diff --git a/.github/workflows/api-tests.yml b/.github/workflows/api-tests.yml index 93657f827a..76aa0dea81 100644 --- a/.github/workflows/api-tests.yml +++ b/.github/workflows/api-tests.yml @@ -32,12 +32,13 @@ env: USER_SECRET: 12345678 DOMAIN_NAME: demo-test USERS_URL: http://localhost:9002 + DOMAIN_URL: http://localhost:9003 CLIENTS_URL: http://localhost:9006 CHANNELS_URL: http://localhost:9005 GROUPS_URL: http://localhost:9004 HTTP_ADAPTER_URL: http://localhost:8008 INVITATIONS_URL: http://localhost:9020 - AUTH_URL: http://localhost:8189 + AUTH_URL: http://localhost:9001 BOOTSTRAP_URL: http://localhost:9013 CERTS_URL: http://localhost:9019 PROVISION_URL: http://localhost:9016 @@ -201,7 +202,17 @@ jobs: checks: all report: false args: '--header "Authorization: Bearer ${{ env.USER_TOKEN }}" --contrib-openapi-formats-uuid --hypothesis-suppress-health-check=filter_too_much --stateful=links' - + + - name: Run Domains API tests + if: steps.changes.outputs.domains == 'true' + uses: schemathesis/action@v1 + with: + schema: api/openapi/domains.yml + base-url: ${{ env.DOMAIN_URL }} + checks: all + report: false + args: '--header "Authorization: Bearer ${{ env.USER_TOKEN }}" --contrib-openapi-formats-uuid --hypothesis-suppress-health-check=filter_too_much --stateful=links' + - name: Run Journal API tests if: steps.changes.outputs.journal == 'true' uses: schemathesis/action@v1 diff --git a/Makefile b/Makefile index 4088a3638c..02141b0501 100644 --- a/Makefile +++ b/Makefile @@ -174,7 +174,7 @@ test_api_channels: TEST_API_URL := http://localhost:9005 test_api_groups: TEST_API_URL := http://localhost:9004 test_api_http: TEST_API_URL := http://localhost:8008 test_api_invitations: TEST_API_URL := http://localhost:9020 -test_api_auth: TEST_API_URL := http://localhost:8189 +test_api_auth: TEST_API_URL := http://localhost:9001 test_api_bootstrap: TEST_API_URL := http://localhost:9013 test_api_certs: TEST_API_URL := http://localhost:9019 test_api_provision: TEST_API_URL := http://localhost:9016 diff --git a/api/openapi/auth.yml b/api/openapi/auth.yml index 88decc407c..d3b2a12e82 100644 --- a/api/openapi/auth.yml +++ b/api/openapi/auth.yml @@ -13,11 +13,11 @@ info: license: name: Apache 2.0 url: https://github.com/absmach/supermq/blob/main/LICENSE - version: 0.14.0 + version: 0.15.1 servers: - - url: http://localhost:8189 - - url: https://localhost:8189 + - url: http://localhost:9001 + - url: https://localhost:9001 tags: - name: Keys @@ -25,295 +25,13 @@ tags: externalDocs: description: Find out more about keys url: https://docs.supermq.abstractmachines.fr/ - - - name: Domains - description: Everything about your Domains. - externalDocs: - description: Find out more about domains - url: https://docs.supermq.abstractmachines.fr/ - - name: Health description: Service health check endpoint. externalDocs: description: Find out more about health check url: https://docs.supermq.abstractmachines.fr/ - paths: - /domains: - post: - tags: - - Domains - summary: Adds new domain - description: | - Adds new domain. - requestBody: - $ref: "#/components/requestBodies/DomainCreateReq" - responses: - "201": - $ref: "#/components/responses/DomainCreateRes" - "400": - description: Failed due to malformed JSON. - "401": - description: Missing or invalid access token provided. - "409": - description: Failed due to using an existing alias. - "415": - description: Missing or invalid content type. - "422": - description: Database can't process request. - "500": - $ref: "#/components/responses/ServiceError" - get: - summary: Retrieves list of domains. - description: | - Retrieves list of domains that the user have access. - parameters: - - $ref: "#/components/parameters/Limit" - - $ref: "#/components/parameters/Offset" - - $ref: "#/components/parameters/Metadata" - - $ref: "#/components/parameters/Status" - - $ref: "#/components/parameters/DomainName" - - $ref: "#/components/parameters/Permission" - tags: - - Domains - security: - - bearerAuth: [] - responses: - "200": - $ref: "#/components/responses/DomainsPageRes" - "400": - description: Failed due to malformed query parameters. - "401": - description: Missing or invalid access token provided. - "404": - description: A non-existent entity request. - "422": - description: Database can't process request. - "500": - $ref: "#/components/responses/ServiceError" - - /domains/{domainID}: - get: - summary: Retrieves domain information - description: | - Retrieves a specific domain that is identified by the domain ID. - tags: - - Domains - parameters: - - $ref: "#/components/parameters/DomainID" - security: - - bearerAuth: [] - responses: - "200": - $ref: "#/components/responses/DomainRes" - "400": - description: Failed due to malformed query parameters. - "401": - description: Missing or invalid access token provided. - "404": - description: A non-existent entity request. - "422": - description: Database can't process request. - "500": - $ref: "#/components/responses/ServiceError" - - patch: - summary: Updates name, metadata, tags and alias of the domain. - description: | - Updates name, metadata, tags and alias of the domain. - tags: - - Domains - parameters: - - $ref: "#/components/parameters/DomainID" - requestBody: - $ref: "#/components/requestBodies/DomainUpdateReq" - security: - - bearerAuth: [] - responses: - "200": - $ref: "#/components/responses/DomainRes" - "400": - description: Failed due to malformed JSON. - "401": - description: Missing or invalid access token provided. - "403": - description: Unauthorized access to domain id. - "404": - description: Failed due to non existing domain. - "415": - description: Missing or invalid content type. - "500": - $ref: "#/components/responses/ServiceError" - - /domains/{domainID}/permissions: - get: - summary: Retrieves user permissions on domain. - description: | - Retrieves user permissions on domain that is identified by the domain ID. - tags: - - Domains - parameters: - - $ref: "#/components/parameters/DomainID" - security: - - bearerAuth: [] - responses: - "200": - $ref: "#/components/responses/DomainPermissionRes" - "400": - description: Malformed entity specification. - "401": - description: Missing or invalid access token provided. - "403": - description: Failed authorization over the domain. - "404": - description: A non-existent entity request. - "422": - description: Database can't process request. - "500": - $ref: "#/components/responses/ServiceError" - /domains/{domainID}/enable: - post: - summary: Enables a domain - description: | - Enables a specific domain that is identified by the domain ID. - tags: - - Domains - parameters: - - $ref: "#/components/parameters/DomainID" - security: - - bearerAuth: [] - responses: - "200": - description: Successfully enabled domain. - "400": - description: Failed due to malformed domain's ID. - "401": - description: Missing or invalid access token provided. - "403": - description: Unauthorized access the domain ID. - "404": - description: A non-existent entity request. - "422": - description: Database can't process request. - "500": - $ref: "#/components/responses/ServiceError" - - /domains/{domainID}/disable: - post: - summary: Disable a domain - description: | - Disable a specific domain that is identified by the domain ID. - tags: - - Domains - parameters: - - $ref: "#/components/parameters/DomainID" - security: - - bearerAuth: [] - responses: - "200": - description: Successfully disabled domain. - "400": - description: Failed due to malformed domain's ID. - "401": - description: Missing or invalid access token provided. - "403": - description: Unauthorized access the domain ID. - "404": - description: A non-existent entity request. - "422": - description: Database can't process request. - "500": - $ref: "#/components/responses/ServiceError" - - /domains/{domainID}/freeze: - post: - summary: Freeze a domain - description: | - Freeze a specific domain that is identified by the domain ID. - tags: - - Domains - parameters: - - $ref: "#/components/parameters/DomainID" - security: - - bearerAuth: [] - responses: - "200": - description: Successfully freezed domain. - "400": - description: Failed due to malformed domain's ID. - "401": - description: Missing or invalid access token provided. - "403": - description: Unauthorized access the domain ID. - "404": - description: A non-existent entity request. - "422": - description: Database can't process request. - "500": - $ref: "#/components/responses/ServiceError" - - /domains/{domainID}/users/assign: - post: - summary: Assign users to domain - description: | - Assign users to domain that is identified by the domain ID. - tags: - - Domains - parameters: - - $ref: "#/components/parameters/DomainID" - requestBody: - $ref: "#/components/requestBodies/AssignUserReq" - security: - - bearerAuth: [] - responses: - "200": - description: