chore: Add OpenAPI support for the e2e.setUserPublicAndPrivateKeys

[ahmed-n-abdeltwab]

Description:
This PR integrates OpenAPI support into the Rocket.Chat API, migrate of Rocket.Chat API endpoints to the new OpenAPI pattern. The update includes improved API documentation, enhanced type safety, and response validation using AJV.

Key Changes:

• Implemented the new pattern and added AJV-based JSON schema validation for API.
• Uses the ExtractRoutesFromAPI utility from the TypeScript definitions to dynamically derive the routes from the endpoint specifications.
• Enabled Swagger UI integration for this API.
• Route Methods Chaining for the endpoints.
• This does not introduce any breaking changes to the endpoint logic.

Issue Reference:
Relates to #34983, part of the ongoing OpenAPI integration effort.

Testing:

• Verified that the API response schemas are correctly documented in Swagger UI.
• All tests passed without any breaking changes

Looking forward to your feedback! 🚀

Summary by CodeRabbit

• Refactor

  • Improved E2E endpoint structure with enhanced input validation and API documentation compatibility.

• Chores

  • Updated package versions for rest-typings and meteor.

[dionisio-bot]

Looks like this PR is not ready to merge, because of the following issues:

• This PR is missing the 'stat: QA assured' label
• This PR is missing the required milestone or project

Please fix the issues and try again

If you have any trouble, please check the PR guidelines

[changeset-bot]

🦋 Changeset detected

Latest commit: c85e492

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 41 packages

Name	Type
@rocket.chat/rest-typings	Minor
@rocket.chat/meteor	Minor
@rocket.chat/api-client	Patch
@rocket.chat/core-services	Patch
@rocket.chat/ddp-client	Patch
@rocket.chat/http-router	Patch
@rocket.chat/models	Patch
@rocket.chat/ui-contexts	Major
@rocket.chat/web-ui-registration	Major
@rocket.chat/account-service	Patch
@rocket.chat/authorization-service	Patch
@rocket.chat/ddp-streamer	Patch
@rocket.chat/federation-matrix	Patch
@rocket.chat/omnichannel-services	Patch
@rocket.chat/presence	Patch
rocketchat-services	Patch
@rocket.chat/omnichannel-transcript	Patch
@rocket.chat/presence-service	Patch
@rocket.chat/queue-worker	Patch
@rocket.chat/abac	Patch
@rocket.chat/network-broker	Patch
@rocket.chat/omni-core-ee	Patch
@rocket.chat/livechat	Patch
@rocket.chat/mock-providers	Patch
@rocket.chat/cron	Patch
@rocket.chat/instance-status	Patch
@rocket.chat/omni-core	Patch
@rocket.chat/server-fetch	Patch
@rocket.chat/ui-client	Major
@rocket.chat/media-calls	Patch
@rocket.chat/uikit-playground	Patch
@rocket.chat/fuselage-ui-kit	Major
@rocket.chat/gazzodown	Major
@rocket.chat/ui-avatar	Major
@rocket.chat/ui-video-conf	Major
@rocket.chat/ui-voip	Major
@rocket.chat/core-typings	Minor
@rocket.chat/apps	Patch
@rocket.chat/model-typings	Patch
@rocket.chat/license	Patch
@rocket.chat/pdf-worker	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5f6b887 and c85e492.

📒 Files selected for processing (5)

• .changeset/quiet-moles-remain.md
• apps/meteor/app/api/server/v1/e2e.ts
• packages/rest-typings/src/index.ts
• packages/rest-typings/src/v1/e2e.ts
• packages/rest-typings/src/v1/e2e/e2eSetUserPublicAndPrivateKeysParamsPOST.ts

💤 Files with no reviewable changes (3)

• packages/rest-typings/src/v1/e2e/e2eSetUserPublicAndPrivateKeysParamsPOST.ts
• packages/rest-typings/src/v1/e2e.ts
• packages/rest-typings/src/index.ts

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: cubic · AI code reviewer

🧰 Additional context used

📓 Path-based instructions (1)

**/*.{ts,tsx,js}

📄 CodeRabbit inference engine (.cursor/rules/playwright.mdc)

**/*.{ts,tsx,js}: Write concise, technical TypeScript/JavaScript with accurate typing in Playwright tests
Avoid code comments in the implementation

Files:

• apps/meteor/app/api/server/v1/e2e.ts

🧠 Learnings (7)

📓 Common learnings

Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38974
File: apps/meteor/app/api/server/v1/im.ts:220-221
Timestamp: 2026-02-24T19:09:09.561Z
Learning: In RocketChat/Rocket.Chat OpenAPI migration PRs for apps/meteor/app/api/server/v1 endpoints, maintainers prefer to avoid any logic changes; style-only cleanups (like removing inline comments) may be deferred to follow-ups to keep scope tight.

📚 Learning: 2026-02-24T19:09:01.522Z

Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38974
File: apps/meteor/app/api/server/v1/im.ts:220-221
Timestamp: 2026-02-24T19:09:01.522Z
Learning: In Rocket.Chat OpenAPI migration PRs for endpoints under apps/meteor/app/api/server/v1, avoid introducing logic changes. Only perform scope-tight changes that preserve behavior; style-only cleanups (e.g., removing inline comments) may be deferred to follow-ups to keep the migration PR focused.

Applied to files:

• apps/meteor/app/api/server/v1/e2e.ts

📚 Learning: 2025-10-07T15:08:37.419Z

Learnt from: cardoso
Repo: RocketChat/Rocket.Chat PR: 36942
File: apps/meteor/client/lib/e2ee/pbkdf2.ts:13-45
Timestamp: 2025-10-07T15:08:37.419Z
Learning: In apps/meteor/client/lib/e2ee/pbkdf2.ts, the team has decided to use Latin-1 encoding (via Binary.toArrayBuffer and Binary.toString) for password encoding and decrypt output instead of UTF-8 encoding. This is a deliberate choice for E2EE password/key material handling.

Applied to files:

• apps/meteor/app/api/server/v1/e2e.ts

📚 Learning: 2026-02-23T17:53:06.802Z

Learnt from: ggazzo
Repo: RocketChat/Rocket.Chat PR: 35995
File: apps/meteor/app/api/server/v1/rooms.ts:1107-1112
Timestamp: 2026-02-23T17:53:06.802Z
Learning: During PR reviews that touch endpoint files under apps/meteor/app/api/server/v1, enforce strict scope: if a PR targets a specific endpoint (e.g., rooms.favorite), do not propose changes to unrelated endpoints (e.g., rooms.invite) unless maintainers explicitly request them. Focus feedback on the touched endpoint's behavior, API surface, and related tests; avoid broad cross-endpoint changes in the same PR unless requested.

Applied to files:

• apps/meteor/app/api/server/v1/e2e.ts

📚 Learning: 2026-02-24T19:09:09.561Z

Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38974
File: apps/meteor/app/api/server/v1/im.ts:220-221
Timestamp: 2026-02-24T19:09:09.561Z
Learning: In RocketChat/Rocket.Chat OpenAPI migration PRs for apps/meteor/app/api/server/v1 endpoints, maintainers prefer to avoid any logic changes; style-only cleanups (like removing inline comments) may be deferred to follow-ups to keep scope tight.

Applied to files:

• .changeset/quiet-moles-remain.md

📚 Learning: 2026-02-25T20:10:07.657Z

Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 38913
File: packages/ddp-client/src/legacy/types/SDKLegacy.ts:34-34
Timestamp: 2026-02-25T20:10:07.657Z
Learning: In the RocketChat/Rocket.Chat monorepo, packages/ddp-client and apps/meteor do not use TypeScript project references. Module augmentations in apps/meteor (e.g., declare module 'rocket.chat/rest-typings') are not visible when compiling packages/ddp-client in isolation, which is why legacy SDK methods that depend on OperationResult types for OpenAPI-migrated endpoints must remain commented out.

Applied to files:

• .changeset/quiet-moles-remain.md

📚 Learning: 2026-02-24T19:05:56.710Z

Learnt from: ahmed-n-abdeltwab
Repo: RocketChat/Rocket.Chat PR: 0
File: :0-0
Timestamp: 2026-02-24T19:05:56.710Z
Learning: Rocket.Chat repo context: When a workspace manifest on develop already pins a dependency version (e.g., packages/web-ui-registration → "rocket.chat/ui-contexts": "27.0.1"), a lockfile change in a feature PR that upgrades only that dependency’s resolution is considered a manifest-driven sync and can be kept, preferably as a small "chore: sync yarn.lock with manifests" commit.

Applied to files:

• .changeset/quiet-moles-remain.md

🧬 Code graph analysis (1)

apps/meteor/app/api/server/v1/e2e.ts (2)

apps/meteor/app/api/server/index.ts (1)

• API (51-51)

packages/models/src/index.ts (1)

• Users (192-192)

🔇 Additional comments (6)

.changeset/quiet-moles-remain.md (1)

1-6: LGTM!

The changeset correctly captures the scope of this PR with appropriate minor version bumps for both packages.

apps/meteor/app/api/server/v1/e2e.ts (5)

40-44: LGTM!

The type definition correctly captures the endpoint payload structure with required and optional fields, matching the existing naming conventions in this file.

---

71-86: LGTM!

The JSON schema correctly mirrors the TypeScript type definition with matching properties, required fields, and additionalProperties: false to enforce strict validation.

---

94-96: LGTM!

The validator is correctly compiled from the schema with the proper type parameter.

---

169-200: LGTM!

The endpoint is correctly migrated to the chained route definition syntax with proper authentication, request validation, and response schemas. The handler logic is preserved from the original implementation.

---

202-214: LGTM!

The e2e.fetchMyKeys endpoint is correctly preserved with its original functionality. Migrating this endpoint to the new OpenAPI pattern can be addressed in a separate PR to maintain focused scope. Based on learnings: maintainers prefer keeping OpenAPI migration PRs tightly scoped to the targeted endpoint.

---

Walkthrough

The changes migrate E2E key endpoint validation from a shared type-definitions package to local endpoint implementation, removing previously exported public types while maintaining functionality through locally-defined schemas and validators.

Changes

Cohort / File(s)	Summary
Changeset Documentation .changeset/quiet-moles-remain.md	Added changeset documenting OpenAPI support migration for E2E endpoints and version bumps for rest-typings and meteor packages.
E2E Endpoint Implementation apps/meteor/app/api/server/v1/e2e.ts	Refactored E2E key endpoint to define validation types and schemas locally instead of importing from shared package; restructured route handler to use action-based pattern with compiled AJV validator.
Rest-Typings Package Cleanup packages/rest-typings/src/index.ts, packages/rest-typings/src/v1/e2e.ts, packages/rest-typings/src/v1/e2e/e2eSetUserPublicAndPrivateKeysParamsPOST.ts	Removed public type exports, validators, schema definitions, and endpoint entry for E2E setUserPublicAndPrivateKeys; deleted dedicated parameter type file.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Suggested labels

type: chore

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore: Add OpenAPI support for the e2e.setUserPublicAndPrivateKeys' accurately reflects the main objective of the PR, which is to add OpenAPI support for the e2e.setUserPublicAndPrivateKeys endpoint by migrating to a modern chained route definition syntax with AJV schema validation.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 70.66%. Comparing base (29d2454) to head (c85e492).
⚠️ Report is 14 commits behind head on develop.

Additional details and impacted files

@@             Coverage Diff             @@
##           develop   #39090      +/-   ##
===========================================
- Coverage    70.66%   70.66%   -0.01%     
===========================================
  Files         3190     3191       +1     
  Lines       112732   112963     +231     
  Branches     20418    20485      +67     
===========================================
+ Hits         79666    79821     +155     
- Misses       31016    31089      +73     
- Partials      2050     2053       +3     

Flag	Coverage Δ
unit	71.27% <ø> (-0.04%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[cubic-dev-ai]

No issues found across 5 files