kyy/swagger-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(ux): ensure that optional security schema is rendered without padlock. (#6839)

Browse Source
This commit is contained in:
Mahtis Michel
2021-01-22 19:03:38 +01:00
committed by GitHub
parent 617a7ceefd
commit eddde95dc4
3 changed files with 61 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/core/components/operation-summary.jsx
View File

@@ -56,8 +56,10 @@ export default class OperationSummary extends PureComponent {
const OperationSummaryPath = getComponent("OperationSummaryPath") const OperationSummaryPath = getComponent("OperationSummaryPath")
const JumpToPath = getComponent("JumpToPath", true) const JumpToPath = getComponent("JumpToPath", true)
const hasSecurity = security && !!security.count()
const securityIsOptional = hasSecurity && security.size === 1 && security.first().isEmpty()
const allowAnonymous = !hasSecurity || securityIsOptional
return ( return (
<div className={`opblock-summary opblock-summary-${method}`} onClick={toggleShown} > <div className={`opblock-summary opblock-summary-${method}`} onClick={toggleShown} >
<OperationSummaryMethod method={method} /> <OperationSummaryMethod method={method} />
<OperationSummaryPath getComponent={getComponent} operationProps={operationProps} specPath={specPath} /> <OperationSummaryPath getComponent={getComponent} operationProps={operationProps} specPath={specPath} />
@@ -71,7 +73,7 @@ export default class OperationSummary extends PureComponent {
{displayOperationId && (originalOperationId || operationId) ? <span className="opblock-summary-operation-id">{originalOperationId || operationId}</span> : null} {displayOperationId && (originalOperationId || operationId) ? <span className="opblock-summary-operation-id">{originalOperationId || operationId}</span> : null}
{ {
(!security || !security.count()) ? null : allowAnonymous ? null :
<AuthorizeOperationBtn <AuthorizeOperationBtn
isAuthorized={isAuthorized} isAuthorized={isAuthorized}
onClick={() => { onClick={() => {

35
test/e2e-cypress/static/documents/security/anonymous.yaml Normal file
View File

@@ -0,0 +1,35 @@
openapi: 3.0.0
info:
title: Test anonymous operations
version: 1.0.0
paths:
/withBoth:
get:
security: [{}, {"apikeyScheme": []}, {"apikeyScheme2": []}]
responses:
200:
description: asdadasd
/onlyEmpty:
get:
security: [{}]
responses:
200:
description: asdadasd
/required:
get:
security: [{"apikeyScheme": []}]
responses:
200:
description: asdadasd
security:
- apikeyScheme: []
components:
securitySchemes:
apikeyScheme:
name: test
type: apiKey
in: header
apikeyScheme2:
name: test2
type: apiKey
in: header

22
test/e2e-cypress/tests/security/anonymous.js Normal file
View File

@@ -0,0 +1,22 @@
describe("#6767: Operation should be considered anonymous if its security only includes empty object (this was decided by implementation choice and may change or be extended in the future)", () => {
it("Should consider method anonymous if security contains only empty object", () => {
cy
.visit("/?url=/documents/security/anonymous.yaml")
.get("#operations-default-get_onlyEmpty .authorization__btn")
.should("not.exist")
})
it("Should consider method as secured if security contains no empty object", () => {
cy
.visit("/?url=/documents/security/anonymous.yaml")
.get("#operations-default-get_required .authorization__btn")
.should("exist")
})
it("Should consider method as secured if security contains empty object but has at least one more security defined", () => {
cy
.visit("/?url=/documents/security/anonymous.yaml")
.get("#operations-default-get_withBoth .authorization__btn")
.should("exist")
})
})