Merge pull request #130 from ty-ras/issue/129-contextless-endpoints-by-default

Issue/129 contextless endpoints by default

Author: stazz

endpoint-spec/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@ty-ras/endpoint-spec",
-  "version": "2.1.1",
+  "version": "2.2.0",
   "author": {
     "name": "Stanislav Muhametsin",
     "email": "[email protected]",

endpoint-spec/src/__test__/additional-data.spec.ts

@@ -9,6 +9,8 @@ import * as mp from "./missing-parts";
 import * as epValidation from "./endpoint-validation";
 import * as protocol from "./protocol";
 
+/* eslint-disable sonarjs/no-duplicate-string */
+
 test("Verify that modifying additional endpoint spec data type works", async (c) => {
   c.plan(14);
 
@@ -112,6 +114,108 @@ test("Verify that modifying additional endpoint spec data type works", async (c)
   c.deepEqual(permissionChecks, []);
 });
 
+test("Verify that modifying additional endpoint spec data type works also for inline endpoint functions", async (c) => {
+  c.plan(14);
+
+  // Create app and tracking array
+  const { app, permissionChecks } = newBuilder();
+  type StateSpecBase = spec.StateSpecBaseOfAppBuilder<typeof app>;
+
+  // Create endpoints
+  const url = app.url`/${mp.urlParameter("urlParam", protocol.urlParam)}`({});
+  const authState = {
+    userId: true,
+  } as const satisfies StateSpecBase;
+  const unauthState = {
+    userId: false,
+  } as const satisfies StateSpecBase;
+
+  const seenArgs: Array<unknown> = [];
+
+  const endpointInfos = [
+    url.endpoint<Endpoint1>({})(
+      {
+        method: "GET",
+        state: authState,
+        responseBody: mp.responseBody("simpleResponseBody"),
+        permissions: "permissions",
+      },
+      (args) => {
+        seenArgs.push(args);
+        return "simpleResponseBody" as const;
+      },
+    ),
+
+    url.endpoint<Endpoint2>({})(
+      {
+        method: "POST",
+        state: unauthState,
+        responseBody: mp.responseBody("simpleResponseBody"),
+      },
+      (args) => {
+        seenArgs.push(args);
+        return "simpleResponseBody" as const;
+      },
+    ),
+  ];
+
+  const { endpoints } = app.createEndpoints({}, endpointInfos);
+
+  // Initial asserts
+  c.deepEqual(endpoints.length, 1);
+  c.deepEqual(permissionChecks, []);
+
+  // Check endpoint with permissions
+  await epValidation.validateEndpoint(
+    c,
+    endpoints[0],
+    () => seenArgs,
+    // No additional prefix is needed
+    "",
+    // Remove body, query, and state from inputs as they are unused by this endpoint
+    (info) => {
+      const result = info.splice(3);
+      result.unshift(["stateInformation.stateInfo.0", "userId"]);
+      return result;
+    },
+    // Expected output is also different
+    {
+      contentType: "text/plain",
+      output: '"simpleResponseBody"',
+    },
+    // eslint-disable-next-line @typescript-eslint/no-unsafe-return, @typescript-eslint/no-explicit-any
+    (args) => data.omit(args, "body", "query") as any,
+  );
+  c.deepEqual(permissionChecks, ["permissions"]);
+
+  // Check endpoint without permissions
+  permissionChecks.length = 0;
+  seenArgs.length = 0;
+  await epValidation.validateEndpoint(
+    c,
+    endpoints[0],
+    () => seenArgs,
+    // No additional prefix is needed
+    "",
+    // Remove body, query, and state from inputs as they are unused by this endpoint
+    (info) => {
+      const result = info.splice(3);
+      result.unshift(["stateInformation.stateInfo.0", "userId"]);
+      return result;
+    },
+    // Expected output is also different
+    {
+      contentType: "text/plain",
+      output: '"simpleResponseBody"',
+    },
+    // eslint-disable-next-line @typescript-eslint/no-unsafe-return, @typescript-eslint/no-explicit-any
+    (args) => data.omit(args, "body", "query") as any,
+    // Now invoke the unauthenticatedEndpoint() method by using POST
+    "POST",
+  );
+  c.deepEqual(permissionChecks, []);
+});
+
 /**
  * This [higher-kinded types (HKT)](https://www.matechs.com/blog/encoding-hkts-in-typescript-once-again) interface simulates real-life situation, where endpoints which require authentication (their state spec contains "userId" property), also must specify the permissions that the operation requires.
  * In this test setup, the permission type is simply "string", but in reality, it can be something more complex and domain-specific.

endpoint-spec/src/__test__/context-visibility.spec.ts

@@ -0,0 +1,140 @@
+/**
+ * @file This file contains tests related to context visibility using TyRAS builder.
+ */
+
+import test from "ava";
+import type * as spec from "..";
+import * as mp from "./missing-parts";
+import * as protocol from "./protocol";
+import * as epValidation from "./endpoint-validation";
+
+test("Verify that making context visible works", async (c) => {
+  c.plan(6);
+
+  const app = mp.newBuilder({}).showContextToEndpoints();
+
+  const url = app.url`/api/something/${mp.urlParameter(
+    "urlParam",
+    protocol.urlParam,
+  )}`({});
+  const state = {
+    userId: true,
+  } as const;
+  const seenArgs: Array<
+    spec.GetMethodArgs<protocol.SomeEndpoint, typeof url, typeof state>
+  > = [];
+  const endpoint = url.endpoint<protocol.SomeEndpoint>({})(
+    {
+      method: "GET",
+      responseBody: mp.responseBody(protocol.responseBody),
+      state,
+      query: mp.query({
+        queryParam: {
+          decoder: protocol.queryParam,
+          required: false,
+        },
+      }),
+      requestBody: app.requestBody(protocol.requestBody),
+      responseHeaders: mp.responseHeaders({
+        responseHeader: {
+          encoder: protocol.resHeader,
+          required: true,
+        },
+      }),
+    },
+    (args) => {
+      seenArgs.push(args);
+      return {
+        body: "responseBody",
+        headers: {
+          responseHeader: "resHeader",
+        },
+      } as const;
+    },
+  );
+
+  const { endpoints } = app.createEndpoints({}, endpoint);
+  c.deepEqual(
+    endpoints.length,
+    1,
+    "There must be exactly one endpoint created by application builder.",
+  );
+  await epValidation.validateEndpoint(
+    c,
+    endpoints[0],
+    () => seenArgs,
+    undefined,
+    undefined,
+    undefined,
+    undefined,
+    undefined,
+    true,
+  );
+});
+
+test("Verify that hiding context works", async (c) => {
+  c.plan(6);
+
+  const app = mp
+    .newBuilder({})
+    .showContextToEndpoints()
+    .hideContextForEndpoints();
+
+  const url = app.url`/api/something/${mp.urlParameter(
+    "urlParam",
+    protocol.urlParam,
+  )}`({});
+  const state = {
+    userId: true,
+  } as const;
+  const seenArgs: Array<
+    spec.GetMethodArgs<protocol.SomeEndpoint, typeof url, typeof state>
+  > = [];
+  const endpoint = url.endpoint<protocol.SomeEndpoint>({})(
+    {
+      method: "GET",
+      responseBody: mp.responseBody(protocol.responseBody),
+      state,
+      query: mp.query({
+        queryParam: {
+          decoder: protocol.queryParam,
+          required: false,
+        },
+      }),
+      requestBody: app.requestBody(protocol.requestBody),
+      responseHeaders: mp.responseHeaders({
+        responseHeader: {
+          encoder: protocol.resHeader,
+          required: true,
+        },
+      }),
+    },
+    (args) => {
+      seenArgs.push(args);
+      return {
+        body: "responseBody",
+        headers: {
+          responseHeader: "resHeader",
+        },
+      } as const;
+    },
+  );
+
+  const { endpoints } = app.createEndpoints({}, endpoint);
+  c.deepEqual(
+    endpoints.length,
+    1,
+    "There must be exactly one endpoint created by application builder.",
+  );
+  await epValidation.validateEndpoint(
+    c,
+    endpoints[0],
+    () => seenArgs,
+    undefined,
+    undefined,
+    undefined,
+    undefined,
+    undefined,
+    false,
+  );
+});

endpoint-spec/src/__test__/endpoint-validation.ts

@@ -28,6 +28,7 @@ export const validateEndpoint = async (
     args: ep.AppEndpointHandlerFunctionArgs<mp.ServerContext>,
   ) => ep.AppEndpointHandlerFunctionArgs<mp.ServerContext> = (args) => args,
   method: protocol.HttpMethod = "GET",
+  includeContext = false,
 ) => {
   c.truthy(endpoint, "Given endpoint must be of given type");
 
@@ -88,7 +89,13 @@ export const validateEndpoint = async (
     const result = await handler(args);
     if (result.error === "none") {
       c.deepEqual(result.data, expectedOutput);
-      c.deepEqual(getInstanceData(), [data.omit(args, "headers")]);
+      c.deepEqual(getInstanceData(), [
+        data.omit(
+          args,
+          "headers",
+          ...(includeContext ? [] : ["context" as const]),
+        ),
+      ]);
     } else {
       c.fail("Handler did not return validated response body.");
       c.log(result);

endpoint-spec/src/__test__/inline.ts

@@ -21,7 +21,7 @@ const stateSpec = {
 
 export const implementation: spec.InlineEndpointImplementation<
   mp.DefaultStateHKT,
-  mp.ServerContext,
+  never,
   protocol.SomeEndpoint,
   typeof stateSpec
 > = (args) => {

endpoint-spec/src/__test__/missing-parts.ts

@@ -29,6 +29,7 @@ export function newBuilder(
   DefaultStateHKT,
   {},
   ServerContext,
+  never,
   typeof CONTENT_TYPE,
   typeof CONTENT_TYPE,
   typeof CONTENT_TYPE,