From 95c58eac8363965e4e326ea688691f487483b3f8 Mon Sep 17 00:00:00 2001
From: Asuka Minato <i@asukaminato.eu.org>
Date: Mon, 22 Dec 2025 21:09:58 +0900
Subject: [PATCH] refactor: split changes for api/controllers/web/app.py
 (#29857)

---
 api/controllers/web/app.py | 36 ++++++++++++++++++++++--------------
 1 file changed, 22 insertions(+), 14 deletions(-)

diff --git a/api/controllers/web/app.py b/api/controllers/web/app.py
index 60193f5f15..db3b93a4dc 100644
--- a/api/controllers/web/app.py
+++ b/api/controllers/web/app.py
@@ -1,14 +1,13 @@
 import logging
 
 from flask import request
-from flask_restx import Resource, marshal_with, reqparse
+from flask_restx import Resource, marshal_with
+from pydantic import BaseModel, ConfigDict, Field
 from werkzeug.exceptions import Unauthorized
 
 from constants import HEADER_NAME_APP_CODE
 from controllers.common import fields
-from controllers.web import web_ns
-from controllers.web.error import AppUnavailableError
-from controllers.web.wraps import WebApiResource
+from controllers.common.schema import register_schema_models
 from core.app.app_config.common.parameters_mapping import get_parameters_from_feature_dict
 from libs.passport import PassportService
 from libs.token import extract_webapp_passport
@@ -18,9 +17,23 @@ from services.enterprise.enterprise_service import EnterpriseService
 from services.feature_service import FeatureService
 from services.webapp_auth_service import WebAppAuthService
 
+from . import web_ns
+from .error import AppUnavailableError
+from .wraps import WebApiResource
+
 logger = logging.getLogger(__name__)
 
 
+class AppAccessModeQuery(BaseModel):
+    model_config = ConfigDict(populate_by_name=True)
+
+    app_id: str | None = Field(default=None, alias="appId", description="Application ID")
+    app_code: str | None = Field(default=None, alias="appCode", description="Application code")
+
+
+register_schema_models(web_ns, AppAccessModeQuery)
+
+
 @web_ns.route("/parameters")
 class AppParameterApi(WebApiResource):
     """Resource for app variables."""
@@ -96,21 +109,16 @@ class AppAccessMode(Resource):
         }
     )
     def get(self):
-        parser = (
-            reqparse.RequestParser()
-            .add_argument("appId", type=str, required=False, location="args")
-            .add_argument("appCode", type=str, required=False, location="args")
-        )
-        args = parser.parse_args()
+        raw_args = request.args.to_dict()
+        args = AppAccessModeQuery.model_validate(raw_args)
 
         features = FeatureService.get_system_features()
         if not features.webapp_auth.enabled:
             return {"accessMode": "public"}
 
-        app_id = args.get("appId")
-        if args.get("appCode"):
-            app_code = args["appCode"]
-            app_id = AppService.get_app_id_by_code(app_code)
+        app_id = args.app_id
+        if args.app_code:
+            app_id = AppService.get_app_id_by_code(args.app_code)
 
         if not app_id:
             raise ValueError("appId or appCode must be provided")