chore: Add the security schema for the controller into its own file

matiasperrone · matiasperrone · commit dbbdd756e934 · 2025-11-26T15:14:08.000Z
diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitScheduleSettingsApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitScheduleSettingsApiController.php
@@ -16,8 +16,10 @@
  **/
 
 use App\Http\Exceptions\HTTP403ForbiddenException;
+use App\Models\Foundation\Main\IGroup;
 use App\Models\Foundation\Summit\Repositories\ISummitScheduleConfigRepository;
 use App\ModelSerializers\SerializerUtils;
+use App\Security\SummitScopes;
 use App\Services\Model\ISummitScheduleSettingsService;
 use Illuminate\Http\Response;
 use Illuminate\Support\Facades\Log;
@@ -201,7 +203,17 @@ public function getChildSerializer():string{
         summary: "Get all schedule settings",
         operationId: "getAllSummitScheduleSettings",
         tags: ['Summit Schedule Settings'],
-        security: [['summit_oauth2' => []]],
+        security: [['summit_schedule_settings_oauth2' => [
+            SummitScopes::ReadSummitData,
+            SummitScopes::ReadAllSummitData,
+        ]]],
+        x: [
+            'required-groups' => [
+                IGroup::SuperAdmins,
+                IGroup::Administrators,
+                IGroup::SummitAdministrators,
+            ]
+        ],
         parameters: [
             new OA\Parameter(
                 name: 'id',
@@ -277,7 +289,17 @@ public function getAllBySummit($summit_id)
         summary: "Get schedule setting",
         operationId: "getSummitScheduleSetting",
         tags: ['Summit Schedule Settings'],
-        security: [['summit_oauth2' => []]],
+        security: [['summit_schedule_settings_oauth2' => [
+            SummitScopes::ReadSummitData,
+            SummitScopes::ReadAllSummitData,
+        ]]],
+        x: [
+            'required-groups' => [
+                IGroup::SuperAdmins,
+                IGroup::Administrators,
+                IGroup::SummitAdministrators,
+            ]
+        ],
         parameters: [
             new OA\Parameter(
                 name: 'id',
@@ -331,7 +353,16 @@ public function get($summit_id, $config_id)
         summary: "Create schedule setting",
         operationId: "createSummitScheduleSetting",
         tags: ['Summit Schedule Settings'],
-        security: [['summit_oauth2' => []]],
+        security: [['summit_schedule_settings_oauth2' => [
+            SummitScopes::WriteSummitData,
+        ]]],
+        x: [
+            'required-groups' => [
+                IGroup::SuperAdmins,
+                IGroup::Administrators,
+                IGroup::SummitAdministrators,
+            ]
+        ],
         parameters: [
             new OA\Parameter(
                 name: 'id',
@@ -370,7 +401,16 @@ public function add($summit_id)
         summary: "Update schedule setting",
         operationId: "updateSummitScheduleSetting",
         tags: ['Summit Schedule Settings'],
-        security: [['summit_oauth2' => []]],
+        security: [['summit_schedule_settings_oauth2' => [
+            SummitScopes::WriteSummitData,
+        ]]],
+        x: [
+            'required-groups' => [
+                IGroup::SuperAdmins,
+                IGroup::Administrators,
+                IGroup::SummitAdministrators,
+            ]
+        ],
         parameters: [
             new OA\Parameter(
                 name: 'id',
@@ -416,7 +456,16 @@ public function update($summit_id, $config_id)
         summary: "Delete schedule setting",
         operationId: "deleteSummitScheduleSetting",
         tags: ['Summit Schedule Settings'],
-        security: [['summit_oauth2' => []]],
+        security: [['summit_schedule_settings_oauth2' => [
+            SummitScopes::WriteSummitData,
+        ]]],
+        x: [
+            'required-groups' => [
+                IGroup::SuperAdmins,
+                IGroup::Administrators,
+                IGroup::SummitAdministrators,
+            ]
+        ],
         parameters: [
             new OA\Parameter(
                 name: 'id',
@@ -452,7 +501,7 @@ public function delete($summit_id, $config_id)
         summary: "Get schedule settings metadata",
         operationId: "getSummitScheduleSettingsMetadata",
         tags: ['Summit Schedule Settings'],
-        security: [['summit_oauth2' => []]],
+        security: [['summit_schedule_settings_oauth2' => []]],
         parameters: [
             new OA\Parameter(
                 name: 'id',
@@ -480,7 +529,16 @@ public function getMetadata($summit_id){
         summary: "Add schedule setting filter",
         operationId: "addSummitScheduleSettingFilter",
         tags: ['Summit Schedule Settings'],
-        security: [['summit_oauth2' => []]],
+        security: [['summit_schedule_settings_oauth2' => [
+            SummitScopes::WriteSummitData,
+        ]]],
+        x: [
+            'required-groups' => [
+                IGroup::SuperAdmins,
+                IGroup::Administrators,
+                IGroup::SummitAdministrators,
+            ]
+        ],
         parameters: [
             new OA\Parameter(
                 name: 'id',
@@ -551,7 +609,16 @@ function ($payload, $summit, $id){
         summary: "Update schedule setting filter",
         operationId: "updateSummitScheduleSettingFilter",
         tags: ['Summit Schedule Settings'],
-        security: [['summit_oauth2' => []]],
+        security: [['summit_schedule_settings_oauth2' => [
+            SummitScopes::WriteSummitData,
+        ]]],
+        x: [
+            'required-groups' => [
+                IGroup::SuperAdmins,
+                IGroup::Administrators,
+                IGroup::SummitAdministrators,
+            ]
+        ],
         parameters: [
             new OA\Parameter(
                 name: 'id',
@@ -631,7 +698,16 @@ function($filter_id, $payload, $summit, $config_id){
         summary: "Seed default schedule settings",
         operationId: "seedDefaultSummitScheduleSettings",
         tags: ['Summit Schedule Settings'],
-        security: [['summit_oauth2' => []]],
+        security: [['summit_schedule_settings_oauth2' => [
+            SummitScopes::WriteSummitData,
+        ]]],
+        x: [
+            'required-groups' => [
+                IGroup::SuperAdmins,
+                IGroup::Administrators,
+                IGroup::SummitAdministrators,
+            ]
+        ],
         parameters: [
             new OA\Parameter(
                 name: 'id',
@@ -698,4 +774,4 @@ public function seedDefaults($summit_id){
             return $this->error500($ex);
         }
     }
-}
+}
diff --git a/app/Swagger/Security/SummitScheduleSettingsAuthSchema.php b/app/Swagger/Security/SummitScheduleSettingsAuthSchema.php
@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Swagger\Security;
+
+use App\Security\SummitScopes;
+use OpenApi\Attributes as OA;
+
+#[
+    OA\SecurityScheme(
+        type: 'oauth2',
+        securityScheme: 'summit_schedule_settings_oauth2',
+        flows: [
+            new OA\Flow(
+                authorizationUrl: L5_SWAGGER_CONST_AUTH_URL,
+                tokenUrl: L5_SWAGGER_CONST_TOKEN_URL,
+                flow: 'authorizationCode',
+                scopes: [
+                    SummitScopes::ReadSummitData => 'Read Summit Data',
+                    SummitScopes::ReadAllSummitData => 'Read All Summit Data',
+                    SummitScopes::WriteSummitData => 'Write Summit Data',
+                ],
+            ),
+        ],
+    )
+]
+class SummitScheduleSettingsAuthSchema
+{
+}
