Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
266 changes: 266 additions & 0 deletions apollo-openapi.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3645,6 +3645,180 @@ paths:
responses:
'200':
description: '灰度规则更新成功'
content:
application/json:
schema:
type: object
allOf:
- $ref: '#/components/schemas/SuccessEmptyResponse'
headers: {}
Comment on lines +3648 to +3654
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Broken $refSuccessEmptyResponse schema is not defined.

#/components/schemas/SuccessEmptyResponse is referenced here but does not exist anywhere in components/schemas. This will fail OpenAPI validation and break all code generators.

Additionally, wrapping a single $ref inside allOf with an explicit type: object is redundant.

🛠️ Proposed fix

Option A — drop the content block entirely (the 200 response for an update is typically body-less):

         '200':
           description: '灰度规则更新成功'
-          content:
-            application/json:
-              schema:
-                type: object
-                allOf:
-                  - $ref: '#/components/schemas/SuccessEmptyResponse'
           headers: {}

Option B — define and reference the missing schema (if a response body is actually needed):

# Under components/schemas:
+   SuccessEmptyResponse:
+     type: object
+     description: Empty success response body
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@apollo-openapi.yaml` around lines 3648 - 3654, The response references a
missing schema '#/components/schemas/SuccessEmptyResponse' and redundantly wraps
a single $ref inside allOf; either remove the entire content block for this 200
response (if it should be body-less) or add a proper schema definition under
components.schemas named SuccessEmptyResponse and reference it directly (drop
the surrounding type: object + allOf). Locate the OpenAPI response that contains
the content/application/json/schema with allOf -> $ref and apply one of the two
fixes so codegen/validation no longer fails.

/openapi/v1/users:
post:
summary: 创建用户
operationId: createUser
deprecated: false
description: POST /openapi/v1/users
tags:
- User Management
Comment on lines +3655 to +3662
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

"User Management" tag is used but not declared in the top-level tags section.

All three new operations reference - User Management, which is absent from the tags list at lines 24–48. Most OpenAPI tooling (renderers, linters, validators) will either warn or produce broken navigation.

🛠️ Proposed fix — add tag declaration
   - name: Permission Management
     description: 权限管理相关接口,包括权限查询等功能
+  - name: User Management
+    description: 用户管理相关接口,包括用户的创建、查询等操作
 paths:
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@apollo-openapi.yaml` around lines 3655 - 3662, The OpenAPI spec uses the tag
"User Management" in operations (e.g., operationId createUser on path
/openapi/v1/users POST) but that tag is not declared in the top-level tags
array; add a top-level tag object with name "User Management" (and an optional
description) to the root tags section so tooling can recognize and render the
referenced tag for all operations that list "- User Management".

security:
- ApiKeyAuth: []
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/OpenUserDTO'
example:
username: "new-user"
userDisplayName: "New User"
password: "P@ssw0rd123"
email: "new-user@example.com"
enabled: 1
responses:
'200':
description: 成功创建用户,返回创建的用户信息
content:
application/json:
schema:
$ref: '#/components/schemas/UserInfo'
example:
userId: "new-user"
name: "New User"
email: "new-user@example.com"
enabled: 1
headers: {}
'400':
description: 请求参数错误(用户名/密码/邮箱为空,或密码强度不足)
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
'401':
description: 未授权访问
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
'403':
description: 权限不足或当前用户服务不支持创建用户
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
Comment on lines +3677 to +3707
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

POST /openapi/v1/users is missing a 409 Conflict response for duplicate usernames.

When a caller attempts to create a user whose username already exists, the server will reject the request. Without a 409 response code, clients have no contract to distinguish "duplicate user" from a generic 400 validation error, making error handling ambiguous.

🛠️ Proposed fix
         '403':
           description: 权限不足或当前用户服务不支持创建用户
           content:
             application/json:
               schema:
                 $ref: '#/components/schemas/ExceptionResponse'
+        '409':
+          description: 用户名已存在
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ExceptionResponse'
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
responses:
'200':
description: 成功创建用户,返回创建的用户信息
content:
application/json:
schema:
$ref: '#/components/schemas/UserInfo'
example:
userId: "new-user"
name: "New User"
email: "new-user@example.com"
enabled: 1
headers: {}
'400':
description: 请求参数错误(用户名/密码/邮箱为空,或密码强度不足)
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
'401':
description: 未授权访问
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
'403':
description: 权限不足或当前用户服务不支持创建用户
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
responses:
'200':
description: 成功创建用户,返回创建的用户信息
content:
application/json:
schema:
$ref: '#/components/schemas/UserInfo'
example:
userId: "new-user"
name: "New User"
email: "new-user@example.com"
enabled: 1
headers: {}
'400':
description: 请求参数错误(用户名/密码/邮箱为空,或密码强度不足)
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
'401':
description: 未授权访问
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
'403':
description: 权限不足或当前用户服务不支持创建用户
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
'409':
description: 用户名已存在
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@apollo-openapi.yaml` around lines 3677 - 3707, The OpenAPI operation for POST
/openapi/v1/users is missing a 409 Conflict response for duplicate usernames;
update the responses section for that operation to add a '409' response entry
(mirroring the existing error response shape) that uses the same
ExceptionResponse schema and a description like "用户名已存在(重复)" so clients can
distinguish duplicate-user errors from generic 400 validation errors. Ensure the
new '409' entry is added alongside '400','401','403' and references
'#/components/schemas/ExceptionResponse' with appropriate content type
application/json.

