Add more tests for validator_map and readOnly/writeOnly

tests/conftest.py

@@ -88,6 +88,11 @@ def default_param_error_spec_dir():
     return FIXTURES_FOLDER / 'default_param_error'
 
 
+@pytest.fixture
+def json_validation_spec_dir():
+    return FIXTURES_FOLDER / 'json_validation'
+
+
 def build_app_from_fixture(api_spec_folder, spec_file='openapi.yaml', **kwargs):
     debug = True
     if 'debug' in kwargs:

tests/fakeapi/hello.py

@@ -484,3 +484,17 @@ def get_httpstatus_response():
 
 def get_bad_default_response(response_code):
     return {}, response_code
+
+
+def get_user():
+    return {'user_id': 7, 'name': 'max'}
+
+
+def get_user_with_password():
+    return {'user_id': 7, 'name': 'max', 'password': '5678'}
+
+
+def post_user(body):
+    body['user_id'] = 8
+    body.pop('password', None)
+    return body

tests/fixtures/json_validation/openapi.yaml

@@ -0,0 +1,77 @@
+openapi: "3.0.0"
+
+info:
+  title: "{{title}}"
+  version: "1.0"
+
+servers:
+  - url: /v1.0
+
+components:
+  schemas:
+    User:
+      type: object
+      required:
+      - name
+      - user_id
+      - password
+      properties:
+        user_id:
+          type: integer
+          readOnly: true
+        name:
+          type: string
+        password:
+          type: string
+          writeOnly: true
+
+paths:
+  /minlength:
+    post:
+      operationId: fakeapi.hello.post
+      requestBody:
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                foo:
+                  type: string
+      responses:
+        200:
+          description: Success
+
+  /user:
+    get:
+      operationId: fakeapi.hello.get_user
+      responses:
+        200:
+          description: User object
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/User'
+    post:
+      operationId: fakeapi.hello.post_user
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/User'
+      responses:
+        200:
+          description: User object
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/User'
+  /user_with_password:
+    get:
+      operationId: fakeapi.hello.get_user_with_password
+      responses:
+        200:
+          description: User object
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/User'

tests/fixtures/json_validation/swagger.yaml

@@ -0,0 +1,69 @@
+swagger: "2.0"
+
+info:
+  title: "{{title}}"
+  version: "1.0"
+
+basePath: /v1.0
+
+definitions:
+  User:
+    type: object
+    required:
+    - name
+    properties:
+      user_id:
+        type: integer
+        readOnly: true
+      name:
+        type: string
+      password:
+        type: string
+        x-writeOnly: true
+
+paths:
+  /minlength:
+    post:
+      operationId: fakeapi.hello.post
+      parameters:
+        - name: body
+          in: body
+          required: true
+          schema:
+            type: object
+            properties:
+              foo:
+                type: string
+      responses:
+        200:
+          description: Success
+
+  /user:
+    get:
+      operationId: fakeapi.hello.get_user
+      responses:
+        200:
+          description: User object
+          schema:
+            $ref: '#/definitions/User'
+    post:
+      operationId: fakeapi.hello.post_user
+      parameters:
+        - name: body
+          in: body
+          required: true
+          schema:
+            $ref: '#/definitions/User'
+      responses:
+        200:
+          description: User object
+          schema:
+            $ref: '#/definitions/User'
+  /user_with_password:
+    get:
+      operationId: fakeapi.hello.get_user_with_password
+      responses:
+        200:
+          description: User object
+          schema:
+            $ref: '#/definitions/User'

tests/test_json_validation.py

@@ -0,0 +1,77 @@
+import json
+
+from jsonschema.validators import _utils, extend
+
+import pytest
+from conftest import build_app_from_fixture
+from connexion import App
+from connexion.decorators.validation import RequestBodyValidator
+from connexion.json_schema import Draft4RequestValidator
+
+SPECS = ["swagger.yaml", "openapi.yaml"]
+
+@pytest.mark.parametrize("spec", SPECS)
+def test_validator_map(json_validation_spec_dir, spec):
+    def validate_type(validator, types, instance, schema):
+        types = _utils.ensure_list(types)
+        errors = Draft4RequestValidator.VALIDATORS['type'](validator, types, instance, schema)
+        for e in errors:
+            yield e
+
+        if 'string' in types and 'minLength' not in schema:
+            errors = Draft4RequestValidator.VALIDATORS['minLength'](validator, 1, instance, schema)
+            for e in errors:
+                yield e
+
+    MinLengthRequestValidator = extend(Draft4RequestValidator, {'type': validate_type})
+
+    class MyRequestBodyValidator(RequestBodyValidator):
+        def __init__(self, *args, **kwargs):
+            super(MyRequestBodyValidator, self).__init__(*args, validator=MinLengthRequestValidator, **kwargs)
+
+    validator_map = {'body': MyRequestBodyValidator}
+
+    app = App(__name__, specification_dir=json_validation_spec_dir)
+    app.add_api(spec, validate_responses=True, validator_map=validator_map)
+    app_client = app.app.test_client()
+
+    res = app_client.post('/v1.0/minlength', data=json.dumps({'foo': 'bar'}), content_type='application/json') # type: flask.Response
+    assert res.status_code == 200
+
+    res = app_client.post('/v1.0/minlength', data=json.dumps({'foo': ''}), content_type='application/json') # type: flask.Response
+    assert res.status_code == 400
+
+
+@pytest.mark.parametrize("spec", SPECS)
+def test_readonly(json_validation_spec_dir, spec):
+    app = build_app_from_fixture(json_validation_spec_dir, spec, validate_responses=True)
+    app_client = app.app.test_client()
+
+    res = app_client.get('/v1.0/user') # type: flask.Response
+    assert res.status_code == 200
+    assert json.loads(res.data.decode()).get('user_id') == 7
+
+    res = app_client.post('/v1.0/user', data=json.dumps({'name': 'max', 'password': '1234'}), content_type='application/json') # type: flask.Response
+    assert res.status_code == 200
+    assert json.loads(res.data.decode()).get('user_id') == 8
+
+    res = app_client.post('/v1.0/user', data=json.dumps({'user_id': 9, 'name': 'max'}), content_type='application/json') # type: flask.Response
+    assert res.status_code == 400
+
+
+@pytest.mark.parametrize("spec", SPECS)
+def test_writeonly(json_validation_spec_dir, spec):
+    app = build_app_from_fixture(json_validation_spec_dir, spec, validate_responses=True)
+    app_client = app.app.test_client()
+
+    res = app_client.post('/v1.0/user', data=json.dumps({'name': 'max', 'password': '1234'}), content_type='application/json') # type: flask.Response
+    assert res.status_code == 200
+    assert 'password' not in json.loads(res.data.decode())
+
+    res = app_client.get('/v1.0/user') # type: flask.Response
+    assert res.status_code == 200
+    assert 'password' not in json.loads(res.data.decode())
+
+    res = app_client.get('/v1.0/user_with_password') # type: flask.Response
+    assert res.status_code == 500
+    assert json.loads(res.data.decode())['title'] == 'Response body does not conform to specification'