servant-quickcheck-0.0.4: QuickCheck entire APIs

Safe HaskellNone
LanguageHaskell2010

Servant.QuickCheck.Internal.Predicates

Contents

Synopsis

Documentation

not500 :: ResponsePredicate Source #

Best Practice

500 Internal Server Error should be avoided - it may represent some issue with the application code, and it moreover gives the client little indication of how to proceed or what went wrong.

This function checks that the response code is not 500.

Since 0.0.0.0

notLongerThan :: Integer -> RequestPredicate Source #

Optional

This function checks that the response from the server does not take longer than the specified number of nanoseconds.

Since 0.0.2.1

onlyJsonObjects :: ResponsePredicate Source #

Best Practice

Returning anything other than an object when returning JSON is considered bad practice, as:

  1. it is hard to modify the returned value while maintaining backwards compatibility
  2. many older tools do not support top-level arrays
  3. whether top-level numbers, booleans, or strings are valid JSON depends on what RFC you're going by
  4. there are security issues with top-level arrays

This function checks that any application/json responses only return JSON objects (and not arrays, strings, numbers, or booleans) at the top level.

References:

Since 0.0.0.0

createContainsValidLocation :: RequestPredicate Source #

Optional

When creating a new resource, it is good practice to provide a Location header with a link to the created resource.

This function checks that every 201 Created response contains a Location header, and that the link in it responds with a 2XX response code to GET requests.

This is considered optional because other means of linking to the resource (e.g. via the response body) are also acceptable; linking to the resource in some way is considered best practice.

References:

Since 0.0.0.0

getsHaveLastModifiedHeader :: RequestPredicate Source #

Optional

The Last-Modified header represents the time a resource was last modified. It is used to drive caching and conditional requests.

When using this mechanism, the server adds the Last-Modified header to responses. Clients may then make requests with the If-Modified-Since header to conditionally request resources. If the resource has not changed since that date, the server responds with a status code of 304 (Not Modified) without a response body.

The Last-Modified header can also be used in conjunction with the If-Unmodified-Since header to drive optimistic concurrency.

The Last-Modified date must be in RFC 822 format.

References:

Since 0.0.2.1

notAllowedContainsAllowHeader :: RequestPredicate Source #

RFC Compliance

When an HTTP request has a method that is not allowed, a 405 response should be returned. Additionally, it is good practice to return an Allow header with the list of allowed methods.

This function checks that every 405 Method Not Allowed response contains an Allow header with a list of standard HTTP methods.

Note that servant itself does not currently set the Allow headers.

References:

Since 0.0.0.0

honoursAcceptHeader :: RequestPredicate Source #

RFC Compliance

When a request contains an Accept header, the server must either return content in one of the requested representations, or respond with 406 Not Acceptable.

This function checks that every *successful* response has a Content-Type header that matches the Accept header. It does *not* check that the server matches the quality descriptions of the Accept header correctly.

References:

Since 0.0.0.0

getsHaveCacheControlHeader :: RequestPredicate Source #

Best Practice

Whether or not a representation should be cached, it is good practice to have a Cache-Control header for GET requests. If the representation should not be cached, used Cache-Control: no-cache.

This function checks that GET responses have Cache-Control header. It does NOT currently check that the header is valid.

References:

Since 0.0.0.0

headsHaveCacheControlHeader :: RequestPredicate Source #

Best Practice

Like getsHaveCacheControlHeader, but for HEAD requests.

Since 0.0.0.0

unauthorizedContainsWWWAuthenticate :: ResponsePredicate Source #

RFC Compliance

Any 401 Unauthorized response must include a WWW-Authenticate header.

This function checks that, if a response has status code 401, it contains a WWW-Authenticate header.

References:

Since 0.0.0.0

htmlIncludesDoctype :: ResponsePredicate Source #

RFC Compliance
An HTML
document will start with exactly this string: html

This function checks that HTML documents (those with `Content-Type: text/html...`) include a DOCTYPE declaration at the top. We do not enforce capital case for the string DOCTYPE.

References:

Predicate logic

newtype ResponsePredicate Source #

A predicate that depends only on the response.

Since 0.0.0.0

newtype RequestPredicate Source #

A predicate that depends on both the request and the response.

Since 0.0.0.0

data Predicates Source #

A set of predicates. Construct one with mempty and <%>.

Instances

Generic Predicates Source # 

Associated Types

type Rep Predicates :: * -> * #

Monoid Predicates Source # 
type Rep Predicates Source # 
type Rep Predicates = D1 (MetaData "Predicates" "Servant.QuickCheck.Internal.Predicates" "servant-quickcheck-0.0.4-7QE5TVMz9ssGLzXTaojPUl" False) (C1 (MetaCons "Predicates" PrefixI True) ((:*:) (S1 (MetaSel (Just Symbol "requestPredicates") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 RequestPredicate)) (S1 (MetaSel (Just Symbol "responsePredicates") NoSourceUnpackedness NoSourceStrictness DecidedLazy) (Rec0 ResponsePredicate))))

(<%>) :: JoinPreds a => a -> Predicates -> Predicates infixr 6 Source #

Adds a new predicate (either ResponsePredicate or RequestPredicate) to the existing predicates.

not500 <%> onlyJsonObjects <%> empty

Since 0.0.0.0

helpers