1use std::collections::BTreeMap;
2
3use shaperail_core::{
4 EndpointSpec, FieldSchema, FieldType, HttpMethod, PaginationStyle, ProjectConfig,
5 ResourceDefinition,
6};
7
8pub fn generate(config: &ProjectConfig, resources: &[ResourceDefinition]) -> serde_json::Value {
13 let mut paths = BTreeMap::new();
14 let mut schemas = BTreeMap::new();
15
16 schemas.insert(
18 "ErrorResponse".to_string(),
19 serde_json::json!({
20 "type": "object",
21 "properties": {
22 "error": {
23 "type": "object",
24 "properties": {
25 "code": { "type": "string" },
26 "status": { "type": "integer" },
27 "message": { "type": "string" },
28 "request_id": { "type": "string" },
29 "details": {
30 "type": "array",
31 "items": {
32 "type": "object",
33 "properties": {
34 "field": { "type": "string" },
35 "message": { "type": "string" }
36 }
37 }
38 }
39 },
40 "required": ["code", "status", "message"]
41 }
42 },
43 "required": ["error"]
44 }),
45 );
46
47 let mut sorted_resources: Vec<&ResourceDefinition> = resources.iter().collect();
49 sorted_resources.sort_by_key(|r| &r.resource);
50
51 for resource in sorted_resources {
52 let struct_name = to_pascal_case(&resource.resource);
53
54 schemas.insert(struct_name.clone(), build_resource_schema(resource));
56
57 if let Some(endpoints) = &resource.endpoints {
59 for (action, ep) in endpoints {
60 if let Some(input_fields) = &ep.input {
61 let input_name = format!("{struct_name}{}Input", to_pascal_case(action));
62 schemas.insert(
63 input_name,
64 build_input_schema(resource, input_fields, action == "create"),
65 );
66 }
67 }
68 }
69
70 if let Some(endpoints) = &resource.endpoints {
72 let mut sorted_endpoints: Vec<(&String, &EndpointSpec)> = endpoints.iter().collect();
74 sorted_endpoints.sort_by_key(|(name, _)| *name);
75
76 for (action, ep) in sorted_endpoints {
77 let openapi_path =
78 format!("/v{}{}", resource.version, ep.path.replace(":id", "{id}"));
79 let method = ep.method.to_string().to_lowercase();
80
81 let operation =
82 build_operation(&struct_name, resource, &resource.resource, action, ep);
83
84 let entry = paths
85 .entry(openapi_path)
86 .or_insert_with(BTreeMap::<String, serde_json::Value>::new);
87 entry.insert(method, operation);
88 }
89 }
90 }
91
92 let paths_value: serde_json::Value = serde_json::to_value(&paths)
94 .unwrap_or_else(|_| serde_json::Value::Object(serde_json::Map::new()));
95
96 serde_json::json!({
97 "openapi": "3.1.0",
98 "info": {
99 "title": config.project,
100 "version": "1.0.0"
101 },
102 "paths": paths_value,
103 "components": {
104 "schemas": serde_json::Value::Object(
105 schemas.into_iter().collect()
106 ),
107 "securitySchemes": {
108 "bearerAuth": {
109 "type": "http",
110 "scheme": "bearer",
111 "bearerFormat": "JWT"
112 },
113 "apiKeyAuth": {
114 "type": "apiKey",
115 "in": "header",
116 "name": "X-API-Key"
117 }
118 }
119 }
120 })
121}
122
123pub fn to_json(spec: &serde_json::Value) -> Result<String, serde_json::Error> {
125 serde_json::to_string_pretty(spec)
126}
127
128pub fn to_yaml(spec: &serde_json::Value) -> Result<String, serde_yaml::Error> {
130 serde_yaml::to_string(spec)
131}
132
133fn build_resource_schema(resource: &ResourceDefinition) -> serde_json::Value {
134 let mut properties = BTreeMap::new();
135 let mut required_fields = Vec::new();
136
137 for (name, schema) in &resource.schema {
138 properties.insert(name.clone(), field_schema_to_openapi(schema));
139 if schema.required && !schema.generated {
140 required_fields.push(serde_json::Value::String(name.clone()));
141 }
142 }
143
144 let mut result = serde_json::json!({
145 "type": "object",
146 "properties": serde_json::Value::Object(properties.into_iter().collect()),
147 });
148
149 if !required_fields.is_empty() {
150 result["required"] = serde_json::Value::Array(required_fields);
151 }
152
153 result
154}
155
156fn build_input_schema(
157 resource: &ResourceDefinition,
158 input_fields: &[String],
159 is_create: bool,
160) -> serde_json::Value {
161 let mut properties = BTreeMap::new();
