From 142de5bef3bb58dfb3be652020cdbd5673d35762 Mon Sep 17 00:00:00 2001 From: Matias Perrone Date: Tue, 14 Oct 2025 17:48:12 -0300 Subject: [PATCH 1/3] feat: Extend Swagger Coverage for controller `OAuth2SummitDocumentsApiController` --- .../OAuth2SummitDocumentsApiController.php | 477 ++++++++++++++++-- app/Swagger/Models/SummitBadgeTypeSchema.php | 12 +- app/Swagger/SummitRegistrationSchemas.php | 37 -- app/Swagger/SummitSchemas.php | 102 ++++ 4 files changed, 546 insertions(+), 82 deletions(-) diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php index fd3e057cd..461014f9d 100644 --- a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php +++ b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php @@ -1,4 +1,7 @@ -service = $service; } - /** - * @param LaravelRequest $request - * @param $summit_id - * @return \Illuminate\Http\JsonResponse|mixed - */ + #[OA\Get( + path: "/api/v1/summits/{id}/summit-documents", + description: "Get all summit documents", + summary: "Get summit documents", + operationId: "getAllSummitDocuments", + tags: ['Summit Documents'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'page', + in: 'query', + required: false, + schema: new OA\Schema(type: 'integer', default: 1), + description: 'Page number' + ), + new OA\Parameter( + name: 'per_page', + in: 'query', + required: false, + schema: new OA\Schema(type: 'integer', default: 10), + description: 'Items per page' + ), + new OA\Parameter( + name: 'filter', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Filter operators: name=@/==, description=@/==, label=@/==, event_type=@/==, selection_plan_id==' + ), + new OA\Parameter( + name: 'order', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Order by fields: id, name, label' + ), + new OA\Parameter( + name: 'expand', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Relations to expand: event_types, summit, selection_plan' + ), + new OA\Parameter( + name: 'relations', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Relations to include: event_types, summit, selection_plan' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/PaginatedSummitDocumentsResponse") + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] + public function getAllBySummit($summit_id) { + return $this->traitGetAllBySummit($summit_id); + } + + #[OA\Get( + path: "/api/v1/summits/{id}/summit-documents/{document_id}", + description: "Get a specific summit document", + summary: "Get summit document", + operationId: "getSummitDocument", + tags: ['Summit Documents'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'document_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The document id' + ), + new OA\Parameter( + name: 'expand', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Relations to expand: event_types, summit, selection_plan' + ), + new OA\Parameter( + name: 'relations', + in: 'query', + required: false, + explode: false, + schema: new OA\Schema(type: 'string'), + description: 'Relations to include: event_types, summit, selection_plan' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitDocument") + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] + public function get($summit_id, $document_id) { + return $this->traitGet($summit_id, $document_id); + } + + #[OA\Post( + path: "/api/v1/summits/{id}/summit-documents", + description: "Create a new summit document", + summary: "Create summit document", + operationId: "addSummitDocument", + tags: ['Summit Documents'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ) + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\MediaType( + mediaType: 'multipart/form-data', + schema: new OA\Schema(ref: "#/components/schemas/SummitDocumentCreateRequest") + ) + ), + responses: [ + new OA\Response( + response: 201, + description: "Created", + content: new OA\JsonContent(ref: "#/components/schemas/SummitDocument") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function add(LaravelRequest $request, $summit_id){ try { @@ -140,12 +316,50 @@ public function add(LaravelRequest $request, $summit_id){ } } - /** - * @param LaravelRequest $request - * @param $summit_id - * @param $document_id - * @return \Illuminate\Http\JsonResponse|mixed - */ + #[OA\Put( + path: "/api/v1/summits/{id}/summit-documents/{document_id}", + description: "Update an existing summit document", + summary: "Update summit document", + operationId: "updateSummitDocument", + tags: ['Summit