2026-03-19 18:25:19 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace MintyPHP\Tests\Architecture;
|
|
|
|
|
|
|
|
|
|
use PHPUnit\Framework\TestCase;
|
|
|
|
|
|
|
|
|
|
class ApiSchemaContractTest extends TestCase
|
|
|
|
|
{
|
|
|
|
|
use ProjectFileAssertionSupport;
|
|
|
|
|
|
|
|
|
|
public function testOpenApiMarksLoginAsPublic(): void
|
|
|
|
|
{
|
|
|
|
|
$content = $this->readProjectFile('docs/openapi.yaml');
|
|
|
|
|
$this->assertMatchesRegularExpression('/\/auth\/login:\s+post:.*?security:\s*\[\]/s', $content);
|
|
|
|
|
$this->assertStringContainsString('no Authorization header required', $content);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testOpenApiIncludesNewCriticalFrontendEndpoints(): void
|
|
|
|
|
{
|
|
|
|
|
$content = $this->readProjectFile('docs/openapi.yaml');
|
|
|
|
|
$this->assertStringContainsString('/permissions:', $content);
|
|
|
|
|
$this->assertStringContainsString('/me/password:', $content);
|
|
|
|
|
$this->assertStringContainsString('/me/avatar:', $content);
|
|
|
|
|
$this->assertStringContainsString('/users/avatar/{uuid}:', $content);
|
|
|
|
|
$this->assertStringContainsString('/tenants/avatar/{uuid}:', $content);
|
|
|
|
|
$this->assertStringContainsString('/settings:', $content);
|
|
|
|
|
$this->assertStringContainsString('/settings/public:', $content);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testOpenApiUsesUuidBasedMasterDataContracts(): void
|
|
|
|
|
{
|
|
|
|
|
$content = $this->readProjectFile('docs/openapi.yaml');
|
|
|
|
|
$this->assertStringContainsString('required: [description, tenant_uuid]', $content);
|
|
|
|
|
$this->assertStringContainsString('tenant_uuids:', $content);
|
|
|
|
|
$this->assertStringContainsString('primary_tenant_uuid:', $content);
|
|
|
|
|
$this->assertStringContainsString('role_uuids:', $content);
|
|
|
|
|
$this->assertStringContainsString('department_uuids:', $content);
|
|
|
|
|
$this->assertStringContainsString('permission_keys:', $content);
|
|
|
|
|
$this->assertStringContainsString('tenant_uuid:', $content);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testTenantShowOpenApiStaysInSyncWithResponseContract(): void
|
|
|
|
|
{
|
|
|
|
|
$openApiContent = $this->readProjectFile('docs/openapi.yaml');
|
|
|
|
|
$this->assertStringContainsString('TenantShowResponse:', $openApiContent);
|
|
|
|
|
$this->assertStringContainsString('primary_color_use_default:', $openApiContent);
|
|
|
|
|
$this->assertStringContainsString('allow_user_theme_mode:', $openApiContent);
|
|
|
|
|
$this->assertStringContainsString('support_email:', $openApiContent);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function testApiErrorEnvelopeIsCentralizedAndRequestIdAware(): void
|
|
|
|
|
{
|
2026-04-13 23:20:05 +02:00
|
|
|
$apiResponse = $this->readProjectFile('core/Http/ApiResponse.php');
|
2026-03-19 18:25:19 +01:00
|
|
|
$this->assertStringContainsString("'ok' => false", $apiResponse);
|
|
|
|
|
$this->assertStringContainsString("'error_code' => \$normalizedErrorCode", $apiResponse);
|
|
|
|
|
$this->assertStringContainsString("'details' => \$normalizedDetails", $apiResponse);
|
|
|
|
|
$this->assertStringContainsString("header('X-Request-Id: ' . \$requestId);", $apiResponse);
|
|
|
|
|
$this->assertStringNotContainsString("'error' => \$normalizedErrorCode", $apiResponse);
|
|
|
|
|
$this->assertStringNotContainsString("\$body['errors']", $apiResponse);
|
|
|
|
|
|
|
|
|
|
$openApi = $this->readProjectFile('docs/openapi.yaml');
|
|
|
|
|
$this->assertStringContainsString('required: [ok, request_id, error_code, details]', $openApi);
|
|
|
|
|
$this->assertStringNotContainsString('Legacy alias of `error_code`', $openApi);
|
|
|
|
|
$this->assertStringNotContainsString('Legacy alias of `details.errors`', $openApi);
|
|
|
|
|
}
|
|
|
|
|
}
|