From 3d4ffed587d5d65837f1de59e797def7144861d7 Mon Sep 17 00:00:00 2001 From: Matias Perrone Date: Tue, 14 Oct 2025 17:24:18 -0300 Subject: [PATCH 1/4] feat: Extend Swagger Coverage for controller `OAuth2SummitBadgeTypeApiController` --- .../OAuth2SummitBadgeTypeApiController.php | 579 ++++++++++++++++-- app/Swagger/SummitRegistrationSchemas.php | 87 +++ 2 files changed, 619 insertions(+), 47 deletions(-) diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php index 3f37aba7a..dcd40bfad 100644 --- a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php +++ b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php @@ -1,4 +1,7 @@ - []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'page', + in: 'query', + required: false, + schema: new OA\Schema(type: 'integer', default: 1), + description: 'Page number' + ), + new OA\Parameter( + name: 'per_page', + in: 'query', + required: false, + schema: new OA\Schema(type: 'integer', default: 10), + description: 'Items per page' + ), + new OA\Parameter( + name: 'filter', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Filter operators: name=@/==, is_default==' + ), + new OA\Parameter( + name: 'order', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Order by fields: id, name' + ), + new OA\Parameter( + name: 'expand', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Relations to expand: access_levels, badge_features, allowed_view_types' + ), + new OA\Parameter( + name: 'relations', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Relations to include: access_levels, badge_features, allowed_view_types' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/PaginatedSummitBadgeTypesResponse") + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] + public function getAllBySummit($summit_id) { + return $this->traitGetAllBySummit($summit_id); + } + + #[OA\Get( + path: "/api/v1/summits/{id}/badge-types/{badge_type_id}", + description: "Get a specific badge type", + summary: "Get badge type", + operationId: "getSummitBadgeType", + tags: ['Badge Types'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'badge_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge type id' + ), + new OA\Parameter( + name: 'expand', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Relations to expand: access_levels, badge_features, allowed_view_types' + ), + new OA\Parameter( + name: 'relations', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Relations to include: access_levels, badge_features, allowed_view_types' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeType") + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] + public function get($summit_id, $badge_type_id) { + return $this->traitGet($summit_id, $badge_type_id); + } - use AddSummitChildElement; + #[OA\Post( + path: "/api/v1/summits/{id}/badge-types", + description: "Create a new badge type", + summary: "Create badge type", + operationId: "addSummitBadgeType", + tags: ['Badge Types'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ) + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeTypeCreateRequest") + ), + responses: [ + new OA\Response( + response: 201, + description: "Created", + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeType") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] + public function add($summit_id) { + return $this->traitAdd($summit_id); + } - use UpdateSummitChildElement; + #[OA\Put( + path: "/api/v1/summits/{id}/badge-types/{badge_type_id}", + description: "Update an existing badge type", + summary: "Update badge type", + operationId: "updateSummitBadgeType", + tags: ['Badge Types'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'badge_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge type id' + ) + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeTypeUpdateRequest") + ), + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeType") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] + public function update($summit_id, $badge_type_id) { + return $this->traitUpdate($summit_id, $badge_type_id); + } - use DeleteSummitChildElement; + #[OA\Delete( + path: "/api/v1/summits/{id}/badge-types/{badge_type_id}", + description: "Delete a badge type", + summary: "Delete badge type", + operationId: "deleteSummitBadgeType", + tags: ['Badge Types'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'badge_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge type id' + ) + ], + responses: [ + new OA\Response(response: 204, description: 'No Content'), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] + public function delete($summit_id, $badge_type_id) { + return $this->traitDelete($summit_id, $badge_type_id); + } /** * @param array $payload @@ -181,12 +444,49 @@ protected function updateChild(Summit $summit, int $child_id, array $payload): I return $this->service->updateBadgeType($summit, $child_id, $payload); } - /** - * @param $summit_id - * @param $badge_type_id - * @param $access_level_id - * @return \Illuminate\Http\JsonResponse|mixed - */ + #[OA\Put( + path: "/api/v1/summits/{id}/badge-types/{badge_type_id}/access-levels/{access_level_id}", + description: "Add an access level to a badge type", + summary: "Add access level to badge type", + operationId: "addAccessLevelToBadgeType", + tags: ['Badge Types'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'badge_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge type id' + ), + new OA\Parameter( + name: 'access_level_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The access level id' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeType") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function addAccessLevelToBadgeType($summit_id, $badge_type_id, $access_level_id){ return $this->processRequest(function() use( $summit_id, $badge_type_id, $access_level_id){ @@ -203,12 +503,49 @@ public function addAccessLevelToBadgeType($summit_id, $badge_type_id, $access_le }); } - /** - * @param $summit_id - * @param $badge_type_id - * @param $access_level_id - * @return \Illuminate\Http\JsonResponse|mixed - */ + #[OA\Delete( + path: "/api/v1/summits/{id}/badge-types/{badge_type_id}/access-levels/{access_level_id}", + description: "Remove an access level from a badge type", + summary: "Remove access level from badge type", + operationId: "removeAccessLevelFromBadgeType", + tags: ['Badge Types'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'badge_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge type id' + ), + new OA\Parameter( + name: 'access_level_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The access level id' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeType") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function removeAccessLevelFromBadgeType($summit_id, $badge_type_id, $access_level_id){ return $this->processRequest(function() use($summit_id, $badge_type_id, $access_level_id){ $summit = SummitFinderStrategyFactory::build($this->getSummitRepository(), $this->getResourceServerContext())->find($summit_id); @@ -223,12 +560,49 @@ public function removeAccessLevelFromBadgeType($summit_id, $badge_type_id, $acce }); } - /** - * @param $summit_id - * @param $badge_type_id - * @param $feature_id - * @return \Illuminate\Http\JsonResponse|mixed - */ + #[OA\Put( + path: "/api/v1/summits/{id}/badge-types/{badge_type_id}/features/{feature_id}", + description: "Add a feature to a badge type", + summary: "Add feature to badge type", + operationId: "addFeatureToBadgeType", + tags: ['Badge Types'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'badge_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge type id' + ), + new OA\Parameter( + name: 'feature_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The feature id' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeType") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function addFeatureToBadgeType($summit_id, $badge_type_id, $feature_id){ return $this->processRequest(function() use($summit_id, $badge_type_id, $feature_id){ @@ -244,12 +618,49 @@ public function addFeatureToBadgeType($summit_id, $badge_type_id, $feature_id){ }); } - /** - * @param $summit_id - * @param $badge_type_id - * @param $feature_id - * @return \Illuminate\Http\JsonResponse|mixed - */ + #[OA\Delete( + path: "/api/v1/summits/{id}/badge-types/{badge_type_id}/features/{feature_id}", + description: "Remove a feature from a badge type", + summary: "Remove feature from badge type", + operationId: "removeFeatureFromBadgeType", + tags: ['Badge Types'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'badge_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge type id' + ), + new OA\Parameter( + name: 'feature_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The feature id' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeType") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function removeFeatureFromBadgeType($summit_id, $badge_type_id, $feature_id){ return $this->processRequest(function() use ($summit_id, $badge_type_id, $feature_id){ $summit = SummitFinderStrategyFactory::build($this->getSummitRepository(), $this->getResourceServerContext())->find($summit_id); @@ -264,12 +675,49 @@ public function removeFeatureFromBadgeType($summit_id, $badge_type_id, $feature_ }); } - /** - * @param $summit_id - * @param $badge_type_id - * @param $view_type_id - * @return mixed - */ + #[OA\Put( + path: "/api/v1/summits/{id}/badge-types/{badge_type_id}/view-types/{badge_view_type_id}", + description: "Add a view type to a badge type", + summary: "Add view type to badge type", + operationId: "addViewTypeToBadgeType", + tags: ['Badge Types'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'badge_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge type id' + ), + new OA\Parameter( + name: 'badge_view_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge view type id' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeType") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function addViewTypeToBadgeType($summit_id, $badge_type_id, $view_type_id){ return $this->processRequest(function() use($summit_id, $badge_type_id, $view_type_id){ @@ -285,12 +733,49 @@ public function addViewTypeToBadgeType($summit_id, $badge_type_id, $view_type_id }); } - /** - * @param $summit_id - * @param $badge_type_id - * @param $view_type_id - * @return mixed - */ + #[OA\Delete( + path: "/api/v1/summits/{id}/badge-types/{badge_type_id}/view-types/{badge_view_type_id}", + description: "Remove a view type from a badge type", + summary: "Remove view type from badge type", + operationId: "removeViewTypeFromBadgeType", + tags: ['Badge Types'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'badge_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge type id' + ), + new OA\Parameter( + name: 'badge_view_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The badge view type id' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitBadgeType") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function removeViewTypeFromBadgeType($summit_id, $badge_type_id, $view_type_id){ return $this->processRequest(function() use ($summit_id, $badge_type_id, $view_type_id){ $summit = SummitFinderStrategyFactory::build($this->getSummitRepository(), $this->getResourceServerContext())->find($summit_id); @@ -306,4 +791,4 @@ public function removeViewTypeFromBadgeType($summit_id, $badge_type_id, $view_ty }); } -} \ No newline at end of file +} diff --git a/app/Swagger/SummitRegistrationSchemas.php b/app/Swagger/SummitRegistrationSchemas.php index 80812cf41..a3d529fb1 100644 --- a/app/Swagger/SummitRegistrationSchemas.php +++ b/app/Swagger/SummitRegistrationSchemas.php @@ -4,6 +4,93 @@ use OpenApi\Attributes as OA; +// Badge Types + +#[OA\Schema( + schema: "SummitBadgeType", + description: "Summit badge type", + type: "object", + properties: [ + new OA\Property(property: "id", type: "integer", example: 1), + new OA\Property(property: "created", type: "integer", description: "Unix timestamp", example: 1640995200), + new OA\Property(property: "last_edited", type: "integer", description: "Unix timestamp", example: 1640995200), + new OA\Property(property: "name", type: "string", example: "Attendee"), + new OA\Property(property: "description", type: "string", example: "Standard attendee badge"), + new OA\Property(property: "template_content", type: "string", nullable: true, example: "Badge template content"), + new OA\Property(property: "is_default", type: "boolean", example: false), + new OA\Property(property: "summit_id", type: "integer", example: 1), + new OA\Property( + property: "access_levels", + type: "array", + items: new OA\Items(type: ["integer", "SummitAccessLevelType"]), + ), + new OA\Property( + property: "badge_features", + type: "array", + items: new OA\Items(type: ["integer", "SummitBadgeFeatureType"]), + ), + new OA\Property( + property: "allowed_view_types", + type: "array", + items: new OA\Items(type: ["integer", "SummitBadgeViewType"]), + ), + ], +)] +class SummitBadgeType +{ +} + +#[OA\Schema( + schema: "PaginatedSummitBadgeTypesResponse", + description: "Paginated list of summit badge types", + allOf: [ + new OA\Schema(ref: "#/components/schemas/PaginateDataSchemaResponse"), + new OA\Schema( + properties: [ + new OA\Property( + property: "data", + type: "array", + items: new OA\Items(ref: "#/components/schemas/SummitBadgeType") + ) + ] + ) + ] +)] +class PaginatedSummitBadgeTypesResponse +{ +} + +#[OA\Schema( + schema: "SummitBadgeTypeCreateRequest", + description: "Request to create a summit badge type", + required: ["name", "description", "is_default"], + type: "object", + properties: [ + new OA\Property(property: "name", type: "string", example: "Attendee"), + new