From f2659271a955b3468df9b78ddf6d4085ff262c5a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Laurent=20Tr=C3=A9guier?= <laurent.treguier@fyreplace.app>
Date: Mon, 18 Nov 2024 11:33:12 +0100
Subject: [PATCH 1/2] Strengthen OpenAPI schema

---
 .../api/endpoints/ChaptersEndpoint.java       | 36 ++++++++++--
 .../api/endpoints/CommentsEndpoint.java       | 42 ++++++++++++--
 .../api/endpoints/EmailsEndpoint.java         | 23 +++++++-
 .../api/endpoints/PostsEndpoint.java          | 48 ++++++++++++++--
 .../api/endpoints/ReportsEndpoint.java        | 12 +++-
 .../api/endpoints/SubscriptionsEndpoint.java  | 12 +++-
 .../api/endpoints/TokensEndpoint.java         | 17 +++++-
 .../api/endpoints/UsersEndpoint.java          | 56 ++++++++++++++-----
 .../mappers/NumberFormatExceptionMapper.java  | 14 -----
 .../chapters/DeleteChapterTests.java          |  3 +-
 .../chapters/SetChapterImageTests.java        |  3 +-
 .../chapters/SetChapterTextTests.java         |  3 +-
 12 files changed, 215 insertions(+), 54 deletions(-)
 delete mode 100644 src/main/java/app/fyreplace/api/exceptions/mappers/NumberFormatExceptionMapper.java

