core.raml

#%RAML 1.0

title: Hund API
version: v1
baseUri: https://{domain}/api/v1
baseUriParameters:
  domain:
    description: |
      The domain of the status page or global dashboard to access the API from.
      By default this uses the generic `api.hund.io` domain, which requires the
      use of the `Hund-Context` header to set the context of the API request.
      Without this header, the global context is assumed.
    default: api.hund.io

description: !include /documentation/topLevel.md

uses:
  core: /libraries/core.raml
  specs: /libraries/specs.raml
  group: /libraries/group.raml
  component: /libraries/component.raml
  component-expansionary: /libraries/component/expansionary.raml
  event: /libraries/event.raml
  issue: /libraries/issue.raml
  issue_template: /libraries/issue_template.raml
  invitation: /libraries/invitation.raml
  metric_provider: /libraries/metric_provider.raml
  metric_definition: /libraries/metric_definition.raml
  notifier: /libraries/notifier.raml
  reason-expansionary: /libraries/reason/expansionary.raml
  request_log: /libraries/request_log.raml
  role: /libraries/role.raml
  semantic: /libraries/semantic.raml
  service: /libraries/service.raml
  status: /libraries/status.raml
  subscription: /libraries/subscription.raml
  timeline: /libraries/timeline.raml
  update: /libraries/update.raml
  update-expansionary: /libraries/update/expansionary.raml
  user: /libraries/user.raml
  watchdog: /libraries/watchdog.raml

securedBy: [basic, bearer]
securitySchemes:
  basic:
    description: |
      This API supports HTTP Basic Authentication, with the API key given as the
      username. No password should be given.
    type: Basic Authentication
  bearer:
    description: |
      The API supports token authentication via the `Authorization: Bearer` header.
    type: Pass Through
    describedBy:
      headers:
        Authorization:
          type: string
          pattern: ^Bearer [A-Za-z0-9_]+$

(core.logo):
  url: https://d3sn9fxf3jyih3.cloudfront.net/misc/logo-dark.svg
  altText: Hund
  href: https://hund.io/help

(core.tags):
  - name: component
    x-displayName: Components
  - name: watchdog
    x-displayName: Watchdogs
  - name: semantic
    x-displayName: Semantics
  - name: status
    x-displayName: Statuses
  - name: reason
    x-displayName: Reasons
  - name: metric_provider
    x-displayName: MetricProviders
  - name: metric_definition
    x-displayName: MetricDefinitions
  - name: group
    x-displayName: Groups
  - name: issue
    x-displayName: Issues
  - name: update
    x-displayName: Issue Updates
  - name: issue_template
    x-displayName: IssueTemplates
  - name: notifier
    x-displayName: Notifiers
  - name: subscription
    x-displayName: Subscriptions
  - name: event
    description: |
      Events are immutable objects representing various things that have happened
      on your status page, such as Issue creation/update/resolution, new Watchdog
      Statuses, object lifecycles, and more.
    x-displayName: Events
  - name: timeline
    description: |
      The Timeline is a global/Component-wise history of Issues and Statuses
      across your Status Page. Any Timeline is a PagedArray of TimelineItems in
      reverse-chronological order (i.e. descending). A TimelineItem can
      represent either a Status or Issue, or the interactions between them.

      A Timeline can be pulled from this API for the entire Status Page (the
      default behavior), or one or more Components (or Group of Components).

      For more information on the mechanics of the Timeline, please read [this
      knowledgebase article](https://hund.io/help/documentation/the-timeline).
    x-displayName: Timeline
  - name: user
    x-displayName: Users
  - name: role
    x-displayName: Roles
  - name: invitation
    x-displayName: Invitations
  - name: request_log
    x-displayName: RequestLogs

(core.tagGroups):
  - name: Monitoring
    tags: [component, group, metric_provider, metric_definition, watchdog, status, reason, semantic]
  - name: Incident Reporting
    tags: [issue, update, issue_template]
  - name: Communication
    tags: [notifier, subscription]
  - name: History
    tags: [event, timeline]
  - name: Administration
    tags: [user, role, invitation, request_log]

/:
  get:
    displayName: Get HAL Directory
    description: |
      Returns the HAL directory for the entire API. This root endpoint can be used
      to discover the rest of the top-level collection API endpoints within a HAL client.
    responses:
      200:
        description: |
          Successfully retrieved directory.
        body:
          application/hal+json:
            type: core.HAL/Linkable
            properties:
              _links:
                properties:
                  self: core.HAL/Link
                  components: core.HAL/Link
                  groups: core.HAL/Link
                  metric_providers: core.HAL/Link
                  metric_definitions: core.HAL/Link
                  issues: core.HAL/Link
                  issue_templates: core.HAL/Link
                  notifiers: core.HAL/Link
                  subscriptions: core.HAL/Link
                  events: core.HAL/Link
                  statuses: core.HAL/Link
                  reasons: core.HAL/Link
                  semantics: core.HAL/Link
                  timeline: core.HAL/Link
                  users: core.HAL/Link
                  roles: core.HAL/Link
                  invitations: core.HAL/Link
                  request_logs: core.HAL/Link
                  watchdogs: core.HAL/Link

/components:
  (core.tags): [component]
  type:
    core.collection:
      itemType: component-expansionary.Component-Expansionary
      postParamsType: component.Component/Form/Create
      getResponseExample: !include /examples/components/collection.json
      postRequestExample: !include /examples/components/collection/postRequest.json
      postResponseExample: !include /examples/components/collection/postResponse.json
      postErrorExample: !include /examples/components/error/validation.json
      errorNotAuthorizedExample: !include /examples/components/error/notAuthorized.json
  get:
    queryParameters:
      group?:
        description: |
          Return the Components for the provided Group ObjectId.
        type: core.ObjectId
      issue?:
        description: |
          Return the Components for the provided Issue ObjectId.
        type: core.ObjectId
      event?:
        description: |
          Return the Components of the provided Event's `context.component_ids`.
        type: core.ObjectId
      timeline_item?:
        description: |
          Return the Components for the provided TimelineItem UUID.
        type: core.UUID
  post:
    responses:
      201:
        (specs.exhaustiveRequestBodies):
          source: watchdog.service
          factory: watchdog
          mergePath: watchdog
  /{component_id}:
    (core.tags): [component]
    type:
      core.collection-item:
        idPrefix: component
        itemType: component-expansionary.Component-Expansionary
        putParamsType: component.Component/Form/Update
        getResponseExample: !include /examples/components/collection-item.json
        putRequestExample: !include /examples/components/collection-item/putRequest.json
        putResponseExample: !include /examples/components/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/components/error/notFound.json
        errorNotAuthorizedExample: !include /examples/components/error/notAuthorized.json
        putErrorExample: !include /examples/components/error/validation.json
    put:
      responses:
        400:
          (specs.requestBody): '{ "name": "" }'
    delete:

/watchdogs:
  (core.tags): [watchdog]
  type:
    core.read-collection:
      getResponseExample: !include /examples/watchdogs/collection.json
      itemType: watchdog.Watchdog
  get:
    queryParameters:
      service.type?:
        description: |
          Return Watchdogs of the given `service.type`.

