refactor: migrate ldap endpoints to new chained API pattern

smirk-dev · smirk-dev · commit 3f8168f14291 · 2026-02-21T16:06:52.000Z
Migrates ldap.testConnection and ldap.testSearch POST endpoints from the legacy addRoute() pattern to the new chained .post() API pattern with typed AJV response schemas. Replaces Meteor check() with isLdapTestSearch AJV validator for request body validation on ldap.testSearch. Part of #38876
diff --git a/.changeset/refactor-ldap-api-chained-pattern.md b/.changeset/refactor-ldap-api-chained-pattern.md
@@ -0,0 +1,5 @@
+---
+'@rocket.chat/meteor': patch
+---
+
+Migrated `ldap.testConnection` and `ldap.testSearch` REST API endpoints from legacy `addRoute` pattern to the new chained `.post()` API pattern with typed response schemas and AJV body validation (replacing Meteor `check()`).
diff --git a/apps/meteor/app/api/server/v1/ldap.ts b/apps/meteor/app/api/server/v1/ldap.ts
@@ -1,62 +1,86 @@
 import { LDAP } from '@rocket.chat/core-services';
-import { Match, check } from 'meteor/check';
+import {
+	ajv,
+	isLdapTestSearch,
+	validateUnauthorizedErrorResponse,
+	validateForbiddenErrorResponse,
+} from '@rocket.chat/rest-typings';
 
 import { SystemLogger } from '../../../../server/lib/logger/system';
 import { settings } from '../../../settings/server';
 import { API } from '../api';
 
-API.v1.addRoute(
+const messageResponseSchema = {
+	type: 'object' as const,
+	properties: {
+		message: { type: 'string' as const },
+		success: {
+			type: 'boolean' as const,
+			enum: [true] as const,
+		},
+	},
+	required: ['message', 'success'] as const,
+	additionalProperties: false,
+};
+
+API.v1.post(
 	'ldap.testConnection',
-	{ authRequired: true, permissionsRequired: ['test-admin-options'] },
 	{
-		async post() {
-			if (!this.userId) {
-				throw new Error('error-invalid-user');
-			}
-
-			if (settings.get<boolean>('LDAP_Enable') !== true) {
-				throw new Error('LDAP_disabled');
-			}
-
-			try {
-				await LDAP.testConnection();
-			} catch (err) {
-				SystemLogger.error({ err });
-				throw new Error('Connection_failed');
-			}
-
-			return API.v1.success({
-				message: 'LDAP_Connection_successful' as const,
-			});
+		authRequired: true,
+		permissionsRequired: ['test-admin-options'],
+		response: {
+			200: ajv.compile<{ message: string }>(messageResponseSchema),
+			401: validateUnauthorizedErrorResponse,
+			403: validateForbiddenErrorResponse,
 		},
 	},
+	async function action() {
+		if (!this.userId) {
+			throw new Error('error-invalid-user');
+		}
+
+		if (settings.get<boolean>('LDAP_Enable') !== true) {
+			throw new Error('LDAP_disabled');
+		}
+
+		try {
+			await LDAP.testConnection();
+		} catch (err) {
+			SystemLogger.error({ err });
+			throw new Error('Connection_failed');
+		}
+
+		return API.v1.success({
+			message: 'LDAP_Connection_successful' as const,
+		});
+	},
 );
 
-API.v1.addRoute(
+API.v1.post(
 	'ldap.testSearch',
-	{ authRequired: true, permissionsRequired: ['test-admin-options'] },
 	{
-		async post() {
-			check(
-				this.bodyParams,
-				Match.ObjectIncluding({
-					username: String,
-				}),
-			);
-
-			if (!this.userId) {
-				throw new Error('error-invalid-user');
-			}
-
-			if (settings.get('LDAP_Enable') !== true) {
-				throw new Error('LDAP_disabled');
-			}
-
-			await LDAP.testSearch(this.bodyParams.username);
-
-			return API.v1.success({
-				message: 'LDAP_User_Found' as const,
-			});
+		authRequired: true,
+		permissionsRequired: ['test-admin-options'],
+		validateParams: isLdapTestSearch,
+		response: {
+			200: ajv.compile<{ message: string }>(messageResponseSchema),
+			401: validateUnauthorizedErrorResponse,
+			403: validateForbiddenErrorResponse,
 		},
 	},
+	async function action() {
+		if (!this.userId) {
+			throw new Error('error-invalid-user');
+		}
+
+		if (settings.get('LDAP_Enable') !== true) {
+			throw new Error('LDAP_disabled');
+		}
+
+		await LDAP.testSearch(this.bodyParams.username);
+
+		return API.v1.success({
+			message: 'LDAP_User_Found' as const,
+		});
+	},
 );

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
 +'@rocket.chat/meteor': patch
 +---
++
 +Migrated `ldap.testConnection` and `ldap.testSearch` REST API endpoints from legacy `addRoute` pattern to the new chained `.post()` API pattern with typed response schemas and AJV body validation (replacing Meteor `check()`).