schema.yaml

openapi: 3.0.3
info:
  title: StampWallet API Server
  description: StampWallet API Server REST Specification
  contact:
    email: fbstachura@gmail.com
  version: 0.1.0

paths:
  /auth/account:
    post:
      tags:
        - account
      summary: Create a new account
      description: Create a new account with specified password and email, send a confirmation email
      operationId: createAccount
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PostAccountRequest'
        required: true
      responses:
        '201':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PostAccountResponse'
              example:
                status: CREATED
        '400':
          description: Invalid request format, email or password
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '409':
          description: Account with email already exists
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: ALREADY_EXISTS
  /auth/account/emailConfirmation:
    post:
      tags:
        - account
      summary: Confirm email
      description: When an account is created, user receives an email with a link to a static website. That website simply posts it's parameters (unique to each email) to this endpoint. The parameters will be unique and hard to guess, allowing to verify that user really has access to the email address.
      operationId: confirmEmail
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PostAccountEmailConfirmationRequest'
        required: true
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PostAccountResponse'
              example:
                token: ZWVnaDhhZWg4bGVpbDJhaQo=:XBlaW5nZWViNWFpU2hlaGUKa
        '400':
          description: Invalid request format
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '401':
          description: Unauthorized - invalid token
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: UNAUTHORIZED
  /auth/account/email:
    post:
      tags:
        - account
      summary: Change email
      description: This endpoint can be used to change email address of currently logged in user. Changing email address requires email confirmation
      operationId: changeEmail
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PostAccountEmailRequest'
        required: true
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '400':
          description: Invalid request format
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '409':
          description: Email already exists
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: CONFLICT
      security: 
        - sessionToken: []
  /auth/account/password:
    post:
      tags:
        - account
      summary: Change password
      description: This endpoint can be used to change password of currently logged in user. Requires the user to provide their old password
      operationId: changePassword
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PostAccountPasswordRequest'
        required: true
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '400':
          description: Invalid request format or invalid old password
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
      security: 
        - sessionToken: []
  /auth/sessions:
    post:
      tags:
        - sessions
      summary: Login
      description: This endpoint is used to exchange user credentials for temporary credentials that allow access to the API. 
      operationId: login
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PostAccountSessionRequest'
        required: true
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PostAccountSessionResponse'
              example:
                token: ZWVnaDhhZWg4bGVpbDJhaXBlaW5nZWViNWFpU2hlaGUK
        '400':
          description: Invalid request format
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '401':
          description: Invalid credentials
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: UNAUTHORIZED
    delete:
      tags:
        - sessions
      summary: Logout
      description: This endpoint invalidates session token passed with the request.
      operationId: logout
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '401':
          description: Unauthorized, no credentials
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: UNAUTHORIZED
      security: 
        - sessionToken: []


  /business/account:
    post:
      tags:
        - business
      summary: Create a business account
      description: This endpoint is used to attach a new business account to an existing, logged in user account. Busies details are provided in the request. Responds with business id and ids of banner and icon image slots.
      operationId: createBusinessAccount
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PostBusinessAccountRequest'
        required: true
      responses:
        '201':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PostBusinessAccountResponse'
        '400':
          description: Invalid request format
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '409':
          description: Business already exists
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: ALREADY_EXISTS
        '401':
          description: Invalid credentials
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: UNAUTHORIZED
      security: 
        - sessionToken: []
  /business/info:
    get:
      tags:
        - business
      summary: Get business info
      description: Responds with information about business owned by the logged in user.
      operationId: getBusinessAccountInfo
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetBusinessAccountResponse'
        '401':
          description: Invalid credentials
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: UNAUTHORIZED
        '404':
          description: Does not exist or forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []
    patch:
      tags:
        - business
      summary: Update business account
      description: This endpoint is used to update business account data
      operationId: updateBusinessAccount
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PatchBusinessAccountRequest'
        required: true
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '400':
          description: Invalid request format
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
      security: 
        - sessionToken: []
  /business/menuImages/:
    post:
      tags:
        - business
      summary: Add menu image to business
      description: This endpoint is used to add a new menu image to business details. Returns a new fileId to be used with '/file/' endpoints.
      operationId: addMenuImage
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PostBusinessAccountMenuImageResponse'
        '400':
          description: Invalid request format
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
      security: 
        - sessionToken: []
  /business/menuImages/{menuImageId}:
    delete:
      tags:
        - business
      summary: Delete menu image from business
      description: This endpoint is used to delete a menu image from business details.
      operationId: deleteMenuImage
      parameters:
        - in: path
          name: menuImageId
          schema: 
            type: string 
          required: true
          description: Public id of the menu image to be deleted
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
        '403':
          description: Forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: FORBIDDEN
      security: 
        - sessionToken: []
  /business/itemDefinitions:
    get:
      tags:
        - itemDefinitions
      summary: Get list of item definitions
      description: This endpoint is used to retrieve data about existing item definitions (benefits).
      operationId: getItemDefinitions
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetBusinessItemDefinitionsResponse'
      security: 
        - sessionToken: []
    post:
      tags:
        - itemDefinitions
      summary: Add a new item definition
      description: This endpoint is used to add new item definitions (benefits).
      operationId: AddItemDefinition
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PostBusinessItemDefinitionRequest'
        required: true
      responses:
        '201':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PostBusinessItemDefinitionResponse'
              example:
                status: CREATED
        '400':
          description: Invalid request format
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
      security: 
        - sessionToken: []
  /business/itemDefinitions/{definitionId}:
    put:
      tags:
        - itemDefinitions
      summary: Update an exiting item definition
      description: This endpoint is used to change details of existing item definitions (benefits). Client has to provide all values, even if values do not change
      operationId: updateItemDefinition
      parameters:
        - in: path
          name: definitionId
          schema: 
            type: string 
          required: true
          description: Public id of the definition to update
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PutBusinessItemDefinitionRequest'
        required: true
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '400':
          description: Invalid request format
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '404':
          description: Does not exist or forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []
    delete:
      tags:
        - itemDefinitions
      summary: Delete an exiting item definition
      description: This endpoint is used to delete existing item definitions (benefits).
      operationId: deleteItemDefinition
      parameters:
        - in: path
          name: definitionId
          schema: 
            type: string 
          required: true
          description: Public id of the definition to update
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '400':
          description: Invalid request format
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '404':
          description: Does not exist or forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []
  /business/transactions/{transactionCode}:
    get:
      tags:
        - transactions
      summary: Get info about a started transaction
      description: This endpoint is used in the second step of transaction processing, the app should use it to retrieve details about a transaction started by a user, after scanning user's transaction code.
      operationId: getTransactionDetails
      parameters:
        - in: path
          name: transactionCode
          schema: 
            type: string
          required: true
          description: Transaction code (scanned or typed in)
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetBusinessTransactionResponse'
        '404':
          description: Does not exist or forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []
    post:
      tags:
        - transactions
      summary: Finish a transaction
      description: This endpoint is used in the third step of transaction processing, the app should use it to update transaction details with data about points added to user's account and actions that were taken on items included in the transaction.
      operationId: finishTransaction
      parameters:
        - in: path
          name: transactionCode
          schema: 
            type: string
          required: true
          description: Transaction code (scanned or typed in)
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PostBusinessTransactionRequest'
        required: true
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '400':
          description: Invalid request 
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '404':
          description: Does not exist or forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []


  /user/cards:
    get:
      tags:
        - cards 
      summary: Get list of user's cards
      description: This endpoint is used to retrieve a list of currently logged in user's cards.
      operationId: getUserCards
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetUserCardsResponse'
      security: 
        - sessionToken: []
  /user/cards/local:
    post:
      tags:
        - localCards 
      summary: Add a new local card
      description: This endpoint is used to add a new local card to user's account.
      operationId: createLocalCard
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PostUserLocalCardsRequest'
        required: true
      responses:
        '201':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PostUserLocalCardsResponse'
        '400':
          description: Invalid request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
      security: 
        - sessionToken: []
  /user/cards/local/types:
    get:
      tags:
        - localCards 
      summary: Get list of local card types
      description: This endpoint is used to get a list of supported local card types.
      operationId: getLocalCardTypes
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetUserLocalCardTypesResponse'
      security: 
        - sessionToken: []
  /user/cards/local/{cardId}:
    delete:
      tags:
        - localCards 
      summary: Delete a local card
      description: This endpoint is used to delete a local card from account of the currently logged in user.
      operationId: deleteLocalCard
      parameters:
        - in: path
          name: cardId
          schema: 
            type: string 
          required: true
          description: Public id of the card to delete
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '404':
          description: Unknown card or forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []

  /user/cards/virtual/{businessId}:
    post:
      tags:
        - virtualCards
      summary: Add a new virtual card
      description: This endpoint is used to register a new virtual card to the account of the currently logged in user.
      operationId: createVirtualCard
      parameters:
        - in: path
          name: businessId
          schema: 
            type: string 
          required: true
          description: Public ID of the business which card was requested to be added by user
      responses:
        '201':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: CREATED
        '404':
          description: Unknown business
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
        '409':
          description: Card already exists
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: ALREADY_EXISTS
      security: 
        - sessionToken: []
    delete:
      tags:
        - virtualCards
      summary: Delete a virtual card
      description: This endpoint is used to delete a virtual card from the account of the currently logged in user.
      operationId: deleteVirtualCard
      parameters:
        - in: path
          name: businessId
          schema: 
            type: string 
          required: true
          description: Public ID of the business which card was requested to be deleted from the account
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '404':
          description: No such card
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []
    get:
      tags:
        - virtualCards
      summary: Get info about a virtual card
      description: This endpoint is used to retrieve details of a virtual card owned by the currently logged in user.
      operationId: getVirtualCard
      parameters:
        - in: path
          name: businessId
          schema: 
            type: string 
          required: true
          description: Public ID of the business which card was requested
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetUserVirtualCardResponse'
        '404':
          description: No such card
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []

  # notes: business id can be infered from item deinition id. so the first parameter really does not make much sense 
  /user/cards/virtual/{businessId}/itemsDefinitions/{itemDefinitionId}:
    post:
      tags:
        - virtualCards
      summary: Buy an item
      description: This endpoint is used to buy an item for points from the virtual card.
      operationId: buyItem
      parameters:
        - in: path
          name: businessId
          schema: 
            type: string 
          required: true
          description: Public ID of the business which card was requested
        - in: path
          name: itemDefinitionId 
          schema: 
            type: string 
          required: true
          description: Public ID of the item definition requested by the user
      responses:
        '201':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PostUserVirtualCardItemResponse'
        '404':
          description: No such item or item does not belong to this business
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
        '401':
          description: Item withdrawn, not available etc
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []
  # notes: business id can be infered from item id. so the first parameter really does not make much sense 
  /user/cards/virtual/{businessId}/items/{itemId}:
    delete:
      tags:
        - virtualCards
      summary: Delete an item
      description: This endpoint is used to return an item, and get back points that were spent on that item.
      operationId: deleteItem
      parameters:
        - in: path
          name: businessId
          schema: 
            type: string 
          required: true
          description: Public ID of the business which card was requested
        - in: path
          name: itemId 
          schema: 
            type: string 
          required: true
          description: Public ID of the item requested to be deleted
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '404':
          description: No such item
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
        '401':
          description: Item cannot be returned
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
      security: 
        - sessionToken: []

  # NOTE: only one transaction per user+business should be available at the same time
  /user/cards/virtual/{businessId}/transactions:
    post:
      tags:
        - transactions
      summary: Start a transaction 
      description: This endpoint is used in the first step of transaction processing, the app should use it to start a transaction optionally providing items to be exchanged.
      operationId: startTransaction
      parameters:
        - in: path
          name: businessId
          schema: 
            type: string 
          required: true
          description: Public ID of the business which card was requested
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PostUserVirtualCardTransactionRequest'
        required: true
      responses:
        '201':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PostUserVirtualCardTransactionResponse'
        '400':
          description: Invalid request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '404':
          description: No such item
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []
  /user/cards/virtual/{businessId}/transactions/{transactionCode}:
    get:
      tags:
        - transactions
      summary: Get info about a transaction
      description: This endpoint is used in the last step of transaction processing, it's used to check the status of the transaction.
      operationId: getTransactionStatus
      parameters:
        - in: path
          name: businessId
          schema:
            type: string 
          required: true
          description: Public ID of the business which card was requested
        - in: path
          name: transactionCode
          schema:
            type: string 
          required: true
          description: Transaction code 
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetUserVirtualCardTransactionResponse'
        '404':
          description: No such transaction or business
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: NOT_FOUND
      security: 
        - sessionToken: []

