Public API: Split-out a /notes/{note}/permissions route to set only permissions

Previously, the metadata route was used to both update note metadata (like title, description and tags) and the permissions. Additionally, one had to send many unchangeable properties. In this commit, a /notes/{note}/permissions route is introduced, that only changes permissions. Additionally, PUT /notes/{note}/metadata now needs only the properties that are actually changeable. Signed-off-by: David Mehren <git@herrmehren.de> Co-authored-by: Yannick Bungers <git@innay.de>
2024-11-21 17:26:29 -05:00 · 2020-10-03 12:46:28 +02:00 · 2020-10-03 12:46:28 +02:00 · 2c9ccad8e5
commit 2c9ccad8e5
parent 713e2ada31
1 changed files with 102 additions and 14 deletions
--- a/docs/dev/public_api.yml
+++ b/docs/dev/public_api.yml
@ -321,17 +321,43 @@ paths:
    put:
      tags:
        - note
-      summary: Set the permissions of a note
+      summary: Set the metadata (title, description, tags) of a note
      operationId: updateNoteMetadata
      requestBody:
        required: true
        content:
          application/json:
            schema:
-              "$ref": "#/components/schemas/NoteMetadata"
+              "$ref": "#/components/schemas/NoteMetadataUpdate"
      responses:
        '200':
-          description: The updated permissions of the note.
+          description: The updated metadata of the note.
+          content:
+            application/json:
+              schema:
+                "$ref": "#/components/schemas/NoteMetadataUpdate"
+        '401':
+          "$ref": "#/components/responses/UnauthorizedError"
+        '403':
+          "$ref": "#/components/responses/ForbiddenError"
+        '404':
+          "$ref": "#/components/responses/NotFoundError"
+      parameters:
+        - name: note
+          in: path
+          required: true
+          description: The note for which the info should be shown.
+          content:
+            text/plain:
+              example: my-note
+    get:
+      tags:
+        - note
+      summary: Get the metadata of a note
+      operationId: getNoteMetadata
+      responses:
+        '200':
+          description: The metadata of the note.
          content:
            application/json:
              schema:
@ -350,18 +376,24 @@ paths:
          content:
            text/plain:
              example: my-note
-    get:
-      tags:
-        - note
-      summary: Get the permissions of a note
-      operationId: getNoteMetadata
+  /notes/{note}/permissions:
+    put:
+      tags: [ note ]
+      summary: Set permissions of a note
+      operationId: updateNotePermissions
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              "$ref": "#/components/schemas/NotePermissionsUpdate"
      responses:
        '200':
-          description: The permissions of the note.
+          description: The updated permissions of the note.
          content:
            application/json:
              schema:
-                "$ref": "#/components/schemas/NoteMetadata"
+                "$ref": "#/components/schemas/NotePermissionsUpdate"
        '401':
          "$ref": "#/components/responses/UnauthorizedError"
        '403':
@ -642,6 +674,15 @@ components:
      properties:
        password:
          type: string
+    GroupInfo:
+      type: object
+      properties:
+        name:
+          type: string
+        displayName:
+          type: string
+        special:
+          type: boolean
    ImageProxyRequest:
      type: object
      properties:
@ -709,13 +750,51 @@ components:
            type: string
        permissions:
          $ref: "#/components/schemas/NotePermissions"
+    NoteMetadataUpdate:
+      type: object
+      description: Contains only title, description and tags of a note.
+      properties:
+        title:
+          type: string
+          description: Title of the note
+        description:
+          type: string
+          description: Description of the note.
+        tags:
+          type: array
+          description: A list of tags attached to the note.
+          items:
+            type: string
    NotePermissions:
      type: object
      properties:
        owner:
-          type: string
-          description: Username of the owner of the note
-        sharedTo:
+          $ref: "#/components/schemas/UserInfo"
+        sharedToUsers:
+          type: array
+          description: Contains all users that can read the note and a boolean that denotes if they can also edit.
+          items:
+            type: object
+            properties:
+              user:
+                $ref: "#/components/schemas/UserInfo"
+              canEdit:
+                type: boolean
+        sharedToGroups:
+          type: array
+          description: Contains all groups that can read the note and a boolean that denotes if they can also edit.
+          items:
+            type: object
+            properties:
+              group:
+                $ref: "#/components/schemas/GroupInfo"
+              canEdit:
+                type: boolean
+    NotePermissionsUpdate:
+      type: object
+      description: Contains only title, description and tags of a note.
+      properties:
+        sharedToUsers:
          type: array
          description: Contains all usernames that can read the note and a boolean that denotes if they can also edit.
          items:
@ -725,7 +804,16 @@ components:
                type: string
              canEdit:
                type: boolean
-
+        sharedToGroups:
+          type: array
+          description: Contains all groups that can read the note and a boolean that denotes if they can also edit.
+          items:
+            type: object
+            properties:
+              groupname:
+                type: string
+              canEdit:
+                type: boolean
    NoteRevisionsMetadata:
      type: array
      items: