@apideck/portman
Version:
Port OpenAPI Spec to Postman Collection, with contract & variation tests included
921 lines • 111 kB
JavaScript
"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
var tslib_1 = require("tslib");
var Either = tslib_1.__importStar(require("fp-ts/lib/Either"));
var fs_extra_1 = tslib_1.__importDefault(require("fs-extra"));
var postman_collection_1 = require("postman-collection");
var application_1 = require("../application");
var lib_1 = require("../lib");
var oas_1 = require("../oas");
var postman_1 = require("../postman");
var types_1 = require("../types");
var PortmanError_1 = require("../utils/PortmanError");
var Fuzzer_1 = require("./Fuzzer");
describe('Fuzzer', function () {
var postmanParser;
var oasParser;
var testSuite;
var variationWriter;
var variationTests;
var variationTest;
var variationMeta;
var fuzzer;
var pmOps;
var pmOpBody;
var pmOpQuery;
var pmOpHeader;
var oaOpBody;
var oaOpQuery;
var oaOpHeader;
var postmanJson = '__tests__/fixtures/crm.postman.json';
var oasYml = '__tests__/fixtures/crm-fuzzing.yml';
var portmanConfigFile = '__tests__/fixtures/portman-fuzzing.crm.json';
beforeEach(function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var postmanObj, configResult, config;
var _a;
return tslib_1.__generator(this, function (_b) {
switch (_b.label) {
case 0:
oasParser = new oas_1.OpenApiParser();
return [4, oasParser.convert({ inputFile: oasYml })];
case 1:
_b.sent();
postmanObj = JSON.parse(fs_extra_1.default.readFileSync(postmanJson).toString());
return [4, (0, lib_1.getConfig)(portmanConfigFile)];
case 2:
configResult = _b.sent();
if (Either.isLeft(configResult)) {
return [2, PortmanError_1.PortmanError.render(configResult.left)];
}
config = configResult.right;
postmanParser = new postman_1.PostmanParser({
collection: new postman_collection_1.Collection(postmanObj),
oasParser: oasParser
});
testSuite = new application_1.TestSuite({ oasParser: oasParser, postmanParser: postmanParser, config: config });
variationWriter = new application_1.VariationWriter({
testSuite: testSuite,
variationFolderName: 'Variation Tests'
});
fuzzer = new Fuzzer_1.Fuzzer({ testSuite: testSuite, variationWriter: variationWriter });
variationTests = (_a = config === null || config === void 0 ? void 0 : config.tests) === null || _a === void 0 ? void 0 : _a.variationTests;
variationTest = variationTests[0];
variationMeta = variationTest.variationMeta;
pmOps = testSuite.getOperationsFromSetting(variationTest);
pmOpBody = pmOps[11];
pmOpQuery = pmOps[10];
pmOpHeader = pmOps[10];
oaOpBody = oasParser.getOperationByPath(pmOpBody.pathRef);
oaOpQuery = oasParser.getOperationByPath(pmOpQuery.pathRef);
oaOpHeader = oasParser.getOperationByPath(pmOpHeader.pathRef);
return [2];
}
});
}); });
it('should not fuzz when no OpenAPI fuzzable properties are detected', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
return tslib_1.__generator(this, function (_a) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzRequiredVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect(result).toBeUndefined();
return [2];
});
}); });
it('should fuzz the required prop of the request body', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: ['name'],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzRequiredVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz required fields using matching request body examples', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, requestBodyExamples, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: ['name'],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
requestBodyExamples = [
{ device_id: 'a15e3ff0-fb5b-4026-a7d4-a65aa02bbfb8' },
{ name: 'Ada Lovelace', provider: 'apple' }
];
fuzzer.injectFuzzRequiredVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems, requestBodyExamples);
expect(fuzzer.fuzzVariations).toHaveLength(1);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz required fields for array examples with nested paths', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, requestBodyExamples, result, rawBody;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: ['[0].to.device_token'],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
requestBodyExamples = [
[
{
reference: 'ref-123',
to: { device_id: 'a15e3ff0-fb5b-4026-a7d4-a65aa02bbfb8' }
}
],
[
{
reference: 'ref-123',
to: { device_token: 'ed2576bfb93a2e7abc26', provider: 'apple' }
}
]
];
fuzzer.injectFuzzRequiredVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems, requestBodyExamples);
expect(fuzzer.fuzzVariations).toHaveLength(1);
result = fuzzer.fuzzVariations[0];
rawBody = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw;
expect(JSON.parse(rawBody)).toEqual([{ reference: 'ref-123', to: { provider: 'apple' } }]);
return [2];
});
}); });
it('should select matching examples for anyOf without discriminator', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var schema, fuzzItems, requestBodyExamples, requiredA, requiredB, bodyA, bodyB;
var _a, _b, _c, _d;
return tslib_1.__generator(this, function (_e) {
schema = {
type: 'object',
anyOf: [
{
type: 'object',
required: ['a'],
properties: {
a: { type: 'string' },
common: { type: 'string' }
}
},
{
type: 'object',
required: ['b'],
properties: {
b: { type: 'string' },
common: { type: 'string' }
}
}
]
};
fuzzItems = fuzzer.analyzeFuzzJsonSchema(schema);
requestBodyExamples = [
{ a: 'first', common: 'alpha' },
{ b: 'second', common: 'beta' }
];
fuzzer.injectFuzzRequiredVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems, requestBodyExamples);
expect(fuzzer.fuzzVariations).toHaveLength(2);
requiredA = fuzzer.fuzzVariations.find(function (variation) {
return variation.item.name.includes('[required a]');
});
requiredB = fuzzer.fuzzVariations.find(function (variation) {
return variation.item.name.includes('[required b]');
});
expect(requiredA).toBeDefined();
expect(requiredB).toBeDefined();
bodyA = JSON.parse((_b = (_a = requiredA.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw);
bodyB = JSON.parse((_d = (_c = requiredB.item.request) === null || _c === void 0 ? void 0 : _c.body) === null || _d === void 0 ? void 0 : _d.raw);
expect(bodyA).toEqual({ common: 'alpha' });
expect(bodyB).toEqual({ common: 'beta' });
return [2];
});
}); });
it('should select matching examples for anyOf with discriminator', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var schema, fuzzItems, requestBodyExamples, requiredName, requiredCompany, bodyName, bodyCompany;
var _a, _b, _c, _d;
return tslib_1.__generator(this, function (_e) {
schema = {
type: 'object',
anyOf: [
{
type: 'object',
required: ['type', 'name'],
properties: {
type: { enum: ['person'] },
name: { type: 'string' }
}
},
{
type: 'object',
required: ['type', 'company'],
properties: {
type: { enum: ['company'] },
company: { type: 'string' }
}
}
],
discriminator: {
propertyName: 'type'
}
};
fuzzItems = fuzzer.analyzeFuzzJsonSchema(schema);
requestBodyExamples = [
{ type: 'person', name: 'Ada' },
{ type: 'company', company: 'ACME' }
];
fuzzer.injectFuzzRequiredVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems, requestBodyExamples);
requiredName = fuzzer.fuzzVariations.find(function (variation) {
return variation.item.name.includes('[required name]');
});
requiredCompany = fuzzer.fuzzVariations.find(function (variation) {
return variation.item.name.includes('[required company]');
});
expect(requiredName).toBeDefined();
expect(requiredCompany).toBeDefined();
bodyName = JSON.parse((_b = (_a = requiredName.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw);
bodyCompany = JSON.parse((_d = (_c = requiredCompany.item.request) === null || _c === void 0 ? void 0 : _c.body) === null || _d === void 0 ? void 0 : _d.raw);
expect(bodyName).toEqual({ type: 'person' });
expect(bodyCompany).toEqual({ type: 'company' });
return [2];
});
}); });
it('should skip fuzzing when no matching request body example exists', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var schema, fuzzItems, requestBodyExamples, warnSpy;
return tslib_1.__generator(this, function (_a) {
schema = {
type: 'object',
required: ['name'],
properties: {
name: { type: 'string' }
}
};
fuzzItems = fuzzer.analyzeFuzzJsonSchema(schema);
requestBodyExamples = [{ device_id: 'a15e3ff0-fb5b-4026-a7d4-a65aa02bbfb8' }];
warnSpy = jest.spyOn(console, 'warn').mockImplementation(function () { return undefined; });
fuzzer.injectFuzzRequiredVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems, requestBodyExamples);
expect(fuzzer.fuzzVariations).toHaveLength(0);
expect(warnSpy).toHaveBeenCalled();
warnSpy.mockRestore();
return [2];
});
}); });
it('should fuzz the 2nd required props of the request body', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: ['name', 'company_name'],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzRequiredVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[1];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the value of a prop of the request body below the defined minimum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [{ path: 'monetary_amount', field: 'monetary_amount', value: 100 }],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMinimumVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the value of a prop of the request body to zero minimum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [{ path: 'monetary_amount', field: 'monetary_amount', value: 1 }],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMinimumVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toContain('"monetary_amount": 0,');
return [2];
});
}); });
it('should fuzz the value of a prop of the request body to a negative minimum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [{ path: 'monetary_amount', field: 'monetary_amount', value: 0 }],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMinimumVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toContain('"monetary_amount": -1,');
return [2];
});
}); });
it('should fuzz the value of a prop of the request body above the defined maximum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [{ path: 'monetary_amount', field: 'monetary_amount', value: 300 }],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMaximumVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the value of a prop of the request body to zero maximum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [{ path: 'monetary_amount', field: 'monetary_amount', value: -1 }],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMaximumVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toContain('"monetary_amount": 0,');
return [2];
});
}); });
it('should fuzz the value of a prop of the request body above the defined minimum in float format', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [{ path: 'monetary_amount', field: 'monetary_amount', value: 100.1 }],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMinimumVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the value of a prop of the request body above the defined maximum in float format', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [{ path: 'monetary_amount', field: 'monetary_amount', value: 300.67 }],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMaximumVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the request body to empty when minimum length is 1', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'first_name', field: 'first_name', value: 1 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the request body array to empty when minimum length is 1', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'addresses', field: 'addresses', value: 1 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the request body array to 1 when the minimum length of 2', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'addresses', field: 'addresses', value: 2 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it.skip('should fuzz the request body object to 1 when the minimum length of 2', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'websites[0]', field: 'websites[0]', value: 2 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a string prop of the request body above the defined negative minimum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'first_name', field: 'first_name', value: -1 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a string prop of the request body above the defined minimum length of 2', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'first_name', field: 'first_name', value: 2 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a number prop of the request body below the defined minimum length of 1', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'monetary_amount', field: 'monetary_amount', value: 1 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a number prop of the request body below the defined minimum length of 2', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'monetary_amount', field: 'monetary_amount', value: 2 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a string prop of the request body above the defined maximum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: [{ path: 'first_name', field: 'first_name', value: 10 }]
};
fuzzer.injectFuzzMaxLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a number prop of the request body above the defined maximum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: [{ path: 'monetary_amount', field: 'monetary_amount', value: 10 }]
};
fuzzer.injectFuzzMaxLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the request body array to maximum length above the defined maximum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: [{ path: 'addresses', field: 'addresses', value: 3 }]
};
fuzzer.injectFuzzMaxLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it.skip('should fuzz the request body object to maximum length above the defined maximum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestBody,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: [{ path: 'websites.[0]', field: 'websites.[0]', value: 5 }]
};
fuzzer.injectFuzzMaxLengthVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.body) === null || _b === void 0 ? void 0 : _b.raw).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the required prop of the request query params', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: ['cursor'],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzRequiredVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the multiple required props of the request query params', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: ['raw', 'cursor'],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzRequiredVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[1];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the value of a prop of the request query params below the defined minimum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [{ path: 'limit', field: 'limit', value: 10 }],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMinimumVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the value of a prop of the request query params above the defined maximum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [{ path: 'limit', field: 'limit', value: 100 }],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMaximumVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the value of a prop of the request query params above the defined minimum in float format', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [{ path: 'limit', field: 'limit', value: 100.1 }],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMinimumVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the value of a prop of the request query params above the defined maximum in float format', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [{ path: 'limit', field: 'limit', value: 300.67 }],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzMaximumVariation(pmOpBody, oaOpBody, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the request query params to empty when minimum length is 1', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'filter[first_name]', field: 'filter[first_name]', value: 1 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a string prop of the request query params above the defined below the defined minimum length of 2', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'filter[first_name]', field: 'filter[first_name]', value: 2 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a number prop of the request query params above the defined below the defined minimum length of 1', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'limit', field: 'limit', value: 1 }],
maxLengthFields: []
};
fuzzer.injectFuzzMinLengthVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a string prop of the request query params above the defined maximum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: [{ path: 'filter[first_name]', field: 'filter[first_name]', value: 10 }]
};
fuzzer.injectFuzzMaxLengthVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a number prop of the request query params above the defined maximum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: [{ path: 'limit', field: 'limit', value: 10 }]
};
fuzzer.injectFuzzMaxLengthVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a PM dynamic variable in the request query params above the defined minimum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [{ path: 'raw', field: 'raw', value: 2 }],
maxLengthFields: []
};
pmOpQuery.item.request.url.query.members[0].value = '{{$randomIntTest}}';
fuzzer.injectFuzzMinLengthVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the length of a PM dynamic variable in the request query params above the defined maximum', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b, _c;
return tslib_1.__generator(this, function (_d) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: [{ path: 'raw', field: 'raw', value: 10 }]
};
pmOpQuery.item.request.url.query.members[0].value = '{{$randomIntTest}}';
fuzzer.injectFuzzMaxLengthVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_c = (_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.url) === null || _b === void 0 ? void 0 : _b.query) === null || _c === void 0 ? void 0 : _c.members).toMatchSnapshot();
return [2];
});
}); });
it('should not fuzz if plain Postman variable in the request query', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
return tslib_1.__generator(this, function (_a) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestQueryParam,
requiredFields: [],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: [{ path: 'raw', field: 'raw', value: 10 }]
};
pmOpQuery.item.request.url.query.members[0].value = '{{fooBar}}';
fuzzer.injectFuzzMaxLengthVariation(pmOpQuery, oaOpQuery, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect(result).toBeUndefined();
return [2];
});
}); });
it('should fuzz the required prop of the request header', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestHeader,
requiredFields: ['x-apideck-app-id'],
minimumNumberFields: [],
maximumNumberFields: [],
minLengthFields: [],
maxLengthFields: []
};
fuzzer.injectFuzzRequiredVariation(pmOpHeader, oaOpHeader, variationTest, variationMeta, fuzzItems);
result = fuzzer.fuzzVariations[0];
expect((_b = (_a = result.item.request) === null || _a === void 0 ? void 0 : _a.headers) === null || _b === void 0 ? void 0 : _b.members).toMatchSnapshot();
return [2];
});
}); });
it('should fuzz the multiple required props of the request header', function () { return tslib_1.__awaiter(void 0, void 0, void 0, function () {
var fuzzItems, result;
var _a, _b;
return tslib_1.__generator(this, function (_c) {
fuzzItems = {
fuzzType: types_1.PortmanFuzzTypes.requestHeader,
requiredFields: ['x-apid