senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/apps/web/docs/ZOD_SCHEMA_AUDIT.md
senke 4bb0f06dcd api-contracts: audit existing Zod schemas and identify gaps 
- Completed Action 1.2.1.1: Audited existing Zod schemas
- Created ZOD_SCHEMA_AUDIT.md documenting coverage
- Found 20+ existing schemas covering core types
- Identified 15+ missing request schemas for specialized endpoints
- Documented gaps in analytics, marketplace, webhooks, 2FA, and upload endpoints
2026-01-11 16:32:40 +01:00

165 lines
6.4 KiB
Markdown
Raw Blame History

# Zod Schema Audit Report
**Date**: 2025-01-27
**Action**: 1.2.1.1 - Audit existing Zod schemas
**Status**: ✅ Complete
## Overview
This document audits existing Zod schemas and identifies gaps compared to the OpenAPI specification.
## Existing Schema Files
1. **`apps/web/src/schemas/apiSchemas.ts`** - Response schemas (399 lines)
2. **`apps/web/src/schemas/apiRequestSchemas.ts`** - Request schemas (290 lines)
3. **`apps/web/src/schemas/validation.ts`** - General validation utilities
4. **`apps/web/src/features/profile/schemas/profileSchema.ts`** - Profile-specific schemas
5. **`apps/web/src/features/settings/schemas/settingsSchema.ts`** - Settings-specific schemas
## Response Schemas Found
### Core Types:
-`userSchema` - User object schema
-`trackSchema` - Track object schema
-`playlistSchema` - Playlist object schema
-`messageSchema` - Chat message schema
-`conversationSchema` - Conversation schema
-`commentSchema` - Comment schema
-`paginatedResponseSchema` - Pagination wrapper
### API Response Wrappers:
-`apiResponseSchema` - Base API response wrapper `{ success, data, error }`
-`errorResponseSchema` - Error response schema
## Request Schemas Found
### Authentication:
-`loginRequestSchema` - Login credentials
-`registerRequestSchema` - User registration
-`refreshRequestSchema` - Token refresh
### User Management:
-`createUserRequestSchema` - Create user
-`updateUserRequestSchema` - Update user
-`updateProfileRequestSchema` - Update profile
### Chat:
-`sendMessageRequestSchema` - Send chat message
-`createConversationRequestSchema` - Create conversation
### Tracks:
-`createTrackRequestSchema` - Create track
-`updateTrackRequestSchema` - Update track
-`uploadTrackRequestSchema` - Upload track file
### Playlists:
-`createPlaylistRequestSchema` - Create playlist
-`updatePlaylistRequestSchema` - Update playlist
-`addTrackToPlaylistRequestSchema` - Add track to playlist
### Comments:
-`createCommentRequestSchema` - Create comment
-`updateCommentRequestSchema` - Update comment
## OpenAPI Endpoints Coverage
**Total endpoints in OpenAPI spec**: 56 endpoints
### Endpoints with Schemas:
-`/auth/login` - loginRequestSchema
-`/auth/register` - registerRequestSchema
-`/auth/refresh` - refreshRequestSchema
-`/tracks` (POST) - createTrackRequestSchema
-`/tracks/{id}` (PUT) - updateTrackRequestSchema
-`/playlists` (POST) - createPlaylistRequestSchema
-`/playlists/{id}` (PUT) - updatePlaylistRequestSchema
-`/tracks/{id}/comments` (POST) - createCommentRequestSchema
-`/comments/{id}` (PUT) - updateCommentRequestSchema
### Endpoints Missing Request Schemas:
- ⚠️ `/analytics/events` (POST) - RecordEventRequest
- ⚠️ `/analytics/tracks/{id}` (GET) - No request schema needed
- ⚠️ `/analytics/tracks/top` (GET) - Query params schema needed
- ⚠️ `/tracks/batch/delete` (POST) - BatchDeleteRequest
