Metadata API: simplify testing unrecognized_fields

Martin Vrachev · Martin Vrachev · commit d0a25bf83641 · 2021-06-30T18:58:39.000+03:00
We have merged ADR 8 allowing for unrecognized fields and we have added tests for that which are too specific and not scalable. Now, I use table testing which we have used initially in #1416 to test unrecognized fields support in a cleaner and much more readable way. Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
diff --git a/tests/test_api.py b/tests/test_api.py
@@ -465,52 +465,6 @@ def test_metadata_targets(self):
         )
 
 
-    def setup_dict_with_unrecognized_field(self, file_path, field, value):
-        json_dict = {}
-        with open(file_path) as f:
-            json_dict = json.loads(f.read())
-        # We are changing the json dict without changing the signature.
-        # This could be a problem if we want to do verification on this dict.
-        json_dict["signed"][field] = value
-        return json_dict
-
-    def test_support_for_unrecognized_fields(self):
-        for metadata in ["root", "timestamp", "snapshot", "targets"]:
-            path = os.path.join(self.repo_dir, "metadata", metadata + ".json")
-            dict1 = self.setup_dict_with_unrecognized_field(path, "f", "b")
-            # Test that the metadata classes store unrecognized fields when
-            # initializing and passes them when casting the instance to a dict.
-
-            # Add unrecognized fields to all metadata sub (helper) classes.
-            if metadata == "root":
-                for keyid in dict1["signed"]["keys"].keys():
-                    dict1["signed"]["keys"][keyid]["d"] = "c"
-                for role_str in dict1["signed"]["roles"].keys():
-                    dict1["signed"]["roles"][role_str]["e"] = "g"
-            elif metadata == "targets" and dict1["signed"].get("delegations"):
-                for keyid in dict1["signed"]["delegations"]["keys"].keys():
-                    dict1["signed"]["delegations"]["keys"][keyid]["d"] = "c"
-                new_roles = []
-                for role in dict1["signed"]["delegations"]["roles"]:
-                    role["e"] = "g"
-                    new_roles.append(role)
-                dict1["signed"]["delegations"]["roles"] = new_roles
-                dict1["signed"]["delegations"]["foo"] = "bar"
-
-            temp_copy = copy.deepcopy(dict1)
-            metadata_obj = Metadata.from_dict(temp_copy)
-
-            self.assertEqual(dict1["signed"], metadata_obj.signed.to_dict())
-
-            # Test that two instances of the same class could have different
-            # unrecognized fields.
-            dict2 = self.setup_dict_with_unrecognized_field(path, "f2", "b2")
-            temp_copy2 = copy.deepcopy(dict2)
-            metadata_obj2 = Metadata.from_dict(temp_copy2)
-            self.assertNotEqual(
-                metadata_obj.signed.to_dict(), metadata_obj2.signed.to_dict()
-            )
-
     def  test_length_and_hash_validation(self):
 
         # Test metadata files' hash and length verification.
diff --git a/tests/test_metadata_serialization.py b/tests/test_metadata_serialization.py
@@ -51,8 +51,13 @@ def wrapper(test_cls: "TestSerialization"):
 class TestSerialization(unittest.TestCase):
 
     valid_keys: DataSet = {
+        # Do we want to add unrecognized fields in the Key class?
         "all": '{"keytype": "rsa", "scheme": "rsassa-pss-sha256", \
             "keyval": {"public": "foo"}}',
+        "unrecognized field": '{"keytype": "rsa", "scheme": "rsassa-pss-sha256", \
+            "keyval": {"public": "foo"}, "foo": "bar"}',
+        "unrecognized field in keyval": '{"keytype": "rsa", "scheme": "rsassa-pss-sha256", \
+            "keyval": {"public": "foo", "foo": "bar"}}',
     }
 
     @run_sub_tests_with_dataset(valid_keys)
@@ -63,7 +68,8 @@ def test_key_serialization(self, test_case_data: str):
 
 
     valid_roles: DataSet = {
-        "all": '{"keyids": ["keyid"], "threshold": 3}'
+        "all": '{"keyids": ["keyid"], "threshold": 3}',
+        "unrecognized field": '{"keyids": ["keyid"], "threshold": 3, "foo": "bar"}',
     }
 
     @run_sub_tests_with_dataset(valid_roles)
@@ -84,6 +90,11 @@ def test_role_serialization(self, test_case_data: str):
             "keys": {"keyid" : {"keytype": "rsa", "scheme": "rsassa-pss-sha256", "keyval": {"public": "foo"} }}, \
             "roles": { "targets": {"keyids": ["keyid"], "threshold": 3} } \
             }',
+        "unrecognized field": '{"_type": "root", "spec_version": "1.0.0", "version": 1, \
+            "expires": "2030-01-01T00:00:00Z", "consistent_snapshot": false, \
+            "keys": {"keyid" : {"keytype": "rsa", "scheme": "rsassa-pss-sha256", "keyval": {"public": "foo"}}}, \
+            "roles": { "targets": {"keyids": ["keyid"], "threshold": 3}}, \
+            "foo": "bar"}',
     }
 