          **Note:** This field is ignored when `service.method` is given.
        type: string
      service.method?:
        description: |
          Return Native Monitoring Watchdogs of the given `service.method`. If
          this parameter is given, `service.type` is ignored, and assumed to be
          `native`.
        type: string
      high_frequency?:
        description: |
          When true, returns Watchdogs where `high_frequency` is true. When false,
          returns Watchdogs where `high_frequency` is false.
        type: boolean
  /preview:
    (core.tags): [watchdog]
    type:
      core.collection-preview:
        itemName: watchdog
        itemType: watchdog.Watchdog
        postParamsType: watchdog.Watchdog/Form/BaseCreate
        postRequestExample: !include /examples/watchdogs/collection/postRequest.json
        postResponseExample: !include /examples/watchdogs/collection/postResponse.json
        postErrorExample: !include /examples/watchdogs/error/validation.json
        errorNotAuthorizedExample: !include /examples/watchdogs/error/notAuthorized.json
  /service_options:
    (core.tags): [watchdog]
    is:
    - core.not-authorized-failable:
        permissionLevel: write
        errorNotAuthorizedExample: !include /examples/watchdogs/error/notAuthorized.json
    - core.bad-request-failable:
        description: Service type does not support option enumeration.
        errorBadRequestExample: !include /examples/watchdogs/error/serviceOptionsUnsupported.json
    - core.not-found-failable:
        errorNotFoundExample: !include /examples/watchdogs/error/notFound.json
    post:
      displayName: Enumerate Watchdog Service Options
      description: |
        For supported Watchdog service types, returns a service-specific document
        enumerating the options available for the service, with respect to the
        given service credentials.

        Service credentials can either be provided directly to this endpoint, or
        the credentials of an existing Watchdog can be used, by providing the
        respective ID.
      queryParameters:
        watchdog?:
          description: |
            When given, uses the credentials of this Watchdog to perform service
            option enumeration, if supported.
          type: core.ObjectId
        type?:
          description: |
            Selects the Watchdog service type to perform service option enumeration.
            If this field is given, then you should also pass appropriate service
            credentials.

            **Note:** this field is ignored when `watchdog` is given.
          type: string
          enum: [pingdom, pagerduty, updown]
      body:
        application/json:
          type: service.Form/Services/Options
          examples:
            "POST /watchdogs/service_options": !include /examples/watchdogs/collection/service_options/postRequest.json
      responses:
        200:
          (specs.requestBody): "{}"
          (specs.exhaustiveRequestBodies):
            source: "."
            factory: service
            vcr: [pingdom, pagerduty, updown]
            excludeBaseCase: true
          description: |
            Successfully enumerated Watchdog service options.
          body:
            application/hal+json:
              examples:
                "POST /watchdogs/service_options (200)": !include /examples/watchdogs/collection/service_options/postResponse.json
              type: service.Services/Options
        400:
          (specs.requestBody): '{ "type": "manual" }'
        403:
          description: |
            Not authorized to write Watchdogs.
        404:
          (specs.requestBody): '{ "watchdog": "nonexistent" }'
          description: |
            Watchdog not found.
  /{watchdog_id}:
    (core.tags): [watchdog]
    type:
      core.collection-item:
        idPrefix: watchdog
        itemType: watchdog.Watchdog
        putParamsType: watchdog.Watchdog/Form/Update
        getResponseExample: !include /examples/watchdogs/collection-item.json
        putRequestExample: !include /examples/watchdogs/collection-item/putRequest.json
        putResponseExample: !include /examples/watchdogs/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/watchdogs/error/notFound.json
        errorNotAuthorizedExample: !include /examples/watchdogs/error/notAuthorized.json
        putErrorExample: !include /examples/watchdogs/error/validation.json
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/watchdogs/error/notAuthorized.json
      responses:
        403:
          (specs.bindIds):
            watchdog: auto
    put:
      responses:
        400:
          (specs.requestBody): '{ "service": { "state": nil } }'
    /convert:
      (core.tags): [watchdog]
      type:
        core.action:
          displayName: Convert a Watchdog's Service Type
          description: |
            Convert the service type of a watchdog to another service type. This
            operation does not affect the component, nor the watchdog's statuses nor
            metrics (unless specified). Useful for switching status providers in a
            single low-friction request.
          idPrefix: watchdog
          itemType: watchdog.Watchdog
          paramsType: watchdog.Watchdog/Form/Convert
          successDescription: |
            Successfully converted watchdog service.
          notFoundDescription: |
            Watchdog not found.
          requestExample: !include /examples/watchdogs/convert/putRequest.json
          responseExample: !include /examples/watchdogs/convert/putResponse.json
          errorNotFoundExample: !include /examples/watchdogs/error/notFound.json
          errorNotAuthorizedExample: !include /examples/watchdogs/error/notAuthorized.json
      put:
        is:
        - core.validation-failable:
            errorExample: !include /examples/watchdogs/error/validation.json
        responses:
          200:
            (specs.requestBody): '{ "service": { "type": "manual", "state": 1 } }'
          400:
            (specs.bindIds):
              watchdog: auto
            (specs.requestBody): '{ "service": { "type": "manual", "state": nil } }'
            description: |
              Failed to convert Watchdog service.
          403:
            description: |
              Not authorized to write Watchdogs.

/semantics:
  (core.tags): [semantic]
  type:
    core.collection:
      itemType: semantic.Semantic
      postParamsType: semantic.Semantic/Form/Create
      getResponseExample: !include /examples/semantics/collection.json
      postRequestExample: !include /examples/semantics/collection/postRequest.json
      postResponseExample: !include /examples/semantics/collection/postResponse.json
      postErrorExample: !include /examples/semantics/error/validation.json
      errorNotAuthorizedExample: !include /examples/semantics/error/notAuthorized.json
  /{semantic_id}:
    (core.tags): [semantic]
    type:
      core.collection-item:
        idPrefix: semantic
        itemType: semantic.Semantic
        putParamsType: semantic.Semantic/Form/Update
        getResponseExample: !include /examples/semantics/collection-item.json
        putRequestExample: !include /examples/semantics/collection-item/putRequest.json
        putResponseExample: !include /examples/semantics/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/semantics/error/notFound.json
        errorNotAuthorizedExample: !include /examples/semantics/error/notAuthorized.json
        putErrorExample: !include /examples/semantics/error/validation.json
    put:
      responses:
        400:
          (specs.requestBody): '{ "color": "invalid" }'
    delete:

/statuses:
  (core.tags): [status]
  (specs.factoryStrategy): create
  type:
    core.read-collection:
      getResponseExample: !include /examples/statuses/collection.json
      itemType: status.Status
  get:
    queryParameters:
      watchdog?:
        description: |
          Return the Statuses for the provided Watchdog ObjectId.
        type: core.ObjectId
      timeline_item?:
        description: |
          Return the Statuses for the provided TimelineItem UUID.
        type: core.UUID
  /{status_id}:
    (core.tags): [status]
    (specs.factoryStrategy): create
    type:
      core.read-collection-item:
        errorNotFoundExample: !include /examples/statuses/error/notFound.json
        getResponseExample: !include /examples/statuses/collection-item.json
        idPrefix: status
        itemType: status.Status
    /correct:
      (core.tags): [status]
      (specs.factoryStrategy): create
      type:
        core.action:
          displayName: Correct a Status
          description: |
            Revises the state of the given sub-operational Status. Often helpful
            for marking previous downtime streaks as Operational again, in case
            the automated downtime should be considered incorrect.

            A sub-operational Status can be changed to any given state. If the
            Status borders another Status object with the same state, it will be
            merged accordingly. This operation *will* mutate at least one Status,
            if not the given one. This operation *may* result in the deletion of
            one or more Status objects (including the given one), depending on
            the state of bordering Status objects.
          idPrefix: status
          itemType: status.Status
          paramsType: status.Status/Form/Correct
          successDescription: |
            Successfully corrected Status.
          notFoundDescription: |
            Status not found.
          requestExample: !include /examples/statuses/collection-item/correct/request.json
          responseExample: !include /examples/statuses/collection-item/correct/response.json
          errorNotFoundExample: !include /examples/statuses/error/notFound.json
          errorNotAuthorizedExample: !include /examples/statuses/error/notAuthorized.json
      put:
        is:
        - core.bad-request-failable:
            description: |
              Status is not sub-operational.
            errorBadRequestExample: !include /examples/statuses/error/notSubOperational.json
        responses:
          200:
            (specs.bindIds):
              status: auto:outage:ended
            (specs.requestBody): '{ state: 1 }'
          400:
            (specs.bindIds):
              status: auto:operational
            (specs.requestBody): '{ state: 0 }'
          403:
            description: |
              Not authorized to write Statuses.

