diff --git a/asm/openapi.yaml b/asm/openapi.yaml index 3673084..f0d1482 100644 --- a/asm/openapi.yaml +++ b/asm/openapi.yaml @@ -99,6 +99,8 @@ paths: $ref: '#/components/schemas/Asset' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' '429': $ref: '#/components/responses/RateLimited' @@ -119,6 +121,8 @@ paths: $ref: '#/components/schemas/AssetDetail' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' patch: @@ -143,6 +147,8 @@ paths: $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' delete: @@ -157,6 +163,8 @@ paths: description: Asset archived '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' @@ -189,6 +197,8 @@ paths: $ref: '#/components/schemas/Scan' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' post: operationId: triggerScan summary: Trigger scan @@ -213,6 +223,8 @@ paths: $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' '429': $ref: '#/components/responses/RateLimited' @@ -239,6 +251,8 @@ paths: $ref: '#/components/schemas/ScanDetail' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' @@ -292,6 +306,8 @@ paths: $ref: '#/components/schemas/Vulnerability' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' /vulnerabilities/{vuln_id}: parameters: @@ -316,6 +332,8 @@ paths: $ref: '#/components/schemas/VulnerabilityDetail' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' patch: @@ -340,6 +358,8 @@ paths: $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' @@ -362,6 +382,8 @@ paths: $ref: '#/components/schemas/Tag' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' post: operationId: createTag summary: Create tag @@ -392,6 +414,8 @@ paths: $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' + '403': + $ref: '#/components/responses/Forbidden' components: securitySchemes: @@ -454,6 +478,17 @@ components: application/json: schema: $ref: '#/components/schemas/Error' + Forbidden: + description: Authenticated but not authorized for this resource or action + content: + application/json: + schema: + $ref: '#/components/schemas/Error' + example: + error: + code: forbidden + message: You do not have permission to perform this action + RateLimited: description: Rate limit exceeded headers: