Skip to content

SchmidtDSE/api_box_test_project

BranchesTags

Repository files navigation

API Dock Test Project

Integration testing environment for API Dock route restrictions using configurable Toy API servers.

Quick Start Commands

If you haven't created your databases you can do that with a simple command:

# generate databases (see: toy_api_config/databases/*.yaml)
# - creates/outputs-files-to: CWD/databases/ folder with nested structure
pixi run toy_api database --all

# Or generate specific databases:
# pixi run toy_api database test_db
# pixi run toy_api database versioned_db/1.2

These commands will launch a number of "remote" apis, and then launch the api-doc proxy for the remote apis:

# start up remote-apis (see: toy_api_config/apis/*.yaml)
pixi run toy_api start --all

# start up api-doc (see: api_dock_config/)
pixi run api_dock start

ENDPOINT TESTS

Working Endpoints (Return 200 with Data)

# Basic Remote API
curl http://localhost:8000/basic_remote/users
curl http://localhost:8000/basic_remote/users/1005
curl http://localhost:8000/basic_remote/users/1005/profile
curl http://localhost:8000/basic_remote/users/1005/permissions
curl http://localhost:8000/basic_remote/health

# Versioned Remote API (version 1.2)
curl http://localhost:8000/versioned_remote/1.2/users
curl http://localhost:8000/versioned_remote/1.2/users/1005
curl http://localhost:8000/versioned_remote/1.2/users/1005/profile
curl http://localhost:8000/versioned_remote/1.2/users/1005/posts
curl http://localhost:8000/versioned_remote/1.2/health

# Versioned Remote API (latest version - resolves to 1.2)
curl http://localhost:8000/versioned_remote/latest/users
curl http://localhost:8000/versioned_remote/latest/users/1005
curl http://localhost:8000/versioned_remote/latest/health

# Allowed Routes Remote API (Whitelist)
curl http://localhost:8000/allowed_routes_remote/users
curl http://localhost:8000/allowed_routes_remote/users/1005
curl http://localhost:8000/allowed_routes_remote/users/1005/profile
curl http://localhost:8000/allowed_routes_remote/users/1005/posts
curl http://localhost:8000/allowed_routes_remote/posts
curl http://localhost:8000/allowed_routes_remote/health

# Wildcard Remote - Allowed routes
curl http://localhost:8000/wildcard_remote/users
curl http://localhost:8000/wildcard_remote/users/1005
curl http://localhost:8000/wildcard_remote/users/1005/profile
curl http://localhost:8000/wildcard_remote/users/1005/permissions
curl http://localhost:8000/wildcard_remote/health

# SQL Database Endpoints (test_db)
curl http://localhost:8000/test_db/users
curl http://localhost:8000/test_db/users/1005
curl http://localhost:8000/test_db/users/1005/permissions
curl http://localhost:8000/test_db/users/1005/posts
curl http://localhost:8000/test_db/users/active
curl http://localhost:8000/test_db/posts
curl http://localhost:8000/test_db/posts/10

# SQL Database Endpoints (versioned_db - version 1.2)
curl http://localhost:8000/versioned_db/1.2/users
curl http://localhost:8000/versioned_db/1.2/users/1005
curl http://localhost:8000/versioned_db/1.2/users/1005/permissions
curl http://localhost:8000/versioned_db/1.2/users/1005/posts
curl http://localhost:8000/versioned_db/1.2/posts

# SQL Database Endpoints (versioned_db - latest)
curl http://localhost:8000/versioned_db/latest/users
curl http://localhost:8000/versioned_db/latest/users/1005
curl http://localhost:8000/versioned_db/latest/users/1005/permissions

Blocked or Non-Existent Endpoints (Return 403 or 404)

# Global restrictions (403 - blocked by config)
curl http://localhost:8000/basic_remote/users/1005/delete
curl http://localhost:8000/basic_remote/admin/5/dangerous

# Remote-specific restrictions (403 - blocked by remote config, combined with global)
curl http://localhost:8000/restricted_remote/users/1005/permissions
curl http://localhost:8000/restricted_remote/admin/dashboard
curl http://localhost:8000/restricted_remote/admin/users/123
curl http://localhost:8000/restricted_remote/system/123/config
curl http://localhost:8000/restricted_remote/users/1005/private

# Whitelist restrictions (403 - not in allowed list)
curl http://localhost:8000/allowed_routes_remote/users/1005/settings
curl http://localhost:8000/allowed_routes_remote/admin

# Wildcard restrictions (403 - blocked by admin/* pattern)
curl http://localhost:8000/wildcard_remote/admin/dashboard
curl http://localhost:8000/wildcard_remote/admin/users/settings
curl http://localhost:8000/restricted_remote/admin/anything

# Method-aware restrictions - DELETE (403 - blocked by method restriction)
curl -X DELETE http://localhost:8000/wildcard_remote/users/1005/profile

# Method-aware restrictions - POST (403 - blocked by single-segment POST restriction)
curl -X POST http://localhost:8000/wildcard_remote/users

# Method-aware restrictions - POST (404 - allowed through but toy API doesn't support POST)
curl -X POST http://localhost:8000/wildcard_remote/users/1005

# Global method-aware restrictions - PATCH (403 - blocked on all remotes)
curl -X PATCH http://localhost:8000/basic_remote/users/1005
curl -X PATCH http://localhost:8000/wildcard_remote/users/1005
curl -X PATCH http://localhost:8000/restricted_remote/health

License

BSD 3-Clause

About

A test project for API Box (using toy_api)

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages