feat: Admin Approver expenses/check policy/check mandatory bulk APIs#788
feat: Admin Approver expenses/check policy/check mandatory bulk APIs#788prabs222 wants to merge 2 commits into
Conversation
There was a problem hiding this comment.
Pull request overview
Adds new Admin and Approver bulk APIs to update expenses and to run “check mandatory fields” / “check policies” validations over multiple expenses in a single request, extending the existing expenses OpenAPI surface and generated reference specs.
Changes:
- Introduces new bulk input schemas for admin/approver expense update + validation requests.
- Adds new Admin/Approver path definitions for
/expenses/bulk,/expenses/check_mandatory_fields/bulk, and/expenses/check_policies/bulk. - Wires the new endpoints into role-specific OpenAPI roots and updates the generated
reference/*.yamlspecs.
Reviewed changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| src/components/schemas/expense.yaml | Adds admin/approver bulk request body schemas for expense updates and validations. |
| src/approver/paths/approver@expenses@bulk.yaml | Defines approver bulk expense update endpoint contract. |
| src/approver/paths/approver@expenses@check_mandatory_fields_bulk.yaml | Defines approver bulk mandatory-field validation endpoint contract. |
| src/approver/paths/approver@expenses@check_policies_bulk.yaml | Defines approver bulk policy-check endpoint contract. |
| src/approver/openapi.yaml | Registers the new approver bulk endpoints under paths. |
| src/admin/paths/admin@expenses@bulk.yaml | Defines admin bulk expense update endpoint contract. |
| src/admin/paths/admin@expenses@check_mandatory_fields_bulk.yaml | Defines admin bulk mandatory-field validation endpoint contract. |
| src/admin/paths/admin@expenses@check_policies_bulk.yaml | Defines admin bulk policy-check endpoint contract. |
| src/admin/openapi.yaml | Registers the new admin bulk endpoints under paths. |
| reference/approver.yaml | Updates generated reference spec with new approver endpoints/schemas. |
| reference/admin.yaml | Updates generated reference spec with new admin endpoints/schemas. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| application/json: | ||
| schema: | ||
| type: object | ||
| properties: | ||
| data: | ||
| type: array | ||
| items: | ||
| $ref: '../../components/schemas/expense.yaml#/expense_out' | ||
| '400': |
There was a problem hiding this comment.
The 200-response schema is missing additionalProperties: false (and doesn’t require data), making the documented response shape more permissive than other bulk Expenses endpoints. Consider tightening the response schema for consistency and better client generation.
| items: | ||
| type: object | ||
| required: | ||
| - id | ||
| properties: |
There was a problem hiding this comment.
components/schemas/items is a very generic schema name and is easy to confuse with the JSON Schema items keyword; it can also lead to awkward/ambiguous type names in generated SDKs. Consider renaming this schema to something domain-specific (e.g., expense_bulk_update_item_in) and update the refs that point to it.
| items: | ||
| type: object | ||
| required: | ||
| - id | ||
| properties: |
There was a problem hiding this comment.
components/schemas/items is a very generic schema name and is easy to confuse with the JSON Schema items keyword; it can also lead to awkward/ambiguous type names in generated SDKs. Consider renaming this schema to something domain-specific (e.g., expense_bulk_update_item_in) and update the refs that point to it.
| schema: | ||
| type: object | ||
| properties: | ||
| data: | ||
| $ref: '../../components/schemas/expense.yaml#/approver_expenses_bulk_in' | ||
| responses: |
There was a problem hiding this comment.
The request schema doesn’t mark data as required and doesn’t set additionalProperties: false, so an empty object {} (or unexpected fields) would still validate. Other bulk endpoints under Expenses (e.g., attach_files bulk) require data and disallow additional properties; consider aligning this endpoint to avoid an overly-permissive contract.
| application/json: | ||
| schema: | ||
| type: object | ||
| properties: | ||
| data: | ||
| type: array | ||
| items: | ||
| $ref: '../../components/schemas/expense.yaml#/expense_out' | ||
| '400': |
There was a problem hiding this comment.
The 200-response schema is missing additionalProperties: false (and doesn’t require data), making the documented response shape more permissive than other bulk Expenses endpoints. Consider tightening the response schema for consistency and better client generation.
| - Expenses | ||
| summary: Update expenses in bulk | ||
| description: | | ||
| Update expenses in bulk by approver. |
There was a problem hiding this comment.
The description here is much less specific than the single-expense approver update endpoint (which documents allowed expense states / constraints). If the same constraints apply to bulk updates, they should be documented here too to prevent misuse and support correct client-side validation.
| Update expenses in bulk by approver. | |
| Update multiple expenses in bulk by approver. | |
| Each expense in the request is validated independently and must satisfy the | |
| same approver authorization, allowed expense-state, and update constraints | |
| as the single-expense approver update endpoint. Only expenses that are | |
| eligible for the requested update can be processed through this operation. | |
| Clients should apply the same validation rules used for the single-expense | |
| approver update flow to every item included in the bulk payload. |
| schema: | ||
| type: object | ||
| properties: | ||
| data: | ||
| $ref: '../../components/schemas/expense.yaml#/admin_expenses_bulk_in' | ||
| responses: |
There was a problem hiding this comment.
The request schema doesn’t mark data as required and doesn’t set additionalProperties: false, so an empty object {} (or unexpected fields) would still validate. Other bulk endpoints under Expenses (e.g., attach_files bulk) require data and disallow additional properties; consider aligning this endpoint to avoid an overly-permissive contract.
Description
Screen shots:
Post Admin Expenses Bulk
Post Admin Check Mandatory Fields Bulk
Post Admin Check Policy Bulk
Post Approver Expenses Bulk
Post Approver Check Mandatory Fields Bulk
Post Approver Check Policy Bulk
Clickup
app.clickup.com