Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(ControllerMethod): Warn about required password confirmation #117

Merged
merged 1 commit into from
Apr 9, 2024
Merged

feat(ControllerMethod): Warn about required password confirmation #117

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion generate-spec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -444,6 +444,7 @@ foreach ($parsedRoutes as $key => $value) {
$isAdmin = !Helpers::classMethodHasAnnotationOrAttribute($methodFunction, "NoAdminRequired") && !$isPublic;
$isDeprecated = Helpers::classMethodHasAnnotationOrAttribute($methodFunction, "deprecated");
$isIgnored = Helpers::classMethodHasAnnotationOrAttribute($methodFunction, "IgnoreOpenAPI");
$isPasswordConfirmation = Helpers::classMethodHasAnnotationOrAttribute($methodFunction, "PasswordConfirmationRequired");
$scopes = Helpers::getOpenAPIAttributeScopes($classMethod, $routeName);

if ($isIgnored) {
Expand Down Expand Up @@ -493,7 +494,7 @@ foreach ($parsedRoutes as $key => $value) {
];
}

$classMethodInfo = ControllerMethod::parse($routeName, $definitions, $methodFunction, $isAdmin, $isDeprecated);
$classMethodInfo = ControllerMethod::parse($routeName, $definitions, $methodFunction, $isAdmin, $isDeprecated, $isPasswordConfirmation);
if (count($classMethodInfo->returns) > 0) {
Logger::error($routeName, "Returns an invalid response");
continue;
Expand Down
6 changes: 5 additions & 1 deletion src/ControllerMethod.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ class ControllerMethod {
public function __construct(public array $parameters, public array $responses, public array $returns, public array $responseDescription, public array $description, public ?string $summary, public bool $isDeprecated) {
}

public static function parse(string $context, array $definitions, ClassMethod $method, bool $isAdmin, bool $isDeprecated): ControllerMethod {
public static function parse(string $context, array $definitions, ClassMethod $method, bool $isAdmin, bool $isDeprecated, bool $isPasswordConfirmation): ControllerMethod {
global $phpDocParser, $lexer, $allowMissingDocs;

$parameters = [];
Expand Down Expand Up @@ -192,6 +192,10 @@ public static function parse(string $context, array $definitions, ClassMethod $m
$methodDescription[] = "This endpoint requires admin access";
}

if ($isPasswordConfirmation) {
$methodDescription[] = "This endpoint requires password confirmation";
}

if (count($methodDescription) == 1) {
$methodSummary = $methodDescription[0];
$methodDescription = [];
Expand Down
2 changes: 2 additions & 0 deletions tests/appinfo/routes.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,5 +67,7 @@
['name' => 'Settings#throwingOther', 'url' => '/api/{apiVersion}/throwing/other', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']],
['name' => 'Settings#empty204', 'url' => '/api/{apiVersion}/204', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']],
['name' => 'Settings#empty304', 'url' => '/api/{apiVersion}/304', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']],
['name' => 'Settings#passwordConfirmationAnnotation', 'url' => '/api/{apiVersion}/passwordConfirmationAnnotation', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']],
['name' => 'Settings#passwordConfirmationAttribute', 'url' => '/api/{apiVersion}/passwordConfirmationAttribute', 'verb' => 'POST', 'requirements' => ['apiVersion' => '(v2)']],
],
];
25 changes: 25 additions & 0 deletions tests/lib/Controller/SettingsController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Attribute\IgnoreOpenAPI;
use OCP\AppFramework\Http\Attribute\OpenAPI;
use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\OCS\OCSNotFoundException;
use OCP\AppFramework\OCSController;
Expand Down Expand Up @@ -461,4 +462,28 @@ public function empty204(): DataResponse {
public function empty304(): DataResponse {
return new DataResponse();
}

/**
* Route with password confirmation annotation
*
* @return DataResponse<Http::STATUS_OK, array<empty>, array{}>
* @PasswordConfirmationRequired
*
* 200: OK
*/
public function passwordConfirmationAnnotation(): DataResponse {
return new DataResponse();
}

/**
* Route with password confirmation attribute
*
* @return DataResponse<Http::STATUS_OK, array<empty>, array{}>
*
* 200: OK
*/
#[PasswordConfirmationRequired]
public function passwordConfirmationAttribute(): DataResponse {
return new DataResponse();
}
}
144 changes: 144 additions & 0 deletions tests/openapi-administration.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2429,6 +2429,150 @@
}
}
},
"/ocs/v2.php/apps/notifications/api/{apiVersion}/passwordConfirmationAnnotation": {
"post": {
"operationId": "settings-password-confirmation-annotation",
"summary": "Route with password confirmation annotation",
"description": "This endpoint requires admin access\nThis endpoint requires password confirmation",
"tags": [
"settings"
],
"security": [
{
"bearer_auth": []
},
{
"basic_auth": []
}
],
"parameters": [
{
"name": "apiVersion",
"in": "path",
"required": true,
"schema": {
"type": "string",
"enum": [
"v2"
],
"default": "v2"
}
},
{
"name": "OCS-APIRequest",
"in": "header",
"description": "Required to be true for the API request to pass",
"required": true,
"schema": {
"type": "boolean",
"default": true
}
}
],
"responses": {
"200": {
"description": "OK",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
}
}
}
}
},
"/ocs/v2.php/apps/notifications/api/{apiVersion}/passwordConfirmationAttribute": {
"post": {
"operationId": "settings-password-confirmation-attribute",
"summary": "Route with password confirmation attribute",
"description": "This endpoint requires admin access\nThis endpoint requires password confirmation",
"tags": [
"settings"
],
"security": [
{
"bearer_auth": []
},
{
"basic_auth": []
}
],
"parameters": [
{
"name": "apiVersion",
"in": "path",
"required": true,
"schema": {
"type": "string",
"enum": [
"v2"
],
"default": "v2"
}
},
{
"name": "OCS-APIRequest",
"in": "header",
"description": "Required to be true for the API request to pass",
"required": true,
"schema": {
"type": "boolean",
"default": true
}
}
],
"responses": {
"200": {
"description": "OK",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
}
}
}
}
},
"/ocs/v2.php/tests/attribute-ocs/{param}": {
"get": {
"operationId": "routing-attributeocs-route",
Expand Down
144 changes: 144 additions & 0 deletions tests/openapi-full.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2556,6 +2556,150 @@
}
}
},
"/ocs/v2.php/apps/notifications/api/{apiVersion}/passwordConfirmationAnnotation": {
"post": {
"operationId": "settings-password-confirmation-annotation",
"summary": "Route with password confirmation annotation",
"description": "This endpoint requires admin access\nThis endpoint requires password confirmation",
"tags": [
"settings"
],
"security": [
{
"bearer_auth": []
},
{
"basic_auth": []
}
],
"parameters": [
{
"name": "apiVersion",
"in": "path",
"required": true,
"schema": {
"type": "string",
"enum": [
"v2"
],
"default": "v2"
}
},
{
"name": "OCS-APIRequest",
"in": "header",
"description": "Required to be true for the API request to pass",
"required": true,
"schema": {
"type": "boolean",
"default": true
}
}
],
"responses": {
"200": {
"description": "OK",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
}
}
}
}
},
"/ocs/v2.php/apps/notifications/api/{apiVersion}/passwordConfirmationAttribute": {
"post": {
"operationId": "settings-password-confirmation-attribute",
"summary": "Route with password confirmation attribute",
"description": "This endpoint requires admin access\nThis endpoint requires password confirmation",
"tags": [
"settings"
],
"security": [
{
"bearer_auth": []
},
{
"basic_auth": []
}
],
"parameters": [
{
"name": "apiVersion",
"in": "path",
"required": true,
"schema": {
"type": "string",
"enum": [
"v2"
],
"default": "v2"
}
},
{
"name": "OCS-APIRequest",
"in": "header",
"description": "Required to be true for the API request to pass",
"required": true,
"schema": {
"type": "boolean",
"default": true
}
}
],
"responses": {
"200": {
"description": "OK",
"content": {
"application/json": {
"schema": {
"type": "object",
"required": [
"ocs"
],
"properties": {
"ocs": {
"type": "object",
"required": [
"meta",
"data"
],
"properties": {
"meta": {
"$ref": "#/components/schemas/OCSMeta"
},
"data": {}
}
}
}
}
}
}
}
}
}
},
"/ocs/v2.php/tests/attribute-ocs/{param}": {
"get": {
"operationId": "routing-attributeocs-route",
Expand Down
Loading