Rightsline · API Governance Rules

Rightsline API Rules

Spectral linting rules defining API design standards and conventions for Rightsline.

11 Rules error 4 warn 6 info 1
View Rules File View on GitHub

Rule Categories

rightsline

Rules

warn
rightsline-operation-summary-title-case
All operation summaries must use Title Case
$.paths[*][get,post,put,patch,delete].summary
warn
rightsline-operation-id-camel-case
Operation IDs should be camelCase
$.paths[*][get,post,put,patch,delete].operationId
warn
rightsline-tags-title-case
Tags must use Title Case
$.paths[*][get,post,put,patch,delete].tags[*]
error
rightsline-must-have-authentication
All operations must require authentication
$.paths[*][get,post,put,patch,delete]
error
rightsline-get-must-have-200
GET operations must return a 200 response
$.paths[*].get
warn
rightsline-post-must-have-201
POST create operations should return 201 Created
$.paths[*].post
warn
rightsline-delete-must-have-204
DELETE operations should return 204 No Content
$.paths[*].delete
info
rightsline-bulk-operations-max-100
Bulk operation descriptions must note the 100 record limit
$.paths[*].post.description
error
rightsline-path-params-required
Path parameters must be required
$.paths[*][get,post,put,patch,delete].parameters[?(@.in == 'path')]
warn
rightsline-pagination-limit-parameter
List endpoints should support limit parameter
$.paths[*].get.parameters[?(@.name == 'limit')]
error
rightsline-servers-must-be-https
All servers must use HTTPS
$.servers[*].url

Spectral Ruleset

rightsline-rules.yml Raw ↑ 
rules:
  rightsline-operation-summary-title-case:
    description: All operation summaries must use Title Case
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete].summary"
    then:
      function: pattern
      functionOptions:
        match: "^([A-Z][a-zA-Z]* )*[A-Z][a-zA-Z]*$"

  rightsline-operation-id-camel-case:
    description: Operation IDs should be camelCase
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  rightsline-tags-title-case:
    description: Tags must use Title Case
    severity: warn
    given: "$.paths[*][get,post,put,patch,delete].tags[*]"
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][a-zA-Z0-9 ]*$"

  rightsline-must-have-authentication:
    description: All operations must require authentication
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: security
      function: defined

  rightsline-get-must-have-200:
    description: GET operations must return a 200 response
    severity: error
    given: "$.paths[*].get"
    then:
      field: responses.200
      function: defined

  rightsline-post-must-have-201:
    description: POST create operations should return 201 Created
    severity: warn
    given: "$.paths[*].post"
    then:
      field: responses.201
      function: defined

  rightsline-delete-must-have-204:
    description: DELETE operations should return 204 No Content
    severity: warn
    given: "$.paths[*].delete"
    then:
      field: responses.204
      function: defined

  rightsline-bulk-operations-max-100:
    description: Bulk operation descriptions must note the 100 record limit
    severity: info
    given: "$.paths[*].post.description"
    then:
      function: pattern
      functionOptions:
        match: "100"

  rightsline-path-params-required:
    description: Path parameters must be required
    severity: error
    given: "$.paths[*][get,post,put,patch,delete].parameters[?(@.in == 'path')]"
    then:
      field: required
      function: truthy

  rightsline-pagination-limit-parameter:
    description: List endpoints should support limit parameter
    severity: warn
    given: "$.paths[*].get.parameters[?(@.name == 'limit')]"
    then:
      field: schema.maximum
      function: defined

  rightsline-servers-must-be-https:
    description: All servers must use HTTPS
    severity: error
    given: "$.servers[*].url"
    then:
      function: pattern
      functionOptions:
        match: "^https://"