diff --git a/app/Http/Controllers/Apis/Protected/Main/OAuth2AuditLogController.php b/app/Http/Controllers/Apis/Protected/Main/OAuth2AuditLogController.php index c01041a90..13bc80401 100644 --- a/app/Http/Controllers/Apis/Protected/Main/OAuth2AuditLogController.php +++ b/app/Http/Controllers/Apis/Protected/Main/OAuth2AuditLogController.php @@ -1,4 +1,7 @@ - [ + SummitScopes::ReadAuditLogs, + ]]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...') + ), + new OA\Parameter( + name: 'page', + in: 'query', + required: false, + description: 'Page number for pagination', + schema: new OA\Schema(type: 'integer', example: 1) + ), + new OA\Parameter( + name: 'per_page', + in: 'query', + required: false, + description: 'Items per page', + schema: new OA\Schema(type: 'integer', example: 10, maximum: 100) + ), + new OA\Parameter( + name: 'filter[]', + in: 'query', + required: false, + description: 'Filter expressions. Format: fieldvalue. Available fields: class_name (required, ==), user_id (==), summit_id (==), event_id (==), entity_id (==), user_email (==, =@, @@), user_full_name (==, =@, @@), action (=@, @@), metadata (==, =@, @@), created (==, >, <, >=, <=, []). class_name must be one of: SummitAuditLog, SummitEventAuditLog, SummitAttendeeBadgeAuditLog', + style: 'form', + explode: true, + schema: new OA\Schema( + type: 'array', + items: new OA\Items(type: 'string', example: 'class_name==SummitAuditLog') + ) + ), + new OA\Parameter( + name: 'order', + in: 'query', + required: false, + description: 'Order by field(s). Available fields: id, user_id, event_id, entity_id, created, user_email, user_full_name, metadata. Use "-" prefix for descending order.', + schema: new OA\Schema(type: 'string', example: '-created') + ), + new OA\Parameter( + name: 'expand', + in: 'query', + required: false, + description: 'Comma-separated list of related resources to include. Available relations: user, summit', + schema: new OA\Schema(type: 'string', example: 'user,summit') + ), + ], + responses: [ + new OA\Response( + response: 200, + description: 'Success - Returns paginated list of audit logs', + content: new OA\JsonContent(ref: '#/components/schemas/PaginatedAuditLogsResponse') + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request - Invalid parameters"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized - Invalid or missing access token"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden - Insufficient permissions"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error - Missing required filters"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function getAll(){ return $this->_getAll( @@ -97,4 +174,4 @@ function () { } ); } -} \ No newline at end of file +} diff --git a/app/Swagger/AuditSchemas.php b/app/Swagger/AuditSchemas.php index 6b3e2f895..b86a1def4 100644 --- a/app/Swagger/AuditSchemas.php +++ b/app/Swagger/AuditSchemas.php @@ -4,4 +4,38 @@ use OpenApi\Attributes as OA; -// +#[OA\Schema( + schema: 'AuditLog', + type: 'object', + properties: [ + new OA\Property(property: 'id', type: 'integer', example: 1, description: 'Unique identifier'), + new OA\Property(property: 'created', type: 'integer', example: 1630500518, description: 'Creation timestamp (Unix epoch)'), + new OA\Property(property: 'last_edited', type: 'integer', example: 1630500518, description: 'Last modification timestamp (Unix epoch)'), + new OA\Property(property: 'class_name', type: 'string', example: 'SummitAuditLog', description: 'Audit log type: SummitAuditLog, SummitEventAuditLog, or SummitAttendeeBadgeAuditLog'), + new OA\Property(property: 'action', type: 'string', example: 'UPDATED', description: 'Action performed (e.g., CREATED, UPDATED, DELETED)'), + new OA\Property(property: 'metadata', type: 'string', example: 'Additional audit information', description: 'Metadata about the audit action', nullable: true), + new OA\Property(property: 'user_id', type: 'integer', example: 123, description: 'ID of the user who performed the action'), + new OA\Property(property: 'summit_id', type: 'integer', example: 45, description: 'Summit ID (for SummitAuditLog, SummitEventAuditLog, SummitAttendeeBadgeAuditLog)', nullable: true), + new OA\Property(property: 'event_id', type: 'integer', example: 789, description: 'Event ID (for SummitEventAuditLog)', nullable: true), + new OA\Property(property: 'attendee_badge_id', type: 'integer', example: 456, description: 'Attendee Badge ID (for SummitAttendeeBadgeAuditLog)', nullable: true), + ] +)] +class AuditLogSchema {} + +#[OA\Schema( + schema: 'PaginatedAuditLogsResponse', + allOf: [ + new OA\Schema(ref: '#/components/schemas/PaginateDataSchemaResponse'), + new OA\Schema( + type: 'object', + properties: [ + new OA\Property( + property: 'data', + type: 'array', + items: new OA\Items(ref: '#/components/schemas/AuditLog') + ) + ] + ) + ] +)] +class PaginatedAuditLogsResponseSchema {} diff --git a/app/Swagger/Security/AuditLogAuthSchema.php b/app/Swagger/Security/AuditLogAuthSchema.php new file mode 100644 index 000000000..305ff9414 --- /dev/null +++ b/app/Swagger/Security/AuditLogAuthSchema.php @@ -0,0 +1,25 @@ +