Skip to content

Commit 0a4457d

Browse files
ymc9claude
ymc9
and
claude
committed
fix(server): add missing 404/403/422 responses to RPC OpenAPI spec
- update/delete model operations can throw NOT_FOUND at runtime; add 404 - procedure and transaction endpoints delegate to the ORM and can produce 403 (policy rejection), 404 (not found), and 422 (validation error); document all three to match runtime behavior Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent b47c1fa commit 0a4457d

3 files changed

Lines changed: 143 additions & 2 deletions

File tree

packages/orm/src/client/zod/factory.ts

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -203,8 +203,6 @@ export class ZodSchemaFactory<
203203
toJSONSchema() {
204204
// Reset both the registry and the builder cache so that all eager calls
205205
// below re-execute their bodies and re-register schemas into the fresh registry.
206-
// Without clearing schemaCache, a second call to toJSONSchema() would hit cache
207-
// on every builder and never call registerSchema(), leaving the registry empty.
208206
this.schemaCache.clear();
209207
this.schemaRegistry.clear();
210208

packages/server/src/api/rpc/openapi.ts

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -114,9 +114,13 @@ function errorResponse(description: string): OpenAPIV3_1.ResponseObject {
114114

115115
const ERROR_400 = errorResponse('Error occurred while processing the request');
116116
const ERROR_403 = errorResponse('Forbidden: insufficient permissions to perform this operation');
117+
const ERROR_404 = errorResponse('Resource not found');
117118
const ERROR_422 = errorResponse('Operation is unprocessable due to validation errors');
118119
const ERROR_500 = errorResponse('Internal server error');
119120

121+
// Operations that may throw NOT_FOUND when the target record does not exist
122+
const NOT_FOUND_OPERATIONS = new Set<string>(['update', 'delete']);
123+
120124
/**
121125
* Generates an OpenAPI v3.1 specification for the RPC-style API handler.
122126
*/
@@ -336,6 +340,7 @@ export class RPCApiSpecGenerator<Schema extends SchemaDef = SchemaDef> {
336340
},
337341
},
338342
'400': ERROR_400,
343+
...(NOT_FOUND_OPERATIONS.has(op) && { '404': ERROR_404 }),
339344
'422': ERROR_422,
340345
'500': ERROR_500,
341346
...(mayDenyAccess(modelDef, this.policyOp(op), this.specOptions?.respectAccessPolicies) && {
@@ -412,6 +417,9 @@ export class RPCApiSpecGenerator<Schema extends SchemaDef = SchemaDef> {
412417
},
413418
},
414419
'400': ERROR_400,
420+
'403': ERROR_403,
421+
'404': ERROR_404,
422+
'422': ERROR_422,
415423
'500': ERROR_500,
416424
},
417425
};
@@ -480,6 +488,9 @@ export class RPCApiSpecGenerator<Schema extends SchemaDef = SchemaDef> {
480488
},
481489
},
482490
'400': ERROR_400,
491+
'403': ERROR_403,
492+
'404': ERROR_404,
493+
'422': ERROR_422,
483494
'500': ERROR_500,
484495
},
485496
};