  /user/businesses:
    get:
      tags:
        - user
      summary: Search businesses
      description: This endpoint is used to search businesses that match the provided text query or are close to a specified point.
      operationId: searchBusinesses
      parameters:
        - in: query
          name: text
          description: Filter by business name
          schema:
            type: string
          required: false
        - in: query
          name: location
          description: Filter by business location
          schema:
            type: string
            format: ISO 6709
          required: false
        - in: query
          name: proximity
          description: Filter by distance from location in meters
          schema:
            type: integer
          required: false
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetUserBusinessesSearchResponse'
        '400':
          description: Invalid request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
      security: 
        - sessionToken: []
  /user/businesses/{businessId}:
    get:
      tags:
        - user
      summary: Get business info
      description: This endpoint is used to get info about a business
      operationId: getBusiness
      parameters:
        - in: path
          name: businessId
          description: Public id of the business
          schema:
            type: string
          required: true
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GetUserBusinessesResponse'
        '400':
          description: Invalid request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
      security: 
        - sessionToken: []

  /file/{fileId}:
    get:
      tags:
        - file
      summary: Get file
      description: This endpoint is used to download files by ID.
      operationId: getFile
      parameters:
        - in: path
          name: fileId
          description: ID of file to download
          schema:
            type: string
          required: true
      responses:
        '200':
          description: Successful operation
          content:
            image/png:
              schema:
                type: string
                format: binary
            image/jpeg:
              schema:
                type: string
                format: binary
        '400':
          description: Invalid request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
      security: 
        - sessionToken: []
    post:
      tags:
        - file
      summary: Upload file
      description: This endpoint is used to upload files.
      operationId: uploadFile
      parameters:
        - in: path
          name: fileId
          description: ID of file to upload/replace
          schema:
            type: string
          required: true
      requestBody:
        description: File data
        content:
          multipart/form-data: 
            schema:
              type: object
              properties: 
                file:  
                  type: string
                  format: binary
            encoding: 
              file: 
                contentType: image/png, image/jpeg, image/webp
        required: true
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
        '400':
          description: Invalid request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '403':
          description: Forbidden, no permissions to upload to this file
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: FORBIDDEN
      security: 
        - sessionToken: []
    delete:
      tags:
        - file
      summary: Delete a file
      description: This endpoint is used to delete files.
      operationId: deleteFile
      parameters:
        - in: path
          name: fileId
          description: ID of file to delete
          schema:
            type: string
          required: true
      responses:
        '200':
          description: Successful operation
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: OK
        '400':
          description: Invalid request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: INVALID_REQUEST
        '403':
          description: Forbidden, no permissions to delete this file
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DefaultResponse'
              example:
                status: FORBIDDEN
      security: 
        - sessionToken: []

components:
  schemas:
    DefaultResponse:
      type: object
      properties:
        status:
          $ref: '#/components/schemas/DefaultResponseStatusEnum'
        message:
          type: string

    DefaultResponseStatusEnum:
      type: string
      enum:
        - OK
        - CREATED
        - NOT_FOUND
        - FORBIDDEN
        - ALREADY_EXISTS
        - UNAUTHORIZED
        - INVALID_REQUEST
        - UNKNOWN_ERROR
        - CONFLICT

    PostAccountRequest:
      type: object
      properties:
        email:
          type: string
          format: email
          example: test@example.com
          x-go-custom-tag: binding:"required"
        password:
          type: string
          format: password
          example: zaq1@WSX
          x-go-custom-tag: binding:"required"
    PostAccountResponse:
      type: object
      properties:
        token:
          type: string
          example: ZWVnaDhhZWg4bGVpbDJhaQo=:XBlaW5nZWViNWFpU2hlaGUKa
    PostAccountEmailConfirmationRequest:
      type: object
      properties:
        token:
          type: string
          example: ZWVnaDhhZWg4bGVpbDJhaQo=:XBlaW5nZWViNWFpU2hlaGUKa
          x-go-custom-tag: binding:"required"
    PostAccountEmailRequest:
      type: object
      properties:
        email:
          type: string
          example: test@example.com
          x-go-custom-tag: binding:"required"
    PostAccountPasswordRequest:
      type: object
      properties:
        password:
          type: string
          example: zaq1@WSX
          x-go-custom-tag: binding:"required"
        oldPassword:
          type: string
          example: password123
          x-go-custom-tag: binding:"required"
    PostAccountSessionRequest:
      type: object
      properties:
        email:
          type: string
          format: email
          example: test@example.com
          x-go-custom-tag: binding:"required"
        password:
          type: string
          format: password
          example: zaq1@WSX
          x-go-custom-tag: binding:"required"
    PostAccountSessionResponse:
      type: object
      properties:
        token:
          type: string
          example: ZWVnaDhhZWg4bGVpbDJhaQo=:XBlaW5nZWViNWFpU2hlaGUKa


    PostBusinessAccountRequest:
      type: object
      properties: 
        name:
          type: string
          x-go-custom-tag: binding:"required"
        address:
          type: string
          x-go-custom-tag: binding:"required"
        gpsCoordinates:
          type: string
          x-go-custom-tag: binding:"required"
        description:
          type: string
          x-go-custom-tag: binding:"required"
        nip:
          type: string
          x-go-custom-tag: binding:"required"
        krs:
          type: string
          x-go-custom-tag: binding:"required"
        regon:
          type: string
          x-go-custom-tag: binding:"required"
        ownerName:
          type: string
          x-go-custom-tag: binding:"required"
      example:
        name: test business
        address: ul. Łojasiewicza 6 Kraków Polska
        gpsCoordinates: "+48.8577+002.295/"
        nip: 1234567899
        krs: 1234567890
        regon: 12345678901234
        description: "test asdas"
        ownerName: Jan Kowalski

    PostBusinessAccountResponse:
      type: object
      properties:
        publicId:
          type: string
        bannerImageId: 
          type: string
        iconImageId: 
          type: string
      example:
        publicId: eGVlbGlCaWU5Z2FoCg
        bannerImageId: eGVlbGlCaWU5Z2FoCg
        iconImageId: eGVlbGlCaWU5Z2FoCg
    GetBusinessAccountResponse:
      allOf:
        - $ref: '#/components/schemas/PublicBusinessDetailsAPIModel'
        - type: object
          properties:
            nip: 
              type: string
            krs: 
              type: string
            regon: 
              type: string
            ownerName: 
              type: string
    PatchBusinessAccountRequest:
      type: object
      properties:
        name:
          type: string
        description:
          type: string
      example:
        name: test
    PostBusinessAccountMenuImageResponse:
      type: object
      properties:
        imageId:
          type: string
          example: S2VlNWVlQ2Foajh1Cg
    PutBusinessItemDefinitionRequest:
      type: object
      properties:
        name: 
          type: string
        price: 
          type: integer
          nullable: true
        description: 
          type: string
        startDate: 
          type: string
          format: date-time
          nullable: true
        endDate: 
          type: string
          format: date-time
          nullable: true
        maxAmount: 
          type: integer
          nullable: true
        available: 
          type: boolean
    PostBusinessItemDefinitionRequest:
      type: object
      properties:
        name: 
          type: string
        price: 
          type: integer
          nullable: true
        description: 
          type: string
        startDate: 
          type: string
          format: date-time
          nullable: true
        endDate: 
          type: string
          format: date-time
          nullable: true
        maxAmount: 
          type: integer
          nullable: true
        available: 
          type: boolean
    PostBusinessItemDefinitionResponse:
      type: object
      properties:
        publicId:
          type: string
          example: ZmVlQ2ExYWlnaDRPCg
    GetBusinessItemDefinitionsResponse:
      type: object
      properties:
        itemDefinitions: 
          type: array
          items:
            $ref: '#/components/schemas/ItemDefinitionAPIModel'
    GetBusinessTransactionResponse:
      type: object
      properties:
        publicId: 
          type: string
        virtualCardId: 
          type: integer
        state: 
          $ref: '#/components/schemas/TransactionStateEnum'
        items: 
          type: array
          items:
            $ref: '#/components/schemas/TransactionItemDetailAPIModel'
      example:
        publicId: aWtlaXY5QWl0aDllCg
        virtualCardId: YXBpMWhhZXhhaUhvCg
        state: STARTED
        items: 
          - publicId: SW9zMmxhaHBoZXF1Cg
            itemDefinitionId: SW9zMmxhaHBoZXF1Cg
    PostBusinessTransactionRequest:
      type: object
      properties:
        addedPoints: 
          type: integer
        itemActions: 
          type: array 
          items: 
            $ref: '#/components/schemas/ItemActionAPIModel'
      example:
        addedPoints: 10
        itemActions:
          - itemId: bWlhOGFoYnVKYWl0Cg
            action: REDEEMED
          - itemId: dGhlaTNYb284b2VzCg
            action: RECALLED
          - itemId: Q2hpZW1vbzRpZUZhCg
            action: CANCELLED

    TransactionItemDetailAPIModel:
      type: object
      properties:
        publicId: 
          type: string
          example: YWV2ZXhvMEVlR2VpCg
        itemDefinitionId: 
          type: string
          example: Y2hvaDFJZXRoZWV5Cg
    TransactionStateEnum:
      type: string
      enum:
        - STARTED
        - PROCESSING
        - FINISHED
        - EXPIRED
        - FAILED


    GetUserCardsResponse:
      type: object
      properties:
        localCards: 
          type: array
          items:
            $ref: '#/components/schemas/LocalCardAPIModel'
        virtualCards: 
          type: array
          items:
            $ref: '#/components/schemas/ShortVirtualCardAPIModel'
    PostUserLocalCardsRequest:
      type: object
      properties:
        name: 
          type: string
          example: "test card"
          x-go-custom-tag: binding:"required"
        type: 
          type: string
          example: VmlpOW9OZ2llUGl1Cg
          x-go-custom-tag: binding:"required"
        code: 
          type: string
          example: 1234567890
          x-go-custom-tag: binding:"required"
    PostUserLocalCardsResponse:
      type: object
      properties:
        publicId: 
          type: string
          example: "VmlpOW9OZ2llUGl1Cg"
          x-go-custom-tag: binding:"required"
    GetUserLocalCardTypesResponse:
      type: object
      properties:
        types: 
          type: array
          items:
            type: object 
            properties:
              publicId: 
                type: string
              name: 
                type: string
              code: 
                type: string
              imageUrl: 
                type: string
    GetUserVirtualCardResponse:
      type: object
      required: 
        - points
      properties:
        points:
          type: integer
        ownedItems: 
          type: array
          items: 
            $ref: '#/components/schemas/OwnedItemAPIModel'
        businessDetails:
          $ref: '#/components/schemas/PublicBusinessDetailsAPIModel'
    PostUserVirtualCardTransactionRequest:
      type: object
      properties:
        itemIds:
          type: array
          x-go-custom-tag: binding:"required"
          items:
            type: string
      example:
        itemIds:
          - cGllMHBoZWlsZThBCg
          - Y2VoMElhbnV1c2g1Cg
    PostUserVirtualCardTransactionResponse:
      type: object
      properties:
        publicId: #of what? lmao
          type: string
        Code: 
          type: string
      example:
        publicId: cGllOG1haDBPaHY3Cg
        Code: 1234567890
    GetUserBusinessesSearchResponse:
      type: object
      properties:
        businesses: 
          type: array
          items:
            $ref: '#/components/schemas/ShortBusinessDetailsAPIModel'
      example:
        businesses:
          - publicId: cG9leWlWb283c2h1Cg
            name: Business
            description: Coffee shop or whatever
            gpsCoordinates: "+48.8577+002.295/"
            bannerImageId: b29naG9oVGhhaG42Cg
            iconImageId: b29naG9oVGhhaG42Cg
    GetUserBusinessesResponse:
      $ref: '#/components/schemas/PublicBusinessDetailsAPIModel'
    PostUserVirtualCardItemResponse:
      type: object
      properties:
        itemId:
          type: string
      example:
        itemId: aWVSOGplZXdlaW1pCg
    GetUserVirtualCardTransactionResponse:
      type: object
      properties:
        publicId: 
          type: string
        state: 
          $ref: '#/components/schemas/TransactionStateEnum'
        addedPoints: 
          type: integer
        itemActions:
          type: array
          items:
            $ref: '#/components/schemas/ItemActionAPIModel'
      example:
        itemId: Y2FoMWFpTmcwaGllCg
        state: FINISHED
        addedPoints: 20
        itemActions:
          itemId: bWlhOGFoYnVKYWl0Cg
          action: REDEEMED

    ShortBusinessDetailsAPIModel:
      type: object
      properties:
        publicId: 
          type: string
        name: 
          type: string
        description: 
          type: string
        gpsCoordinates: 
          type: string
        bannerImageId: 
          type: string
        iconImageId: 
          type: string
      example:
        publicId: cG9leWlWb283c2h1Cg
        name: Business
        description: Coffee shop or whatever
        gpsCoordinates: "+48.8577+002.295/"
        bannerImageId: b29naG9oVGhhaG42Cg
        iconImageId: b29naG9oVGhhaG42Cg
    OwnedItemAPIModel:
      type: object
      properties:
        publicId: 
          type: string
        definitionId: 
          type: string
      example:
        publicId: Q2hhOGRvYTZlaXRlCg
        definitionId: bGVlNnF1YTNTZW85Cg
    LocalCardAPIModel:
      type: object
      properties:
        publicId:
          type: string
        name:
          type: string
        type:
          type: string
        code:
          type: string
      example:
        publicId: d29oU29vdm9pNW9vCg
        name: "test card"
        type: "aWVuZWVnZWVZYWkyCg"
        code: "1234567890"
    ShortVirtualCardAPIModel:
      type: object
      required:
        - points
      properties:
        businessDetails:
          $ref: '#/components/schemas/ShortBusinessDetailsAPIModel'
        points:
          type: integer

    PublicBusinessDetailsAPIModel:
      type: object
      required:
        - description
      properties:
        publicId:
          type: string
        name: 
          type: string
        address: 
          type: string
        gpsCoordinates: 
          type: string
        bannerImageId: 
          type: string
        description: 
          type: string
        iconImageId: 
          type: string
        menuImageIds: 
          type: array
          items:
            type: string
        itemDefinitions: 
          type: array
          items:
            $ref: '#/components/schemas/ItemDefinitionAPIModel'
      example:
        publicId: ZUNoYWkyYWV4aVRhCg
        name: "test"
        address: "ul. Łojasiewicza 6"
        gpsCoordinates: "+48.8577+002.295/"
        bannerImageId: WG9ocGg2b0h1ZWNoCg
        iconImageId: c2VlbGVlNEVlV29vCg
        menuImageIds: 
          - bXU5YWltMm1haUdpCg
        itemDefinitions:
          - publicId: QWl5ZWlwaG8ySWl2Cg
            name: "Cool item"
            price: 10
            description: "idk"
            imageId: "QWhDOXBvdTdhaTZQCg"
            startDate: "2023-04-21T15:25:37+02:00"
            endDate: "2024-04-21T17:25:37+02:00"
            maxAmount: 2 
            available: true
    ItemDefinitionAPIModel:
      type: object
      properties:
        publicId: 
          type: string
        name: 
          type: string
        price: 
          type: integer
          nullable: true
        description: 
          type: string
        imageId: 
          type: string
        startDate: 
          type: string
          format: date-time
          nullable: true
        endDate: 
          type: string
          format: date-time
          nullable: true
        maxAmount: 
          type: integer
          nullable: true
        available: 
          type: boolean
      example:
        publicId: QWl5ZWlwaG8ySWl2Cg
        name: "Cool item"
        price: 10
        description: "idk"
        imageId: "QWhDOXBvdTdhaTZQCg"
        startDate: "2023-04-21T15:25:37+02:00"
        endDate: "2024-04-21T17:25:37+02:00"
        maxAmount: 2 
        available: true
    ItemActionAPIModel:
      type: object
      properties: 
        itemId: 
          type: string
        action: 
          $ref: '#/components/schemas/ItemActionTypeEnum'
      example:
        itemId: bWlhOGFoYnVKYWl0Cg
        action: REDEEMED
    ItemActionTypeEnum:
      type: string
      enum:
        - NO_ACTION
        - REDEEMED
        - RECALLED
        - CANCELLED

  securitySchemes:
    sessionToken:
      type: http
      scheme: bearer
      bearerFormat: Just the token string received from the API. In reality consists of the token id and the actual token, separated by a colon.