public void NoNonStandardProductFormats(IJabApiOperation operation)
{
IList <string> nonStandardFormats =
operation.Operation?.Produces?.Where(product => !StandardFormats.Contains(product)).ToList();
Assert.That(
nonStandardFormats,
Is.Null.Or.Empty,
$"Nonstandard formats produced: {(string.Join(", ", nonStandardFormats ?? new string[0]))}");
}
public void DeleteMethodsMustContainIdAsKeyParameter(IJabApiOperation apiOperation)
{
Assume.That(
apiOperation.Method,
Is.EqualTo(NSwag.SwaggerOperationMethod.Delete));
Assert.That(
apiOperation,
Has.Property("Operation").Property("Parameters").None.Property("Name").EqualTo("id"),
"Must not pass ID parameter");
}
public void NoNonStandardConsumptionFormats(IJabApiOperation operation)
{
IList <string> nonStandardFormats =
operation.Operation?.Consumes?.Where(consumption => !StandardFormats.Contains(consumption)).ToList();
Assert.That(
nonStandardFormats,
Is.Null.Or.Empty,
$"Nonstandard formats consumed: {(string.Join(", ", nonStandardFormats ?? new string[0]))}");
}
public void DeleteMethodsShouldNotTakeFormEncodedData(IJabApiOperation operation)
{
Assume.That(operation,
Has.Property("Method").EqualTo(SwaggerOperationMethod.Delete));
Assert.That(
operation.Operation,
Has.Property("Consumes").Null
.Or.Property("Consumes").Not.Contains(FormEncodedFormat)
.And.Property("Consumes").Not.Contains(MultiPartFormFormat),
$"'DELETE' verb but accepts data");
}
public void UseDeleteVerbForDelete(IJabApiOperation operation)
{
List <string> deleteSynonyms = new List <string>
{
"delete",
"remove"
};
Assume.That(operation,
Has.Property("Method").EqualTo(SwaggerOperationMethod.Delete));
Assert.That(
operation,
Has.Property("Path").Not.SubsetOf(deleteSynonyms),
$"Should use 'DELETE' verb instead of '{operation.Method}'");
}
public async Task RangedIntegerParameterTesting(IJabApiOperation operation)
{
if (operation.Operation.ActualParameters.Any(
parameter => parameter.Kind == SwaggerParameterKind.Query && parameter.Type == JsonObjectType.Integer)
&&
operation.Method == SwaggerOperationMethod.Get)
{
HttpClient client = Configuration.GetClient();
SwaggerParameter parameter = operation.Operation.Parameters.First(p => p.Type == JsonObjectType.Integer && p.Kind == SwaggerParameterKind.Query);
HttpResponseMessage results = await client.GetAsync(operation.Path + "?" + parameter.Name + "=" + UInt64.MaxValue.ToString());
Assert.That(
results.StatusCode,
Is.EqualTo(HttpStatusCode.InternalServerError));
}
}
public void NoSecretsInQueryParameters(IJabApiOperation operation)
{
List <string> secretSynonyms = new List <string>
{
"password",
"secret",
"key"
};
IList <SwaggerParameter> queryParametersContainingSecrets =
new List <SwaggerParameter>(operation.Operation.ActualParameters.Where(
parameter => parameter.Kind == SwaggerParameterKind.Query &&
secretSynonyms.Any(term => parameter.Name.IndexOf(term, 0, StringComparison.InvariantCultureIgnoreCase) != -1)));
Assert.That(
queryParametersContainingSecrets,
Is.Not.Null.And.Empty,
$"Query parameters containing secrets: {(string.Join(", ", queryParametersContainingSecrets.Select(p => p.Name)))}");
}
