Add 403UserCentricPreparator to handle random parameters that generates a 403 error because the user is not allowed to browse them

Author: Wilkins

src/Definition/Loader/OpenApiDefinitionLoader.php

@@ -36,6 +36,7 @@
 use cebe\openapi\spec\MediaType;
 use cebe\openapi\spec\OAuthFlow;
 use cebe\openapi\spec\OpenApi;
+use cebe\openapi\spec\Operation as OpenApiOperation;
 use cebe\openapi\spec\PathItem;
 use cebe\openapi\spec\RequestBody;
 use cebe\openapi\spec\Schema;
@@ -115,13 +116,23 @@ private function getOperations(array $paths, array $securitySchemes): Operations
                         ->setTags($this->getTags($operation->tags))
                         ->setSecurities($this->getSecurities($securitySchemes, $requirements))
                         ->setExamples($this->getExamples($operation, $parameters))
+                        ->setCustomParameters($this->getCustomParameters($operation))
                 );
             }
         }
 
         return $operations;
     }
 
+    private function getCustomParameters(OpenApiOperation $operation): array
+    {
+        return array_filter(
+            (array) $operation->getSerializableData(),
+            fn ($v, $k) => str_starts_with($k, 'x-'),
+            ARRAY_FILTER_USE_BOTH
+        );
+    }
+
     /**
      * @param \cebe\openapi\spec\Server[] $servers
      */

src/Definition/Operation.php

@@ -43,6 +43,8 @@ final class Operation implements Filterable
 
     private OperationExamples $examples;
 
+    private array $customParameters;
+
     public function __construct(
         private readonly string $id,
         private readonly string $path,
@@ -56,6 +58,7 @@ public function __construct(
         $this->tags = new Tags();
         $this->securities = new Securities();
         $this->examples = new OperationExamples();
+        $this->customParameters = [];
     }
 
     public function addHeader(Parameter $header): self
@@ -277,6 +280,23 @@ public function setExamples(OperationExamples $examples): self
         return $this;
     }
 
+    public function getCustomParameters(): array
+    {
+        return $this->customParameters;
+    }
+
+    public function setCustomParameters(array $customParameters): self
+    {
+        $this->customParameters = $customParameters;
+
+        return $this;
+    }
+
+    public function isUserCentric(): bool
+    {
+        return isset($this->customParameters['x-apitester-user-centric-parameter']) && $this->customParameters['x-apitester-user-centric-parameter'] === true;
+    }
+
     /**
      * @param array<int|string, string|int> $params
      *

src/Preparator/Error403UserCentricPreparator.php

@@ -0,0 +1,71 @@
+<?php
+
+declare(strict_types=1);
+
+namespace APITester\Preparator;
+
+use APITester\Definition\Collection\Operations;
+use APITester\Definition\Example\OperationExample;
+use APITester\Definition\Example\ResponseExample;
+use APITester\Definition\Operation;
+use APITester\Definition\Response as DefinitionResponse;
+use APITester\Test\TestCase;
+
+final class Error403UserCentricPreparator extends TestCasesPreparator
+{
+    public function getStatusCode(): string
+    {
+        return '403';
+    }
+    /**
+     * @inheritDoc
+     */
+    protected function prepare(Operations $operations): iterable
+    {
+        /** @var iterable<array-key, TestCase> */
+        return $operations
+            ->filter(fn ($operation) => $operation->isUserCentric())
+            ->values()
+            ->map(function ($operation) {
+                return $this->prepareTestCase($operation);
+            })
+            ->flatten()
+        ;
+    }
+
+    /**
+     * @return array<TestCase>
+     */
+    private function prepareTestCase(Operation $operation): array
+    {
+        $testcases = [];
+
+        if ($operation->getRequestBodies()->count() === 0) {
+            $testcases[] = $this->buildTestCase(
+                OperationExample::create('RandomPath', $operation)
+                    ->setForceRandom()
+                    ->setResponse(
+                        ResponseExample::create()
+                            ->setStatusCode($this->config->response->getStatusCode() ?? '403')
+                            ->setHeaders($this->config->response->headers ?? [])
+                            ->setContent($this->config->response->body ?? null)
+                    )
+            );
+        }
+
+        foreach ($operation->getRequestBodies() as $ignored) {
+            $testcases[] = $this->buildTestCase(
+                OperationExample::create('RandomPath', $operation)
+                    ->setForceRandom()
+                    ->setResponse(
+                        ResponseExample::create()
+                            ->setStatusCode($this->config->response->getStatusCode() ?? '403')
+                            ->setHeaders($this->config->response->headers ?? [])
+                            ->setContent($this->config->response->body ?? null)
+                    )
+            );
+        }
+
+        return $testcases;
+    }
+}

src/Preparator/Error404Preparator.php

@@ -12,6 +12,10 @@
 
 final class Error404Preparator extends TestCasesPreparator
 {
+    protected function getStatusCode(): string
+    {
+        return '404';
+    }
     /**
      * @inheritDoc
      */
@@ -21,7 +25,8 @@ protected function prepare(Operations $operations): iterable
         return $operations
             ->select('responses.*')
             ->flatten()
-            ->where('statusCode', 404)
+            ->where('statusCode', $this->getgetStatusCode())
+            ->filter(fn ($response) => !$response->getParent()->isUserCentric())
             ->values()
             ->map(function ($response) {
                 /** @var DefinitionResponse $response */
@@ -46,7 +51,7 @@ private function prepareTestCase(DefinitionResponse $response): array
                     ->setForceRandom()
                     ->setResponse(
                         ResponseExample::create()
-                            ->setStatusCode($this->config->response->getStatusCode() ?? '404')
+                            ->setStatusCode($this->config->response->getStatusCode() ?? $this->getgetStatusCode())
                             ->setHeaders($this->config->response->headers ?? [])
                             ->setContent($this->config->response->body ?? $response->getDescription())
                     )
@@ -59,7 +64,7 @@ private function prepareTestCase(DefinitionResponse $response): array
                     ->setForceRandom()
                     ->setResponse(
                         ResponseExample::create()
-                            ->setStatusCode($this->config->response->getStatusCode() ?? '404')
+                            ->setStatusCode($this->config->response->getStatusCode() ?? $this->getgetStatusCode())
                             ->setHeaders($this->config->response->headers ?? [])
                             ->setContent($this->config->response->body ?? $response->getDescription())
                     )