revisions and fixes for api handling

Author: Blair McKenzie

packages/api/base.cfc

@@ -222,7 +222,7 @@ component {
 	}
 
 	public void function updateObject(required struct stObject, required struct stUpdate) {
-		var swaggerDef = application.fc.lib.api.swagger[request.req.handler.api].definitions[arguments.stObject.typename & "Update"].schema.properties;
+		var swaggerDef = application.fc.lib.api.swagger[request.req.handler.api].definitions[arguments.stObject.typename & "Update"].properties;
 		var key = "";
 		var stItem = {};
 		var o = application.fapi.getContentType(typename=arguments.stObject.typename);

packages/lib/api.cfc

@@ -642,6 +642,7 @@ component {
 				"authentication" = "statelesskey",
 				"groups" = application.security.userdirectories[listLast(stProfile.userdirectory)].getUserGroups(listDeleteAt(stProfile.username, listLen(stProfile.username, "_"), "_"))
 			};
+			arguments.req.user.roles = application.security.factory.role.groupsToRoles(arrayToList(arguments.req.user.groups));
 		}
 
 		return [];
@@ -654,7 +655,8 @@ component {
 			arguments.req.user = {
 				"id" = application.security.getCurrentUserID(),
 				"profile" = session.dmProfile,
-				"authentication" = "session"
+				"authentication" = "session",
+				"roles" = application.security.getCurrentRoles()
 			};
 		}
 
@@ -743,6 +745,10 @@ component {
 			arguments.permission = listLast(arguments.permission, ":");
 		}
 
+		if (arguments.permission eq "authenticated") {
+			return listFindNoCase("public,key,statelesskey,basic,session", arguments.req.authentication) gt 0;
+		}
+
 		switch (arguments.req.authentication) {
 			case "public":
 				return true;

packages/lib/swagger.cfc

@@ -164,6 +164,11 @@ component {
 			}
 		}
 
+		for (typename in arguments.typenames) {
+			arguments.swagger.definitions["#typename#"] = getSwaggerDefinition(typename=typename, forUpdate=false);
+			arguments.swagger.definitions["#typename#Update"] = getSwaggerDefinition(typename=typename, forUpdate=true);
+		}
+
 		if (expandTypename) {
 			for (typename in arguments.typenames) {
 				altMethod = duplicate(methodOut);
@@ -198,10 +203,6 @@ component {
 
 				arguments.swagger.paths[altMethod["x-path"]][altMethod["x-method"]] = altMethod;
 
-				if (listFindNoCase("CREATE,PUT,POST", altMethod["x-method"]) and not structKeyExists(arguments.swagger.definitions, "#typename#Update")) {
-					arguments.swagger.definitions["#typename#Update"] = getSwaggerDefinition(typename=typename, forUpdate=true);
-				}
-
 				structDelete(altMethod, "x-path");
 				structDelete(altMethod, "x-method");
 			}
@@ -371,7 +372,7 @@ component {
 		var prop = "";
 
 		if (structKeyExists(o, "getSwaggerDefinition")) {
-			return o.getSwaggerDefinition(typename=arguments.typename);
+			return o.getSwaggerDefinition(argumentCollection=arguments);
 		}
 
 		if (not arguments.forUpdate) {

webskin/configAPI/displayIntroductionV1.cfm

@@ -20,6 +20,10 @@ The following authentication methods are supported:
 	<cfoutput>- API key - include the API key in the request `Authentication` header.
 </cfoutput>
 </cfif>
+<cfif listFindNoCase(application.fapi.getConfig("api", "authentication"), "statelesskey")>
+	<cfoutput>- Stateless API key - `application.fc.lib.api.getStatelessAPIKey(username)` will return a temporary key to include in the request `Authentication` header.
+</cfoutput>
+</cfif>
 <cfif listFindNoCase(application.fapi.getConfig("api", "authentication"), "basic")>
 	<cfoutput>- Basic HTTP - pass your FarCry credentials with the request in the `Authentication` header.
 </cfoutput>