Add OpenAPI spec for AdminAPI.InviteTokenController

2 files changed, 104 insertions, 130 deletions

diff --git a/lib/pleroma/web/admin_api/controllers/invite_token_controller.ex b/lib/pleroma/web/admin_api/controllers/invite_token_controller.ex
index a0291e9c3..a09966e5c 100644
--- a/lib/pleroma/web/admin_api/controllers/invite_token_controller.ex
+++ b/lib/pleroma/web/admin_api/controllers/invite_token_controller.ex
@@ -14,6 +14,7 @@ defmodule Pleroma.Web.AdminAPI.InviteTokenController do
 
   require Logger
 
+  plug(Pleroma.Web.ApiSpec.CastAndValidate)
   plug(OAuthScopesPlug, %{scopes: ["read:invites"], admin: true} when action == :index)
 
   plug(
@@ -23,6 +24,8 @@ defmodule Pleroma.Web.AdminAPI.InviteTokenController do
 
   action_fallback(Pleroma.Web.AdminAPI.FallbackController)
 
+  defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.Admin.InviteTokenOperation
+
   @doc "Get list of created invites"
   def index(conn, _params) do
     invites = UserInviteToken.list_invites()
@@ -33,26 +36,14 @@ defmodule Pleroma.Web.AdminAPI.InviteTokenController do
   end
 
   @doc "Create an account registration invite token"
-  def create(conn, params) do
-    opts = %{}
-
-    opts =
-      if params["max_use"],
-        do: Map.put(opts, :max_use, params["max_use"]),
-        else: opts
-
-    opts =
-      if params["expires_at"],
-        do: Map.put(opts, :expires_at, params["expires_at"]),
-        else: opts
-
-    {:ok, invite} = UserInviteToken.create_invite(opts)
+  def create(%{body_params: params} = conn, _) do
+    {:ok, invite} = UserInviteToken.create_invite(params)
 
     json(conn, AccountView.render("invite.json", %{invite: invite}))
   end
 
   @doc "Revokes invite by token"
-  def revoke(conn, %{"token" => token}) do
+  def revoke(%{body_params: %{token: token}} = conn, _) do
     with {:ok, invite} <- UserInviteToken.find_by_token(token),
          {:ok, updated_invite} = UserInviteToken.update_invite(invite, %{used: true}) do
       conn
@@ -64,7 +55,7 @@ defmodule Pleroma.Web.AdminAPI.InviteTokenController do
   end
 
   @doc "Sends registration invite via email"
-  def email(%{assigns: %{user: user}} = conn, %{"email" => email} = params) do
+  def email(%{assigns: %{user: user}, body_params: %{email: email} = params} = conn, _) do
     with {_, false} <- {:registrations_open, Config.get([:instance, :registrations_open])},
          {_, true} <- {:invites_enabled, Config.get([:instance, :invites_enabled])},
          {:ok, invite_token} <- UserInviteToken.create_invite(),
@@ -73,7 +64,7 @@ defmodule Pleroma.Web.AdminAPI.InviteTokenController do
              user,
              invite_token,
              email,
-             params["name"]
+             params[:name]
            ),
          {:ok, _} <- Pleroma.Emails.Mailer.deliver(email) do
       json_response(conn, :no_content, "")
diff --git a/lib/pleroma/web/api_spec/operations/admin/invite_token_operation.ex b/lib/pleroma/web/api_spec/operations/admin/invite_token_operation.ex
index 09a7735d1..0f7403f26 100644
--- a/lib/pleroma/web/api_spec/operations/admin/invite_token_operation.ex
+++ b/lib/pleroma/web/api_spec/operations/admin/invite_token_operation.ex
@@ -5,14 +5,9 @@
 defmodule Pleroma.Web.ApiSpec.Admin.InviteTokenOperation do
   alias OpenApiSpex.Operation
   alias OpenApiSpex.Schema
-  alias Pleroma.Web.ApiSpec.Schemas.Account
   alias Pleroma.Web.ApiSpec.Schemas.ApiError
-  alias Pleroma.Web.ApiSpec.Schemas.FlakeID
-  alias Pleroma.Web.ApiSpec.Schemas.Status
-  alias Pleroma.Web.ApiSpec.Schemas.VisibilityScope
 
   import Pleroma.Web.ApiSpec.Helpers
-  import Pleroma.Web.ApiSpec.StatusOperation, only: [id_param: 0]
 
   def open_api_operation(action) do
     operation = String.to_existing_atom("#{action}_operation")
@@ -21,144 +16,132 @@ defmodule Pleroma.Web.ApiSpec.Admin.InviteTokenOperation do
 
   def index_operation do
     %Operation{
-      tags: ["Admin", "Statuses"],
-      operationId: "AdminAPI.StatusController.index",
-      security: [%{"oAuth" => ["read:statuses"]}],
-      parameters: [
-        Operation.parameter(
-          :godmode,
-          :query,
-          %Schema{type: :boolean, default: false},
-          "Allows to see private statuses"
-        ),
-        Operation.parameter(
-          :local_only,
-          :query,
-          %Schema{type: :boolean, default: false},
-          "Excludes remote statuses"
-        ),
-        Operation.parameter(
-          :with_reblogs,
-          :query,
-          %Schema{type: :boolean, default: false},
-          "Allows to see reblogs"
-        ),
-        Operation.parameter(
-          :page,
-          :query,
-          %Schema{type: :integer, default: 1},
-          "Page"
-        ),
-        Operation.parameter(
-          :page_size,
-          :query,
-          %Schema{type: :integer, default: 50},
-          "Number of statuses to return"
-        )
-      ],
+      tags: ["Admin", "Invites"],
+      summary: "Get a list of generated invites",
+      operationId: "AdminAPI.InviteTokenController.index",
+      security: [%{"oAuth" => ["read:invites"]}],
       responses: %{
         200 =>
-          Operation.response("Array of statuses", "application/json", %Schema{
-            type: :array,
-            items: status()
+          Operation.response("Intites", "application/json", %Schema{
+            type: :object,
+            properties: %{
+              invites: %Schema{type: :array, items: invite()}
+            },
+            example: %{
+              "invites" => [
+                %{
+                  "id" => 123,
+                  "token" => "kSQtDj_GNy2NZsL9AQDFIsHN5qdbguB6qRg3WHw6K1U=",
+                  "used" => true,
+                  "expires_at" => nil,
+                  "uses" => 0,
+                  "max_use" => nil,
+                  "invite_type" => "one_time"
+                }
+              ]
+            }
           })
       }
     }
   end
 
-  def show_operation do
+  def create_operation do
     %Operation{
-      tags: ["Admin", "Statuses"],
-      summary: "Show Status",
-      operationId: "AdminAPI.StatusController.show",
-      parameters: [id_param()],
-      security: [%{"oAuth" => ["read:statuses"]}],
+      tags: ["Admin", "Invites"],
+      summary: "Create an account registration invite token",
+      operationId: "AdminAPI.InviteTokenController.create",
+      security: [%{"oAuth" => ["write:invites"]}],
+      requestBody:
+        request_body("Parameters", %Schema{
+          type: :object,
+          properties: %{
+            max_use: %Schema{type: :integer},
+            expires_at: %Schema{type: :string, format: :date, example: "2020-04-20"}
+          }
+        }),
       responses: %{
-        200 => Operation.response("Status", "application/json", Status),
-        404 => Operation.response("Not Found", "application/json", ApiError)
+        200 => Operation.response("Invite", "application/json", invite())
       }
     }
   end
 
