Feature: Extend Swagger Coverage for controller OAuth2SummitsEventTypesApiController

[andrestejerina97]

ref: https://app.clickup.com/t/86b6wkha7

[smarcet]

@andrestejerina97 please review comments

[caseylocker]

@matiasperrone-exo The POST in app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitsEventTypesApiController.php should be a PUT based on the route.

Incorrect

#[OA\Post(
    path: "/api/v1/summits/{id}/event-types/{event_type_id}/summit-documents/{document_id}",
    operationId: "addSummitDocument",

Correct

#[OA\Put(
    path: "/api/v1/summits/{id}/event-types/{event_type_id}/summit-documents/{document_id}",
    operationId: "addSummitDocument",

Is app/Swagger/Models/SummitSchema.php complete?
There is a TODO comment in there.

[matiasperrone-exo]

@caseylocker the Summit schema is defined in the Summit controller. Please approve.

[caseylocker]

getEventTypeBySummit is documented as public but the route, /api/v1/summits/{id}/event-types/{event_type_id}, requires OAuth2 authentication. Based on the scope of the PR add proper security parameter and change the tag.

security: [['summit_event_types_oauth2' => [
    SummitScopes::ReadSummitData,
    SummitScopes::ReadAllSummitData,
]]],
tags: ["Event Types"], 

[matiasperrone-exo]

getEventTypeBySummit is documented as public but the route, /api/v1/summits/{id}/event-types/{event_type_id}, requires OAuth2 authentication. Based on the scope of the PR add proper security parameter and change the tag.

security: [['summit_event_types_oauth2' => [
    SummitScopes::ReadSummitData,
    SummitScopes::ReadAllSummitData,
]]],
tags: ["Event Types"], 

Thanks @caseylocker for the comments.
Both protected and public are pointing to the same method, I added the missing public endpoint to have every endpoint documented.

Now is ready to review again

[caseylocker]

PUT operations document HTTP 200 but updated() actually returns a 201.
updateEventTypeBySummit, addSummitDocument, removeSummitDocument Change Response::HTTP_OK to Response::HTTP_CREATED

Missing security attribute on protected GET endpoint in getEventTypeBySummit.
Thanks for adding the public endpoint but the protected one needs documentation of the security attribute.

[matiasperrone-exo]

Thanks @caseylocker for the comments. Good catch! Is ready now.

I fixed the issues in security and X:

Summary of corrections in OAuth2SummitsEventTypesApiController

Method	Change made
getEventTypeBySummit	Added security with ReadSummitData, ReadAllSummitData
addEventTypeBySummit	Fixed scope order (WriteEventTypeData, WriteSummitData) and required-groups order
updateEventTypeBySummit	Fixed scope order and required-groups order
deleteEventTypeBySummit	Fixed scope order and required-groups order
seedDefaultEventTypesBySummit	Fixed scope order and required-groups order
addSummitDocument	Fixed scope order and required-groups order
removeSummitDocument	Fixed scope order and required-groups order

[caseylocker]

approved