Merge pull request #545 from trojs/feature/optional-response-validation

Adds option to disable response validation

Author: w3nl

src/api.js

@@ -28,6 +28,7 @@ import { setupRouter } from './router.js'
  * @property {Handler=} unauthorizedHandler
  * @property {boolean=} swagger
  * @property {boolean=} apiDocs
+ * @property {boolean=} validateResponse
  * @property {AjvOpts=} ajvOptions
  * @property {AjvCustomizer=} customizeAjv
  * @property {any[]=} middleware
@@ -57,6 +58,7 @@ export class Api {
     unauthorizedHandler,
     swagger,
     apiDocs,
+    validateResponse,
     ajvOptions,
     customizeAjv,
     middleware = []
@@ -73,6 +75,7 @@ export class Api {
     this.unauthorizedHandler = unauthorizedHandler || undefined
     this.swagger = swagger ?? true
     this.apiDocs = apiDocs ?? true
+    this.validateResponse = validateResponse ?? true
     this.ajvOptions = ajvOptions ?? { allErrors: false }
     this.customizeAjv = customizeAjv
     this.middleware = middleware
@@ -120,6 +123,7 @@ export class Api {
       meta: this.meta,
       securityHandlers: this.securityHandlers,
       unauthorizedHandler: this.unauthorizedHandler,
+      validateResponse: this.validateResponse,
       ajvOptions: this.ajvOptions,
       customizeAjv: this.customizeAjv
     })

src/router.js

@@ -27,6 +27,7 @@ import { unauthorized } from './handlers/unauthorized.js'
  * @param {object=} params.meta
  * @param {SecurityHandler[]=} params.securityHandlers
  * @param {Handler=} params.unauthorizedHandler
+ * @param {boolean=} params.validateResponse
  * @param {AjvOpts=} params.ajvOptions
  * @param {AjvCustomizer=} params.customizeAjv
  * @param {boolean=} params.mock
@@ -42,6 +43,7 @@ export const setupRouter = ({
   meta,
   securityHandlers = [],
   unauthorizedHandler,
+  validateResponse = true,
   ajvOptions = {},
   customizeAjv,
   mock
@@ -58,12 +60,17 @@ export const setupRouter = ({
     customizeAjv: customizeAjv || ajvWithExtraFormats
   })
 
-  api.register({
+  const handlers = {
     unauthorizedHandler: unauthorizedHandler || unauthorized,
     validationFail: requestValidation,
-    notFound,
-    postResponseHandler: makeResponseValidation(logger)
-  })
+    notFound
+  }
+
+  if (validateResponse) {
+    handlers.postResponseHandler = makeResponseValidation(logger)
+  }
+
+  api.register(handlers)
 
   operationIds({ specification: openAPISpecification }).forEach(
     (operationId) => {

src/router.test.js

@@ -90,4 +90,68 @@ test('Test the router', async (t) => {
       )
     }
   )
+
+  await t.test(
+    'It should not register postResponseHandler when validateResponse is false',
+    async () => {
+      const controllers = {
+        getMessages: () => ({
+          test: 'ok'
+        })
+      }
+
+      const { api } = setupRouter({
+        secret: envExample.SECRET,
+        openAPISpecification,
+        controllers,
+        validateResponse: false,
+        logger
+      })
+
+      assert.strictEqual(api.handlers.postResponseHandler, undefined)
+    }
+  )
+
+  await t.test(
+    'It should register postResponseHandler when validateResponse is true',
+    async () => {
+      const controllers = {
+        getMessages: () => ({
+          test: 'ok'
+        })
+      }
+
+      const { api } = setupRouter({
+        secret: envExample.SECRET,
+        openAPISpecification,
+        controllers,
+        validateResponse: true,
+        logger
+      })
+
+      assert.notStrictEqual(api.handlers.postResponseHandler, undefined)
+      assert.strictEqual(typeof api.handlers.postResponseHandler, 'function')
+    }
+  )
+
+  await t.test(
+    'It should register postResponseHandler by default (when validateResponse is not specified)',
+    async () => {
+      const controllers = {
+        getMessages: () => ({
+          test: 'ok'
+        })
+      }
+
+      const { api } = setupRouter({
+        secret: envExample.SECRET,
+        openAPISpecification,
+        controllers,
+        logger
+      })
+
+      assert.notStrictEqual(api.handlers.postResponseHandler, undefined)
+      assert.strictEqual(typeof api.handlers.postResponseHandler, 'function')
+    }
+  )
 })