Documents'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'document_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The document id' + ) + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\MediaType( + mediaType: 'multipart/form-data', + schema: new OA\Schema(ref: "#/components/schemas/SummitDocumentUpdateRequest") + ) + ), + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitDocument") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function update(LaravelRequest $request, $summit_id, $document_id){ try { @@ -208,6 +422,41 @@ public function update(LaravelRequest $request, $summit_id, $document_id){ } } + #[OA\Delete( + path: "/api/v1/summits/{id}/summit-documents/{document_id}", + description: "Delete a summit document", + summary: "Delete summit document", + operationId: "deleteSummitDocument", + tags: ['Summit Documents'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'document_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The document id' + ) + ], + responses: [ + new OA\Response(response: 204, description: 'No Content'), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] + public function delete($summit_id, $document_id) { + return $this->traitDelete($summit_id, $document_id); + } + /** * @inheritDoc */ @@ -269,12 +518,50 @@ protected function getOrderRules():array{ ]; } - /** - * @param $summit_id - * @param $document_id - * @param $event_type_id - * @return \Illuminate\Http\JsonResponse|mixed - */ + #[OA\Put( + path: "/api/v1/summits/{id}/summit-documents/{document_id}/event-types/{event_type_id}", + description: "Add an event type to a summit document", + summary: "Add event type to document", + operationId: "addEventTypeToDocument", + tags: ['Summit Documents'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'document_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The document id' + ), + new OA\Parameter( + name: 'event_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The event type id' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitDocument") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function addEventType($summit_id, $document_id, $event_type_id){ try { @@ -307,12 +594,50 @@ public function addEventType($summit_id, $document_id, $event_type_id){ } } - /** - * @param $summit_id - * @param $document_id - * @param $event_type_id - * @return \Illuminate\Http\JsonResponse|mixed - */ + #[OA\Delete( + path: "/api/v1/summits/{id}/summit-documents/{document_id}/event-types/{event_type_id}", + description: "Remove an event type from a summit document", + summary: "Remove event type from document", + operationId: "removeEventTypeFromDocument", + tags: ['Summit Documents'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'document_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The document id' + ), + new OA\Parameter( + name: 'event_type_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The event type id' + ) + ], + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitDocument") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function removeEventType($summit_id, $document_id, $event_type_id){ try { @@ -345,12 +670,60 @@ public function removeEventType($summit_id, $document_id, $event_type_id){ } } - /** - * @param LaravelRequest $request - * @param $summit_id - * @param $document_id - * @return \Illuminate\Http\JsonResponse|mixed - */ + #[OA\Post( + path: "/api/v1/summits/{id}/summit-documents/{document_id}/file", + description: "Add or replace a file for a summit document", + summary: "Add file to document", + operationId: "addFileToDocument", + tags: ['Summit Documents'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'document_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The document id' + ) + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\MediaType( + mediaType: 'multipart/form-data', + schema: new OA\Schema( + required: ['file'], + properties: [ + new OA\Property( + property: 'file', + type: 'string', + format: 'binary', + description: 'Document file to upload' + ) + ] + ) + ) + ), + responses: [ + new OA\Response( + response: 200, + description: "OK", + content: new OA\JsonContent(ref: "#/components/schemas/SummitDocument") + ), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function addFile(LaravelRequest $request, $summit_id, $document_id){ return $this->processRequest(function () use ($request, $summit_id, $document_id) { $summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id); @@ -371,11 +744,37 @@ public function addFile(LaravelRequest $request, $summit_id, $document_id){ }); } - /** - * @param $summit_id - * @param $document_id - * @return \Illuminate\Http\JsonResponse|mixed - */ + #[OA\Delete( + path: "/api/v1/summits/{id}/summit-documents/{document_id}/file", + description: "Remove a file from a summit document", + summary: "Remove file from document", + operationId: "removeFileFromDocument", + tags: ['Summit Documents'], + security: [['summit_oauth2' => []]], + parameters: [ + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The summit id' + ), + new OA\Parameter( + name: 'document_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The document id' + ) + ], + responses: [ + new OA\Response(response: 204, description: 'No Content'), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_FORBIDDEN, description: "Forbidden"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error") + ] + )] public function removeFile($summit_id, $document_id){ return $this->processRequest(function () use ($summit_id, $document_id) { $summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id); @@ -385,4 +784,4 @@ public function removeFile($summit_id, $document_id){ return $this->deleted(); }); } -} \ No newline at end of file +} diff --git a/app/Swagger/Models/SummitBadgeTypeSchema.php b/app/Swagger/Models/SummitBadgeTypeSchema.php index 6125c571c..c3fdc6118 100644 --- a/app/Swagger/Models/SummitBadgeTypeSchema.php +++ b/app/Swagger/Models/SummitBadgeTypeSchema.php @@ -10,12 +10,12 @@ type: 'object', properties: [ new OA\Property(property: 'id', type: 'integer', example: 1), - new OA\Property(property: 'created', type: 'integer', example: 1), - new OA\Property(property: 'last_edited', type: 'integer', example: 1), - new OA\Property(property: 'name', type: 'string'), - new OA\Property(property: 'description', type: 'string'), - new OA\Property(property: 'template_content', type: 'string'), - new OA\Property(property: 'is_default', type: 'boolean'), + new OA\Property(property: "created", type: "integer", description: "Unix timestamp", example: 1640995200), + new OA\Property(property: "last_edited", type: "integer", description: "Unix timestamp", example: 1640995200), + new OA\Property(property: "name", type: "string", example: "Attendee"), + new OA\Property(property: "description", type: "string", example: "Standard attendee badge"), + new OA\Property(property: "template_content", type: "string", nullable: true, example: "Badge template content"), + new OA\Property(property: "is_default", type: "boolean", example: false), new OA\Property(property: 'summit_id', type: 'integer', description: 'Summit ID, use expand=summit for full object details'), new OA\Property( property: 'access_levels', diff --git a/app/Swagger/SummitRegistrationSchemas.php b/app/Swagger/SummitRegistrationSchemas.php index e9440c4e6..2d2860b2a 100644 --- a/app/Swagger/SummitRegistrationSchemas.php +++ b/app/Swagger/SummitRegistrationSchemas.php @@ -6,43 +6,6 @@ // Badge Types -#[OA\Schema( - schema: "SummitBadgeType", - description: "Summit badge type", - type: "object", - properties: [ - new OA\Property(property: "id", type: "integer", example: 1), - new OA\Property(property: "created", type: "integer", description: "Unix timestamp", example: 1640995200), - new OA\Property(property: "last_edited", type: "integer", description: "Unix timestamp", example: 1640995200), - new OA\Property(property: "name", type: "string", example: "Attendee"), - new OA\Property(property: "description", type: "string", example: "Standard attendee badge"), - new OA\Property(property: "template_content", type: "string", nullable: true, example: "Badge template content"), - new OA\Property(property: "is_default", type: "boolean", example: false), - new OA\Property(property: "summit_id", type: "integer", example: 1), - new OA\Property( - property: "access_levels", - type: "array", - items: new OA\Items(type: "integer"), - description: "SummitAccessLevelType IDs, full objects when expanded" - ), - new OA\Property( - property: "badge_features", - type: "array", - items: new OA\Items(type: "integer"), - description: "SummitBadgeFeatureType IDs, full objects when expanded", - ), - new OA\Property( - property: "allowed_view_types", - type: "array", - items: new OA\Items(type: "integer"), - description: "SummitBadgeViewType IDs, full objects when expanded", - ), - ], -)] -class