Skip to content

Commit

Permalink
Stop using drf-spectacular (#542)
Browse files Browse the repository at this point in the history
- Use Redoc instead of swagger
- Don't rely on CDN
- Fix docs for bulk_search API

Signed-off-by: Shivam Sandbhor <[email protected]>
  • Loading branch information
sbs2001 authored Sep 8, 2021
1 parent 2519f65 commit 64d52ec
Show file tree
Hide file tree
Showing 23 changed files with 1,002 additions and 21 deletions.
1 change: 0 additions & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ aiohttp>=3.7.4.post0
djangorestframework>=3.12.4
django-filter>=2.4.0
django-widget-tweaks>=1.4.8
drf-spectacular>=0.17.1
packageurl-python>=0.9.4
binaryornot>=0.4.4
GitPython>=3.1.17
Expand Down
6 changes: 0 additions & 6 deletions vulnerabilities/api.py
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@
from urllib.parse import unquote

from django_filters import rest_framework as filters
from drf_spectacular.utils import extend_schema, inline_serializer
from packageurl import PackageURL

from rest_framework import serializers, viewsets
Expand All @@ -35,10 +34,6 @@
from vulnerabilities.models import VulnerabilityReference
from vulnerabilities.models import VulnerabilitySeverity

# This serializer is used for the bulk apis, to prevent wrong auto documentation
# TODO: Fix the swagger documentation for bulk apis
placeholder_serializer = inline_serializer(name="Placeholder", fields={})


class VulnerabilitySeveritySerializer(serializers.ModelSerializer):
class Meta:
Expand Down Expand Up @@ -135,7 +130,6 @@ class PackageViewSet(viewsets.ReadOnlyModelViewSet):
filterset_class = PackageFilterSet

# TODO: Fix the swagger documentation for this endpoint
@extend_schema(request=placeholder_serializer, responses=placeholder_serializer)
@action(detail=False, methods=["post"])
def bulk_search(self, request):
"""
Expand Down
21 changes: 21 additions & 0 deletions vulnerabilities/templates/api_doc.html
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
{% load static %}
<!DOCTYPE html>
<html>
<head>
<title>VulnerableCode API</title>
<meta charset="utf-8"/>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link href="{% static 'api_doc/font.css' %}" rel="stylesheet">

<style>
body {
margin: 0;
padding: 0;
}
</style>
</head>
<body>
<redoc spec-url="{% static 'api_doc/api_schema.yaml' %}"></redoc>
<script src="{% static 'api_doc/redoc.standalone.js' %}"> </script>
</body>
</html>
2 changes: 1 addition & 1 deletion vulnerabilities/templates/base.html
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
<a class="navbar-item" href="{% url 'home' %}">
Home
</a>
<a class="navbar-item" href="{% url 'swagger-ui' %}">
<a class="navbar-item" href="{% url 'redoc' %}">
API Docs
</a>
{% if enable_curation %}
Expand Down
7 changes: 7 additions & 0 deletions vulnerabilities/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
from django.core.paginator import Paginator
from django.db.models import Count
from django.http import HttpResponse
from django.http.response import HttpResponseNotAllowed
from django.shortcuts import render, redirect
from django.urls import reverse
from django.views import View
Expand Down Expand Up @@ -248,3 +249,9 @@ def form_valid(self, form):

def get_success_url(self):
return reverse("vulnerability_view", kwargs={"pk": self.kwargs["vid"]})


def schema_view(request):
if request.method != "GET":
return HttpResponseNotAllowed()
return render(request, "api_doc.html")
12 changes: 2 additions & 10 deletions vulnerablecode/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
SECRET_KEY = env.str("SECRET_KEY")

ALLOWED_HOSTS = env.list("ALLOWED_HOSTS", default=[".localhost", "127.0.0.1", "[::1]"])
DEBUG = True

# Application definition

Expand All @@ -30,7 +31,6 @@
"rest_framework",
"django_filters",
"widget_tweaks",
"drf_spectacular",
]

MIDDLEWARE = [
Expand Down Expand Up @@ -122,8 +122,7 @@
# Static files (CSS, JavaScript, Images)

STATIC_URL = "/static/"

STATIC_ROOT = "/var/vulnerablecode/static"
STATIC_ROOT = "./"

STATICFILES_DIRS = [
str(PROJECT_DIR.joinpath("static")),
Expand All @@ -134,14 +133,7 @@
"DEFAULT_FILTER_BACKENDS": ("django_filters.rest_framework.DjangoFilterBackend",),
"DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.LimitOffsetPagination",
"PAGE_SIZE": 100,
"DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
}

SPECTACULAR_SETTINGS = {
"SERVE_INCLUDE_SCHEMA": False,
"TITLE": "VulnerableCode API",
}
# TODO: Specify the license for the API here.

# Set this to true to enable community curation, ie users will be able to edit data
ENABLE_CURATION = False
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
/*!
* ReDoc - OpenAPI/Swagger-generated API Reference Documentation
* -------------------------------------------------------------
* Version: "2.0.0-rc.56"
* Repo: https://github.com/Redocly/redoc
*/

/*!
* lunr.Builder
* Copyright (C) 2020 Oliver Nightingale
*/

/*!
* lunr.Index
* Copyright (C) 2020 Oliver Nightingale
*/

/*!
* lunr.Pipeline
* Copyright (C) 2020 Oliver Nightingale
*/

/*!
* lunr.Set
* Copyright (C) 2020 Oliver Nightingale
*/

/*!
* lunr.TokenSet
* Copyright (C) 2020 Oliver Nightingale
*/

/*!
* lunr.Vector
* Copyright (C) 2020 Oliver Nightingale
*/

/*!
* lunr.stemmer
* Copyright (C) 2020 Oliver Nightingale
* Includes code from - http://tartarus.org/~martin/PorterStemmer/js.txt
*/

/*!
* lunr.stopWordFilter
* Copyright (C) 2020 Oliver Nightingale
*/

/*!
* lunr.tokenizer
* Copyright (C) 2020 Oliver Nightingale
*/

/*!
* lunr.trimmer
* Copyright (C) 2020 Oliver Nightingale
*/

/*!
* lunr.utils
* Copyright (C) 2020 Oliver Nightingale
*/

/**
* lunr - http://lunrjs.com - A bit like Solr, but much smaller and not as bright - 2.3.9
* Copyright (C) 2020 Oliver Nightingale
* @license MIT
*/

Large diffs are not rendered by default.

Loading

0 comments on commit 64d52ec

Please sign in to comment.