pdyba / lambdalizator Goto Github PK
View Code? Open in Web Editor NEWAWS Lambda REST toolbox
License: MIT License
AWS Lambda REST toolbox
License: MIT License
Currently test client is implicitly authorized by fake event json (even if auth flags are set to False). This behaviour should be unified and refined.
Isn't
body
a string in events coming from AWS? Rather a question, not to adjust right now but maybe we should consider it in the future ๐ค
Originally posted by @redlickigrzegorz in #37 (comment)
We use mapping mostly in brokers where one class is responsible for handling multiple different types of requests/events e.g.:
Mapping[str, Callable[[dict], LambdaResponse]]
Mapping[str, List[Callable[[Event], None]]]
The idea is to create a custom type for functions that are compatible with the above brokers or even for the whole mapping itself. Thanks to that we won't have to implement it from scratch everywhere where it is used/needed ๐
One of the examples where it could be done is EventAPI:
def set_source(self, source: str) -> None:
self._source = source
def set_resources(self, resources: List[str]) -> None:
self._resources = resources
def set_bus_name(self, bus_name: str) -> None:
self._bus_name = bus_name
That one is interesting:
> Argument "headers" to "Event" has incompatible type "Message"; expected "Optional[Dict[Any, Any]]"
It looks like the typing annotation defined lower is wrong ๐คทโโ๏ธ Let's keep that but maybe additional comment would be beneficial.
Originally posted by @redlickigrzegorz in #37 (comment)
There are a couple of comments that were not resolved in the past, so, I have gathered all of them in one place:
You should remove this line, because you overwrite full access by non access ๐
Originally posted by @redlickigrzegorz in #47 (comment)
In general, you don't have to mock it. You can check the singleton if all data are inside ๐
Originally posted by @redlickigrzegorz in #47 (comment)
Maybe
jwt_standard_claims
? This name would say more than the partial payload ๐
Originally posted by @redlickigrzegorz in #47 (comment)
I am not sure if the User should contain these values - it is only a part of the token ๐ค
Originally posted by @redlickigrzegorz in #47 (comment)
As we already get known, this is not that good value for this key. It would be good to fix that in the upcoming versions.
Originally posted by @redlickigrzegorz in #47 (comment)
The above two tests are wrongly named, you expect missing
iss
but the name is saying aboutexp
๐
Originally posted by @redlickigrzegorz in #47 (comment)
I think this formatting could be easily improved manually ๐ Especially that this comment is not needed at all.
Originally posted by @redlickigrzegorz in #47 (comment)
That's the thought standing behind my previous comment, we shouldn't create tests that can pass for different reasons. The environment should be prepared the way which represents the edge case which we want to test ๐
Here, no matter if you have
"deny": {ALL: ALL}
or just"deny": {}
this test will pass, so we can modify the code and this check won't point potential problems.
Originally posted by @redlickigrzegorz in #47 (comment)
This test does not confirm inheritance ๐ You should pass the Authorization header which does not have access to the
handler
method and thanks to inheritance it will get it anyway because it is declared in the guest authorization.
Originally posted by @redlickigrzegorz in #47 (comment)
This line checks the correctness of the environment variable, so, I think it should be implemented directly in the parser:
ConfigParser.load_jwt_keys()
๐
Originally posted by @redlickigrzegorz in #70 (comment)
[ERROR] 2020-09-29T12:05:35.279Z
Content-Type header is missing or wrong: ""
Traceback: Traceback (most recent call last):
File "/var/task/lambdas/handlers.py", line 14, in handle_http
logger.info(f"Request body: {api.request.json_body}")
File "/var/task/lbz/communication.py", line 86, in json_body
raise BadRequestError(
lbz.exceptions.BadRequestError: Content-Type header is missing or wrong: "
This line should be outside the if
statement:
event_api.register(event)
event_api.send() # one sent event
event_api.send() # no events to send, the list should be cleared
Originally posted by @redlickigrzegorz in #50 (comment)
By default, CORS_ORIGIN
is equal to the empty list: /lbz/_cfg.py#L9.
But the only place that uses this configuration value assumes that there is always at least one item present:
/lbz/resource.py#L155
def __init__(
...
self._resp_headers = {
ALLOW_ORIGIN_HEADER: self._get_allowed_origins(origins or CORS_ORIGIN.value),
...
}
def _get_allowed_origins(self, origins: List[str]) -> str:
...
return origins[0]
The same code before v0.5.16 put a single element on this list, that's why this line "worked" without errors before:
/lbz/resource.py#L162
def __init__(
...
self._resp_headers = {
ALLOW_ORIGIN_HEADER: self._get_allowed_origins(
origins or env.get("CORS_ORIGIN", "").split(",")
),
...
}
This problem shows also incompleteness of the unit tests - they need to be improved during fixing this bug ๐
The suggestion would be to not do things like this at all, at least not in the pull request which is responsible for adding types ๐ We can improve this part of the code (including the naming convention) in the near future if really needed.
Originally posted by @redlickigrzegorz in #37 (comment)
To avoid doing such things in the future, I would remove the default values of
message
/status_code
declared in this Exception class ๐
Originally posted by @redlickigrzegorz in #95 (comment)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.