SummitBadgeType -{ -} - #[OA\Schema( schema: "PaginatedSummitBadgeTypesResponse", description: "Paginated list of summit badge types", diff --git a/app/Swagger/SummitSchemas.php b/app/Swagger/SummitSchemas.php index 489d39517..29e2a685a 100644 --- a/app/Swagger/SummitSchemas.php +++ b/app/Swagger/SummitSchemas.php @@ -4,6 +4,108 @@ use OpenApi\Attributes as OA; +// Summit Documents + +#[OA\Schema( + schema: "SummitDocument", + description: "Summit document", + type: "object", + properties: [ + new OA\Property(property: "id", type: "integer", example: 1), + new OA\Property(property: "created", type: "integer", description: "Unix timestamp", example: 1640995200), + new OA\Property(property: "last_edited", type: "integer", description: "Unix timestamp", example: 1640995200), + new OA\Property(property: "name", type: "string", example: "Code of Conduct"), + new OA\Property(property: "description", type: "string", example: "Summit code of conduct document"), + new OA\Property(property: "label", type: "string", example: "Code of Conduct"), + new OA\Property(property: "show_always", type: "boolean", example: true), + new OA\Property(property: "file", type: "string", format: "uri", nullable: true, example: "https://example.com/document.pdf"), + new OA\Property(property: "web_link", type: "string", format: "uri", nullable: true, example: "https://example.com/page"), + new OA\Property( + property: "event_types", + type: "array", + items: new OA\Items(type: ["integer", "SummitEventType"]), + description: "Array of SummitEventType: objects when expanded, ids otherwise", + ), + ], + anyOf: [ + new OA\Property(property: "summit_id", type: "integer", example: 1), + new OA\Property(property: "summit", type: "Summit"), + new OA\Property(property: "selection_plan_id", type: "integer", nullable: true, example: 1), + new OA\Property(property: "selection_plan", type: "SelectionPlan"), + ] +)] +class SummitDocument {} + +#[OA\Schema( + schema: "PaginatedSummitDocumentsResponse", + description: "Paginated list of summit documents", + allOf: [ + new OA\Schema(ref: "#/components/schemas/PaginateDataSchemaResponse"), + new OA\Schema( + properties: [ + new OA\Property( + property: "data", + type: "array", + items: new OA\Items(ref: "#/components/schemas/SummitDocument") + ) + ] + ) + ] +)] +class PaginatedSummitDocumentsResponse {} + +#[OA\Schema( + schema: "SummitDocumentCreateRequest", + description: "Request to create a summit document", + required: ["name", "label"], + type: "object", + properties: [ + new OA\Property(property: "name", type: "string", example: "Code of Conduct"), + new OA\Property(property: "label", type: "string", example: "Code of Conduct"), + new OA\Property(property: "description", type: "string", nullable: true, example: "Summit code of conduct document"), + new OA\Property(property: "show_always", type: "boolean", nullable: true, example: true), + new OA\Property(property: "web_link", type: "string", format: "uri", nullable: true, example: "https://example.com/page"), + new OA\Property(property: "selection_plan_id", type: "integer", nullable: true, example: 1), + new OA\Property( + property: "event_types", + type: "array", + nullable: true, + items: new OA\Items(type: "integer"), + example: [1, 2, 3] + ), + new OA\Property( + property: "file", + type: "string", + format: "binary", + nullable: true, + description: "Document file upload (required if web_link not provided)" + ), + ] +)] +class SummitDocumentCreateRequest {} + +#[OA\Schema( + schema: "SummitDocumentUpdateRequest", + description: "Request to update a summit document", + type: "object", + properties: [ + new OA\Property(property: "name", type: "string", nullable: true, example: "Code of Conduct"), + new OA\Property(property: "label", type: "string", nullable: true, example: "Code of Conduct"), + new OA\Property(property: "description", type: "string", nullable: true, example: "Summit code of conduct document"), + new OA\Property(property: "show_always", type: "boolean", nullable: true, example: true), + new OA\Property(property: "web_link", type: "string", format: "uri", nullable: true, example: "https://example.com/page"), + new OA\Property(property: "selection_plan_id", type: "integer", nullable: true, example: 1), + new OA\Property( + property: "event_types", + type: "array", + nullable: true, + items: new OA\Items(type: "integer"), + example: [1, 2, 3] + ), + ] +)] +class