Fix guarded endpoint spec, after a rebase

Author: blake

lib/grape-swagger.rb

@@ -4,6 +4,7 @@
 
 require 'grape-swagger/instance'
 
+require 'grape-swagger/errors'
 require 'grape-swagger/version'
 require 'grape-swagger/model_parsers'
 
@@ -16,41 +17,6 @@ def model_parsers
   autoload :Rake, 'grape-swagger/rake/oapi_tasks'
 end
 
-def add_swagger_documentation(options = {})
-  options = { target_class: self }.merge(options)
-
-  version_for(options)
-
-  documentation_class = if options[:openapi_version] == '3.0'
-                          require 'grape-swagger/openapi_3/openapi3'
-                          OpenApi.new.add_swagger_documentation(options)
-                        else
-                          require 'grape-swagger/swagger_2/swagger2'
-                          Swagger.new.add_swagger_documentation(options)
-                        end
-
-  @target_class = options[:target_class]
-
-  mount(documentation_class)
-
-  @target_class.combined_routes = {}
-  combine_routes(@target_class, documentation_class)
-
-  @target_class.combined_namespaces = {}
-  combine_namespaces(@target_class)
-
-  @target_class.combined_namespace_routes = {}
-  @target_class.combined_namespace_identifiers = {}
-  combine_namespace_routes(@target_class.combined_namespaces)
-
-  exclusive_route_keys = @target_class.combined_routes.keys - @target_class.combined_namespaces.keys
-  exclusive_route_keys.each do |key|
-    @target_class.combined_namespace_routes[key] = @target_class.combined_routes[key]
-  end
-
-  documentation_class
-end
-
 module SwaggerRouting
   private
 
@@ -153,11 +119,10 @@ module SwaggerDocumentationAdder
   include SwaggerRouting
 
   def add_swagger_documentation(options = {})
-    documentation_class = create_documentation_class
-
-    version_for(options)
     options = { target_class: self }.merge(options)
+    version_for(options)
     @target_class = options[:target_class]
+    documentation_class = create_documentation_class(options[:openapi_version])
     auth_wrapper = options[:endpoint_auth_wrapper] || Class.new
 
     use auth_wrapper if auth_wrapper.method_defined?(:before) && !middleware.flatten.include?(auth_wrapper)
@@ -205,9 +170,17 @@ def combine_namespaces(app)
     combined_namespaces
   end
 
-  def create_documentation_class
-    Class.new(GrapeInstance) do
-      extend GrapeSwagger::DocMethods
+  def create_documentation_class(openapi_version)
+    Class.new(Grape::API) do
+      if openapi_version == '3.0'
+        require 'grape-swagger/openapi_3/endpoint'
+        require 'grape-swagger/openapi_3/doc_methods'
+        extend GrapeOpenAPI::DocMethods
+      else
+        require 'grape-swagger/swagger_2/endpoint'
+        require 'grape-swagger/swagger_2/doc_methods'
+        extend GrapeSwagger::DocMethods
+      end
     end
   end
 end

lib/grape-swagger/openapi_3/openapi3.rb

@@ -0,0 +1,117 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+class SampleAuth < Grape::Middleware::Base
+  module AuthMethods
+    attr_accessor :access_token
+
+    def protected_endpoint=(protected)
+      @protected_endpoint = protected
+    end
+
+    def protected_endpoint?
+      @protected_endpoint || false
+    end
+
+    def resource_owner
+      @resource_owner = true if access_token == '12345'
+    end
+  end
+
+  def context
+    env['api.endpoint']
+  end
+
+  def before
+    context.extend(SampleAuth::AuthMethods)
+    context.protected_endpoint = context.options[:route_options][:auth].present?
+
+    return unless context.protected_endpoint?
+
+    scopes = context.options[:route_options][:auth][:scopes]
+    authorize!(*scopes) unless scopes.include? false
+    context.access_token = env['HTTP_AUTHORIZATION']
+  end
+end
+
+module Extension
+  def sample_auth(*scopes)
+    description = route_setting(:description) || route_setting(:description, {})
+    description[:auth] = { scopes: scopes }
+  end
+
+  Grape::API.extend self
+end
+
+describe 'a guarded api endpoint' do
+  before :all do
+    class GuardedMountedApi < Grape::API
+      resource_owner_valid = proc { |token_owner = nil| token_owner.nil? }
+
+      desc 'Show endpoint if authenticated'
+      route_setting :swagger, hidden: resource_owner_valid
+      get '/auth' do
+        { foo: 'bar' }
+      end
+    end
+
+    class GuardedApi < Grape::API
+      mount GuardedMountedApi
+      add_swagger_documentation openapi_version: '3.0',
+                                endpoint_auth_wrapper: SampleAuth,
+                                swagger_endpoint_guard: 'sample_auth false',
+                                token_owner: 'resource_owner'
+    end
+  end
+
+  def app
+    GuardedApi
+  end
+
+  context 'when a correct token is passed with the request' do
+    subject do
+      get '/swagger_doc.json', {}, 'HTTP_AUTHORIZATION' => '12345'
+      JSON.parse(last_response.body)
+    end
+
+    it 'retrieves swagger-documentation for the endpoint' do
+      expect(subject).to eq(
+        'info' => { 'title' => 'API title', 'version' => '0.0.1' },
+        'openapi' => '3.0.0',
+        'servers' => [{ 'url' => 'http://example.org' }],
+        'tags' => [{ 'name' => 'auth', 'description' => 'Operations about auths' }],
+        'paths' => {
+          '/auth' => {
+            'get' => {
+              'description' => 'Show endpoint if authenticated',
+              'operationId' => 'getAuth',
+              'responses' => {
+                '200' => {
+                  'content' => { 'application/json' => {} },
+                  'description' => 'Show endpoint if authenticated'
+                }
+              },
+              'tags' => ['auth']
+            }
+          }
+        }
+      )
+    end
+  end
+
+  context 'when a bad token is passed with the request' do
+    subject do
+      get '/swagger_doc.json', {}, 'HTTP_AUTHORIZATION' => '123456'
+      JSON.parse(last_response.body)
+    end
+
+    it 'does not retrieve swagger-documentation for the endpoint - only the info_object' do
+      expect(subject).to eq(
+        'info' => { 'title' => 'API title', 'version' => '0.0.1' },
+        'openapi' => '3.0.0',
+        'servers' => [{ 'url' => 'http://example.org' }]
+      )
+    end
+  end
+end