@terreno/api 0.9.3 → 0.11.0

package/src/notifiers/googleChatNotifier.test.ts

@@ -111,4 +111,28 @@ describe("sendToGoogleChat", () => {
     await sendToGoogleChat("err", {shouldThrow: false});
     expect(mockAxiosPost.mock.calls.length).toBe(1);
   });
+
+  it("returns early when webhook url is missing for channel and no default exists", async () => {
+    process.env.GOOGLE_CHAT_WEBHOOKS = JSON.stringify({
+      ops: "https://chat.example/ops",
+    });
+
+    await sendToGoogleChat("no default", {channel: "missing"});
+    expect(mockAxiosPost.mock.calls.length).toBe(0);
+    expect(Sentry.captureException).toHaveBeenCalled();
+  });
+
+  it("prefixes message with [ENV] and posts when channel matches", async () => {
+    process.env.GOOGLE_CHAT_WEBHOOKS = JSON.stringify({
+      default: "https://chat.example/default",
+      ops: "https://chat.example/ops",
+    });
+    mockAxiosPost.mockResolvedValue({status: 200});
+
+    await sendToGoogleChat("deploy complete", {channel: "ops", env: "staging"});
+    const callArgs = mockAxiosPost.mock.calls[0];
+    const [url, payload] = callArgs;
+    expect(url).toBe("https://chat.example/ops");
+    expect(payload).toEqual({text: "[STAGING] deploy complete"});
+  });
 });

package/src/openApi.test.ts

@@ -7,11 +7,23 @@ import type TestAgent from "supertest/lib/agent";
 import {type ModelRouterOptions, modelRouter} from "./api";
 import {addAuthRoutes, setupAuth} from "./auth";
 import {setupServer} from "./expressServer";
+import {
+  createOpenApiMiddleware,
+  deleteOpenApiMiddleware,
+  getOpenApiMiddleware,
+  listOpenApiMiddleware,
+  patchOpenApiMiddleware,
+  readOpenApiMiddleware,
+} from "./openApi";
 import {Permissions} from "./permissions";
 import {FoodModel, setupDb, UserModel} from "./tests";
 
