diff --git a/tools/spectral/ipa/__tests__/IPA113ResetMethodMustNotHaveRequestBody.test.js b/tools/spectral/ipa/__tests__/IPA113ResetMethodMustNotHaveRequestBody.test.js index 12e8613433..2c1c5508b9 100644 --- a/tools/spectral/ipa/__tests__/IPA113ResetMethodMustNotHaveRequestBody.test.js +++ b/tools/spectral/ipa/__tests__/IPA113ResetMethodMustNotHaveRequestBody.test.js @@ -44,7 +44,7 @@ testRule('xgen-IPA-113-reset-method-must-not-have-request-body', [ code: 'xgen-IPA-113-reset-method-must-not-have-request-body', message: 'The :reset custom method must not have a request body.', path: ['paths', '/resource/{exampleId}/singleton:reset', 'post'], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, ], }, diff --git a/tools/spectral/ipa/__tests__/IPA113ResetMethodMustReturn200OK.test.js b/tools/spectral/ipa/__tests__/IPA113ResetMethodMustReturn200OK.test.js index ce8d2bfc60..a6c2a6bc27 100644 --- a/tools/spectral/ipa/__tests__/IPA113ResetMethodMustReturn200OK.test.js +++ b/tools/spectral/ipa/__tests__/IPA113ResetMethodMustReturn200OK.test.js @@ -69,7 +69,7 @@ testRule('xgen-IPA-113-reset-method-must-return-200-OK', [ code: 'xgen-IPA-113-reset-method-must-return-200-OK', message: 'The :reset custom method must return a 200 OK response with the reset resource in the response body.', path: ['paths', '/resource/{exampleId}/singleton:reset', 'post'], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, ], }, @@ -92,7 +92,7 @@ testRule('xgen-IPA-113-reset-method-must-return-200-OK', [ code: 'xgen-IPA-113-reset-method-must-return-200-OK', message: 'The :reset custom method must return a 200 OK response with the reset resource in the response body.', path: ['paths', '/resource/{exampleId}/singleton:reset', 'post'], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, ], }, diff --git a/tools/spectral/ipa/__tests__/IPA113ResetMethodMustUsePost.test.js b/tools/spectral/ipa/__tests__/IPA113ResetMethodMustUsePost.test.js index 15b74d7e3e..8f76dc06fd 100644 --- a/tools/spectral/ipa/__tests__/IPA113ResetMethodMustUsePost.test.js +++ b/tools/spectral/ipa/__tests__/IPA113ResetMethodMustUsePost.test.js @@ -52,7 +52,7 @@ testRule('xgen-IPA-113-reset-method-must-use-POST', [ code: 'xgen-IPA-113-reset-method-must-use-POST', message: 'The :reset custom method must use the POST HTTP method.', path: ['paths', '/resource/{exampleId}/singleton:reset'], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, ], }, @@ -71,7 +71,7 @@ testRule('xgen-IPA-113-reset-method-must-use-POST', [ code: 'xgen-IPA-113-reset-method-must-use-POST', message: 'The :reset custom method must use the POST HTTP method.', path: ['paths', '/resource/{exampleId}/singleton:reset'], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, ], }, diff --git a/tools/spectral/ipa/__tests__/IPA113ResetMethodNotOnReadonlySingleton.test.js b/tools/spectral/ipa/__tests__/IPA113ResetMethodNotOnReadonlySingleton.test.js index 1a913b6d69..49a40c6c32 100644 --- a/tools/spectral/ipa/__tests__/IPA113ResetMethodNotOnReadonlySingleton.test.js +++ b/tools/spectral/ipa/__tests__/IPA113ResetMethodNotOnReadonlySingleton.test.js @@ -65,7 +65,7 @@ testRule('xgen-IPA-113-reset-method-not-on-readonly-singleton', [ message: 'Read-only singleton resources must not define a :reset custom method. Read-only resources cannot be modified, so reset is not applicable.', path: ['paths', '/resource/{exampleId}/singleton:reset'], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, ], }, diff --git a/tools/spectral/ipa/__tests__/IPA113ResetMethodOnlyOnSingletonResources.test.js b/tools/spectral/ipa/__tests__/IPA113ResetMethodOnlyOnSingletonResources.test.js index bfb9b7d47d..781738a96c 100644 --- a/tools/spectral/ipa/__tests__/IPA113ResetMethodOnlyOnSingletonResources.test.js +++ b/tools/spectral/ipa/__tests__/IPA113ResetMethodOnlyOnSingletonResources.test.js @@ -38,7 +38,7 @@ testRule('xgen-IPA-113-reset-method-only-on-singleton-resources', [ code: 'xgen-IPA-113-reset-method-only-on-singleton-resources', message: 'The :reset custom method must only be defined on singleton resources.', path: ['paths', '/resource:reset'], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, ], }, diff --git a/tools/spectral/ipa/__tests__/IPA117RequestResponseBodiesMustBeWellDefined.test.js b/tools/spectral/ipa/__tests__/IPA117RequestResponseBodiesMustBeWellDefined.test.js index 27652e6822..8a6e53afe2 100644 --- a/tools/spectral/ipa/__tests__/IPA117RequestResponseBodiesMustBeWellDefined.test.js +++ b/tools/spectral/ipa/__tests__/IPA117RequestResponseBodiesMustBeWellDefined.test.js @@ -230,7 +230,7 @@ testRule('xgen-IPA-117-request-response-bodies-must-be-well-defined', [ 'content', 'application/vnd.atlas.2024-08-05+json', ], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, { code: 'xgen-IPA-117-request-response-bodies-must-be-well-defined', @@ -244,25 +244,25 @@ testRule('xgen-IPA-117-request-response-bodies-must-be-well-defined', [ 'content', 'application/vnd.atlas.2024-08-05+json', ], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, { code: 'xgen-IPA-117-request-response-bodies-must-be-well-defined', message: 'Request and response bodies must have a schema.', path: ['paths', '/resource', 'post', 'responses', '200', 'content', 'application/vnd.atlas.2024-08-05+json'], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, { code: 'xgen-IPA-117-request-response-bodies-must-be-well-defined', message: 'Request and response bodies must have a schema.', path: ['paths', '/resource', 'post', 'responses', '200', 'content', 'application/vnd.atlas.2023-08-05+json'], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, { code: 'xgen-IPA-117-request-response-bodies-must-be-well-defined', message: 'Request and response bodies must have a schema.', path: ['paths', '/resource', 'post', 'requestBody', 'content', 'application/vnd.atlas.2023-08-05+json'], - severity: DiagnosticSeverity.Warning, + severity: DiagnosticSeverity.Error, }, ], }, diff --git a/tools/spectral/ipa/rulesets/IPA-113.yaml b/tools/spectral/ipa/rulesets/IPA-113.yaml index e3970e8506..eaa966aaa7 100644 --- a/tools/spectral/ipa/rulesets/IPA-113.yaml +++ b/tools/spectral/ipa/rulesets/IPA-113.yaml @@ -68,7 +68,7 @@ rules: - Fails if GET or any other HTTP method is used - Fails if multiple HTTP methods are defined for the same :reset endpoint message: '{{error}} https://mdb.link/mongodb-atlas-openapi-validation#xgen-IPA-113-reset-method-must-use-POST' - severity: warn + severity: error given: '$.paths[*]' then: function: 'IPA113ResetMethodMustUsePost' @@ -82,7 +82,7 @@ rules: - Verifies that the operation object does not contain a requestBody property - Fails if any request body is defined message: '{{error}} https://mdb.link/mongodb-atlas-openapi-validation#xgen-IPA-113-reset-method-must-not-have-request-body' - severity: warn + severity: error given: '$.paths[*].post' then: function: 'IPA113ResetMethodMustNotHaveRequestBody' @@ -97,7 +97,7 @@ rules: - Fails if the method lacks a 200 OK response or defines a different 2xx status code - Verifies that the 200 response has a response body with schema message: '{{error}} https://mdb.link/mongodb-atlas-openapi-validation#xgen-IPA-113-reset-method-must-return-200-OK' - severity: warn + severity: error given: '$.paths[*].post' then: function: 'IPA113ResetMethodMustReturn200OK' @@ -113,7 +113,7 @@ rules: - Confirms that the :reset method 200 response schema reference matches the GET method response schema reference - Ensures the reset resource returned is the same type as the singleton resource message: '{{error}} https://mdb.link/mongodb-atlas-openapi-validation#xgen-IPA-113-reset-method-response-is-get-method-response' - severity: warn + severity: error given: '$.paths[*].post.responses.200.content' then: field: '@key' @@ -129,7 +129,7 @@ rules: - Uses existing isSingletonResource() helper function - Fails if :reset is defined on a non-singleton resource message: '{{error}} https://mdb.link/mongodb-atlas-openapi-validation#xgen-IPA-113-reset-method-only-on-singleton-resources' - severity: warn + severity: error given: '$.paths[*]' then: function: 'IPA113ResetMethodOnlyOnSingletonResources' @@ -144,7 +144,7 @@ rules: - Uses existing isReadOnlyResource() helper function - Fails if the singleton resource has all properties marked as readOnly: true message: '{{error}} https://mdb.link/mongodb-atlas-openapi-validation#xgen-IPA-113-reset-method-not-on-readonly-singleton' - severity: warn + severity: error given: '$.paths[*]' then: function: 'IPA113ResetMethodNotOnReadonlySingleton' @@ -162,7 +162,7 @@ rules: This rule includes a configuration option: - `ignoreSingularizationList`: Words that are allowed to maintain their assumed plurality (e.g., "Fts") message: '{{error}} https://mdb.link/mongodb-atlas-openapi-validation#xgen-IPA-113-reset-method-valid-operation-id' - severity: warn + severity: error given: '$.paths[*].post' then: function: 'IPA113ResetMethodValidOperationID' diff --git a/tools/spectral/ipa/rulesets/IPA-117.yaml b/tools/spectral/ipa/rulesets/IPA-117.yaml index 24736d23bc..4e515d8b5d 100644 --- a/tools/spectral/ipa/rulesets/IPA-117.yaml +++ b/tools/spectral/ipa/rulesets/IPA-117.yaml @@ -225,7 +225,7 @@ rules: These components must be described, i.e. has the `schema` property: message: '{{error}} https://mdb.link/mongodb-atlas-openapi-validation#xgen-IPA-117-request-response-bodies-must-be-well-defined' - severity: warn + severity: error given: - '#OperationObject.requestBody.content[*]' - '#OperationObject.responses[*].content[*]' diff --git a/tools/spectral/ipa/rulesets/README.md b/tools/spectral/ipa/rulesets/README.md index eb56fee93c..43ba12b55d 100644 --- a/tools/spectral/ipa/rulesets/README.md +++ b/tools/spectral/ipa/rulesets/README.md @@ -853,7 +853,7 @@ Rule checks for the following conditions: #### xgen-IPA-113-reset-method-must-use-POST - ![warn](https://img.shields.io/badge/warning-yellow) + ![error](https://img.shields.io/badge/error-red) The :reset custom method must use the POST HTTP method. ##### Implementation details @@ -865,7 +865,7 @@ Rule checks for the following conditions: #### xgen-IPA-113-reset-method-must-not-have-request-body - ![warn](https://img.shields.io/badge/warning-yellow) + ![error](https://img.shields.io/badge/error-red) The :reset custom method must not have a request body. ##### Implementation details @@ -876,7 +876,7 @@ Rule checks for the following conditions: #### xgen-IPA-113-reset-method-must-return-200-OK - ![warn](https://img.shields.io/badge/warning-yellow) + ![error](https://img.shields.io/badge/error-red) The :reset custom method must return a 200 OK response with the reset resource in the response body. ##### Implementation details @@ -888,7 +888,7 @@ Rule checks for the following conditions: #### xgen-IPA-113-reset-method-response-is-get-method-response - ![warn](https://img.shields.io/badge/warning-yellow) + ![error](https://img.shields.io/badge/error-red) The :reset custom method response must match the GET method response schema. ##### Implementation details @@ -901,7 +901,7 @@ Rule checks for the following conditions: #### xgen-IPA-113-reset-method-only-on-singleton-resources - ![warn](https://img.shields.io/badge/warning-yellow) + ![error](https://img.shields.io/badge/error-red) The :reset custom method must only be defined on singleton resources. ##### Implementation details @@ -913,7 +913,7 @@ Rule checks for the following conditions: #### xgen-IPA-113-reset-method-not-on-readonly-singleton - ![warn](https://img.shields.io/badge/warning-yellow) + ![error](https://img.shields.io/badge/error-red) Read-only singleton resources must not define a :reset custom method. ##### Implementation details @@ -925,7 +925,7 @@ Rule checks for the following conditions: #### xgen-IPA-113-reset-method-valid-operation-id - ![warn](https://img.shields.io/badge/warning-yellow) + ![error](https://img.shields.io/badge/error-red) The :reset custom method must have a valid operation ID. ##### Implementation details @@ -1114,6 +1114,21 @@ The rule applies to the following components: - `items` properties defined in `components/schemas` The rule is applied to the unresolved OAS, and ignores components with `$ref` properties. Specific paths can be ignored using the `ignoredPaths` option. +#### xgen-IPA-117-request-response-bodies-must-be-well-defined + + ![error](https://img.shields.io/badge/error-red) +Request and response bodies must be well-defined, i.e. include a schema to ensure that consumers understand the expected format of the request/response. + +##### Implementation details +The rule applies to the following components: + - Operation request bodies + - Operation responses, except for: + - 202 Accepted responses + - DELETE method 2xx responses + - Custom method 2xx POST responses + + These components must be described, i.e. has the `schema` property: + #### xgen-IPA-117-parameter-has-examples-or-schema ![error](https://img.shields.io/badge/error-red) @@ -1198,21 +1213,6 @@ This rule includes a configuration option: - `preferredWords`: List of words that the operation summary should use for single items, defaults to `['one']`. Only used for error messages - `forbiddenWords`: List of words (lowercase) that the operation summary should not use, defaults to `['a', 'specified']` -#### xgen-IPA-117-request-response-bodies-must-be-well-defined - - ![warn](https://img.shields.io/badge/warning-yellow) -Request and response bodies must be well-defined, i.e. include a schema to ensure that consumers understand the expected format of the request/response. - -##### Implementation details -The rule applies to the following components: - - Operation request bodies - - Operation responses, except for: - - 202 Accepted responses - - DELETE method 2xx responses - - Custom method 2xx POST responses - - These components must be described, i.e. has the `schema` property: - ### IPA-118