Allow empty security array for endpoints (#729)

Author: fotos

CHANGELOG.md

@@ -7,6 +7,7 @@
 #### Fixes
 
 * Your contribution here.
+* [#729](https://github.com/ruby-grape/grape-swagger/pull/729): Allow empty security array for endpoints - [@fotos](https://github.com/fotos).
 
 ### 0.32.0 (November 26, 2018)
 

lib/grape-swagger/endpoint.rb

@@ -125,7 +125,7 @@ def method_object(route, options, path)
       method[:tags]        = route.options.fetch(:tags, tag_object(route, path))
       method[:operationId] = GrapeSwagger::DocMethods::OperationId.build(route, path)
       method[:deprecated] = deprecated_object(route)
-      method.delete_if { |_, value| value.blank? }
+      method.delete_if { |_, value| value.nil? }
 
       [route.request_method.downcase.to_sym, method]
     end
@@ -149,7 +149,6 @@ def summary_object(route)
     def description_object(route)
       description = route.description if route.description.present?
       description = route.options[:detail] if route.options.key?(:detail)
-      description ||= ''
 
       description
     end

spec/support/model_parsers/entity_parser.rb

@@ -279,6 +279,7 @@ class DocumentedHashAndArrayModel < Grape::Entity
           'get' => {
             'description' => 'This gets Things.',
             'produces' => ['application/json'],
+            'parameters' => [],
             'responses' => { '200' => { 'description' => 'get Horses', 'schema' => { '$ref' => '#/definitions/Something' } }, '401' => { 'description' => 'HorsesOutError', 'schema' => { '$ref' => '#/definitions/ApiError' } } },
             'tags' => ['thing2'],
             'operationId' => 'getThing2'

spec/support/model_parsers/mock_parser.rb

@@ -271,6 +271,7 @@ class ApiResponse < OpenStruct; end
           'get' => {
             'description' => 'This gets Things.',
             'produces' => ['application/json'],
+            'parameters' => [],
             'responses' => { '200' => { 'description' => 'get Horses', 'schema' => { '$ref' => '#/definitions/Something' } }, '401' => { 'description' => 'HorsesOutError', 'schema' => { '$ref' => '#/definitions/ApiError' } } },
             'tags' => ['thing2'],
             'operationId' => 'getThing2'

spec/support/model_parsers/representable_parser.rb

@@ -351,6 +351,7 @@ class DocumentedHashAndArrayModel < Representable::Decorator
           'get' => {
             'description' => 'This gets Things.',
             'produces' => ['application/json'],
+            'parameters' => [],
             'responses' => { '200' => { 'description' => 'get Horses', 'schema' => { '$ref' => '#/definitions/Something' } }, '401' => { 'description' => 'HorsesOutError', 'schema' => { '$ref' => '#/definitions/ApiError' } } },
             'tags' => ['thing2'],
             'operationId' => 'getThing2'

spec/swagger_v2/api_swagger_v2_response_spec.rb

@@ -49,6 +49,7 @@ def app
       expect(subject['paths']['/nested_type']['get']).to eql(
         'description' => 'This returns something',
         'produces' => ['application/json'],
+        'parameters' => [],
         'responses' => {
           '200' => { 'description' => 'This returns something', 'schema' => { '$ref' => '#/definitions/UseItemResponseAsType' } },
           '400' => { 'description' => 'NotFound', 'schema' => { '$ref' => '#/definitions/ApiError' } }
@@ -70,6 +71,7 @@ def app
       expect(subject['paths']['/entity_response']['get']).to eql(
         'description' => 'This returns something',
         'produces' => ['application/json'],
+        'parameters' => [],
         'responses' => {
           '200' => { 'description' => 'This returns something', 'schema' => { '$ref' => '#/definitions/UseResponse' } },
           '400' => { 'description' => 'NotFound', 'schema' => { '$ref' => '#/definitions/ApiError' } }

spec/swagger_v2/api_swagger_v2_response_with_examples_spec.rb

@@ -72,6 +72,7 @@ def app
       expect(subject['paths']['/response_examples']['get']).to eql(
         'description' => 'This returns examples',
         'produces' => ['application/json'],
+        'parameters' => [],
         'responses' => {
           '200' => { 'description' => 'This returns examples', 'schema' => { '$ref' => '#/definitions/UseResponse' }, 'examples' => example_200 },
           '404' => { 'description' => 'NotFound', 'schema' => { '$ref' => '#/definitions/ApiError' }, 'examples' => example_404 }
@@ -102,6 +103,7 @@ def app
       expect(subject['paths']['/response_failure_examples']['get']).to eql(
         'description' => 'This syntax also returns examples',
         'produces' => ['application/json'],
+        'parameters' => [],
         'responses' => {
           '200' => { 'description' => 'This syntax also returns examples', 'schema' => { '$ref' => '#/definitions/UseResponse' }, 'examples' => example_200 },
           '404' => { 'description' => 'NotFound', 'schema' => { '$ref' => '#/definitions/ApiError' }, 'examples' => example_404 },
@@ -123,6 +125,7 @@ def app
       expect(subject['paths']['/response_no_examples']['get']).to eql(
         'description' => 'This does not return examples',
         'produces' => ['application/json'],
+        'parameters' => [],
         'responses' => {
           '200' => { 'description' => 'This does not return examples', 'schema' => { '$ref' => '#/definitions/UseResponse' } },
           '404' => { 'description' => 'NotFound', 'schema' => { '$ref' => '#/definitions/ApiError' } }

spec/swagger_v2/api_swagger_v2_response_with_headers_spec.rb

@@ -91,6 +91,7 @@ def app
       expect(subject['paths']['/response_headers']['get']).to eql(
         'description' => 'This returns headers',
         'produces' => ['application/json'],
+        'parameters' => [],
         'responses' => {
           '200' => { 'description' => 'This returns headers', 'schema' => { '$ref' => '#/definitions/UseResponse' }, 'headers' => header_200 },
           '404' => { 'description' => 'NotFound', 'schema' => { '$ref' => '#/definitions/ApiError' }, 'examples' => examples_404, 'headers' => header_404 }
@@ -121,6 +122,7 @@ def app
       expect(subject['paths']['/no_content_response_headers']['delete']).to eql(
         'description' => 'A 204 can have headers too',
         'produces' => ['application/json'],
+        'parameters' => [],
         'responses' => {
           '204' => { 'description' => 'No content', 'headers' => header_204 },
           '400' => { 'description' => 'Bad Request', 'headers' => header_400, 'schema' => { '$ref' => '#/definitions/ApiError' }, 'examples' => examples_400 }
@@ -151,6 +153,7 @@ def app
       expect(subject['paths']['/file_response_headers']['get']).to eql(
         'description' => 'A file can have headers too',
         'produces' => ['application/json'],
+        'parameters' => [],
         'responses' => {
           '200' => { 'description' => 'A file can have headers too', 'headers' => header_200, 'schema' => { 'type' => 'file' } },
           '404' => { 'description' => 'NotFound', 'headers' => header_404, 'schema' => { '$ref' => '#/definitions/ApiError' }, 'examples' => examples_404 }
@@ -181,6 +184,7 @@ def app
       expect(subject['paths']['/response_failure_headers']['get']).to eql(
         'description' => 'This syntax also returns headers',
         'produces' => ['application/json'],
+        'parameters' => [],
         'responses' => {
           '200' => { 'description' => 'This syntax also returns headers', 'schema' => { '$ref' => '#/definitions/UseResponse' }, 'headers' => header_200 },
           '404' => { 'description' => 'NotFound', 'schema' => { '$ref' => '#/definitions/ApiError' }, 'headers' => header_404 },
@@ -202,6 +206,7 @@ def app
       expect(subject['paths']['/response_no_headers']['get']).to eql(
         'description' => 'This does not return headers',
         'produces' => ['application/json'],
+        'parameters' => [],
         'responses' => {
           '200' => { 'description' => 'This does not return headers', 'schema' => { '$ref' => '#/definitions/UseResponse' } },
           '404' => { 'description' => 'NotFound', 'schema' => { '$ref' => '#/definitions/ApiError' } }

spec/swagger_v2/default_api_spec.rb

@@ -33,6 +33,7 @@ def app
             'get' => {
               'description' => 'This gets something.',
               'produces' => ['application/json'],
+              'parameters' => [],
               'tags' => ['something'],
               'operationId' => 'getSomething',
               'responses' => { '200' => { 'description' => 'This gets something.' } }
@@ -79,6 +80,7 @@ def app
                                 'get' => {
                                   'description' => 'This gets something.',
                                   'produces' => ['application/json'],
+                                  'parameters' => [],
                                   'tags' => ['something'],
                                   'operationId' => 'getSomething',
                                   'responses' => { '200' => { 'description' => 'This gets something.' } }

spec/swagger_v2/guarded_endpoint_spec.rb

@@ -86,6 +86,7 @@ def app
             'get' => {
               'description' => 'Show endpoint if authenticated',
               'produces' => ['application/json'],
+              'parameters' => [],
               'tags' => ['auth'],
               'operationId' => 'getAuth',
               'responses' => { '200' => { 'description' => 'Show endpoint if authenticated' } }

