diff --git a/src/main/java/com/hithomelabs/CFTunnels/Controllers/TunnelController.java b/src/main/java/com/hithomelabs/CFTunnels/Controllers/TunnelController.java index cb77525..d4e3962 100644 --- a/src/main/java/com/hithomelabs/CFTunnels/Controllers/TunnelController.java +++ b/src/main/java/com/hithomelabs/CFTunnels/Controllers/TunnelController.java @@ -110,9 +110,7 @@ public class TunnelController implements ErrorController { * * @param oidcUser The authenticated OIDC user * @return Map containing username and roles - * - * @security Requires USER role - * @response 200 OK + * @throws SecurityException if authentication fails */ @PreAuthorize("hasAnyRole('USER')") @GetMapping("/whoami") @@ -134,10 +132,7 @@ public class TunnelController implements ErrorController { * including their status and configuration from the Cloudflare API.

* * @return Map containing list of all tunnels - * - * @security Requires USER role - * @response 200 OK with tunnel list - * @response 500 Internal Server Error if API call fails + * @throws SecurityException if user lacks required role * @see Cloudflare API */ @PreAuthorize("hasAnyRole('USER')") @@ -160,10 +155,7 @@ public class TunnelController implements ErrorController { * with environment associations.

* * @return Map containing list of configured tunnels - * - * @security Requires USER role - * @response 200 OK with tunnel list - * @response 500 Internal Server Error if database access fails + * @throws SecurityException if user lacks required role * @see CloudflareAPIService#getAllConfiguredTunnels() */ @PreAuthorize("hasAnyRole('USER')") @@ -186,10 +178,7 @@ public class TunnelController implements ErrorController { *

Returns all pending, approved, and rejected mapping requests.

* * @return Map containing list of all requests - * - * @security Requires USER role - * @response 200 OK with request list - * @response 500 Internal Server Error if database access fails + * @throws SecurityException if user lacks required role */ @PreAuthorize("hasAnyRole('USER')") @GetMapping("/requests") @@ -213,10 +202,7 @@ public class TunnelController implements ErrorController { * * @param tunnelId The Cloudflare tunnel ID (UUID) * @return Map containing tunnel configuration - * - * @security Requires DEVELOPER role - * @response 200 OK with configuration - * @response 500 Internal Server Error + * @throws SecurityException if user lacks required role * @see Cloudflare API */ @PreAuthorize("hasAnyRole('DEVELOPER')") @@ -241,11 +227,8 @@ public class TunnelController implements ErrorController { * @param tunnelId The Cloudflare tunnel ID (UUID) * @param ingress The ingress rule to add * @return Map containing the updated configuration - * - * @security Requires ADMIN role - * @response 200 OK with updated configuration - * @response 400 Bad Request if ingress is invalid - * @response 500 Internal Server Error + * @throws SecurityException if user lacks required role + * @throws JsonProcessingException if JSON processing fails * * @example * { @@ -284,10 +267,8 @@ public class TunnelController implements ErrorController { * @param tunnelId The Cloudflare tunnel ID (UUID) * @param ingress Ingress containing hostname to delete (only hostname field is used) * @return Map containing the result - * - * @security Requires DEVELOPER role - * @response 200 OK with updated configuration - * @response 409 Conflict if hostname not found + * @throws SecurityException if user lacks required role + * @throws JsonProcessingException if JSON processing fails */ @PreAuthorize("hasAnyRole('DEVELOPER')") @DeleteMapping("/tunnels/{tunnelId}/mappings") @@ -329,11 +310,7 @@ public class TunnelController implements ErrorController { * @param oidcUser The authenticated user * @param ingess The ingress configuration to request * @return The created request with PENDING status - * - * @security Requires DEVELOPER role - * @response 201 Created with request - * @response 400 Bad Request if invalid - * + * @throws SecurityException if user lacks required role * @see MappingRequestService#createMappingRequest(String, Ingress, OidcUser) */ @PreAuthorize("hasAnyRole('DEVELOPER')") @@ -354,11 +331,7 @@ public class TunnelController implements ErrorController { * @param requestId The ID of the request to approve * @param oidcUser The approver (must have APPROVER role) * @return The updated request with APPROVED status - * - * @security Requires APPROVER role - * @response 200 OK with approved request - * @response 404 Not Found if request doesn't exist - * @response 409 Conflict if request already processed + * @throws SecurityException if user lacks required role */ @PreAuthorize("hasAnyRole('APPROVER')") @PutMapping("/requests/{requestId}/approve") @@ -386,11 +359,7 @@ public class TunnelController implements ErrorController { * @param requestId The ID of the request to reject * @param oidcUser The rejecter (must have APPROVER role) * @return The updated request with REJECTED status - * - * @security Requires APPROVER role - * @response 200 OK with rejected request - * @response 404 Not Found - * @response 409 Conflict + * @throws SecurityException if user lacks required role */ @PreAuthorize("hasAnyRole('APPROVER')") @PutMapping("/requests/{requestId}/reject") @@ -425,12 +394,7 @@ public class TunnelController implements ErrorController { * @param tunnelId The Cloudflare tunnel ID (UUID) * @param user The authenticated user * @return The tunnel configuration - * - * @security Requires ADMIN role - * @response 200 OK with tunnel - * @response 204 No Content - * @response 404 Not Found - * @response 500 Internal Server Error + * @throws SecurityException if user lacks required role */ @PreAuthorize("hasAnyRole('ADMIN')") @PutMapping("/tunnels/configure/{tunnelId}") @@ -454,4 +418,4 @@ public class TunnelController implements ErrorController { } } -} \ No newline at end of file +}