Compare commits

...

1 Commits

Author SHA1 Message Date
Owen a2c96ea2f7 Add aliaes for public/private resources 2026-07-09 20:23:19 -04:00
58 changed files with 1816 additions and 60 deletions
@@ -73,6 +73,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/access-token",
description: "Generate a new access token for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.AccessToken],
request: {
params: generateAccssTokenParamsSchema,
body: {
content: {
"application/json": {
schema: generateAccessTokenBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function generateAccessToken( export async function generateAccessToken(
req: Request, req: Request,
res: Response, res: Response,
@@ -176,6 +176,35 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/access-tokens",
description: "List all access tokens for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.AccessToken],
request: {
params: z.object({
resourceId: z.number()
}),
query: listAccessTokensSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listAccessTokens( export async function listAccessTokens(
req: Request, req: Request,
res: Response, res: Response,
+168 -60
View File
@@ -162,7 +162,7 @@ authenticated.get(
// Site Resource endpoints // Site Resource endpoints
authenticated.put( authenticated.put(
"/org/:orgId/site-resource", ["/org/:orgId/site-resource", "/org/:orgId/private-resource"],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createSiteResource), verifyApiKeyHasAction(ActionsEnum.createSiteResource),
@@ -171,7 +171,10 @@ authenticated.put(
); );
authenticated.get( authenticated.get(
"/org/:orgId/site/:siteId/resources", [
"/org/:orgId/site/:siteId/resources",
"/org/:orgId/site/:siteId/private-resources"
],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyApiKeySiteAccess, verifyApiKeySiteAccess,
verifyApiKeyHasAction(ActionsEnum.listSiteResources), verifyApiKeyHasAction(ActionsEnum.listSiteResources),
@@ -179,21 +182,21 @@ authenticated.get(
); );
authenticated.get( authenticated.get(
"/org/:orgId/site-resources", ["/org/:orgId/site-resources", "/org/:orgId/private-resources"],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.listSiteResources), verifyApiKeyHasAction(ActionsEnum.listSiteResources),
siteResource.listAllSiteResourcesByOrg siteResource.listAllSiteResourcesByOrg
); );
authenticated.get( authenticated.get(
"/site-resource/:siteResourceId", ["/site-resource/:siteResourceId", "/private-resource/:siteResourceId"],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyHasAction(ActionsEnum.getSiteResource), verifyApiKeyHasAction(ActionsEnum.getSiteResource),
siteResource.getSiteResource siteResource.getSiteResource
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId", ["/site-resource/:siteResourceId", "/private-resource/:siteResourceId"],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.updateSiteResource), verifyApiKeyHasAction(ActionsEnum.updateSiteResource),
@@ -202,7 +205,7 @@ authenticated.post(
); );
authenticated.delete( authenticated.delete(
"/site-resource/:siteResourceId", ["/site-resource/:siteResourceId", "/private-resource/:siteResourceId"],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyHasAction(ActionsEnum.deleteSiteResource), verifyApiKeyHasAction(ActionsEnum.deleteSiteResource),
logActionAudit(ActionsEnum.deleteSiteResource), logActionAudit(ActionsEnum.deleteSiteResource),
@@ -210,28 +213,40 @@ authenticated.delete(
); );
authenticated.get( authenticated.get(
"/site-resource/:siteResourceId/roles", [
"/site-resource/:siteResourceId/roles",
"/private-resource/:siteResourceId/roles"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceRoles), verifyApiKeyHasAction(ActionsEnum.listResourceRoles),
siteResource.listSiteResourceRoles siteResource.listSiteResourceRoles
); );
authenticated.get( authenticated.get(
"/site-resource/:siteResourceId/users", [
"/site-resource/:siteResourceId/users",
"/private-resource/:siteResourceId/users"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceUsers), verifyApiKeyHasAction(ActionsEnum.listResourceUsers),
siteResource.listSiteResourceUsers siteResource.listSiteResourceUsers
); );
authenticated.get( authenticated.get(
"/site-resource/:siteResourceId/clients", [
"/site-resource/:siteResourceId/clients",
"/private-resource/:siteResourceId/clients"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceUsers), verifyApiKeyHasAction(ActionsEnum.listResourceUsers),
siteResource.listSiteResourceClients siteResource.listSiteResourceClients
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/roles", [
"/site-resource/:siteResourceId/roles",
"/private-resource/:siteResourceId/roles"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -241,7 +256,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/users", [
"/site-resource/:siteResourceId/users",
"/private-resource/:siteResourceId/users"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -251,7 +269,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/roles/add", [
"/site-resource/:siteResourceId/roles/add",
"/private-resource/:siteResourceId/roles/add"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -261,7 +282,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/roles/remove", [
"/site-resource/:siteResourceId/roles/remove",
"/private-resource/:siteResourceId/roles/remove"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -271,7 +295,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/users/add", [
"/site-resource/:siteResourceId/users/add",
"/private-resource/:siteResourceId/users/add"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -281,7 +308,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/users/remove", [
"/site-resource/:siteResourceId/users/remove",
"/private-resource/:siteResourceId/users/remove"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -291,7 +321,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/clients", [
"/site-resource/:siteResourceId/clients",
"/private-resource/:siteResourceId/clients"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceClients, verifyApiKeySetResourceClients,
verifyLimits, verifyLimits,
@@ -301,7 +334,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/clients/add", [
"/site-resource/:siteResourceId/clients/add",
"/private-resource/:siteResourceId/clients/add"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceClients, verifyApiKeySetResourceClients,
verifyLimits, verifyLimits,
@@ -311,7 +347,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/site-resource/:siteResourceId/clients/remove", [
"/site-resource/:siteResourceId/clients/remove",
"/private-resource/:siteResourceId/clients/remove"
],
verifyApiKeySiteResourceAccess, verifyApiKeySiteResourceAccess,
verifyApiKeySetResourceClients, verifyApiKeySetResourceClients,
verifyLimits, verifyLimits,
@@ -321,7 +360,7 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/client/:clientId/site-resources", ["/client/:clientId/site-resources", "/client/:clientId/private-resources"],
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourceUsers), verifyApiKeyHasAction(ActionsEnum.setResourceUsers),
logActionAudit(ActionsEnum.setResourceUsers), logActionAudit(ActionsEnum.setResourceUsers),
@@ -329,7 +368,7 @@ authenticated.post(
); );
authenticated.put( authenticated.put(
"/org/:orgId/resource", ["/org/:orgId/resource", "/org/:orgId/public-resource"],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createResource), verifyApiKeyHasAction(ActionsEnum.createResource),
@@ -338,7 +377,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/org/:orgId/site/:siteId/resource", [
"/org/:orgId/site/:siteId/resource",
"/org/:orgId/site/:siteId/public-resource"
],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createResource), verifyApiKeyHasAction(ActionsEnum.createResource),
@@ -347,14 +389,14 @@ authenticated.put(
); );
authenticated.get( authenticated.get(
"/site/:siteId/resources", ["/site/:siteId/resources", "/site/:siteId/public-resources"],
verifyApiKeySiteAccess, verifyApiKeySiteAccess,
verifyApiKeyHasAction(ActionsEnum.listResources), verifyApiKeyHasAction(ActionsEnum.listResources),
resource.listResources resource.listResources
); );
authenticated.get( authenticated.get(
"/org/:orgId/resources", ["/org/:orgId/resources", "/org/:orgId/public-resources"],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.listResources), verifyApiKeyHasAction(ActionsEnum.listResources),
resource.listResources resource.listResources
@@ -442,42 +484,45 @@ authenticated.delete(
); );
authenticated.get( authenticated.get(
"/resource/:resourceId/roles", ["/resource/:resourceId/roles", "/public-resource/:resourceId/roles"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceRoles), verifyApiKeyHasAction(ActionsEnum.listResourceRoles),
resource.listResourceRoles resource.listResourceRoles
); );
authenticated.get( authenticated.get(
"/resource/:resourceId/users", ["/resource/:resourceId/users", "/public-resource/:resourceId/users"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceUsers), verifyApiKeyHasAction(ActionsEnum.listResourceUsers),
resource.listResourceUsers resource.listResourceUsers
); );
authenticated.get( authenticated.get(
"/resource/:resourceId", ["/resource/:resourceId", "/public-resource/:resourceId"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.getResource), verifyApiKeyHasAction(ActionsEnum.getResource),
resource.getResource resource.getResource
); );
authenticated.get( authenticated.get(
"/resource-policy/:resourcePolicyId", [
"/resource-policy/:resourcePolicyId",
"/public-resource-policy/:resourcePolicyId"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyApiKeyHasAction(ActionsEnum.getResourcePolicy), verifyApiKeyHasAction(ActionsEnum.getResourcePolicy),
policy.getResourcePolicy policy.getResourcePolicy
); );
authenticated.get( authenticated.get(
"/resource/:resourceId/policies", ["/resource/:resourceId/policies", "/public-resource/:resourceId/policies"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.getResourcePolicy), verifyApiKeyHasAction(ActionsEnum.getResourcePolicy),
resource.getResourcePolicies resource.getResourcePolicies
); );
authenticated.post( authenticated.post(
"/resource/:resourceId", ["/resource/:resourceId", "/public-resource/:resourceId"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.updateResource), verifyApiKeyHasAction(ActionsEnum.updateResource),
@@ -486,14 +531,17 @@ authenticated.post(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId", [
"/resource-policy/:resourcePolicyId",
"/public-resource-policy/:resourcePolicyId"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyApiKeyHasAction(ActionsEnum.updateResourcePolicy), verifyApiKeyHasAction(ActionsEnum.updateResourcePolicy),
policy.updateResourcePolicy policy.updateResourcePolicy
); );
authenticated.delete( authenticated.delete(
"/resource/:resourceId", ["/resource/:resourceId", "/public-resource/:resourceId"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.deleteResource), verifyApiKeyHasAction(ActionsEnum.deleteResource),
logActionAudit(ActionsEnum.deleteResource), logActionAudit(ActionsEnum.deleteResource),
@@ -501,7 +549,7 @@ authenticated.delete(
); );
authenticated.put( authenticated.put(
"/resource/:resourceId/target", ["/resource/:resourceId/target", "/public-resource/:resourceId/target"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createTarget), verifyApiKeyHasAction(ActionsEnum.createTarget),
@@ -510,14 +558,14 @@ authenticated.put(
); );
authenticated.get( authenticated.get(
"/resource/:resourceId/targets", ["/resource/:resourceId/targets", "/public-resource/:resourceId/targets"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listTargets), verifyApiKeyHasAction(ActionsEnum.listTargets),
target.listTargets target.listTargets
); );
authenticated.put( authenticated.put(
"/resource/:resourceId/rule", ["/resource/:resourceId/rule", "/public-resource/:resourceId/rule"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.createResourceRule), verifyApiKeyHasAction(ActionsEnum.createResourceRule),
@@ -526,14 +574,17 @@ authenticated.put(
); );
authenticated.get( authenticated.get(