     @run_sub_tests_with_dataset(valid_roots)
@@ -95,7 +106,9 @@ def test_root_serialization(self, test_case_data: str):
     valid_metafiles: DataSet = {
         "all": '{"hashes": {"sha256" : "abc"}, "length": 12, "version": 1}',
         "no length": '{"hashes": {"sha256" : "abc"}, "version": 1 }',
-        "no hashes": '{"length": 12, "version": 1}'
+        "no hashes": '{"length": 12, "version": 1}',
+        "unrecognized field": '{"hashes": {"sha256" : "abc"}, "length": 12, "version": 1, \
+            "foo": "bar"}',
     }
 
     @run_sub_tests_with_dataset(valid_metafiles)
@@ -107,7 +120,9 @@ def test_metafile_serialization(self, test_case_data: str):
 
     valid_timestamps: DataSet = {
         "all": '{ "_type": "timestamp", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \
-            "meta": {"snapshot.json": {"hashes": {"sha256" : "abc"}, "version": 1}}}'
+            "meta": {"snapshot.json": {"hashes": {"sha256" : "abc"}, "version": 1}}}',
+        "unrecognized field": '{ "_type": "timestamp", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \
+            "meta": {"snapshot.json": {"hashes": {"sha256" : "abc"}, "version": 1}}, "foo": "bar"}',
     }
 
     @run_sub_tests_with_dataset(valid_timestamps)
@@ -119,7 +134,9 @@ def test_timestamp_serialization(self, test_case_data: str):
 
     valid_snapshots: DataSet = {
         "all": '{ "_type": "snapshot", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \
-            "meta": { "file.txt": { "hashes": {"sha256" : "abc"}, "version": 1 }}}'
+            "meta": { "file.txt": { "hashes": {"sha256" : "abc"}, "version": 1 }}}',
+        "unrecognized field": '{ "_type": "snapshot", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \
+            "meta": { "file.txt": { "hashes": {"sha256" : "abc"}, "version": 1 }}, "foo": "bar"}',
     }
 
     @run_sub_tests_with_dataset(valid_snapshots)
@@ -138,6 +155,8 @@ def test_snapshot_serialization(self, test_case_data: str):
             "path_hash_prefixes": ["h1", "h2"], "threshold": 99}',
         "no hash or path prefix":
             '{"keyids": ["keyid"], "name": "a", "terminating": true, "threshold": 3}',
+        "unrecognized field":
+            '{"keyids": ["keyid"], "name": "a", "terminating": true, "threshold": 3, "foo": "bar"}',
     }
 
     @run_sub_tests_with_dataset(valid_delegated_roles)
@@ -149,7 +168,11 @@ def test_delegated_role_serialization(self, test_case_data: str):
 
     valid_delegations: DataSet = {
         "all": '{"keys": {"keyid" : {"keytype": "rsa", "scheme": "rsassa-pss-sha256", "keyval": {"public": "foo"}}}, \
-            "roles": [ {"keyids": ["keyid"], "name": "a", "terminating": true, "threshold": 3} ]}'
+            "roles": [ {"keyids": ["keyid"], "name": "a", "terminating": true, "threshold": 3} ]}',
+        "unrecognized field":
+            '{"keys": {"keyid" : {"keytype": "rsa", "scheme": "rsassa-pss-sha256", "keyval": {"public": "foo"}}}, \
+            "roles": [ {"keyids": ["keyid"], "name": "a", "terminating": true, "threshold": 3} ], \
+            "foo": "bar"}',
     }
 
     @run_sub_tests_with_dataset(valid_delegations)
@@ -162,7 +185,9 @@ def test_delegation_serialization(self, test_case_data: str):
     valid_targetfiles: DataSet = {
         "all": '{"length": 12, "hashes": {"sha256" : "abc"}, \
             "custom" : {"foo": "bar"} }',
-        "no custom": '{"length": 12, "hashes": {"sha256" : "abc"}}'
+        "no custom": '{"length": 12, "hashes": {"sha256" : "abc"}}',
+        "unrecognized field": '{"length": 12, "hashes": {"sha256" : "abc"}, \
+            "custom" : {"foo": "bar"}, "foo": "bar"}',
     }
 
     @run_sub_tests_with_dataset(valid_targetfiles)
@@ -187,7 +212,9 @@ def test_targetfile_serialization(self, test_case_data: str):
             }',
         "no delegations": '{"_type": "targets", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \
             "targets":  { "file.txt": {"length": 12, "hashes": {"sha256" : "abc"} } } \
-            }'
+            }',
+        "unrecognized_field": '{"_type": "targets", "spec_version": "1.0.0", "version": 1, "expires": "2030-01-01T00:00:00Z", \
+            "targets":  {}, "foo": "bar"}',
     }
 
     @run_sub_tests_with_dataset(valid_targets)
