prohibit the use of initial_schema_uri as an override in evaluate()

The indexed resource would be permanently altered in both the document and the
main resource index; the correct thing to do to adjust the root identifier for
a schema would be to pass a canonical_uri to either the Document constructor
or to add_document().

Author: karenetheridge

lib/JSON/Schema/Modern.pm

@@ -279,7 +279,8 @@ sub traverse ($self, $schema_reference, $config_override = {}) {
   croak join(', ', sort keys %overrides), ' not supported as a config override in traverse'
     if keys %overrides;
 
-  # Note: the starting position is not guaranteed to be at the root of the $document.
+  # Note: the starting position is not guaranteed to be at the root of the $document,
+  # nor is the fragment portion of this uri necessarily empty
   my $initial_uri = Mojo::URL->new($config_override->{initial_schema_uri} // '');
   my $initial_path = $config_override->{traversed_schema_path} // '';
   my $spec_version = $config_override->{specification_version} // $self->specification_version // SPECIFICATION_VERSION_DEFAULT;
@@ -363,7 +364,7 @@ sub evaluate ($self, $data, $schema_reference, $config_override = {}) {
 
   # note this is not quite the same list as what we use when defining $state below
   my %overrides = %$config_override;
-  delete @overrides{qw(validate_formats validate_content_schemas short_circuit collect_annotations scalarref_booleans stringy_numbers strict callbacks initial_schema_uri effective_base_uri data_path traversed_schema_path _strict_schema_data)};
+  delete @overrides{qw(validate_formats validate_content_schemas short_circuit collect_annotations scalarref_booleans stringy_numbers strict callbacks effective_base_uri data_path traversed_schema_path _strict_schema_data)};
   croak join(', ', sort keys %overrides), ' not supported as a config override in evaluate'
     if keys %overrides;
 
@@ -373,7 +374,6 @@ sub evaluate ($self, $data, $schema_reference, $config_override = {}) {
 
     if (not is_ref($schema_reference) or $schema_reference->$_isa('Mojo::URL')) {
       $schema_info = $self->_fetch_from_uri($schema_reference);
-      $state->{initial_schema_uri} = Mojo::URL->new($config_override->{initial_schema_uri} // '');
     }
     else {
       # traverse is called via add_schema -> ::Document->new -> ::Document->BUILD
@@ -1465,7 +1465,6 @@ applications that contain embedded JSON Schemas):
 =for :list
 * C<data_path>: adjusts the effective path of the data instance as of the start of evaluation
 * C<traversed_schema_path>: adjusts the accumulated path as of the start of evaluation (or last C<$id> or C<$ref>)
-* C<initial_schema_uri>: adjusts the recorded absolute keyword location as of the start of evaluation
 * C<effective_base_uri>: locations in errors and annotations are resolved against this URI
 
 You can pass a series of callback subs to this method corresponding to keywords, which is useful for
@@ -1509,7 +1508,7 @@ applications that contain embedded JSON Schemas):
 
 =for :list
 * C<traversed_schema_path>: adjusts the accumulated path as of the start of evaluation (or last C<$id> or C<$ref>)
-* C<initial_schema_uri>: adjusts the recorded absolute keyword location as of the start of evaluation
+* C<initial_schema_uri>: adjusts the absolute keyword location as of the start of evaluation
 * C<metaschema_uri>: use the indicated URI as the metaschema
 
 You can pass a series of callback subs to this method corresponding to keywords, which is useful for

t/errors.t

@@ -1312,85 +1312,6 @@ subtest dependentRequired => sub {
   );
 };
 