"/resource/:resourceId/rules", ["/resource/:resourceId/rules", "/public-resource/:resourceId/rules"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listResourceRules), verifyApiKeyHasAction(ActionsEnum.listResourceRules),
resource.listResourceRules resource.listResourceRules
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/rule/:ruleId", [
"/resource/:resourceId/rule/:ruleId",
"/public-resource/:resourceId/rule/:ruleId"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.updateResourceRule), verifyApiKeyHasAction(ActionsEnum.updateResourceRule),
@@ -542,7 +593,10 @@ authenticated.post(
); );
authenticated.delete( authenticated.delete(
"/resource/:resourceId/rule/:ruleId", [
"/resource/:resourceId/rule/:ruleId",
"/public-resource/:resourceId/rule/:ruleId"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.deleteResourceRule), verifyApiKeyHasAction(ActionsEnum.deleteResourceRule),
logActionAudit(ActionsEnum.deleteResourceRule), logActionAudit(ActionsEnum.deleteResourceRule),
@@ -624,7 +678,7 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/roles", ["/resource/:resourceId/roles", "/public-resource/:resourceId/roles"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -634,7 +688,7 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/users", ["/resource/:resourceId/users", "/public-resource/:resourceId/users"],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -644,7 +698,10 @@ authenticated.post(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/access-control", [
"/resource-policy/:resourcePolicyId/access-control",
"/public-resource-policy/:resourcePolicyId/access-control"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -656,7 +713,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/password", [
"/resource-policy/:resourcePolicyId/password",
"/public-resource-policy/:resourcePolicyId/password"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePolicyPassword), verifyApiKeyHasAction(ActionsEnum.setResourcePolicyPassword),
@@ -665,7 +725,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/pincode", [
"/resource-policy/:resourcePolicyId/pincode",
"/public-resource-policy/:resourcePolicyId/pincode"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePolicyPincode), verifyApiKeyHasAction(ActionsEnum.setResourcePolicyPincode),
@@ -674,7 +737,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/header-auth", [
"/resource-policy/:resourcePolicyId/header-auth",
"/public-resource-policy/:resourcePolicyId/header-auth"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePolicyHeaderAuth), verifyApiKeyHasAction(ActionsEnum.setResourcePolicyHeaderAuth),
@@ -683,7 +749,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/whitelist", [
"/resource-policy/:resourcePolicyId/whitelist",
"/public-resource-policy/:resourcePolicyId/whitelist"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePolicyWhitelist), verifyApiKeyHasAction(ActionsEnum.setResourcePolicyWhitelist),
@@ -692,7 +761,10 @@ authenticated.put(
); );
authenticated.put( authenticated.put(
"/resource-policy/:resourcePolicyId/rules", [
"/resource-policy/:resourcePolicyId/rules",
"/public-resource-policy/:resourcePolicyId/rules"
],
verifyApiKeyResourcePolicyAccess, verifyApiKeyResourcePolicyAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePolicyRules), verifyApiKeyHasAction(ActionsEnum.setResourcePolicyRules),
@@ -701,7 +773,10 @@ authenticated.put(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/roles/add", [
"/resource/:resourceId/roles/add",
"/public-resource/:resourceId/roles/add"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -711,7 +786,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/roles/remove", [
"/resource/:resourceId/roles/remove",
"/public-resource/:resourceId/roles/remove"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyRoleAccess, verifyApiKeyRoleAccess,
verifyLimits, verifyLimits,
@@ -721,7 +799,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/users/add", [
"/resource/:resourceId/users/add",
"/public-resource/:resourceId/users/add"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -731,7 +812,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
"/resource/:resourceId/users/remove", [
"/resource/:resourceId/users/remove",
"/public-resource/:resourceId/users/remove"
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeySetResourceUsers, verifyApiKeySetResourceUsers,
verifyLimits, verifyLimits,
@@ -741,7 +825,7 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/password`, [`/resource/:resourceId/password`, `/public-resource/:resourceId/password`],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePassword), verifyApiKeyHasAction(ActionsEnum.setResourcePassword),
@@ -750,7 +834,7 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/pincode`, [`/resource/:resourceId/pincode`, `/public-resource/:resourceId/pincode`],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourcePincode), verifyApiKeyHasAction(ActionsEnum.setResourcePincode),
@@ -759,7 +843,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/header-auth`, [
`/resource/:resourceId/header-auth`,
`/public-resource/:resourceId/header-auth`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourceHeaderAuth), verifyApiKeyHasAction(ActionsEnum.setResourceHeaderAuth),
@@ -768,7 +855,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/whitelist`, [
`/resource/:resourceId/whitelist`,
`/public-resource/:resourceId/whitelist`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist), verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist),
@@ -777,7 +867,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/whitelist/add`, [
`/resource/:resourceId/whitelist/add`,
`/public-resource/:resourceId/whitelist/add`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist), verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist),
@@ -785,7 +878,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/whitelist/remove`, [
`/resource/:resourceId/whitelist/remove`,
`/public-resource/:resourceId/whitelist/remove`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist), verifyApiKeyHasAction(ActionsEnum.setResourceWhitelist),