Users successfully assigned to domain. - "400": - description: Failed due to malformed domain's ID. - "401": - description: Missing or invalid access token provided. - "403": - description: Unauthorized access the domain ID. - "404": - description: A non-existent entity request. - "409": - description: Conflict of data. - "422": - description: Database can't process request. - "500": - $ref: "#/components/responses/ServiceError" - - /domains/{domainID}/users/unassign: - post: - summary: Unassign user from domain - description: | - Unassign user from domain that is identified by the domain ID. - tags: - - Domains - parameters: - - $ref: "#/components/parameters/DomainID" - requestBody: - $ref: "#/components/requestBodies/UnassignUsersReq" - security: - - bearerAuth: [] - responses: - "204": - description: Users successfully unassigned from domain. - "400": - description: Failed due to malformed domain's ID. - "401": - description: Missing or invalid access token provided. - "403": - description: Unauthorized access the domain ID. - "404": - description: A non-existent entity request. - "409": - description: Conflict of data. - "422": - description: Database can't process request. - "500": - $ref: "#/components/responses/ServiceError" /keys: post: operationId: issueKey @@ -379,41 +97,6 @@ paths: description: A non-existent entity request. "500": $ref: "#/components/responses/ServiceError" - - /users/{userID}/domains: - get: - tags: - - Domains - summary: Lists domains associated with a user. - description: | - Retrieves a list of domains associated with a user. Due to performance concerns, data - is retrieved in subsets. The API must ensure that the entire - dataset is consumed either by making subsequent requests, or by - increasing the subset size of the initial request. - parameters: - - $ref: "users.yml#/components/parameters/UserID" - - $ref: "#/components/parameters/Limit" - - $ref: "#/components/parameters/Offset" - - $ref: "#/components/parameters/Metadata" - - $ref: "#/components/parameters/Status" - security: - - bearerAuth: [] - responses: - "200": - $ref: "#/components/responses/DomainsPageRes" - "400": - description: Failed due to malformed query parameters. - "401": - description: | - Missing or invalid access token provided. - This endpoint is available only for administrators. - "404": - description: A non-existent entity request. - "422": - description: Database can't process request. - "500": - $ref: "#/components/responses/ServiceError" - /health: get: summary: Retrieves service health check info. @@ -428,174 +111,6 @@ paths: components: schemas: - DomainReqObj: - type: object - properties: - name: - type: string - example: domainName - description: Domain name. - tags: - type: array - minItems: 0 - items: - type: string - example: ["tag1", "tag2"] - description: domain tags. - metadata: - type: object - example: { "domain": "example.com" } - description: Arbitrary, object-encoded domain's data. - alias: - type: string - example: domain alias - description: Domain alias. - required: - - name - - alias - Domain: - type: object - properties: - id: - type: string - format: uuid - example: bb7edb32-2eac-4aad-aebe-ed96fe073879 - description: Domain unique identifier. - name: - type: string - example: domainName - description: Domain name. - tags: - type: array - minItems: 0 - items: - type: string - example: ["tag1", "tag2"] - description: domain tags. - metadata: - type: object - example: { "domain": "example.com" } - description: Arbitrary, object-encoded domain's data. - alias: - type: string - example: domain alias - description: Domain alias. - status: - type: string - description: Domain Status - format: string - example: enabled - created_by: - type: string - format: uuid - example: "0d837f56-3f8a-4e2a-9359-6347d0fc9f06 " - description: User ID of the user who created the domain. - created_at: - type: string - format: date-time - example: "2019-11-26 13:31:52" - description: Time when the domain was created. - updated_by: - type: string - format: uuid - example: "80f66b77-ed74-4e74-9f88-6cce9a0a3049" - description: User ID of the user who last updated the domain. - updated_at: - type: string - format: date-time - example: "2019-11-26 13:31:52" - description: Time when the domain was last updated. - xml: - name: domain - - DomainsPage: - type: object - properties: - domains: - type: array - minItems: 0 - uniqueItems: true - items: - $ref: "#/components/schemas/Domain" - total: - type: integer - example: 1 - description: Total number of items. - offset: - type: integer - description: Number of items to skip during retrieval. - limit: - type: integer - example: 10 - description: Maximum number of items to return in one page. - required: - - domains - - total - - offset - DomainUpdate: - type: object - properties: - name: - type: string - example: domainName - description: Domain name. - tags: - type: array - minItems: 0 - items: - type: string - example: ["tag1", "tag2"] - description: domain tags. - metadata: - type: object - example: { "domain": "example.com" } - description: Arbitrary, object-encoded client's data. - alias: - type: string - example: domain alias - description: Domain alias. - Permissions: - type: object - properties: - permissions: - type: array - minItems: 0 - items: - type: string - description: Permissions - - AssignUserDomainRelationReq: - type: object - properties: - user_ids: - type: array - minItems: 1 - items: - type: string - description: Users IDs - example: - [ - "5dc1ce4b-7cc9-4f12-98a6-9d74cc4980bb", - "c01ed106-e52d-4aa4-bed3-39f360177cfa", - ] - relation: - type: string - enum: ["administrator", "editor", "contributor", "member", "guest"] - example: "administrator" - description: Policy relations. - required: - - user_ids - - relation - UnassignUserDomainRelationReq: - type: object - properties: - user_id: - type: string - format: uuid - example: bb7edb32-2eac-4aad-aebe-ed96fe073879 - description: User unique identifier. - required: - - user_id Key: type: object properties: @@ -718,36 +233,6 @@ components: required: false requestBodies: - DomainCreateReq: - description: JSON-formatted document describing the new domain to be registered - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/DomainReqObj" - DomainUpdateReq: - description: JSON-formated document describing the name, alias, tags, and metadata of the domain to be updated - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/DomainUpdate" - AssignUserReq: - description: JSON-formated document describing the policy related to assigning users to a domain - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/AssignUserDomainRelationReq" - - UnassignUsersReq: - description: JSON-formated document describing the policy related to unassigning user from a domain - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/UnassignUserDomainRelationReq" - KeyRequest: description: JSON-formatted document describing key request. required: true @@ -769,39 +254,6 @@ components: responses: ServiceError: description: Unexpected server-side error occurred. - - DomainCreateRes: - description: Create new domain. - headers: - Location: - schema: - type: string - format: url - description: Registered domain relative URL in the format `/domains/` - content: - application/json: - schema: - $ref: "#/components/schemas/Domain" - - DomainRes: - description: Data retrieved. - content: - application/json: - schema: - $ref: "#/components/schemas/Domain" - DomainPermissionRes: - description: Data retrieved. - content: - application/json: - schema: - $ref: "#/components/schemas/Permissions" - DomainsPageRes: - description: Data retrieved. - content: - application/json: - schema: - $ref: "#/components/schemas/DomainsPage" - KeyRes: description: Data retrieved. content: @@ -819,7 +271,7 @@ components: content: application/health+json: schema: - $ref: "./schemas/HealthInfo.yml" + $ref: "./schemas/health_info.yml" securitySchemes: bearerAuth: diff --git a/api/openapi/bootstrap.yml b/api/openapi/bootstrap.yml index 1642612456..b64ec96da0 100644 --- a/api/openapi/bootstrap.yml +++ b/api/openapi/bootstrap.yml @@ -421,9 +421,6 @@ components: client_cert: type: string description: Client certificate. - ca_cert: - type: string - description: Issuing CA certificate. required: - client_id - client_key diff --git a/api/openapi/domains.yml b/api/openapi/domains.yml new file mode 100644 index 0000000000..699501e644 --- /dev/null +++ b/api/openapi/domains.yml @@ -0,0 +1,930 @@ +# Copyright (c) Abstract Machines +# SPDX-License-Identified: Apache-2.0 + +openapi: 3.0.3 +info: + title: Magistrala Domains Service + description: | + This is the Domains Server based on the OpenAPI 3.0 specification. It is the HTTP API for managing platform domains. You can now help us improve the API whether it's by making changes to the