-
Notifications
You must be signed in to change notification settings - Fork 91
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(ibm-schema-keywords): add new validation rule
This commit introduces the new 'ibm-schema-keywords' validation rule which will verify that each schema and schema property are defined with only "allowed" keywords (fields), whwere the set of allowable keywords are defined in a configurable allow list. Signed-off-by: Phil Adams <[email protected]>
- Loading branch information
Showing
13 changed files
with
497 additions
and
28 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
/** | ||
* Copyright 2023 IBM Corporation. | ||
* SPDX-License-Identifier: Apache2.0 | ||
*/ | ||
|
||
const { validateSubschemas } = require('@ibm-cloud/openapi-ruleset-utilities'); | ||
const { LoggerFactory } = require('../utils'); | ||
|
||
let ruleId; | ||
let logger; | ||
|
||
module.exports = function (obj, options, context) { | ||
if (!logger) { | ||
ruleId = context.rule.name; | ||
logger = LoggerFactory.getInstance().getLogger(ruleId); | ||
} | ||
return validateSubschemas( | ||
obj, | ||
context.path, | ||
(schema, path) => allowedKeywords(schema, path, options), | ||
true, | ||
true | ||
); | ||
}; | ||
|
||
/** | ||
* This function will check to make sure that 'obj' is an object that contains only fields (keys) | ||
* that are contained in the configured allow-list or extensions ('x-*'). | ||
* @param {*} obj the object within the OpenAPI document to check for allowed keywords | ||
* @param {*} path the location of 'obj' within the OpenAPI document | ||
* @param {*} options this is the value of the 'functionOptions' field within this rule's definition. | ||
* This should be an object with the following fields: | ||
* - 'keywordAllowList': an array of strings which are the allowed keywords | ||
* | ||
* @returns an array containing zero or more error objects | ||
*/ | ||
function allowedKeywords(obj, path, options) { | ||
logger.debug( | ||
`${ruleId}: checking for allowed keywords in object located at: ${path.join( | ||
'.' | ||
)}` | ||
); | ||
|
||
// Find the fields of 'obj' that are not an extension or an allowed keyword. | ||
const disallowedKeywords = Object.keys(obj).filter( | ||
k => !(k.startsWith('x-') || options.keywordAllowList.includes(k)) | ||
); | ||
|
||
// Return an error for each disallowed keyword that we found. | ||
if (disallowedKeywords.length) { | ||
logger.debug( | ||
`${ruleId}: found these disallowed keywords: ${JSON.stringify( | ||
disallowedKeywords | ||
)}` | ||
); | ||
|
||
return disallowedKeywords.map(k => { | ||
return { | ||
message: `Found disallowed keyword: ${k}`, | ||
path: [...path, k], | ||
}; | ||
}); | ||
} | ||
|
||
logger.debug(`PASSED!`); | ||
return []; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
/** | ||
* Copyright 2023 IBM Corporation. | ||
* SPDX-License-Identifier: Apache2.0 | ||
*/ | ||
|
||
const { | ||
schemas, | ||
} = require('@ibm-cloud/openapi-ruleset-utilities/src/collections'); | ||
const { oas3_1 } = require('@stoplight/spectral-formats'); | ||
const { allowedKeywords } = require('../functions'); | ||
|
||
module.exports = { | ||
description: | ||
'Verifies that schema objects include only allowed-listed keywords', | ||
message: '{{error}}', | ||
severity: 'error', | ||
formats: [oas3_1], | ||
resolved: true, | ||
given: schemas, | ||
then: { | ||
function: allowedKeywords, | ||
functionOptions: { | ||
keywordAllowList: [ | ||
'$ref', | ||
'additionalProperties', | ||
'allOf', | ||
'anyOf', | ||
'default', | ||
'description', | ||
'discriminator', | ||
'enum', | ||
'example', | ||
'exclusiveMaximum', | ||
'exclusiveMinimum', | ||
'format', | ||
'items', | ||
'maximum', | ||
'maxItems', | ||
'maxLength', | ||
'maxProperties', | ||
'minimum', | ||
'minItems', | ||
'minLength', | ||
'minProperties', | ||
'multipleOf', | ||
'not', | ||
'oneOf', | ||
'pattern', | ||
'patternProperties', | ||
'properties', | ||
'readOnly', | ||
'required', | ||
'title', | ||
'type', | ||
'uniqueItems', | ||
'unevaluatedProperties', | ||
'writeOnly', | ||
], | ||
}, | ||
}, | ||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.