mirror of
https://github.com/simstudioai/sim.git
synced 2026-04-06 03:00:16 -04:00
a368827f1e
* feat(api): add tables and files v1 REST API with OpenAPI docs * fix(api): address review feedback for tables/files REST API * fix(api): reject empty filters, consolidate PUT/DELETE into service helpers * fix(api): upsert unique constraints, POST response fields, uploadedAt timestamp * fix(api): stop leaking internal fields in list tables, fix deleteTable requestId * fix(api): atomic table-count limit in createTable, stop leaking internal fields * fix(api): error classification in PATCH, z.coerce→preprocess, requestId in logs * fix(api): audit logging, PATCH service consolidation, Content-Disposition encoding - Add TABLE_CREATED/TABLE_DELETED audit events to v1 table routes - Consolidate PATCH handlers to use updateRow service function - Fix Content-Disposition header with RFC 5987 dual-parameter form - Normalize schema in POST /tables response with normalizeColumn * lint * fix(api): upsert unique constraint 400, guard request.json() parse errors - Add 'Unique constraint violation' to upsert error classification - Wrap PUT/DELETE request.json() in try/catch to return 400 on malformed body - Apply fixes to both v1 and internal routes * fix(api): guard PATCH request.json(), accurate deleteRowsByIds count - Wrap PATCH request.json() in try/catch for both v1 and internal routes - Rewrite deleteRowsByIds to use .returning() for accurate deletedCount under concurrent requests (eliminates SELECT-then-DELETE race) * fix(api): guard all remaining request.json() calls in table routes - Wrap POST handler request.json() in try/catch across all table routes - Also fix internal DELETE single-row handler - Every request.json() in table routes now returns 400 on malformed body * fix(api): safe type check on formData workspaceId in file upload - Replace unsafe `as string | null` cast with typeof check - Prevents File object from bypassing workspaceId validation * fix(api): safe File cast in upload, validate column name before sql.raw() - Use instanceof File check instead of unsafe `as File | null` cast - Add regex validation on column name before sql.raw() interpolation * fix(api): comprehensive hardening pass across all table/file routes - Guard request.formData() with try/catch in file upload - Guard all .toISOString() calls with instanceof Date checks - Replace verifyTableWorkspace double-fetch with direct comparison - Fix relative imports to absolute (@/app/api/table/utils) - Fix internal list tables leaking fields via ...t spread - Normalize schema in internal POST create table response - Remove redundant pre-check in internal create (service handles atomically) - Make 'maximum table limit' return 403 consistently (was 400 in internal) - Add 'Row not found' → 404 classification in PATCH handlers - Add NAME_PATTERN validation before sql.raw() in validation.ts * chore: lint fixes
19 lines
341 B
JSON
19 lines
341 B
JSON
{
|
|
"title": "API Reference",
|
|
"root": true,
|
|
"pages": [
|
|
"getting-started",
|
|
"authentication",
|
|
"---SDKs---",
|
|
"python",
|
|
"typescript",
|
|
"---Endpoints---",
|
|
"(generated)/workflows",
|
|
"(generated)/logs",
|
|
"(generated)/usage",
|
|
"(generated)/audit-logs",
|
|
"(generated)/tables",
|
|
"(generated)/files"
|
|
]
|
|
}
|