Allow explicit empty security definition to overwrite existing definitions

[co3k]

It enables to clear default security configuration in operationObject.Security (to make public api).

protoc-gen-swagger doesn't allow empty array (and it causes segfault) in operationObject.Security but it is really needed resetting security requirement configuration by Swagger.

[co3k]

I wonder why the https://travis-ci.org/grpc-ecosystem/grpc-gateway/builds/390065893 build fails in Go: 1.10.x, GATEWAY_PLUGIN_FLAGS= job. Can anyone advice me to solve this problem?

[yugui]

The test failure looks to be because some of example files are out-of-date. c.f. golang/protobuf@05f48f4#diff-8c603013608023320d5242916c4ea03bR1571

Would you mind running make clean && make examples to let the files catch the change in protoc-gen-go?

[co3k]

@yugui
Thank you for your response, but I can't get any diffs by running that command on my macOS.

$ go version
go version go1.10.3 darwin/amd64

$ protoc --version
libprotoc 3.5.1

$ brew info protobuf
protobuf: stable 3.5.1 (bottled), HEAD
Protocol buffers (Google's data interchange format)
https://github.com/google/protobuf/
/usr/local/Cellar/protobuf/3.2.0_1 (257 files, 15.9MB)
  Poured from bottle on 2017-04-28 at 18:02:34
/usr/local/Cellar/protobuf/3.5.1_1 (267 files, 18.5MB) *
  Poured from bottle on 2018-06-11 at 00:22:59
From: https://github.com/Homebrew/homebrew-core/blob/master/Formula/protobuf.rb
==> Dependencies
Build: autoconf ✔, automake ✔, libtool ✔
Recommended: python@2 ✔
Optional: python ✘
==> Options
--with-python
	Build with python support
--with-test
	Run build-time check
--without-python@2
	Build without python2 support
--HEAD
	Install HEAD version
==> Caveats
Editor support and examples have been installed to:
  /usr/local/opt/protobuf/share/doc/protobuf

$ cd $GOPATH/src/github.com/golang/protobuf/protoc-gen-go; git log -1 --oneline; cd -
05f48f4 (HEAD -> master, origin/master, origin/HEAD) proto: revert UTF-8 validation for proto2 (#628)

$ make clean && make examples
rm -f bin/protoc-gen-grpc-gateway bin/protoc-gen-swagger
go build -o bin/protoc-gen-grpc-gateway github.com/grpc-ecosystem/grpc-gateway/protoc-gen-grpc-gateway
**SNIP**

$ git status
On branch allow-empty-array-in-security
nothing to commit, working tree clean

$ make clean && make test
rm -f bin/protoc-gen-grpc-gateway bin/protoc-gen-swagger
go build -o bin/protoc-gen-grpc-gateway github.com/grpc-ecosystem/grpc-gateway/protoc-gen-grpc-gateway
**SNIP**

$ git status             
On branch allow-empty-array-in-security
nothing to commit, working tree clean

[co3k]

The error has been fixed at d1985fc .
I might need to run make realclean && make examples for solving this problem.
Thanks again to yugui!

The https://travis-ci.org/grpc-ecosystem/grpc-gateway/jobs/390576866 job for Go: 1.9.x, GATEWAY_PLUGIN_FLAGS= has been timed out.
Is it a temporary error? But I cannot retry this job because I don't have permission to do so.

[tmc]

@co3k thanks for your contribution, can you rebase this so CI runs again?

[co3k]

@tmc Thanks for your response but the https://travis-ci.org/grpc-ecosystem/grpc-gateway/jobs/394549559#L554-L557 test is failed that is due to timed out in go get phase. I cannot rebase it again because the upstream is not updated yet. How should I do next?

[johanbrandhorst]

I have re-triggered the job.

[johanbrandhorst]

Is this required? Can't we just have an empty slice?

[co3k]

Required. The omitempty tag removes an empty slice. However we don't want to print null value in every JSON response so we can't remove this omitempty tag.

[johanbrandhorst]

OK

[johanbrandhorst]

Can we not just set newSecurity = nil when operationObject.Security == nil?

[co3k]

I think we really need empty slice in this case.

[johanbrandhorst]

OK

[johanbrandhorst]

As with the other PR, could you please squash the commits? Thank you.

[johanbrandhorst]

The indendation of this line seems off, are you using spaces instead of tabs?

[co3k]

Sorry, I've fixed it in a78ff38 (I'll squash this commit later)

[johanbrandhorst]

Could you also please reword this title, description and commit message to clearly state the intent please? Something along the lines of:

Allow explicit empty security definition to overwrite existing definitions.

[codecov-io]

Codecov Report

Merging #666 into master will decrease coverage by 0.07%.
The diff coverage is 0%.

@@            Coverage Diff             @@
##           master     #666      +/-   ##
==========================================
- Coverage   56.49%   56.42%   -0.08%     
==========================================
  Files          30       30              
  Lines        3004     3006       +2     
==========================================
- Hits         1697     1696       -1     
- Misses       1144     1146       +2     
- Partials      163      164       +1

Impacted Files	Coverage Δ
protoc-gen-swagger/genswagger/types.go	19.04% <ø> (ø)	⬆️
protoc-gen-swagger/genswagger/template.go	38.47% <0%> (+0.19%)	⬆️
runtime/errors.go	37.66% <0%> (-7.41%)	⬇️
runtime/marshal_json.go	83.33% <0%> (+16.66%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 11bef10...dcd2104. Read the comment docs.

[co3k]

@johanbrandhorst Thanks for your advice! I've squashed commits and changed the title of this pull request and the first commit to follow your suggestion.

[johanbrandhorst]

Thank you for your contribution!