feat(ttp): E.1.9 API contract — seven router endpoints, admin-gated state mutations, response models

Mounts /api/v1/ttp/* with empty-list / empty-Navigator responses. GET endpoints viewer-gated; POST/DELETE /rules/{rule_id}/state admin-gated server-side. POST parses JSON manually so a malformed body returns the documented 400 (per feedback_schemathesis_400). Drops xfail-strict markers from E.2.8 tests now that the router is mounted; 26 tests pass against the contract handlers.
2026-05-01 07:20:13 -04:00
parent cfbfaabfcd
commit b7f206c8c5
15 changed files with 515 additions and 56 deletions
--- a/decnet/web/router/ttp/api_get_rules.py
+++ b/decnet/web/router/ttp/api_get_rules.py
@@ -0,0 +1,128 @@
+"""TTP rule catalogue + admin-only state mutations.
+
+Three endpoints in one router:
+
+* ``GET    /api/v1/ttp/rules``                     — viewer-readable rule list
+* ``POST   /api/v1/ttp/rules/{rule_id}/state``     — admin: set state
+* ``DELETE /api/v1/ttp/rules/{rule_id}/state``     — admin: revert to default
+
+Per the project's "no client-side role checks" rule, the admin guard
+is server-side via :func:`require_admin`. Per
+``feedback_schemathesis_400.md``, the POST handler parses the body
+manually and returns ``400`` on a malformed JSON body so the
+documented status code matches reality.
+"""
+from __future__ import annotations
+
+from typing import Any
+
+import json
+
+from fastapi import APIRouter, Depends, HTTPException, Request, status
+from pydantic import ValidationError
+
+from decnet.telemetry import traced as _traced
+from decnet.web.db.models import (
+    RuleCatalogueRow,
+    RuleStateRequest,
+    RuleStateResponse,
+)
+from decnet.web.dependencies import require_admin, require_viewer
+
+router = APIRouter()
+
+
+@router.get(
+    "/ttp/rules",
+    tags=["TTP Tagging"],
+    response_model=list[RuleCatalogueRow],
+    responses={
+        401: {"description": "Could not validate credentials"},
+        403: {"description": "Insufficient permissions"},
+    },
+)
+@_traced("api.ttp.list_rules")
+async def api_list_rules(
+    user: dict[str, Any] = Depends(require_viewer),
+) -> list[RuleCatalogueRow]:
+    """Operator-facing rule catalogue. Empty at contract phase."""
+    return []
+
+
+@router.post(
+    "/ttp/rules/{rule_id}/state",
+    tags=["TTP Tagging"],
+    response_model=RuleStateResponse,
+    responses={
+        400: {"description": "Bad Request (malformed JSON or invalid body)"},
+        401: {"description": "Could not validate credentials"},
+        403: {"description": "Insufficient permissions"},
+        404: {"description": "Rule not found"},
+    },
+)
+@_traced("api.ttp.set_rule_state")
+async def api_set_rule_state(
+    rule_id: str,
+    request: Request,
+    admin: dict[str, Any] = Depends(require_admin),
+) -> RuleStateResponse:
+    """Set operational state (disable / clip / TTL) on a rule.
+
+    Body parse is manual so a malformed JSON body surfaces as the
+    documented ``400`` rather than the framework default of ``422``
+    (per ``feedback_schemathesis_400.md``).
+    """
+    try:
+        raw = await request.json()
+    except json.JSONDecodeError as exc:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Body must be valid JSON",
+        ) from exc
+    try:
+        body = RuleStateRequest.model_validate(raw)
+    except ValidationError as exc:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=f"Invalid rule-state body: {exc.errors()}",
+        ) from exc
+
+    # Contract phase: no persistence yet (E.1.10 / E.3 lands the repo
+    # write). Echo the requested state back so the response shape is
+    # exercisable and OpenAPI-stable.
+    return RuleStateResponse(
+        rule_id=rule_id,
+        state=body.state,
+        confidence_max=body.confidence_max,
+        expires_at=body.expires_at,
+        reason=body.reason,
+        set_by=str(admin.get("sub", "")),
+        set_at=None,
+    )
+
+
+@router.delete(
+    "/ttp/rules/{rule_id}/state",
+    tags=["TTP Tagging"],
+    response_model=RuleStateResponse,
+    responses={
+        401: {"description": "Could not validate credentials"},
+        403: {"description": "Insufficient permissions"},
+        404: {"description": "Rule not found"},
+    },
+)
+@_traced("api.ttp.revert_rule_state")
+async def api_revert_rule_state(
+    rule_id: str,
+    admin: dict[str, Any] = Depends(require_admin),
+) -> RuleStateResponse:
+    """Revert a rule to the default ``enabled`` state."""
+    return RuleStateResponse(
+        rule_id=rule_id,
+        state="enabled",
+        confidence_max=None,
+        expires_at=None,
+        reason=None,
+        set_by=str(admin.get("sub", "")),
+        set_at=None,
+    )