Queen's University Belfast · API Governance Rules

Queen's University Belfast API Rules

Spectral linting rules defining API design standards and conventions for Queen's University Belfast.

7 Rules error 1 warn 4 info 2
View Rules File View on GitHub

Rule Categories

qub

Rules

warn
qub-pure-info-contact
Pure API info object should retain a support contact.
$.info
error
qub-pure-server-https
Servers should use HTTPS against the Queen's University Belfast Pure host.
$.servers[*].url
warn
qub-pure-operation-id
Every operation should carry an operationId (Pure uses snake_case like activity_list).
$.paths[*][get,post,put,delete]
warn
qub-pure-operation-tag
Operations should be tagged with their Pure content family (e.g. researchOutput, person, dataSet).
$.paths[*][get,post,put,delete]
info
qub-pure-list-pagination-params
List (GET collection) operations should expose size and offset paging parameters.
$.paths[?(@property.match(/s$/))].get.parameters
warn
qub-pure-security-api-key
The Pure API is secured with an api-key security scheme.
$.components.securitySchemes
info
qub-pure-uuid-identity
Core objects should expose a uuid as their primary identity.
$.components.schemas[ResearchOutput,Person,DataSet].properties

Spectral Ruleset

Raw ↑ 
rules:
  qub-pure-info-contact:
    description: Pure API info object should retain a support contact.
    given: $.info
    severity: warn
    then:
      field: contact
      function: truthy

  qub-pure-server-https:
    description: Servers should use HTTPS against the Queen's University Belfast Pure host.
    given: $.servers[*].url
    severity: error
    then:
      function: pattern
      functionOptions:
        match: "^https://"

  qub-pure-operation-id:
    description: Every operation should carry an operationId (Pure uses snake_case like activity_list).
    given: $.paths[*][get,post,put,delete]
    severity: warn
    then:
      field: operationId
      function: truthy

  qub-pure-operation-tag:
    description: Operations should be tagged with their Pure content family (e.g. researchOutput, person, dataSet).
    given: $.paths[*][get,post,put,delete]
    severity: warn
    then:
      field: tags
      function: truthy

  qub-pure-list-pagination-params:
    description: List (GET collection) operations should expose size and offset paging parameters.
    given: "$.paths[?(@property.match(/s$/))].get.parameters"
    severity: info
    then:
      function: schema
      functionOptions:
        schema:
          type: array
          contains:
            type: object
            properties:
              name:
                enum: [size, offset]

  qub-pure-security-api-key:
    description: The Pure API is secured with an api-key security scheme.
    given: $.components.securitySchemes
    severity: warn
    then:
      field: api-key
      function: truthy

  qub-pure-uuid-identity:
    description: Core objects should expose a uuid as their primary identity.
    given: "$.components.schemas[ResearchOutput,Person,DataSet].properties"
    severity: info
    then:
      field: uuid
      function: truthy
formats:
  - oas3