docs: added api reference for specific privilege identity

2026-05-02 03:02:03 -04:00 · 2024-04-02 23:54:51 +05:30
parent 26f647b948
commit 87d98de4c1
9 changed files with 77 additions and 4 deletions
--- a/backend/src/ee/routes/v1/identity-project-additional-privilege-router.ts
+++ b/backend/src/ee/routes/v1/identity-project-additional-privilege-router.ts
@@ -17,6 +17,12 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
    url: "/permanent",
    method: "POST",
    schema: {
+      description: "Create a permanent or a non expiry specific privilege for identity.",
+      security: [
+        {
+          bearerAuth: []
+        }
+      ],
      body: z.object({
        identityId: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.CREATE.identityId),
        projectSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.CREATE.projectSlug),
@@ -58,6 +64,12 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
    url: "/temporary",
    method: "POST",
    schema: {
+      description: "Create a temporary or a expiring specific privilege for identity.",
+      security: [
+        {
+          bearerAuth: []
+        }
+      ],
      body: z.object({
        identityId: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.CREATE.identityId),
        projectSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.CREATE.projectSlug),
@@ -110,6 +122,12 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
    url: "/",
    method: "PATCH",
    schema: {
+      description: "Update a specific privilege of an identity.",
+      security: [
+        {
+          bearerAuth: []
+        }
+      ],
      body: z.object({
        // disallow empty string
        privilegeSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.UPDATE.slug),
@@ -173,6 +191,12 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
    url: "/",
    method: "DELETE",
    schema: {
+      description: "Delete a specific privilege of an identity.",
+      security: [
+        {
+          bearerAuth: []
+        }
+      ],
      body: z.object({
        privilegeSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.DELETE.slug),
        identityId: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.DELETE.identityId),
@@ -203,6 +227,12 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
    url: "/:privilegeSlug",
    method: "GET",
    schema: {
+      description: "Retrieve details of a specific privilege by privilege slug.",
+      security: [
+        {
+          bearerAuth: []
+        }
+      ],
      params: z.object({
        privilegeSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.GET_BY_SLUG.slug)
      }),
@@ -234,6 +264,12 @@ export const registerIdentityProjectAdditionalPrivilegeRouter = async (server: F
    url: "/",
    method: "GET",
    schema: {
+      description: "List of a specific privilege of an identity in a project.",
+      security: [
+        {
+          bearerAuth: []
+        }
+      ],
      querystring: z.object({
        identityId: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.LIST.identityId),
        projectSlug: z.string().min(1).describe(IDENTITY_ADDITIONAL_PRIVILEGE.LIST.projectSlug),
--- a/backend/src/lib/api-docs/constants.ts
+++ b/backend/src/lib/api-docs/constants.ts
@@ -403,8 +403,11 @@ export const IDENTITY_ADDITIONAL_PRIVILEGE = {
    projectSlug: "The slug of the project of the identity in.",
    identityId: "The ID of the identity to delete.",
    slug: "The slug of the privilege to create.",
-    permissions:
-      "The permission object for the privilege. Refer https://casl.js.org/v6/en/guide/define-rules#the-shape-of-raw-rule to understand the shape",
+    permissions: `The permission object for the privilege.
+1. [["read", "secrets", {environment: "dev", secretPath: {$glob: "/"}}]]
+2. [["read", "secrets", {environment: "dev"}], ["create", "secrets", {environment: "dev"}]]
+2. [["read", "secrets", {environment: "dev"}]]
+`,
    isPackPermission: "Whether the server should pack(compact) the permission object.",
    isTemporary: "Whether the privilege is temporary.",
    temporaryMode: "Type of temporary access given. Types: relative",
@@ -417,7 +420,6 @@ export const IDENTITY_ADDITIONAL_PRIVILEGE = {
    slug: "The slug of the privilege to update.",
    newSlug: "The new slug of the privilege to update.",
    permissions: `The permission object for the privilege.
-Example unpacked permission shape 
 1. [["read", "secrets", {environment: "dev", secretPath: {$glob: "/"}}]]
 2. [["read", "secrets", {environment: "dev"}], ["create", "secrets", {environment: "dev"}]]
 2. [["read", "secrets", {environment: "dev"}]]
--- a/docs/api-reference/endpoints/identity-specific-privilege/create-permanent.mdx
+++ b/docs/api-reference/endpoints/identity-specific-privilege/create-permanent.mdx
@@ -0,0 +1,4 @@
+---
+title: "Create Permanent"
+openapi: "POST /api/v1/additional-privilege/identity/permanent"
+---
--- a/docs/api-reference/endpoints/identity-specific-privilege/create-temporary.mdx
+++ b/docs/api-reference/endpoints/identity-specific-privilege/create-temporary.mdx
@@ -0,0 +1,4 @@
+---
+title: "Create Temporary"
+openapi: "POST /api/v1/additional-privilege/identity/temporary"
+---
--- a/docs/api-reference/endpoints/identity-specific-privilege/delete.mdx
+++ b/docs/api-reference/endpoints/identity-specific-privilege/delete.mdx
@@ -0,0 +1,4 @@
+---
+title: "Delete"
+openapi: "DELETE /api/v1/additional-privilege/identity"
+---
--- a/docs/api-reference/endpoints/identity-specific-privilege/find-by-slug.mdx
+++ b/docs/api-reference/endpoints/identity-specific-privilege/find-by-slug.mdx
@@ -0,0 +1,4 @@
+---
+title: "Find By Privilege Slug"
+openapi: "GET /api/v1/additional-privilege/identity/{privilegeSlug}"
+---
--- a/docs/api-reference/endpoints/identity-specific-privilege/list.mdx
+++ b/docs/api-reference/endpoints/identity-specific-privilege/list.mdx
@@ -0,0 +1,4 @@
+---
+title: "List"
+openapi: "GET /api/v1/additional-privilege/identity"
+---
--- a/docs/api-reference/endpoints/identity-specific-privilege/update.mdx
+++ b/docs/api-reference/endpoints/identity-specific-privilege/update.mdx
@@ -0,0 +1,4 @@
+---
+title: "Update"
+openapi: "PATCH /api/v1/additional-privilege/identity"
+---
--- a/docs/mint.json
+++ b/docs/mint.json
@@ -1,6 +1,6 @@
 {
  "name": "Infisical",
-  "openapi": "http://localhost:8080/api/docs/json",
+  "openapi": "https://app.infisical.com/api/docs/json",
  "logo": {
    "dark": "/logo/dark.svg",
    "light": "/logo/light.svg",
@@ -499,6 +499,17 @@
            "api-reference/endpoints/secret-imports/delete"
          ]
        },
+        {
+          "group": "Identity Specific Privilege",
+          "pages": [
+            "api-reference/endpoints/identity-specific-privilege/create-permanent",
+            "api-reference/endpoints/identity-specific-privilege/create-temporary",
+            "api-reference/endpoints/identity-specific-privilege/update",
+            "api-reference/endpoints/identity-specific-privilege/delete",
+            "api-reference/endpoints/identity-specific-privilege/find-by-slug",
+            "api-reference/endpoints/identity-specific-privilege/list"
+          ]
+        },
        {
          "group": "Integrations",
          "pages": [