@@ -793,14 +889,20 @@ authenticated.post(
); );
authenticated.get( authenticated.get(
`/resource/:resourceId/whitelist`, [
`/resource/:resourceId/whitelist`,
`/public-resource/:resourceId/whitelist`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.getResourceWhitelist), verifyApiKeyHasAction(ActionsEnum.getResourceWhitelist),
resource.getResourceWhitelist resource.getResourceWhitelist
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/access-token`, [
`/resource/:resourceId/access-token`,
`/public-resource/:resourceId/access-token`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyLimits, verifyLimits,
verifyApiKeyHasAction(ActionsEnum.generateAccessToken), verifyApiKeyHasAction(ActionsEnum.generateAccessToken),
@@ -809,7 +911,10 @@ authenticated.post(
); );
authenticated.post( authenticated.post(
`/resource/:resourceId/session-token`, [
`/resource/:resourceId/session-token`,
`/public-resource/:resourceId/session-token`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyUserAccess, verifyApiKeyUserAccess,
verifyLimits, verifyLimits,
@@ -834,7 +939,10 @@ authenticated.get(
); );
authenticated.get( authenticated.get(
`/resource/:resourceId/access-tokens`, [
`/resource/:resourceId/access-tokens`,
`/public-resource/:resourceId/access-tokens`
],
verifyApiKeyResourceAccess, verifyApiKeyResourceAccess,
verifyApiKeyHasAction(ActionsEnum.listAccessTokens), verifyApiKeyHasAction(ActionsEnum.listAccessTokens),
accessToken.listAccessTokens accessToken.listAccessTokens
@@ -1164,7 +1272,7 @@ authenticated.get(
); );
authenticated.get( authenticated.get(
"/org/:orgId/resource-names", ["/org/:orgId/resource-names", "/org/:orgId/public-resource-names"],
verifyApiKeyOrgAccess, verifyApiKeyOrgAccess,
verifyApiKeyHasAction(ActionsEnum.listResources), verifyApiKeyHasAction(ActionsEnum.listResources),
resource.listAllResourceNames resource.listAllResourceNames
@@ -191,6 +191,19 @@ registry.registerPath({
responses: {} responses: {}
}); });
registry.registerPath({
method: "get",
path: "/public-resource-policy/{resourcePolicyId}",
description: "Get a resource policy by its resourcePolicyId.",
tags: [OpenAPITags.Policy],
request: {
params: z.object({
resourcePolicyId: z.number()
})
},
responses: {}
});
export async function getResourcePolicy( export async function getResourcePolicy(
req: Request, req: Request,
res: Response, res: Response,
@@ -54,6 +54,25 @@ registry.registerPath({
responses: {} responses: {}
}); });
registry.registerPath({
method: "post",
path: "/public-resource-policy/{resourceId}/access-control",
description:
"Set access control users for a resource policy, including SSO, users, roles, Identity provider.",
tags: [OpenAPITags.Policy, OpenAPITags.User],
request: {
params: setResourcePolicyAccessControlParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyAcccessControlBodySchema
}
}
}
},
responses: {}
});
export async function setResourcePolicyAccessControl( export async function setResourcePolicyAccessControl(
req: Request, req: Request,
res: Response, res: Response,
@@ -43,6 +43,25 @@ registry.registerPath({
responses: {} responses: {}
}); });
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}/header-auth",
description:
"Set or update the header authentication for a resource policy. If user and password is not provided, it will remove the header authentication.",
tags: [OpenAPITags.Policy],
request: {
params: setResourcePolicyHeaderAuthParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyHeaderAuthBodySchema
}
}
}
},
responses: {}
});
export async function setResourcePolicyHeaderAuth( export async function setResourcePolicyHeaderAuth(
req: Request, req: Request,
res: Response, res: Response,
@@ -38,6 +38,25 @@ registry.registerPath({
responses: {} responses: {}
}); });
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}/password",
description:
"Set the password for a resource policy. Setting the password to null will remove it.",
tags: [OpenAPITags.Policy],
request: {
params: setResourcePolicyPasswordParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyPasswordBodySchema
}
}
}
},
responses: {}
});
export async function setResourcePolicyPassword( export async function setResourcePolicyPassword(
req: Request, req: Request,
res: Response, res: Response,
@@ -41,6 +41,25 @@ registry.registerPath({
responses: {} responses: {}
}); });
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}/pincode",
description:
"Set the PIN code for a resource policy. Setting the PIN code to null will remove it.",
tags: [OpenAPITags.Policy],
request: {
params: setResourcePolicyPincodeParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyPincodeBodySchema
}
}
}
},
responses: {}
});
export async function setResourcePolicyPincode( export async function setResourcePolicyPincode(
req: Request, req: Request,
res: Response, res: Response,
@@ -61,6 +61,25 @@ registry.registerPath({
responses: {} responses: {}
}); });
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}/rules",
description:
"Set all rules for a resource policy at once. This will replace all existing rules.",
tags: [OpenAPITags.Policy],
request: {
params: setResourcePolicyRulesParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyRulesBodySchema
}
}
}
},
responses: {}
});
export async function setResourcePolicyRules( export async function setResourcePolicyRules(
req: Request, req: Request,
res: Response, res: Response,
@@ -46,6 +46,25 @@ registry.registerPath({
responses: {} responses: {}
}); });
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}/whitelist",
description:
"Set email whitelist for a resource policy. This will replace all existing emails.",
tags: [OpenAPITags.Policy],
request: {
params: setResourcePolicyWhitelistParamsSchema,
body: {
content: {
"application/json": {
schema: setResourcePolicyWhitelistBodySchema
}
}
}
},
responses: {}
});
export async function setResourcePolicyWhitelist( export async function setResourcePolicyWhitelist(
req: Request, req: Request,
res: Response, res: Response,
