node-restify-swagger icon indicating copy to clipboard operation
node-restify-swagger copied to clipboard
verified publisher icon z0mt3c

Add authorizations property to route definition and support for third party authorizations plugin

Open metasection opened this issue 11 years ago • 5 comments

This Pull Request addresses issue #11.

Usage / Implementation

  • You can optionally add an ‘authorizations’ parameter to each route with a space separated list of route-authorizations (Example: "admin super-admin").


    server.get({url: '/test/method/:data',
   authorizations: 'account',
   swagger: {
     summary: 'Get',
     notes: '',
     nickname: 'getTest'
   },
   validation: {
     data: { isRequired: true, description: 'Data', swaggerType: 'string', scope: 'path' }
   }}, function(req, res, next) {
      res.send( { data : "get" });
   });

  • The authorizations are listed in the swagger resources.json.

    "resourcePath": "/swagger/test",
"apis": [
    {
        "path": "/test/method/{data}",
        "description": "",
        "operations": [
            {
                "notes": null,
                "nickname": "getTest",
                "produces": [
                    "application/json"
                ],
                "consumes": [
                    "application/json"
                ],
                "responseMessages": [
                    {
                        "code": 500,
                        "message": "Internal Server Error"
                    }
                ],
                "parameters": [
                    {
                        "type": "string",
                        "dataType": "string",
                        "name": "data",
                        "description": "Data",
                        "required": true,
                        "paramType": "path"
                    }
                ],
                "authorizations": {
                    "type": "account"
                },
                "summary": "Get",
                "httpMethod": "GET",
                "method": "GET"
            }
        ]
    }

  • when swagger loads it will optionally call a third party plugin to verify the api_key (if provided) and user authorizations.

  • configuring the third party plugin is done by passing the 'authorizationsPlugin' in the configuration options.

    restifySwagger.configure(server, {
    info: {
        contact: '[email protected]',
        description: 'Description text',
        license: 'MIT',
        licenseUrl: 'http://opensource.org/licenses/MIT',
        termsOfServiceUrl: 'http://opensource.org/licenses/MIT',
        title: 'Node Restify Swagger Demo'
    },
    apiDescriptions: {
        'get':'GET-Api Resourcen'
    },
            authorizationsPlugin: swaggerAuthorizations
});

metasection avatar Dec 06 '14 19:12 metasection

Coverage Status

Coverage decreased (-1.73%) when pulling b6a8496de7d8f4ac12bb3cda877d17b4df958145 on metasection:master into b405bcae11f8dc01a8201c4ada28cc1db9ab5e17 on z0mt3c:master.

coveralls avatar Dec 06 '14 19:12 coveralls

Any word? Ready to pull?

metasection avatar Dec 19 '14 12:12 metasection

Happy holidays!!!! You like the changes? Ready to pull?

metasection avatar Dec 28 '14 17:12 metasection

Thanks! Looks better... could you please add some more information about your "swaggerAuthorizations interface"? And that should it be ;-)

z0mt3c avatar Jan 07 '15 08:01 z0mt3c

@z0mt3c Any updates on this? Thanks!

qrpike avatar Aug 10 '16 07:08 qrpike