SummitDocumentUpdateRequest {} + // Summit Attendee Badges #[OA\Schema( From 5b7eb16f7c08463d93316f5f3aa1d0ce169f0a89 Mon Sep 17 00:00:00 2001 From: Matias Perrone Date: Wed, 26 Nov 2025 20:28:57 +0000 Subject: [PATCH 2/3] chore: Add the correct security and x attributes and create security schema --- .../OAuth2SummitDocumentsApiController.php | 87 +++++++++++++++++-- app/Swagger/Security/SummitAuthSchema.php | 25 ++++++ app/Swagger/SummitSchemas.php | 16 ++-- 3 files changed, 109 insertions(+), 19 deletions(-) create mode 100644 app/Swagger/Security/SummitAuthSchema.php diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php index 461014f9d..326cc6051 100644 --- a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php +++ b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php @@ -16,8 +16,10 @@ **/ use App\Http\Utils\MultipartFormDataCleaner; +use App\Models\Foundation\Main\IGroup; use App\Models\Foundation\Summit\Repositories\ISummitDocumentRepository; use App\ModelSerializers\SerializerUtils; +use App\Security\SummitScopes; use App\Services\Model\ISummitDocumentService; use Illuminate\Http\Request as LaravelRequest; use Illuminate\Http\Response; @@ -91,7 +93,9 @@ public function __construct summary: "Get summit documents", operationId: "getAllSummitDocuments", tags: ['Summit Documents'], - security: [['summit_oauth2' => []]], + security: [['summit_document_oauth2' => [ + SummitScopes::ReadAllSummitData, + ]]], parameters: [ new OA\Parameter( name: 'id', @@ -169,7 +173,9 @@ public function getAllBySummit($summit_id) { summary: "Get summit document", operationId: "getSummitDocument", tags: ['Summit Documents'], - security: [['summit_oauth2' => []]], + security: [['summit_document_oauth2' => [ + SummitScopes::ReadAllSummitData, + ]]], parameters: [ new OA\Parameter( name: 'id', @@ -224,7 +230,16 @@ public function get($summit_id, $document_id) { summary: "Create summit document", operationId: "addSummitDocument", tags: ['Summit Documents'], - security: [['summit_oauth2' => []]], + security: [['summit_document_oauth2' => [ + SummitScopes::WriteSummitData, + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -322,7 +337,16 @@ public function add(LaravelRequest $request, $summit_id){ summary: "Update summit document", operationId: "updateSummitDocument", tags: ['Summit Documents'], - security: [['summit_oauth2' => []]], + security: [['summit_document_oauth2' => [ + SummitScopes::WriteSummitData, + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -428,7 +452,16 @@ public function update(LaravelRequest $request, $summit_id, $document_id){ summary: "Delete summit document", operationId: "deleteSummitDocument", tags: ['Summit Documents'], - security: [['summit_oauth2' => []]], + security: [['summit_document_oauth2' => [ + SummitScopes::WriteSummitData, + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -524,7 +557,16 @@ protected function getOrderRules():array{ summary: "Add event type to document", operationId: "addEventTypeToDocument", tags: ['Summit Documents'], - security: [['summit_oauth2' => []]], + security: [['summit_document_oauth2' => [ + SummitScopes::WriteSummitData, + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -600,7 +642,16 @@ public function addEventType($summit_id, $document_id, $event_type_id){ summary: "Remove event type from document", operationId: "removeEventTypeFromDocument", tags: ['Summit Documents'], - security: [['summit_oauth2' => []]], + security: [['summit_document_oauth2' => [ + SummitScopes::WriteSummitData, + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -676,7 +727,16 @@ public function removeEventType($summit_id, $document_id, $event_type_id){ summary: "Add file to document", operationId: "addFileToDocument", tags: ['Summit Documents'], - security: [['summit_oauth2' => []]], + security: [['summit_document_oauth2' => [ + SummitScopes::WriteSummitData, + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'id', @@ -750,7 +810,16 @@ public function addFile(LaravelRequest $request, $summit_id, $document_id){ summary: "Remove file from document", operationId: "removeFileFromDocument", tags: ['Summit Documents'], - security: [['summit_oauth2' => []]], + security: [['summit_document_oauth2' => [ + SummitScopes::WriteSummitData, + ]]], + x: [ + 'authz_groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'id', diff --git a/app/Swagger/Security/SummitAuthSchema.php b/app/Swagger/Security/SummitAuthSchema.php new file mode 100644 index 000000000..e2820ec28 --- /dev/null +++ b/app/Swagger/Security/SummitAuthSchema.php @@ -0,0 +1,25 @@ + 'Read All Summit Data', + SummitScopes::WriteSummitData => 'Write Summit Data', + ], + ), + ], + ) +] +class SummitAuthSchema {} diff --git a/app/Swagger/SummitSchemas.php b/app/Swagger/SummitSchemas.php index 29e2a685a..16c096390 100644 --- a/app/Swagger/SummitSchemas.php +++ b/app/Swagger/SummitSchemas.php @@ -16,25 +16,21 @@ new OA\Property(property: "last_edited", type: "integer", description: "Unix timestamp", example: 1640995200), new OA\Property(property: "name", type: "string", example: "Code of Conduct"), new OA\Property(property: "description", type: "string", example: "Summit code of conduct document"), - new OA\Property(property: "label", type: "string", example: "Code of Conduct"), new OA\Property(property: "show_always", type: "boolean", example: true), + new OA\Property(property: "label", type: "string", example: "Code of Conduct"), new OA\Property(property: "file", type: "string", format: "uri", nullable: true, example: "https://example.com/document.pdf"), new OA\Property(property: "web_link", type: "string", format: "uri", nullable: true, example: "https://example.com/page"), + new OA\Property(property: "selection_plan_id", type: "integer", nullable: true, description: "SelectionPlan ID, full object description when ?expand=summit (summit)"), new OA\Property( property: "event_types", type: "array", - items: new OA\Items(type: ["integer", "SummitEventType"]), + items: new OA\Items(type: "integer"), description: "Array of SummitEventType: objects when expanded, ids otherwise", ), - ], - anyOf: [ - new OA\Property(property: "summit_id", type: "integer", example: 1), - new OA\Property(property: "summit", type: "Summit"), - new OA\Property(property: "selection_plan_id", type: "integer", nullable: true, example: 1), - new OA\Property(property: "selection_plan", type: "SelectionPlan"), + new OA\Property(property: "summit_id", type: "integer", description: "Summit ID, full object description when ?expand=summit (summit)"), ] )] -class SummitDocument {} +class SummitDocumentSchema {} #[OA\Schema( schema: "PaginatedSummitDocumentsResponse", @@ -52,7 +48,7 @@ class SummitDocument {} ) ] )] -class PaginatedSummitDocumentsResponse {} +class PaginatedSummitDocumentsResponseSchema {} #[OA\Schema( schema: "SummitDocumentCreateRequest", From 89689058b5631bde2efe2f51075201b856fd5dc3 Mon Sep 17 00:00:00 2001 From: Matias Perrone Date: Wed, 3 Dec 2025 20:26:33 +0000 Subject: [PATCH 3/3] feat: Add changes requested --- .../Summit/OAuth2SummitDocumentsApiController.php | 14 +++++++------- app/Swagger/Security/SummitAuthSchema.php | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php index 326cc6051..f60f3aa55 100644 --- a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php +++ b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitDocumentsApiController.php @@ -234,7 +234,7 @@ public function get($summit_id, $document_id) { SummitScopes::WriteSummitData, ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -341,7 +341,7 @@ public function add(LaravelRequest $request, $summit_id){ SummitScopes::WriteSummitData, ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -456,7 +456,7 @@ public function update(LaravelRequest $request, $summit_id, $document_id){ SummitScopes::WriteSummitData, ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -561,7 +561,7 @@ protected function getOrderRules():array{ SummitScopes::WriteSummitData, ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -646,7 +646,7 @@ public function addEventType($summit_id, $document_id, $event_type_id){ SummitScopes::WriteSummitData, ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -731,7 +731,7 @@ public function removeEventType($summit_id, $document_id, $event_type_id){ SummitScopes::WriteSummitData, ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, @@ -814,7 +814,7 @@ public function addFile(LaravelRequest $request, $summit_id, $document_id){ SummitScopes::WriteSummitData, ]]], x: [ - 'authz_groups' => [ + 'required-groups' => [ IGroup::SuperAdmins, IGroup::Administrators, IGroup::SummitAdministrators, diff --git a/app/Swagger/Security/SummitAuthSchema.php b/app/Swagger/Security/SummitAuthSchema.php index e2820ec28..2e5550a54 100644 --- a/app/Swagger/Security/SummitAuthSchema.php +++ b/app/Swagger/Security/SummitAuthSchema.php @@ -1,6 +1,6 @@