definition itself or to the code. + Some useful links: + - [The Magistrala repository](https://github.com/absmach/magistrala) + contact: + email: info@abstractmachines.fr + license: + name: Apache 2.0 + url: https://github.com/absmach/magistrala/blob/main/LICENSE + version: 0.15.1 + +servers: + - url: http://localhost:9003 + - url: https://localhost:9003 + +tags: + - name: Domains + description: CRUD operations for your domains + externalDocs: + description: Find out more about domains + url: https://docs.magistrala.abstractmachines.fr/ + - name: Roles + description: All operations involving roles for clients + externalDocs: + description: Find out more about roles + url: https://docs.supermq.abstractmachines.fr/ + - name: Health + description: Service health check endpoint. + externalDocs: + description: Find out more about health check + url: https://docs.magistrala.abstractmachines.fr/ + +paths: + /domains: + post: + tags: + - Domains + summary: Adds new domain + description: | + Adds new domain. + requestBody: + $ref: "#/components/requestBodies/DomainCreateReq" + responses: + "201": + $ref: "#/components/responses/DomainCreateRes" + "400": + description: Failed due to malformed JSON. + "401": + description: Missing or invalid access token provided. + "409": + description: Failed due to using an existing alias. + "415": + description: Missing or invalid content type. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + get: + summary: Retrieves list of domains. + description: | + Retrieves list of domains that the user have access. + parameters: + - $ref: "#/components/parameters/Limit" + - $ref: "#/components/parameters/Offset" + - $ref: "#/components/parameters/Metadata" + - $ref: "#/components/parameters/Status" + - $ref: "#/components/parameters/DomainName" + - $ref: "#/components/parameters/Permission" + tags: + - Domains + security: + - bearerAuth: [] + responses: + "200": + $ref: "#/components/responses/DomainsPageRes" + "400": + description: Failed due to malformed query parameters. + "401": + description: Missing or invalid access token provided. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}: + get: + summary: Retrieves domain information + description: | + Retrieves a specific domain that is identified by the domain ID. + tags: + - Domains + parameters: + - $ref: "#/components/parameters/DomainID" + security: + - bearerAuth: [] + responses: + "200": + $ref: "#/components/responses/DomainRes" + "400": + description: Failed due to malformed query parameters. + "401": + description: Missing or invalid access token provided. + "403": + description: Unauthorized access to domain id. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + patch: + summary: Updates name, metadata, tags and alias of the domain. + description: | + Updates name, metadata, tags and alias of the domain. + tags: + - Domains + parameters: + - $ref: "#/components/parameters/DomainID" + requestBody: + $ref: "#/components/requestBodies/DomainUpdateReq" + security: + - bearerAuth: [] + responses: + "200": + $ref: "#/components/responses/DomainRes" + "400": + description: Failed due to malformed JSON. + "401": + description: Missing or invalid access token provided. + "403": + description: Unauthorized access to domain id. + "404": + description: Failed due to non existing domain. + "415": + description: Missing or invalid content type. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/enable: + post: + summary: Enables a domain + description: | + Enables a specific domain that is identified by the domain ID. + tags: + - Domains + parameters: + - $ref: "#/components/parameters/DomainID" + security: + - bearerAuth: [] + responses: + "200": + description: Successfully enabled domain. + "400": + description: Failed due to malformed domain's ID. + "401": + description: Missing or invalid access token provided. + "403": + description: Unauthorized access the domain ID. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/disable: + post: + summary: Disable a domain + description: | + Disable a specific domain that is identified by the domain ID. + tags: + - Domains + parameters: + - $ref: "#/components/parameters/DomainID" + security: + - bearerAuth: [] + responses: + "200": + description: Successfully disabled domain. + "400": + description: Failed due to malformed domain's ID. + "401": + description: Missing or invalid access token provided. + "403": + description: Unauthorized access the domain ID. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/freeze: + post: + summary: Freeze a domain + description: | + Freeze a specific domain that is identified by the domain ID. + tags: + - Domains + parameters: + - $ref: "#/components/parameters/DomainID" + security: + - bearerAuth: [] + responses: + "200": + description: Successfully freezed domain. + "400": + description: Failed due to malformed domain's ID. + "401": + description: Missing or invalid access token provided. + "403": + description: Unauthorized access the domain ID. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/roles: + post: + operationId: createDomainRole + summary: Creates a role for a domain + description: | + Creates a role for a specific domain that is identified by the domain ID. + tags: + - Roles + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + requestBody: + $ref: "./schemas/roles.yml#/components/requestBodies/CreateRoleReq" + security: + - bearerAuth: [] + responses: + "201": + $ref: "./schemas/roles.yml#/components/responses/CreateRoleRes" + "400": + description: Failed due to malformed domain's ID. + "401": + description: Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + get: + operationId: listDomainRoles + tags: + - Roles + summary: Retrieves domains roles. + description: | + Retrieves a list of domain roles. Due to performance concerns, data + is retrieved in subsets. The API domains must ensure that the entire + dataset is consumed either by making subsequent requests, or by + increasing the subset size of the initial request. + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "#/components/parameters/Limit" + - $ref: "#/components/parameters/Offset" + security: + - bearerAuth: [] + responses: + "200": + $ref: "./schemas/roles.yml#/components/responses/ListRolesRes" + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/roles/{roleName}: + get: + operationId: getDomainRole + tags: + - Roles + summary: Retrieves domain role. + description: | + Retrieves a specific domain role that is identified by the role name. + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + security: + - bearerAuth: [] + responses: + "200": + $ref: "./schemas/roles.yml#/components/responses/GetRoleRes" + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + put: + operationId: updateDomainRole + summary: Updates domain role. + description: | + Updates a specific domain role that is identified by the role name. + tags: + - Roles + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + requestBody: + $ref: "./schemas/roles.yml#/components/requestBodies/UpdateRoleReq" + security: + - bearerAuth: [] + responses: + "200": + $ref: "./schemas/roles.yml#/components/responses/GetRoleRes" + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + delete: + operationId: deleteDomainRole + summary: Deletes domain role. + description: | + Deletes a specific domain role that is identified by the role name. + tags: + - Roles + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + security: + - bearerAuth: [] + responses: + "204": + description: Role deleted. + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/roles/{roleName}/actions: + post: + operationId: addDomainRoleAction + summary: Adds a role action for a domain role. + description: | + Adds a role action for a specific domain role that is identified by the role name. + tags: + - Roles + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + requestBody: + $ref: "./schemas/roles.yml#/components/requestBodies/AddRoleActionsReq" + security: + - bearerAuth: [] + responses: + "200": + $ref: "./schemas/roles.yml#/components/responses/AddRoleActionsRes" + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + get: + operationId: listDomainRoleActions + tags: + - Roles + summary: Lists domain role actions. + description: | + Retrieves a list of domain role actions. + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + security: + - bearerAuth: [] + responses: + "200": + $ref: "./schemas/roles.yml#/components/responses/ListRoleActionsRes" + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/roles/{roleName}/actions/delete: + post: + operationId: deleteDomainRoleAction + summary: Deletes role actions for a domain role. + description: | + Deletes a role action for a specific domain role that is identified by the role name. + tags: + - Roles + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + requestBody: + $ref: "./schemas/roles.yml#/components/requestBodies/AddRoleActionsReq" + security: + - bearerAuth: [] + responses: + "204": + description: Role actions deleted. + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/roles/{roleName}/actions/delete-all: + post: + operationId: deleteAllDomainRoleActions + summary: Deletes all role actions for a domain role. + description: | + Deletes all role actions for a specific domain role that is identified by the role name. + tags: + - Roles + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + security: + - bearerAuth: [] + responses: + "204": + description: All role actions deleted. + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/roles/{roleName}/members: + post: + operationId: addDomainRoleMember + summary: Adds a member to a domain role. + description: | + Adds a member to a specific domain role that is identified by the role name. + tags: + - Roles + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + requestBody: + $ref: "./schemas/roles.yml#/components/requestBodies/AddRoleMembersReq" + security: + - bearerAuth: [] + responses: + "200": + $ref: "./schemas/roles.yml#/components/responses/AddRoleMembersRes" + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + get: + operationId: listDomainRoleMembers + tags: + - Roles + summary: Lists domain role members. + description: | + Retrieves a list of domain role members. + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + security: + - bearerAuth: [] + responses: + "200": + $ref: "./schemas/roles.yml#/components/responses/ListRoleMembersRes" + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/roles/{roleName}/members/delete: + post: + operationId: deleteDomainRoleMembers + summary: Deletes members from a domain role. + description: | + Deletes a member from a specific domain role that is identified by the role name. + tags: + - Roles + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + requestBody: + $ref: "./schemas/roles.yml#/components/requestBodies/AddRoleMembersReq" + security: + - bearerAuth: [] + responses: + "204": + description: Role members deleted. + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /domains/{domainID}/roles/{roleName}/members/delete-all: + post: + operationId: deleteAllDomainRoleMembers + summary: Deletes all members from a domain role. + description: | + Deletes all members from a specific domain role that is identified by the role name. + tags: + - Roles + parameters: + - $ref: "auth.yml#/components/parameters/DomainID" + - $ref: "#/components/parameters/DomainID" + - $ref: "./schemas/roles.yml#/components/parameters/RoleName" + security: + - bearerAuth: [] + responses: + "204": + description: All role members deleted. + "400": + description: Failed due to malformed query parameters. + "401": + description: | + Missing or invalid access token provided. + "403": + description: Failed to perform authorization over the entity. + "404": + description: A non-existent entity request. + "422": + description: Database can't process request. + "500": + $ref: "#/components/responses/ServiceError" + + /health: + get: + summary: Retrieves service health check info. + tags: + - Health + security: [] + responses: + "200": + $ref: "#/components/responses/HealthRes" + "500": + $ref: "#/components/responses/ServiceError" + +components: + schemas: + DomainReqObj: + type: object + properties: + name: + type: string + example: domainName + description: Domain name. + tags: + type: array + minItems: 0 + items: + type: string + example: ["tag1", "tag2"] + description: domain tags. + metadata: + type: object + example: { "domain": "example.com" } + description: Arbitrary, object-encoded domain's data. + alias: + type: string + example: domain alias + description: Domain alias. + required: + - name + - alias + Domain: + type: object + properties: + id: + type: string + format: uuid + example: bb7edb32-2eac-4aad-aebe-ed96fe073879 + description: Domain unique identified. + name: + type: string + example: domainName + description: Domain name. + tags: + type: array + minItems: 0 + items: + type: string + example: ["tag1", "tag2"] + description: domain tags. + metadata: + type: object + example: { "domain": "example.com" } + description: Arbitrary, object-encoded domain's data. + alias: + type: string + example: domain alias + description: Domain alias. + status: + type: string + description: Domain Status + format: string + example: enabled + created_by: + type: string + format: uuid + example: "0d837f56-3f8a-4e2a-9359-6347d0fc9f06 " + description: User ID of the user who created the domain. + created_at: + type: string + format: date-time + example: "2019-11-26 13:31:52" + description: Time when the domain was created. + updated_by: + type: string + format: uuid + example: "80f66b77-ed74-4e74-9f88-6cce9a0a3049" + description: User ID of the user who last updated the domain. + updated_at: + type: string + format: date-time + example: "2019-11-26 13:31:52" + description: Time when the domain was last updated. + xml: + name: domain + + DomainsPage: + type: object + properties: + domains: + type: array + minItems: 0 + uniqueItems: true + items: + $ref: "#/components/schemas/Domain" + total: + type: integer + example: 1 + description: Total number of items. + offset: + type: integer + description: Number of items to skip during retrieval. + limit: + type: integer + example: 10 + description: Maximum number of items to return in one page. + required: + - domains + - total + - offset + DomainUpdate: + type: object + properties: + name: + type: string + example: domainName + description: Domain name. + tags: + type: array + minItems: 0 + items: + type: string + example: ["tag1", "tag2"] + description: domain tags. + metadata: + type: object + example: { "domain": "example.com" } + description: Arbitrary, object-encoded domain's data. + alias: + type: string + example: domain alias + description: Domain alias. + + parameters: + DomainID: + name: domainID + description: Unique domain identified. + in: path + schema: + type: string + format: uuid + required: true + example: bb7edb32-2eac-4aad-aebe-ed96fe073879 + Status: + name: status + description: Domain status. + in: query + schema: + type: string + default: enabled + required: false + example: enabled + DomainName: + name: name + description: Domain's name. + in: query + schema: + type: string + required: false + example: "domainName" + Permission: + name: permission + description: permission. + in: query + schema: + type: string + required: false + example: "edit" + ApiKeyId: + name: keyID + description: API Key ID. + in: path + schema: + type: string + format: uuid + required: true + Limit: + name: limit + description: Size of the subset to retrieve. + in: query + schema: + type: integer + default: 10 + maximum: 100 + minimum: 1 + required: false + Offset: + name: offset + description: Number of items to skip during retrieval. + in: query + schema: + type: integer + default: 0 + minimum: 0 + required: false + Metadata: + name: metadata + description: Metadata filter. Filtering is performed matching the parameter with metadata on top level. Parameter is json. + in: query + required: false + schema: + type: object + additionalProperties: {} + Type: + name: type + description: The type of the API Key. + in: query + schema: + type: integer + default: 0 + minimum: 0 + required: false + Subject: + name: subject + description: The subject of an API Key + in: query + schema: + type: string + required: false + + requestBodies: + DomainCreateReq: + description: JSON-formatted document describing the new domain to be registered + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/DomainReqObj" + DomainUpdateReq: + description: JSON-formated document describing the name, alias, tags, and metadata of the domain to be updated + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/DomainUpdate" + + responses: + ServiceError: + description: Unexpected server-side error occurred. + + DomainCreateRes: + description: Create new domain. + headers: + Location: + schema: + type: string + format: url + description: Registered domain relative URL in the format `/domains/` + content: + application/json: + schema: + $ref: "#/components/schemas/Domain" + + DomainRes: + description: Data retrieved. + content: + application/json: + schema: + $ref: "#/components/schemas/Domain" + DomainsPageRes: + description: Data retrieved. + content: + application/json: + schema: + $ref: "#/components/schemas/DomainsPage" + HealthRes: + description: Service Health Check. + content: + application/health+json: + schema: + $ref: "./schemas/health_info.yml" + + securitySchemes: + bearerAuth: + type: http + scheme: bearer + bearerFormat: JWT + description: | + * Users access: "Authorization: Bearer " + +security: + - bearerAuth: []