38987b77bb
Swagger/schedules request and response examples ( #257 )
...
This PR adds request body and response body examples to swagger in
/schedules endpoint
Added for:
- [x] `/schedules/_post`
- [x] `/schedules/_get`
- [x] `/schedules/[id]/_get`
- [x] `/schedules/[id]/_post`
- [x] `/schedules/[id]/_patch`
2023-04-19 12:22:07 -07:00
464c283e0c
Reverts oopsie
2023-03-10 12:01:46 -07:00
8fc4eedf5f
Adds swagger for schedules ( #247 )
...
This PR updates swagger documentation for the Schedules endpoint
2023-03-10 22:33:41 +05:30
42eb7041d4
New linting rules
2023-02-16 14:01:40 -07:00
9c23a8e5ab
Security Fixes ( #224 )
...
Fixes - 2,3,4 security vulnerabilities reported in this message.
https://calendso.slack.com/archives/C03127U5S5Q/p1671922033089329
More Fixes
- Dont't allow a user to add a random attendee to a booking not owned by
him
- Don't allow a user to add a random cal user as an organizer of the
booking.
- Membership deletion should be as per the Privileges of
Owner,Admin,Member
2023-01-04 15:17:47 -07:00
055699f612
Various import and type fixes
2022-11-25 06:58:21 -07:00
d93fd26a1e
Removed unused methods middleware
2022-10-21 13:30:09 -06:00
00bd908916
Fixes permission errors
2022-10-14 17:41:28 -06:00
e3fa0e546b
Refactor schedule endpoints ( #185 )
2022-10-13 14:54:38 -06:00
a506c7da33
Refactor + fix userIds filter ( #179 )
...
This fix means a behaviour change to GET calls. Instead of a JSON
payload, instead a filter param has been added to the URL itself. GET
payloads are very unexpected in API designs, even though supported.
* Todo write tests (with postman?)
* Turn isAdmin logic into common middleware
```bash
curl "http://localhost:3002/v1/schedules?apiKey=...&userId=2 "
```
```bash
curl "http://localhost:3002/v1/schedules?apiKey= ..." \
-d '{"name":"Hello", "userId": 2}' \
-H 'Content-Type: application/json'
```
2022-10-11 15:33:25 +01:00
f5d953ef1c
Hotfix/schedule ( #174 )
...
* Allows empty call
An authorized API call by a non-admin user with empty body will still fetch his data now
* Adds missing return
2022-10-07 15:33:04 +05:30
628306793d
Prettier fix :/
2022-10-07 13:47:46 +05:30
b05b6e48e7
Fixes another typo
2022-10-07 13:41:17 +05:30
8eaad0c1c6
fixed typo
2022-10-07 13:34:02 +05:30
9a65c547dc
Adds missing return after res
2022-10-07 13:24:55 +05:30
21e081c64c
Adds meaningful response for API caller
2022-10-07 13:15:35 +05:30
affba8bf66
Adds meaningful response for API caller
2022-10-07 13:13:56 +05:30
79fabe0333
Adds safeParseJSON to the body
2022-10-07 13:03:09 +05:30
36a0ebfbad
Adds safe json parse of the body
...
It ensures that the body complies with the safe parsing of the JSON so that if the body sent is not a valid JSON, we convert it into an empty JSON. Would improve in handling the response of such cases as a follow up for improved UX
2022-10-07 12:46:35 +05:30
da88beb1f5
Fix type errors
2022-10-06 15:06:07 -04:00
00ccb4ffd1
Simplify get /schedules
2022-10-06 14:41:50 -04:00
2a7a111855
Safe parse for userId
2022-10-06 14:38:17 -04:00
4ac9c1e6dd
Remove old comment
2022-10-06 10:02:35 -04:00
372e188228
Pass userId as a single value or an array
2022-10-06 09:55:34 -04:00
77b89fda05
Add return statements
2022-10-05 16:02:34 -04:00
a5413b40ab
Add ability to get, post, and delete for other users if admin
2022-10-05 11:04:58 -04:00
95fc04a453
Add check for userId and admin to top
2022-10-05 10:05:04 -04:00
1adace1c0d
Create new availability on new schedule
2022-10-05 09:56:27 -04:00
e407a16766
feat: dynamic prisma
2022-06-06 18:17:10 +02:00
0ca9748674
fix: dont throw err on bad query
2022-05-18 14:27:30 +02:00
5aa0b37443
fix build and pass lint
2022-05-17 19:33:18 +02:00
08eeb36d47
feat: add operationId for autogenerated sdk
2022-05-05 18:18:00 +02:00
b572e4b0ff
fix: move all req to deconstructed
2022-04-30 20:53:19 +02:00
9bb0f82075
fix: improve comments, no anys
2022-04-29 17:29:57 +02:00
d6c34a8e51
fix: remove empty lines
2022-04-29 01:54:21 +02:00
bb28680413
fixes all openapi spect issues, removes json-schema auto-generated moving to manual examples
2022-04-29 01:38:40 +02:00
e52af0bbef
fix: post / patch attendees docs w examples
2022-04-27 19:25:36 +02:00
fa30b52988
remove v1 from specs
2022-04-26 21:56:59 +02:00
b38f78bbad
fix: remove withValidSchedule from get/patch/delete shared endpoint
2022-04-24 23:57:17 +02:00
9078ee2f3f
fix: build removing extra spaces
2022-04-23 02:40:39 +02:00
8d5605dc7b
fix: move 401 to throw early in all endpoints
2022-04-23 02:17:06 +02:00
be3bcf2bf0
Refactoring and fixes
2022-04-21 19:42:53 -06:00
cabe4ae9c6
feat: schedules hardend
2022-04-21 00:48:54 +02:00
25a2a405da
feat: adds apikeyAuth in swagger ui for all endpoints
2022-04-17 16:39:38 +02:00
0bda988676
feat: all resources endpoints for get all and new unified
2022-04-11 15:10:16 +02:00
963c893727
feat: unify new/index of attendees, availabilities, booking references, bookings, selected calendars, update response types
2022-04-11 12:03:15 +02:00
d95325c06c
payments safe, unify endpoints for remindermails schedules
2022-04-10 02:10:34 +02:00
325b19ba3f
Add userId check in users getAll and id endpoints
2022-04-07 21:55:43 +02:00
de8d7f64c3
mvoe to less files
2022-04-04 02:02:11 +02:00
61819772bc
fix all swagger docs, dont build templates
2022-04-03 17:47:18 +02:00
Syed Ali Shahbaz