feat: openapi schema for user admin

[kwasniew]

About the changes

Full OpenAPI spec for user-admin controller.

• This should be around 100-200 LOC. 1k lines is from the snapshot test.
• Removed all working schemas from the meta schema exception list
• adding 400 when body or query/path params are validated, 401 always, 403 when ADMIN is required, 404 when resource may not exist
• fixing a few 500 when id was not a number, those should be 400 errors
• making BadDataError reflect incorrect data in body or params
• making user roles being number or string explicit. When creating/updating a user we can specify both and we return what you specified. When reading a user we always return a number.

Important files

Discussion points

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
unleash-docs	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jul 5, 2023 3:07pm
unleash-monorepo-frontend	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Jul 5, 2023 3:07pm

[kwasniew]

we throw this error when query or path params are incorrect so the error message should be more generic

[kwasniew]

same as user schema but it returns either number or string for the role name depending on what was in the create/update request

[kwasniew]

user schema hasn't changed because this schema was added

[kwasniew]

Error was 500, BadDataError is 400

[kwasniew]

previously it was 500, not it is 400

[kwasniew]

openapi coerces root role to string on number | string union so we need to coerce it back to number if possible

[kwasniew]

oneOf with integer or string + coercion: true in our openapi lib causes rootRole to always be a string. We need to compensate for it in the controller by coercing back

[sjaanus]

Also enable strictSchemaValidation in user-admin e2e test to validate all of this.

[thomasheartman]

The changes look good to me overall! 💯 Got a few questions and minor typo fixes that I'd like to have addressed, though, but I trust you to take that into account before merging.

[thomasheartman]

If you need to type this somehow (you might not), then you could look into using the FromQueryParams method and putting it in its own file (similar to how we do it in src/lib/openapi/spec/export-query-parameters.ts). I'm not sure whether that's necessary here. As long as it shows up correctly in the output schema, I'm happy 😄

[kwasniew]

I copied this pattern from other places where it was done inline. It does show up in the swagger UI and works fine :)

[thomasheartman]

Are all fields required? Are non-submitted fields ignored? In other words: does this act more like a "true PUT" or a "PATCH"? It'd be good to mention that in the description.

[thomasheartman]

Why did we change this from a 201 to a 200?

[kwasniew]

I think one of our validators was complaining that 201 should have a Location header

[thomasheartman]

Yeah, that sounds about right. You should add one: respondWithValidation takes an optional last parameter called headers. You can add it in there, pointing to the newly created user.

[kwasniew]

Ok I found the location header setting pattern in other parts of the code. Our schema was lying before with 200 and the code was returning 201. Let's stick to 201 in both