@@ -36,6 +36,24 @@ registry.registerPath({
responses: {} responses: {}
}); });
registry.registerPath({
method: "put",
path: "/public-resource-policy/{resourcePolicyId}",
description: "Update a resource policy.",
tags: [OpenAPITags.Org, OpenAPITags.Policy],
request: {
params: updateResourcePolicyParamsSchema,
body: {
content: {
"application/json": {
schema: updateResourcePolicyBodySchema
}
}
}
},
responses: {}
});
export async function updateResourcePolicy( export async function updateResourcePolicy(
req: Request, req: Request,
res: Response, res: Response,
@@ -63,6 +63,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/whitelist/add",
description: "Add a single email to the resource whitelist.",
tags: [OpenAPITags.PublicResource],
request: {
params: addEmailToResourceWhitelistParamsSchema,
body: {
content: {
"application/json": {
schema: addEmailToResourceWhitelistBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function addEmailToResourceWhitelist( export async function addEmailToResourceWhitelist(
req: Request, req: Request,
res: Response, res: Response,
@@ -59,6 +59,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/roles/add",
description:
"Add a single role to a resource. When the resource has an inline policy defined (no shared resource policy assigned), the role is added to the inline policy instead of directly to the resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Role],
request: {
params: addRoleToResourceParamsSchema,
body: {
content: {
"application/json": {
schema: addRoleToResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function addRoleToResource( export async function addRoleToResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -59,6 +59,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/users/add",
description:
"Add a single user to a resource. When the resource has an inline policy defined (no shared resource policy assigned), the user is added to the inline policy instead of directly to the resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.User],
request: {
params: addUserToResourceParamsSchema,
body: {
content: {
"application/json": {
schema: addUserToResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function addUserToResource( export async function addUserToResource(
req: Request, req: Request,
res: Response, res: Response,
+33
View File
@@ -182,6 +182,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "put",
path: "/org/{orgId}/public-resource",
description: "Create a resource.",
tags: [OpenAPITags.PublicResource],
request: {
params: createResourceParamsSchema,
body: {
content: {
"application/json": {
schema: createHttpResourceSchema.or(createRawResourceSchema)
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function createResource( export async function createResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -61,6 +61,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "put",
path: "/public-resource/{resourceId}/rule",
description: "Create a resource rule.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Rule],
request: {
params: createResourceRuleParamsSchema,
body: {
content: {
"application/json": {
schema: createResourceRuleSchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function createResourceRule( export async function createResourceRule(
req: Request, req: Request,
res: Response, res: Response,
+26
View File
@@ -44,6 +44,32 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "delete",
path: "/public-resource/{resourceId}",
description: "Delete a resource.",
tags: [OpenAPITags.PublicResource],
request: {
params: deleteResourceSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function deleteResource( export async function deleteResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -41,6 +41,32 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "delete",
path: "/public-resource/{resourceId}/rule/{ruleId}",
description: "Delete a resource rule.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Rule],
request: {
params: deleteResourceRuleSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function deleteResourceRule( export async function deleteResourceRule(
req: Request, req: Request,
res: Response, res: Response,
+28
View File
@@ -116,6 +116,34 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}",
description: "Get a resource by resourceId.",
tags: [OpenAPITags.PublicResource],
request: {
params: z.object({
resourceId: z.number()
})
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function getResource( export async function getResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -33,6 +33,17 @@ registry.registerPath({
responses: {} responses: {}
}); });
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/policies",
description: "Get the inline and shared policies associated with a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Policy],
request: {
params: getResourcePoliciesParamsSchema
},
responses: {}
});
export async function getResourcePolicies( export async function getResourcePolicies(
req: Request, req: Request,
res: Response, res: Response,
@@ -66,6 +66,32 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/whitelist",
description: "Get the whitelist of emails for a specific resource.",
tags: [OpenAPITags.PublicResource],
request: {
params: getResourceWhitelistSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function getResourceWhitelist( export async function getResourceWhitelist(
req: Request, req: Request,
res: Response, res: Response,
@@ -57,6 +57,34 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/org/{orgId}/public-resource-names",
description: "List all resource names for an organization.",
tags: [OpenAPITags.PublicResource],
request: {
params: z.object({
orgId: z.string()
})
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listAllResourceNames( export async function listAllResourceNames(
req: Request, req: Request,
res: Response, res: Response,
@@ -70,6 +70,32 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/roles",
description: "List all roles for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Role],
request: {
params: listResourceRolesSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listResourceRoles( export async function listResourceRoles(
req: Request, req: Request,
res: Response, res: Response,
@@ -94,6 +94,33 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/rules",
description: "List rules for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Rule],
request: {
params: listResourceRulesParamsSchema,
query: listResourceRulesSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listResourceRules( export async function listResourceRules(
req: Request, req: Request,
res: Response, res: Response,
@@ -60,6 +60,32 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/users",
description: "List all users for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.User],
request: {
params: listResourceUsersSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listResourceUsers( export async function listResourceUsers(
req: Request, req: Request,
res: Response, res: Response,
+29
View File
@@ -425,6 +425,35 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/org/{orgId}/public-resources",
description: "List resources for an organization.",
tags: [OpenAPITags.PublicResource],
request: {
params: z.object({
orgId: z.string()
}),
query: listResourcesSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listResources( export async function listResources(
req: Request, req: Request,
res: Response, res: Response,
@@ -63,6 +63,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/whitelist/remove",
description: "Remove a single email from the resource whitelist.",
tags: [OpenAPITags.PublicResource],
request: {
params: removeEmailFromResourceWhitelistParamsSchema,
body: {
content: {
"application/json": {
schema: removeEmailFromResourceWhitelistBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function removeEmailFromResourceWhitelist( export async function removeEmailFromResourceWhitelist(
req: Request, req: Request,
res: Response, res: Response,
@@ -58,6 +58,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/roles/remove",
description: "Remove a single role from a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Role],
request: {
params: removeRoleFromResourceParamsSchema,
body: {
content: {
"application/json": {
schema: removeRoleFromResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function removeRoleFromResource( export async function removeRoleFromResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -58,6 +58,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/users/remove",
description: "Remove a single user from a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.User],
request: {
params: removeUserFromResourceParamsSchema,
body: {
content: {
"application/json": {
schema: removeUserFromResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function removeUserFromResource( export async function removeUserFromResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -60,6 +60,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/header-auth",
description:
"Set or update the header authentication for a resource. If user and password is not provided, it will remove the header authentication.",
tags: [OpenAPITags.PublicResource],
request: {
params: setResourceAuthMethodsParamsSchema,
body: {
content: {
"application/json": {
schema: setResourceAuthMethodsBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function setResourceHeaderAuth( export async function setResourceHeaderAuth(
req: Request, req: Request,
res: Response, res: Response,
@@ -58,6 +58,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/password",
description:
"Set the password for a resource. Setting the password to null will remove it.",
tags: [OpenAPITags.PublicResource],
request: {
params: setResourceAuthMethodsParamsSchema,
body: {
content: {
"application/json": {
schema: setResourceAuthMethodsBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function setResourcePassword( export async function setResourcePassword(
req: Request, req: Request,
res: Response, res: Response,
@@ -58,6 +58,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/pincode",
description:
"Set the PIN code for a resource. Setting the PIN code to null will remove it.",
tags: [OpenAPITags.PublicResource],
request: {
params: setResourceAuthMethodsParamsSchema,
body: {
content: {
"application/json": {
schema: setResourceAuthMethodsBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function setResourcePincode( export async function setResourcePincode(
req: Request, req: Request,
res: Response, res: Response,
@@ -52,6 +52,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/roles",
description:
"Set roles for a resource. This will replace all existing roles. When the resource has an inline policy defined (no shared resource policy assigned), roles are set on the inline policy instead of directly on the resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Role],
request: {
params: setResourceRolesParamsSchema,
body: {
content: {
"application/json": {
schema: setResourceRolesBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function setResourceRoles( export async function setResourceRoles(
req: Request, req: Request,
res: Response, res: Response,
@@ -52,6 +52,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/users",
description:
"Set users for a resource. This will replace all existing users. When the resource has an inline policy defined (no shared resource policy assigned), users are set on the inline policy instead of directly on the resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.User],
request: {
params: setUserResourcesParamsSchema,
body: {
content: {
"application/json": {
schema: setUserResourcesBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function setResourceUsers( export async function setResourceUsers(
req: Request, req: Request,
res: Response, res: Response,
@@ -66,6 +66,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/whitelist",
description:
"Set email whitelist for a resource. This will replace all existing emails.",
