From 9e3104cd2237f3720b8031997d77bb86b94734f9 Mon Sep 17 00:00:00 2001
From: pcain <pcain@usgs.gov>
Date: Fri, 17 Sep 2021 11:03:12 -0600
Subject: [PATCH 1/2] validate query parameter names
---
geomagio/api/ws/data.py | 19 ++++++++++++++++++-
1 file changed, 18 insertions(+), 1 deletion(-)
diff --git a/geomagio/api/ws/data.py b/geomagio/api/ws/data.py
index 24f16b226..db204eee3 100644
--- a/geomagio/api/ws/data.py
+++ b/geomagio/api/ws/data.py
@@ -1,7 +1,7 @@
import os
from typing import List, Union
-from fastapi import APIRouter, Depends, Query
+from fastapi import APIRouter, Depends, Query, Request
from obspy import UTCDateTime, Stream
from starlette.responses import Response
@@ -48,6 +48,7 @@ def get_data_factory(
def get_data_query(
+ request: Request,
id: str = Query(..., title="Observatory code"),
starttime: UTCDateTime = Query(
None,
@@ -102,6 +103,22 @@ def get_data_query(
format
output format
"""
+ default_params = [
+ "id",
+ "starttime",
+ "endtime",
+ "elements",
+ "sampling_period",
+ "type",
+ "format",
+ ]
+ invalid_params = []
+ for param in request.query_params.keys():
+ if param not in default_params:
+ invalid_params.append(param)
+ if len(invalid_params) > 0:
+ msg = ", ".join(invalid_params)
+ raise ValueError(f"Invalid query parameter(s): {msg}")
# parse query
query = DataApiQuery(
id=id,
--
GitLab
From 591ac0abf2dba19df79b205831aa399720e34bc7 Mon Sep 17 00:00:00 2001
From: pcain <pcain@usgs.gov>
Date: Fri, 17 Sep 2021 12:58:13 -0600
Subject: [PATCH 2/2] test client in data_test
---
test/api_test/ws_test/data_test.py | 52 +++++++++++++++++++++++-------
1 file changed, 40 insertions(+), 12 deletions(-)
diff --git a/test/api_test/ws_test/data_test.py b/test/api_test/ws_test/data_test.py
index 800b0cd78..967757b40 100644
--- a/test/api_test/ws_test/data_test.py
+++ b/test/api_test/ws_test/data_test.py
@@ -1,20 +1,30 @@
+from fastapi import Depends
+from fastapi.testclient import TestClient
from numpy.testing import assert_equal
from obspy import UTCDateTime
+import pytest
+from geomagio.api.ws import app
from geomagio.api.ws.data import get_data_query
-from geomagio.api.ws.DataApiQuery import OutputFormat, SamplingPeriod
-
-
-def test_get_data_query():
- query = get_data_query(
- id="BOU",
- starttime="2020-09-01T00:00:01",
- endtime=None,
- elements=["X,Y,Z,F"],
- data_type="R1",
- sampling_period=60,
- format="iaga2002",
+from geomagio.api.ws.DataApiQuery import DataApiQuery, OutputFormat, SamplingPeriod
+
+
+@pytest.fixture(scope="module")
+def test_client():
+ @app.get("/query/", response_model=DataApiQuery)
+ def get_query(query: DataApiQuery = Depends(get_data_query)):
+ return query
+
+ client = TestClient(app)
+ yield client
+
+
+def test_get_data_query(test_client):
+ """test.api_test.ws_test.data_test.test_get_data_query()"""
+ response = test_client.get(
+ "/query/?id=BOU&starttime=2020-09-01T00:00:01&elements=X,Y,Z,F&type=R1&sampling_period=60&format=iaga2002"
)
+ query = DataApiQuery(**response.json())
assert_equal(query.id, "BOU")
assert_equal(query.starttime, UTCDateTime("2020-09-01T00:00:01"))
assert_equal(query.endtime, UTCDateTime("2020-09-02T00:00:00.999"))
@@ -22,3 +32,21 @@ def test_get_data_query():
assert_equal(query.sampling_period, SamplingPeriod.MINUTE)
assert_equal(query.format, OutputFormat.IAGA2002)
assert_equal(query.data_type, "R1")
+
+
+def test_get_data_query_extra_params(test_client):
+ """test.api_test.ws_test.data_test.test_get_data_query_extra_params()"""
+ with pytest.raises(ValueError) as error:
+ test_client.get(
+ "/query/?id=BOU&starttime=2020-09-01T00:00:01&elements=X,Y,Z,F&type=variation&sampling_period=60&format=iaga2002&location=R1&network=NT"
+ )
+ assert error.message == "Invalid query parameter(s): location, network"
+
+
+def test_get_data_query_bad_params(test_client):
+ """test.api_test.ws_test.data_test.test_get_data_query_bad_params()"""
+ with pytest.raises(ValueError) as error:
+ test_client.get(
+ "/query/?id=BOU&startime=2020-09-01T00:00:01&elements=X,Y,Z,F&data_type=variation&sampling_period=60&format=iaga2002"
+ )
+ assert error.message == "Invalid query parameter(s): startime, data_type"
--
GitLab