New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(rulesets): required readOnly and writeOnly properties should not … #2573
fix(rulesets): required readOnly and writeOnly properties should not … #2573
Conversation
8ddecd1
to
7fd98c3
Compare
… properties Required readOnly and writeOnly properties should not be considered required for respectively request and response bodies.
7fd98c3
to
2352e39
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the PR!
I left one remark. LMK if you have questions.
parent, | ||
propertyName, | ||
) => { | ||
if ((fragment.readOnly === true && readOnlyProperties) || (fragment.writeOnly === true && writeOnlyProperties)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
could we also change the schema to false
or not: true
?
That's to ensure we catch if the property is defined.
To illustrate it with example:
{
"type": "object",
"properties": {
"foo": {
"type": "string",
"readOnly": true
}
},
"required": [
"foo"
]
}
The above schema would be transformed to
{
"type": "object",
"properties": {
"foo": false
}
}
This way we wouldn't let property "foo"
be defined.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @P0lip, do you request to make readOnly / writeOnly properties forbidden on request / response? Not sure that this is the exact definition of the read and writeOnly flags.
The 3.0 OAS spec says "SHOULD NOT".
For OAS 3.1 / json schema, the readOnly / writeOnly definition is more open.
If
readOnly
has a value of boolean true, it indicates that the value of the
instance is managed exclusively by the owning authority, and attempts by an
application to modify the value of this property are expected to be ignored or
rejected by that owning authority.
Your proposal could be optional and enabled with a flag like 'strict-read-write-only' ?
dc90b7a
to
c22f408
Compare
…be considered required for respectively request and response bodies
Fixes #1274.
Checklist
Does this PR introduce a breaking change?