hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

split api-definition.yaml

Browse Source
This commit is contained in:
Michael Hoennig 2022-08-11 09:29:15 +02:00
parent 5ebed0f75d
commit cb84efe63d
15 changed files with 370 additions and 321 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

338
src/main/resources/api-definition.yaml
View File

@ -8,144 +8,29 @@ servers:
paths: paths:
/api/customers: # RBAC
get:
summary: Returns a list of (optionally filtered) customers.
description: Returns the list of (optionally filtered) customers which are visible to the current user or any of it's assumed roles.
tags:
- customers
operationId: listCustomers
parameters:
- $ref: '#/components/parameters/currentUser'
- $ref: '#/components/parameters/assumedRoles'
- name: prefix
in: query
required: false
schema:
type: string
description: Customer-prefix to filter the results.
responses:
"200":
description: OK
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/Customer'
"401":
description: Not Authorized
"403":
description: Forbidden
post:
summary: Adds a new customer.
tags:
- customers
operationId: addCustomer
parameters:
- $ref: '#/components/parameters/currentUser'
- $ref: '#/components/parameters/assumedRoles'
requestBody:
content:
'application/json':
schema:
$ref: '#/components/schemas/Customer'
required: true
responses:
"200":
description: OK
content:
'application/json':
schema:
$ref: '#/components/schemas/Customer'
/api/rbac-users: /api/rbac-users:
get: $ref: "./api-definition/rbac-users.yaml"
tags:
- rbacusers
description: List accessible RBAC users with optional filter by name.
operationId: listUsers
parameters:
- $ref: '#/components/parameters/currentUser'
- $ref: '#/components/parameters/assumedRoles'
- name: name
in: query
required: false
schema:
type: string
responses:
"200":
description: OK
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/RbacUser'
"401":
description: if the 'current-user' cannot be identified
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/RbacUser'
"403":
description: if the 'current-user' is not allowed to assume any of the roles
from 'assumed-roles'
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/RbacUser'
/api/rbac-users/{userName}/permissions: /api/rbac-users/{userName}/permissions:
get: $ref: "./api-definition/rbac-users-permissions.yaml"
tags:
- rbacusers
description: 'List all visible permissions granted to the given user; reduced '
operationId: listUserPermissions
parameters:
- $ref: '#/components/parameters/currentUser'
- $ref: '#/components/parameters/assumedRoles'
- name: userName
in: path
required: true
schema:
type: string
responses:
"200":
description: OK
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/RbacUserPermission'
"401":
$ref: '#/components/responses/Unauthorized'
"403":
$ref: '#/components/responses/Forbidden'
/api/rbac-roles: /api/rbac-roles:
get: $ref: "./api-definition/rbac-roles.yaml"
tags:
- rbacroles # HS
operationId: listRoles
parameters: /api/customers:
- $ref: '#/components/parameters/currentUser' $ref: "./api-definition/hs-customers.yaml"
- $ref: '#/components/parameters/assumedRoles'
responses: /api/packages:
"200": $ref: "./api-definition/hs-packages.yaml"
description: OK
content: /api/packages/{packageUUID}:
'application/json': $ref: "./api-definition/hs-packages-uuid.yaml"
schema:
type: array # Other
items:
$ref: '#/components/schemas/RbacRole'
/api/ping: /api/ping:
get: get:
@ -159,192 +44,3 @@ paths:
'application/json': 'application/json':
schema: schema:
type: string type: string
/api/packages:
get:
tags:
- packages
operationId: listPackages
parameters:
- $ref: '#/components/parameters/currentUser'
- $ref: '#/components/parameters/assumedRoles'
- name: name
in: query
required: false
schema:
type: string
responses:
"200":
description: OK
content:
'application/json':
schema:
type: array
items:
$ref: '#/components/schemas/Package'
"401":
$ref: '#/components/responses/Unauthorized'
"403":
$ref: '#/components/responses/Forbidden'
/api/packages/{packageUUID}:
patch:
tags:
- packages
operationId: updatePackage
parameters:
- $ref: '#/components/parameters/currentUser'
- $ref: '#/components/parameters/assumedRoles'
- name: packageUUID
in: path
required: true
schema:
type: string
format: uuid
requestBody:
content:
'application/json':
schema:
$ref: '#/components/schemas/PackageUpdate'
responses:
"200":
description: OK
content:
'application/json':
schema:
$ref: '#/components/schemas/Package'
"401":
$ref: '#/components/responses/Unauthorized'
"403":
$ref: '#/components/responses/Forbidden'
components:
parameters:
currentUser:
name: current-user
in: header
required: true
schema:
type: string
description: Identifying name of the currently logged in user.
assumedRoles:
name: assumed-roles
in: header
required: false
schema:
type: string
description: Semicolon-separated list of roles to assume. The current user needs to have the right to assume these roles.
responses:
NotFound:
description: The specified was not found.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
Unauthorized:
description: The current user is unknown or not authorized.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
Forbidden:
description: The current user or none of the assumed or roles is granted access to the .
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
schemas:
Customer:
type: object
properties:
uuid:
type: string
format: uuid
prefix:
type: string
reference:
type: integer
format: int32
adminUserName:
type: string
RbacUser:
type: object
properties:
uuid:
type: string
format: uuid
name:
type: string
RbacUserPermission:
type: object
properties:
objectUuid:
type: string
format: uuid
objectTable:
type: string
objectIdName:
type: string
roleName:
type: string
roleUuid:
type: string
format: uuid
permissionUuid:
type: string
format: uuid
op:
type: string
RbacRole:
type: object
properties:
uuid:
type: string
format: uuid
objectUuid:
type: string
format: uuid
objectTable:
type: string
objectIdName:
type: string
roleType:
type: string
enum:
- owner
- admin
- tenant
roleName:
type: string
Package:
type: object
properties:
uuid:
type: string
format: uuid
customer:
$ref: '#/components/schemas/Customer'
name:
type: string
description:
type: string
maxLength: 80
PackageUpdate:
type: object
properties:
description:
type: string
maxLength: 80
nullable: true
Error:
type: object
properties:
code:
type: string
message:
type: string
required:
- code
- message

5
src/main/resources/api-definition/README.md Normal file
View File

@ -0,0 +1,5 @@
The symbolik self-link 'api-definition' is a workaround to align IntelliJ IDEAs relative link interpretation with the interpretation of OpenAPI-generator.
Where IDEA only uses the path of the file in which the `$ref` is used,
the OpenAPI-generator always uses the path of the root API definition to resolve relative links.
See also https://github.com/OpenAPITools/openapi-generator/issues/10320.

1
src/main/resources/api-definition/api-definition Symbolic link
View File

@ -0,0 +1 @@
.

20
src/main/resources/api-definition/auth.yaml Normal file
View File

@ -0,0 +1,20 @@
components:
parameters:
currentUser:
name: current-user
in: header
required: true
schema:
type: string
description: Identifying name of the currently logged in user.
assumedRoles:
name: assumed-roles
in: header
required: false
schema:
type: string
description: Semicolon-separated list of roles to assume. The current user needs to have the right to assume these roles.

34
src/main/resources/api-definition/error-responses.yaml Normal file
View File

@ -0,0 +1,34 @@
components:
responses:
NotFound:
description: The specified was not found.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
Unauthorized:
description: The current user is unknown or not authorized.
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
Forbidden:
description: The current user or none of the assumed or roles is granted access to the .
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
schemas:
Error:
type: object
properties:
code:
type: string
message:
type: string
required:
- code
- message

19
src/main/resources/api-definition/hs-customer-schemas.yaml Normal file
View File

@ -0,0 +1,19 @@
components:
schemas:
Customer:
type: object
properties:
uuid:
type: string
format: uuid
prefix:
type: string
reference:
type: integer
format: int32
adminUserName:
type: string

54
src/main/resources/api-definition/hs-customers.yaml Normal file
View File

@ -0,0 +1,54 @@
get:
summary: Returns a list of (optionally filtered) customers.
description: Returns the list of (optionally filtered) customers which are visible to the current user or any of it's assumed roles.
tags:
- customers
operationId: listCustomers
parameters:
- $ref: './api-definition/auth.yaml#/components/parameters/currentUser'
- $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles'
- name: prefix
in: query
required: false
schema:
type: string
description: Customer-prefix to filter the results.
responses:
"200":
description: OK
content:
'application/json':
schema:
type: array
items:
$ref: './api-definition/hs-customer-schemas.yaml#/components/schemas/Customer'
"401":
$ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: './api-definition/error-responses.yaml#/components/responses/Forbidden'
post:
summary: Adds a new customer.
tags:
- customers
operationId: addCustomer
parameters:
- $ref: './api-definition/auth.yaml#/components/parameters/currentUser'
- $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles'
requestBody:
content:
'application/json':
schema:
$ref: './api-definition/api-definition/hs-customer-schemas.yaml#/components/schemas/Customer'
required: true
responses:
"200":
description: OK
content:
'application/json':
schema:
$ref: './api-definition/hs-customer-schemas/components.yaml#/schemas/Customer'
"401":
$ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: './api-definition/error-responses.yaml#/components/responses/Forbidden'

25
src/main/resources/api-definition/hs-package-schemas.yaml Normal file
View File