tags: [OpenAPITags.PublicResource],
request: {
params: setResourceWhitelistParamsSchema,
body: {
content: {
"application/json": {
schema: setResourceWhitelistBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function setResourceWhitelist( export async function setResourceWhitelist(
req: Request, req: Request,
res: Response, res: Response,
+36
View File
@@ -273,6 +273,42 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}",
description:
"Update a resource. Policy fields (sso, mfa, pincode, password, whitelist) update the inline policy when no shared resource policy is assigned; when a shared policy is assigned those fields override the shared policy for this resource only.",
tags: [OpenAPITags.PublicResource],
request: {
params: updateResourceParamsSchema,
body: {
content: {
"application/json": {
schema: updateHttpResourceBodySchema.and(
updateRawResourceBodySchema
)
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function updateResource( export async function updateResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -78,6 +78,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/public-resource/{resourceId}/rule/{ruleId}",
description: "Update a resource rule.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Rule],
request: {
params: updateResourceRuleParamsSchema,
body: {
content: {
"application/json": {
schema: updateResourceRuleSchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function updateResourceRule( export async function updateResourceRule(
req: Request, req: Request,
res: Response, res: Response,
@@ -62,6 +62,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/clients/add",
description:
"Add a single client to a site resource. Clients with a userId cannot be added.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Client],
request: {
params: addClientToSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: addClientToSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function addClientToSiteResource( export async function addClientToSiteResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -62,6 +62,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/roles/add",
description: "Add a single role to a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Role],
request: {
params: addRoleToSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: addRoleToSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function addRoleToSiteResource( export async function addRoleToSiteResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -62,6 +62,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/users/add",
description: "Add a single user to a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.User],
request: {
params: addUserToSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: addUserToSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function addUserToSiteResource( export async function addUserToSiteResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -67,6 +67,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/client/{clientId}/private-resources",
description: "Add a machine client to multiple site resources at once.",
tags: [OpenAPITags.Client],
request: {
params: batchAddClientToSiteResourcesParamsSchema,
body: {
content: {
"application/json": {
schema: batchAddClientToSiteResourcesBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function batchAddClientToSiteResources( export async function batchAddClientToSiteResources(
req: Request, req: Request,
res: Response, res: Response,
@@ -237,6 +237,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "put",
path: "/org/{orgId}/private-resource",
description: "Create a new site resource.",
tags: [OpenAPITags.PrivateResource],
request: {
params: createSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: createSiteResourceSchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function createSiteResource( export async function createSiteResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -49,6 +49,32 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "delete",
path: "/private-resource/{siteResourceId}",
description: "Delete a site resource.",
tags: [OpenAPITags.PrivateResource],
request: {
params: deleteSiteResourceParamsSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function deleteSiteResource( export async function deleteSiteResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -83,6 +83,36 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/private-resource/{siteResourceId}",
description: "Get a specific site resource by siteResourceId.",
tags: [OpenAPITags.PrivateResource],
request: {
params: z.object({
siteResourceId: z.number(),
siteId: z.number(),
orgId: z.string()
})
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
registry.registerPath({ registry.registerPath({
method: "get", method: "get",
path: "/org/{orgId}/site/{siteId}/resource/nice/{niceId}", path: "/org/{orgId}/site/{siteId}/resource/nice/{niceId}",
@@ -244,6 +244,33 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/org/{orgId}/private-resources",
description: "List all site resources for an organization.",
tags: [OpenAPITags.PrivateResource],
request: {
params: listAllSiteResourcesByOrgParamsSchema,
query: listAllSiteResourcesByOrgQuerySchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listAllSiteResourcesByOrg( export async function listAllSiteResourcesByOrg(
req: Request, req: Request,
res: Response, res: Response,
@@ -61,6 +61,32 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/private-resource/{siteResourceId}/clients",
description: "List all clients for a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Client],
request: {
params: listSiteResourceClientsSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listSiteResourceClients( export async function listSiteResourceClients(
req: Request, req: Request,
res: Response, res: Response,
@@ -62,6 +62,32 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/private-resource/{siteResourceId}/roles",
description: "List all roles for a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Role],
request: {
params: listSiteResourceRolesSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listSiteResourceRoles( export async function listSiteResourceRoles(
req: Request, req: Request,
res: Response, res: Response,
@@ -65,6 +65,32 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/private-resource/{siteResourceId}/users",
description: "List all users for a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.User],
request: {
params: listSiteResourceUsersSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listSiteResourceUsers( export async function listSiteResourceUsers(
req: Request, req: Request,
res: Response, res: Response,
@@ -81,6 +81,33 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/org/{orgId}/site/{siteId}/private-resources",
description: "List site resources for a site.",
tags: [OpenAPITags.PrivateResource],
request: {
params: listSiteResourcesParamsSchema,
query: listSiteResourcesQuerySchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listSiteResources( export async function listSiteResources(
req: Request, req: Request,
res: Response, res: Response,
@@ -62,6 +62,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/clients/remove",
description:
"Remove a single client from a site resource. Clients with a userId cannot be removed.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Client],
request: {
params: removeClientFromSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: removeClientFromSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function removeClientFromSiteResource( export async function removeClientFromSiteResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -62,6 +62,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/roles/remove",
description: "Remove a single role from a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Role],
request: {
params: removeRoleFromSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: removeRoleFromSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function removeRoleFromSiteResource( export async function removeRoleFromSiteResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -62,6 +62,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/users/remove",
description: "Remove a single user from a site resource.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.User],
request: {
params: removeUserFromSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: removeUserFromSiteResourceBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function removeUserFromSiteResource( export async function removeUserFromSiteResource(
req: Request, req: Request,
res: Response, res: Response,
@@ -62,6 +62,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/clients",
description:
"Set clients for a site resource. This will replace all existing clients. Clients with a userId cannot be added.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Client],
request: {
params: setSiteResourceClientsParamsSchema,
body: {
content: {
"application/json": {
schema: setSiteResourceClientsBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function setSiteResourceClients( export async function setSiteResourceClients(
req: Request, req: Request,
res: Response, res: Response,
@@ -63,6 +63,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/roles",
description:
"Set roles for a site resource. This will replace all existing roles.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.Role],
request: {
params: setSiteResourceRolesParamsSchema,
body: {
content: {
"application/json": {
schema: setSiteResourceRolesBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function setSiteResourceRoles( export async function setSiteResourceRoles(
req: Request, req: Request,
res: Response, res: Response,
@@ -64,6 +64,40 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}/users",
description:
"Set users for a site resource. This will replace all existing users.",
tags: [OpenAPITags.PrivateResource, OpenAPITags.User],
request: {
params: setSiteResourceUsersParamsSchema,
body: {
content: {
"application/json": {
schema: setSiteResourceUsersBodySchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function setSiteResourceUsers( export async function setSiteResourceUsers(
req: Request, req: Request,
res: Response, res: Response,
@@ -237,6 +237,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "post",
path: "/private-resource/{siteResourceId}",
description: "Update a site resource.",
tags: [OpenAPITags.PrivateResource],
request: {
params: updateSiteResourceParamsSchema,
body: {
content: {
"application/json": {
schema: updateSiteResourceSchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function updateSiteResource( export async function updateSiteResource(
req: Request, req: Request,
res: Response, res: Response,
+33
View File
@@ -122,6 +122,39 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "put",
path: "/public-resource/{resourceId}/target",
description: "Create a target for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Target],
request: {
params: createTargetParamsSchema,
body: {
content: {
"application/json": {
schema: createTargetSchema
}
}
}
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function createTarget( export async function createTarget(
req: Request, req: Request,
res: Response, res: Response,
+27
View File
@@ -115,6 +115,33 @@ registry.registerPath({
} }
}); });
registry.registerPath({
method: "get",
path: "/public-resource/{resourceId}/targets",
description: "List targets for a resource.",
tags: [OpenAPITags.PublicResource, OpenAPITags.Target],
request: {
params: listTargetsParamsSchema,
query: listTargetsSchema
},
responses: {
200: {
description: "Successful response",
content: {
"application/json": {
schema: z.object({
data: z.record(z.string(), z.any()).nullable(),
success: z.boolean(),
error: z.boolean(),
message: z.string(),
status: z.number()
})
}
}
}
}
});
export async function listTargets( export async function listTargets(
req: Request, req: Request,
res: Response, res: Response,