Backend Issue 2: Add Admin Forgejo Connection CRUD API #3

Closed
opened 2026-05-19 02:27:58 -05:00 by null · 0 comments
Owner

Goal

Allow organization admins to manage Forgejo connections.

Scope

  • Add Forgejo connection schemas.
  • Add admin-only list/create/read/update/delete endpoints for connections.
  • Redact tokens from all read responses.
  • Keep repository management out of this issue.

Suggested Implementation References

  • Admin dependency: backend/app/api/deps.py require_org_admin
  • Gateway CRUD style: backend/app/api/gateways.py, backend/app/schemas/gateways.py
  • Router wiring: backend/app/main.py
  • Response wrapper: backend/app/schemas/common.py OkResponse

Suggested Endpoints

  • GET /api/v1/forgejo/connections
  • POST /api/v1/forgejo/connections
  • GET /api/v1/forgejo/connections/{connection_id}
  • PATCH /api/v1/forgejo/connections/{connection_id}
  • DELETE /api/v1/forgejo/connections/{connection_id}

Acceptance Criteria

  • Only organization admins can create/update/delete connections.
  • Connection list/read responses never include the token.
  • Updating token with an empty string leaves existing token unchanged or clears it only if the schema explicitly supports clearing.
  • Read responses include only safe token metadata such as has_token and token_last_eight.
  • base_url is normalized to a root Forgejo host URL, not a full API endpoint path.
  • base_url accepts only http or https.
  • Cross-organization access returns 404 or 403 consistently with existing Pipeline APIs.
  • Tests cover create, list redaction, update, delete, and non-admin rejection.

Out Of Scope

  • Repository CRUD.
  • Calling Forgejo.
  • Frontend UI.
## Goal Allow organization admins to manage Forgejo connections. ## Scope - Add Forgejo connection schemas. - Add admin-only list/create/read/update/delete endpoints for connections. - Redact tokens from all read responses. - Keep repository management out of this issue. ## Suggested Implementation References - Admin dependency: `backend/app/api/deps.py` `require_org_admin` - Gateway CRUD style: `backend/app/api/gateways.py`, `backend/app/schemas/gateways.py` - Router wiring: `backend/app/main.py` - Response wrapper: `backend/app/schemas/common.py` `OkResponse` ## Suggested Endpoints - `GET /api/v1/forgejo/connections` - `POST /api/v1/forgejo/connections` - `GET /api/v1/forgejo/connections/{connection_id}` - `PATCH /api/v1/forgejo/connections/{connection_id}` - `DELETE /api/v1/forgejo/connections/{connection_id}` ## Acceptance Criteria - Only organization admins can create/update/delete connections. - Connection list/read responses never include the token. - Updating token with an empty string leaves existing token unchanged or clears it only if the schema explicitly supports clearing. - Read responses include only safe token metadata such as `has_token` and `token_last_eight`. - `base_url` is normalized to a root Forgejo host URL, not a full API endpoint path. - `base_url` accepts only `http` or `https`. - Cross-organization access returns 404 or 403 consistently with existing Pipeline APIs. - Tests cover create, list redaction, update, delete, and non-admin rejection. ## Out Of Scope - Repository CRUD. - Calling Forgejo. - Frontend UI.
null closed this issue 2026-05-19 03:17:07 -05:00
null added the
admin
api
backend
forgejo
labels 2026-05-19 03:31:59 -05:00
Sign in to join this conversation.
No description provided.