From d7517307800f409e17cee98b2552b98b0a1ca037 Mon Sep 17 00:00:00 2001 From: Jose Andres Tejerina Date: Thu, 23 Oct 2025 15:48:05 -0300 Subject: [PATCH 1/6] feat: Extend Swagger Coverage for controller OAuth2SummitRSVPTemplatesApiController --- ...OAuth2SummitRSVPTemplatesApiController.php | 716 +++++++++++++++++- app/Swagger/SummitRSVPTemplate.php | 86 +++ 2 files changed, 800 insertions(+), 2 deletions(-) create mode 100644 app/Swagger/SummitRSVPTemplate.php diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php index ac75d4924..01a2439e4 100644 --- a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php +++ b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php @@ -14,6 +14,7 @@ use App\Models\Foundation\Summit\Events\RSVP\RSVPMultiValueQuestionTemplate; use App\Models\Foundation\Summit\Repositories\IRSVPTemplateRepository; use App\Services\Model\IRSVPTemplateService; +use Illuminate\Http\Response; use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Request; use Illuminate\Support\Facades\Validator; @@ -24,6 +25,7 @@ use models\oauth2\IResourceServerContext; use models\summit\ISummitRepository; use ModelSerializers\SerializerRegistry; +use OpenApi\Attributes as OA; use utils\Filter; use utils\FilterParser; use utils\OrderParser; @@ -84,6 +86,79 @@ public function __construct * Template endpoints */ + #[OA\Get( + path: "/api/v1/summits/{id}/rsvp-templates", + description: "Get all RSVP templates for a summit with optional filtering and pagination", + summary: 'Read All RSVP Templates', + operationId: 'getAllRSVPTemplatesBySummit', + tags: ['RSVP Templates'], + security: [['oauth2' => ['read']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'filter[]', + in: 'query', + required: false, + description: 'Filter expressions in the format fieldvalue. Operators: @@, ==, =@.', + style: 'form', + explode: true, + schema: new OA\Schema( + type: 'array', + items: new OA\Items(type: 'string', example: 'title@@template') + ) + ), + new OA\Parameter( + name: 'order', + in: 'query', + required: false, + description: 'Order by field(s)', + schema: new OA\Schema(type: 'string', example: 'id,title') + ), + new OA\Parameter( + name: 'expand', + in: 'query', + required: false, + description: 'Comma-separated list of related resources to include', + schema: new OA\Schema(type: 'string') + ), + new OA\Parameter( + name: 'page', + in: 'query', + required: false, + schema: new OA\Schema(type: 'integer', default: 1) + ), + new OA\Parameter( + name: 'per_page', + in: 'query', + required: false, + schema: new OA\Schema(type: 'integer', default: 10) + ), + ], + responses: [ + new OA\Response( + response: 200, + description: 'List of RSVP templates', + content: new OA\JsonContent(ref: '#/components/schemas/PaginatedRSVPTemplatesResponse') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @return mixed @@ -175,6 +250,61 @@ public function getAllBySummit($summit_id){ } } + #[OA\Get( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}", + description: "Get a specific RSVP template", + summary: 'Read RSVP Template', + operationId: 'getRSVPTemplate', + tags: ['RSVP Templates'], + security: [['oauth2' => ['read']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + new OA\Parameter( + name: 'expand', + in: 'query', + required: false, + description: 'Comma-separated list of related resources to include', + schema: new OA\Schema(type: 'string', example: 'questions') + ), + new OA\Parameter( + name: 'relations', + in: 'query', + required: false, + description: 'Relations to load eagerly', + schema: new OA\Schema(type: 'string') + ), + ], + responses: [ + new OA\Response( + response: 200, + description: 'RSVP template details', + content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplate') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id @@ -213,7 +343,40 @@ public function getRSVPTemplate($summit_id, $template_id){ } } - + #[OA\Get( + path: "/api/v1/summits/{id}/rsvp-templates/metadata", + description: "Get metadata about RSVP template questions (available question types, validators, etc)", + summary: 'Read RSVP Template Questions Metadata', + operationId: 'getRSVPTemplateQuestionsMetadata', + tags: ['RSVP Templates'], + security: [['oauth2' => ['read']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + ], + responses: [ + new OA\Response( + response: 200, + description: 'Metadata about RSVP template questions', + content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionMetadata') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @return mixed @@ -227,7 +390,47 @@ public function getRSVPTemplateQuestionsMetadata($summit_id){ $this->rsvp_template_repository->getQuestionsMetadata($summit) ); } - + + #[OA\Delete( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}", + description: "Delete an RSVP template", + summary: 'Delete RSVP Template', + operationId: 'deleteRSVPTemplate', + tags: ['RSVP Templates'], + security: [['oauth2' => ['write']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + ], + responses: [ + new OA\Response( + response: 204, + description: "RSVP template deleted" + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id @@ -258,6 +461,46 @@ public function deleteRSVPTemplate($summit_id, $template_id){ } } + #[OA\Post( + path: "/api/v1/summits/{id}/rsvp-templates", + description: "Create a new RSVP template for a summit", + summary: 'Create RSVP Template', + operationId: 'addRSVPTemplate', + tags: ['RSVP Templates'], + security: [['oauth2' => ['write']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\JsonContent(ref: "#/components/schemas/RSVPTemplate") + ), + responses: [ + new OA\Response( + response: 201, + description: 'RSVP template created', + content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplate') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @return mixed @@ -303,6 +546,53 @@ public function addRSVPTemplate($summit_id){ } } + #[OA\Put( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}", + description: "Update an RSVP template", + summary: 'Update RSVP Template', + operationId: 'updateRSVPTemplate', + tags: ['RSVP Templates'], + security: [['oauth2' => ['write']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\JsonContent(ref: "#/components/schemas/RSVPTemplate") + ), + responses: [ + new OA\Response( + response: 201, + description: 'RSVP template updated', + content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplate') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id @@ -353,6 +643,55 @@ public function updateRSVPTemplate($summit_id, $template_id){ * Questions endpoints */ + #[OA\Get( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}/questions/{question_id}", + description: "Get a specific question from an RSVP template", + summary: 'Read RSVP Template Question', + operationId: 'getRSVPTemplateQuestion', + tags: ['RSVP Templates', 'RSVP Template Questions'], + security: [['oauth2' => ['read']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + new OA\Parameter( + name: 'question_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The question id' + ), + ], + responses: [ + new OA\Response( + response: 200, + description: 'Question details', + content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestion') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id @@ -387,6 +726,53 @@ public function getRSVPTemplateQuestion($summit_id, $template_id, $question_id){ } } + #[OA\Post( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}/questions", + description: "Add a new question to an RSVP template", + summary: 'Create RSVP Template Question', + operationId: 'addRSVPTemplateQuestion', + tags: ['RSVP Templates', 'RSVP Template Questions'], + security: [['oauth2' => ['write']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\JsonContent(ref: "#/components/schemas/RSVPTemplateQuestion") + ), + responses: [ + new OA\Response( + response: 201, + description: 'Question created', + content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestion') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id @@ -433,6 +819,60 @@ public function addRSVPTemplateQuestion($summit_id, $template_id){ } } + #[OA\Put( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}/questions/{question_id}", + description: "Update a question in an RSVP template", + summary: 'Update RSVP Template Question', + operationId: 'updateRSVPTemplateQuestion', + tags: ['RSVP Templates', 'RSVP Template Questions'], + security: [['oauth2' => ['write']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + new OA\Parameter( + name: 'question_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The question id' + ), + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\JsonContent(ref: "#/components/schemas/RSVPTemplateQuestion") + ), + responses: [ + new OA\Response( + response: 201, + description: 'Question updated', + content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestion') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id @@ -480,6 +920,53 @@ public function updateRSVPTemplateQuestion($summit_id, $template_id, $question_i } } + #[OA\Delete( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}/questions/{question_id}", + description: "Delete a question from an RSVP template", + summary: 'Delete RSVP Template Question', + operationId: 'deleteRSVPTemplateQuestion', + tags: ['RSVP Templates', 'RSVP Template Questions'], + security: [['oauth2' => ['write']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + new OA\Parameter( + name: 'question_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The question id' + ), + ], + responses: [ + new OA\Response( + response: 204, + description: "Question deleted" + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id @@ -515,6 +1002,62 @@ public function deleteRSVPTemplateQuestion($summit_id, $template_id, $question_i * values endpoints */ + #[OA\Get( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}/questions/{question_id}/values/{value_id}", + description: "Get a specific value/option for a multi-select question", + summary: 'Read RSVP Template Question Value', + operationId: 'getRSVPTemplateQuestionValue', + tags: ['RSVP Templates', 'RSVP Template Question Values'], + security: [['oauth2' => ['read']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + new OA\Parameter( + name: 'question_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The question id' + ), + new OA\Parameter( + name: 'value_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The value id' + ), + ], + responses: [ + new OA\Response( + response: 200, + description: 'Value details', + content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionValue') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id @@ -556,6 +1099,60 @@ public function getRSVPTemplateQuestionValue($summit_id, $template_id, $question } } + #[OA\Post( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}/questions/{question_id}/values", + description: "Add a value/option to a multi-select question", + summary: 'Create RSVP Template Question Value', + operationId: 'addRSVPTemplateQuestionValue', + tags: ['RSVP Templates', 'RSVP Template Question Values'], + security: [['oauth2' => ['write']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + new OA\Parameter( + name: 'question_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The question id' + ), + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\JsonContent(ref: "#/components/schemas/RSVPTemplateQuestionValue") + ), + responses: [ + new OA\Response( + response: 201, + description: 'Value created', + content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionValue') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id @@ -603,6 +1200,67 @@ public function addRSVPTemplateQuestionValue($summit_id, $template_id, $question } } + #[OA\Put( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}/questions/{question_id}/values/{value_id}", + description: "Update a value/option for a multi-select question", + summary: 'Update RSVP Template Question Value', + operationId: 'updateRSVPTemplateQuestionValue', + tags: ['RSVP Templates', 'RSVP Template Question Values'], + security: [['oauth2' => ['write']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + new OA\Parameter( + name: 'question_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The question id' + ), + new OA\Parameter( + name: 'value_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The value id' + ), + ], + requestBody: new OA\RequestBody( + required: true, + content: new OA\JsonContent(ref: "#/components/schemas/RSVPTemplateQuestionValue") + ), + responses: [ + new OA\Response( + response: 201, + description: 'Value updated', + content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionValue') + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), + new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id @@ -651,6 +1309,60 @@ public function updateRSVPTemplateQuestionValue($summit_id, $template_id, $quest } } + #[OA\Delete( + path: "/api/v1/summits/{id}/rsvp-templates/{template_id}/questions/{question_id}/values/{value_id}", + description: "Delete a value/option from a multi-select question", + summary: 'Delete RSVP Template Question Value', + operationId: 'deleteRSVPTemplateQuestionValue', + tags: ['RSVP Templates', 'RSVP Template Question Values'], + security: [['oauth2' => ['write']]], + parameters: [ + new OA\Parameter( + name: 'access_token', + in: 'query', + required: false, + description: 'OAuth2 access token (alternative to Authorization: Bearer)', + schema: new OA\Schema(type: 'string', example: 'eyJhbGciOi...'), + ), + new OA\Parameter( + name: 'id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'string'), + description: 'The summit id or slug' + ), + new OA\Parameter( + name: 'template_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The RSVP template id' + ), + new OA\Parameter( + name: 'question_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The question id' + ), + new OA\Parameter( + name: 'value_id', + in: 'path', + required: true, + schema: new OA\Schema(type: 'integer'), + description: 'The value id' + ), + ], + responses: [ + new OA\Response( + response: 204, + description: "Value deleted" + ), + new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), + ] + )] /** * @param $summit_id * @param $template_id diff --git a/app/Swagger/SummitRSVPTemplate.php b/app/Swagger/SummitRSVPTemplate.php new file mode 100644 index 000000000..59c09fd38 --- /dev/null +++ b/app/Swagger/SummitRSVPTemplate.php @@ -0,0 +1,86 @@ + Date: Mon, 8 Dec 2025 18:45:43 +0000 Subject: [PATCH 2/6] feat: Add security schema --- ...OAuth2SummitRSVPTemplatesApiController.php | 280 +++++++++++++++--- .../Security/RSVPTemplatesAuthSchema.php | 26 ++ 2 files changed, 262 insertions(+), 44 deletions(-) create mode 100644 app/Swagger/Security/RSVPTemplatesAuthSchema.php diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php index 01a2439e4..852d8831a 100644 --- a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php +++ b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php @@ -11,8 +11,10 @@ * See the License for the specific language governing permissions and * limitations under the License. **/ +use App\Models\Foundation\Main\IGroup; use App\Models\Foundation\Summit\Events\RSVP\RSVPMultiValueQuestionTemplate; use App\Models\Foundation\Summit\Repositories\IRSVPTemplateRepository; +use App\Security\SummitScopes; use App\Services\Model\IRSVPTemplateService; use Illuminate\Http\Response; use Illuminate\Support\Facades\Log; @@ -92,7 +94,20 @@ public function __construct summary: 'Read All RSVP Templates', operationId: 'getAllRSVPTemplatesBySummit', tags: ['RSVP Templates'], - security: [['oauth2' => ['read']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::ReadAllSummitData + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -106,7 +121,7 @@ public function __construct in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'filter[]', @@ -154,7 +169,7 @@ public function __construct content: new OA\JsonContent(ref: '#/components/schemas/PaginatedRSVPTemplatesResponse') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), ] @@ -256,7 +271,20 @@ public function getAllBySummit($summit_id){ summary: 'Read RSVP Template', operationId: 'getRSVPTemplate', tags: ['RSVP Templates'], - security: [['oauth2' => ['read']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::ReadAllSummitData + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -270,7 +298,7 @@ public function getAllBySummit($summit_id){ in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -301,7 +329,7 @@ public function getAllBySummit($summit_id){ content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplate') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), ] )] @@ -349,7 +377,20 @@ public function getRSVPTemplate($summit_id, $template_id){ summary: 'Read RSVP Template Questions Metadata', operationId: 'getRSVPTemplateQuestionsMetadata', tags: ['RSVP Templates'], - security: [['oauth2' => ['read']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::ReadAllSummitData + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -363,7 +404,7 @@ public function getRSVPTemplate($summit_id, $template_id){ in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), ], responses: [ @@ -373,7 +414,7 @@ public function getRSVPTemplate($summit_id, $template_id){ content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionMetadata') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), ] )] @@ -390,14 +431,27 @@ public function getRSVPTemplateQuestionsMetadata($summit_id){ $this->rsvp_template_repository->getQuestionsMetadata($summit) ); } - + #[OA\Delete( path: "/api/v1/summits/{id}/rsvp-templates/{template_id}", description: "Delete an RSVP template", summary: 'Delete RSVP Template', operationId: 'deleteRSVPTemplate', tags: ['RSVP Templates'], - security: [['oauth2' => ['write']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::ReadAllSummitData + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -411,7 +465,7 @@ public function getRSVPTemplateQuestionsMetadata($summit_id){ in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -427,7 +481,7 @@ public function getRSVPTemplateQuestionsMetadata($summit_id){ description: "RSVP template deleted" ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), ] )] @@ -467,7 +521,21 @@ public function deleteRSVPTemplate($summit_id, $template_id){ summary: 'Create RSVP Template', operationId: 'addRSVPTemplate', tags: ['RSVP Templates'], - security: [['oauth2' => ['write']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::WriteSummitData, + SummitScopes::WriteRSVPTemplateData, + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -481,7 +549,7 @@ public function deleteRSVPTemplate($summit_id, $template_id){ in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), ], requestBody: new OA\RequestBody( @@ -495,7 +563,7 @@ public function deleteRSVPTemplate($summit_id, $template_id){ content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplate') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), @@ -552,7 +620,21 @@ public function addRSVPTemplate($summit_id){ summary: 'Update RSVP Template', operationId: 'updateRSVPTemplate', tags: ['RSVP Templates'], - security: [['oauth2' => ['write']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::WriteSummitData, + SummitScopes::WriteRSVPTemplateData, + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -566,7 +648,7 @@ public function addRSVPTemplate($summit_id){ in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -587,7 +669,7 @@ public function addRSVPTemplate($summit_id){ content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplate') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), @@ -649,7 +731,20 @@ public function updateRSVPTemplate($summit_id, $template_id){ summary: 'Read RSVP Template Question', operationId: 'getRSVPTemplateQuestion', tags: ['RSVP Templates', 'RSVP Template Questions'], - security: [['oauth2' => ['read']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::ReadAllSummitData, + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -663,7 +758,7 @@ public function updateRSVPTemplate($summit_id, $template_id){ in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -687,7 +782,7 @@ public function updateRSVPTemplate($summit_id, $template_id){ content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestion') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), ] @@ -732,7 +827,21 @@ public function getRSVPTemplateQuestion($summit_id, $template_id, $question_id){ summary: 'Create RSVP Template Question', operationId: 'addRSVPTemplateQuestion', tags: ['RSVP Templates', 'RSVP Template Questions'], - security: [['oauth2' => ['write']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::WriteSummitData, + SummitScopes::WriteRSVPTemplateData, + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -746,7 +855,7 @@ public function getRSVPTemplateQuestion($summit_id, $template_id, $question_id){ in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -767,7 +876,7 @@ public function getRSVPTemplateQuestion($summit_id, $template_id, $question_id){ content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestion') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), @@ -825,7 +934,21 @@ public function addRSVPTemplateQuestion($summit_id, $template_id){ summary: 'Update RSVP Template Question', operationId: 'updateRSVPTemplateQuestion', tags: ['RSVP Templates', 'RSVP Template Questions'], - security: [['oauth2' => ['write']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::WriteSummitData, + SummitScopes::WriteRSVPTemplateData, + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -839,7 +962,7 @@ public function addRSVPTemplateQuestion($summit_id, $template_id){ in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -867,7 +990,7 @@ public function addRSVPTemplateQuestion($summit_id, $template_id){ content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestion') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), @@ -926,7 +1049,21 @@ public function updateRSVPTemplateQuestion($summit_id, $template_id, $question_i summary: 'Delete RSVP Template Question', operationId: 'deleteRSVPTemplateQuestion', tags: ['RSVP Templates', 'RSVP Template Questions'], - security: [['oauth2' => ['write']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::WriteSummitData, + SummitScopes::WriteRSVPTemplateData, + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -940,7 +1077,7 @@ public function updateRSVPTemplateQuestion($summit_id, $template_id, $question_i in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -963,7 +1100,7 @@ public function updateRSVPTemplateQuestion($summit_id, $template_id, $question_i description: "Question deleted" ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), ] )] @@ -1008,7 +1145,20 @@ public function deleteRSVPTemplateQuestion($summit_id, $template_id, $question_i summary: 'Read RSVP Template Question Value', operationId: 'getRSVPTemplateQuestionValue', tags: ['RSVP Templates', 'RSVP Template Question Values'], - security: [['oauth2' => ['read']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::ReadAllSummitData, + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -1022,7 +1172,7 @@ public function deleteRSVPTemplateQuestion($summit_id, $template_id, $question_i in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -1053,7 +1203,7 @@ public function deleteRSVPTemplateQuestion($summit_id, $template_id, $question_i content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionValue') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), ] @@ -1105,7 +1255,21 @@ public function getRSVPTemplateQuestionValue($summit_id, $template_id, $question summary: 'Create RSVP Template Question Value', operationId: 'addRSVPTemplateQuestionValue', tags: ['RSVP Templates', 'RSVP Template Question Values'], - security: [['oauth2' => ['write']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::WriteSummitData, + SummitScopes::WriteRSVPTemplateData, + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -1119,7 +1283,7 @@ public function getRSVPTemplateQuestionValue($summit_id, $template_id, $question in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -1147,7 +1311,7 @@ public function getRSVPTemplateQuestionValue($summit_id, $template_id, $question content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionValue') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), @@ -1206,7 +1370,21 @@ public function addRSVPTemplateQuestionValue($summit_id, $template_id, $question summary: 'Update RSVP Template Question Value', operationId: 'updateRSVPTemplateQuestionValue', tags: ['RSVP Templates', 'RSVP Template Question Values'], - security: [['oauth2' => ['write']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::WriteSummitData, + SummitScopes::WriteRSVPTemplateData, + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -1220,7 +1398,7 @@ public function addRSVPTemplateQuestionValue($summit_id, $template_id, $question in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -1255,7 +1433,7 @@ public function addRSVPTemplateQuestionValue($summit_id, $template_id, $question content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionValue') ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_BAD_REQUEST, description: "Bad Request"), new OA\Response(response: Response::HTTP_PRECONDITION_FAILED, description: "Validation Error"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), @@ -1315,7 +1493,21 @@ public function updateRSVPTemplateQuestionValue($summit_id, $template_id, $quest summary: 'Delete RSVP Template Question Value', operationId: 'deleteRSVPTemplateQuestionValue', tags: ['RSVP Templates', 'RSVP Template Question Values'], - security: [['oauth2' => ['write']]], + security: [ + [ + 'summit_rsvp_templates_oauth2' => [ + SummitScopes::WriteSummitData, + SummitScopes::WriteRSVPTemplateData, + ] + ] + ], + x: [ + 'required-groups' => [ + IGroup::SuperAdmins, + IGroup::Administrators, + IGroup::SummitAdministrators, + ] + ], parameters: [ new OA\Parameter( name: 'access_token', @@ -1329,7 +1521,7 @@ public function updateRSVPTemplateQuestionValue($summit_id, $template_id, $quest in: 'path', required: true, schema: new OA\Schema(type: 'string'), - description: 'The summit id or slug' + description: 'The summit id' ), new OA\Parameter( name: 'template_id', @@ -1359,7 +1551,7 @@ public function updateRSVPTemplateQuestionValue($summit_id, $template_id, $quest description: "Value deleted" ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), - new OA\Response(response: Response::HTTP_NOT_FOUND, description: "not found"), + new OA\Response(response: Response::HTTP_NOT_FOUND, description: "Not Found"), new OA\Response(response: Response::HTTP_INTERNAL_SERVER_ERROR, description: "Server Error"), ] )] @@ -1394,4 +1586,4 @@ public function deleteRSVPTemplateQuestionValue($summit_id, $template_id, $quest return $this->error500($ex); } } -} \ No newline at end of file +} diff --git a/app/Swagger/Security/RSVPTemplatesAuthSchema.php b/app/Swagger/Security/RSVPTemplatesAuthSchema.php new file mode 100644 index 000000000..879e7793c --- /dev/null +++ b/app/Swagger/Security/RSVPTemplatesAuthSchema.php @@ -0,0 +1,26 @@ + 'Read All Summit Data', + SummitScopes::WriteSummitData => 'Write Summit Data', + SummitScopes::WriteRSVPTemplateData => 'Write RSVP Template Data', + ], + ), + ], +) +] +class RSVPTemplatesAuthSchema +{ +} From b45eaade9dc32a326e85f2a46dc607dd9ae329c1 Mon Sep 17 00:00:00 2001 From: Matias Perrone Date: Mon, 8 Dec 2025 18:47:05 +0000 Subject: [PATCH 3/6] fix: missing use class --- app/Swagger/Security/RSVPTemplatesAuthSchema.php | 1 + 1 file changed, 1 insertion(+) diff --git a/app/Swagger/Security/RSVPTemplatesAuthSchema.php b/app/Swagger/Security/RSVPTemplatesAuthSchema.php index 879e7793c..27fe29f12 100644 --- a/app/Swagger/Security/RSVPTemplatesAuthSchema.php +++ b/app/Swagger/Security/RSVPTemplatesAuthSchema.php @@ -2,6 +2,7 @@ namespace App\Swagger\schemas; +use App\Security\SummitScopes; use OpenApi\Attributes as OA; #[OA\SecurityScheme( From e7f96e9df90be3b877c530036a1d580bc75ea052 Mon Sep 17 00:00:00 2001 From: Matias Perrone Date: Mon, 8 Dec 2025 18:49:48 +0000 Subject: [PATCH 4/6] fix: security schema type --- app/Swagger/Security/RSVPTemplatesAuthSchema.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/Swagger/Security/RSVPTemplatesAuthSchema.php b/app/Swagger/Security/RSVPTemplatesAuthSchema.php index 27fe29f12..344fa6913 100644 --- a/app/Swagger/Security/RSVPTemplatesAuthSchema.php +++ b/app/Swagger/Security/RSVPTemplatesAuthSchema.php @@ -6,7 +6,7 @@ use OpenApi\Attributes as OA; #[OA\SecurityScheme( - type: 'rsvp_templates_oauth2', + type: 'oauth2', securityScheme: 'summit_rsvp_templates_oauth2', flows: [ new OA\Flow( From c2b26aad2f4b1d2e63a9e5b7a755130d0b02d578 Mon Sep 17 00:00:00 2001 From: Matias Perrone Date: Wed, 10 Dec 2025 15:12:01 +0000 Subject: [PATCH 5/6] chore: Add PR's requested changes --- .../Summit/OAuth2SummitRSVPTemplatesApiController.php | 5 +++-- app/Swagger/SummitRSVPTemplate.php | 4 +++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php index 852d8831a..0b1c40f0a 100644 --- a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php +++ b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php @@ -372,7 +372,7 @@ public function getRSVPTemplate($summit_id, $template_id){ } #[OA\Get( - path: "/api/v1/summits/{id}/rsvp-templates/metadata", + path: "/api/v1/summits/{id}/rsvp-templates/questions/metadata", description: "Get metadata about RSVP template questions (available question types, validators, etc)", summary: 'Read RSVP Template Questions Metadata', operationId: 'getRSVPTemplateQuestionsMetadata', @@ -441,7 +441,8 @@ public function getRSVPTemplateQuestionsMetadata($summit_id){ security: [ [ 'summit_rsvp_templates_oauth2' => [ - SummitScopes::ReadAllSummitData + SummitScopes::WriteSummitData, + SummitScopes::WriteRSVPTemplateData, ] ] ], diff --git a/app/Swagger/SummitRSVPTemplate.php b/app/Swagger/SummitRSVPTemplate.php index 59c09fd38..dded96204 100644 --- a/app/Swagger/SummitRSVPTemplate.php +++ b/app/Swagger/SummitRSVPTemplate.php @@ -1,5 +1,7 @@ Date: Fri, 12 Dec 2025 19:58:25 +0000 Subject: [PATCH 6/6] chore: include PR requested changes --- ...OAuth2SummitRSVPTemplatesApiController.php | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php index 0b1c40f0a..93860b4bb 100644 --- a/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php +++ b/app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php @@ -164,7 +164,7 @@ public function __construct ], responses: [ new OA\Response( - response: 200, + response: Response::HTTP_OK, description: 'List of RSVP templates', content: new OA\JsonContent(ref: '#/components/schemas/PaginatedRSVPTemplatesResponse') ), @@ -324,7 +324,7 @@ public function getAllBySummit($summit_id){ ], responses: [ new OA\Response( - response: 200, + response: Response::HTTP_OK, description: 'RSVP template details', content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplate') ), @@ -409,7 +409,7 @@ public function getRSVPTemplate($summit_id, $template_id){ ], responses: [ new OA\Response( - response: 200, + response: Response::HTTP_OK, description: 'Metadata about RSVP template questions', content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionMetadata') ), @@ -478,7 +478,7 @@ public function getRSVPTemplateQuestionsMetadata($summit_id){ ], responses: [ new OA\Response( - response: 204, + response: Response::HTTP_NO_CONTENT, description: "RSVP template deleted" ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), @@ -559,7 +559,7 @@ public function deleteRSVPTemplate($summit_id, $template_id){ ), responses: [ new OA\Response( - response: 201, + response: Response::HTTP_CREATED, description: 'RSVP template created', content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplate') ), @@ -665,7 +665,7 @@ public function addRSVPTemplate($summit_id){ ), responses: [ new OA\Response( - response: 201, + response: Response::HTTP_CREATED, description: 'RSVP template updated', content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplate') ), @@ -778,7 +778,7 @@ public function updateRSVPTemplate($summit_id, $template_id){ ], responses: [ new OA\Response( - response: 200, + response: Response::HTTP_OK, description: 'Question details', content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestion') ), @@ -872,7 +872,7 @@ public function getRSVPTemplateQuestion($summit_id, $template_id, $question_id){ ), responses: [ new OA\Response( - response: 201, + response: Response::HTTP_CREATED, description: 'Question created', content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestion') ), @@ -986,7 +986,7 @@ public function addRSVPTemplateQuestion($summit_id, $template_id){ ), responses: [ new OA\Response( - response: 201, + response: Response::HTTP_CREATED, description: 'Question updated', content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestion') ), @@ -1097,7 +1097,7 @@ public function updateRSVPTemplateQuestion($summit_id, $template_id, $question_i ], responses: [ new OA\Response( - response: 204, + response: Response::HTTP_NO_CONTENT, description: "Question deleted" ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"), @@ -1199,7 +1199,7 @@ public function deleteRSVPTemplateQuestion($summit_id, $template_id, $question_i ], responses: [ new OA\Response( - response: 200, + response: Response::HTTP_OK, description: 'Value details', content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionValue') ), @@ -1307,7 +1307,7 @@ public function getRSVPTemplateQuestionValue($summit_id, $template_id, $question ), responses: [ new OA\Response( - response: 201, + response: Response::HTTP_CREATED, description: 'Value created', content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionValue') ), @@ -1429,7 +1429,7 @@ public function addRSVPTemplateQuestionValue($summit_id, $template_id, $question ), responses: [ new OA\Response( - response: 201, + response: Response::HTTP_CREATED, description: 'Value updated', content: new OA\JsonContent(ref: '#/components/schemas/RSVPTemplateQuestionValue') ), @@ -1548,7 +1548,7 @@ public function updateRSVPTemplateQuestionValue($summit_id, $template_id, $quest ], responses: [ new OA\Response( - response: 204, + response: Response::HTTP_NO_CONTENT, description: "Value deleted" ), new OA\Response(response: Response::HTTP_UNAUTHORIZED, description: "Unauthorized"),