Utrecht University · API Governance Rules

Utrecht University API Rules

Spectral linting rules defining API design standards and conventions for Utrecht University.

8 Rules error 1 warn 6 info 1
View Rules File View on GitHub

Rule Categories

yoda

Rules

warn
yoda-info-contact
Yoda API spec should declare a contact email.
$.info
error
yoda-server-defined
At least one server URL must be declared.
$.servers
warn
yoda-operations-are-post
Yoda API operations are exposed exclusively as HTTP POST.
$.paths[*]
warn
yoda-operation-has-summary
Every Yoda operation should carry a summary.
$.paths[*].post
warn
yoda-operation-tagged
Every Yoda operation should be tagged to its functional area (folder, vault, group, datarequest, etc.).
$.paths[*].post
info
yoda-result-envelope
Successful responses should use the standard status/status_info/data envelope.
$.paths[*].post.responses.200.content.application/json.schema.properties
warn
yoda-error-responses
Operations should document 400 and 500 error responses.
$.paths[*].post.responses
warn
yoda-security-required
Yoda API requires cookie or basic authentication.
$

Spectral Ruleset

Raw ↑ 
extends: []
formats:
  - oas3
documentationUrl: https://utrechtuniversity.github.io/yoda/design/api/
rules:
  yoda-info-contact:
    description: Yoda API spec should declare a contact email.
    severity: warn
    given: $.info
    then:
      field: contact
      function: truthy

  yoda-server-defined:
    description: At least one server URL must be declared.
    severity: error
    given: $.servers
    then:
      function: length
      functionOptions:
        min: 1

  yoda-operations-are-post:
    description: Yoda API operations are exposed exclusively as HTTP POST.
    severity: warn
    given: $.paths[*]
    then:
      field: post
      function: truthy

  yoda-operation-has-summary:
    description: Every Yoda operation should carry a summary.
    severity: warn
    given: $.paths[*].post
    then:
      field: summary
      function: truthy

  yoda-operation-tagged:
    description: Every Yoda operation should be tagged to its functional area (folder, vault, group, datarequest, etc.).
    severity: warn
    given: $.paths[*].post
    then:
      field: tags
      function: truthy

  yoda-result-envelope:
    description: Successful responses should use the standard status/status_info/data envelope.
    severity: info
    given: $.paths[*].post.responses.200.content.application/json.schema.properties
    then:
      - field: status
        function: truthy
      - field: status_info
        function: truthy
      - field: data
        function: truthy

  yoda-error-responses:
    description: Operations should document 400 and 500 error responses.
    severity: warn
    given: $.paths[*].post.responses
    then:
      - field: '400'
        function: truthy
      - field: '500'
        function: truthy

  yoda-security-required:
    description: Yoda API requires cookie or basic authentication.
    severity: warn
    given: $
    then:
      field: security
      function: truthy