-  def update_operation do
+  def revoke_operation do
     %Operation{
-      tags: ["Admin", "Statuses"],
-      summary: "Change the scope of an individual reported status",
-      operationId: "AdminAPI.StatusController.update",
-      parameters: [id_param()],
-      security: [%{"oAuth" => ["write:statuses"]}],
-      requestBody: request_body("Parameters", update_request(), required: true),
+      tags: ["Admin", "Invites"],
+      summary: "Revoke invite by token",
+      operationId: "AdminAPI.InviteTokenController.revoke",
+      security: [%{"oAuth" => ["write:invites"]}],
+      requestBody:
+        request_body(
+          "Parameters",
+          %Schema{
+            type: :object,
+            required: [:token],
+            properties: %{
+              token: %Schema{type: :string}
+            }
+          },
+          required: true
+        ),
       responses: %{
-        200 => Operation.response("Status", "application/json", Status),
-        400 => Operation.response("Error", "application/json", ApiError)
+        200 => Operation.response("Invite", "application/json", invite()),
+        400 => Operation.response("Bad Request", "application/json", ApiError),
+        404 => Operation.response("Not Found", "application/json", ApiError)
       }
     }
   end
 
-  def delete_operation do
+  def email_operation do
     %Operation{
-      tags: ["Admin", "Statuses"],
-      summary: "Delete an individual reported status",
-      operationId: "AdminAPI.StatusController.delete",
-      parameters: [id_param()],
-      security: [%{"oAuth" => ["write:statuses"]}],
+      tags: ["Admin", "Invites"],
+      summary: "Sends registration invite via email",
+      operationId: "AdminAPI.InviteTokenController.email",
+      security: [%{"oAuth" => ["write:invites"]}],
+      requestBody:
+        request_body(
+          "Parameters",
+          %Schema{
+            type: :object,
+            required: [:email],
+            properties: %{
+              email: %Schema{type: :string, format: :email},
+              name: %Schema{type: :string}
+            }
+          },
+          required: true
+        ),
       responses: %{
-        200 => empty_object_response(),
-        404 => Operation.response("Not Found", "application/json", ApiError)
+        204 => no_content_response(),
+        400 => Operation.response("Bad Request", "application/json", ApiError),
+        403 => Operation.response("Forbidden", "application/json", ApiError)
       }
     }
   end
 
-  defp status do
-    %Schema{
-      anyOf: [
-        Status,
-        %Schema{
-          type: :object,
-          properties: %{
-            account: %Schema{allOf: [Account, admin_account()]}
-          }
-        }
-      ]
-    }
-  end
-
-  defp admin_account do
+  defp invite do
     %Schema{
+      title: "Invite",
       type: :object,
       properties: %{
-        id: FlakeID,
-        avatar: %Schema{type: :string},
-        nickname: %Schema{type: :string},
-        display_name: %Schema{type: :string},
-        deactivated: %Schema{type: :boolean},
-        local: %Schema{type: :boolean},
-        roles: %Schema{
-          type: :object,
-          properties: %{
-            admin: %Schema{type: :boolean},
-            moderator: %Schema{type: :boolean}
-          }
-        },
-        tags: %Schema{type: :string},
-        confirmation_pending: %Schema{type: :string}
-      }
-    }
-  end
-
-  defp update_request do
-    %Schema{
-      type: :object,
-      properties: %{
-        sensitive: %Schema{
-          type: :boolean,
-          description: "Mark status and attached media as sensitive?"
-        },
-        visibility: VisibilityScope
+        id: %Schema{type: :integer},
+        token: %Schema{type: :string},
+        used: %Schema{type: :boolean},
+        expires_at: %Schema{type: :string, format: :date, nullable: true},
+        uses: %Schema{type: :integer},
+        max_use: %Schema{type: :integer, nullable: true},
+        invite_type: %Schema{
+          type: :string,
+          enum: ["one_time", "reusable", "date_limited", "reusable_date_limited"]
+        }
       },
       example: %{
-        "visibility" => "private",
-        "sensitive" => "false"
+        "id" => 123,
+        "token" => "kSQtDj_GNy2NZsL9AQDFIsHN5qdbguB6qRg3WHw6K1U=",
+        "used" => true,
+        "expires_at" => nil,
+        "uses" => 0,
+        "max_use" => nil,
+        "invite_type" => "one_time"
       }
     }
   end