162 let mut required_fields = Vec::new();
163
164 for field_name in input_fields {
165 if let Some(schema) = resource.schema.get(field_name) {
166 properties.insert(field_name.clone(), field_schema_to_openapi(schema));
167 if is_create && schema.required {
168 required_fields.push(serde_json::Value::String(field_name.clone()));
169 }
170 }
171 }
172
173 let mut result = serde_json::json!({
174 "type": "object",
175 "properties": serde_json::Value::Object(properties.into_iter().collect()),
176 });
177
178 if !required_fields.is_empty() {
179 result["required"] = serde_json::Value::Array(required_fields);
180 }
181
182 result
183}
184
185fn build_multipart_input_schema(
186 resource: &ResourceDefinition,
187 input_fields: &[String],
188 upload_field: &str,
189 is_create: bool,
190) -> serde_json::Value {
191 let mut properties = BTreeMap::new();
192 let mut required_fields = Vec::new();
193
194 for field_name in input_fields {
195 if let Some(schema) = resource.schema.get(field_name) {
196 let property = if field_name == upload_field {
197 serde_json::json!({
198 "type": "string",
199 "format": "binary"
200 })
201 } else {
202 field_schema_to_openapi(schema)
203 };
204
205 properties.insert(field_name.clone(), property);
206 if is_create && schema.required {
207 required_fields.push(serde_json::Value::String(field_name.clone()));
208 }
209 }
210 }
211
212 let mut result = serde_json::json!({
213 "type": "object",
214 "properties": serde_json::Value::Object(properties.into_iter().collect()),
215 });
216
217 if !required_fields.is_empty() {
218 result["required"] = serde_json::Value::Array(required_fields);
219 }
220
221 result
222}
223
224fn field_schema_to_openapi(schema: &FieldSchema) -> serde_json::Value {
225 let mut obj = BTreeMap::new();
226
227 match &schema.field_type {
228 FieldType::Uuid => {
229 obj.insert("type".to_string(), serde_json::json!("string"));
230 obj.insert("format".to_string(), serde_json::json!("uuid"));
231 }
232 FieldType::String => {
233 obj.insert("type".to_string(), serde_json::json!("string"));
234 }
235 FieldType::Integer => {
236 obj.insert("type".to_string(), serde_json::json!("integer"));
237 }
238 FieldType::Bigint => {
239 obj.insert("type".to_string(), serde_json::json!("integer"));
240 obj.insert("format".to_string(), serde_json::json!("int64"));
241 }
242 FieldType::Number => {
243 obj.insert("type".to_string(), serde_json::json!("number"));
244 }
245 FieldType::Boolean => {
246 obj.insert("type".to_string(), serde_json::json!("boolean"));
247 }
248 FieldType::Timestamp => {
249 obj.insert("type".to_string(), serde_json::json!("string"));
250 obj.insert("format".to_string(), serde_json::json!("date-time"));
251 }
252 FieldType::Date => {
253 obj.insert("type".to_string(), serde_json::json!("string"));
254 obj.insert("format".to_string(), serde_json::json!("date"));
255 }
256 FieldType::Enum => {
257 obj.insert("type".to_string(), serde_json::json!("string"));
258 if let Some(values) = &schema.values {
259 obj.insert("enum".to_string(), serde_json::json!(values));
260 }
261 }
262 FieldType::Json => {
263 obj.insert("type".to_string(), serde_json::json!("object"));
264 }
265 FieldType::Array => {
266 obj.insert("type".to_string(), serde_json::json!("array"));
267 obj.insert("items".to_string(), serde_json::json!({}));
268 }
269 FieldType::File => {
270 obj.insert("type".to_string(), serde_json::json!("string"));
271 obj.insert("format".to_string(), serde_json::json!("uri"));
272 }
273 }
274
275 if let Some(format) = &schema.format {
277 if !obj.contains_key("format") {
279 obj.insert("format".to_string(), serde_json::json!(format));
280 }
281 }
282
283 if let Some(min) = &schema.min {
285 match &schema.field_type {
286 FieldType::String => {
287 obj.insert("minLength".to_string(), min.clone());
288 }
289 FieldType::Integer | FieldType::Bigint | FieldType::Number => {
290 obj.insert("minimum".to_string(), min.clone());
291 }
292 _ => {}
293 }
294 }
295 if let Some(max) = &schema.max {
296 match &schema.field_type {
