From ee2f80d67084dd799e34bd9152c0c7236154b231 Mon Sep 17 00:00:00 2001 From: "Alec.Schmidt" Date: Wed, 12 Mar 2025 21:03:18 +0100 Subject: [PATCH 1/3] chore: added test coverage html folder to gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 93186f9..532c7fb 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ __pycache__/ .devcontainer/ src/.pdm-python +src/htmlcov \ No newline at end of file From 34e24304fa03fb9ad3a079ba554124a292ca5ad3 Mon Sep 17 00:00:00 2001 From: "Alec.Schmidt" Date: Wed, 12 Mar 2025 21:04:31 +0100 Subject: [PATCH 2/3] test: added api input type checking tests [no ci] --- src/tests/test_api.py | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/src/tests/test_api.py b/src/tests/test_api.py index e172bc7..cceefb7 100644 --- a/src/tests/test_api.py +++ b/src/tests/test_api.py @@ -17,6 +17,7 @@ from urllib.parse import urlencode import json +import pytest __author__ = 'Michael Mader' __date__ = "2023-03-12" @@ -63,3 +64,26 @@ def test_multiply(client): def test_division(client): result = call(client, '/div', {'x': 35, 'y': 7}) assert result['result'] == 5 + +# type tests +def test_type_inc(client): + result = call(client, '/inc', {'x': 'a'}) + assert result["error"] == "Type error" + +def test_type_add(client): + result = call(client, '/add', {'x': 'a', 'y': 1}) + assert result["error"] == "Type error" + result = call(client, '/add', {'x': 1, 'y': 'a'}) + assert result["error"] == "Type error" + +def test_type_mul(client): + result = call(client, '/mul', {'x': 'a', 'y': 1}) + assert result["error"] == "Type error" + result = call(client, '/mul', {'x': 1, 'y': 'a'}) + assert result["error"] == "Type error" + +def test_type_div(client): + result = call(client, '/div', {'x': 'a', 'y': 1}) + assert result["error"] == "Type error" + result = call(client, '/div', {'x': 1, 'y': 'a'}) + assert result["error"] == "Type error" \ No newline at end of file From be3db6e6057e132dfa92e20016e54bb934f01069 Mon Sep 17 00:00:00 2001 From: "Alec.Schmidt" Date: Wed, 12 Mar 2025 21:11:29 +0100 Subject: [PATCH 3/3] fix: API endpoints input type safety --- src/app.py | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/src/app.py b/src/app.py index 155c93e..2f04ffc 100644 --- a/src/app.py +++ b/src/app.py @@ -45,30 +45,43 @@ global_data = {'username': 'no_user'} # incrementation route @app.route('/inc') def plus_one(): - x = int(request.args.get('x', 1)) + try: + x = int(request.args.get('x', 1)) + except: + return json.dumps({"error": "Type error"}) + return json.dumps({'x': operators.addition(x, 1)}) # addition route, the parameters will be passed with 'x' and 'y' @app.route('/add') def plus_y(): - x = int(request.args.get('x', 1)) - y = int(request.args.get('y', 1)) + try: + x = int(request.args.get('x', 1)) + y = int(request.args.get('y', 1)) + except: + return json.dumps({"error": "Type error"}) return json.dumps({'result': operators.addition(x, y)}) # multiplication route, the parameters will be passed with 'x' and 'y' @app.route('/mul') def multiply_y(): - x = int(request.args.get('x', 1)) - y = int(request.args.get('y', 1)) + try: + x = int(request.args.get('x', 1)) + y = int(request.args.get('y', 1)) + except: + return json.dumps({"error": "Type error"}) return json.dumps({'result': operators.multiplication(x, y)}) # division route, the parameters will be passed with 'x' and 'y' @app.route('/div') def division_y(): - x = int(request.args.get('x', 1)) - y = int(request.args.get('y', 1)) + try: + x = int(request.args.get('x', 1)) + y = int(request.args.get('y', 1)) + except: + return json.dumps({"error": "Type error"}) return json.dumps({'result': operators.division(x, y)})