From d76db3cabab8734d9f23718ea048bd1f70a50dbd Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 10 Apr 2021 23:55:43 +0200 Subject: [PATCH] *: add missing error codes as swagger annotations Signed-off-by: Jens Langhammer --- authentik/admin/api/tasks.py | 15 +++--- authentik/admin/tests/test_api.py | 4 +- authentik/core/api/applications.py | 2 +- authentik/core/api/propertymappings.py | 2 +- authentik/core/api/tokens.py | 7 ++- authentik/crypto/api.py | 2 +- .../events/api/notification_transport.py | 5 +- authentik/flows/api/flows.py | 4 +- authentik/policies/api/policies.py | 2 +- authentik/providers/oauth2/api/provider.py | 7 ++- authentik/providers/saml/api.py | 7 ++- swagger.yaml | 46 +++++++++++-------- 12 files changed, 66 insertions(+), 37 deletions(-) diff --git a/authentik/admin/api/tasks.py b/authentik/admin/api/tasks.py index 2903121e5..bec34cdd1 100644 --- a/authentik/admin/api/tasks.py +++ b/authentik/admin/api/tasks.py @@ -52,6 +52,13 @@ class TaskViewSet(ViewSet): tasks = sorted(TaskInfo.all().values(), key=lambda task: task.task_name) return Response(TaskSerializer(tasks, many=True).data) + @swagger_auto_schema( + responses={ + 204: "Task retried successfully", + 404: "Task not found", + 500: "Failed to retry task", + } + ) @action(detail=True, methods=["post"]) # pylint: disable=invalid-name def retry(self, request: Request, pk=None) -> Response: @@ -70,12 +77,8 @@ class TaskViewSet(ViewSet): % {"name": task.task_name} ), ) - return Response( - { - "successful": True, - } - ) + return Response(status=204) except ImportError: # pragma: no cover # if we get an import error, the module path has probably changed task.delete() - return Response({"successful": False}) + return Response(status=500) diff --git a/authentik/admin/tests/test_api.py b/authentik/admin/tests/test_api.py index 293566875..1c2ff2266 100644 --- a/authentik/admin/tests/test_api.py +++ b/authentik/admin/tests/test_api.py @@ -39,9 +39,7 @@ class TestAdminAPI(TestCase): kwargs={"pk": "clean_expired_models"}, ) ) - self.assertEqual(response.status_code, 200) - body = loads(response.content) - self.assertTrue(body["successful"]) + self.assertEqual(response.status_code, 204) def test_tasks_retry_404(self): """Test Task API (retry, 404)""" diff --git a/authentik/core/api/applications.py b/authentik/core/api/applications.py index b43904064..504c3e591 100644 --- a/authentik/core/api/applications.py +++ b/authentik/core/api/applications.py @@ -124,7 +124,7 @@ class ApplicationViewSet(ModelViewSet): required=True, ) ], - responses={200: "Success"}, + responses={200: "Success", 400: "Bad request"}, ) @action( detail=True, diff --git a/authentik/core/api/propertymappings.py b/authentik/core/api/propertymappings.py index af579086a..da5da96cd 100644 --- a/authentik/core/api/propertymappings.py +++ b/authentik/core/api/propertymappings.py @@ -99,7 +99,7 @@ class PropertyMappingViewSet( @permission_required("authentik_core.view_propertymapping") @swagger_auto_schema( request_body=PolicyTestSerializer(), - responses={200: PropertyMappingTestResultSerializer}, + responses={200: PropertyMappingTestResultSerializer, 400: "Invalid parameters"}, ) @action(detail=True, pagination_class=None, filter_backends=[], methods=["POST"]) # pylint: disable=unused-argument, invalid-name diff --git a/authentik/core/api/tokens.py b/authentik/core/api/tokens.py index d8c9c6bdf..6b42f85c8 100644 --- a/authentik/core/api/tokens.py +++ b/authentik/core/api/tokens.py @@ -67,7 +67,12 @@ class TokenViewSet(ModelViewSet): serializer.save(user=self.request.user) @permission_required("authentik_core.view_token_key") - @swagger_auto_schema(responses={200: TokenViewSerializer(many=False)}) + @swagger_auto_schema( + responses={ + 200: TokenViewSerializer(many=False), + 404: "Token not found or expired", + } + ) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=unused-argument def view_key(self, request: Request, identifier: str) -> Response: diff --git a/authentik/crypto/api.py b/authentik/crypto/api.py index f600ec67c..4a004cb73 100644 --- a/authentik/crypto/api.py +++ b/authentik/crypto/api.py @@ -123,7 +123,7 @@ class CertificateKeyPairViewSet(ModelViewSet): @permission_required(None, ["authentik_crypto.add_certificatekeypair"]) @swagger_auto_schema( request_body=CertificateGenerationSerializer(), - responses={200: CertificateKeyPairSerializer}, + responses={200: CertificateKeyPairSerializer, 400: "Bad request"}, ) @action(detail=False, methods=["POST"]) def generate(self, request: Request) -> Response: diff --git a/authentik/events/api/notification_transport.py b/authentik/events/api/notification_transport.py index fc72d0cd4..a688f120d 100644 --- a/authentik/events/api/notification_transport.py +++ b/authentik/events/api/notification_transport.py @@ -59,7 +59,10 @@ class NotificationTransportViewSet(ModelViewSet): @permission_required("authentik_events.change_notificationtransport") @swagger_auto_schema( - responses={200: NotificationTransportTestSerializer(many=False)}, + responses={ + 200: NotificationTransportTestSerializer(many=False), + 503: "Failed to test transport", + }, request_body=no_body, ) @action(detail=True, pagination_class=None, filter_backends=[], methods=["post"]) diff --git a/authentik/flows/api/flows.py b/authentik/flows/api/flows.py index b92273517..469c78306 100644 --- a/authentik/flows/api/flows.py +++ b/authentik/flows/api/flows.py @@ -268,7 +268,7 @@ class FlowViewSet(ModelViewSet): required=True, ) ], - responses={200: "Success"}, + responses={200: "Success", 400: "Bad request"}, ) @action( detail=True, @@ -289,7 +289,7 @@ class FlowViewSet(ModelViewSet): return Response({}) @swagger_auto_schema( - responses={200: LinkSerializer(many=False)}, + responses={200: LinkSerializer(many=False), 400: "Flow not applicable"}, ) @action(detail=True, pagination_class=None, filter_backends=[]) # pylint: disable=unused-argument diff --git a/authentik/policies/api/policies.py b/authentik/policies/api/policies.py index b57ab8213..089790490 100644 --- a/authentik/policies/api/policies.py +++ b/authentik/policies/api/policies.py @@ -138,7 +138,7 @@ class PolicyViewSet( @permission_required("authentik_policies.view_policy") @swagger_auto_schema( request_body=PolicyTestSerializer(), - responses={200: PolicyTestResultSerializer()}, + responses={200: PolicyTestResultSerializer(), 400: "Invalid parameters"}, ) @action(detail=True, pagination_class=None, filter_backends=[], methods=["POST"]) # pylint: disable=unused-argument, invalid-name diff --git a/authentik/providers/oauth2/api/provider.py b/authentik/providers/oauth2/api/provider.py index 4a6e5d05d..06e3351b1 100644 --- a/authentik/providers/oauth2/api/provider.py +++ b/authentik/providers/oauth2/api/provider.py @@ -66,7 +66,12 @@ class OAuth2ProviderViewSet(ModelViewSet): queryset = OAuth2Provider.objects.all() serializer_class = OAuth2ProviderSerializer - @swagger_auto_schema(responses={200: OAuth2ProviderSetupURLs(many=False)}) + @swagger_auto_schema( + responses={ + 200: OAuth2ProviderSetupURLs(many=False), + 404: "Provider has no application assigned", + } + ) @action(methods=["GET"], detail=True) # pylint: disable=invalid-name def setup_urls(self, request: Request, pk: int) -> str: diff --git a/authentik/providers/saml/api.py b/authentik/providers/saml/api.py index 5ca0f4463..6c7519fd6 100644 --- a/authentik/providers/saml/api.py +++ b/authentik/providers/saml/api.py @@ -79,7 +79,12 @@ class SAMLProviderViewSet(ModelViewSet): queryset = SAMLProvider.objects.all() serializer_class = SAMLProviderSerializer - @swagger_auto_schema(responses={200: SAMLMetadataSerializer(many=False)}) + @swagger_auto_schema( + responses={ + 200: SAMLMetadataSerializer(many=False), + 404: "Provider has no application assigned", + } + ) @action(methods=["GET"], detail=True, permission_classes=[AllowAny]) # pylint: disable=invalid-name, unused-argument def metadata(self, request: Request, pk: int) -> Response: diff --git a/swagger.yaml b/swagger.yaml index cca4335e1..842d3fe33 100755 --- a/swagger.yaml +++ b/swagger.yaml @@ -107,17 +107,19 @@ paths: description: Retry task parameters: [] responses: - '201': - description: '' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' + '204': + description: Task retried successfully '404': description: Object does not exist or caller has insufficient permissions to access it. schema: $ref: '#/definitions/APIException' + '500': + description: Failed to retry task + '403': + description: Authentication credentials were invalid, absent or insufficient. + schema: + $ref: '#/definitions/GenericError' tags: - admin parameters: @@ -1387,6 +1389,8 @@ paths: responses: '200': description: Success + '400': + description: Bad request '403': description: Authentication credentials were invalid, absent or insufficient. schema: @@ -1844,15 +1848,15 @@ paths: description: '' schema: $ref: '#/definitions/TokenView' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' '404': description: Object does not exist or caller has insufficient permissions to access it. schema: $ref: '#/definitions/APIException' + '403': + description: Authentication credentials were invalid, absent or insufficient. + schema: + $ref: '#/definitions/GenericError' tags: - core parameters: @@ -3402,6 +3406,8 @@ paths: description: '' schema: $ref: '#/definitions/NotificationTransportTest' + '503': + description: Failed to test transport '403': description: Authentication credentials were invalid, absent or insufficient. schema: @@ -4045,6 +4051,8 @@ paths: description: '' schema: $ref: '#/definitions/Link' + '400': + description: Flow not applicable '403': description: Authentication credentials were invalid, absent or insufficient. schema: @@ -4105,6 +4113,8 @@ paths: responses: '200': description: Success + '400': + description: Bad request '403': description: Authentication credentials were invalid, absent or insufficient. schema: @@ -8748,15 +8758,15 @@ paths: description: '' schema: $ref: '#/definitions/OAuth2ProviderSetupURLs' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' '404': description: Object does not exist or caller has insufficient permissions to access it. schema: $ref: '#/definitions/APIException' + '403': + description: Authentication credentials were invalid, absent or insufficient. + schema: + $ref: '#/definitions/GenericError' tags: - providers parameters: @@ -9205,15 +9215,15 @@ paths: description: '' schema: $ref: '#/definitions/SAMLMetadata' - '403': - description: Authentication credentials were invalid, absent or insufficient. - schema: - $ref: '#/definitions/GenericError' '404': description: Object does not exist or caller has insufficient permissions to access it. schema: $ref: '#/definitions/APIException' + '403': + description: Authentication credentials were invalid, absent or insufficient. + schema: + $ref: '#/definitions/GenericError' tags: - providers parameters: