fix: throw error for apikey false in api event when not defined in api (#1365)

Shreya · praneetap · commit 1722d36779a6 · 2020-01-08T10:04:54.000-08:00
diff --git a/samtranslator/model/eventsources/push.py b/samtranslator/model/eventsources/push.py
@@ -680,7 +680,7 @@ def _add_swagger_integration(self, api, function):
 
             apikey_required_setting = self.Auth.get("ApiKeyRequired")
             apikey_required_setting_is_false = apikey_required_setting is not None and not apikey_required_setting
-            if apikey_required_setting_is_false and not api_auth.get("ApiKeyRequired"):
+            if apikey_required_setting_is_false and (not api_auth or not api_auth.get("ApiKeyRequired")):
                 raise InvalidEventException(
                     self.relative_id,
                     "Unable to set ApiKeyRequired [False] on API method [{method}] for path [{path}] "
diff --git a/tests/translator/input/error_function_with_api_key_false.yaml b/tests/translator/input/error_function_with_api_key_false.yaml
@@ -0,0 +1,22 @@
+Resources:
+  MyApiWithoutAuth:
+    Type: "AWS::Serverless::Api"
+    Properties:
+      StageName: Prod
+      OpenApiVersion: '3.0.1'
+
+  MyFunctionWithApiKeyRequired:
+    Type: AWS::Serverless::Function
+    Properties:
+      CodeUri: s3://bucket/key
+      Handler: index.handler
+      Runtime: nodejs12.x
+      Events:
+        MyApiWithApiKeyRequired:
+          Type: Api
+          Properties:
+            RestApiId: !Ref MyApiWithoutAuth
+            Path: /ApiKeyRequiredTrue
+            Method: get
+            Auth:
+              ApiKeyRequired: false
diff --git a/tests/translator/output/error_function_with_api_key_false.json b/tests/translator/output/error_function_with_api_key_false.json
@@ -0,0 +1,8 @@
+ {
+  "errors": [
+    {
+      "errorMessage": "Resource with id [MyFunctionWithApiKeyRequired] is invalid. Event with id [MyApiWithApiKeyRequired] is invalid. Unable to set ApiKeyRequired [False] on API method [get] for path [/ApiKeyRequiredTrue] because the related API does not specify any ApiKeyRequired."
+    }
+  ],
+  "errorMessage": "Invalid Serverless Application Specification document. Number of errors found: 1. Resource with id [MyFunctionWithApiKeyRequired] is invalid. Event with id [MyApiWithApiKeyRequired] is invalid. Unable to set ApiKeyRequired [False] on API method [get] for path [/ApiKeyRequiredTrue] because the related API does not specify any ApiKeyRequired."
+}
diff --git a/tests/translator/test_translator.py b/tests/translator/test_translator.py
@@ -603,6 +603,7 @@ def _generate_new_deployment_hash(self, logical_id, dict_to_hash, rest_api_to_sw
         "error_http_api_event_multiple_same_path",
         "error_function_with_event_dest_invalid",
         "error_function_with_event_dest_type",
+        "error_function_with_api_key_false",
     ],
 )
 @patch("boto3.session.Session.region_name", "ap-southeast-1")

Original file line number	Diff line number	Diff line change
`@@ -603,6 +603,7 @@ def _generate_new_deployment_hash(self, logical_id, dict_to_hash, rest_api_to_sw`
`603`	`603`	`"error_http_api_event_multiple_same_path",`
`604`	`604`	`"error_function_with_event_dest_invalid",`
`605`	`605`	`"error_function_with_event_dest_type",`
	`606`	`+ "error_function_with_api_key_false",`
`606`	`607`	`],`
`607`	`608`	`)`
`608`	`609`	`@patch("boto3.session.Session.region_name", "ap-southeast-1")`