diff --git a/src/api.authz.test.ts b/src/api.authz.test.ts index 5377db62..11e0b2e3 100644 --- a/src/api.authz.test.ts +++ b/src/api.authz.test.ts @@ -785,360 +785,6 @@ describe('API authz tests', () => { }) }) - describe('AI Models endpoint tests', () => { - test('platform admin can get AI models', async () => { - jest.spyOn(otomiStack, 'getAllAIModels').mockResolvedValue([]) - await agent - .get('/alpha/ai/models') - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can get AI models', async () => { - jest.spyOn(otomiStack, 'getAllAIModels').mockResolvedValue([]) - await agent - .get('/alpha/ai/models') - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can get AI models', async () => { - jest.spyOn(otomiStack, 'getAllAIModels').mockResolvedValue([]) - await agent - .get('/alpha/ai/models') - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('anonymous user cannot get AI models', async () => { - await agent.get('/alpha/ai/models').expect(401) - }) - }) - - describe('Knowledge Base endpoint tests', () => { - const kbData = { - kind: 'AkamaiKnowledgeBase', - metadata: { name: 'test-kb' }, - spec: { modelName: 'e5-mistral-7b', sourceUrl: 'https://example.com/data.zip' }, - } - - test('platform admin can create knowledge base', async () => { - jest.spyOn(otomiStack, 'createAplKnowledgeBase').mockResolvedValue({} as any) - await agent - .post('/alpha/teams/team1/kb') - .send(kbData) - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can create knowledge base', async () => { - jest.spyOn(otomiStack, 'createAplKnowledgeBase').mockResolvedValue({} as any) - await agent - .post('/alpha/teams/team1/kb') - .send(kbData) - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can create knowledge base', async () => { - jest.spyOn(otomiStack, 'createAplKnowledgeBase').mockResolvedValue({} as any) - await agent - .post('/alpha/teams/team1/kb') - .send(kbData) - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('platform admin can get knowledge bases', async () => { - jest.spyOn(otomiStack, 'getAplKnowledgeBases').mockReturnValue([]) - await agent - .get('/alpha/teams/team1/kb') - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can get knowledge bases', async () => { - jest.spyOn(otomiStack, 'getAplKnowledgeBases').mockReturnValue([]) - await agent - .get('/alpha/teams/team1/kb') - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can get knowledge bases', async () => { - jest.spyOn(otomiStack, 'getAplKnowledgeBases').mockReturnValue([]) - await agent - .get('/alpha/teams/team1/kb') - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('platform admin can get specific knowledge base', async () => { - jest.spyOn(otomiStack, 'getAplKnowledgeBase').mockResolvedValue({} as any) - await agent - .get('/alpha/teams/team1/kb/test-kb') - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can get specific knowledge base', async () => { - jest.spyOn(otomiStack, 'getAplKnowledgeBase').mockResolvedValue({} as any) - await agent - .get('/alpha/teams/team1/kb/test-kb') - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can get specific knowledge base', async () => { - jest.spyOn(otomiStack, 'getAplKnowledgeBase').mockResolvedValue({} as any) - await agent - .get('/alpha/teams/team1/kb/test-kb') - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('platform admin can update knowledge base', async () => { - jest.spyOn(otomiStack, 'editAplKnowledgeBase').mockResolvedValue({} as any) - await agent - .put('/alpha/teams/team1/kb/test-kb') - .send(kbData) - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can update knowledge base', async () => { - jest.spyOn(otomiStack, 'editAplKnowledgeBase').mockResolvedValue({} as any) - await agent - .put('/alpha/teams/team1/kb/test-kb') - .send(kbData) - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can update knowledge base', async () => { - jest.spyOn(otomiStack, 'editAplKnowledgeBase').mockResolvedValue({} as any) - await agent - .put('/alpha/teams/team1/kb/test-kb') - .send(kbData) - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('platform admin can delete knowledge base', async () => { - jest.spyOn(otomiStack, 'deleteAplKnowledgeBase').mockResolvedValue() - await agent - .delete('/alpha/teams/team1/kb/test-kb') - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can delete knowledge base', async () => { - jest.spyOn(otomiStack, 'deleteAplKnowledgeBase').mockResolvedValue() - await agent - .delete('/alpha/teams/team1/kb/test-kb') - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can delete knowledge base', async () => { - jest.spyOn(otomiStack, 'deleteAplKnowledgeBase').mockResolvedValue() - await agent - .delete('/alpha/teams/team1/kb/test-kb') - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member cannot access other team knowledge bases', async () => { - await agent.get('/alpha/teams/team2/kb').set('Authorization', `Bearer ${teamMemberToken}`).expect(403) - }) - - test('anonymous user cannot access knowledge bases', async () => { - await agent.get('/alpha/teams/team1/kb').expect(401) - }) - - test('anonymous user cannot create knowledge bases', async () => { - await agent.post('/alpha/teams/team1/kb').send(kbData).expect(401) - }) - }) - - describe('Agent endpoint tests', () => { - const agentData = { - kind: 'AkamaiAgent', - metadata: { name: 'test-agent' }, - spec: { foundationModel: 'gpt-4', agentInstructions: 'You are a helpful assistant' }, - } - - test('platform admin can create agent', async () => { - jest.spyOn(otomiStack, 'createAplAgent').mockResolvedValue({} as any) - await agent - .post('/alpha/teams/team1/agents') - .send(agentData) - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can create agent', async () => { - jest.spyOn(otomiStack, 'createAplAgent').mockResolvedValue({} as any) - await agent - .post('/alpha/teams/team1/agents') - .send(agentData) - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can create agent', async () => { - jest.spyOn(otomiStack, 'createAplAgent').mockResolvedValue({} as any) - await agent - .post('/alpha/teams/team1/agents') - .send(agentData) - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('platform admin can get agents', async () => { - jest.spyOn(otomiStack, 'getAplAgents').mockReturnValue([]) - await agent - .get('/alpha/teams/team1/agents') - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can get agents', async () => { - jest.spyOn(otomiStack, 'getAplAgents').mockReturnValue([]) - await agent - .get('/alpha/teams/team1/agents') - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can get agents', async () => { - jest.spyOn(otomiStack, 'getAplAgents').mockReturnValue([]) - await agent - .get('/alpha/teams/team1/agents') - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('platform admin can get specific agent', async () => { - jest.spyOn(otomiStack, 'getAplAgent').mockReturnValue({} as any) - await agent - .get('/alpha/teams/team1/agents/test-agent') - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can get specific agent', async () => { - jest.spyOn(otomiStack, 'getAplAgent').mockReturnValue({} as any) - await agent - .get('/alpha/teams/team1/agents/test-agent') - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can get specific agent', async () => { - jest.spyOn(otomiStack, 'getAplAgent').mockReturnValue({} as any) - await agent - .get('/alpha/teams/team1/agents/test-agent') - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('platform admin can update agent', async () => { - jest.spyOn(otomiStack, 'editAplAgent').mockResolvedValue({} as any) - await agent - .put('/alpha/teams/team1/agents/test-agent') - .send(agentData) - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can update agent', async () => { - jest.spyOn(otomiStack, 'editAplAgent').mockResolvedValue({} as any) - await agent - .put('/alpha/teams/team1/agents/test-agent') - .send(agentData) - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can update agent', async () => { - jest.spyOn(otomiStack, 'editAplAgent').mockResolvedValue({} as any) - await agent - .put('/alpha/teams/team1/agents/test-agent') - .send(agentData) - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('platform admin can delete agent', async () => { - jest.spyOn(otomiStack, 'deleteAplAgent').mockResolvedValue() - await agent - .delete('/alpha/teams/team1/agents/test-agent') - .set('Authorization', `Bearer ${platformAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team admin can delete agent', async () => { - jest.spyOn(otomiStack, 'deleteAplAgent').mockResolvedValue() - await agent - .delete('/alpha/teams/team1/agents/test-agent') - .set('Authorization', `Bearer ${teamAdminToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member can delete agent', async () => { - jest.spyOn(otomiStack, 'deleteAplAgent').mockResolvedValue() - await agent - .delete('/alpha/teams/team1/agents/test-agent') - .set('Authorization', `Bearer ${teamMemberToken}`) - .expect(200) - .expect('Content-Type', /json/) - }) - - test('team member cannot access other team agents', async () => { - await agent.get('/alpha/teams/team2/agents').set('Authorization', `Bearer ${teamMemberToken}`).expect(403) - }) - - test('anonymous user cannot access agents', async () => { - await agent.get('/alpha/teams/team1/agents').expect(401) - }) - - test('anonymous user cannot create agents', async () => { - await agent.post('/alpha/teams/team1/agents').send(agentData).expect(401) - }) - }) test('team member cannot access settings', async () => { await agent.get('/v1/settings').set('Authorization', `Bearer ${teamMemberToken}`).expect(403) }) diff --git a/src/openapi/api.yaml b/src/openapi/api.yaml index 3b7fb7d0..7f9578a5 100644 --- a/src/openapi/api.yaml +++ b/src/openapi/api.yaml @@ -2670,215 +2670,6 @@ paths: $ref: '#/components/responses/NotFound' '200': description: Successfully edited app values. - '/alpha/ai/models': - get: - operationId: getAIModels - x-eov-operation-handler: alpha/ai/models - description: Get available shared AI models (foundation or embedding) - x-aclSchema: AIModel - responses: - '200': - description: Successfully obtained shared AI models - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/AplAIModelResponse' - - '/alpha/teams/{teamId}/kb': - parameters: - - $ref: '#/components/parameters/teamParams' - get: - operationId: getAplKnowledgeBases - x-eov-operation-handler: alpha/teams/{teamId}/kb - description: Get knowledge bases from a given team - x-aclSchema: KnowledgeBase - responses: - '200': - description: Successfully obtained knowledge bases - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/AplKnowledgeBaseResponse' - post: - operationId: createAplKnowledgeBase - x-eov-operation-handler: alpha/teams/{teamId}/kb - description: Create a team knowledge base - x-aclSchema: KnowledgeBase - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AplKnowledgeBaseRequest' - description: KnowledgeBase object - required: true - responses: - '400': - $ref: '#/components/responses/BadRequest' - '409': - $ref: '#/components/responses/OtomiStackError' - '200': - description: Successfully stored knowledge base configuration - content: - application/json: - schema: - $ref: '#/components/schemas/AplKnowledgeBaseResponse' - - '/alpha/teams/{teamId}/kb/{knowledgeBaseName}': - parameters: - - $ref: '#/components/parameters/teamParams' - - $ref: '#/components/parameters/knowledgeBaseParams' - get: - operationId: getAplKnowledgeBase - x-eov-operation-handler: alpha/teams/{teamId}/kb/{knowledgeBaseName} - description: Get a knowledge base from a given team - x-aclSchema: KnowledgeBase - responses: - '400': - $ref: '#/components/responses/BadRequest' - '404': - $ref: '#/components/responses/NotFound' - '200': - description: Successfully obtained knowledge base configuration - content: - application/json: - schema: - $ref: '#/components/schemas/AplKnowledgeBaseRequest' - put: - operationId: editAplKnowledgeBase - x-eov-operation-handler: alpha/teams/{teamId}/kb/{knowledgeBaseName} - description: Edit a knowledge base from a given team - x-aclSchema: KnowledgeBase - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AplKnowledgeBaseRequest' - description: KnowledgeBase object that contains updated values - required: true - responses: - '400': - $ref: '#/components/responses/BadRequest' - '404': - $ref: '#/components/responses/NotFound' - '200': - description: Successfully edited a team knowledge base - content: - application/json: - schema: - $ref: '#/components/schemas/AplKnowledgeBaseResponse' - delete: - operationId: deleteAplKnowledgeBase - x-eov-operation-handler: alpha/teams/{teamId}/kb/{knowledgeBaseName} - description: Delete a knowledge base from a given team - x-aclSchema: KnowledgeBase - responses: - '400': - $ref: '#/components/responses/BadRequest' - '404': - $ref: '#/components/responses/NotFound' - '200': - description: Successfully deleted a team knowledge base - - '/alpha/teams/{teamId}/agents': - parameters: - - $ref: '#/components/parameters/teamParams' - get: - operationId: getAplAgents - x-eov-operation-handler: alpha/teams/{teamId}/agents - description: Get agents from a given team - x-aclSchema: Agent - responses: - '200': - description: Successfully obtained agents - content: - application/json: - schema: - type: array - items: - $ref: '#/components/schemas/AplAgentResponse' - post: - operationId: createAplAgent - x-eov-operation-handler: alpha/teams/{teamId}/agents - description: Create a team agent - x-aclSchema: Agent - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AplAgentRequest' - description: Agent object - required: true - responses: - '400': - $ref: '#/components/responses/BadRequest' - '409': - $ref: '#/components/responses/OtomiStackError' - '200': - description: Successfully stored agent configuration - content: - application/json: - schema: - $ref: '#/components/schemas/AplAgentResponse' - - '/alpha/teams/{teamId}/agents/{agentName}': - parameters: - - $ref: '#/components/parameters/teamParams' - - $ref: '#/components/parameters/agentParams' - get: - operationId: getAplAgent - x-eov-operation-handler: alpha/teams/{teamId}/agents/{agentName} - description: Get an agent from a given team - x-aclSchema: Agent - responses: - '400': - $ref: '#/components/responses/BadRequest' - '404': - $ref: '#/components/responses/NotFound' - '200': - description: Successfully obtained agent configuration - content: - application/json: - schema: - $ref: '#/components/schemas/AplAgentResponse' - put: - operationId: editAplAgent - x-eov-operation-handler: alpha/teams/{teamId}/agents/{agentName} - description: Edit an agent from a given team - x-aclSchema: Agent - requestBody: - content: - application/json: - schema: - $ref: '#/components/schemas/AplAgentRequest' - description: Agent object that contains updated values - required: true - responses: - '400': - $ref: '#/components/responses/BadRequest' - '404': - $ref: '#/components/responses/NotFound' - '200': - description: Successfully edited a team agent - content: - application/json: - schema: - $ref: '#/components/schemas/AplAgentResponse' - delete: - operationId: deleteAplAgent - x-eov-operation-handler: alpha/teams/{teamId}/agents/{agentName} - description: Delete an agent from a given team - x-aclSchema: Agent - responses: - '400': - $ref: '#/components/responses/BadRequest' - '404': - $ref: '#/components/responses/NotFound' - '200': - description: Successfully deleted a team agent ## -------------------------------------------- Servers #