/reasons:
  (core.tags): [reason]
  (specs.factoryStrategy): create
  type:
    core.read-collection:
      getResponseExample: !include /examples/reasons/collection.json
      itemType: reason-expansionary.Reason-Expansionary
  get:
    is:
    - core.not-authorized-failable:
        permissionLevel: read
        errorNotAuthorizedExample: !include /examples/reasons/error/notAuthorized.json
    queryParameters:
      fingerprint?:
        description: |
          Return Reasons whose `fingerprint` matches the given one.
        type: string
      subject?:
        description: |
          Return Reasons whose `subject` matches the given one.
        type: string
      description?:
        description: |
          Return Reasons whose `description` matches the given one.
        type: string
      status?:
        description: |
          Return the Reasons for the provided Status ObjectId.
        type: core.ObjectId
      watchdog?:
        description: |
          Return the Reasons for the provided Watchdog ObjectId.
        type: core.ObjectId
      region?:
        description: |
          Return Reasons whose `region` matches the given one.
        type: string
  /{reason_id}:
    (core.tags): [reason]
    (specs.factoryStrategy): create
    type:
      core.read-collection-item:
        errorNotFoundExample: !include /examples/reasons/error/notFound.json
        getResponseExample: !include /examples/reasons/collection-item.json
        idPrefix: reason
        itemType: reason-expansionary.Reason-Expansionary
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/reasons/error/notAuthorized.json
      responses:
        403:
          (specs.bindIds):
            reason: auto

/groups:
  (core.tags): [group]
  type:
    core.collection:
      itemType: group.Group
      postParamsType: group.Group/Form/Create
      getResponseExample: !include /examples/groups/collection.json
      postRequestExample: !include /examples/groups/collection/postRequest.json
      postResponseExample: !include /examples/groups/collection/postResponse.json
      postErrorExample: !include /examples/groups/error/validation.json
      errorNotAuthorizedExample: !include /examples/groups/error/notAuthorized.json
  /{group_id}:
    (core.tags): [group]
    type:
      core.collection-item:
        idPrefix: group
        itemType: group.Group
        putParamsType: group.Group/Form/Update
        getResponseExample: !include /examples/groups/collection-item.json
        putRequestExample: !include /examples/groups/collection-item/putRequest.json
        putResponseExample: !include /examples/groups/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/groups/error/notFound.json
        errorNotAuthorizedExample: !include /examples/groups/error/notAuthorized.json
        putErrorExample: !include /examples/groups/error/validation.json
    put:
      responses:
        400:
          (specs.requestBody): '{ "name": "" }'
    delete:
      is:
      - core.bad-request-failable:
          description: |
            Group is not empty.
          errorBadRequestExample: !include /examples/groups/error/nonempty.json
      responses:
        400:
          (specs.bindIds):
            group: auto:nonempty
    /reorder:
      (core.tags): [group]
      type:
        core.action:
          displayName: Reorder a Group's Components
          description: |
            Reorder the components of the given group by listing the complete
            new ordering of component ObjectIds. The listing must not remove nor
            add components.
          idPrefix: group
          itemType: group.Group
          paramsType: core.ObjectId[]
          successDescription: |
            Successfully reordered group components.
          notFoundDescription: |
            Group not found.
          requestExample: !include /examples/groups/collection-item/reorder/putRequest.json
          responseExample: !include /examples/groups/collection-item/reorder/putResponse.json
          errorNotFoundExample: !include /examples/groups/error/notFound.json
          errorNotAuthorizedExample: !include /examples/groups/error/notAuthorized.json
      put:
        is:
        - core.bad-request-failable:
            description: |
              Incomplete listing of group components given.
            errorBadRequestExample: !include /examples/groups/error/incompleteComponentListing.json
        responses:
          200:
            (specs.bindIds):
              group: auto:nonempty
            (specs.requestBody): 'State::Group.find(group_id).component_ids.map(&:to_s).shuffle'
          400:
            (specs.bindIds):
              group: auto:nonempty
            (specs.requestBody): '["5e16ee938fbb652ab878cacc", "5e16ee938fbb652ab878caee"]'
          403:
            description: |
              Not authorized to write Groups.

/metric_providers:
  (core.tags): [metric_provider]
  type:
    core.collection:
      itemType: metric_provider.MetricProvider
      postParamsType: metric_provider.MetricProvider/Form/Create
      getResponseExample: !include /examples/metric_providers/collection.json
      postRequestExample: !include /examples/metric_providers/collection/postRequest.json
      postResponseExample: !include /examples/metric_providers/collection/postResponse.json
      postErrorExample: !include /examples/metric_providers/error/postValidation.json
      errorNotAuthorizedExample: !include /examples/metric_providers/error/notAuthorized.json
  get:
    is:
    - core.not-authorized-failable:
        permissionLevel: read
        errorNotAuthorizedExample: !include /examples/metric_providers/error/notAuthorized.json
    queryParameters:
      watchdog?:
        description: |
          ObjectId for a particular Watchdog to retrieve MetricProviders on.
        type: core.ObjectId
      default?:
        description: |
          When true, returns only MetricProviders for which `default` is true (i.e.
          returns MetricProviders that are considered the "default" for their
          respective Watchdogs).

          When used in conjunction with the `watchdog` parameter, returns the
          *single* default MetricProvider of that Watchdog, if it exists.
        type: boolean
        default: false
    responses:
      200:
        (specs.createModels):
          metric_provider:
            count: 3
            traits: builtin
  post:
    is:
    - core.not-found-failable:
        errorNotFoundExample: !include /examples/metric_providers/error/watchdogNotFound.json
    responses:
      201:
        (specs.requestBody): auto:metric_provider:builtin
        (specs.exhaustiveRequestBodies):
          source: service
          factory: metric_provider
      400:
        (specs.bindIds):
          watchdog: auto
        (specs.requestBody): '{ watchdog: watchdog_id }'
      404:
        (specs.requestBody): '{ service: { type: "builtin" }, watchdog: "nonexistent" }'
        description: |
          Watchdog not found.
  /{metric_provider_id}:
    (core.tags): [metric_provider]
    type:
      core.collection-item:
        idPrefix: metric_provider
        itemType: metric_provider.MetricProvider
        putParamsType: metric_provider.MetricProvider/Form/Update
        getResponseExample: !include /examples/metric_providers/collection-item.json
        putRequestExample: !include /examples/metric_providers/collection-item/putRequest.json
        putResponseExample: !include /examples/metric_providers/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/metric_providers/error/notFound.json
        errorNotAuthorizedExample: !include /examples/metric_providers/error/notAuthorized.json
        putErrorExample: !include /examples/metric_providers/error/putValidation.json
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/metric_providers/error/notAuthorized.json
      responses:
        200:
          (specs.bindIds):
            metric_provider: auto:builtin
        403:
          (specs.bindIds):
            metric_provider: auto
    put:
      responses:
        200:
          (specs.bindIds):
            metric_provider: auto:builtin
          (specs.requestBody): '{ instances: [{ id: State::MetricProvider.find(metric_provider_id).metric_instances.first.id.to_s, enabled: false }] }'
        400:
          (specs.requestBody): '{ instances: [{ definition_slug: "unprovided" }] }'
    delete:
      is:
      - core.bad-request-failable:
          description: |
            Cannot delete a Watchdog's default MetricProvider.
          errorBadRequestExample: !include /examples/metric_providers/error/defaultForWatchdog.json
      responses:
        400:
          (specs.bindIds):
            metric_provider: auto:webhook:default

