feat: Add OpenAPI Support to subscriptions.getOne API

[ahmed-n-abdeltwab]

Description:
This PR integrates OpenAPI support into the Rocket.Chat API, migrate of Rocket.Chat API endpoints to the new OpenAPI pattern. The update includes improved API documentation, enhanced type safety, and response validation using AJV.

Key Changes:

• Implemented the new pattern and added AJV-based JSON schema validation for API.
• Uses the ExtractRoutesFromAPI utility from the TypeScript definitions to dynamically derive the routes from the endpoint specifications.
• Enabled Swagger UI integration for this API.
• Route Methods Chaining for the endpoints.
• This does not introduce any breaking changes to the endpoint logic.

Issue Reference:
Relates to #34983, part of the ongoing OpenAPI integration effort.

Testing:

• Verified that the API response schemas are correctly documented in Swagger UI.

• All tests passed without any breaking changes

  $  yarn testapi -f '[Subscriptions]'
  
  
  [Subscriptions]
    ✔ /subscriptions.get
    ✔ /subscriptions.get?updatedSince
    /subscriptions.getOne
      ✔ should fail if no roomId provided
      ✔ should fail if not logged in
      ✔ should return the subscription with success
      ✔ should keep subscription as read after sending a message (162ms)
    [/subscriptions.read]
      ✔ should mark public channels as read
      ✔ should mark groups as read
      ✔ should mark DMs as read
      ✔ should fail on two params with different ids
      ✔ should fail on mark inexistent public channel as read
      ✔ should fail on mark inexistent group as read
      ✔ should fail on mark inexistent DM as read
      ✔ should fail on invalid params
      ✔ should fail on empty params
      should handle threads correctly
        ✔ should mark threads as read (76ms)
        ✔ should not mark threads as read (99ms)
    [/subscriptions.unread]
      ✔ should fail when there are no messages on an channel
      ✔ sending message (83ms)
      ✔ should return success: true when make as unread successfully (44ms)
      ✔ should fail on invalid params
      ✔ should fail on empty params
  
  
  22 passing (8s)

Endpoints:

• Get Subscription Room

Looking forward to your feedback! 🚀

Summary by CodeRabbit

• New Features

  • Added a dedicated subscriptions.getOne endpoint returning a room-specific subscription or null with consistent success/error responses.

• Documentation

  • OpenAPI docs updated with detailed request/response schemas for the new endpoint.

• Refactor

  • Endpoint migrated to a modern route definition with local JSON-schema validation.

• Tests

  • End-to-end tests updated to expect the new error format (includes errorType) and stricter roomId validation.

[changeset-bot]

🦋 Changeset detected

Latest commit: 8cf6dad

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 41 packages

Name	Type
@rocket.chat/meteor	Patch
@rocket.chat/rest-typings	Patch
@rocket.chat/api-client	Patch
@rocket.chat/core-services	Patch
@rocket.chat/ddp-client	Patch
@rocket.chat/http-router	Patch
@rocket.chat/models	Patch
@rocket.chat/ui-contexts	Patch
@rocket.chat/web-ui-registration	Patch
@rocket.chat/account-service	Patch
@rocket.chat/authorization-service	Patch
@rocket.chat/ddp-streamer	Patch
@rocket.chat/stream-hub-service	Patch
@rocket.chat/federation-matrix	Patch
@rocket.chat/omnichannel-services	Patch
@rocket.chat/presence	Patch
rocketchat-services	Patch
@rocket.chat/omnichannel-transcript	Patch
@rocket.chat/presence-service	Patch
@rocket.chat/queue-worker	Patch
@rocket.chat/network-broker	Patch
@rocket.chat/omni-core-ee	Patch
@rocket.chat/livechat	Patch
@rocket.chat/mock-providers	Patch
@rocket.chat/cron	Patch
@rocket.chat/instance-status	Patch
@rocket.chat/omni-core	Patch
@rocket.chat/media-calls	Patch
@rocket.chat/uikit-playground	Patch
@rocket.chat/fuselage-ui-kit	Patch
@rocket.chat/gazzodown	Patch
@rocket.chat/ui-avatar	Patch
@rocket.chat/ui-client	Patch
@rocket.chat/ui-video-conf	Patch
@rocket.chat/ui-voip	Patch
@rocket.chat/core-typings	Patch
@rocket.chat/apps	Patch
@rocket.chat/freeswitch	Patch
@rocket.chat/model-typings	Patch
@rocket.chat/license	Patch
@rocket.chat/pdf-worker	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[dionisio-bot]

Looks like this PR is not ready to merge, because of the following issues:

• This PR is missing the 'stat: QA assured' label
• This PR is missing the required milestone or project

Please fix the issues and try again

If you have any trouble, please check the PR guidelines

[coderabbitai]

Walkthrough

Adds a new server-side subscriptions.getOne endpoint with local AJV-validated query and response schemas, moves endpoint typing into server module augmentation, removes the public typing/validator from rest-typings, and updates E2E tests and a changeset entry.

