Skip to content

chore: Add OpenAPI support for the e2e.setUserPublicAndPrivateKeys#39090

Draft
ahmed-n-abdeltwab wants to merge 2 commits intoRocketChat:developfrom
ahmed-n-abdeltwab:feat/openapi-e2e-setUserPublicAndPrivateKeys
Draft

chore: Add OpenAPI support for the e2e.setUserPublicAndPrivateKeys#39090
ahmed-n-abdeltwab wants to merge 2 commits intoRocketChat:developfrom
ahmed-n-abdeltwab:feat/openapi-e2e-setUserPublicAndPrivateKeys

Conversation

@ahmed-n-abdeltwab
Copy link
Contributor

@ahmed-n-abdeltwab ahmed-n-abdeltwab commented Feb 26, 2026

Description:
This PR integrates OpenAPI support into the Rocket.Chat API, migrate of Rocket.Chat API endpoints to the new OpenAPI pattern. The update includes improved API documentation, enhanced type safety, and response validation using AJV.

Key Changes:

  • Implemented the new pattern and added AJV-based JSON schema validation for API.
  • Uses the ExtractRoutesFromAPI utility from the TypeScript definitions to dynamically derive the routes from the endpoint specifications.
  • Enabled Swagger UI integration for this API.
  • Route Methods Chaining for the endpoints.
  • This does not introduce any breaking changes to the endpoint logic.

Issue Reference:
Relates to #34983, part of the ongoing OpenAPI integration effort.

Testing:

  • Verified that the API response schemas are correctly documented in Swagger UI.
  • All tests passed without any breaking changes

Looking forward to your feedback! 🚀

Summary by CodeRabbit

  • Refactor

    • Improved E2E endpoint structure with enhanced input validation and API documentation compatibility.
  • Chores

    • Updated package versions for rest-typings and meteor.

…ys endpoints

- migrating to a modern chained route definition syntax and utilizing shared AJV schemas for validation to enhance API documentation and ensure type safety through response validation.
@dionisio-bot
Copy link
Contributor

dionisio-bot bot commented Feb 26, 2026

Looks like this PR is not ready to merge, because of the following issues:

  • This PR is missing the 'stat: QA assured' label
  • This PR is missing the required milestone or project

Please fix the issues and try again

If you have any trouble, please check the PR guidelines

@changeset-bot
Copy link

changeset-bot bot commented Feb 26, 2026

🦋 Changeset detected

Latest commit: c85e492

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 41 packages
Name Type
@rocket.chat/rest-typings Minor
@rocket.chat/meteor Minor
@rocket.chat/api-client Patch
@rocket.chat/core-services Patch
@rocket.chat/ddp-client Patch
@rocket.chat/http-router Patch
@rocket.chat/models Patch
@rocket.chat/ui-contexts Major
@rocket.chat/web-ui-registration Major
@rocket.chat/account-service Patch
@rocket.chat/authorization-service Patch
@rocket.chat/ddp-streamer Patch
@rocket.chat/federation-matrix Patch
@rocket.chat/omnichannel-services Patch
@rocket.chat/presence Patch
rocketchat-services Patch
@rocket.chat/omnichannel-transcript Patch
@rocket.chat/presence-service Patch
@rocket.chat/queue-worker Patch
@rocket.chat/abac Patch
@rocket.chat/network-broker Patch
@rocket.chat/omni-core-ee Patch
@rocket.chat/livechat Patch
@rocket.chat/mock-providers Patch
@rocket.chat/cron Patch
@rocket.chat/instance-status Patch
@rocket.chat/omni-core Patch
@rocket.chat/server-fetch Patch
@rocket.chat/ui-client Major
@rocket.chat/media-calls Patch
@rocket.chat/uikit-playground Patch
@rocket.chat/fuselage-ui-kit Major
@rocket.chat/gazzodown Major
@rocket.chat/ui-avatar Major
@rocket.chat/ui-video-conf Major
@rocket.chat/ui-voip Major
@rocket.chat/core-typings Minor
@rocket.chat/apps Patch
@rocket.chat/model-typings Patch
@rocket.chat/license Patch
@rocket.chat/pdf-worker Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 26, 2026

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5f6b887 and c85e492.

📒 Files selected for processing (5)
  • .changeset/quiet-moles-remain.md
  • apps/meteor/app/api/server/v1/e2e.ts
  • packages/rest-typings/src/index.ts
  • packages/rest-typings/src/v1/e2e.ts
  • packages/rest-typings/src/v1/e2e/e2eSetUserPublicAndPrivateKeysParamsPOST.ts
💤 Files with no reviewable changes (3)
  • packages/rest-typings/src/v1/e2e/e2eSetUserPublicAndPrivateKeysParamsPOST.ts
  • packages/rest-typings/src/v1/e2e.ts
  • packages/rest-typings/src/index.ts
📜 Recent review details
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: cubic · AI code reviewer
🧰 Additional context used
📓 Path-based instructions (1)
**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/playwright.mdc)

**/*.{ts,tsx,js}: Write concise, technical TypeScript/JavaScript with accurate typing in Playwright tests
Avoid code comments in the implementation

Files:

  • apps/meteor/app/api/server/v1/e2e.ts
🧠 Learnings (7)
📓 Common learnings
Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38974
File: apps/meteor/app/api/server/v1/im.ts:220-221
Timestamp: 2026-02-24T19:09:09.561Z
Learning: In RocketChat/Rocket.Chat OpenAPI migration PRs for apps/meteor/app/api/server/v1 endpoints, maintainers prefer to avoid any logic changes; style-only cleanups (like removing inline comments) may be deferred to follow-ups to keep scope tight.
📚 Learning: 2026-02-24T19:09:01.522Z
Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38974
File: apps/meteor/app/api/server/v1/im.ts:220-221
Timestamp: 2026-02-24T19:09:01.522Z
Learning: In Rocket.Chat OpenAPI migration PRs for endpoints under apps/meteor/app/api/server/v1, avoid introducing logic changes. Only perform scope-tight changes that preserve behavior; style-only cleanups (e.g., removing inline comments) may be deferred to follow-ups to keep the migration PR focused.

Applied to files:

  • apps/meteor/app/api/server/v1/e2e.ts
📚 Learning: 2025-10-07T15:08:37.419Z
Learnt from: cardoso
Repo: RocketChat/Rocket.Chat PR: 36942
File: apps/meteor/client/lib/e2ee/pbkdf2.ts:13-45
Timestamp: 2025-10-07T15:08:37.419Z
Learning: In apps/meteor/client/lib/e2ee/pbkdf2.ts, the team has decided to use Latin-1 encoding (via Binary.toArrayBuffer and Binary.toString) for password encoding and decrypt output instead of UTF-8 encoding. This is a deliberate choice for E2EE password/key material handling.

Applied to files:

  • apps/meteor/app/api/server/v1/e2e.ts
📚 Learning: 2026-02-23T17:53:06.802Z
Learnt from: ggazzo
Repo: RocketChat/Rocket.Chat PR: 35995
File: apps/meteor/app/api/server/v1/rooms.ts:1107-1112
Timestamp: 2026-02-23T17:53:06.802Z
Learning: During PR reviews that touch endpoint files under apps/meteor/app/api/server/v1, enforce strict scope: if a PR targets a specific endpoint (e.g., rooms.favorite), do not propose changes to unrelated endpoints (e.g., rooms.invite) unless maintainers explicitly request them. Focus feedback on the touched endpoint's behavior, API surface, and related tests; avoid broad cross-endpoint changes in the same PR unless requested.

Applied to files:

  • apps/meteor/app/api/server/v1/e2e.ts
📚 Learning: 2026-02-24T19:09:09.561Z
Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38974
File: apps/meteor/app/api/server/v1/im.ts:220-221
Timestamp: 2026-02-24T19:09:09.561Z
Learning: In RocketChat/Rocket.Chat OpenAPI migration PRs for apps/meteor/app/api/server/v1 endpoints, maintainers prefer to avoid any logic changes; style-only cleanups (like removing inline comments) may be deferred to follow-ups to keep scope tight.

Applied to files:

  • .changeset/quiet-moles-remain.md
📚 Learning: 2026-02-25T20:10:07.657Z
Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38913
File: packages/ddp-client/src/legacy/types/SDKLegacy.ts:34-34
Timestamp: 2026-02-25T20:10:07.657Z
Learning: In the RocketChat/Rocket.Chat monorepo, packages/ddp-client and apps/meteor do not use TypeScript project references. Module augmentations in apps/meteor (e.g., declare module 'rocket.chat/rest-typings') are not visible when compiling packages/ddp-client in isolation, which is why legacy SDK methods that depend on OperationResult types for OpenAPI-migrated endpoints must remain commented out.

Applied to files:

  • .changeset/quiet-moles-remain.md
📚 Learning: 2026-02-24T19:05:56.710Z
Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 0
File: :0-0
Timestamp: 2026-02-24T19:05:56.710Z
Learning: Rocket.Chat repo context: When a workspace manifest on develop already pins a dependency version (e.g., packages/web-ui-registration → "rocket.chat/ui-contexts": "27.0.1"), a lockfile change in a feature PR that upgrades only that dependency’s resolution is considered a manifest-driven sync and can be kept, preferably as a small "chore: sync yarn.lock with manifests" commit.

Applied to files:

  • .changeset/quiet-moles-remain.md
🧬 Code graph analysis (1)
apps/meteor/app/api/server/v1/e2e.ts (2)
apps/meteor/app/api/server/index.ts (1)
  • API (51-51)
packages/models/src/index.ts (1)
  • Users (192-192)
🔇 Additional comments (6)
.changeset/quiet-moles-remain.md (1)

1-6: LGTM!

The changeset correctly captures the scope of this PR with appropriate minor version bumps for both packages.

apps/meteor/app/api/server/v1/e2e.ts (5)

40-44: LGTM!

The type definition correctly captures the endpoint payload structure with required and optional fields, matching the existing naming conventions in this file.


71-86: LGTM!

The JSON schema correctly mirrors the TypeScript type definition with matching properties, required fields, and additionalProperties: false to enforce strict validation.


94-96: LGTM!

The validator is correctly compiled from the schema with the proper type parameter.


169-200: LGTM!

The endpoint is correctly migrated to the chained route definition syntax with proper authentication, request validation, and response schemas. The handler logic is preserved from the original implementation.


202-214: LGTM!

The e2e.fetchMyKeys endpoint is correctly preserved with its original functionality. Migrating this endpoint to the new OpenAPI pattern can be addressed in a separate PR to maintain focused scope. Based on learnings: maintainers prefer keeping OpenAPI migration PRs tightly scoped to the targeted endpoint.


Walkthrough

The changes migrate E2E key endpoint validation from a shared type-definitions package to local endpoint implementation, removing previously exported public types while maintaining functionality through locally-defined schemas and validators.

Changes

Cohort / File(s) Summary
Changeset Documentation
.changeset/quiet-moles-remain.md
Added changeset documenting OpenAPI support migration for E2E endpoints and version bumps for rest-typings and meteor packages.
E2E Endpoint Implementation
apps/meteor/app/api/server/v1/e2e.ts
Refactored E2E key endpoint to define validation types and schemas locally instead of importing from shared package; restructured route handler to use action-based pattern with compiled AJV validator.
Rest-Typings Package Cleanup
packages/rest-typings/src/index.ts, packages/rest-typings/src/v1/e2e.ts, packages/rest-typings/src/v1/e2e/e2eSetUserPublicAndPrivateKeysParamsPOST.ts
Removed public type exports, validators, schema definitions, and endpoint entry for E2E setUserPublicAndPrivateKeys; deleted dedicated parameter type file.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested labels

type: chore

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'chore: Add OpenAPI support for the e2e.setUserPublicAndPrivateKeys' accurately reflects the main objective of the PR, which is to add OpenAPI support for the e2e.setUserPublicAndPrivateKeys endpoint by migrating to a modern chained route definition syntax with AJV schema validation.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@ahmed-n-abdeltwab ahmed-n-abdeltwab changed the title Add OpenAPI support for the Rocket.Chat e2e.setUserPublicAndPrivateKeys Add OpenAPI support for the e2e.setUserPublicAndPrivateKeys Feb 26, 2026
@ahmed-n-abdeltwab ahmed-n-abdeltwab changed the title Add OpenAPI support for the e2e.setUserPublicAndPrivateKeys chore: Add OpenAPI support for the e2e.setUserPublicAndPrivateKeys Feb 26, 2026
@codecov
Copy link

codecov bot commented Feb 26, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 70.66%. Comparing base (29d2454) to head (c85e492).
⚠️ Report is 14 commits behind head on develop.

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##           develop   #39090      +/-   ##
===========================================
- Coverage    70.66%   70.66%   -0.01%     
===========================================
  Files         3190     3191       +1     
  Lines       112732   112963     +231     
  Branches     20418    20485      +67     
===========================================
+ Hits         79666    79821     +155     
- Misses       31016    31089      +73     
- Partials      2050     2053       +3     
Flag Coverage Δ
unit 71.27% <ø> (-0.04%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@ahmed-n-abdeltwab ahmed-n-abdeltwab marked this pull request as ready for review February 26, 2026 15:05
@ahmed-n-abdeltwab ahmed-n-abdeltwab requested review from a team as code owners February 26, 2026 15:05
@ahmed-n-abdeltwab ahmed-n-abdeltwab marked this pull request as draft February 26, 2026 15:07
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 5 files

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants