search

metosin / reitit

A fast data-driven routing library for Clojure/Script
https://cljdoc.org/d/metosin/reitit/
Eclipse Public License 1.0
1.43k stars 257 forks source link

Middleware specs with s/keys :req fail with ring method-based routing #386

Open andrewsuzuki opened 4 years ago

andrewsuzuki commented 4 years ago

Reference test

If I turn :opt-un into :req-un (as the docs use), the spec fails ("should contain key :roles").

It works fine however if :roles is placed in any parent map.

ikitommi commented 4 years ago

Good catch. having a middleware effecting all routes, all defined methods should have the :roles defined. Reitit creates an :options route for all routes and it doesn't have the :roles defined.

Good question is, should the generated :options be validated just like all other endpoints?

ikitommi commented 4 years ago

the compiled routes for the given app:

(-> ["/api" {:get {:handler identity
                   :roles #{:admin}}}]
    (ring/router)
    (r/compiled-routes))
;[["/api"
;  {:get {:handler #object[clojure.core$identity], :roles #{:admin}}}
;  #Methods{:get #Endpoint{:data {:handler #object[clojure.core$identity],
;                                 :roles #{:admin}},
;                          :handler #object[clojure.core$identity],
;                          :path "/api",
;                          :method :get,
;                          :middleware []},
;           :head nil,
;           :post nil,
;           :put nil,
;           :delete nil,
;           :connect nil,
;           :options #Endpoint{:data {:no-doc true,
;                                     :handler #object[reitit.ring$fn__4208$fn__4217]},
;                              :handler #object[reitit.ring$fn__4208$fn__4217],
;                              :path "/api",
;                              :method :options,
;                              :middleware []},
;           :trace nil,
;           :patch nil}]]