def test_AliasKeyDict_del():
alias_dict = AliasKeyDict([('foo', 'bar')])
alias_dict.add_alias('baz', 'foo')
del alias_dict['baz']
assert len(alias_dict) == 0
assert 'baz' not in alias_dict
assert 'foo' not in alias_dict
def build_resources(swagger_spec):
# type: (Spec) -> AliasKeyDict
"""Transforms the REST resources in the json-like swagger_spec into rich
:Resource: objects that have associated :Operation:s.
:type swagger_spec: :class:`bravado_core.spec.Spec`
:returns: dict where (key,value) = (resource name, Resource)
"""
# Map operations to resources using operation tags if available.
# - If an operation has multiple tags, it will be associated with multiple
# resources!
# - If an operation has no tags, its resource name will be derived from its
# path
# key = tag_name value = { operation_id : Operation }
tag_to_ops = defaultdict(
dict
) # type: typing.DefaultDict[typing.Text, typing.Dict[typing.Text, Operation]]
deref = swagger_spec.deref
spec_dict = deref(swagger_spec._internal_spec_dict)
paths_spec = deref(spec_dict.get('paths', {}))
for path_name, path_spec in iteritems(paths_spec):
path_spec = deref(path_spec)
for http_method, op_spec in iteritems(path_spec):
op_spec = deref(op_spec)
# vendor extensions and parameters that are shared across all
# operations for a given path are also defined at this level - we
# just need to skip over them.
if http_method.startswith('x-') or http_method == 'parameters':
continue
op = Operation.from_spec(
swagger_spec,
path_name,
http_method,
op_spec,
)
tags = deref(op_spec.get('tags', []))
if not tags:
tags.append(convert_path_to_resource(path_name))
for tag in tags:
tag_to_ops[deref(tag)][op.operation_id] = op
resources = AliasKeyDict()
for tag, ops in iteritems(tag_to_ops):
sanitized_tag = sanitize_name(tag)
resources[sanitized_tag] = Resource(sanitized_tag, ops)
resources.add_alias(tag, sanitized_tag)
return resources
def test_AliasKeyDict():
alias_dict = AliasKeyDict({'a': 'b', 'c': 'd'})
alias_dict.add_alias('alias_a', 'a')
assert len(alias_dict) == 2
assert set(alias_dict.items()) == set([('a', 'b'), ('c', 'd')])
assert 'alias_a' in alias_dict
assert alias_dict['alias_a'] is alias_dict['a']
assert alias_dict.get('alias_a') is alias_dict.get('a')
assert alias_dict.get('f', 'not there') == 'not there'
assert alias_dict.pop('alias_a') == 'b'
assert len(alias_dict) == 1
assert 'a' not in alias_dict
assert 'alias_a' not in alias_dict
def build_params(op):
"""Builds up the list of this operation's parameters taking into account
parameters that may be available for this operation's path component.
:type op: :class:`bravado_core.operation.Operation`
:returns: dict where (k,v) is (param_name, Param)
"""
swagger_spec = op.swagger_spec
deref = swagger_spec.deref
op_spec = deref(op.op_spec)
op_params_spec = deref(op_spec.get('parameters', []))
spec_dict = deref(swagger_spec._internal_spec_dict)
paths_spec = deref(spec_dict.get('paths', {}))
path_spec = deref(paths_spec.get(op.path_name))
path_params_spec = deref(path_spec.get('parameters', []))
# Order of addition is *important* here. Since op_params are last in the
# list, they will replace any previously defined path_params with the
# same name when the final params dict is constructed in the loop below.
params_spec = path_params_spec + op_params_spec
params = AliasKeyDict()
for param_spec in params_spec:
param = Param(swagger_spec, op, deref(param_spec))
sanitized_name = sanitize_name(param.name)
params[sanitized_name] = param
params.add_alias(param.name, sanitized_name)
# Security parameters cannot override and been overridden by operation or path objects
new_params = {}
new_param_aliases = {}
for parameter in op.security_parameters:
param_name = sanitize_name(parameter.name)
if param_name in params:
raise SwaggerSchemaError(
"'{0}' security parameter is overriding a parameter defined in operation or path object".format(
parameter.name,
)
)
else:
# not directly in params because different security requirements could share parameters
new_params[param_name] = parameter
new_param_aliases[parameter.name] = param_name
params.update(new_params)
for alias, name in iteritems(new_param_aliases):
params.add_alias(alias, name)
return params
def test_AliasKeyDict_copy():
alias_dict = AliasKeyDict([('foo', 'bar')])
alias_dict.add_alias('baz', 'foo')
dict_copy = alias_dict.copy()
assert set(dict_copy.items()) == set(alias_dict.items())
assert dict_copy.alias_to_key == alias_dict.alias_to_key
def build_params_monkey_patch(op):
"""
This is the monkey-patched version of build_params [0] for w3af.
While parsing some open API specifications we found this error:
The document at "http://moth/swagger.yaml" is not a valid Open API specification.
The following exception was raised while parsing the dict into a specification object:
"'Authorization' security parameter is overriding a parameter defined in operation
or path object"
And identified that the root cause for this "issue" was in this method.
The problem was that we really needed to parse that specification, and we
did not care that much about the restriction imposed by bravado-core.
[0] https://github.com/Yelp/bravado-core/blob/1272d21b80800ad98d3f32c3aaa090e277466f69/bravado_core/operation.py#L153
The following is the documentation for the original function:
Builds up the list of this operation's parameters taking into account
parameters that may be available for this operation's path component.
:type op: :class:`bravado_core.operation.Operation`
:returns: dict where (k,v) is (param_name, Param)
"""
swagger_spec = op.swagger_spec
deref = swagger_spec.deref
op_spec = deref(op.op_spec)
op_params_spec = deref(op_spec.get('parameters', []))
spec_dict = deref(swagger_spec._internal_spec_dict)
paths_spec = deref(spec_dict.get('paths', {}))
path_spec = deref(paths_spec.get(op.path_name))
path_params_spec = deref(path_spec.get('parameters', []))
# Order of addition is *important* here. Since op_params are last in the
# list, they will replace any previously defined path_params with the
# same name when the final params dict is constructed in the loop below.
params_spec = path_params_spec + op_params_spec
params = AliasKeyDict()
for param_spec in params_spec:
param = Param(swagger_spec, op, deref(param_spec))
sanitized_name = sanitize_name(param.name)
params[sanitized_name] = param
params.add_alias(param.name, sanitized_name)
# Security parameters cannot override and been overridden by operation or path objects
new_params = {}
new_param_aliases = {}
for parameter in op.security_parameters:
param_name = sanitize_name(parameter.name)
"""
Removed this code:
if param_name in params:
raise SwaggerSchemaError(
"'{0}' security parameter is overriding a parameter defined in operation or path object".format(
parameter.name,
)
)
else:
# not directly in params because different security requirements could share parameters
new_params[param_name] = parameter
new_param_aliases[parameter.name] = param_name
And replaced it with:
"""
new_params[param_name] = parameter
new_param_aliases[parameter.name] = param_name
params.update(new_params)
for alias, name in iteritems(new_param_aliases):
params.add_alias(alias, name)
return params