Skip to content

fix(sat): add missing 4xx/5xx error responses across the SAT API#37

Open
dmchaledev wants to merge 1 commit into
mainfrom
claude/elegant-edison-ajdd35
Open

fix(sat): add missing 4xx/5xx error responses across the SAT API#37
dmchaledev wants to merge 1 commit into
mainfrom
claude/elegant-edison-ajdd35

Conversation

@dmchaledev

Copy link
Copy Markdown
Contributor

Summary

Closes #29. sat/openapi.yaml documented happy-path responses on nearly all of its ~40 operations but omitted standard error responses almost everywhere, so codegen tools (openapi-generator, oapi-codegen) and integrators reading the spec have no idea what error shapes to expect.

Note on process: this repo currently has an open duplicate-PR problem (#34) — 27+ open PRs, many overlapping. Before starting, I checked all open issues/PRs touching sat/openapi.yaml, asm/openapi.yaml, and docs/index.html. Issue #29 is real and unimplemented, and no open PR (including the SRI-hash PRs #19/#36 and the CONTRIBUTING.md PR #35) touches this. This PR only changes sat/openapi.yaml.

Changes

  • Added shared components/responses (Unauthorized, NotFound, BadRequest, InternalError) backed by the existing Response schema, to avoid repeating the same error shape 100+ times.
  • Added 401 + 500 to every authenticated operation (all of them except /health, /ready, and the unauthenticated /sso/saml/* browser-facing endpoints, which already had appropriate responses for their flow).
  • Added 404 to every single-resource GET/PUT/DELETE keyed by {id} that was missing it (most of Groups/Templates/Pages/Sending Profiles/Webhooks had none at all).
  • Added 400 to every POST/PUT that accepts a JSON request body and didn't already document one.
  • Gave the existing bare 403 entries (already documented as permission-gated in their own descriptions — createCampaign, getCampaignResults, approveCampaign, rejectCampaign, listRoles, listUsers, createUser) proper response content instead of a description-only stub.

Deliberately not done: I did not add 403 to endpoints whose descriptions don't already state a specific permission requirement (e.g. Groups/Templates/Pages/SMTP CRUD). The spec doesn't document per-endpoint RBAC there, and I didn't want to assert behavior I can't verify. Happy to extend this once that's confirmed against the actual SAT permission model — flagging it here rather than guessing.

Test plan

  • spectral lint sat/openapi.yaml --ruleset .spectral.yaml --fail-severity error (same command CI runs) → 0 errors, only the 8 pre-existing trailing-slash warnings that .spectral.yaml already documents as intentional (SAT genuinely uses trailing-slash paths).
  • redocly lint sat/openapi.yaml as an independent cross-check → no dangling $refs introduced.
  • asm/openapi.yaml untouched, re-linted to confirm it's still clean.
  • Spot-check the rendered spec in the deployed Redoc docs page after merge.

🤖 Generated with Claude Code

https://claude.ai/code/session_01GnwDV2BgGLXeqoNVP6qKnA


Generated by Claude Code

Closes #29. sat/openapi.yaml documented happy-path responses only on
most of its ~40 operations, leaving codegen tools and integrators with
no idea what error shapes to expect.

- Add shared components/responses (Unauthorized, NotFound, BadRequest,
  InternalError) backed by the existing Response schema.
- Add 401 + 500 to every authenticated operation.
- Add 404 to every single-resource GET/PUT/DELETE keyed by {id}.
- Add 400 to every POST/PUT that accepts a JSON request body.
- Give the existing bare 403 entries (already documented as
  permission-gated in their descriptions) proper response content
  instead of a description-only stub.

403 was intentionally left off endpoints whose descriptions don't
already state a permission requirement, to avoid asserting RBAC
behavior the spec doesn't document elsewhere.

Verified with the same commands CI runs: `spectral lint sat/openapi.yaml
--ruleset .spectral.yaml --fail-severity error` -> 0 errors (only the
pre-existing, intentionally-advisory trailing-slash warnings). Also
cross-checked with `redocly lint` to confirm no dangling $refs.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

sat/openapi.yaml: add standard 4xx/5xx error responses to all endpoints

2 participants