/metric_definitions:
  (core.tags): [metric_definition]
  (specs.factoryStrategy): create
  type:
    core.read-collection:
      itemType: metric_definition.MetricDefinition
      getResponseExample: !include /examples/metric_definitions/collection.json
  get:
    is:
    - core.not-authorized-failable:
        permissionLevel: read
        errorNotAuthorizedExample: !include /examples/metric_definitions/error/notAuthorized.json
  /{metric_definition_id}:
    (core.tags): [metric_definition]
    (specs.factoryStrategy): create
    type:
      core.read-collection-item:
        errorNotFoundExample: !include /examples/metric_definitions/error/notFound.json
        getResponseExample: !include /examples/metric_definitions/collection-item.json
        idPrefix: metric_definition
        itemType: metric_definition.MetricDefinition
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/metric_definitions/error/notAuthorized.json
      responses:
        403:
          (specs.bindIds):
            metric_definition: auto

/issues:
  (core.tags): [issue]
  type:
    core.collection:
      itemType: issue.Issue
      postParamsType: issue.Issue/Form/Create
      getResponseExample: !include /examples/issues/collection.json
      postRequestExample: !include /examples/issues/collection/postRequest.json
      postResponseExample: !include /examples/issues/collection/postResponse.json
      postErrorExample: !include /examples/issues/error/validation.json
      errorNotAuthorizedExample: !include /examples/issues/error/notAuthorized.json
  get:
    queryParameters:
      components[]?:
        description: |
          One or more Components to return Issues for. To use this query parameter,
          supply `components[]={component_id}` for each `{component_id}` you are
          requesting Issues for.
        type: core.ObjectId[]
      component?:
        description: |
          A single Component to return Issues for. This field is ignored if
          `components[]` is supplied.
        type: core.ObjectId
      standing?:
        description: |
          When true, returns only ongoing Issues.
        type: boolean
        default: false
      upcoming?:
        description: |
          When true, returns only upcoming scheduled Issues.
        type: boolean
        default: false
      resolved?:
        description: |
          When true, returns only resolved Issues.
        type: boolean
        default: false
  post:
    responses:
      201:
        (specs.exhaustiveRequestBodies):
          source: template
          factory: issue_with_template
  /preview:
    (core.tags): [issue]
    type:
      core.collection-preview:
        itemName: issue
        itemType: issue.Issue
        postParamsType: issue.Issue/Form/Create
        postRequestExample: !include /examples/issues/collection/postRequest.json
        postResponseExample: !include /examples/issues/collection/postResponse.json
        postErrorExample: !include /examples/issues/error/validation.json
        errorNotAuthorizedExample: !include /examples/issues/error/notAuthorized.json
  /{issue_id}:
    (core.tags): [issue]
    type:
      core.collection-item:
        idPrefix: issue
        itemType: issue.Issue
        putParamsType: issue.Issue/Form/Update
        getResponseExample: !include /examples/issues/collection-item.json
        putRequestExample: !include /examples/issues/collection-item/putRequest.json
        putResponseExample: !include /examples/issues/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/issues/error/notFound.json
        putErrorExample: !include /examples/issues/error/validation.json
        errorNotAuthorizedExample: !include /examples/issues/error/notAuthorized.json
    put:
      displayName: Revise an Issue
      description: |
        Revise an Issue by ObjectId.

        **Note:** this endpoint does not create Issue Updates, but merely revises
        the properties of the original Issue.
      responses:
        400:
          (specs.requestBody): '{ body: "" }'
    delete:
    /cancel:
      (core.tags): [issue]
      type:
        core.action:
          displayName: Cancel a Scheduled Issue
          description: |
            Cancel a scheduled issue, before or after it starts. Scheduled issues
            that have already ended cannot be cancelled.
          idPrefix: issue
          itemType: issue.Issue
          paramsType: issue.Issue/Form/Cancel
          successDescription: |
            Successfully cancelled issue.
          notFoundDescription: |
            Issue not found.
          requestExample: !include /examples/issues/collection-item/cancel/request.json
          responseExample: !include /examples/issues/collection-item/cancel/response.json
          errorNotFoundExample: !include /examples/issues/error/notFound.json
          errorNotAuthorizedExample: !include /examples/issues/error/notAuthorized.json
      put:
        is:
        - core.bad-request-failable:
            description: |
              Invalid update body or unscheduled issue.
            errorBadRequestExample: !include /examples/issues/error/unscheduledIssue.json
        responses:
          200:
            (specs.bindIds):
              issue: auto:scheduled
            (specs.requestBody): '{ body: "cancellation body" }'
          400:
            (specs.bindIds):
              issue: auto
            (specs.requestBody): '{}'
          403:
            description: |
              Not authorized to write Issues.
    /updates:
      (core.tags): [update]
      (specs.bindIds):
        issue: auto
      is:
      - core.not-found-failable:
          errorNotFoundExample: !include /examples/issues/error/notFound.json
      uriParameters:
        issue_id:
          description: |
            The ObjectId of the of the Issue.
          type: core.ObjectId
      type:
        core.collection:
          itemType: update-expansionary.Update-Expansionary
          postParamsType: update.Update/Form/Create
          getResponseExample: !include /examples/updates/collection.json
          postRequestExample: !include /examples/updates/collection/postRequest.json
          postResponseExample: !include /examples/updates/collection/postResponse.json
          postErrorExample: !include /examples/updates/error/validation.json
          errorNotAuthorizedExample: !include /examples/updates/error/notAuthorized.json
      get:
        responses:
          200:
            (specs.createModels):
              update:
                options:
                  issue: "State::Issue.find(issue_id)"
          404:
            (specs.bindIds):
              issue: nonexistent
            description: |
              Issue not found.
      post:
        responses:
          201:
            (specs.exhaustiveRequestBodies):
              source: template
              factory: update_with_template
          404:
            (specs.bindIds):
              issue: nonexistent
            (specs.requestBody): '{}'
            description: |
              Issue not found.
      /preview:
        (core.tags): [update]
        (specs.bindIds):
          issue: auto
        is:
        - core.not-found-failable:
            errorNotFoundExample: !include /examples/issues/error/notFound.json
        type:
          core.collection-preview:
            itemName: update
            itemType: update-expansionary.Update-Expansionary
            postParamsType: update.Update/Form/Create
            postRequestExample: !include /examples/updates/collection/postRequest.json
            postResponseExample: !include /examples/updates/collection/postResponse.json
            postErrorExample: !include /examples/updates/error/validation.json
            errorNotAuthorizedExample: !include /examples/updates/error/notAuthorized.json
        post:
          responses:
            404:
              (specs.bindIds):
                issue: nonexistent
              (specs.requestBody): '{}'
              description: |
                Issue not found.
      /{update_id}:
        (core.tags): [update]
        (specs.bindIds):
          issue: '#{State::Issue.where("updates._id": BSON::ObjectId(update_id)).first.id}'
        uriParameters:
          issue_id:
            description: |
              The ObjectId of the of the Issue that this Update pertains to.
            type: core.ObjectId
        type:
          core.collection-item:
            idPrefix: update
            itemType: update-expansionary.Update-Expansionary
            putParamsType: update.Update/Form/Update
            getResponseExample: !include /examples/updates/collection-item.json
            putRequestExample: !include /examples/updates/collection-item/putRequest.json
            putResponseExample: !include /examples/updates/collection-item/putResponse.json
            errorNotFoundExample: !include /examples/updates/error/notFound.json
            errorNotAuthorizedExample: !include /examples/updates/error/notAuthorized.json
            putErrorExample: !include /examples/updates/error/validation.json
        get:
          responses:
            404:
              (specs.bindIds):
                issue: auto
        put:
          displayName: Revise an Update
          description: |
            Revise an Update by ObjectId.
          responses:
            200:
              description: |
                Successfully revised Update.
            400:
              (specs.requestBody): '{ body: "" }'
              description: |
                Failed to revise Update.
            404:
              (specs.bindIds):
                issue: auto
        delete:
          responses:
            404:
              (specs.bindIds):
                issue: auto

/issue_templates:
  (core.tags): [issue_template]
  (specs.factoryName): issue_template_v2
  type:
    core.collection:
      itemType: issue_template.IssueTemplate
      postParamsType: issue_template.IssueTemplate/Form/Create
      getResponseExample: !include /examples/issue_templates/collection.json
      postRequestExample: !include /examples/issue_templates/collection/postRequest.json
      postResponseExample: !include /examples/issue_templates/collection/postResponse.json
      postErrorExample: !include /examples/issue_templates/error/validation.json
      errorNotAuthorizedExample: !include /examples/issue_templates/error/notAuthorized.json
  get:
    is:
    - core.not-authorized-failable:
        permissionLevel: read
        errorNotAuthorizedExample: !include /examples/issue_templates/error/notAuthorized.json
    queryParameters:
      kind?:
        description: |
          Return only IssueTemplates for the given kind (i.e. Issue or Update).
        type: core.ISSUE_TEMPLATE_KIND
  /{issue_template_id}:
    (core.tags): [issue_template]
    (specs.factoryName): issue_template_v2
    type:
      core.collection-item:
        idPrefix: issue_template
        itemType: issue_template.IssueTemplate
        putParamsType: issue_template.IssueTemplate/Form/Update
        getResponseExample: !include /examples/issue_templates/collection-item.json
        putRequestExample: !include /examples/issue_templates/collection-item/putRequest.json
        putResponseExample: !include /examples/issue_templates/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/issue_templates/error/notFound.json
        putErrorExample: !include /examples/issue_templates/error/validation.json
        errorNotAuthorizedExample: !include /examples/issue_templates/error/notAuthorized.json
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/issue_templates/error/notAuthorized.json
      responses:
        403:
          (specs.bindIds):
            issue_template: auto
    put:
      responses:
        400:
          (specs.requestBody): '{ body: "{{ invalid }" }'
    delete:

/notifiers:
  (core.tags): [notifier]
  type:
    core.collection:
      itemType: notifier.Notifier
      postParamsType: notifier.Notifier/Form/Create
      getResponseExample: !include /examples/notifiers/collection.json
      postRequestExample: !include /examples/notifiers/collection/postRequest.json
      postResponseExample: !include /examples/notifiers/collection/postResponse.json
      postErrorExample: !include /examples/notifiers/error/validation.json
      errorNotAuthorizedExample: !include /examples/notifiers/error/notAuthorized.json
  get:
    is:
    - core.not-authorized-failable:
        permissionLevel: read
        errorNotAuthorizedExample: !include /examples/notifiers/error/notAuthorized.json
    queryParameters:
      channel.type?:
        description: |
          Return Notifiers with the provided `channel.type`.
        type: string
      enabled?:
        description: |
          When true, returns only Notifiers that are currently enabled. When false,
          returns only Notifiers that are currently disabled. When this parameter
          is not given, all Notifiers are returned.
        type: boolean
      subscribable?:
        description: |
          When true, returns only Notifiers that can have individual Subscriptions.
          When false, returns only "unsubscribable" Notifiers.
          When this parameter is not given, all Notifiers are returned.
        type: boolean
    responses:
      200:
        (specs.createModels):
          notifier:
            count: 3
            traits: real_world
  post:
    responses:
      201:
        (specs.requestBody): "auto:notifier:real_world"
        (specs.exhaustiveRequestBodies):
          source: channel
          factory: notifier
          vcr: [sns, twitter]
      400:
        (specs.requestBody): '{ channel: { type: "email" } }'
  /{notifier_id}:
    (core.tags): [notifier]
    type:
      core.collection-item:
        idPrefix: notifier
        itemType: notifier.Notifier
        putParamsType: notifier.Notifier/Form/Update
        getResponseExample: !include /examples/notifiers/collection-item.json
        putRequestExample: !include /examples/notifiers/collection-item/putRequest.json
        putResponseExample: !include /examples/notifiers/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/notifiers/error/notFound.json
        putErrorExample: !include /examples/notifiers/error/validation.json
        errorNotAuthorizedExample: !include /examples/notifiers/error/notAuthorized.json
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/notifiers/error/notAuthorized.json
      responses:
        200:
          (specs.bindIds):
            notifier: auto:real_world
        403:
          (specs.bindIds):
            notifier: auto:real_world
    put:
      responses:
        200:
          (specs.bindIds):
            notifier: auto:real_world
        400:
          (specs.requestBody): '{ listens_to_level: "invalid" }'
    delete:
      responses:
        204:
          (specs.bindIds):
            notifier: auto:real_world
    /test:
      (core.tags): [notifier]
      type:
        core.simple-action:
          displayName: Broadcast a Test Notification
          description: |
            Broadcasts a test notification to all Subscriptions (if `subscribable` is true),
            that listen to event `notifier_tested`. This action always succeeds
            regardless of the correctness of the Notifier's configuration.
          idPrefix: notifier
          itemType: notifier.Notifier
          successDescription: |
            Successfully emitted test event.
          notFoundDescription: |
            Notifier not found.
          responseExample: !include /examples/notifiers/collection-item/test/response.json
          errorNotFoundExample: !include /examples/notifiers/error/notFound.json
          errorNotAuthorizedExample: !include /examples/notifiers/error/notAuthorized.json
      put:
        is:
        - core.bad-request-failable:
            description: |
              Notifier is disabled.
            errorBadRequestExample: !include /examples/notifiers/error/disabled.json
        responses:
          200:
            (specs.bindIds):
              notifier: auto:real_world
          400:
            (specs.requestBody): '{}'
            (specs.bindIds):
              notifier: auto:disabled
          403:
            description: |
              Not authorized to write Notifiers.

/subscriptions:
  (core.tags): [subscription]
  type:
    core.collection:
      itemType: subscription.Subscription
      postParamsType: subscription.Subscription/Form/Create
      getResponseExample: !include /examples/subscriptions/collection.json
      postRequestExample: !include /examples/subscriptions/collection/postRequest.json
      postResponseExample: !include /examples/subscriptions/collection/postResponse.json
      postErrorExample: !include /examples/subscriptions/error/validation.json
      errorNotAuthorizedExample: !include /examples/subscriptions/error/notAuthorized.json
  get:
    is:
    - core.not-authorized-failable:
        permissionLevel: read
        errorNotAuthorizedExample: !include /examples/subscriptions/error/notAuthorized.json
    queryParameters:
      channel.type?:
        description: |
          Return Subscriptions with the provided `channel.type`.
        type: string
      channel.address?:
        description: |
          Return Email Subscriptions whose `channel.address` field matches the
          query parameter by substring match. An incomplete email address (e.g.
          `@example.com`, `user`, `user@example`, etc.) is an acceptable input
          to this parameter. This field is ignored if `channel.address!` is given.

          **Note:** It is possible for email addresses like `0user@example.com`
          to match the query `channel.address=user@example.com` by substring match. If you
          require **exact** matching, use `channel.address!` as described below.

          **Note:** Email addresses are *case insensitive*. Any casing given to
          this parameter will be ignored.
        type: string
        example: "@example.com"
      channel.address!?:
        description: |
          Return Email Subscriptions whose `channel.address` field matches the
          query parameter *exactly*. A valid email address must be given for this
          parameter to work correctly.

