CloudServices/WALint

From MozillaWiki
< CloudServices(Redirected from Services/WALint)
Jump to: navigation, search

WALint (Web App Lint) is a script that checks for the compliance of a web application.

v1 reqs

  • WALint is configured via a config file that lists
    • the root url of the web app [ok]
    • for each service: path, supported methods [ok]
    • a list of points to control (each control has a unique id) [ok]
    • hooks to be called before and after every request is made [ok]
    • hooks to be called before and after a request on a specific service is made [ok]
  • WALint provides
    • a default list of built-in controllers [ok]
    • a UnitTest integration so it can be called in a test campaign
    • a Cornice integration so the list of services is automatically generated

config file example

[walint]
root = walint.tests.testapp.application

; you can define controllers with an alias so they are easy to use multiple
; times
[controller:auth-basic]
location = walint.controllers.auth_basic
params = foo bar

; services defines paths and methods.
[service:bar]
path = /bar
methods = GET|PUT|POST

[service:baz]
path = /baz
methods = *

[test:testauth]
; Test for basic authentication on bar and baz
services =
    bar GET
    baz PUT|POST

controllers = auth-basic

; singles are run only once (they get all the defined services
; as an argument and the configuration)
singles = walint.singles.check_404

list of built-in controllers

  • [WALINT001] 400, broken Authorization header on a web service that requires authentication [OK]
  • [WALINT002] 400, broken json on a web service that requests json objects [OK]
  • [WALINT003] 401, failed auth [OK for basic auth]
  • [WALINT004] 404, on a random URI call [OK]
  • [WALINT005] 405, wrong HTTP method but a valid URI
  • [WALINT006] 406, the request's Accept headers don't match the available content types that the server can produce [OK]
  • [WALINT007] 411, missing Content-Length on a PUT or POST
  • [WALINT008] 413, large PUTs and POSTs (size tbd 3MB ?)
  • [WALINT009] 414, over-long URIs (size?) [OK]
  • [WALINT010] 418, TEAPOT !
  • [WALINT011] 430, request header fields too large,

building a custom controller

WALint loops on every service defined in [services], and for every method

A controller is a callable that receives a WebTest app instance, an URI and a method, and performs a test.

  • If the test failed, the controller can raise an assertion
  • If the controller is not compatible with the method, if can return immediatly

The controller is responsible for the call and the check of the response.

unit test integration

WALint provides a unittest.TestCase class that reads a config file and generates on the fly one test method per controller when called. That allows it to be integrated in an application test runner.

The "wsgiapp" option can be used instead of "root". In that case WALint instanciates the WSGI application and run the tests against it instead of calling a distant server. (technical detail: WALint uses WSGIPRoxy internally to call distant apps)

cornice integration

The config file may point to Cornice definitions. In that case the list of services are listed automatically.