Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add forbidden and unautherized to all endpoint swagger docs #5990

Merged
merged 3 commits into from
Oct 30, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -114,10 +114,6 @@ export class FinancialServiceProvidersController {
description: 'FSP attribute created',
type: FspQuestionEntity,
})
@ApiResponse({
status: HttpStatus.FORBIDDEN,
description: 'Attribute with given name already exists for given FSP',
})
@ApiResponse({
status: HttpStatus.NOT_FOUND,
description: 'No Financial Service Provicer found with given id',
Expand Down
27 changes: 19 additions & 8 deletions services/121-service/src/guards/authenticated-user.decorator.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import { SetMetadata } from '@nestjs/common';
import { applyDecorators, HttpStatus, SetMetadata } from '@nestjs/common';
import { ApiResponse } from '@nestjs/swagger';

import { PermissionEnum } from '@121-service/src/user/enum/permission.enum';

Expand All @@ -9,10 +10,20 @@ export interface AuthenticatedUserParameters {
readonly isGuarded?: boolean;
}

export const AuthenticatedUser = (
parameters?: AuthenticatedUserParameters,
): ReturnType<typeof SetMetadata> =>
SetMetadata('authenticationParameters', {
...parameters,
isGuarded: true,
});
export const AuthenticatedUser = (parameters?: AuthenticatedUserParameters) => {
return applyDecorators(
SetMetadata('authenticationParameters', {
...parameters,
isGuarded: true,
}),
ApiResponse({
status: HttpStatus.FORBIDDEN,
RubenGeo marked this conversation as resolved.
Show resolved Hide resolved
description:
'User does not have the right permission to access this endpoint.',
}),
ApiResponse({
status: HttpStatus.UNAUTHORIZED,
description: 'Not authenticated.',
}),
);
};
4 changes: 0 additions & 4 deletions services/121-service/src/notes/notes.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,6 @@ export class NoteController {
description:
'Created new note for registration - NOTE: this endpoint is scoped, depending on program configuration it only returns/modifies data the logged in user has access to.',
})
@ApiResponse({
status: HttpStatus.UNAUTHORIZED,
description: 'No user detectable from cookie or no cookie present',
})
@ApiResponse({
status: HttpStatus.NOT_FOUND,
description:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,6 @@ export class ProgramFspConfigurationController {
'The programFspConfigurationEntity has been successfully created.',
})
@ApiResponse({ status: HttpStatus.BAD_REQUEST, description: 'Bad request.' })
@ApiResponse({ status: HttpStatus.FORBIDDEN, description: 'Forbidden.' })
@Post(':programId/fsp-configuration')
public async create(
@Body() programFspConfigurationData: CreateProgramFspConfigurationDto,
Expand All @@ -85,7 +84,6 @@ export class ProgramFspConfigurationController {
'The programFspConfigurationEntity has been successfully updated.',
})
@ApiResponse({ status: HttpStatus.BAD_REQUEST, description: 'Bad request.' })
@ApiResponse({ status: HttpStatus.FORBIDDEN, description: 'Forbidden.' })
@Put(':programId/fsp-configuration/:programFspConfigurationId')
public async update(
@Body() programFspConfigurationData: UpdateProgramFspConfigurationDto,
Expand Down Expand Up @@ -115,7 +113,6 @@ export class ProgramFspConfigurationController {
'The programFspConfigurationEntity has been successfully updated.',
})
@ApiResponse({ status: HttpStatus.BAD_REQUEST, description: 'Bad request.' })
@ApiResponse({ status: HttpStatus.FORBIDDEN, description: 'Forbidden.' })
@Delete(':programId/fsp-configuration/:programFspConfigurationId')
public async delete(
@Param('programId', ParseIntPipe)
Expand Down
6 changes: 0 additions & 6 deletions services/121-service/src/programs/programs.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -108,9 +108,6 @@ export class ProgramController {
@ApiResponse({
status: HttpStatus.BAD_REQUEST,
})
@ApiResponse({
status: HttpStatus.FORBIDDEN,
})
@ApiQuery({
name: 'importFromKobo',
required: false,
Expand Down Expand Up @@ -200,9 +197,6 @@ You can also leave the body empty.`,
required: true,
type: 'integer',
})
@ApiResponse({
status: HttpStatus.FORBIDDEN,
})
@Delete(':programId')
public async delete(
@Param('programId', ParseIntPipe)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -437,10 +437,6 @@ export class RegistrationsController {
description:
'Return registrations that match the exact phone-number - NOTE: this endpoint is scoped, depending on program configuration it only returns/modifies data the logged in user has access to.',
})
@ApiResponse({
status: HttpStatus.UNAUTHORIZED,
description: 'No user detectable from cookie or no cookie present',
})
@ApiQuery({
name: 'phonenumber',
required: true,
Expand Down
8 changes: 0 additions & 8 deletions services/121-service/src/user/user.controller.ts
Original file line number Diff line number Diff line change
Expand Up @@ -244,10 +244,6 @@ export class UserController {
description: 'Changed password of user',
type: UpdateUserDto,
})
@ApiResponse({
status: HttpStatus.UNAUTHORIZED,
description: 'No user detectable from cookie or no cookie present',
})
public async update(
@Body() userPasswordData: UpdateUserPasswordDto,
): Promise<any> {
Expand Down Expand Up @@ -279,10 +275,6 @@ export class UserController {
status: HttpStatus.OK,
description: 'User returned',
})
@ApiResponse({
status: HttpStatus.UNAUTHORIZED,
description: 'No user detectable from cookie or no cookie present',
})
public async findMe(@Req() req): Promise<UserRO> {
if (!req.user || !req.user.username) {
const errors = `No user detectable from cookie or no cookie present'`;
Expand Down
Loading