diff --git a/src/main/java/app/fyreplace/api/endpoints/ChaptersEndpoint.java b/src/main/java/app/fyreplace/api/endpoints/ChaptersEndpoint.java
index 0a78d77..2cbda5e 100644
--- a/src/main/java/app/fyreplace/api/endpoints/ChaptersEndpoint.java
+++ b/src/main/java/app/fyreplace/api/endpoints/ChaptersEndpoint.java
@@ -12,10 +12,12 @@
 import app.fyreplace.api.services.ImageService;
 import app.fyreplace.api.services.SanitizationService;
 import io.quarkus.cache.CacheResult;
+import io.quarkus.hibernate.validator.runtime.jaxrs.ViolationReport;
 import io.quarkus.panache.common.Sort;
 import io.quarkus.security.Authenticated;
 import jakarta.inject.Inject;
 import jakarta.transaction.Transactional;
+import jakarta.validation.Valid;
 import jakarta.validation.constraints.NotNull;
 import jakarta.validation.constraints.PositiveOrZero;
 import jakarta.ws.rs.DELETE;
@@ -93,7 +95,13 @@ public Response createChapter(@PathParam("id") final UUID id) {
     @Authenticated
     @Transactional
     @APIResponse(responseCode = "204", description = "No Content")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(responseCode = "404", description = "Not Found")
     @CacheResult(cacheName = "requests", keyGenerator = DuplicateRequestKeyGenerator.class)
     public Response deleteChapter(
@@ -111,7 +119,13 @@ public Response deleteChapter(
     @Transactional
     @RequestBody(required = true)
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(responseCode = "404", description = "Not Found")
     public Response setChapterPosition(
             @PathParam("id") final UUID id,
@@ -145,12 +159,19 @@ public Response setChapterPosition(
     @Authenticated
     @Transactional
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(responseCode = "404", description = "Not Found")
     public String setChapterText(
             @PathParam("id") final UUID id,
             @PathParam("position") @PositiveOrZero final int position,
-            @NotNull @Length(max = Chapter.TEXT_MAX_LENGTH) @Schema(maxLength = Chapter.TEXT_MAX_LENGTH) String input) {
+            @NotNull @Length(max = Chapter.TEXT_MAX_LENGTH) @Schema(maxLength = Chapter.TEXT_MAX_LENGTH) @Valid
+                    String input) {
         final var user = User.getFromSecurityContext(context);
         final var post = Post.<Post>findById(id);
         Post.validateAccess(post, user, false, true);
@@ -171,6 +192,13 @@ public String setChapterText(
     @Transactional
     @RequestBody(required = true, content = @Content(mediaType = MediaType.APPLICATION_OCTET_STREAM))
     @APIResponse(responseCode = "200", description = "OK")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(responseCode = "404", description = "Not Found")
     @APIResponse(responseCode = "413", description = "Payload Too Large")
     @APIResponse(responseCode = "415", description = "Unsupported Media Type")
diff --git a/src/main/java/app/fyreplace/api/endpoints/CommentsEndpoint.java b/src/main/java/app/fyreplace/api/endpoints/CommentsEndpoint.java
index 179c681..1b9ccd1 100644
--- a/src/main/java/app/fyreplace/api/endpoints/CommentsEndpoint.java
+++ b/src/main/java/app/fyreplace/api/endpoints/CommentsEndpoint.java
@@ -10,6 +10,7 @@
 import app.fyreplace.api.exceptions.ExplainedFailure;
 import app.fyreplace.api.exceptions.ForbiddenException;
 import io.quarkus.cache.CacheResult;
+import io.quarkus.hibernate.validator.runtime.jaxrs.ViolationReport;
 import io.quarkus.security.Authenticated;
 import jakarta.annotation.Nullable;
 import jakarta.transaction.Transactional;
@@ -48,7 +49,13 @@ public final class CommentsEndpoint {
     @GET
     @Authenticated
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(responseCode = "404", description = "Not Found")
     public Iterable<Comment> listComments(
             @PathParam("id") final UUID id, @QueryParam("page") @PositiveOrZero final int page) {
@@ -71,7 +78,13 @@ public Iterable<Comment> listComments(
             description = "Created",
             content =
                     @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = Comment.class)))
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(
             responseCode = "403",
             description = "Not Allowed",
@@ -105,7 +118,13 @@ public Response createComment(@PathParam("id") final UUID id, @NotNull @Valid fi
     @Authenticated
     @Transactional
     @APIResponse(responseCode = "204", description = "No Content")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(
             responseCode = "403",
             description = "Not Allowed",
@@ -136,7 +155,13 @@ public Response deleteComment(
     @Transactional
     @RequestBody(required = true)
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(
             responseCode = "403",
             description = "Not Allowed",
@@ -172,7 +197,13 @@ public Response setCommentReported(
     @Authenticated
     @Transactional
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(responseCode = "404", description = "Not Found")
     public Response acknowledgeComment(
             @PathParam("id") final UUID id, @PathParam("position") @PositiveOrZero final int position) {
@@ -200,7 +231,6 @@ public Response acknowledgeComment(
     @Authenticated
     @Produces(MediaType.APPLICATION_JSON)
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