get:
summary: 搜索用户列表
operationId: searchUsers
deprecated: false
description: GET /openapi/v1/users
tags:
- User Management
security:
- ApiKeyAuth: []
parameters:
- name: keyword
in: query
description: 搜索关键字(匹配用户名或显示名称),为空时返回所有用户
required: false
schema:
type: string
default: ""
- name: includeInactiveUsers
in: query
description: 是否包含已停用的用户
required: false
schema:
type: boolean
default: false
- name: offset
in: query
description: 分页偏移量,从0开始
required: false
schema:
type: integer
default: 0
minimum: 0
- name: limit
in: query
description: 分页大小,取值范围 1~100
required: false
schema:
type: integer
default: 10
minimum: 1
maximum: 100
responses:
'200':
description: 成功获取用户列表
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/UserInfo'
example:
- userId: "apollo"
name: "Apollo Admin"
email: "apollo@example.com"
enabled: 1
- userId: "dev-user"
name: "Dev User"
email: "dev@example.com"
enabled: 1
headers: {}
'400':
description: 请求参数错误(offset或limit超出范围)
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
'401':
description: 未授权访问
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
/openapi/v1/users/{userId}:
get:
summary: 根据用户ID获取用户信息
operationId: getUserByUserId
deprecated: false
description: GET /openapi/v1/users/{userId}
tags:
- User Management
security:
- ApiKeyAuth: []
parameters:
- name: userId
in: path
description: 用户ID(用户名)
required: true
schema:
type: string
responses:
'200':
description: 成功获取用户信息
content:
application/json:
schema:
$ref: '#/components/schemas/UserInfo'
example:
userId: "apollo"
name: "Apollo Admin"
email: "apollo@example.com"
enabled: 1
headers: {}
'400':
description: 用户不存在
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
Comment on lines +3759 to +3764
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Use 404 for “user not found” instead of 400.

“用户不存在” is a not‑found condition and other endpoints use 404; returning 400 misleads clients and breaks consistent error handling.

✅ Suggested fix
-        '400':
-          description: 用户不存在
+        '404':
+          description: 用户不存在
           content:
             application/json:
               schema:
                 $ref: '#/components/schemas/ExceptionResponse'
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
'400':
description: 用户不存在
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
'404':
description: 用户不存在
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@apollo-openapi.yaml` around lines 3759 - 3764, Replace the HTTP response
entry keyed '400' for the "用户不存在" case with a '404' response to reflect a
not-found condition and maintain consistency with other endpoints; update the
response key from '400' to '404' and keep the description "用户不存在" and the schema
reference to ExceptionResponse (or swap to a NotFound-specific schema if your
spec uses one) so clients receive the correct status code for user-not-found
errors.

'401':
description: 未授权访问
content:
application/json:
schema:
$ref: '#/components/schemas/ExceptionResponse'
/openapi/v1/envs:
get:
summary: 获取所有环境
Expand Down Expand Up @@ -5733,4 +5907,96 @@ components:
projectB:
darkMode: true

MultiResponseEntity:
type: object
description: A response container holding multiple RichResponseEntity objects
properties:
code:
type: integer
description: Overall HTTP status code
example: 200
entities:
type: array
description: List of rich response entities
items:
$ref: '#/components/schemas/RichResponseEntity'
required:
- code
- entities

RichResponseEntity:
type: object
description: A wrapper for a single response entity with code, message, and body
properties:
code:
type: integer
description: HTTP status code
example: 200
message:
type: object
description: Response message (can be string or object)
example: "OK"
body:
type: object
description: Response payload (generic type T)
required:
- code
- message

OpenUserDTO:
type: object
description: 用于创建用户的请求体 DTO
properties:
username:
type: string
description: 用户名(登录账号),创建时必填
example: "new-user"
userDisplayName:
type: string
description: 用户显示名称,若不填则默认使用 username
example: "New User"
password:
type: string
description: 用户密码,创建时必填,需满足密码强度要求
format: password
example: "P@ssw0rd123"
email:
type: string
description: 用户邮箱,创建时必填
format: email
example: "new-user@example.com"
enabled:
type: integer
description: 用户状态:1-启用,0-停用,默认为1
enum: [0, 1]
default: 1
example: 1
required:
- username
- password
- email

UserInfo:
type: object
description: 用户信息
properties:
userId:
type: string
description: 用户ID(即用户名)
example: "apollo"
name:
type: string
description: 用户显示名称
example: "Apollo Admin"
email:
type: string
description: 用户邮箱
format: email
example: "apollo@example.com"
enabled:
type: integer
description: 用户状态:1-启用,0-停用
enum: [0, 1]
example: 1

servers: []