fix architecture and write new tests
This commit is contained in:
@@ -0,0 +1,42 @@
|
||||
import { describe, expect, it } from 'vitest'
|
||||
import { openApiDocument } from './openapi'
|
||||
|
||||
describe('OpenAPI document boundary contract', () => {
|
||||
it('exposes security, tags, and schemas for the major API surfaces', () => {
|
||||
expect(openApiDocument.openapi).toBe('3.0.3')
|
||||
expect(openApiDocument.security).toEqual([{ bearerAuth: [] }])
|
||||
expect(openApiDocument.components).toEqual(expect.objectContaining({
|
||||
securitySchemes: expect.objectContaining({ bearerAuth: expect.objectContaining({ scheme: 'bearer' }) }),
|
||||
schemas: expect.objectContaining({
|
||||
CompanySignup: expect.any(Object),
|
||||
EmployeeLogin: expect.any(Object),
|
||||
VehicleInput: expect.any(Object),
|
||||
ReservationCreate: expect.any(Object),
|
||||
PaymentCharge: expect.any(Object),
|
||||
}),
|
||||
}))
|
||||
expect(openApiDocument.tags).toEqual(expect.arrayContaining([
|
||||
expect.objectContaining({ name: 'Marketplace' }),
|
||||
expect.objectContaining({ name: 'Subscriptions' }),
|
||||
expect.objectContaining({ name: 'Admin' }),
|
||||
]))
|
||||
})
|
||||
|
||||
it('documents public routes as unauthenticated and protected routes with bearer auth inherited', () => {
|
||||
const paths = openApiDocument.paths as Record<string, any>
|
||||
|
||||
expect(paths['/health'].get.security).toEqual([])
|
||||
expect(paths['/auth/company/signup'].post.security).toEqual([])
|
||||
expect(paths['/auth/employee/login'].post.security).toEqual([])
|
||||
expect(paths['/vehicles'].get.security).toBeUndefined()
|
||||
expect(openApiDocument.security).toEqual([{ bearerAuth: [] }])
|
||||
})
|
||||
|
||||
it('keeps request bodies wired to component schema references instead of inline drift', () => {
|
||||
const paths = openApiDocument.paths as Record<string, any>
|
||||
|
||||
expect(paths['/auth/company/signup'].post.requestBody.content['application/json'].schema).toEqual({ $ref: '#/components/schemas/CompanySignup' })
|
||||
expect(paths['/vehicles'].post.requestBody.content['application/json'].schema).toEqual({ $ref: '#/components/schemas/VehicleInput' })
|
||||
expect(paths['/reservations'].post.requestBody.content['application/json'].schema).toEqual({ $ref: '#/components/schemas/ReservationCreate' })
|
||||
})
|
||||
})
|
||||
@@ -96,7 +96,7 @@ export const openApiDocument: JsonObject = {
|
||||
openapi: '3.0.3',
|
||||
info: {
|
||||
title: 'RentalDriveGo API',
|
||||
description: 'REST API for the RentalDriveGo car rental management platform.\n\n**Auth:** Most endpoints require a Bearer JWT. Obtain a token via `/auth/employee/login` (dashboard/admin users) or via Firebase for renters.',
|
||||
description: 'REST API for the RentalDriveGo car rental management platform.\n\n**Auth:** Most browser endpoints use HttpOnly session cookies issued by `/auth/employee/login`, `/admin/auth/login`, or renter auth. Trusted server/mobile contexts may still use Bearer JWTs where documented.',
|
||||
version: '1.0.0',
|
||||
contact: { name: 'RentalDriveGo', email: 'support@rentaldrivego.com' },
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user