packages/server/test/openapi/baseline/rpc.baseline.yaml

Lines changed: 132 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -323,6 +323,12 @@ paths:
323323
application/json:
324324
schema:
325325
$ref: "#/components/schemas/_rpcErrorResponse"
326+
"404":
327+
description: Resource not found
328+
content:
329+
application/json:
330+
schema:
331+
$ref: "#/components/schemas/_rpcErrorResponse"
326332
"422":
327333
description: Operation is unprocessable due to validation errors
328334
content:
@@ -506,6 +512,12 @@ paths:
506512
application/json:
507513
schema:
508514
$ref: "#/components/schemas/_rpcErrorResponse"
515+
"404":
516+
description: Resource not found
517+
content:
518+
application/json:
519+
schema:
520+
$ref: "#/components/schemas/_rpcErrorResponse"
509521
"422":
510522
description: Operation is unprocessable due to validation errors
511523
content:
@@ -1067,6 +1079,12 @@ paths:
10671079
application/json:
10681080
schema:
10691081
$ref: "#/components/schemas/_rpcErrorResponse"
1082+
"404":
1083+
description: Resource not found
1084+
content:
1085+
application/json:
1086+
schema:
1087+
$ref: "#/components/schemas/_rpcErrorResponse"
10701088
"422":
10711089
description: Operation is unprocessable due to validation errors
10721090
content:
@@ -1250,6 +1268,12 @@ paths:
12501268
application/json:
12511269
schema:
12521270
$ref: "#/components/schemas/_rpcErrorResponse"
1271+
"404":
1272+
description: Resource not found
1273+
content:
1274+
application/json:
1275+
schema:
1276+
$ref: "#/components/schemas/_rpcErrorResponse"
12531277
"422":
12541278
description: Operation is unprocessable due to validation errors
12551279
content:
@@ -1811,6 +1835,12 @@ paths:
18111835
application/json:
18121836
schema:
18131837
$ref: "#/components/schemas/_rpcErrorResponse"
1838+
"404":
1839+
description: Resource not found
1840+
content:
1841+
application/json:
1842+
schema:
1843+
$ref: "#/components/schemas/_rpcErrorResponse"
18141844
"422":
18151845
description: Operation is unprocessable due to validation errors
18161846
content:
@@ -1994,6 +2024,12 @@ paths:
19942024
application/json:
19952025
schema:
19962026
$ref: "#/components/schemas/_rpcErrorResponse"
2027+
"404":
2028+
description: Resource not found
2029+
content:
2030+
application/json:
2031+
schema:
2032+
$ref: "#/components/schemas/_rpcErrorResponse"
19972033
"422":
19982034
description: Operation is unprocessable due to validation errors
19992035
content:
@@ -2555,6 +2591,12 @@ paths:
25552591
application/json:
25562592
schema:
25572593
$ref: "#/components/schemas/_rpcErrorResponse"
2594+
"404":
2595+
description: Resource not found
2596+
content:
2597+
application/json:
2598+
schema:
2599+
$ref: "#/components/schemas/_rpcErrorResponse"
25582600
"422":
25592601
description: Operation is unprocessable due to validation errors
25602602
content:
@@ -2738,6 +2780,12 @@ paths:
27382780
application/json:
27392781
schema:
27402782
$ref: "#/components/schemas/_rpcErrorResponse"
2783+
"404":
2784+
description: Resource not found
2785+
content:
2786+
application/json:
2787+
schema:
2788+
$ref: "#/components/schemas/_rpcErrorResponse"
27412789
"422":
27422790
description: Operation is unprocessable due to validation errors
27432791
content:
@@ -3299,6 +3347,12 @@ paths:
32993347
application/json:
33003348
schema:
33013349
$ref: "#/components/schemas/_rpcErrorResponse"
3350+
"404":
3351+
description: Resource not found
3352+
content:
3353+
application/json:
3354+
schema:
3355+
$ref: "#/components/schemas/_rpcErrorResponse"
33023356
"422":
33033357
description: Operation is unprocessable due to validation errors
33043358
content:
@@ -3482,6 +3536,12 @@ paths:
34823536
application/json:
34833537
schema:
34843538
$ref: "#/components/schemas/_rpcErrorResponse"
3539+
"404":
3540+
description: Resource not found
3541+
content:
3542+
application/json:
3543+
schema:
3544+
$ref: "#/components/schemas/_rpcErrorResponse"
34853545
"422":
34863546
description: Operation is unprocessable due to validation errors
34873547
content:
@@ -3762,6 +3822,24 @@ paths:
37623822
application/json:
37633823
schema:
37643824
$ref: "#/components/schemas/_rpcErrorResponse"
3825+
"403":
3826+
description: "Forbidden: insufficient permissions to perform this operation"
3827+
content:
3828+
application/json:
3829+
schema:
3830+
$ref: "#/components/schemas/_rpcErrorResponse"
3831+
"404":
3832+
description: Resource not found
3833+
content:
3834+
application/json:
3835+
schema:
3836+
$ref: "#/components/schemas/_rpcErrorResponse"
3837+
"422":
3838+
description: Operation is unprocessable due to validation errors
3839+
content:
3840+
application/json:
3841+
schema:
3842+
$ref: "#/components/schemas/_rpcErrorResponse"
37653843
"500":
37663844
description: Internal server error
37673845
content:
@@ -3805,6 +3883,24 @@ paths:
38053883
application/json:
38063884
schema:
38073885
$ref: "#/components/schemas/_rpcErrorResponse"
3886+
"403":
3887+
description: "Forbidden: insufficient permissions to perform this operation"
3888+
content:
3889+
application/json:
3890+
schema:
3891+
$ref: "#/components/schemas/_rpcErrorResponse"
3892+
"404":
3893+
description: Resource not found
3894+
content:
3895+
application/json:
3896+
schema:
3897+
$ref: "#/components/schemas/_rpcErrorResponse"
3898+
"422":
3899+
description: Operation is unprocessable due to validation errors
3900+
content:
3901+
application/json:
3902+
schema:
3903+
$ref: "#/components/schemas/_rpcErrorResponse"
38083904
"500":
38093905
description: Internal server error
38103906
content:
@@ -3848,6 +3944,24 @@ paths:
38483944
application/json:
38493945
schema:
38503946
$ref: "#/components/schemas/_rpcErrorResponse"
3947+
"403":
3948+
description: "Forbidden: insufficient permissions to perform this operation"
3949+
content:
3950+
application/json:
3951+
schema:
3952+
$ref: "#/components/schemas/_rpcErrorResponse"
3953+
"404":
3954+
description: Resource not found
3955+
content:
3956+
application/json:
3957+
schema:
3958+
$ref: "#/components/schemas/_rpcErrorResponse"
3959+
"422":
3960+
description: Operation is unprocessable due to validation errors
3961+
content:
3962+
application/json:
3963+
schema:
3964+
$ref: "#/components/schemas/_rpcErrorResponse"
38513965
"500":
38523966
description: Internal server error
38533967
content:
@@ -3887,6 +4001,24 @@ paths:
38874001
application/json:
38884002
schema:
38894003
$ref: "#/components/schemas/_rpcErrorResponse"
4004+
"403":
4005+
description: "Forbidden: insufficient permissions to perform this operation"
4006+
content:
4007+
application/json:
4008+
schema:
4009+
$ref: "#/components/schemas/_rpcErrorResponse"
4010+
"404":
4011+
description: Resource not found
4012+
content:
4013+
application/json:
4014+
schema:
4015+
$ref: "#/components/schemas/_rpcErrorResponse"
4016+
"422":
4017+
description: Operation is unprocessable due to validation errors
4018+
content:
4019+
application/json:
4020+
schema:
4021+
$ref: "#/components/schemas/_rpcErrorResponse"
38904022
"500":
38914023
description: Internal server error
38924024
content:

0 commit comments

Comments
 (0)