From b9a7edd2863d97ab82455b75aa3e3889ada6a9cf Mon Sep 17 00:00:00 2001
From: provokateurin <kate@provokateurin.de>
Date: Tue, 17 Dec 2024 12:09:40 +0100
Subject: [PATCH 1/2] fix(generate-spec): Add fallback scopes before checking
 ignores

Signed-off-by: provokateurin <kate@provokateurin.de>
---
 generate-spec.php | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/generate-spec.php b/generate-spec.php
index b31728d..1425328 100755
--- a/generate-spec.php
+++ b/generate-spec.php
@@ -463,15 +463,6 @@
 			Logger::panic($routeName, 'Route is marked as ignore but also has other scopes');
 		}
 
-		if (in_array('ignore', $scopes, true)) {
-			if (count($scopes) === 1) {
-				Logger::debug($routeName, 'Route ignored because of OpenAPI attribute');
-				continue;
-			}
-
-			Logger::panic($routeName, 'Route is marked as ignore but also has other scopes');
-		}
-
 		if ($scopes === []) {
 			if ($controllerScopes !== []) {
 				$scopes = $controllerScopes;
@@ -484,6 +475,15 @@
 			}
 		}
 
+		if (in_array('ignore', $scopes, true)) {
+			if (count($scopes) === 1) {
+				Logger::debug($routeName, 'Route ignored because of OpenAPI attribute');
+				continue;
+			}
+
+			Logger::panic($routeName, 'Route is marked as ignore but also has other scopes');
+		}
+
 		$routeTags = Helpers::getOpenAPIAttributeTagsByScope($classMethod, $routeName, $tagName, reset($scopes));
 
 		if ($isOCS && !array_key_exists('OCSMeta', $schemas)) {

From 492cfc79897232b363701866d8121d852fcd5405 Mon Sep 17 00:00:00 2001
From: provokateurin <kate@provokateurin.de>
Date: Tue, 17 Dec 2024 12:14:51 +0100
Subject: [PATCH 2/2] feat(generate-spec): Ignore index.php routes by default

Signed-off-by: provokateurin <kate@provokateurin.de>
---
 generate-spec.php                        |  2 ++
 tests/lib/Controller/PlainController.php | 40 ++++++++++++++++++++++++
 tests/openapi-full.json                  | 23 ++++++++++++++
 tests/openapi.json                       | 23 ++++++++++++++
 4 files changed, 88 insertions(+)
 create mode 100644 tests/lib/Controller/PlainController.php

diff --git a/generate-spec.php b/generate-spec.php
index 1425328..c1d4b0c 100755
--- a/generate-spec.php
+++ b/generate-spec.php
@@ -466,6 +466,8 @@
 		if ($scopes === []) {
 			if ($controllerScopes !== []) {
 				$scopes = $controllerScopes;
+			} elseif (!$isOCS) {
+				$scopes = ['ignore'];
 			} elseif ($isExApp) {
 				$scopes = ['ex_app'];
 			} elseif ($isAdmin) {
diff --git a/tests/lib/Controller/PlainController.php b/tests/lib/Controller/PlainController.php
new file mode 100644
index 0000000..e5c5ba9
--- /dev/null
+++ b/tests/lib/Controller/PlainController.php
@@ -0,0 +1,40 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Notifications\Controller;
+
+use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\FrontpageRoute;
+use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
+use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Response;
+
+class PlainController extends Controller {
+	#[NoCSRFRequired]
+	#[FrontpageRoute(verb: 'GET', url: '/plain/ignored')]
+	public function ignored(): Response {
+		return new Response();
+	}
+
+
+	/**
+	 * Route with manual scope to not get ignored
+	 *
+	 * @return Response<Http::STATUS_OK, array{}>
+	 *
+	 * 200: Response returned
+	 */
+	#[NoCSRFRequired]
+	#[OpenAPI(scope: OpenAPI::SCOPE_DEFAULT)]
+	#[FrontpageRoute(verb: 'GET', url: '/plain/with-scope')]
+	public function withScope(): Response {
+		return new Response();
+	}
+}
diff --git a/tests/openapi-full.json b/tests/openapi-full.json
index 14c533e..2519a54 100644
--- a/tests/openapi-full.json
+++ b/tests/openapi-full.json
@@ -5485,6 +5485,29 @@
                 }
             }
         },
+        "/index.php/apps/notifications/plain/with-scope": {
+            "get": {
+                "operationId": "plain-with-scope",
+                "summary": "Route with manual scope to not get ignored",
+                "description": "This endpoint requires admin access",
+                "tags": [
+                    "plain"
+                ],
+                "security": [
+                    {
+                        "bearer_auth": []
+                    },
+                    {
+                        "basic_auth": []
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "Response returned"
+                    }
+                }
+            }
+        },
         "/ocs/v2.php/apps/notifications/api/{apiVersion}/ex-app-attribute": {
             "post": {
                 "operationId": "ex_app_settings-ex-app-scope-attribute",
diff --git a/tests/openapi.json b/tests/openapi.json
index 57520b8..6173bb9 100644
--- a/tests/openapi.json
+++ b/tests/openapi.json
@@ -797,6 +797,29 @@
                     }
                 }
             }
+        },
+        "/index.php/apps/notifications/plain/with-scope": {
+            "get": {
+                "operationId": "plain-with-scope",
+                "summary": "Route with manual scope to not get ignored",
+                "description": "This endpoint requires admin access",
+                "tags": [
+                    "plain"
+                ],
+                "security": [
+                    {
+                        "bearer_auth": []
+                    },
+                    {
+                        "basic_auth": []
+                    }
+                ],
+                "responses": {
+                    "200": {
+                        "description": "Response returned"
+                    }
+                }
+            }
         }
     },
     "tags": []