From 583941fbd9f2f5a22e5fceebda8dc803142ba0d2 Mon Sep 17 00:00:00 2001 From: Carlos Santos <4a.santos@gmail.com> Date: Wed, 30 Jul 2025 13:28:19 +0200 Subject: [PATCH] backend: moved update room endpoint from internal to public --- .../openapi/openvidu-meet-internal-api.yaml | 2 -- backend/openapi/paths/internal/rooms.yaml | 27 ------------------- backend/openapi/paths/rooms.yaml | 27 +++++++++++++++++++ backend/src/routes/room.routes.ts | 15 ++++++----- backend/tests/helpers/request-helpers.ts | 2 +- .../api/security/room-security.test.ts | 10 +++---- 6 files changed, 41 insertions(+), 42 deletions(-) diff --git a/backend/openapi/openvidu-meet-internal-api.yaml b/backend/openapi/openvidu-meet-internal-api.yaml index 4f206a2..f23e24b 100644 --- a/backend/openapi/openvidu-meet-internal-api.yaml +++ b/backend/openapi/openvidu-meet-internal-api.yaml @@ -28,8 +28,6 @@ paths: $ref: './paths/internal/global-preferences.yaml#/~1preferences~1security' /preferences/appearance: $ref: './paths/internal/global-preferences.yaml#/~1preferences~1appearance' - /rooms/{roomId}: - $ref: './paths/internal/rooms.yaml#/~1rooms~1{roomId}' /rooms/{roomId}/preferences: $ref: './paths/internal/rooms.yaml#/~1rooms~1{roomId}~1preferences' /rooms/{roomId}/recording-token: diff --git a/backend/openapi/paths/internal/rooms.yaml b/backend/openapi/paths/internal/rooms.yaml index 0a614d5..0bb2a39 100644 --- a/backend/openapi/paths/internal/rooms.yaml +++ b/backend/openapi/paths/internal/rooms.yaml @@ -1,30 +1,3 @@ -/rooms/{roomId}: - put: - operationId: updateRoom - summary: Update a room - description: > - Updates the preferences of an OpenVidu Meet room with the specified room ID. - tags: - - Internal API - Rooms - security: - - accessTokenCookie: [] - parameters: - - $ref: '../../components/parameters/room-id-path.yaml' - requestBody: - $ref: '../../components/requestBodies/internal/update-room-request.yaml' - responses: - '200': - $ref: '../../components/responses/internal/success-update-room.yaml' - '401': - $ref: '../../components/responses/unauthorized-error.yaml' - '403': - $ref: '../../components/responses/forbidden-error.yaml' - '404': - $ref: '../../components/responses/error-room-not-found.yaml' - '422': - $ref: '../../components/responses/validation-error.yaml' - '500': - $ref: '../../components/responses/internal-server-error.yaml' /rooms/{roomId}/preferences: get: operationId: getRoomPreferences diff --git a/backend/openapi/paths/rooms.yaml b/backend/openapi/paths/rooms.yaml index cc6faea..a73a6a0 100644 --- a/backend/openapi/paths/rooms.yaml +++ b/backend/openapi/paths/rooms.yaml @@ -118,6 +118,33 @@ $ref: '../components/responses/validation-error.yaml' '500': $ref: '../components/responses/internal-server-error.yaml' + put: + operationId: updateRoom + summary: Update a room + description: > + Updates the preferences of an OpenVidu Meet room with the specified room ID. + tags: + - OpenVidu Meet - Room + security: + - accessTokenCookie: [] + parameters: + - $ref: '../components/parameters/room-id-path.yaml' + requestBody: + $ref: '../components/requestBodies/internal/update-room-request.yaml' + responses: + '200': + $ref: '../components/responses/internal/success-update-room.yaml' + '401': + $ref: '../components/responses/unauthorized-error.yaml' + '403': + $ref: '../components/responses/forbidden-error.yaml' + '404': + $ref: '../components/responses/error-room-not-found.yaml' + '422': + $ref: '../components/responses/validation-error.yaml' + '500': + $ref: '../components/responses/internal-server-error.yaml' + delete: operationId: deleteRoom summary: Delete a room diff --git a/backend/src/routes/room.routes.ts b/backend/src/routes/room.routes.ts index 9d90607..9d831f3 100644 --- a/backend/src/routes/room.routes.ts +++ b/backend/src/routes/room.routes.ts @@ -50,6 +50,14 @@ roomRouter.get( configureRoomAuthorization, roomCtrl.getRoom ); + +roomRouter.put( + '/:roomId', + withAuth(apiKeyValidator, tokenAndRoleValidator(UserRole.ADMIN)), + withValidRoomId, + withValidRoomPreferences, + roomCtrl.updateRoomPreferences +); roomRouter.delete( '/:roomId', withAuth(apiKeyValidator, tokenAndRoleValidator(UserRole.ADMIN)), @@ -62,13 +70,6 @@ export const internalRoomRouter = Router(); internalRoomRouter.use(bodyParser.urlencoded({ extended: true })); internalRoomRouter.use(bodyParser.json()); -internalRoomRouter.put( - '/:roomId', - withAuth(tokenAndRoleValidator(UserRole.ADMIN)), - withValidRoomId, - withValidRoomPreferences, - roomCtrl.updateRoomPreferences -); internalRoomRouter.get( '/:roomId/preferences', withAuth(participantTokenValidator), diff --git a/backend/tests/helpers/request-helpers.ts b/backend/tests/helpers/request-helpers.ts index 3d9853b..de67749 100644 --- a/backend/tests/helpers/request-helpers.ts +++ b/backend/tests/helpers/request-helpers.ts @@ -251,7 +251,7 @@ export const updateRoomPreferences = async (roomId: string, preferences: any) => const adminCookie = await loginUser(); return await request(app) - .put(`${INTERNAL_CONFIG.INTERNAL_API_BASE_PATH_V1}/rooms/${roomId}`) + .put(`${INTERNAL_CONFIG.API_BASE_PATH_V1}/rooms/${roomId}`) .set('Cookie', adminCookie) .send(preferences); }; diff --git a/backend/tests/integration/api/security/room-security.test.ts b/backend/tests/integration/api/security/room-security.test.ts index 36396e6..c94457b 100644 --- a/backend/tests/integration/api/security/room-security.test.ts +++ b/backend/tests/integration/api/security/room-security.test.ts @@ -194,24 +194,24 @@ describe('Room API Security Tests', () => { roomId = room.roomId; }); - it('should fail when request includes API key', async () => { + it('should succeed when request includes API key', async () => { const response = await request(app) - .put(`${INTERNAL_ROOMS_PATH}/${roomId}`) + .put(`${ROOMS_PATH}/${roomId}`) .set(INTERNAL_CONFIG.API_KEY_HEADER, MEET_API_KEY) .send(roomPreferences); - expect(response.status).toBe(401); + expect(response.status).toBe(200); }); it('should succeed when user is authenticated as admin', async () => { const response = await request(app) - .put(`${INTERNAL_ROOMS_PATH}/${roomId}`) + .put(`${ROOMS_PATH}/${roomId}`) .set('Cookie', adminCookie) .send(roomPreferences); expect(response.status).toBe(200); }); it('should fail when user is not authenticated', async () => { - const response = await request(app).put(`${INTERNAL_ROOMS_PATH}/${roomId}`).send(roomPreferences); + const response = await request(app).put(`${ROOMS_PATH}/${roomId}`).send(roomPreferences); expect(response.status).toBe(401); }); });