Changes

Cohort / File(s)	Summary
API server: subscriptions.getOne apps/meteor/app/api/server/v1/subscriptions.ts	Adds subscriptions.getOne route using chained route/action syntax, local AJV query schema (roomId), 200/400/401 response schemas, response validation, and module augmentation exporting endpoint typings.
REST typings cleanup packages/rest-typings/src/v1/subscriptionsEndpoints.ts	Removes SubscriptionsGetOne type, its AJV validator export (isSubscriptionsGetOneProps), and the /v1/subscriptions.getOne entry from the public SubscriptionsEndpoints type.
E2E tests update apps/meteor/tests/end-to-end/api/subscriptions.ts	Adjusts failure-case assertions to expect errorType: 'error-invalid-params' and a generic AJV message for missing roomId.
Changeset docs .changeset/flat-candles-walk.md	Adds changeset describing OpenAPI support for subscriptions.getOne, route syntax migration, and schema/typing adjustments.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Client
  participant API as v1/subscriptions.getOne
  participant Auth as AuthN/AuthZ
  participant AJV as AJV Validator
  participant Service as Subscriptions Service

  Client->>API: GET /v1/subscriptions.getOne?roomId=...
  API->>Auth: verify session/user
  alt unauthorized
    Auth-->>API: 401
    API-->>Client: 401 { success:false, errorType }
  else authorized
    API->>AJV: validate query (roomId)
    alt invalid params
      AJV-->>API: 400 { error, errorType }
      API-->>Client: 400 { success:false, error, errorType }
    else valid
      API->>Service: fetch subscription for user by roomId
      Service-->>API: subscription | null
      API->>AJV: validate 200 response schema
      API-->>Client: 200 { success:true, subscription|null }
    end
  end

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

I hop through routes with schema light,
AJV whiskers twinkling bright.
One roomId fetch, a tidy tune,
Tests now dance beneath the moon.
A tiny change, a rabbit's cheer—new endpoint here! 🐇✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The pull request title succinctly captures the primary change by indicating the addition of OpenAPI support for the subscriptions.getOne endpoint, aligning directly with the PR’s focus on migrating that API to the new OpenAPI pattern without introducing unrelated details.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 66.95%. Comparing base (c4b3153) to head (406d242).

Additional details and impacted files

@@             Coverage Diff             @@
##           develop   #37085      +/-   ##
===========================================
- Coverage    67.41%   66.95%   -0.47%     
===========================================
  Files         3288     3122     -166     
  Lines       111815   109280    -2535     
  Branches     20421    19824     -597     
===========================================
- Hits         75379    73167    -2212     
+ Misses       33748    33618     -130     
+ Partials      2688     2495     -193     

Flag	Coverage Δ
e2e	56.10% <ø> (-1.21%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between f627e67 and d0fdd82.

📒 Files selected for processing (4)

• .changeset/flat-candles-walk.md (1 hunks)
• apps/meteor/app/api/server/v1/subscriptions.ts (4 hunks)
• apps/meteor/tests/end-to-end/api/subscriptions.ts (1 hunks)
• packages/rest-typings/src/v1/subscriptionsEndpoints.ts (0 hunks)

💤 Files with no reviewable changes (1)

• packages/rest-typings/src/v1/subscriptionsEndpoints.ts

🧰 Additional context used

🧬 Code graph analysis (1)

apps/meteor/app/api/server/v1/subscriptions.ts (4)

packages/core-typings/src/IRoom.ts (1)

• IRoom (21-95)

packages/rest-typings/src/v1/Ajv.ts (3)

• ajv (23-23)
• validateBadRequestErrorResponse (46-46)
• validateUnauthorizedErrorResponse (69-69)

apps/meteor/app/api/server/ApiClass.ts (1)

• ExtractRoutesFromAPI (73-77)

packages/rest-typings/src/index.ts (1)

• Endpoints (51-98)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between d0fdd82 and ee8cb7e.

📒 Files selected for processing (1)

• apps/meteor/app/api/server/v1/subscriptions.ts (4 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

apps/meteor/app/api/server/v1/subscriptions.ts (4)

packages/core-typings/src/IRoom.ts (1)

• IRoom (21-95)

packages/rest-typings/src/v1/Ajv.ts (3)

• ajv (23-23)
• validateBadRequestErrorResponse (46-46)
• validateUnauthorizedErrorResponse (69-69)

apps/meteor/app/api/server/ApiClass.ts (1)

• ExtractRoutesFromAPI (73-77)

packages/rest-typings/src/index.ts (1)

• Endpoints (51-98)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: 📦 Build Packages
• GitHub Check: Builds matrix rust bindings against alpine
• GitHub Check: CodeQL-Build

🔇 Additional comments (4)

apps/meteor/app/api/server/v1/subscriptions.ts (4)

1-16: LGTM! Imports align with the OpenAPI pattern.

The new imports support AJV validation, response schemas, and route type extraction, which are all necessary for the OpenAPI integration.

---

51-65: LGTM! Query validation properly constrains roomId.

The minLength: 1 constraint correctly prevents empty strings, and the runtime check has been appropriately removed since the schema now enforces non-empty values. This resolves the previous review discussion.

---

67-74: LGTM! Endpoint follows the OpenAPI pattern correctly.

The endpoint structure is clean:

• Query validation is declarative with the compiled AJV validator
• Pre-compiled error response validators improve performance
• Action function is straightforward with no redundant runtime checks

Also applies to: 199-208

---

256-261: LGTM! Module augmentation correctly exposes the endpoint types.

The type extraction and module augmentation follow the OpenAPI integration pattern, making the subscriptions.getOne route types available throughout the codebase.