feat: update GetEntityInfo200Response and User schemas to include id and roles

Author: giovannibaratta

mocks/user.fixtures.ts

@@ -1,4 +1,5 @@
 import {User, UserSummary} from "../generated/openapi/model/models"
+import {MOCK_GROUP_ID} from "./group.fixtures"
 
 export const MOCK_USER_ID = "e6e08687-2189-4710-91b5-479cd25a9119"
 export const MOCK_ADMIN_USER_ID = "2d099b40-099f-4975-9320-e52aacfaccd6"
@@ -8,19 +9,48 @@ export const memberUserResponse: User = {
   displayName: "Test User",
   email: "test@localhost.com",
   orgRole: "member",
-  createdAt: "2026-03-08T12:00:00Z"
+  createdAt: "2026-03-08T12:00:00Z",
+  groups: [],
+  roles: [],
+  concurrencyControl: {version: "1"}
 }
 
 export const adminUserResponse: User = {
   id: MOCK_ADMIN_USER_ID,
   displayName: "Admin User",
   email: "admin@localhost.com",
   orgRole: "admin",
-  createdAt: "2026-03-08T12:00:00Z"
+  createdAt: "2026-03-08T12:00:00Z",
+  groups: [],
+  roles: [],
+  concurrencyControl: {version: "1"}
 }
 
 export const userSummaryResponse: UserSummary = {
   id: memberUserResponse.id,
   displayName: memberUserResponse.displayName,
   email: memberUserResponse.email
 }
+
+export const userWithGroupsAndRolesResponse: User = {
+  id: "f3c8b4df-6d75-4309-844a-9c7efc8bf141",
+  displayName: "User with Groups and Roles",
+  email: "groups-roles@localhost.com",
+  orgRole: "member",
+  createdAt: "2026-03-08T12:00:00Z",
+  groups: [
+    {
+      groupId: MOCK_GROUP_ID,
+      groupName: "Engineering Team"
+    }
+  ],
+  roles: [
+    {
+      roleName: "SpaceManager",
+      scope: {
+        type: "org"
+      }
+    }
+  ],
+  concurrencyControl: {version: "1"}
+}

openapi.yaml

@@ -2,7 +2,7 @@ openapi: 3.0.0
 info:
   title: Workflow Approval System API
   description: API for a SaaS platform that allows customers to manage approvals for generic workflows, users, and groups.
-  version: 0.0.40
+  version: 0.0.41
 tags:
   - name: Authentication
     description: OIDC authentication and token management

openapi/auth/auth-info.yaml

@@ -10,18 +10,6 @@ get:
       content:
         application/json:
           schema:
-            type: object
-            required:
-              - entityType
-              - groups
-            properties:
-              entityType:
-                type: string
-                description: Type of the authenticated entity
-                example: user
-              groups:
-                type: array
-                items:
-                  $ref: ../groups/schemas.yaml#/GroupInfo
+            $ref: ./schemas.yaml#/GetEntityInfo200Response
     "401":
       $ref: ../shared/responses.yaml#/Unauthorized

openapi/auth/schemas.yaml

@@ -70,3 +70,75 @@ PrivilegedTokenExchangeRequest:
       description: The identifier of the resource being accessed
     operation:
       $ref: ../shared/schemas.yaml#/PrivilegedOperation
+
+GetEntityInfo200Response:
+  description: Entity information response based on the authenticated entity type.
+  oneOf:
+    - $ref: "#/GetEntityInfoUserResponse"
+    - $ref: "#/GetEntityInfoAgentResponse"
+  discriminator:
+    propertyName: entityType
+    mapping:
+      user: "#/GetEntityInfoUserResponse"
+      agent: "#/GetEntityInfoAgentResponse"
+
+GetEntityInfoUserResponse:
+  type: object
+  required:
+    - id
+    - entityType
+    - groups
+    - roles
+    - orgRole
+  properties:
+    id:
+      type: string
+      format: uuid
+      description: Internal unique identifier for the user.
+    entityType:
+      type: string
+      enum:
+        - user
+      description: Type of the authenticated entity
+      example: user
+    groups:
+      type: array
+      items:
+        $ref: ../groups/schemas.yaml#/GroupInfo
+    roles:
+      type: array
+      items:
+        $ref: ../roles/schemas.yaml#/RoleOperationItem
+    orgRole:
+      type: string
+      enum:
+        - admin
+        - member
+      description: Role assigned to the user within the organization.
+
+GetEntityInfoAgentResponse:
+  type: object
+  required:
+    - id
+    - entityType
+    - groups
+    - roles
+  properties:
+    id:
+      type: string
+      format: uuid
+      description: Internal unique identifier for the agent.
+    entityType:
+      type: string
+      enum:
+        - agent
+      description: Type of the authenticated entity
+      example: agent
+    groups:
+      type: array
+      items:
+        $ref: ../groups/schemas.yaml#/GroupInfo
+    roles:
+      type: array
+      items:
+        $ref: ../roles/schemas.yaml#/RoleOperationItem

openapi/roles/schemas.yaml

@@ -60,6 +60,7 @@ RoleOperationRequest: &ref_0
   description: Request to assign or remove roles from a user or agent
   required:
     - roles
+    - concurrencyControl
   properties:
     roles:
       type: array
@@ -71,5 +72,7 @@ RoleOperationRequest: &ref_0
           scope:
             type: group
             groupId: a1b2c3d4-e5f6-7890-1234-567890abcdef
+    concurrencyControl:
+      $ref: ../shared/schemas.yaml#/ConcurrencyControl
 RoleAssignmentRequest: *ref_0
 RoleRemovalRequest: *ref_0

openapi/users/schemas.yaml

@@ -51,6 +51,9 @@ User:
     - email
     - orgRole
     - createdAt
+    - groups
+    - roles
+    - concurrencyControl
   properties:
     id:
       type: string
@@ -74,12 +77,22 @@ User:
         - member
       description: Role assigned to the user within the organization.
       example: member
+    groups:
+      type: array
+      items:
+        $ref: ../groups/schemas.yaml#/GroupInfo
+    roles:
+      type: array
+      items:
+        $ref: ../roles/schemas.yaml#/RoleOperationItem
     createdAt:
       type: string
       format: date-time
       description: Timestamp when the user was created.
       readOnly: true
       example: "2025-04-15T12:05:00Z"
+    concurrencyControl:
+      $ref: ../shared/schemas.yaml#/ConcurrencyControl
 ListUsersParams:
   type: object
   properties:

package.json

@@ -2,7 +2,7 @@
   "name": "@approvio/api",
   "author": "Giovanni Baratta",
   "license": "MIT",
-  "version": "0.0.46",
+  "version": "0.0.47",
   "private": false,
   "type": "module",
   "main": "./dist/src/index.cjs",
@@ -71,4 +71,4 @@
   "peerDependencies": {
     "fp-ts": "^2.0.0"
   }
-}
+}

src/validators/common.validators.ts

@@ -1,7 +1,14 @@
 import {Either, left, right, isLeft} from "fp-ts/Either"
-import {hasOwnProperty, isNumber, isNonEmptyString, isArray} from "../utils/validation.utils"
-import {Pagination, HealthResponse, GetEntityInfo200Response, GroupInfo} from "../../generated/openapi/model/models"
+import {hasOwnProperty, isNumber, isNonEmptyString, isArray, isUUIDv4} from "../utils/validation.utils"
+import {
+  Pagination,
+  HealthResponse,
+  GetEntityInfo200Response,
+  GroupInfo,
+  RoleOperationItem
+} from "../../generated/openapi/model/models"
 import {validateGroupInfo} from "./groups.validators"
+import {validateRoleOperationItem} from "./users.validators"
 
 export type PaginationValidationError =
   | "malformed_object"
@@ -104,6 +111,12 @@ export type GetEntityInfo200ResponseValidationError =
   | "invalid_entity_type"
   | "missing_groups"
   | "invalid_groups"
+  | "missing_id"
+  | "invalid_id"
+  | "missing_roles"
+  | "invalid_roles"
+  | "missing_org_role"
+  | "invalid_org_role"
 
 export function validateGetEntityInfo200Response(
   object: unknown
@@ -113,6 +126,9 @@ export function validateGetEntityInfo200Response(
   if (!hasOwnProperty(object, "entityType") || !isNonEmptyString(object.entityType))
     return left(hasOwnProperty(object, "entityType") ? "invalid_entity_type" : "missing_entity_type")
 
+  if (!hasOwnProperty(object, "id")) return left("missing_id")
+  if (!isNonEmptyString(object.id) || !isUUIDv4(object.id)) return left("invalid_id")
+
   if (!hasOwnProperty(object, "groups") || !isArray(object.groups))
     return left(hasOwnProperty(object, "groups") ? "invalid_groups" : "missing_groups")
 
@@ -123,8 +139,35 @@ export function validateGetEntityInfo200Response(
     groups.push(validatedItem.right)
   }
 
-  return right({
-    entityType: object.entityType,
-    groups
-  })
+  if (!hasOwnProperty(object, "roles")) return left("missing_roles")
+  if (!isArray(object.roles)) return left("invalid_roles")
+
+  const roles: RoleOperationItem[] = []
+  for (const role of object.roles) {
+    const validatedRole = validateRoleOperationItem(role)
+    if (isLeft(validatedRole)) return left("invalid_roles")
+    roles.push(validatedRole.right)
+  }
+
+  if (object.entityType === "user") {
+    if (!hasOwnProperty(object, "orgRole")) return left("missing_org_role")
+    if (object.orgRole !== "admin" && object.orgRole !== "member") return left("invalid_org_role")
+
+    return right({
+      entityType: "user" as const,
+      id: object.id,
+      groups,
+      roles,
+      orgRole: object.orgRole
+    })
+  } else if (object.entityType === "agent") {
+    return right({
+      entityType: "agent" as const,
+      id: object.id,
+      groups,
+      roles
+    })
+  }
+
+  return left("invalid_entity_type")
 }