RequestValidator(spec, custom_formatters=CUSTOM_FORMATTERS) - result = validator.validate(request) - try: - result.raise_for_errors() - except OpenAPIMediaTypeError: - assert response.status_code == status.HTTP_400_BAD_REQUEST - except OpenAPIParameterError: - # TODO(stephenfin): In API v2.0, this should be an error. As things - # stand, we silently ignore these issues. - assert response.status_code == status.HTTP_200_OK + if validate_request: + validator = RequestValidator( + spec, custom_formatters=CUSTOM_FORMATTERS) + result = validator.validate(request) + try: + result.raise_for_errors() + except OpenAPIMediaTypeError: + if response.status_code != status.HTTP_400_BAD_REQUEST: + raise + except OpenAPIParameterError: + # TODO(stephenfin): In API v2.0, this should be an error. As things + # stand, we silently ignore these issues. + assert response.status_code == status.HTTP_200_OK # response - validator = ResponseValidator(spec, custom_formatters=CUSTOM_FORMATTERS) - result = validator.validate(request, response) - result.raise_for_errors() + if validate_response: + validator = ResponseValidator( + spec, custom_formatters=CUSTOM_FORMATTERS) + result = validator.validate(request, response) + result.raise_for_errors() -- cgit v1.2.3