spec/swagger_v2/hide_api_spec.rb

@@ -54,6 +54,7 @@ def app
           'get' => {
             'description' => 'Show this endpoint',
             'produces' => ['application/json'],
+            'parameters' => [],
             'tags' => ['simple'],
             'operationId' => 'getSimple',
             'responses' => { '200' => { 'description' => 'Show this endpoint' } }
@@ -63,6 +64,7 @@ def app
           'get' => {
             'description' => 'Lazily show endpoint',
             'produces' => ['application/json'],
+            'parameters' => [],
             'tags' => ['lazy'],
             'operationId' => 'getLazy',
             'responses' => { '200' => { 'description' => 'Lazily show endpoint' } }
@@ -115,6 +117,7 @@ def app
           'get' => {
             'description' => 'Show this endpoint',
             'produces' => ['application/json'],
+            'parameters' => [],
             'operationId' => 'getSimpleShow',
             'tags' => ['simple'], 'responses' => { '200' => { 'description' => 'Show this endpoint' } }
           }
@@ -136,6 +139,7 @@ def app
           'get' => {
             'description' => 'Show this endpoint',
             'produces' => ['application/json'],
+            'parameters' => [],
             'tags' => ['simple'],
             'operationId' => 'getSimpleShow',
             'responses' => { '200' => { 'description' => 'Show this endpoint' } }

spec/swagger_v2/mounted_target_class_spec.rb

@@ -41,6 +41,7 @@ def app
           'get' => {
             'description' => 'This gets something.',
             'produces' => ['application/json'],
+            'parameters' => [],
             'responses' => { '200' => { 'description' => 'This gets something.' } },
             'tags' => ['simple'],
             'operationId' => 'getSimple'
@@ -63,6 +64,7 @@ def app
           'get' => {
             'description' => 'This gets something.',
             'produces' => ['application/json'],
+            'parameters' => [],
             'responses' => {
               '200' => { 'description' => 'This gets something.' }
             },

spec/swagger_v2/security_requirement_spec.rb

@@ -10,7 +10,24 @@ def app
         { foo: 'bar' }
       end
 
-      add_swagger_documentation
+      desc 'Endpoint without security requirement', security: []
+      get '/without_security' do
+        { foo: 'bar' }
+      end
+
+      add_swagger_documentation(
+        security_definitions: {
+          petstore_auth: {
+            type: 'oauth2',
+            flow: 'implicit',
+            authorizationUrl: 'https://petstore.swagger.io/oauth/dialog',
+            scopes: {
+              'read:pets': 'read your pets',
+              'write:pets': 'modify pets in your account'
+            }
+          }
+        }
+      )
     end
   end
 
@@ -22,4 +39,8 @@ def app
   it 'defines the security requirement on the endpoint method' do
     expect(subject['paths']['/with_security']['get']['security']).to eql ['oauth_pets' => ['read:pets', 'write:pets']]
   end
+
+  it 'defines an empty security requirement on the endpoint method' do
+    expect(subject['paths']['/without_security']['get']['security']).to eql []
+  end
 end

spec/swagger_v2/simple_mounted_api_spec.rb

@@ -104,6 +104,8 @@ def app
             'get' => {
               'description' => 'Document root',
               'produces' => ['application/json'],
+              'parameters' => [],
+              'tags' => [],
               'responses' => { '200' => { 'description' => 'Document root' } },
               'operationId' => 'get'
             }
@@ -112,6 +114,7 @@ def app
             'get' => {
               'description' => 'This gets something.',
               'produces' => ['application/json'],
+              'parameters' => [],
               'tags' => ['simple'],
               'operationId' => 'getSimple',
               'responses' => { '200' => { 'description' => 'This gets something.' } }
@@ -121,6 +124,7 @@ def app
             'get' => {
               'description' => 'This gets something for URL using - separator.',
               'produces' => ['application/json'],
+              'parameters' => [],
               'tags' => ['simple-test'],
               'operationId' => 'getSimpleTest',
               'responses' => { '200' => { 'description' => 'This gets something for URL using - separator.' } }
@@ -129,6 +133,7 @@ def app
           '/simple-head-test' => {
             'head' => {
               'produces' => ['application/json'],
+              'parameters' => [],
               'responses' => { '200' => { 'description' => 'head SimpleHeadTest' } },
               'tags' => ['simple-head-test'],
               'operationId' => 'headSimpleHeadTest'
@@ -137,6 +142,7 @@ def app
           '/simple-options-test' => {
             'options' => {
               'produces' => ['application/json'],
+              'parameters' => [],
               'responses' => { '200' => { 'description' => 'option SimpleOptionsTest' } },
               'tags' => ['simple-options-test'],
               'operationId' => 'optionsSimpleOptionsTest'
@@ -205,6 +211,7 @@ def app
             'get' => {
               'description' => 'This gets something.',
               'produces' => ['application/json'],
+              'parameters' => [],
               'tags' => ['simple'],
               'operationId' => 'getSimple',
               'responses' => { '200' => { 'description' => 'This gets something.' } }
@@ -236,6 +243,7 @@ def app
               'get' => {
                 'description' => 'This gets something for URL using - separator.',
                 'produces' => ['application/json'],
+                'parameters' => [],
                 'tags' => ['simple-test'],
                 'operationId' => 'getSimpleTest',
                 'responses' => { '200' => { 'description' => 'This gets something for URL using - separator.' } }