-subtest 'evaluate in the middle of a document' => sub {
-  $js->add_schema({
-    '$id' => 'https://myschema',
-    properties => {
-      foo => {
-        '$id' => 'https://my-inner-schema',
-        allOf => [
-          {                       # <-- evaluation starts here
-            type => 'object',
-            properties => {
-              bar => {
-                type => 'string',
-              },
-            },
-          },
-        ],
-      },
-    },
-  });
-
-  cmp_result(
-    $js->evaluate(
-      {
-        bar => ['not a string'],
-      },
-      'https://myschema#/properties/foo/allOf/1',
-      {
-        data_path => '/request/body',
-        traversed_schema_path => '/some/other/thing/$ref/foo/$ref',
-        initial_schema_uri => 'https://somewhere/else#/foo',
-      },
-    )->TO_JSON,
-    {
-      valid => false,
-      errors => [
-        {
-          instanceLocation => '/request/body',
-          keywordLocation => '/some/other/thing/$ref/foo/$ref',
-          absoluteKeywordLocation => 'https://somewhere/else#/foo',
-          error => 'EXCEPTION: unable to find resource "https://myschema#/properties/foo/allOf/1"',
-        },
-      ],
-    },
-    'provided evaluation uri does not exist',
-  );
-
-  cmp_result(
-    $js->evaluate(
-      {
-        bar => ['not a string'],
-      },
-      'https://myschema#/properties/foo/allOf/0', # <-- not the canonical URI!
-      {
-        data_path => '/request/body',
-        traversed_schema_path => '/some/other/thing/$ref/foo/$ref',
-        initial_schema_uri => 'https://somewhere/else#/foo',
-      },
-    )->TO_JSON,
-    {
-      valid => false,
-      errors => [
-        {
-          instanceLocation => '/request/body/bar',
-          keywordLocation => '/some/other/thing/$ref/foo/$ref/properties/bar/type',
-          absoluteKeywordLocation => 'https://my-inner-schema#/allOf/0/properties/bar/type',
-          error => 'got array, not string',
-        },
-        {
-          instanceLocation => '/request/body',
-          keywordLocation => '/some/other/thing/$ref/foo/$ref/properties',
-          absoluteKeywordLocation => 'https://my-inner-schema#/allOf/0/properties',
-          error => 'not all properties are valid',
-        },
-      ],
-    },
-    'error has correct locations from override hash',
-  );
-};
-
 subtest 'numbers in output' => sub {
   cmp_result(
     $js->evaluate(
@@ -1437,7 +1358,7 @@ subtest 'numbers in output' => sub {
   );
 };
 
-subtest 'effective_base_uri' => sub {
+subtest 'effective_base_uri and overriding starting locations' => sub {
   cmp_result(
     $js->evaluate(
       5,
@@ -1470,6 +1391,50 @@ subtest 'effective_base_uri' => sub {
     },
     'error locations are relative to the effective_base_uri, but $ref usage is not restricted',
   );
+
+  # evaluating this document from its root would do nothing, as it is only definitions
+  $js->add_schema('/api', {
+    '$defs' => {
+      alpha => {
+        items => {
+          '$ref' => '#/$defs/beta',
+        },
+      },
+      beta => {
+        not => true,
+      },
+    },
+  });
+
+  cmp_result(
+    $js->evaluate(
+      [ 5 ],
+      '/api#/$defs/alpha',
+      {
+        data_path => '/html/body/div/div/h1/div/p',     # reported data location
+        traversed_schema_path => '/some/other/document/$ref',   # reported keywords passed through before we start
+        effective_base_uri => 'https://example.com',    # base uri to use for document locations
+      },
+    )->TO_JSON,
+    {
+      valid => false,
+      errors => [
+        {
+          instanceLocation => '/html/body/div/div/h1/div/p/0',
+          keywordLocation => '/some/other/document/$ref/items/$ref/not',
+          absoluteKeywordLocation => 'https://example.com/api#/$defs/beta/not',
+          error => 'subschema is valid',
+        },
+        {
+          instanceLocation => '/html/body/div/div/h1/div/p',
+          keywordLocation => '/some/other/document/$ref/items',
+          absoluteKeywordLocation => 'https://example.com/api#/$defs/alpha/items',
+          error => 'subschema is not valid against all items',
+        },
+      ],
+    },
+    'can alter locations with data_path, traversed_schema_path, effective_base_uri',
+  );
 };
 
 subtest 'recommended_response' => sub {