 function getMessageSummaryOpenApiMiddleware(options: Partial<ModelRouterOptions<any>>): any {
-  return options.openApi!.path({
+  if (!options.openApi) {
+    throw new Error("Expected openApi to be configured for test routes");
+  }
+
+  return options.openApi.path({
     parameters: [
       {
         in: "query",
@@ -332,3 +344,147 @@ describe("openApi populate", () => {
     expect(res.body).toMatchSnapshot();
   });
 });
+
+describe("openApi middleware no-op paths", () => {
+  it("getOpenApiMiddleware returns noop when openApi not configured", () => {
+    const mw = getOpenApiMiddleware(FoodModel as any, {});
+    expect(typeof mw).toBe("function");
+    expect(mw.length).toBe(3);
+  });
+
+  it("getOpenApiMiddleware returns noop when read permissions are empty", () => {
+    const mw = getOpenApiMiddleware(FoodModel as any, {
+      openApi: {component: () => {}, path: () => (() => {}) as any} as any,
+      permissions: {
+        create: [],
+        delete: [],
+        list: [],
+        read: [],
+        update: [],
+      },
+    });
+    expect(typeof mw).toBe("function");
+    expect(mw.length).toBe(3);
+  });
+
+  it("listOpenApiMiddleware returns noop when openApi not configured", () => {
+    const mw = listOpenApiMiddleware(FoodModel as any, {});
+    expect(mw.length).toBe(3);
+  });
+
+  it("listOpenApiMiddleware returns noop when list permissions are empty", () => {
+    const mw = listOpenApiMiddleware(FoodModel as any, {
+      openApi: {path: () => (() => {}) as any} as any,
+      permissions: {
+        create: [],
+        delete: [],
+        list: [],
+        read: [],
+        update: [],
+      },
+    });
+    expect(mw.length).toBe(3);
+  });
+
+  it("createOpenApiMiddleware returns noop when openApi not configured", () => {
+    const mw = createOpenApiMiddleware(FoodModel as any, {});
+    expect(mw.length).toBe(3);
+  });
+
+  it("createOpenApiMiddleware returns noop when create permissions are empty", () => {
+    const mw = createOpenApiMiddleware(FoodModel as any, {
+      openApi: {path: () => (() => {}) as any} as any,
+      permissions: {
+        create: [],
+        delete: [],
+        list: [],
+        read: [],
+        update: [],
+      },
+    });
+    expect(mw.length).toBe(3);
+  });
+
+  it("patchOpenApiMiddleware returns noop when openApi not configured", () => {
+    const mw = patchOpenApiMiddleware(FoodModel as any, {});
+    expect(mw.length).toBe(3);
+  });
+
+  it("patchOpenApiMiddleware returns noop when update permissions are empty", () => {
+    const mw = patchOpenApiMiddleware(FoodModel as any, {
+      openApi: {path: () => (() => {}) as any} as any,
+      permissions: {
+        create: [],
+        delete: [],
+        list: [],
+        read: [],
+        update: [],
+      },
+    });
+    expect(mw.length).toBe(3);
+  });
+
+  it("deleteOpenApiMiddleware returns noop when openApi not configured", () => {
+    const mw = deleteOpenApiMiddleware(FoodModel as any, {});
+    expect(mw.length).toBe(3);
+  });
+
+  it("deleteOpenApiMiddleware returns noop when delete permissions are empty", () => {
+    const mw = deleteOpenApiMiddleware(FoodModel as any, {
+      openApi: {path: () => (() => {}) as any} as any,
+      permissions: {
+        create: [],
+        delete: [],
+        list: [],
+        read: [],
+        update: [],
+      },
+    });
+    expect(mw.length).toBe(3);
+  });
+
+  it("readOpenApiMiddleware returns noop when openApi not configured", () => {
+    const mw = readOpenApiMiddleware({}, {}, [], []);
+    expect(mw.length).toBe(3);
+  });
+
+  it("readOpenApiMiddleware returns noop when read permissions are empty", () => {
+    const mw = readOpenApiMiddleware(
+      {
+        openApi: {path: () => (() => {}) as any} as any,
+        permissions: {
+          create: [],
+          delete: [],
+          list: [],
+          read: [],
+          update: [],
+        },
+      },
+      {id: {type: "string"}},
+      ["id"],
+      []
+    );
+    expect(mw.length).toBe(3);
+  });
+
+  it("readOpenApiMiddleware returns middleware when configured with permissions", () => {
+    // Use a simple path stub that returns a middleware function
+    const pathFn = () => ((_req: any, _res: any, next: any) => next()) as any;
+    const mw = readOpenApiMiddleware(
+      {
+        openApi: {path: pathFn} as any,
+        permissions: {
+          create: [],
+          delete: [],
+          list: [],
+          read: [Permissions.IsAny],
+          update: [],
+        },
+      },
+      {name: {type: "string"}},
+      ["name"],
+      [{in: "query", name: "search", schema: {type: "string"}}]
+    );
+    expect(typeof mw).toBe("function");
+  });
+});

package/src/openApi.ts

@@ -120,7 +120,9 @@ export function getOpenApiMiddleware<T>(
   createAPIErrorComponent(options.openApi);
   if (!options.openApi?.path) {
     // Just log this once rather than for each middleware.
-    logger.debug("No options.openApi provided, skipping *OpenApiMiddleware");
+    logger.debug(
+      `No options.openApi provided for model "${model.modelName}" in getOpenApiMiddleware, skipping *OpenApiMiddleware`
+    );
     return noop;
   }
 
@@ -466,7 +468,9 @@ export function readOpenApiMiddleware<T>(
 ): any {
   if (!options.openApi?.path) {
     // Just log this once rather than for each middleware.
-    logger.debug("No options.openApi provided, skipping *OpenApiMiddleware");
+    logger.debug(
+      "No options.openApi provided in readOpenApiMiddleware, skipping *OpenApiMiddleware"
+    );
     return noop;
   }
 

package/src/openApiBuilder.test.ts

@@ -440,3 +440,84 @@ describe("OpenApiMiddlewareBuilder configuration", () => {
     expect(builder).toBeInstanceOf(OpenApiMiddlewareBuilder);
   });
 });
+
+describe("OpenApiMiddlewareBuilder withValidation / buildWithSchemas", () => {
+  beforeEach(() => {
+    const {resetOpenApiValidatorConfig} = require("./openApiValidator");
+    resetOpenApiValidatorConfig();
+  });
+
+  it("buildWithSchemas returns bodySchema and querySchema", () => {
+    const result = createOpenApiBuilder({})
+      .withRequestBody({name: {required: true, type: "string"}})
+      .withQueryParameter("page", {type: "number"})
+      .buildWithSchemas();
+
+    expect(result.bodySchema).toBeDefined();
+    expect(result.bodySchema?.name).toBeDefined();
+    expect(result.querySchema).toBeDefined();
+    expect(result.querySchema?.page).toBeDefined();
+    expect(typeof result.middleware).toBe("function");
+  });
+
+  it("buildWithSchemas returns undefined schemas when no body/query defined", () => {
+    const result = createOpenApiBuilder({}).buildWithSchemas();
+    expect(result.bodySchema).toBeUndefined();
+    expect(result.querySchema).toBeUndefined();
+  });
+
+  it("withValidation with defaults enables body and query validation", () => {
+    const result = createOpenApiBuilder({})
+      .withRequestBody({name: {required: true, type: "string"}})
+      .withQueryParameter("page", {type: "number"})
+      .withValidation()
+      .buildWithSchemas();
+
+    expect(result.validationEnabled).toBe(true);
+  });
+
+  it("withValidation with enabled=false disables validation", () => {
+    const result = createOpenApiBuilder({})
+      .withRequestBody({name: {required: true, type: "string"}})
+      .withValidation({enabled: false})
+      .buildWithSchemas();
+
+    expect(result.validationEnabled).toBe(false);
+  });
+
+  it("build() returns an array with validators when validation is enabled", () => {
+    const result = createOpenApiBuilder({})
+      .withRequestBody({name: {required: true, type: "string"}})
+      .withQueryParameter("page", {type: "number"})
+      .withValidation()
+      .build();
+
+    expect(Array.isArray(result)).toBe(true);
+    expect(result.length).toBeGreaterThan(1);
+  });
+
+  it("build() returns a single middleware when validation is disabled", () => {
+    const result = createOpenApiBuilder({})
+      .withRequestBody({name: {required: true, type: "string"}})
+      .build();
+
+    expect(typeof result).toBe("function");
+  });
+
+  it("build() falls back to single middleware when there is nothing to validate", () => {
+    const result = createOpenApiBuilder({}).withValidation().build();
+
+    expect(typeof result).toBe("function");
+  });
+
+  it("withValidation options body=false and query=false is respected", () => {
+    const result = createOpenApiBuilder({})
+      .withRequestBody({name: {required: true, type: "string"}})
+      .withQueryParameter("page", {type: "number"})
+      .withValidation({body: false, query: false})
+      .build();
+
+    // No body/query validation = just the openApi middleware (single fn)
+    expect(typeof result).toBe("function");
+  });
+});

package/src/openApiBuilder.ts

@@ -310,6 +310,17 @@ export class OpenApiMiddlewareBuilder {
     this.validationConfig = {};
   }
 
+  private describeRoute(): string {
+    const parts: string[] = [];
+    if (this.config.summary) {
+      parts.push(`"${this.config.summary}"`);
+    }
+    if (this.config.tags?.length) {
+      parts.push(`tags=[${this.config.tags.join(", ")}]`);
+    }
+    return parts.length > 0 ? parts.join(" ") : "unnamed route";
+  }
+
   /**
    * Sets the tags for the OpenAPI operation.
    *
@@ -678,7 +689,9 @@ export class OpenApiMiddlewareBuilder {
         )
       );
     } else {
-      logger.debug("No options.openApi provided, skipping OpenApiMiddleware");
+      logger.debug(
+        `No options.openApi provided in buildWithSchemas for ${this.describeRoute()}, skipping OpenApiMiddleware`
+      );
     }
 
     const globalConfig = getOpenApiValidatorConfig();
@@ -739,7 +752,9 @@ export class OpenApiMiddlewareBuilder {
         )
       );
     } else {
-      logger.debug("No options.openApi provided, skipping OpenApiMiddleware");
+      logger.debug(
+        `No options.openApi provided in build for ${this.describeRoute()}, skipping OpenApiMiddleware`
+      );
     }
 
     // Check if validation should be enabled

package/src/openApiEtag.test.ts

@@ -61,6 +61,17 @@ describe("openApiEtagMiddleware", () => {
     expect(res.json).toBe(originalJson);
   });
 
+  it("skips GET requests for non-openapi.json paths", () => {
+    const req = buildRequest({method: "GET", path: "/health"});
+    const {res, originalJson} = buildResponse();
+    const next = mock(() => {}) as NextFunction;
+
+    openApiEtagMiddleware(req, res, next);
+
+    expect(next).toHaveBeenCalledTimes(1);
+    expect(res.json).toBe(originalJson);
+  });
+
   it("sets ETag and returns json body when no matching If-None-Match header is provided", () => {
     const req = buildRequest();
     const {res, originalJson, set, status, end} = buildResponse();