Removed matomo case and added plugin validation logic

Author: lachiebol

API.php

@@ -27,20 +27,26 @@ class API extends \Piwik\Plugin\API
      * Get a pre-generated OpenAPI spec file if it exists. This endpoint only reads
      * the generated JSON file and does not trigger spec generation.
      *
-     * /index.php?module=API&method=OpenApiDocs.getOpenApiSpec&spec=matomo
+     * /index.php?module=API&method=OpenApiDocs.getOpenApiSpec&spec=CustomAlerts
      *
-     * @param string $spec Spec identifier used in the generated filename. Use `matomo`
-     *                     for the aggregate spec or a plugin name for a specific spec.
+     * @param string $spec Plugin name used in the generated filename.
      * @param string $format Output format. Only `json` is supported.
      * @return array<string, mixed> The decoded OpenAPI specification payload.
      * @throws \Exception If the file is missing, unreadable, or contains invalid JSON.
      */
-    public function getOpenApiSpec(string $spec = 'matomo', string $format = 'json'): array
+    public function getOpenApiSpec(string $spec, string $format = 'json'): array
     {
         Piwik::checkUserHasSomeViewAccess();
 
         $this->validateJsonFormat($format);
 
+        if (
+            !Manager::getInstance()->isValidPluginName($spec)
+            || !Manager::getInstance()->isPluginInFilesystem($spec)
+        ) {
+            throw new \Piwik\Exception\PluginNotFoundException($spec);
+        }
+
         $filePath = $this->getSpecFilePath($spec);
         if (!$this->isSpecFileReadable($filePath)) {
             throw new \Exception('OpenAPI spec file was not found. Generate it first via openapidocs:generate-spec-file.');

tests/Unit/APITest.php

@@ -43,23 +43,6 @@ protected function tearDown(): void
         parent::tearDown();
     }
 
-    public function testGetOpenApiSpecReturnsDecodedJsonForMatomo()
-    {
-        $expectedSpec = [
-            'openapi' => '3.1.0',
-            'info' => [
-                'title' => 'Matomo Reporting API',
-                'version' => '1.0.0',
-            ],
-        ];
-
-        $api = $this->buildApiMock('/tmp/matomo_openapi_spec_v1.0.0.json', true, json_encode($expectedSpec));
-
-        $result = $api->getOpenApiSpec();
-
-        $this->assertSame($expectedSpec, $result);
-    }
-
     public function testGetOpenApiSpecReturnsDecodedJsonForPlugin()
     {
         $expectedSpec = [
@@ -79,22 +62,22 @@ public function testGetOpenApiSpecReturnsDecodedJsonForPlugin()
 
     public function testGetOpenApiSpecThrowsExceptionWhenFileMissing()
     {
-        $api = $this->buildApiMock('/tmp/matomo_openapi_spec_v1.0.0.json', false);
+        $api = $this->buildApiMock('/tmp/CustomAlerts_openapi_spec_v1.0.0.json', false);
 
         $this->expectException(\Exception::class);
         $this->expectExceptionMessage('OpenAPI spec file was not found');
 
-        $api->getOpenApiSpec();
+        $api->getOpenApiSpec('CustomAlerts');
     }
 
     public function testGetOpenApiSpecThrowsExceptionWhenJsonIsInvalid()
     {
-        $api = $this->buildApiMock('/tmp/matomo_openapi_spec_v1.0.0.json', true, '{invalid json}');
+        $api = $this->buildApiMock('/tmp/CustomAlerts_openapi_spec_v1.0.0.json', true, '{invalid json}');
 
         $this->expectException(\Exception::class);
         $this->expectExceptionMessage('OpenAPI spec file contains invalid JSON');
 
-        $api->getOpenApiSpec();
+        $api->getOpenApiSpec('CustomAlerts');
     }
 
     public function testGetOpenApiSpecThrowsExceptionWhenFormatIsInvalid()
@@ -107,14 +90,13 @@ public function testGetOpenApiSpecThrowsExceptionWhenFormatIsInvalid()
         $api->getOpenApiSpec('CustomAlerts', 'yaml');
     }
 
-    public function testGetSpecFilePathUsesMatomoFileNameByDefault()
+    public function testGetOpenApiSpecThrowsExceptionWhenSpecIsNotAValidPlugin()
     {
         $api = new API();
 
-        $this->assertSame(
-            PIWIK_INCLUDE_PATH . '/plugins/OpenApiDocs/tmp/specs/matomo_openapi_spec_v1.0.0.json',
-            $this->callProtectedMethod($api, 'getSpecFilePath', ['matomo'])
-        );
+        $this->expectException(\Piwik\Exception\PluginNotFoundException::class);
+
+        $api->getOpenApiSpec('DefinitelyNotARealPlugin');
     }
 
     public function testGetSpecFilePathUsesPluginSpecificFileName()