297 FieldType::String => {
298 obj.insert("maxLength".to_string(), max.clone());
299 }
300 FieldType::Integer | FieldType::Bigint | FieldType::Number => {
301 obj.insert("maximum".to_string(), max.clone());
302 }
303 _ => {}
304 }
305 }
306
307 if let Some(default) = &schema.default {
309 obj.insert("default".to_string(), default.clone());
310 }
311
312 serde_json::Value::Object(obj.into_iter().collect())
313}
314
315fn build_operation(
316 struct_name: &str,
317 resource: &ResourceDefinition,
318 resource_name: &str,
319 action: &str,
320 ep: &EndpointSpec,
321) -> serde_json::Value {
322 let mut operation = BTreeMap::new();
323
324 operation.insert(
325 "operationId".to_string(),
326 serde_json::json!(format!("{resource_name}_{action}")),
327 );
328 operation.insert("tags".to_string(), serde_json::json!([resource_name]));
329
330 let mut parameters = Vec::new();
332
333 if ep.path.contains(":id") {
335 parameters.push(serde_json::json!({
336 "name": "id",
337 "in": "path",
338 "required": true,
339 "schema": { "type": "string", "format": "uuid" }
340 }));
341 }
342
343 if let Some(filters) = &ep.filters {
345 for filter in filters {
346 parameters.push(serde_json::json!({
347 "name": format!("filter[{filter}]"),
348 "in": "query",
349 "required": false,
350 "schema": { "type": "string" },
351 "description": format!("Filter by {filter}")
352 }));
353 }
354 }
355
356 if let Some(search_fields) = &ep.search {
358 if !search_fields.is_empty() {
359 parameters.push(serde_json::json!({
360 "name": "search",
361 "in": "query",
362 "required": false,
363 "schema": { "type": "string" },
364 "description": format!("Full-text search across: {}", search_fields.join(", "))
365 }));
366 }
367 }
368
369 if ep.sort.is_some() || ep.pagination.is_some() {
371 parameters.push(serde_json::json!({
372 "name": "sort",
373 "in": "query",
374 "required": false,
375 "schema": { "type": "string" },
376 "description": "Sort fields (prefix with - for descending, e.g., -created_at,name)"
377 }));
378 }
379
380 if let Some(pagination) = &ep.pagination {
382 match pagination {
383 PaginationStyle::Cursor => {
384 parameters.push(serde_json::json!({
385 "name": "cursor",
386 "in": "query",
387 "required": false,
388 "schema": { "type": "string" },
389 "description": "Cursor for the next page"
390 }));
391 parameters.push(serde_json::json!({
392 "name": "limit",
393 "in": "query",
394 "required": false,
395 "schema": { "type": "integer", "default": 20, "minimum": 1, "maximum": 100 },
396 "description": "Number of items per page"
397 }));
398 }
399 PaginationStyle::Offset => {
400 parameters.push(serde_json::json!({
401 "name": "offset",
402 "in": "query",
403 "required": false,
404 "schema": { "type": "integer", "default": 0, "minimum": 0 },
405 "description": "Number of items to skip"
406 }));
407 parameters.push(serde_json::json!({
408 "name": "limit",
409 "in": "query",
410 "required": false,
411 "schema": { "type": "integer", "default": 20, "minimum": 1, "maximum": 100 },
412 "description": "Number of items per page"
413 }));
414 }
415 }
416 }
417
418 if ep.method == HttpMethod::Get {
420 parameters.push(serde_json::json!({
421 "name": "fields",
422 "in": "query",
423 "required": false,
424 "schema": { "type": "string" },
425 "description": "Comma-separated list of fields to include in response"
426 }));
427 }
428
429 if !parameters.is_empty() {
430 operation.insert(
431 "parameters".to_string(),
432 serde_json::Value::Array(parameters),
433 );
434 }
435
436 if let Some(input_fields) = &ep.input {
438 if !input_fields.is_empty() {
439 let request_body = if let Some(upload) = &ep.upload {
440 serde_json::json!({
441 "required": true,
442 "content": {
443 "multipart/form-data": {
444 "schema": build_multipart_input_schema(
445 resource,
446 input_fields,
447 &upload.field,
448 action == "create",
449 )
450 }
451 }
452 })
453 } else {
454 let input_schema_name = format!("{struct_name}{}Input", to_pascal_case(action));
455 serde_json::json!({
456 "required": true,
457 "content": {
458 "application/json": {
459 "schema": {
460 "$ref": format!("#/components/schemas/{input_schema_name}")
461 }
462 }
463 }
464 })
465 };
466
467 operation.insert("requestBody".to_string(), request_body);
468 }
469 }
470
471 let mut responses = BTreeMap::new();
473
474 let success_status = match ep.method {
476 HttpMethod::Post => "201",
477 HttpMethod::Delete => "204",
478 _ => "200",
479 };
480
481 if ep.method == HttpMethod::Delete {
482 responses.insert(
483 success_status.to_string(),
484 serde_json::json!({ "description": "Deleted successfully" }),
485 );
486 } else if ep.pagination.is_some() {
487 responses.insert(
489 success_status.to_string(),
490 serde_json::json!({
491 "description": "Successful response",
492 "content": {
493 "application/json": {
494 "schema": {
495 "type": "object",
496 "properties": {
497 "data": {
498 "type": "array",
499 "items": {
500 "$ref": format!("#/components/schemas/{struct_name}")
501 }
502 },
503 "meta": {
504 "type": "object",
505 "properties": {
506 "cursor": { "type": "string" },
507 "has_more": { "type": "boolean" },
508 "total": { "type": "integer" }
509 }
510 }
511 }
512 }
513 }
514 }
515 }),
516 );
517 } else {
518 responses.insert(
519 success_status.to_string(),
520 serde_json::json!({
521 "description": "Successful response",
522 "content": {
523 "application/json": {
524 "schema": {
525 "type": "object",
526 "properties": {
527 "data": {
528 "$ref": format!("#/components/schemas/{struct_name}")
529 }
530 }
531 }
532 }
533 }
534 }),
535 );
536 }
537
538 let error_ref = serde_json::json!({
540 "content": {
541 "application/json": {
542 "schema": {
543 "$ref": "#/components/schemas/ErrorResponse"
544 }
545 }
546 }
547 });
548
549 let mut add_error = |status: &str, description: &str| {
550 let mut resp = error_ref.clone();
551 resp["description"] = serde_json::json!(description);
552 responses.insert(status.to_string(), resp);
553 };
554
555 add_error("401", "Unauthorized");
556 add_error("403", "Forbidden");
557
558 if ep.path.contains(":id") {
559 add_error("404", "Not found");
560 }
561
562 if ep.input.is_some() {
563 add_error("422", "Validation error");
564 }
565
566 add_error("429", "Rate limited");
567 add_error("500", "Internal server error");
568
569 operation.insert(
570 "responses".to_string(),
571 serde_json::Value::Object(responses.into_iter().collect()),
572 );
573
574 if let Some(auth) = &ep.auth {
576 if !auth.is_public() {
577 operation.insert(
578 "security".to_string(),
579 serde_json::json!([
580 { "bearerAuth": [] },
581 { "apiKeyAuth": [] }
582 ]),
583 );
584 }
585 }
586
587 if let Some(controller) = &ep.controller {
589 let mut ctrl = serde_json::Map::new();
590 if let Some(before) = &controller.before {
591 ctrl.insert("before".to_string(), serde_json::json!(before));
592 }
593 if let Some(after) = &controller.after {
594 ctrl.insert("after".to_string(), serde_json::json!(after));
595 }
596 operation.insert(
597 "x-shaperail-controller".to_string(),
598 serde_json::json!(ctrl),
599 );
600 }
601 if let Some(events) = &ep.events {
602 if !events.is_empty() {
603 operation.insert("x-shaperail-events".to_string(), serde_json::json!(events));
604 }
605 }
606
607 serde_json::Value::Object(operation.into_iter().collect())
608}
609
610fn to_pascal_case(s: &str) -> String {
611 s.split('_')
612 .map(|word| {
613 let mut chars = word.chars();
614 match chars.next() {
615 None => String::new(),
616 Some(c) => {
617 let upper: String = c.to_uppercase().collect();
618 upper + &chars.as_str().to_lowercase()
619 }
620 }
621 })
622 .collect()
623}
624
625#[cfg(test)]
626mod tests {
627 use super::*;
628 use indexmap::IndexMap;
629 use shaperail_core::{
630 AuthRule, CacheSpec, FieldSchema, FieldType, HttpMethod, PaginationStyle, UploadSpec,
631 };
632
633 fn test_config() -> ProjectConfig {
634 ProjectConfig {
635 project: "test-api".to_string(),
636 port: 3000,
637 workers: shaperail_core::WorkerCount::Auto,
638 database: None,
639 databases: None,
640 cache: None,
641 auth: None,
642 storage: None,
643 logging: None,
644 events: None,
645 }
646 }
647
648 fn sample_resource() -> ResourceDefinition {
649 let mut schema = IndexMap::new();
650 schema.insert(
651 "id".to_string(),
652 FieldSchema {
653 field_type: FieldType::Uuid,
654 primary: true,
655 generated: true,
656 required: false,
657 unique: false,
658 nullable: false,
659 reference: None,
660 min: None,
661 max: None,
662 format: None,
663 values: None,
664 default: None,
665 sensitive: false,
666 search: false,
667 items: None,
668 },
669 );
670 schema.insert(
671 "email".to_string(),
672 FieldSchema {
673 field_type: FieldType::String,
674 primary: false,
675 generated: false,
676 required: true,
677 unique: true,
678 nullable: false,
679 reference: None,
680 min: None,
681 max: None,
682 format: Some("email".to_string()),
683 values: None,
684 default: None,
685 sensitive: false,
686 search: true,
687 items: None,
688 },
689 );
690 schema.insert(
691 "name".to_string(),
692 FieldSchema {
693 field_type: FieldType::String,
694 primary: false,
695 generated: false,
696 required: true,
697 unique: false,
698 nullable: false,
699 reference: None,
700 min: Some(serde_json::json!(1)),
701 max: Some(serde_json::json!(200)),
702 format: None,
703 values: None,
704 default: None,
705 sensitive: false,
706 search: true,
707 items: None,
708 },
709 );
710 schema.insert(
711 "role".to_string(),
712 FieldSchema {
713 field_type: FieldType::Enum,
714 primary: false,
715 generated: false,
716 required: true,
717 unique: false,
718 nullable: false,
719 reference: None,
720 min: None,
721 max: None,
722 format: None,
723 values: Some(vec![
724 "admin".to_string(),
725 "member".to_string(),
726 "viewer".to_string(),
727 ]),
728 default: Some(serde_json::json!("member")),
729 sensitive: false,
730 search: false,
731 items: None,
732 },
733 );
734 schema.insert(
735 "created_at".to_string(),
736 FieldSchema {
737 field_type: FieldType::Timestamp,
738 primary: false,
739 generated: true,
740 required: false,
741 unique: false,
742 nullable: false,
743 reference: None,
744 min: None,
745 max: None,
746 format: None,
747 values: None,
748 default: None,
749 sensitive: false,
750 search: false,
751 items: None,
752 },
753 );
754
755 let mut endpoints = IndexMap::new();
756 endpoints.insert(
757 "list".to_string(),
758 EndpointSpec {
759 method: HttpMethod::Get,
760 path: "/users".to_string(),
761 auth: Some(AuthRule::Roles(vec![
762 "member".to_string(),
763 "admin".to_string(),
764 ])),
765 input: None,
766 filters: Some(vec!["role".to_string()]),
767 search: Some(vec!["name".to_string(), "email".to_string()]),
768 pagination: Some(PaginationStyle::Cursor),
769 sort: None,
770 cache: Some(CacheSpec {
771 ttl: 60,
772 invalidate_on: None,
773 }),
774 controller: None,
775 events: None,
776 jobs: None,
777 upload: None,
778 soft_delete: false,
779 },
780 );
781 endpoints.insert(
782 "create".to_string(),
783 EndpointSpec {
784 method: HttpMethod::Post,
785 path: "/users".to_string(),
786 auth: Some(AuthRule::Roles(vec!["admin".to_string()])),
787 input: Some(vec![
788 "email".to_string(),
789 "name".to_string(),
790 "role".to_string(),
791 ]),
792 filters: None,
793 search: None,
794 pagination: None,
795 sort: None,
796 cache: None,
797 controller: Some(shaperail_core::ControllerSpec {
798 before: Some("validate_org".to_string()),
799 after: None,
800 }),
801 events: Some(vec!["user.created".to_string()]),
802 jobs: Some(vec!["send_welcome_email".to_string()]),
803 upload: None,
804 soft_delete: false,
805 },
806 );
807 endpoints.insert(
808 "update".to_string(),
809 EndpointSpec {
810 method: HttpMethod::Patch,
811 path: "/users/:id".to_string(),
812 auth: Some(AuthRule::Roles(vec![
813 "admin".to_string(),
814 "owner".to_string(),
815 ])),
816 input: Some(vec!["name".to_string(), "role".to_string()]),
817 filters: None,
818 search: None,
819 pagination: None,
820 sort: None,
821 cache: None,
822 controller: None,
823 events: None,
824 jobs: None,
825 upload: None,
826 soft_delete: false,
827 },
828 );
829 endpoints.insert(
830 "delete".to_string(),
831 EndpointSpec {
832 method: HttpMethod::Delete,
833 path: "/users/:id".to_string(),
834 auth: Some(AuthRule::Roles(vec!["admin".to_string()])),
835 input: None,
836 filters: None,
837 search: None,
838 pagination: None,
839 sort: None,
840 cache: None,
841 controller: None,
842 events: None,
843 jobs: None,
844 upload: None,
845 soft_delete: true,
846 },
847 );
848
849 ResourceDefinition {
850 resource: "users".to_string(),
851 version: 1,
852 db: None,
853 schema,
854 endpoints: Some(endpoints),
855 relations: None,
856 indexes: None,
857 }
858 }
859
860 fn upload_resource() -> ResourceDefinition {
861 let mut schema = IndexMap::new();
862 schema.insert(
863 "id".to_string(),
864 FieldSchema {
865 field_type: FieldType::Uuid,
866 primary: true,
867 generated: true,
868 required: false,
869 unique: false,
870 nullable: false,
871 reference: None,
872 min: None,
873 max: None,
874 format: None,
875 values: None,
876 default: None,
877 sensitive: false,
878 search: false,
879 items: None,
880 },
881 );
882 schema.insert(
883 "title".to_string(),
884 FieldSchema {
885 field_type: FieldType::String,
886 primary: false,
887 generated: false,
888 required: true,
889 unique: false,
890 nullable: false,
891 reference: None,
892 min: Some(serde_json::json!(1)),
893 max: Some(serde_json::json!(200)),
894 format: None,
895 values: None,
896 default: None,
897 sensitive: false,
898 search: false,
899 items: None,
900 },
901 );
902 schema.insert(
903 "attachment".to_string(),
904 FieldSchema {
905 field_type: FieldType::File,
906 primary: false,
907 generated: false,
908 required: true,
909 unique: false,
910 nullable: false,
911 reference: None,
912 min: None,
913 max: None,
914 format: None,
915 values: None,
916 default: None,
917 sensitive: false,
918 search: false,
919 items: None,
920 },
921 );
922
923 let mut endpoints = IndexMap::new();
924 endpoints.insert(
925 "create".to_string(),
926 EndpointSpec {
927 method: HttpMethod::Post,
928 path: "/assets".to_string(),
929 auth: None,
930 input: Some(vec!["title".to_string(), "attachment".to_string()]),
931 filters: None,
932 search: None,
933 pagination: None,
934 sort: None,
935 cache: None,
936 controller: None,
937 events: None,
938 jobs: None,
939 upload: Some(UploadSpec {
940 field: "attachment".to_string(),
941 storage: "local".to_string(),
942 max_size: "5mb".to_string(),
943 types: Some(vec!["image/png".to_string()]),
944 }),
945 soft_delete: false,
946 },
947 );
948
949 ResourceDefinition {
950 resource: "assets".to_string(),
951 version: 1,
952 db: None,
953 schema,
954 endpoints: Some(endpoints),
955 relations: None,
956 indexes: None,
957 }
958 }
959
960 #[test]
961 fn generates_valid_openapi_31_spec() {
962 let config = test_config();
963 let resources = vec![sample_resource()];
964 let spec = generate(&config, &resources);
965
966 assert_eq!(spec["openapi"], "3.1.0");
967 assert_eq!(spec["info"]["title"], "test-api");
968 assert_eq!(spec["info"]["version"], "1.0.0");
969 assert!(spec["paths"].is_object());
970 assert!(spec["components"]["schemas"].is_object());
971 assert!(spec["components"]["securitySchemes"].is_object());
972 }
973
974 #[test]
975 fn deterministic_output() {
976 let config = test_config();
977 let resources = vec![sample_resource()];
978
979 let spec1 = generate(&config, &resources);
980 let spec2 = generate(&config, &resources);
981
982 let json1 = to_json(&spec1).expect("serialize 1");
983 let json2 = to_json(&spec2).expect("serialize 2");
984
985 assert_eq!(json1, json2, "OpenAPI spec must be deterministic");
986 }
987
988 #[test]
989 fn documents_all_endpoints() {
990 let config = test_config();
991 let resources = vec![sample_resource()];
992 let spec = generate(&config, &resources);
993
994 let paths = spec["paths"].as_object().expect("paths object");
995
996 let users_path = paths.get("/v1/users").expect("/v1/users path");
998 assert!(users_path.get("get").is_some(), "GET /v1/users");
999 assert!(users_path.get("post").is_some(), "POST /v1/users");
1000
1001 let users_id_path = paths.get("/v1/users/{id}").expect("/v1/users/{{id}} path");
1003 assert!(users_id_path.get("patch").is_some(), "PATCH /users/{{id}}");
1004 assert!(
1005 users_id_path.get("delete").is_some(),
1006 "DELETE /users/{{id}}"
1007 );
1008 }
1009
1010 #[test]
1011 fn pagination_params_documented() {
1012 let config = test_config();
1013 let resources = vec![sample_resource()];
1014 let spec = generate(&config, &resources);
1015
1016 let list_op = &spec["paths"]["/v1/users"]["get"];
1017 let params = list_op["parameters"].as_array().expect("params array");
1018
1019 let param_names: Vec<&str> = params.iter().filter_map(|p| p["name"].as_str()).collect();
1020
1021 assert!(param_names.contains(&"cursor"), "cursor param");
1022 assert!(param_names.contains(&"limit"), "limit param");
1023 }
1024
1025 #[test]
1026 fn filter_params_documented() {
1027 let config = test_config();
1028 let resources = vec![sample_resource()];
1029 let spec = generate(&config, &resources);
1030
1031 let list_op = &spec["paths"]["/v1/users"]["get"];
1032 let params = list_op["parameters"].as_array().expect("params array");
1033
1034 let param_names: Vec<&str> = params.iter().filter_map(|p| p["name"].as_str()).collect();
1035
1036 assert!(param_names.contains(&"filter[role]"), "filter[role] param");
1037 }
1038
1039 #[test]
1040 fn search_param_documented() {
1041 let config = test_config();
1042 let resources = vec![sample_resource()];
1043 let spec = generate(&config, &resources);
1044
1045 let list_op = &spec["paths"]["/v1/users"]["get"];
1046 let params = list_op["parameters"].as_array().expect("params array");
1047
1048 let param_names: Vec<&str> = params.iter().filter_map(|p| p["name"].as_str()).collect();
1049
1050 assert!(param_names.contains(&"search"), "search param");
1051 }
1052
1053 #[test]
1054 fn standard_error_responses() {
1055 let config = test_config();
1056 let resources = vec![sample_resource()];
1057 let spec = generate(&config, &resources);
1058
1059 let create_op = &spec["paths"]["/v1/users"]["post"];
1061 let responses = create_op["responses"].as_object().expect("responses");
1062
1063 assert!(responses.contains_key("401"), "401 Unauthorized");
1064 assert!(responses.contains_key("403"), "403 Forbidden");
1065 assert!(responses.contains_key("422"), "422 Validation error");
1066 assert!(responses.contains_key("429"), "429 Rate limited");
1067 assert!(responses.contains_key("500"), "500 Internal server error");
1068
1069 let list_op = &spec["paths"]["/v1/users"]["get"];
1071 let list_responses = list_op["responses"].as_object().expect("responses");
1072 assert!(!list_responses.contains_key("404"), "list has no 404");
1073
1074 let update_op = &spec["paths"]["/v1/users/{id}"]["patch"];
1076 let update_responses = update_op["responses"].as_object().expect("responses");
1077 assert!(update_responses.contains_key("404"), "update has 404");
1078 }
1079
1080 #[test]
1081 fn vendor_extensions() {
1082 let config = test_config();
1083 let resources = vec![sample_resource()];
1084 let spec = generate(&config, &resources);
1085
1086 let create_op = &spec["paths"]["/v1/users"]["post"];
1087 assert_eq!(
1088 create_op["x-shaperail-controller"],
1089 serde_json::json!({"before": "validate_org"})
1090 );
1091 assert_eq!(
1092 create_op["x-shaperail-events"],
1093 serde_json::json!(["user.created"])
1094 );
1095 }
1096
1097 #[test]
1098 fn enum_values_in_schema() {
1099 let config = test_config();
1100 let resources = vec![sample_resource()];
1101 let spec = generate(&config, &resources);
1102
1103 let role_prop = &spec["components"]["schemas"]["Users"]["properties"]["role"];
1104 assert_eq!(
1105 role_prop["enum"],
1106 serde_json::json!(["admin", "member", "viewer"])
1107 );
1108 assert_eq!(role_prop["default"], serde_json::json!("member"));
1109 }
1110
1111 #[test]
1112 fn input_schemas_generated() {
1113 let config = test_config();
1114 let resources = vec![sample_resource()];
1115 let spec = generate(&config, &resources);
1116
1117 let schemas = spec["components"]["schemas"].as_object().expect("schemas");
1118 assert!(
1119 schemas.contains_key("UsersCreateInput"),
1120 "create input schema"
1121 );
1122 assert!(
1123 schemas.contains_key("UsersUpdateInput"),
1124 "update input schema"
1125 );
1126 }
1127
1128 #[test]
1129 fn request_body_references_input_schema() {
1130 let config = test_config();
1131 let resources = vec![sample_resource()];
1132 let spec = generate(&config, &resources);
1133
1134 let create_op = &spec["paths"]["/v1/users"]["post"];
1135 let schema_ref = &create_op["requestBody"]["content"]["application/json"]["schema"]["$ref"];
1136 assert_eq!(schema_ref, "#/components/schemas/UsersCreateInput");
1137 }
1138
1139 #[test]
1140 fn upload_request_body_uses_multipart_form_data() {
1141 let config = test_config();
1142 let resources = vec![upload_resource()];
1143 let spec = generate(&config, &resources);
1144
1145 let create_op = &spec["paths"]["/v1/assets"]["post"];
1146 let schema = &create_op["requestBody"]["content"]["multipart/form-data"]["schema"];
1147
1148 assert_eq!(schema["properties"]["attachment"]["type"], "string");
1149 assert_eq!(schema["properties"]["attachment"]["format"], "binary");
1150 assert_eq!(schema["properties"]["title"]["type"], "string");
1151 }
1152
1153 #[test]
1154 fn security_on_authenticated_endpoints() {
1155 let config = test_config();
1156 let resources = vec![sample_resource()];
1157 let spec = generate(&config, &resources);
1158
1159 let list_op = &spec["paths"]["/v1/users"]["get"];
1160 assert!(
1161 list_op["security"].is_array(),
1162 "auth endpoints have security"
1163 );
1164 }
1165
1166 #[test]
1167 fn string_constraints_in_schema() {
1168 let config = test_config();
1169 let resources = vec![sample_resource()];
1170 let spec = generate(&config, &resources);
1171
1172 let name_prop = &spec["components"]["schemas"]["Users"]["properties"]["name"];
1173 assert_eq!(name_prop["minLength"], 1);
1174 assert_eq!(name_prop["maxLength"], 200);
1175 }
1176
1177 #[test]
1178 fn json_and_yaml_output() {
1179 let config = test_config();
1180 let resources = vec![sample_resource()];
1181 let spec = generate(&config, &resources);
1182
1183 let json = to_json(&spec).expect("json");
1184 assert!(json.contains("\"openapi\": \"3.1.0\""));
1185
1186 let yaml = to_yaml(&spec).expect("yaml");
1187 assert!(yaml.contains("openapi: 3.1.0"));
1188 }
1189
1190 #[test]
1191 fn delete_returns_204() {
1192 let config = test_config();
1193 let resources = vec![sample_resource()];
1194 let spec = generate(&config, &resources);
1195
1196 let delete_op = &spec["paths"]["/v1/users/{id}"]["delete"];
1197 let responses = delete_op["responses"].as_object().expect("responses");
1198 assert!(responses.contains_key("204"), "delete returns 204");
1199 }
1200
1201 #[test]
1202 fn list_response_envelope() {
1203 let config = test_config();
1204 let resources = vec![sample_resource()];
1205 let spec = generate(&config, &resources);
1206
1207 let list_resp = &spec["paths"]["/v1/users"]["get"]["responses"]["200"]["content"]
1208 ["application/json"]["schema"];
1209 assert!(list_resp["properties"]["data"]["type"] == "array");
1210 assert!(list_resp["properties"]["meta"]["type"] == "object");
1211 }
1212
1213 #[test]
1214 fn error_response_schema_exists() {
1215 let config = test_config();
1216 let resources = vec![sample_resource()];
1217 let spec = generate(&config, &resources);
1218
1219 let schemas = spec["components"]["schemas"].as_object().expect("schemas");
1220 assert!(schemas.contains_key("ErrorResponse"));
1221
1222 let err = &schemas["ErrorResponse"];
1223 assert!(err["properties"]["error"]["properties"]["code"].is_object());
1224 assert!(err["properties"]["error"]["properties"]["status"].is_object());
1225 assert!(err["properties"]["error"]["properties"]["message"].is_object());
1226 }
1227}