          **Note:** Email addresses are *case insensitive*. Any casing given to
          this parameter will be ignored.
        type: string
        example: user@example.com
      channel.phone?:
        description: |
          Return SNS Subscriptions whose `channel.phone` field matches the query
          parameter by substring match. An incomplete phone number is an
          acceptable input to this parameter. This field is ignored if
          `channel.phone!` is given.
        type: string
        example: "+1307"
      channel.phone!?:
        description: |
          Return SNS Subscriptions whose `channel.phone` field matches the
          parameter *exactly*. A valid phone number must be given for this
          parameter to work correctly.
        type: core.SNS_PHONE_NUMBER
        example: "+15555555555"
      notifier?:
        description: |
          Return the Subscriptions for the provided Notifier ObjectId.
        type: core.ObjectId
    responses:
      200:
        (specs.createModels):
          subscription:
            count: 5
            traits: real_world
  post:
    is:
    - core.not-found-failable:
        errorNotFoundExample: !include /examples/notifiers/error/notFound.json
    responses:
      201:
        (specs.requestBody): "auto:subscription:real_world"
        (specs.exhaustiveRequestBodies):
          source: channel
          factory: subscription
          vcr: [sns]
      400:
        (specs.bindIds):
          notifier: auto:email
        (specs.requestBody): '{ channel: { type: "email" }, notifier: notifier_id }'
      404:
        (specs.requestBody): '{ channel: { type: "email" }, notifier: "nonexistent" }'
        description: |
          Notifier not found.
  /{subscription_id}:
    (core.tags): [subscription]
    type:
      core.collection-item:
        idPrefix: subscription
        itemType: subscription.Subscription
        putParamsType: subscription.Subscription/Form/Update
        getResponseExample: !include /examples/subscriptions/collection-item.json
        putRequestExample: !include /examples/subscriptions/collection-item/putRequest.json
        putResponseExample: !include /examples/subscriptions/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/subscriptions/error/notFound.json
        putErrorExample: !include /examples/subscriptions/error/validation.json
        errorNotAuthorizedExample: !include /examples/subscriptions/error/notAuthorized.json
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/subscriptions/error/notAuthorized.json
      responses:
        200:
          (specs.bindIds):
            subscription: auto:real_world
        403:
          (specs.bindIds):
            subscription: auto:real_world
    put:
      responses:
        200:
          (specs.bindIds):
            subscription: auto:real_world
        400:
          (specs.bindIds):
            subscription: auto:real_world
          (specs.requestBody): '{ listens_to_level: "invalid" }'
    delete:
      responses:
        204:
          (specs.bindIds):
            subscription: auto:real_world
    /send_edit_link:
      (core.tags): [subscription]
      type:
        core.simple-action:
          displayName: Send a Notification Preferences Link
          description: |
            Sends a single notification containing a preferences link for the
            specific Subscription, over the configured channel. The link can be
            used by the recipient to alter their subscription preferences via
            a human-friendly HTML form.

            **Note:** This endpoint also serves as a convenient method for
            testing an individual Subscription. Unlike the related public status
            page form, this action may be called as often as required.
          idPrefix: subscription
          itemType: subscription.Subscription
          successDescription: |
            Successfully requested preference link.
          notFoundDescription: |
            Subscription not found.
          responseExample: !include /examples/subscriptions/collection-item/send_edit_link/response.json
          errorNotFoundExample: !include /examples/subscriptions/error/notFound.json
          errorNotAuthorizedExample: !include /examples/subscriptions/error/notAuthorized.json
      put:
        is:
        - core.bad-request-failable:
            description: |
              This Subscription's Notifier is disabled.
            errorBadRequestExample: !include /examples/subscriptions/error/notifierDisabled.json
        responses:
          200:
            (specs.bindIds):
              subscription: auto:real_world
          400:
            (specs.bindIds):
              notifier: auto:disabled
              subscription: '#{op_create(:subscription, params: { notifier: notifier_id }).id}'
            (specs.requestBody): '{}'
          403:
            description: |
              Not authorized to write Subscriptions.

/events:
  (core.tags): [event]
  (specs.factoryName): issue_updated
  (specs.factoryStrategy): create
  type:
    core.read-collection:
      getResponseExample: !include /examples/events/collection.json
      itemType: event.Events
  get:
    is:
    - core.not-authorized-failable:
        permissionLevel: read
        errorNotAuthorizedExample: !include /examples/events/error/notAuthorized.json
    queryParameters:
      eventable?:
        description: |
          Return Events for the specific eventable ID. This could be the ID of
          any object that has events, such as a Component, Issue, Status,
          Subscription, Notifier, etc.
        type: core.ObjectId
      eventable.type?:
        description: |
          Return Events with the specific `eventable.type`.
        type: string
        enum: [component, metric_provider, issue, notifier, subscription, status]
      kind?:
        description: |
          Only return Events with the given `kind`.
        type: string
      context.component?:
        description: |
          Only return Events whose `context` includes the given Component ID.
        type: core.ObjectId
      context.components[]?:
        description: |
          Only return Events whose `context` includes one or more of the given
          Component IDs. To use this query parameter, supply
          `context.components[]={component_id}` for each `{component_id}` to
          return Events for.
        type: core.ObjectId[]
      context.update?:
        description: |
          Only return Events whose `context` includes the given Issue Update ID.
        type: core.ObjectId
      context.notifier?:
        description: |
          Only return Events whose `context` includes the given Notifier ID.
        type: core.ObjectId
      context.event?:
        description: |
          Only return Events whose `context` includes the given Event ID.
        type: core.ObjectId
  /{event_id}:
    (core.tags): [event]
    (specs.factoryName): restored
    (specs.factoryStrategy): create
    type:
      core.read-collection-item:
        errorNotFoundExample: !include /examples/events/error/notFound.json
        getResponseExample: !include /examples/events/collection-item.json
        idPrefix: event
        itemType: event.Events
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/events/error/notAuthorized.json
      responses:
        403:
          (specs.bindIds):
            event: auto

/timeline:
  (specs.factoryStrategy): null
  (core.tags): [timeline]
  type:
    core.read-collection:
      getResponseExample: !include /examples/timeline/collection.json
      itemType: timeline.TimelineItem
  get:
    displayName: Get a Timeline
    description: |
      Retrieve a Timeline according to the given filters. Returns a PagedArray
      of TimelineItems, with latest entries first.
    queryParameters:
      group?:
        description: |
          Return the Timeline for the Components of the given Group. This field
          is ignored if `components[]` is supplied.
        type: core.ObjectId
      components[]?:
        description: |
          Return the Timeline for the given set of Components. To use this query
          parameter, supply `components[]={component_id}` for each `{component_id}`
          that makes up this composite Timeline.
        type: core.ObjectId[]
      component?:
        description: |
          Return the Timeline for the given Component. This field is ignored if
          `components[]` is supplied.
        type: core.ObjectId
      excluded?:
        description: |
          When true, returns TimelineItems for which `excluded` is true, in addition to
          the rest (i.e. `excluded` false) of the queried Timeline. This field
          is ignored when `component`, `components[]`, or `group` is supplied.
        type: boolean
        default: false
      effective?:
        description: |
          When false, returns TimelineItems for which `effective` is false, in
          addition to the rest (i.e. `effective` true) of the queried Timeline.
        type: boolean
        default: false
    responses:
      200:
        (specs.beforeHook): simulate_history
        description: |
          Successfully retrieved Timeline.
  /{timeline_item_id}:
    (core.tags): [timeline]
    type:
      core.read-collection-item:
        errorNotFoundExample: !include /examples/timeline/error/notFound.json
        getResponseExample: !include /examples/timeline/collection-item.json
        idPrefix: timeline_item
        itemType: timeline.TimelineItem
    uriParameters:
      timeline_item_id:
        description: |
          The UUID of the of the TimelineItem.
        type: core.UUID
    get:
      displayName: Get a TimelineItem
      description: Retrieve the given TimelineItem by UUID.
      responses:
        200:
          (specs.beforeHook): |
            simulate_history
            State::Timeline::Operations::Materialize.(source: "global")
          (specs.bindIds):
            timeline_item: '#{State::Timeline::Item.all.first.id}'
          description: |
            Successfully retrieved TimelineItem.
        404:
          (specs.bindIds):
            timeline_item: nonexistent
          description: |
            TimelineItem not found.

/users:
  (core.tags): [user]
  type:
    core.collection:
      itemType: user.User
      postParamsType: user.User/Form/Create
      getResponseExample: !include /examples/users/collection.json
      postRequestExample: !include /examples/users/collection/postRequest.json
      postResponseExample: !include /examples/users/collection/postResponse.json
      postErrorExample: !include /examples/users/error/validation.json
      errorNotAuthorizedExample: !include /examples/users/error/notAuthorized.json
  get:
    is:
    - core.not-authorized-failable:
        permissionLevel: read
        errorNotAuthorizedExample: !include /examples/users/error/notAuthorized.json
    queryParameters:
      role?:
        type: core.ObjectId
        description: |
          Return Users who are currently granted the provided Role ID.
      roles[]?:
        type: core.ObjectId[]
        description: |
          Return Users who are currently granted one or more of the provided
          Role IDs. To use this query parameter, supply `roles[]={role_id}` for
          each `{role_id}` to return Users for.
      email?:
        type: string
        description: |
          Return Users whose `email` matches the query parameter by substring
          match. An incomplete email address (e.g. `@example.com`, `user`,
          `user@example`, etc.) is an acceptable input to this parameter. This
          field is ignored if `email!` is given.

          **Note:** It is possible for email addresses like `0user@example.com`
          to match the query `email=user@example.com` by substring match. If you
          require **exact** matching, use `email!` as described below.

          **Note:** Email addresses are *case insensitive*. Any casing given to
          this parameter will be ignored.
      email!?:
        type: string
        description: |
          Return Users whose `email` field matches the query parameter *exactly*.
          A valid email address must be given for this parameter to work correctly.

          **Note:** Email addresses are *case insensitive*. Any casing given to
          this parameter will be ignored.
  /current:
    (core.tags): [user]
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/users/error/notAuthorized.json
      displayName: Retrieve Current User
      description: |
        Retrieve the User object for the currently authenticated API key or session.
      responses:
        200:
          description: |
            Successfully retrieved current User.
          body:
            application/hal+json:
              examples:
                "GET /users/current (200)": !include /examples/users/collection-item.json
              type: user.User
        403:
          description: |
            Not authorized to read Users.
  /{user_id}:
    (core.tags): [user]
    type:
      core.collection-item:
        idPrefix: user
        itemType: user.User
        putParamsType: user.User/Form/Update
        getResponseExample: !include /examples/users/collection-item.json
        putRequestExample: !include /examples/users/collection-item/putRequest.json
        putResponseExample: !include /examples/users/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/users/error/notFound.json
        errorNotAuthorizedExample: !include /examples/users/error/notAuthorized.json
        putErrorExample: !include /examples/users/error/validation.json
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/users/error/notAuthorized.json
      responses:
        403:
          (specs.bindIds):
            user: auto
    put:
      responses:
        400:
          (specs.requestBody): '{ "email": "invalid" }'
    delete:
    /reset_password:
      (core.tags): [user]
      type:
        core.simple-action:
          displayName: Initiate User Password Reset
          description: |
            Initiates a password reset flow for the given User. The User will
            receive an email allowing them to reset their password, similar to
            the User requesting a reset from the Sign-in form.
          idPrefix: user
          itemType: user.User
          successDescription: |
            Successfully initiated reset.
          notFoundDescription: |
            User not found.
          responseExample: !include /examples/users/collection-item.json
          errorNotFoundExample: !include /examples/users/error/notFound.json
          errorNotAuthorizedExample: !include /examples/users/error/notAuthorized.json
      put:
        responses:
          403:
            description: |
              Not authorized to write Users.
    /sign_out:
      (core.tags): [user]
      type:
        core.simple-action:
          displayName: Force User Sign-out
          description: |
            Forces a User to become signed out on all devices by resetting their
            remember token.
          idPrefix: user
          itemType: user.User
          successDescription: |
            Successfully signed out User.
          notFoundDescription: |
            User not found.
          responseExample: !include /examples/users/collection-item.json
          errorNotFoundExample: !include /examples/users/error/notFound.json
          errorNotAuthorizedExample: !include /examples/users/error/notAuthorized.json
      put:
        responses:
          403:
            description: |
              Not authorized to write Users.

/roles:
  (core.tags): [role]
  type:
    core.read-collection:
      itemType: role.Role
      getResponseExample: !include /examples/roles/collection.json
  get:
    queryParameters:
      builtin?:
        type: boolean
        default: false
        description: |
          When true, returns only Roles where `builtin` is true. When false,
          performs no filtering.
      custom?:
        type: boolean
        default: false
        description: |
          When true, returns only Roles where `builtin` is false (i.e. custom).
          When false, performs no filtering.
      scope?:
        type: core.ROLE_SCOPE
        description: |
          Return Roles whose `scope` matches the provided one.
      slug?:
        type: string
        description: |
          Return Roles of this specific slug. Roles can only be modified by slug,
          thus affecting all Role objects with the same slug.
      user?:
        type: core.ObjectId
        description: |
          Return Roles that are currently granted to the given User.
      invitation?:
        type: core.ObjectId
        description: |
          Return Roles that are currently granted to the given Invitation.
  post:
    is:
    - core.not-authorized-failable:
        permissionLevel: write
        errorNotAuthorizedExample: !include /examples/roles/error/notAuthorized.json
    - core.validation-failable:
        errorExample: !include /examples/roles/error/validation.json
    displayName: Create Custom Roles
    description: |
      Create a new set of custom Roles. Returns the newly created Roles. Each Role
      in the returned set will share the same slug, derived from the given name,
      one for each possible `scope` on your account.

