From b5b1e4ebfdc440c8b8887e1bac0a2f38324c777d Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 8 Nov 2023 16:51:01 +0100 Subject: [PATCH] Move admin-only routes to administration scope when default only Signed-off-by: Joas Schilling --- generate-spec | 2 + tests/appinfo/routes.php | 4 +- tests/lib/Controller/Settings2Controller.php | 58 ++++++++++++++++ tests/lib/Controller/SettingsController.php | 12 ---- tests/openapi-administration.json | 72 ++++++++++++++++++++ tests/openapi.json | 20 +++--- 6 files changed, 145 insertions(+), 23 deletions(-) create mode 100644 tests/lib/Controller/Settings2Controller.php diff --git a/generate-spec b/generate-spec index df3e7b6..b4c5a65 100755 --- a/generate-spec +++ b/generate-spec @@ -346,6 +346,8 @@ foreach ($parsedRoutes as $key => $value) { if (empty($scopes)) { if (!empty($controllerScopes)) { $scopes = $controllerScopes; + } else if ($isAdmin) { + $scopes = ['administration']; } else { $scopes = ['default']; } diff --git a/tests/appinfo/routes.php b/tests/appinfo/routes.php index 764dccb..c739c82 100644 --- a/tests/appinfo/routes.php +++ b/tests/appinfo/routes.php @@ -29,8 +29,10 @@ ['name' => 'Settings#federationByController', 'url' => '/api/{apiVersion}/controller-scope', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']], ['name' => 'Settings#ignoreByMethod', 'url' => '/api/{apiVersion}/ignore-method', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']], ['name' => 'Settings#defaultScope', 'url' => '/api/{apiVersion}/settings', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']], - ['name' => 'Settings#defaultAdminScope', 'url' => '/api/{apiVersion}/default-admin', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']], ['name' => 'Settings#adminScope', 'url' => '/api/{apiVersion}/admin', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']], ['name' => 'Settings#doubleScope', 'url' => '/api/{apiVersion}/double', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']], + + ['name' => 'Settings2#defaultAdminScopeOverwritten', 'url' => '/api/{apiVersion}/default-admin-overwritten', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']], + ['name' => 'Settings2#defaultAdminScope', 'url' => '/api/{apiVersion}/default-admin', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']], ], ]; diff --git a/tests/lib/Controller/Settings2Controller.php b/tests/lib/Controller/Settings2Controller.php new file mode 100644 index 0000000..e2bd2e5 --- /dev/null +++ b/tests/lib/Controller/Settings2Controller.php @@ -0,0 +1,58 @@ + + * + * @author Julien Barnoin + * + * @license AGPL-3.0-or-later + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + +namespace OCA\Notifications\Controller; + +use OCA\Notifications\ResponseDefinitions; +use OCP\AppFramework\Http; +use OCP\AppFramework\Http\Attribute\OpenAPI; +use OCP\AppFramework\Http\DataResponse; +use OCP\AppFramework\OCSController; + +class Settings2Controller extends OCSController { + /** + * Route is only in the admin scope because there is no "NoAdminRequired" annotation or attribute + * + * @return DataResponse, array{}> + * + * 200: Personal settings updated + */ + public function defaultAdminScope(): DataResponse { + return new DataResponse(); + } + + /** + * Route is only in the admin scope because there is no "NoAdminRequired" annotation or attribute + * + * @return DataResponse, array{}> + * + * 200: Personal settings updated + */ + #[OpenAPI] + public function defaultAdminScopeOverwritten(): DataResponse { + return new DataResponse(); + } +} diff --git a/tests/lib/Controller/SettingsController.php b/tests/lib/Controller/SettingsController.php index e237f3f..0d5faa2 100644 --- a/tests/lib/Controller/SettingsController.php +++ b/tests/lib/Controller/SettingsController.php @@ -79,18 +79,6 @@ public function defaultScope(): DataResponse { return new DataResponse(); } - /** - * Route is only in the admin scope because there is no "NoAdminRequired" annotation or attribute - * - * @return DataResponse, array{}> - * - * 200: Personal settings updated - */ - #[OpenAPI] - public function defaultAdminScope(): DataResponse { - return new DataResponse(); - } - /** * @NoAdminRequired * diff --git a/tests/openapi-administration.json b/tests/openapi-administration.json index 65f90fb..07cb371 100644 --- a/tests/openapi-administration.json +++ b/tests/openapi-administration.json @@ -209,6 +209,78 @@ } } } + }, + "/ocs/v2.php/apps/notifications/api/{apiVersion}/default-admin": { + "post": { + "operationId": "settings2-default-admin-scope", + "summary": "Route is only in the admin scope because there is no \"NoAdminRequired\" annotation or attribute", + "description": "This endpoint requires admin access", + "tags": [ + "settings2" + ], + "security": [ + { + "bearer_auth": [] + }, + { + "basic_auth": [] + } + ], + "parameters": [ + { + "name": "apiVersion", + "in": "path", + "required": true, + "schema": { + "type": "string", + "enum": [ + "v2" + ], + "default": "v2" + } + }, + { + "name": "OCS-APIRequest", + "in": "header", + "description": "Required to be true for the API request to pass", + "required": true, + "schema": { + "type": "boolean", + "default": true + } + } + ], + "responses": { + "200": { + "description": "Personal settings updated", + "content": { + "application/json": { + "schema": { + "type": "object", + "required": [ + "ocs" + ], + "properties": { + "ocs": { + "type": "object", + "required": [ + "meta", + "data" + ], + "properties": { + "meta": { + "$ref": "#/components/schemas/OCSMeta" + }, + "data": {} + } + } + } + } + } + } + } + } + } } }, "tags": [] diff --git a/tests/openapi.json b/tests/openapi.json index c349739..4eb5bb0 100644 --- a/tests/openapi.json +++ b/tests/openapi.json @@ -118,11 +118,10 @@ } } }, - "/ocs/v2.php/apps/notifications/api/{apiVersion}/default-admin": { + "/ocs/v2.php/apps/notifications/api/{apiVersion}/double": { "post": { - "operationId": "settings-default-admin-scope", - "summary": "Route is only in the admin scope because there is no \"NoAdminRequired\" annotation or attribute", - "description": "This endpoint requires admin access", + "operationId": "settings-double-scope", + "summary": "Route is in admin and default scope", "tags": [ "settings" ], @@ -160,7 +159,7 @@ ], "responses": { "200": { - "description": "Personal settings updated", + "description": "Admin settings updated", "content": { "application/json": { "schema": { @@ -190,12 +189,13 @@ } } }, - "/ocs/v2.php/apps/notifications/api/{apiVersion}/double": { + "/ocs/v2.php/apps/notifications/api/{apiVersion}/default-admin-overwritten": { "post": { - "operationId": "settings-double-scope", - "summary": "Route is in admin and default scope", + "operationId": "settings2-default-admin-scope-overwritten", + "summary": "Route is only in the admin scope because there is no \"NoAdminRequired\" annotation or attribute", + "description": "This endpoint requires admin access", "tags": [ - "settings" + "settings2" ], "security": [ { @@ -231,7 +231,7 @@ ], "responses": { "200": { - "description": "Admin settings updated", + "description": "Personal settings updated", "content": { "application/json": { "schema": {