feat: add sandbox configuration update API

docs/openapi/api.yaml

@@ -71,6 +71,8 @@ paths:
     $ref: './configuration-api.yaml#/configuration'
   /configurations/sites/audits:
     $ref: './configurations-sites-audits-api.yaml#/configurations-sites-audits-toggle'
+  /configurations/sandbox:
+    $ref: './configuration-api.yaml#/sandbox-configuration'
   /event/fulfillment:
     $ref: './event-api.yaml#/process-fulfillment-events'
   /hooks/site-detection/cdn/{hookSecret}:

docs/openapi/configuration-api.yaml

@@ -46,3 +46,94 @@ configuration:
         $ref: './responses.yaml#/404-configuration-not-found-with-version'
       '500':
         $ref: './responses.yaml#/500'
+sandbox-configuration:
+  patch:
+    tags:
+      - configuration
+      - sandbox
+    summary: Update sandbox audit configurations
+    description: |
+      Updates the configuration settings for sandbox audit types. This endpoint allows
+      administrators to enable/disable specific audit types for sandbox sites and set
+      their expiration times. Only the audit types provided in the request will be updated.
+    operationId: updateSandboxConfiguration
+    security:
+      - admin_key: [ ]
+    requestBody:
+      required: true
+      content:
+        application/json:
+          schema:
+            $ref: './schemas.yaml#/SandboxConfigurationRequest'
+          examples:
+            update-multiple:
+              summary: Update multiple audit types
+              value:
+                sandboxConfigs:
+                  "meta-tags":
+                    cooldownHours: "3"
+                    enabled: true
+                  "alt-text":
+                    cooldownHours: "6"
+                    enabled: false
+            enable-single:
+              summary: Enable a single audit type
+              value:
+                sandboxConfigs:
+                  "meta-tags":
+                    cooldownHours: "3"
+                    enabled: true
+    responses:
+      '200':
+        description: Sandbox configurations updated successfully
+        content:
+          application/json:
+            schema:
+              $ref: './schemas.yaml#/SandboxConfigurationResponse'
+            examples:
+              success:
+                summary: Successful update of multiple configurations
+                value:
+                  message: "Sandbox configurations updated successfully"
+                  updatedConfigs:
+                    "meta-tags":
+                      cooldownHours: "3"
+                      enabled: true
+                    "alt-text":
+                      cooldownHours: "6"
+                      enabled: false
+                  totalUpdated: 2
+      '400':
+        description: Bad request - invalid configuration data
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                message:
+                  type: string
+                  example: "sandboxConfigs object is required"
+      '401':
+        $ref: './responses.yaml#/401'
+      '403':
+        description: Forbidden - admin access required
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                message:
+                  type: string
+                  example: "Only admins can update sandbox configurations"
+      '404':
+        description: Configuration not found
+        content:
+          application/json:
+            schema:
+              type: object
+              properties:
+                message:
+                  type: string
+                  example: "Configuration not found"
+      '500':
+        $ref: './responses.yaml#/500'

docs/openapi/schemas.yaml

@@ -1143,6 +1143,9 @@ Configuration:
           type: string
           format: url
           description: The SQS queue name for report jobs
+    sandboxAudits:
+      $ref: '#/SandboxAuditsConfig'
+      description: Configuration settings for sandbox audit types including expiration times and enabled status
 Job:
   type: object
   properties:
@@ -3508,6 +3511,67 @@ LlmoConfig:
   additionalProperties: false
 
 # Sandbox Audit API Schemas
+SandboxAuditConfig:
+  type: object
+  description: Configuration for a single sandbox audit type
+  required:
+    - cooldownHours
+    - enabled
+  properties:
+    cooldownHours:
+      type: string
+      description: Hours to wait before allowing the next audit of this type on sandbox sites
+      example: "3"
+    enabled:
+      type: boolean
+      description: Whether this audit type is enabled for sandbox sites
+      example: true
+  additionalProperties: false
+
+SandboxAuditsConfig:
+  type: object
+  description: Configuration mapping for all sandbox audit types
+  additionalProperties:
+    $ref: '#/SandboxAuditConfig'
+  example:
+    "meta-tags":
+      cooldownHours: "3"
+      enabled: true
+    "alt-text":
+      cooldownHours: "6" 
+      enabled: false
+
+SandboxConfigurationRequest:
+  type: object
+  description: Request payload for updating sandbox configuration
+  required:
+    - sandboxConfigs
+  properties:
+    sandboxConfigs:
+      $ref: '#/SandboxAuditsConfig'
+      description: Sandbox audit configurations to update
+  additionalProperties: false
+
+SandboxConfigurationResponse:
+  type: object
+  description: Response for sandbox configuration update operation
+  required:
+    - message
+    - updatedConfigs
+    - totalUpdated
+  properties:
+    message:
+      type: string
+      description: Human-readable confirmation message
+      example: "Sandbox configurations updated successfully"
+    updatedConfigs:
+      $ref: '#/SandboxAuditsConfig'
+      description: The configurations that were updated
+    totalUpdated:
+      type: integer
+      description: Number of audit types that were updated
+      example: 2
+
 SandboxAuditType:
   type: string
   description: Supported audit types for sandbox environments