      If any status pages are added/removed later on, appropriately scoped roles
      for each page are automatically provisioned for every Role slug on your account.
    body:
      application/json:
        type: role.Role/Form/Create
        examples:
          "POST /roles": !include /examples/roles/collection/postRequest.json
    responses:
      201:
        (specs.requestBody): auto:role
        description: |
          Successfully created new Roles.
        body:
          application/hal+json:
            type: role.RoleSet
            examples:
              "POST /roles (201)": !include /examples/roles/collection/postResponse.json
      400:
        (specs.requestBody): "{}"
        description: |
          Failed to create Roles.
  put:
    is:
    - core.bad-request-failable:
        description: |
          Builtin Roles cannot be updated.
        errorBadRequestExample: !include /examples/roles/error/builtin.json
    - core.not-authorized-failable:
        permissionLevel: write
        errorNotAuthorizedExample: !include /examples/roles/error/notAuthorized.json
    - core.not-found-failable:
        errorNotFoundExample: !include /examples/roles/error/slugNotFound.json
    displayName: Update Custom Roles by Slug
    description: |
      Update the given Roles by slug. Only one slug may be updated at a time via
      this collection-based method.
    queryParameters:
      slug:
        type: string
        description: |
          The slug defining the set of Roles to update.
    body:
      application/json:
        examples:
          "PUT /roles": !include /examples/roles/collection/putRequest.json
        type: role.Role/Form/Update
    responses:
      200:
        (specs.createModels):
          role:
            count: 1
            options:
              name: "\"custom-slug-1\""
        (specs.requestBody): "{slug: 'custom-slug-1'}"
        description: |
          Successfully updated Roles.
        body:
          application/hal+json:
            examples:
              "PUT /roles (200)": !include /examples/roles/collection/putResponse.json
            type: role.RoleSet
      400:
        (specs.requestBody): "{slug: 'team_member'}"
      404:
        (specs.requestBody): "{slug: 'nonexistent'}"
        description: |
          Roles not found by given slug.
  delete:
    is:
    - core.bad-request-failable:
        description: |
          Builtin Roles cannot be deleted.
        errorBadRequestExample: !include /examples/roles/error/builtin.json
    - core.not-authorized-failable:
        permissionLevel: write
        errorNotAuthorizedExample: !include /examples/roles/error/notAuthorized.json
    - core.not-found-failable:
        errorNotFoundExample: !include /examples/roles/error/slugNotFound.json
    displayName: Delete Custom Roles by Slug
    description: |
      Delete the given Roles by slug. Only one slug may be deleted at a time via
      this collection-based method.
    queryParameters:
      slug:
        type: string
        description: |
          The slug defining the set of Roles to delete.
    responses:
      200:
        (specs.createModels):
          role:
            count: 1
            options:
              name: "\"custom-slug-1\""
        (specs.requestBody): "{slug: 'custom-slug-1'}"
        description: |
          Successfully deleted Roles.
        body:
          application/hal+json:
            examples:
              "DELETE /roles (200)": !include /examples/roles/collection/deleteResponse.json
            type: role.RoleSet
      400:
        (specs.requestBody): "{slug: 'team_member'}"
      404:
        (specs.requestBody): "{slug: 'nonexistent'}"
        description: |
          Roles not found by given slug.
  /{role_id}:
    (core.tags): [role]
    (specs.bindIds):
      role: auto
    (specs.factoryStrategy): create
    type:
      core.read-collection-item:
        idPrefix: role
        itemType: role.Role
        getResponseExample: !include /examples/roles/collection-item.json
        errorNotFoundExample: !include /examples/roles/error/notFound.json
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/roles/error/notAuthorized.json

/invitations:
  (core.tags): [invitation]
  type:
    core.collection:
      itemType: invitation.Invitation
      postParamsType: invitation.Invitation/Form/Create
      getResponseExample: !include /examples/invitations/collection.json
      postRequestExample: !include /examples/invitations/collection/postRequest.json
      postResponseExample: !include /examples/invitations/collection/postResponse.json
      postErrorExample: !include /examples/invitations/error/validation.json
      errorNotAuthorizedExample: !include /examples/invitations/error/notAuthorized.json
  get:
    is:
    - core.not-authorized-failable:
        permissionLevel: read
        errorNotAuthorizedExample: !include /examples/invitations/error/notAuthorized.json
    queryParameters:
      active?:
        type: boolean
        default: false
        description: |
          When true, returns only Invitations where `redeemed` is false (i.e.
          active). When false, performs no filtering.
      redeemed?:
        type: boolean
        default: false
        description: |
          When true, returns only Invitations where `redeemed` is true. When
          false, performs no filtering.
      role?:
        type: core.ObjectId
        description: |
          Return Invitations who are currently granted the provided Role ID.
      roles[]?:
        type: core.ObjectId[]
        description: |
          Return Invitations who are currently granted one or more of the provided
          Role IDs. To use this query parameter, supply `roles[]={role_id}` for
          each `{role_id}` to return Invitations for.
      email?:
        type: string
        description: |
          Return Invitations whose `email` matches the query parameter by substring
          match. An incomplete email address (e.g. `@example.com`, `user`,
          `user@example`, etc.) is an acceptable input to this parameter. This
          field is ignored if `email!` is given.

          **Note:** It is possible for email addresses like `0user@example.com`
          to match the query `email=user@example.com` by substring match. If you
          require **exact** matching, use `email!` as described below.

          **Note:** Email addresses are *case insensitive*. Any casing given to
          this parameter will be ignored.
      email!?:
        type: string
        description: |
          Return Invitations whose `email` field matches the query parameter *exactly*.
          A valid email address must be given for this parameter to work correctly.

          **Note:** Email addresses are *case insensitive*. Any casing given to
          this parameter will be ignored.
  /{invitation_id}:
    (core.tags): [invitation]
    type:
      core.collection-item:
        idPrefix: invitation
        itemType: invitation.Invitation
        putParamsType: invitation.Invitation/Form/Update
        getResponseExample: !include /examples/invitations/collection-item.json
        putRequestExample: !include /examples/invitations/collection-item/putRequest.json
        putResponseExample: !include /examples/invitations/collection-item/putResponse.json
        errorNotFoundExample: !include /examples/invitations/error/notFound.json
        errorNotAuthorizedExample: !include /examples/invitations/error/notAuthorized.json
        putErrorExample: !include /examples/invitations/error/validation.json
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/invitations/error/notAuthorized.json
      responses:
        403:
          (specs.bindIds):
            invitation: auto
    put:
      responses:
        400:
          (specs.bindIds):
            invitation: auto:redeemed
          description: |
            Cannot update a redeemed Invitation.
    delete:

/request_logs:
  (core.tags): [request_log]
  (specs.factoryStrategy): create
  type:
    core.read-collection:
      getResponseExample: !include /examples/request_logs/collection.json
      itemType: request_log.RequestLog
  get:
    is:
    - core.not-authorized-failable:
        permissionLevel: read
        errorNotAuthorizedExample: !include /examples/request_logs/error/notAuthorized.json
    queryParameters:
      successful?:
        type: boolean
        description: |
          When true, return only RequestLogs with success response. When false,
          returns RequestLogs with failed response.
      source?:
        type: core.REQUEST_LOG_SOURCE
        description: |
          Return RequestLogs only from the given source.
      response_code?:
        type: core.nonnegative-integer
        description: |
          Return RequestLogs with the given response code.
      verb?:
        type: string
        description: |
          Return RequestLogs with the given HTTP verb.
      email?:
        type: string
        description: |
          Return RequestLogs whose `email` matches the query parameter by substring
          match. An incomplete email address (e.g. `@example.com`, `user`,
          `user@example`, etc.) is an acceptable input to this parameter. This
          field is ignored if `email!` is given.

          **Note:** Email addresses are *case insensitive*. Any casing given to
          this parameter will be ignored.
      email!?:
        type: string
        description: |
          Return RequestLogs whose `email` field matches the query parameter *exactly*.
          A valid email address must be given for this parameter to work correctly.

          **Note:** Email addresses are *case insensitive*. Any casing given to
          this parameter will be ignored.
      domain?:
        type: string
        description: |
          Return RequestLogs for requests made on the given domain.
      ip_address?:
        type: string
        description: |
          Return RequestLogs for requests made by the given IP address.
      user?:
        type: core.ObjectId
        description: |
          Return RequestLogs for requests made by the given User.
      api_key?:
        type: core.ObjectId
        description: |
          Return RequestLogs for requests made by the given API key.
  /{request_log_id}:
    (core.tags): [request_log]
    (specs.factoryStrategy): create
    type:
      core.read-collection-item:
        errorNotFoundExample: !include /examples/request_logs/error/notFound.json
        getResponseExample: !include /examples/request_logs/collection-item.json
        idPrefix: request_log
        itemType: request_log.RequestLog
    uriParameters:
      request_log_id:
        description: |
          The UUID of the of the RequestLog.
        type: core.UUID
    get:
      is:
      - core.not-authorized-failable:
          permissionLevel: read
          errorNotAuthorizedExample: !include /examples/request_logs/error/notAuthorized.json
      responses:
        403:
          (specs.bindIds):
            request_log: auto