fix(openapi): not forbidden response on openAPI doc

vinceAmstoutz · vinceAmstoutz · commit 58faec8ad403 · 2024-12-30T11:36:47.000+01:00
diff --git a/src/OpenApi/Factory/OpenApiFactory.php b/src/OpenApi/Factory/OpenApiFactory.php
@@ -408,6 +408,13 @@ private function collectPaths(ApiResource $resource, ResourceMetadataCollection
                 }
             }
 
+            if (true === $overrideResponses && !isset($existingResponses[403]) && $security = $operation->getSecurity()) {
+                $openapiOperation = $openapiOperation->withResponse(403, new Response(\sprintf(
+                    'Forbidden: You must meet the following condition(s) to access this resource: %s.',
+                    $security
+                )));
+            }
+
             if (true === $overrideResponses && !$operation instanceof CollectionOperationInterface && 'POST' !== $operation->getMethod()) {
                 if (!isset($existingResponses[404])) {
                     $openapiOperation = $openapiOperation->withResponse(404, new Response('Resource not found'));

Original file line number	Diff line number	Diff line change
`@@ -408,6 +408,13 @@ private function collectPaths(ApiResource $resource, ResourceMetadataCollection`
`408`	`408`	`}`
`409`	`409`	`}`
`410`	`410`
	`411`	`+ if (true === $overrideResponses && !isset($existingResponses[403]) && $security = $operation->getSecurity()) {`
	`412`	`+ $openapiOperation = $openapiOperation->withResponse(403, new Response(\sprintf(`
	`413`	`+ 'Forbidden: You must meet the following condition(s) to access this resource: %s.',`
	`414`	`+ $security`
	`415`	`+ )));`
	`416`	`+ }`
	`417`	`+`
`411`	`418`	`if (true === $overrideResponses && !$operation instanceof CollectionOperationInterface && 'POST' !== $operation->getMethod()) {`
`412`	`419`	`if (!isset($existingResponses[404])) {`
`413`	`420`	`$openapiOperation = $openapiOperation->withResponse(404, new Response('Resource not found'));`