@ -0,0 +1,25 @@
components:
schemas:
Package:
type: object
properties:
uuid:
type: string
format: uuid
customer:
$ref: './api-definition/hs-customers-schemas.yaml#/components/schemas/Customer'
name:
type: string
description:
type: string
maxLength: 80
PackageUpdate:
type: object
properties:
description:
type: string
maxLength: 80
nullable: true

29
src/main/resources/api-definition/hs-packages-uuid.yaml Normal file
View File

@ -0,0 +1,29 @@
patch:
tags:
- packages
operationId: updatePackage
parameters:
- $ref: '#/components/parameters/currentUser'
- $ref: '#/components/parameters/assumedRoles'
- name: packageUUID
in: path
required: true
schema:
type: string
format: uuid
requestBody:
content:
'application/json':
schema:
$ref: '#/components/schemas/PackageUpdate'
responses:
"200":
description: OK
content:
'application/json':
schema:
$ref: '#/components/schemas/Package'
"401":
$ref: '#/components/responses/Unauthorized'
"403":
$ref: '#/components/responses/Forbidden'

25
src/main/resources/api-definition/hs-packages.yaml Normal file
View File

@ -0,0 +1,25 @@
get:
tags:
- packages
operationId: listPackages
parameters:
- $ref: './auth.yaml#/components/parameters/currentUser'
- $ref: './auth.yaml#/components/parameters/assumedRoles'
- name: name
in: query
required: false
schema:
type: string
responses:
"200":
description: OK
content:
'application/json':
schema:
type: array
items:
$ref: './hs-package-schemas/components/schemas/Package'
"401":
$ref: './error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: './error-responses.yaml#/components/responses/Forbidden'

26
src/main/resources/api-definition/rbac-role-schemas.yaml Normal file
View File

@ -0,0 +1,26 @@
components:
schemas:
RbacRole:
type: object
properties:
uuid:
type: string
format: uuid
objectUuid:
type: string
format: uuid
objectTable:
type: string
objectIdName:
type: string
roleType:
type: string
enum:
- owner
- admin
- tenant
roleName:
type: string

16
src/main/resources/api-definition/rbac-roles.yaml Normal file
View File

@ -0,0 +1,16 @@
get:
tags:
- rbacroles
operationId: listRoles
parameters:
- $ref: './api-definition/auth.yaml#/components/parameters/currentUser'
- $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles'
responses:
"200":
description: OK
content:
'application/json':
schema:
type: array
items:
$ref: './api-definition/rbac-role-schemas.yaml#/components/schemas/RbacRole'

33
src/main/resources/api-definition/rbac-user-schemas.yaml Normal file
View File

@ -0,0 +1,33 @@
components:
schemas:
RbacUser:
type: object
properties:
uuid:
type: string
format: uuid
name:
type: string
RbacUserPermission:
type: object
properties:
objectUuid:
type: string
format: uuid
objectTable:
type: string
objectIdName:
type: string
roleName:
type: string
roleUuid:
type: string
format: uuid
permissionUuid:
type: string
format: uuid
op:
type: string

27
src/main/resources/api-definition/rbac-users-permissions.yaml Normal file
View File

@ -0,0 +1,27 @@
get:
tags:
- rbacusers
description: 'List all visible permissions granted to the given user; reduced '
operationId: listUserPermissions
parameters:
- $ref: './api-definition/auth.yaml#/components/parameters/currentUser'
- $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles'
- name: userName
in: path
required: true
schema:
type: string
responses:
"200":
description: OK
content:
'application/json':
schema:
type: array
items:
$ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUserPermission'
"401":
$ref: './api-definition/error-responses.yaml#/components/responses/Unauthorized'
"403":
$ref: './api-definition/error-responses.yaml#/components/responses/Forbidden'

39
src/main/resources/api-definition/rbac-users.yaml Normal file
View File

@ -0,0 +1,39 @@
get:
tags:
- rbacusers
description: List accessible RBAC users with optional filter by name.
operationId: listUsers
parameters:
- $ref: './api-definition/auth.yaml#/components/parameters/currentUser'
- $ref: './api-definition/auth.yaml#/components/parameters/assumedRoles'
- name: name
in: query
required: false
schema:
type: string
responses:
"200":
description: OK
content:
'application/json':
schema:
type: array
items:
$ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser'
"401":
description: if the 'current-user' cannot be identified
content:
'application/json':
schema:
type: array
items:
$ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser'
"403":
description: if the 'current-user' is not allowed to assume any of the roles
from 'assumed-roles'
content:
'application/json':
schema:
type: array
items:
$ref: './api-definition/rbac-user-schemas.yaml#/components/schemas/RbacUser'