feat(generate-spec): Ignore index.php routes by default

Signed-off-by: provokateurin <[email protected]>
nextcloud · Dec 17, 2024 · 492cfc7 · 492cfc7
1 parent b9a7edd
commit 492cfc7
Show file tree

Hide file tree

Showing 4 changed files with 88 additions and 0 deletions.
diff --git a/generate-spec.php b/generate-spec.php
@@ -466,6 +466,8 @@
 		if ($scopes === []) {
 			if ($controllerScopes !== []) {
 				$scopes = $controllerScopes;
+			} elseif (!$isOCS) {
+				$scopes = ['ignore'];
 			} elseif ($isExApp) {
 				$scopes = ['ex_app'];
 			} elseif ($isAdmin) {

diff --git a/tests/lib/Controller/PlainController.php b/tests/lib/Controller/PlainController.php
@@ -0,0 +1,40 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Notifications\Controller;
+
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\FrontpageRoute;
+use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
+use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Response;
+
+class PlainController extends Controller {
+	#[NoCSRFRequired]
+	#[FrontpageRoute(verb: 'GET', url: '/plain/ignored')]
+	public function ignored(): Response {
+		return new Response();
+	}
+
+
+	/**
+	 * Route with manual scope to not get ignored
+	 *
+	 * @return Response<Http::STATUS_OK, array{}>
+	 *
+	 * 200: Response returned
+	 */
+	#[NoCSRFRequired]
+	#[OpenAPI(scope: OpenAPI::SCOPE_DEFAULT)]
+	#[FrontpageRoute(verb: 'GET', url: '/plain/with-scope')]
+	public function withScope(): Response {
+		return new Response();
+	}
+}
diff --git a/tests/openapi-full.json b/tests/openapi-full.json
@@ -5485,6 +5485,29 @@
                 }
             }
         },
+        "/index.php/apps/notifications/plain/with-scope": {
+            "get": {
+                "operationId": "plain-with-scope",
+                "summary": "Route with manual scope to not get ignored",
+                "description": "This endpoint requires admin access",
+                "tags": [
+                    "plain"
+                ],
+                "security": [
+                    {
+                        "bearer_auth": []
+                    },
+                    {
+                        "basic_auth": []
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "Response returned"
+                    }
+                }
+            }
+        },
         "/ocs/v2.php/apps/notifications/api/{apiVersion}/ex-app-attribute": {
             "post": {
                 "operationId": "ex_app_settings-ex-app-scope-attribute",

diff --git a/tests/openapi.json b/tests/openapi.json
@@ -797,6 +797,29 @@
                     }
                 }
             }
+        },
+        "/index.php/apps/notifications/plain/with-scope": {
+            "get": {
+                "operationId": "plain-with-scope",
+                "summary": "Route with manual scope to not get ignored",
+                "description": "This endpoint requires admin access",
+                "tags": [
+                    "plain"
+                ],
+                "security": [
+                    {
+                        "bearer_auth": []
+                    },
+                    {
+                        "basic_auth": []
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "Response returned"
+                    }
+                }
+            }
         }
     },
     "tags": []