OA\Property(property: "description", type: "string", example: "Standard attendee badge"), + new OA\Property(property: "template_content", type: "string", nullable: true, example: "Badge template content"), + new OA\Property(property: "is_default", type: "boolean", example: false), + ] +)] +class SummitBadgeTypeCreateRequest +{ +} + +#[OA\Schema( + schema: "SummitBadgeTypeUpdateRequest", + description: "Request to update a summit badge type", + type: "object", + properties: [ + new OA\Property(property: "name", type: "string", nullable: true, example: "Attendee"), + new OA\Property(property: "description", type: "string", nullable: true, example: "Standard attendee badge"), + new OA\Property(property: "template_content", type: "string", nullable: true, example: "Badge template content"), + new OA\Property(property: "is_default", type: "boolean", nullable: true, example: false), + ] +)] +class SummitBadgeTypeUpdateRequest +{ +} + // // Summit Badge Feature Types From 21fa4d75a7b53c5a8610a269e706e6fe01b2f792 Mon Sep 17 00:00:00 2001 From: Matias Perrone Date: Wed, 26 Nov 2025 18:23:14 +0000 Subject: [PATCH 2/4] chore: Add the correct security and x attributes and create security schema --- .../OAuth2SummitBadgeTypeApiController.php | 136 ++++++++++++++++-- app/Swagger/Security/BadgeTypesAuthSchema.php | 25 ++++ 2 files changed, 150 insertions(+), 11 deletions(-) create mode 100644 app/Swagger/Security/BadgeTypesAuthSchema.php diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php index dcd40bfad..c4cb44229 100644 --- a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php +++ b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php @@ -17,6 +17,8 @@ use App\Models\Foundation\Summit\Repositories\ISummitBadgeTypeRepository; use App\ModelSerializers\SerializerUtils; use App\Services\Model\ISummitBadgeTypeService; +use App\Models\Foundation\Main\IGroup; +use App\Security\SummitScopes; use Illuminate\Http\Response; use models\oauth2\IResourceServerContext; use models\summit\ISummitRepository; @@ -121,7 +123,18 @@ protected function getOrderRules():array{ summary: "Get badge types", operationId: "getAllBySummitBadgeTypes", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::ReadSummitData, + SummitScopes::ReadAllSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -199,7 +212,18 @@ public function getAllBySummit($summit_id) { summary: "Get badge type", operationId: "getSummitBadgeType", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::ReadSummitData, + SummitScopes::ReadAllSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -254,7 +278,17 @@ public function get($summit_id, $badge_type_id) { summary: "Create badge type", operationId: "addSummitBadgeType", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::WriteSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -292,7 +326,17 @@ public function add($summit_id) { summary: "Update badge type", operationId: "updateSummitBadgeType", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::WriteSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -337,7 +381,17 @@ public function update($summit_id, $badge_type_id) { summary: "Delete badge type", operationId: "deleteSummitBadgeType", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::WriteSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -450,7 +504,17 @@ protected function updateChild(Summit $summit, int $child_id, array $payload): I summary: "Add access level to badge type", operationId: "addAccessLevelToBadgeType", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::WriteSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -509,7 +573,17 @@ public function addAccessLevelToBadgeType($summit_id, $badge_type_id, $access_le summary: "Remove access level from badge type", operationId: "removeAccessLevelFromBadgeType", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::WriteSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -566,7 +640,17 @@ public function removeAccessLevelFromBadgeType($summit_id, $badge_type_id, $acce summary: "Add feature to badge type", operationId: "addFeatureToBadgeType", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::WriteSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -624,7 +708,17 @@ public function addFeatureToBadgeType($summit_id, $badge_type_id, $feature_id){ summary: "Remove feature from badge type", operationId: "removeFeatureFromBadgeType", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::WriteSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -681,7 +775,17 @@ public function removeFeatureFromBadgeType($summit_id, $badge_type_id, $feature_ summary: "Add view type to badge type", operationId: "addViewTypeToBadgeType", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::WriteSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -739,7 +843,17 @@ public function addViewTypeToBadgeType($summit_id, $badge_type_id, $view_type_id summary: "Remove view type from badge type", operationId: "removeViewTypeFromBadgeType", tags: ['Badge Types'], - security: [['summit_oauth2' => []]], + security: [['summit_badge_types_oauth2' => [ + SummitScopes::WriteSummitData + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + IGroup::SummitRegistrationAdmins + ] + ], parameters: [ new OA\Parameter( name: 'id', diff --git a/app/Swagger/Security/BadgeTypesAuthSchema.php b/app/Swagger/Security/BadgeTypesAuthSchema.php new file mode 100644 index 000000000..78b89ddc2 --- /dev/null +++ b/app/Swagger/Security/BadgeTypesAuthSchema.php @@ -0,0 +1,25 @@ + 'Read Summit Data', + SummitScopes::ReadAllSummitData => 'Read All Summit Data', + SummitScopes::WriteSummitData => 'Write Summit Data', + ], + ), + ], + ) +] +class BadgeTypesAuthSchema{} From bcb35175693b0ce2978e3abb7fee15c7fee5c7d1 Mon Sep 17 00:00:00 2001 From: Matias Perrone Date: Wed, 26 Nov 2025 19:06:25 +0000 Subject: [PATCH 3/4] chore: fix expand types and descriptions --- app/Swagger/SummitRegistrationSchemas.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/app/Swagger/SummitRegistrationSchemas.php b/app/Swagger/SummitRegistrationSchemas.php index a3d529fb1..c7c2b5d90 100644 --- a/app/Swagger/SummitRegistrationSchemas.php +++ b/app/Swagger/SummitRegistrationSchemas.php @@ -22,17 +22,20 @@ new OA\Property( property: "access_levels", type: "array", - items: new OA\Items(type: ["integer", "SummitAccessLevelType"]), + items: new OA\Items(type: "integer"), + description: "SummitAccessLevelType IDs, full objects when expanded" ), new OA\Property( property: "badge_features", type: "array", - items: new OA\Items(type: ["integer", "SummitBadgeFeatureType"]), + items: new OA\Items(type: "integer"), + description: "SummitBadgeFeatureType IDs, full objects when expanded", ), new OA\Property( property: "allowed_view_types", type: "array", - items: new OA\Items(type: ["integer", "SummitBadgeViewType"]), + items: new OA\Items(type: "integer"), + description: "SummitBadgeViewType IDs, full objects when expanded", ), ], )] From 6689bb1e65300be4a770879f69fdac0f22085508 Mon Sep 17 00:00:00 2001 From: Matias Perrone Date: Wed, 3 Dec 2025 20:07:55 +0000 Subject: [PATCH 4/4] feat: Add changes requested --- .../OAuth2SummitBadgeTypeApiController.php | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php index c4cb44229..aeb4409e1 100644 --- a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php +++ b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitBadgeTypeApiController.php @@ -128,7 +128,7 @@ protected function getOrderRules():array{ SummitScopes::ReadAllSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -217,7 +217,7 @@ public function getAllBySummit($summit_id) { SummitScopes::ReadAllSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -282,7 +282,7 @@ public function get($summit_id, $badge_type_id) { SummitScopes::WriteSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -330,7 +330,7 @@ public function add($summit_id) { SummitScopes::WriteSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -385,7 +385,7 @@ public function update($summit_id, $badge_type_id) { SummitScopes::WriteSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -508,7 +508,7 @@ protected function updateChild(Summit $summit, int $child_id, array $payload): I SummitScopes::WriteSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -577,7 +577,7 @@ public function addAccessLevelToBadgeType($summit_id, $badge_type_id, $access_le SummitScopes::WriteSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -644,7 +644,7 @@ public function removeAccessLevelFromBadgeType($summit_id, $badge_type_id, $acce SummitScopes::WriteSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -712,7 +712,7 @@ public function addFeatureToBadgeType($summit_id, $badge_type_id, $feature_id){ SummitScopes::WriteSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -779,7 +779,7 @@ public function removeFeatureFromBadgeType($summit_id, $badge_type_id, $feature_ SummitScopes::WriteSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -847,7 +847,7 @@ public function addViewTypeToBadgeType($summit_id, $badge_type_id, $view_type_id SummitScopes::WriteSummitData ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators,