fix(authentication-service): add security spec

RPMS-0
sourcefuse · Dec 20, 2020 · d829a85 · d829a85
1 parent 92e6738
commit d829a85
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 2 deletions.
diff --git a/services/audit-service/src/controllers/audit.controller.ts b/services/audit-service/src/controllers/audit.controller.ts
@@ -7,7 +7,11 @@ import {
   Where,
 } from '@loopback/repository';
 import {get, getModelSchemaRef, param, post, requestBody} from '@loopback/rest';
-import {CONTENT_TYPE, STATUS_CODE} from '@sourceloop/core';
+import {
+  CONTENT_TYPE,
+  OPERATION_SECURITY_SPEC,
+  STATUS_CODE,
+} from '@sourceloop/core';
 import {authenticate, STRATEGY} from 'loopback4-authentication';
 import {authorize} from 'loopback4-authorization';
 
@@ -26,6 +30,7 @@ export class AuditController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.CreateAudit]})
   @post(basePath, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       [STATUS_CODE.OK]: {
         description: 'AuditLog model instance',
@@ -52,6 +57,7 @@ export class AuditController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.ViewAudit]})
   @get(`${basePath}/count`, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       [STATUS_CODE.OK]: {
         description: 'AuditLog model count',
@@ -66,6 +72,7 @@ export class AuditController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.ViewAudit]})
   @get(basePath, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       [STATUS_CODE.OK]: {
         description: 'Array of AuditLog model instances',
@@ -89,6 +96,7 @@ export class AuditController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.ViewAudit]})
   @get(`${basePath}/{id}`, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       [STATUS_CODE.OK]: {
         description: 'AuditLog model instance',

diff --git a/services/authentication-service/src/controllers/auth-client.controller.ts b/services/authentication-service/src/controllers/auth-client.controller.ts
@@ -21,7 +21,11 @@ import {AuthClient} from '../models';
 import {AuthClientRepository} from '../repositories';
 import {authorize} from 'loopback4-authorization';
 import {authenticate, STRATEGY} from 'loopback4-authentication';
-import {STATUS_CODE, CONTENT_TYPE} from '@sourceloop/core';
+import {
+  STATUS_CODE,
+  CONTENT_TYPE,
+  OPERATION_SECURITY_SPEC,
+} from '@sourceloop/core';
 import {PermissionKey} from '../permission-key.enum';
 
 const baseUrl = '/auth-clients';
@@ -34,6 +38,7 @@ export class AuthClientController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.NotAllowed]})
   @post(baseUrl, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       [STATUS_CODE.OK]: {
         description: 'AuthClient model instance',
@@ -57,6 +62,7 @@ export class AuthClientController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.NotAllowed]})
   @get(`${baseUrl}/count`, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       [STATUS_CODE.OK]: {
         description: 'AuthClient model count',
@@ -74,6 +80,7 @@ export class AuthClientController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.NotAllowed]})
   @get(baseUrl, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       [STATUS_CODE.OK]: {
         description: 'Array of AuthClient model instances',
@@ -95,6 +102,7 @@ export class AuthClientController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.NotAllowed]})
   @patch(baseUrl, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       [STATUS_CODE.OK]: {
         description: 'AuthClient PATCH success count',
@@ -120,6 +128,7 @@ export class AuthClientController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.NotAllowed]})
   @get(`${baseUrl}/{id}`, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       [STATUS_CODE.OK]: {
         description: 'AuthClient model instance',
@@ -134,6 +143,7 @@ export class AuthClientController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.NotAllowed]})
   @patch(`${baseUrl}/{id}`, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       '204': {
         description: 'AuthClient PATCH success',
@@ -157,6 +167,7 @@ export class AuthClientController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.NotAllowed]})
   @put(`${baseUrl}/{id}`, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       '204': {
         description: 'AuthClient PUT success',
@@ -173,6 +184,7 @@ export class AuthClientController {
   @authenticate(STRATEGY.BEARER)
   @authorize({permissions: [PermissionKey.NotAllowed]})
   @del(`${baseUrl}/{id}`, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       '204': {
         description: 'AuthClient DELETE success',

diff --git a/services/authentication-service/src/modules/auth/login.controller.ts b/services/authentication-service/src/modules/auth/login.controller.ts
@@ -21,6 +21,7 @@ import {
   IAuthUserWithPermissions,
   ILogger,
   LOGGER,
+  OPERATION_SECURITY_SPEC,
   STATUS_CODE,
   SuccessResponse,
   UserStatus,
@@ -542,6 +543,7 @@ export class LoginController {
   @authenticate(STRATEGY.BEARER, {passReqToCallback: true})
   @authorize({permissions: ['*']})
   @patch(`auth/change-password`, {
+    security: OPERATION_SECURITY_SPEC,
     responses: {
       [STATUS_CODE.OK]: {
         description: 'If User password successfully changed.',
@@ -628,6 +630,7 @@ export class LoginController {
   })
   @authorize({permissions: ['*']})
   @get('/auth/me', {
+    security: OPERATION_SECURITY_SPEC,
     description: 'To get the user details',
     responses: {
       [STATUS_CODE.OK]: {

diff --git a/services/authentication-service/src/modules/auth/logout.controller.ts b/services/authentication-service/src/modules/auth/logout.controller.ts
@@ -13,6 +13,7 @@ import {
   AuthenticateErrorKeys,
   CONTENT_TYPE,
   ErrorCodes,
+  OPERATION_SECURITY_SPEC,
   STATUS_CODE,
   SuccessResponse,
 } from '@sourceloop/core';
@@ -39,6 +40,7 @@ export class LogoutController {
   })
   @authorize({permissions: ['*']})
   @post('/logout', {
+    security: OPERATION_SECURITY_SPEC,
     description: 'To logout',
     responses: {
       [STATUS_CODE.OK]: {