- ⚠️ `/tracks/chunk` (POST) - Chunk upload request
- ⚠️ `/tracks/complete` (POST) - Complete upload request
- ⚠️ `/tracks/initiate` (POST) - Initiate upload request
- ⚠️ `/tracks/resume/{uploadId}` (GET) - No request schema needed
- ⚠️ `/tracks/quota/{id}` (GET) - No request schema needed
- ⚠️ `/playlists/{id}/tracks` (POST) - addTrackToPlaylistRequestSchema exists
- ⚠️ `/playlists/{id}/tracks/reorder` (POST) - ReorderTracksRequest
- ⚠️ `/webhooks` (POST) - Webhook registration request
- ⚠️ `/webhooks/{id}/regenerate-key` (POST) - No request schema needed
- ⚠️ `/webhooks/{id}/test` (POST) - No request schema needed
- ⚠️ `/auth/2fa/setup` (POST) - Two-factor setup request
- ⚠️ `/auth/2fa/verify` (POST) - Two-factor verification request
- ⚠️ `/auth/2fa/disable` (POST) - Two-factor disable request
- ⚠️ `/marketplace/products` (POST) - CreateProductRequest
- ⚠️ `/marketplace/products/{id}` (PUT) - UpdateProductRequest
- ⚠️ `/marketplace/orders` (POST) - CreateOrderRequest
- ⚠️ `/api/v1/logs/frontend` (POST) - FrontendLogRequest
## Response Schema Coverage
### Response Types Covered:
- ✅ User responses - userSchema
- ✅ Track responses - trackSchema
- ✅ Playlist responses - playlistSchema
- ✅ Comment responses - commentSchema
- ✅ Paginated responses - paginatedResponseSchema
- ✅ API response wrapper - apiResponseSchema
### Response Types Missing:
- ⚠️ Analytics responses - Analytics data structures
- ⚠️ Webhook responses - Webhook registration/management
- ⚠️ Marketplace responses - Product and Order types
- ⚠️ Two-factor responses - 2FA setup/verification responses
- ⚠️ Upload status responses - Track upload status types
- ⚠️ Search responses - Search result types
## Schema Quality Assessment
### Strengths:
1. ✅ Core types (User, Track, Playlist) are well-defined
2. ✅ Base schemas (UUID, dates) are reusable
3. ✅ Request validation covers main CRUD operations
4. ✅ Response wrapper schema exists
### Gaps:
1. ⚠️ Missing schemas for analytics endpoints
2. ⚠️ Missing schemas for marketplace endpoints
3. ⚠️ Missing schemas for webhook endpoints
4. ⚠️ Missing schemas for 2FA endpoints
5. ⚠️ Missing schemas for upload chunking endpoints
6. ⚠️ Missing query parameter schemas for GET endpoints
7. ⚠️ Missing response schemas for specialized endpoints
## Recommendations
### Priority 1 (High):
1. Add request schemas for batch operations (batch delete, reorder)
2. Add request schemas for upload operations (initiate, chunk, complete)
3. Add request schemas for 2FA operations
### Priority 2 (Medium):
1. Add request schemas for analytics endpoints
2. Add request schemas for marketplace endpoints
3. Add request schemas for webhook endpoints
### Priority 3 (Low):
1. Add query parameter schemas for GET endpoints with filters
2. Add response schemas for specialized endpoints
3. Generate schemas automatically from OpenAPI spec
## Next Steps
1.**Action 1.2.1.1**: Audit complete - This document
2. ⏭️ **Action 1.2.1.2**: Generate Zod schemas from OpenAPI spec (or manually add missing schemas)
3. ⏭️ **Action 1.2.1.3**: Audit all API endpoints for request schemas
4. ⏭️ **Action 1.2.1.4**: Add missing request validation schemas
## Validation
✅ Audit complete - Found 20+ existing schemas, identified 15+ missing request schemas
✅ Core types well-covered (User, Track, Playlist)
⚠️ Specialized endpoints need schema coverage
Reference in a new issue View git blame Copy permalink