Merge pull request #82 from advanced-rest-client/feat/W-15520234/security

feat(W-15520234): add security method

Author: leandrogilcarrano

src/ApiMethodDocumentation.js

@@ -403,6 +403,43 @@ export class ApiMethodDocumentation extends AmfHelperMixin(LitElement) {
     this._processServerInfo();
   }
 
+  get asyncSecurityServers(){
+    if(!this.endpoint){
+      return []
+    }
+    const endpoint = Array.isArray(this.endpoint) ? this.endpoint[0]: this.endpoint
+    const apiContractServerKey = this._getAmfKey( this.ns.aml.vocabularies.apiContract.server)
+    const endpointServers = this._ensureArray(endpoint[apiContractServerKey])
+    const apiSecurityKey = this._getAmfKey( this.ns.aml.vocabularies.security.security)
+    
+    // try to find servers in channel level
+    if(endpointServers){
+      return endpointServers.map((server)=>server[apiSecurityKey] || null).filter(elem=>elem!==null).flat();  
+    }
+
+    // try to find root server (only one) that is received by property
+    if(this.server){
+      return this._ensureArray(this.server[apiSecurityKey]) || []
+    }
+
+    // in case that async api doesn't have servers
+    return []      
+  }
+
+  /**
+   * Filters the methodSecurity array to remove elements that have the same '@id' as the elements in the serversSecurity array.
+   * 
+   * @param {object[]} methodSecurity - The array of method security objects.
+   * @param {object[]} serversSecurity - The array of server security objects.
+   * @returns {object[]} The filtered methodSecurity array with unique elements based on the '@id' key.
+   */
+  _computeAsyncSecurityMethod(methodSecurity,serversSecurity){
+    if(!Array.isArray(methodSecurity) || !Array.isArray(serversSecurity)){
+      return []
+    }
+    return methodSecurity.filter(method => !serversSecurity.some(server=>server['@id']===method['@id']));
+  }
+
   _processMethodChange() {
     this.__methodProcessingDebouncer = false;
     const { method } = this;
@@ -411,10 +448,14 @@ export class ApiMethodDocumentation extends AmfHelperMixin(LitElement) {
     this.hasCustomProperties = this._computeHasCustomProperties(method);
     this.expects = this._computeExpects(method);
     this.returns = this._computeReturns(method);
+    
     if (this._isAsyncAPI(this.amf)) {
       this._overwriteExpects();
+      this._computeAsyncApiSecurity()
+    }else{
+      this.security = this._computeSecurity(method) || this._computeSecurity(this.server);
     }
-    this.security = this._computeSecurity(method) || this._computeSecurity(this.server);
+    
     const extendsTypes = this._computeExtends(method);
     this.extendsTypes = extendsTypes;
     this.traits = this._computeTraits(extendsTypes);
@@ -424,6 +465,19 @@ export class ApiMethodDocumentation extends AmfHelperMixin(LitElement) {
     this.deprecated = this._computeIsDeprecated(method);
   }
 
+  _computeAsyncApiSecurity(){
+      const { method } = this;
+      // find security from all servers for this endpoint
+      this.serversSecurity = this.asyncSecurityServers;
+
+      // security that is defined by operation
+      const methodSecurity = this._computeSecurity(method);
+
+      // method security that is defined by operation and is not defined by servers
+      this.methodSecurity = this._computeAsyncSecurityMethod(methodSecurity,this.serversSecurity);
+      this.security = this.methodSecurity.length > 0 ? this.methodSecurity : this.serversSecurity;
+  }
+
   _computeIsDeprecated(method) {
     return Boolean(this._getValue(method, this._getAmfKey(this.ns.aml.vocabularies.core.deprecated)));
   }
@@ -923,7 +977,12 @@ export class ApiMethodDocumentation extends AmfHelperMixin(LitElement) {
   }
 
   _getSecurityTemplate() {
-    const { renderSecurity, security } = this;
+    const { renderSecurity, serversSecurity, security: securityNoAsync } = this;
+    let security = securityNoAsync
+    if(this._isAsyncAPI(this.amf)){
+      // when is async api shows security that is defined by servers
+      security = serversSecurity
+    }
     if (!renderSecurity || !security || !security.length) {
       return '';
     }
@@ -1033,6 +1092,7 @@ export class ApiMethodDocumentation extends AmfHelperMixin(LitElement) {
 
   _getRequestTemplate() {
     return html`<section class="request-documentation">
+      ${this._getAsyncSecurityMethodTemplate()}
       ${this._getMessagesTemplate()}
       ${this._getCodeSnippetsTemplate()}
       ${this._getSecurityTemplate()}
@@ -1043,6 +1103,27 @@ export class ApiMethodDocumentation extends AmfHelperMixin(LitElement) {
     </section>`
   }
 
+  _getAsyncSecurityMethodTemplate() {
+    const { renderSecurity, methodSecurity } = this;
+    if (!renderSecurity || !methodSecurity || !methodSecurity.length || !this._isAsyncAPI(this.amf)) {
+      return '';
+    }
+    const {  compatibility, amf, narrow } = this;
+    return html`<section class="async-method-security">
+      <div
+        class="section-title-area"
+      >
+        <div class="heading3 table-title" role="heading" aria-level="2">Additional security requirements</div>
+        
+      </div>
+        ${methodSecurity.map((item) => html`<api-security-documentation
+          .amf="${amf}"
+          .security="${item}"
+          ?narrow="${narrow}"
+          ?compatibility="${compatibility}"></api-security-documentation>`)}
+    </section>`;
+  }
+
   _getMessagesTemplate() {
     const { message } = this;
     if (!message || !Array.isArray(message) || message.length <= 1) {

src/Styles.js

@@ -313,4 +313,8 @@ api-security-documentation:last-of-type {
   padding: 0px 8px 0px 8px;
   margin-right: 10px;
 }
+
+.async-method-security{
+  margin-top: 17px;
+}
 `;

test/api-method-documentation.test.js

@@ -817,7 +817,7 @@ describe('<api-method-documentation>', () => {
         });
 
         it('should set security when security is defined in server node', () => {
-          assert.lengthOf(element.security, 2);
+          assert.lengthOf(element.serversSecurity, 2);
         });
 
         it('should render Headers section for AsyncAPI headers', async () => {