     @APIResponse(responseCode = "404", description = "Not Found")
     public long countComments(@PathParam("id") final UUID id, @QueryParam("read") @Nullable final Boolean read) {
         final var user = User.getFromSecurityContext(context);
diff --git a/src/main/java/app/fyreplace/api/endpoints/EmailsEndpoint.java b/src/main/java/app/fyreplace/api/endpoints/EmailsEndpoint.java
index 5090f25..a32e6a0 100644
--- a/src/main/java/app/fyreplace/api/endpoints/EmailsEndpoint.java
+++ b/src/main/java/app/fyreplace/api/endpoints/EmailsEndpoint.java
@@ -12,6 +12,7 @@
 import app.fyreplace.api.exceptions.ForbiddenException;
 import io.quarkus.cache.CacheResult;
 import io.quarkus.elytron.security.common.BcryptUtil;
+import io.quarkus.hibernate.validator.runtime.jaxrs.ViolationReport;
 import io.quarkus.panache.common.Sort;
 import io.quarkus.security.Authenticated;
 import jakarta.inject.Inject;
@@ -54,6 +55,13 @@ public final class EmailsEndpoint {
     @GET
     @Authenticated
     @APIResponse(responseCode = "200", description = "OK")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     public Iterable<Email> listEmails(@QueryParam("page") @PositiveOrZero final int page) {
         final var user = User.getFromSecurityContext(context);
         return Email.find("user", Sort.by("email"), user).page(page, pagingSize).list();
@@ -67,6 +75,13 @@ public Iterable<Email> listEmails(@QueryParam("page") @PositiveOrZero final int
             responseCode = "201",
             description = "Created",
             content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = Email.class)))
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(
             responseCode = "409",
             description = "Conflict",
@@ -160,7 +175,13 @@ public long countEmails() {
     @Transactional
     @RequestBody(required = true)
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(responseCode = "404", description = "Not Found")
     @CacheResult(cacheName = "requests", keyGenerator = DuplicateRequestKeyGenerator.class)
     public Response activateEmail(@NotNull @Valid final EmailActivation input) {
diff --git a/src/main/java/app/fyreplace/api/endpoints/PostsEndpoint.java b/src/main/java/app/fyreplace/api/endpoints/PostsEndpoint.java
index faafe7d..853c25e 100644
--- a/src/main/java/app/fyreplace/api/endpoints/PostsEndpoint.java
+++ b/src/main/java/app/fyreplace/api/endpoints/PostsEndpoint.java
@@ -13,6 +13,7 @@
 import app.fyreplace.api.exceptions.ExplainedFailure;
 import app.fyreplace.api.exceptions.ForbiddenException;
 import io.quarkus.cache.CacheResult;
+import io.quarkus.hibernate.validator.runtime.jaxrs.ViolationReport;
 import io.quarkus.panache.common.Sort;
 import io.quarkus.panache.common.Sort.Direction;
 import io.quarkus.security.Authenticated;
@@ -58,7 +59,13 @@ public final class PostsEndpoint {
     @GET
     @Authenticated
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     public Iterable<Post> listPosts(
             @QueryParam("page") @PositiveOrZero final int page,
             @QueryParam("ascending") final boolean ascending,
@@ -134,7 +141,13 @@ public Response deletePost(@PathParam("id") final UUID id) {
     @Transactional
     @RequestBody(required = true)
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(responseCode = "404", description = "Not Found")
     public Response setPostSubscribed(@PathParam("id") final UUID id, @NotNull @Valid final SubscriptionUpdate input) {
         final var user = User.getFromSecurityContext(context);
@@ -156,6 +169,13 @@ public Response setPostSubscribed(@PathParam("id") final UUID id, @NotNull @Vali
     @Transactional
     @RequestBody(required = true)
     @APIResponse(responseCode = "200", description = "OK")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(responseCode = "404", description = "Not Found")
     public Response setPostReported(@PathParam("id") final UUID id, @NotNull @Valid final ReportUpdate input) {
         final var user = User.getFromSecurityContext(context);
@@ -177,7 +197,13 @@ public Response setPostReported(@PathParam("id") final UUID id, @NotNull @Valid
     @Transactional
     @RequestBody(required = true)
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(
             responseCode = "403",
             description = "Not Allowed",
@@ -206,7 +232,13 @@ public Response publishPost(@PathParam("id") final UUID id, @NotNull @Valid fina
     @Transactional
     @RequestBody(required = true)
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(
             responseCode = "403",
             description = "Not Allowed",
@@ -242,7 +274,13 @@ public Response votePost(@PathParam("id") final UUID id, @NotNull @Valid final V
     @Authenticated
     @Produces(MediaType.APPLICATION_JSON)
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     public long countPosts(@QueryParam("type") @NotNull final PostListingType type) {
         final var user = User.getFromSecurityContext(context);
         return switch (type) {
diff --git a/src/main/java/app/fyreplace/api/endpoints/ReportsEndpoint.java b/src/main/java/app/fyreplace/api/endpoints/ReportsEndpoint.java
index 07ac912..e21a28f 100644
--- a/src/main/java/app/fyreplace/api/endpoints/ReportsEndpoint.java
+++ b/src/main/java/app/fyreplace/api/endpoints/ReportsEndpoint.java
@@ -1,12 +1,16 @@
 package app.fyreplace.api.endpoints;
 
 import app.fyreplace.api.data.Report;
+import io.quarkus.hibernate.validator.runtime.jaxrs.ViolationReport;
 import jakarta.annotation.security.RolesAllowed;
 import jakarta.validation.constraints.PositiveOrZero;
 import jakarta.ws.rs.GET;
 import jakarta.ws.rs.Path;
 import jakarta.ws.rs.QueryParam;
+import jakarta.ws.rs.core.MediaType;
 import org.eclipse.microprofile.config.inject.ConfigProperty;
+import org.eclipse.microprofile.openapi.annotations.media.Content;
+import org.eclipse.microprofile.openapi.annotations.media.Schema;
 import org.eclipse.microprofile.openapi.annotations.responses.APIResponse;
 
 @Path("reports")
@@ -17,7 +21,13 @@ public final class ReportsEndpoint {
     @GET
     @RolesAllowed("MODERATOR")
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     public Iterable<Report> listReports(@QueryParam("page") @PositiveOrZero final int page) {
         return Report.findAll(Report.sorting()).page(page, pagingSize).list();
     }
diff --git a/src/main/java/app/fyreplace/api/endpoints/SubscriptionsEndpoint.java b/src/main/java/app/fyreplace/api/endpoints/SubscriptionsEndpoint.java
index dba30ef..ca4727d 100644
--- a/src/main/java/app/fyreplace/api/endpoints/SubscriptionsEndpoint.java
+++ b/src/main/java/app/fyreplace/api/endpoints/SubscriptionsEndpoint.java
@@ -2,6 +2,7 @@
 
 import app.fyreplace.api.data.Subscription;
 import app.fyreplace.api.data.User;
+import io.quarkus.hibernate.validator.runtime.jaxrs.ViolationReport;
 import io.quarkus.security.Authenticated;
 import jakarta.transaction.Transactional;
 import jakarta.validation.constraints.PositiveOrZero;
@@ -12,9 +13,12 @@
 import jakarta.ws.rs.PathParam;
 import jakarta.ws.rs.QueryParam;
 import jakarta.ws.rs.core.Context;
+import jakarta.ws.rs.core.MediaType;
 import jakarta.ws.rs.core.SecurityContext;
 import java.util.UUID;
 import org.eclipse.microprofile.config.inject.ConfigProperty;
+import org.eclipse.microprofile.openapi.annotations.media.Content;
+import org.eclipse.microprofile.openapi.annotations.media.Schema;
 import org.eclipse.microprofile.openapi.annotations.responses.APIResponse;
 
 @Path("subscriptions")
@@ -46,7 +50,13 @@ public void deleteSubscription(@PathParam("id") final UUID id) {
     @Path("unread")
     @Authenticated
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     public Iterable<Subscription> listUnreadSubscriptions(@QueryParam("page") @PositiveOrZero final int page) {
         final var user = User.getFromSecurityContext(context);
 
diff --git a/src/main/java/app/fyreplace/api/endpoints/TokensEndpoint.java b/src/main/java/app/fyreplace/api/endpoints/TokensEndpoint.java
index 3c35b8e..dee5ee6 100644
--- a/src/main/java/app/fyreplace/api/endpoints/TokensEndpoint.java
+++ b/src/main/java/app/fyreplace/api/endpoints/TokensEndpoint.java
@@ -13,6 +13,7 @@
 import app.fyreplace.api.services.JwtService;
 import io.quarkus.cache.CacheResult;
 import io.quarkus.elytron.security.common.BcryptUtil;
+import io.quarkus.hibernate.validator.runtime.jaxrs.ViolationReport;
 import io.quarkus.security.Authenticated;
 import jakarta.inject.Inject;
 import jakarta.transaction.Transactional;
@@ -55,7 +56,13 @@ public final class TokensEndpoint {
                     @Content(
                             mediaType = MediaType.TEXT_PLAIN,
                             schema = @Schema(implementation = String.class, format = "password")))
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(responseCode = "404", description = "Not Found")
     @CacheResult(cacheName = "requests", keyGenerator = DuplicateRequestKeyGenerator.class)
     public Response createToken(@NotNull @Valid final TokenCreation input) {
@@ -104,7 +111,13 @@ public String getNewToken() {
     @Transactional
     @RequestBody(required = true)
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(
             responseCode = "403",
             description = "Not Allowed",
diff --git a/src/main/java/app/fyreplace/api/endpoints/UsersEndpoint.java b/src/main/java/app/fyreplace/api/endpoints/UsersEndpoint.java
index 5994fcc..224172c 100644
--- a/src/main/java/app/fyreplace/api/endpoints/UsersEndpoint.java
+++ b/src/main/java/app/fyreplace/api/endpoints/UsersEndpoint.java
@@ -138,7 +138,13 @@ public User getUser(@PathParam("id") final UUID id) {
     @Transactional
     @RequestBody(required = true)
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(
             responseCode = "403",
             description = "Not Allowed",
@@ -194,6 +200,13 @@ public Response setUserBanned(@PathParam("id") final UUID id) {
     @Transactional
     @RequestBody(required = true)
     @APIResponse(responseCode = "200", description = "OK")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     @APIResponse(
             responseCode = "403",
             description = "Not Allowed",
@@ -226,14 +239,33 @@ public User getCurrentUser() {
         return User.getFromSecurityContext(context);
     }
 
+    @DELETE
+    @Path("current")
+    @Authenticated
+    @Transactional
+    @APIResponse(responseCode = "204", description = "No Content")
+    @CacheResult(cacheName = "requests", keyGenerator = DuplicateRequestKeyGenerator.class)
+    public Response deleteCurrentUser() {
+        User.getFromSecurityContext(context).softDelete();
+        return Response.noContent().build();
+    }
+
     @PUT
     @Path("current/bio")
     @Authenticated
     @Transactional
     @RequestBody(required = true, content = @Content(mediaType = MediaType.TEXT_PLAIN))
     @APIResponse(responseCode = "200", description = "OK")
-    @APIResponse(responseCode = "400", description = "Bad Request")
-    public String setCurrentUserBio(@NotNull @Length(max = User.BIO_MAX_LENGTH) final String input) {
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
+    public String setCurrentUserBio(
+            @NotNull @Length(max = User.BIO_MAX_LENGTH) @Schema(maxLength = User.BIO_MAX_LENGTH) @Valid
+                    final String input) {
         final var user = User.getFromSecurityContext(context, LockModeType.PESSIMISTIC_READ);
         user.bio = sanitizationService.sanitize(input);
         user.persist();
@@ -278,21 +310,17 @@ public void deleteCurrentUserAvatar() {
         }
     }
 
-    @DELETE
-    @Path("current")
-    @Authenticated
-    @Transactional
-    @APIResponse(responseCode = "204", description = "No Content")
-    @CacheResult(cacheName = "requests", keyGenerator = DuplicateRequestKeyGenerator.class)
-    public Response deleteCurrentUser() {
-        User.getFromSecurityContext(context).softDelete();
-        return Response.noContent().build();
-    }
-
     @GET
     @Path("blocked")
     @Authenticated
     @APIResponse(responseCode = "200", description = "OK")
+    @APIResponse(
+            responseCode = "400",
+            description = "Bad Request",
+            content =
+                    @Content(
+                            mediaType = MediaType.APPLICATION_JSON,
+                            schema = @Schema(implementation = ViolationReport.class)))
     public Iterable<User.Profile> listBlockedUsers(@QueryParam("page") @PositiveOrZero final int page) {
         final var user = User.getFromSecurityContext(context);
         final var blocks = Block.<Block>find("source", Sort.by("id"), user);
diff --git a/src/main/java/app/fyreplace/api/exceptions/mappers/NumberFormatExceptionMapper.java b/src/main/java/app/fyreplace/api/exceptions/mappers/NumberFormatExceptionMapper.java
deleted file mode 100644
index cfe32f9..0000000
--- a/src/main/java/app/fyreplace/api/exceptions/mappers/NumberFormatExceptionMapper.java
+++ /dev/null
@@ -1,14 +0,0 @@
-package app.fyreplace.api.exceptions.mappers;
-
-import jakarta.ws.rs.core.Response;
-import jakarta.ws.rs.ext.ExceptionMapper;
-import jakarta.ws.rs.ext.Provider;
-
-@SuppressWarnings("unused")
-@Provider
-public final class NumberFormatExceptionMapper implements ExceptionMapper<NumberFormatException> {
-    @Override
-    public Response toResponse(final NumberFormatException exception) {
-        return Response.status(Response.Status.BAD_REQUEST).build();
-    }
-}
diff --git a/src/test/java/app/fyreplace/api/testing/endpoints/chapters/DeleteChapterTests.java b/src/test/java/app/fyreplace/api/testing/endpoints/chapters/DeleteChapterTests.java
index 6488fae..f72d874 100644
--- a/src/test/java/app/fyreplace/api/testing/endpoints/chapters/DeleteChapterTests.java
+++ b/src/test/java/app/fyreplace/api/testing/endpoints/chapters/DeleteChapterTests.java
@@ -12,7 +12,6 @@
 import io.quarkus.test.junit.QuarkusTest;
 import io.quarkus.test.security.TestSecurity;
 import jakarta.transaction.Transactional;
-import java.util.List;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.ValueSource;
 
@@ -52,7 +51,7 @@ public void deleteChapterInOwnDraftOutOfBounds(final String position) {
         given().pathParam("id", draft.id)
                 .delete(String.valueOf(position))
                 .then()
-                .statusCode(anyOf(List.of(equalTo(400), equalTo(404))));
+                .statusCode(anyOf(equalTo(400), equalTo(404)));
         assertEquals(chapterCount, Chapter.count("post", draft));
     }
 
diff --git a/src/test/java/app/fyreplace/api/testing/endpoints/chapters/SetChapterImageTests.java b/src/test/java/app/fyreplace/api/testing/endpoints/chapters/SetChapterImageTests.java
index 8692f8b..84d8ee6 100644
--- a/src/test/java/app/fyreplace/api/testing/endpoints/chapters/SetChapterImageTests.java
+++ b/src/test/java/app/fyreplace/api/testing/endpoints/chapters/SetChapterImageTests.java
@@ -15,7 +15,6 @@
 import io.quarkus.test.security.TestSecurity;
 import io.restassured.http.ContentType;
 import java.io.IOException;
-import java.util.List;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.ValueSource;
@@ -70,7 +69,7 @@ public void setChapterImageInOwnDraftOutOfBounds(final String position) throws I
                     .pathParam("id", draft.id)
                     .put(position + "/image")
                     .then()
-                    .statusCode(anyOf(List.of(equalTo(400), equalTo(404))));
+                    .statusCode(anyOf(equalTo(400), equalTo(404)));
         }
     }
 
diff --git a/src/test/java/app/fyreplace/api/testing/endpoints/chapters/SetChapterTextTests.java b/src/test/java/app/fyreplace/api/testing/endpoints/chapters/SetChapterTextTests.java
index c5b9ca2..5224ffb 100644
--- a/src/test/java/app/fyreplace/api/testing/endpoints/chapters/SetChapterTextTests.java
+++ b/src/test/java/app/fyreplace/api/testing/endpoints/chapters/SetChapterTextTests.java
@@ -11,7 +11,6 @@
 import io.quarkus.test.junit.QuarkusTest;
 import io.quarkus.test.security.TestSecurity;
 import jakarta.transaction.Transactional;
-import java.util.List;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.ValueSource;
@@ -57,7 +56,7 @@ public void setChapterTextInOwnDraftOutOfBounds(final String position) {
                 .pathParam("id", draft.id)
                 .put(position + "/text")
                 .then()
-                .statusCode(anyOf(List.of(equalTo(400), equalTo(404))));
+                .statusCode(anyOf(equalTo(400), equalTo(404)));
     }
 
     @Test

From 08e38c63bba20c3a6f598cb55b244281a5fe1951 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Laurent=20Tr=C3=A9guier?= <laurent.treguier@fyreplace.app>
Date: Mon, 18 Nov 2024 11:56:22 +0100
Subject: [PATCH 2/2] Update dependencies

---
 gradle.properties                        | 8 ++++----
 gradle/wrapper/gradle-wrapper.properties | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/gradle.properties b/gradle.properties
index a6b93f8..6eadbeb 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -1,8 +1,8 @@
 org.gradle.jvmargs=-Xmx1024M
-quarkusPlatformVersion=3.16.1
-quarkusPluginVersion=3.16.1
-sentryVersion=7.16.0
+quarkusPlatformVersion=3.16.3
+quarkusPluginVersion=3.16.3
+sentryVersion=7.17.0
 javaXtVersion=2.1.9
 twelveMonkeysVersion=3.12.0
 spotlessPluginVersion=6.25.0
-lombokPluginVersion=8.10.2
+lombokPluginVersion=8.11
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index df97d72..94113f2 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.11-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME