diff --git a/tools/spectral/ipa/__tests__/createMethodShouldNotHaveQueryParameters.test.js b/tools/spectral/ipa/__tests__/createMethodShouldNotHaveQueryParameters.test.js new file mode 100644 index 0000000000..2976a6534d --- /dev/null +++ b/tools/spectral/ipa/__tests__/createMethodShouldNotHaveQueryParameters.test.js @@ -0,0 +1,146 @@ +import testRule from './__helpers__/testRule'; +import { DiagnosticSeverity } from '@stoplight/types'; + +const componentSchemas = { + schemas: { + Schema: { + type: 'object', + }, + }, + parameters: { + QueryParam: { + name: 'query-param', + in: 'query', + schema: { + type: 'string', + }, + }, + PathParam: { + name: 'resource-id', + in: 'path', + schema: { + type: 'string', + }, + }, + }, +}; + +testRule('xgen-IPA-106-create-method-should-not-have-query-parameters', [ + { + name: 'valid methods', + document: { + components: componentSchemas, + paths: { + '/resource': { + post: { + parameters: [ + { + name: 'header-param', + in: 'header', + schema: { type: 'string' }, + }, + { + name: 'resource-id', + in: 'path', + schema: { + $ref: '#/components/schemas/Schema', + }, + }, + { + $ref: '#/components/parameters/PathParam', + }, + ], + }, + }, + '/resource2': { + post: { + parameters: [], + }, + }, + }, + }, + errors: [], + }, + { + name: 'invalid methods', + document: { + components: componentSchemas, + paths: { + '/resource': { + post: { + parameters: [ + { + name: 'filter', + in: 'query', + schema: { type: 'string' }, + }, + ], + }, + }, + '/resource2': { + post: { + parameters: [ + { + name: 'header-param', + in: 'header', + schema: { type: 'string' }, + }, + { + $ref: '#/components/parameters/QueryParam', + }, + ], + }, + }, + }, + }, + errors: [ + { + code: 'xgen-IPA-106-create-method-should-not-have-query-parameters', + message: 'Create operations should not have query parameters. http://go/ipa/106', + path: ['paths', '/resource', 'post'], + severity: DiagnosticSeverity.Warning, + }, + { + code: 'xgen-IPA-106-create-method-should-not-have-query-parameters', + message: 'Create operations should not have query parameters. http://go/ipa/106', + path: ['paths', '/resource2', 'post'], + severity: DiagnosticSeverity.Warning, + }, + ], + }, + { + name: 'invalid methods with exceptions', + document: { + components: componentSchemas, + paths: { + '/resource': { + post: { + parameters: [ + { + name: 'filter', + in: 'query', + schema: { type: 'string' }, + }, + ], + 'x-xgen-IPA-exception': { + 'xgen-IPA-106-create-method-should-not-have-query-parameters': 'Reason', + }, + }, + }, + '/resource2': { + post: { + parameters: [ + { + $ref: '#/components/parameters/QueryParam', + }, + ], + 'x-xgen-IPA-exception': { + 'xgen-IPA-106-create-method-should-not-have-query-parameters': 'Reason', + }, + }, + }, + }, + }, + errors: [], + }, +]); diff --git a/tools/spectral/ipa/rulesets/IPA-106.yaml b/tools/spectral/ipa/rulesets/IPA-106.yaml index b8e695bc50..e9f17fdb5c 100644 --- a/tools/spectral/ipa/rulesets/IPA-106.yaml +++ b/tools/spectral/ipa/rulesets/IPA-106.yaml @@ -3,6 +3,7 @@ functions: - createMethodRequestBodyIsRequestSuffixedObject + - createMethodShouldNotHaveQueryParameters rules: xgen-IPA-106-create-method-request-body-is-request-suffixed-object: @@ -13,3 +14,10 @@ rules: then: field: '@key' function: 'createMethodRequestBodyIsRequestSuffixedObject' + xgen-IPA-106-create-method-should-not-have-query-parameters: + description: 'Create operations should not use query parameters. http://go/ipa/xxx' + message: '{{error}} http://go/ipa/106' + severity: warn + given: '$.paths[*].post' + then: + function: 'createMethodShouldNotHaveQueryParameters' diff --git a/tools/spectral/ipa/rulesets/README.md b/tools/spectral/ipa/rulesets/README.md index 43f9ae370a..cb502205ee 100644 --- a/tools/spectral/ipa/rulesets/README.md +++ b/tools/spectral/ipa/rulesets/README.md @@ -41,6 +41,7 @@ For rule definitions, see [IPA-106.yaml](https://github.com/mongodb/openapi/blob | Rule Name | Description | Severity | | ------------------------------------------------------------------ | -------------------------------------------------------------------------------- | -------- | | xgen-IPA-106-create-method-request-body-is-request-suffixed-object | The Create method request should be a Request suffixed object. http://go/ipa/106 | warn | +| xgen-IPA-106-create-method-should-not-have-query-parameters | Create operations should not use query parameters. http://go/ipa/xxx | warn | ### IPA-109 diff --git a/tools/spectral/ipa/rulesets/functions/createMethodShouldNotHaveQueryParameters.js b/tools/spectral/ipa/rulesets/functions/createMethodShouldNotHaveQueryParameters.js new file mode 100644 index 0000000000..5b45886df4 --- /dev/null +++ b/tools/spectral/ipa/rulesets/functions/createMethodShouldNotHaveQueryParameters.js @@ -0,0 +1,32 @@ +import { hasException } from './utils/exceptions.js'; +import { collectAdoption, collectAndReturnViolation, collectException } from './utils/collectionUtils.js'; +import { isCustomMethodIdentifier } from './utils/resourceEvaluation.js'; + +const RULE_NAME = 'xgen-IPA-106-create-method-should-not-have-query-parameters'; +const ERROR_MESSAGE = 'Create operations should not have query parameters.'; + +export default (input, _, { path }) => { + const resourcePath = path[1]; + + if (isCustomMethodIdentifier(resourcePath)) { + return; + } + + const postMethod = input; + if (!postMethod.parameters || postMethod.parameters.length === 0) { + return; + } + + if (hasException(postMethod, RULE_NAME)) { + collectException(postMethod, RULE_NAME, path); + return; + } + + for (const parameter of postMethod.parameters) { + if (parameter.in === 'query') { + return collectAndReturnViolation(path, RULE_NAME, ERROR_MESSAGE); + } + } + + collectAdoption(path, RULE_NAME); +};