-
Notifications
You must be signed in to change notification settings - Fork 98
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
validate_security_object have to raises only for apiKey security definitions
- Loading branch information
1 parent
a5b0240
commit 0aa191a
Showing
5 changed files
with
96 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,8 +1,30 @@ | ||
# from bravado_core.security_definition import SecurityDefinition | ||
# | ||
# def test_a(security_spec): | ||
# oauth2 = security_spec.security_definitions['oauth2'] | ||
# example1 = security_spec.resources['example1'].operations['get_example1'] | ||
# example2 = security_spec.resources['example2'].operations['get_example2'] | ||
# example3 = security_spec.resources['example3'].operations['get_example3'] | ||
# example4 = security_spec.resources['example4'].operations['get_example4'] | ||
import pytest | ||
from six import iteritems | ||
|
||
|
||
def test_security_definition_property_extraction(security_dict, security_spec): | ||
security_definitions = security_dict['securityDefinitions'] | ||
for security_name, security_spec_dict in iteritems(security_definitions): | ||
security_object = security_spec.security_definitions[security_name] | ||
for key, value in iteritems(security_spec_dict): | ||
assert getattr(security_object, key if key != 'in' else 'location') == value | ||
|
||
|
||
@pytest.mark.parametrize( | ||
'resource, operation, expected_scopes', | ||
[ | ||
('example1', 'get_example1', [{'apiKey1': []}, {'apiKey2': []}]), | ||
('example2', 'get_example2', [{'apiKey3': []}]), | ||
('example3', 'get_example3', [{'apiKey1': [], 'apiKey2': []}, {'apiKey2': []}]), | ||
('example4', 'get_example4', [{'oauth2': ['write:resource']}]), | ||
('example5', 'get_example5', []), | ||
] | ||
) | ||
def test_security_scopes(security_spec, resource, operation, expected_scopes): | ||
def _get_operation(): | ||
return security_spec.resources[resource].operations[operation] | ||
|
||
assert [ | ||
security_requirement.security_scopes | ||
for security_requirement in _get_operation().security_requirements | ||
] == expected_scopes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
import pytest | ||
|
||
from bravado_core.exception import SwaggerValidationError | ||
from bravado_core.validate import validate_security_object | ||
|
||
|
||
@pytest.mark.parametrize( | ||
'resource, operation, request_data', | ||
[ | ||
('example1', 'get_example1', {'apiKey1': 'key'}), | ||
('example1', 'get_example1', {'apiKey2': 'key'}), | ||
('example2', 'get_example2', {'apiKey3': 'key'}), | ||
('example3', 'get_example3', {'apiKey1': 'key', 'apiKey2': 'key'}), | ||
('example3', 'get_example3', {'apiKey2': 'key'}), | ||
('example4', 'get_example4', {}), | ||
('example5', 'get_example5', {}), | ||
] | ||
) | ||
def test_validate_correct_security_objects(security_spec, resource, operation, request_data): | ||
op = security_spec.resources[resource].operations[operation] | ||
validate_security_object(op, request_data) | ||
|
||
|
||
@pytest.mark.parametrize( | ||
'resource, operation, request_data', | ||
[ | ||
('example1', 'get_example1', {}), | ||
('example1', 'get_example1', {'apiKey1': 'key', 'apiKey2': 'key'}), | ||
('example3', 'get_example3', {'apiKey1': 'key', 'apiKey3': 'key'}), | ||
] | ||
) | ||
def test_validate_incorrect_security_objects(security_spec, resource, operation, request_data): | ||
op = security_spec.resources[resource].operations[operation] | ||
with pytest.raises(SwaggerValidationError): | ||
validate_security_object(op, request_data) |