CodeCow/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2026-06-24 21:08:25 +08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

openapi: Forbid opaque objects from OpenAPI documentation.

Browse Source 
Objects whose properties are not described were validated by the
current validator. Edit it so that objects with no `properties`
or `additionalProperties` attribute i.e. opaque objects get
invalidated.

Also make changes in zulip.yaml to fix any opaque objects (tweaked by
tabbott to edit the documentation for better clarity).
This commit is contained in:
orientor 2020-06-03 03:46:02 +05:30 committed by Tim Abbott
parent 8224400166
commit 1227b65066
3 changed files with 135 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
zerver/lib/bugdown/api_return_values_table_generator.py
View File

@ -67,8 +67,9 @@ class APIReturnValuesTablePreprocessor(Preprocessor):
if 'additionalProperties' in return_values[return_value]:
ans.append(self.render_desc(return_values[return_value]['additionalProperties']
['description'], spacing + 4))
ans += self.render_table(return_values[return_value]['additionalProperties']['properties'],
spacing + 8)
if 'properties' in return_values[return_value]['additionalProperties']:
ans += self.render_table(return_values[return_value]['additionalProperties']
['properties'], spacing + 8)
if ('items' in return_values[return_value] and
'properties' in return_values[return_value]['items']):
ans += self.render_table(return_values[return_value]['items']['properties'], spacing + 4)

15
zerver/openapi/openapi.py
View File

@ -141,6 +141,12 @@ def validate_array(content: List[Any], schema: Dict[str, Any]) -> None:
# and arrays.
if 'properties' in schema['items']:
validate_object(item, schema['items'])
continue
# If the object was not an opaque object then
# the continue statement above should have
# been executed.
if 'object' in valid_types:
raise SchemaError('Opaque object in array')
if 'items' in schema['items']:
validate_array(item, schema['items'])
@ -169,8 +175,17 @@ def validate_object(content: Dict[str, Any], schema: Dict[str, Any]) -> None:
continue
if 'additionalProperties' in schema['properties'][key]:
for child_keys in value:
if type(value[child_keys]) is list:
validate_array(value[child_keys],
schema['properties'][key]['additionalProperties'])
continue
validate_object(value[child_keys],
schema['properties'][key]['additionalProperties'])
continue
# If the object is not opaque then continue statements
# will be executed above and this will be skipped
if expected_type is dict:
raise SchemaError('Opaque object "{}"'.format(key))
# Check that at least all the required keys are present
if 'required' in schema:
for req_key in schema['required']:

136
zerver/openapi/zulip.yaml
View File

@ -1873,13 +1873,7 @@ paths:
The user's ID.
example: 1
profile_data:
type: object
description: |
A dictionary containing custom profile field data for the user. Each entry
maps the integer ID of a custom profile field in the organization to a
dictionary containing the user's data for that field. Generally the data
includes just a single `value` key; for those custom profile fields
supporting markdown, a `rendered_value` key will also be present.
$ref: '#/components/schemas/profile_data'
- example:
{
"avatar_url": "https://secure.gravatar.com/avatar/af4f06322c177ef4e1e9b2c424986b54?d=identicon&version=1",
@ -3090,25 +3084,91 @@ paths:
description: |
Each key-value pair in the object indicates whether the authentication
method is enabled on this server.
**Changes**: Deprecated in Zulip 2.1, in favor of the more expressive
`external_authentication_methods`.
properties:
password:
description: |
Whether the user can authenticate using password.
type: boolean
dev:
description: |
Whether the user can authenticate using development api key.
type: boolean
email:
description: |
Whether the user can authenticate using email.
type: boolean
ldap:
description: |
Whether the user can authenticate using ldap.
type: boolean
remoteuser:
description: |
Whether the user can authenticate using remoteuser.
type: boolean
github:
description: |
Whether the user can authenticate using their github account.
type: boolean
azuread:
description: |
Whether the user can authenticate using their azuread account.
type: boolean
gitlab:
description: |
Whether the user can authenticate using their gitlab account.
type: boolean
google:
description: |
Whether the user can authenticate using their google account.
type: boolean
saml:
description: |
Whether the user can authenticate using saml.
type: boolean
external_authentication_methods:
type: array
description: |
A list of dictionaries describing the available external
authentication methods (E.g. Google, GitHub, or SAML)
enabled for this organization. Each dictionary specifies
the name and icon that should be displayed on the login
buttons (`display_name` and `display_icon`, where
`display_icon` can be `null`, if no icon is to be
displayed), the URLs that should be accessed to initiate
login/signup using the method (`login_url` and
`signup_url`) and `name`, which is a unique, stable,
machine-readable name for the authentication method.
enabled for this organization.
The list is sorted in the order in which these
authentication methods should be displayed.
**Changes**: New in Zulip 2.1.
items:
type: object
properties:
name:
type: string
description: |
A unique, table, machine-readable name for the authentication method,
intended to be used by clients with special behavior for specific
authenatication methods to correctly identify the method.
display_name:
type: string
description: |
Display name of the authentication method, to be used in all buttons
for the authentication method.
display_icon:
type: string
nullable: true
description: |
URL for an image to be displayed as an icon in all buttons for
the external authentication method.
When null, no icon should be displayed.
login_url:
type: string
description: |
URL to be used to initiate authentication using this method.
signup_url:
type: string
description: |
URL to be used to initiate account registration using this method.
zulip_version:
type: string
description: |
@ -4215,10 +4275,34 @@ components:
description: |
The time the user account was created.
profile_data:
type: object
description: |
Object containing data on the user's personal values for the organization's
configured custom profile fields.
$ref: '#/components/schemas/profile_data'
profile_data:
type: object
description: |
A dictionary containing custom profile field data for the user. Each entry
maps the integer ID of a custom profile field in the organization to a
dictionary containing the user's data for that field. Generally the data
includes just a single `value` key; for those custom profile fields
supporting markdown, a `rendered_value` key will also be present.
additionalProperties:
type: object
description: |
'{id}': Object with data about what value user filled in the custom
profile field with id `id`.
properties:
value:
type: string
description: |
User's personal value for this custom profile field.
rendered_value:
type: string
description: |
The `value` rendered in HTML. Will only be present for
custom profile field types that support markdown rendering.
This user-generated HTML content should be rendered
using the same CSS and client-side security protections
as are used for message content.
JsonResponse:
type: object
properties:
@ -4337,12 +4421,26 @@ components:
A dictionary where the key is the email address of the user/bot and the
value is a list of the names of the streams that were subscribed to as a
result of the query.
additionalProperties:
description: |
`{email_address}`: List of the names of the streams that were subscribed
to as a result of the query.
type: array
items:
type: string
already_subscribed:
type: object
description: |
A dictionary where the key is the email address of the user/bot and the
value is a list of the names of the streams that the user/bot is already
subscribed to.
additionalProperties:
description: |
{email_address}`: List of the names of the streams that the user is
already subscribed to.
type: array
items:
type: string
unauthorized:
type: array
items: