feat: Add rule to check pagination list operations conform to API Handbook (#118)

* feat: pagination support

* fix: Refactor & fix pagination support and tests

* Address PR review comments

* Add check for collection property in paginated list response

Author: Mike Kistler

README.md

@@ -179,8 +179,8 @@ The supported categories are described below:
 | schemas    | Rules pertaining to [Schema Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#schemaObject)       |
 | security_definitions | Rules pertaining to [Security Definition Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#securityDefinitionsObject) |
 | security   | Rules pertaining to [Security Objects](https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0.md#securityRequirementObject) |
-| walker     | Rules pertaining to the entire document.                                                                                                   |
-
+| walker     | Rules pertaining to the entire document.                                                                                              |
+| pagination | Rules pertaining to pagination   |
 #### Rules
 
 Each category contains a group of rules. The spec that each rule applies to is marked in the third column. For the actual configuration structure, see the [default values](#default-values).
@@ -199,7 +199,13 @@ The supported rules are described below:
 | no_array_responses           | Flag any operations with a top-level array response.                                | shared   |
 | parameter_order              | Flag any operations with optional parameters before a required param.               | shared   |
 | no_request_body_content      | [Flag any operations with a `requestBody` that does not have a `content` field.][3] | oas3     |
-| no_request_body_name         | Flag any operations with a non-form `requestBody` that does not have a name set with `x-codegen-request-body-name`. | oas3 |
+| no_request_body_name         | Flag any operations with a non-form `requestBody` that does not have a name set with `x-codegen-request-body-name`. | oas3|
+
+##### pagination
+| Rule                        | Description                                                              | Spec   |
+| --------------------------- | ------------------------------------------------------------------------ | ------ |
+| pagination_style            | Flag any parameter or response schema that does not follow pagination requirements. | oas3 |
+
 
 ##### parameters
 | Rule                        | Description                                                              | Spec   |
@@ -362,6 +368,11 @@ The default values for each rule are described below.
 | no_array_responses           | error   |
 | parameter_order              | warning |
 
+###### pagination
+| Rule                        | Default |
+| --------------------------- | --------|
+| pagination_style            | warning |
+
 ###### parameters
 | Rule                        | Default |
 | --------------------------- | --------|

src/.defaultsForValidator.js

@@ -28,6 +28,9 @@ const defaults = {
       'parameter_order': 'warning',
       'unused_tag': 'warning'
     },
+    'pagination': {
+      'pagination_style': 'warning'
+    },
     'parameters': {
       'no_parameter_description': 'error',
       'param_name_case_convention': ['error', 'lower_snake_case'],

src/plugins/validation/oas3/semantic-validators/pagination-ibm.js

@@ -0,0 +1,204 @@
+// This validator checks "list" type operations for correct pagaination style.
+//
+// An operation is considered to be a "list" operation if:
+// - its path does not end in a path parameter
+// - it is a "get"
+// - it contains an array at the top level of the response body object
+//
+// A "list" operation is considered to be a "paginated list" operation if:
+// - it has a `limit` query parameter
+//
+// The following checks are performed on "paginated list" operations:
+// - The `limit` query parameter be type integer, optional, and have default and maximum values.
+// - If the operation has an `offset` query parameter, it must be type integer and optional
+// - If the operation has a `start`, `cursor`, or `page_token` query parameter, it must be type string and optional
+// - The response body must contain a `limit` property that is type integer and required
+// - If the operation has an `offset` query parameter, the response body must contain an `offset` property this is type integer and required
+// - The response body must contain an array property with the same plural resource name appearing in the collection’s URL.
+
+module.exports.validate = function({ resolvedSpec }, config) {
+  const result = {};
+  result.error = [];
+  result.warning = [];
+  const checkStatus = config.pagination.pagination_style;
+
+  //when pagnation is turned off, skip all of the pagination checks
+  if (checkStatus == 'off') {
+    return { errors: [], warnings: [] };
+  }
+
+  // Loop through all paths looking for "list" operations.
+  for (const path in resolvedSpec.paths) {
+    // For now, just consider the get operation.
+    const operation = resolvedSpec.paths[path].get;
+
+    // Skip any path that ends in a path parameter or does not have a "get" operation
+    if (/}$/.test(path) || !operation) {
+      continue;
+    }
+
+    // Find first success response code
+    const resp = Object.keys(operation.responses || {}).find(code =>
+      code.startsWith('2')
+    );
+    // Now get the json content of that response
+    const content = resp && operation.responses[resp].content;
+    const jsonResponse = content && content['application/json'];
+
+    // Can't check response schema for array property, so skip this path
+    if (
+      !jsonResponse ||
+      !jsonResponse.schema ||
+      !jsonResponse.schema.properties
+    ) {
+      continue;
+    }
+
+    // If no array at top level of response, skip this path
+    if (
+      !Object.values(jsonResponse.schema.properties).some(
+        prop => prop.type === 'array'
+      )
+    ) {
+      continue;
+    }
+
+    // Check for "limit" query param -- if none, skip this path
+    const params = operation.parameters;
+    if (
+      !params ||
+      !params.some(param => param.name === 'limit' && param.in === 'query')
+    ) {
+      continue;
+    }
+
+    // Now we know we have a "paginated list" operation, so lets perform our checks
+
+    // - The `limit` query parameter be type integer, optional, and have default and maximum values.
+
+    const limitParamIndex = params.findIndex(
+      param => param.name === 'limit' && param.in === 'query'
+    );
+    const limitParam = params[limitParamIndex];
+    if (
+      !limitParam.schema ||
+      limitParam.schema.type !== 'integer' ||
+      !!limitParam.required ||
+      !limitParam.schema.default ||
+      !limitParam.schema.maximum
+    ) {
+      result[checkStatus].push({
+        path: ['paths', path, 'get', 'parameters', limitParamIndex],
+        message:
+          'The limit parameter must be of type integer and optional with default and maximum values.'
+      });
+    }
+
+    // - If the operation has an `offset` query parameter, it must be type integer and optional
+
+    const offsetParamIndex = params.findIndex(
+      param => param.name === 'offset' && param.in === 'query'
+    );
+    if (offsetParamIndex !== -1) {
+      const offsetParam = params[offsetParamIndex];
+      if (
+        !offsetParam.schema ||
+        offsetParam.schema.type !== 'integer' ||
+        !!offsetParam.required
+      ) {
+        result[checkStatus].push({
+          path: ['paths', path, 'get', 'parameters', offsetParamIndex],
+          message: 'The offset parameter must be of type integer and optional.'
+        });
+      }
+    }
+
+    // - if the operation has a `start`, `cursor`, or `page_token` query parameter, it must be type string and optional
+
+    const startParamNames = ['start', 'cursor', 'page_token'];
+    const startParamIndex = params.findIndex(
+      param =>
+        param.in === 'query' && startParamNames.indexOf(param.name) !== -1
+    );
+    if (startParamIndex !== -1) {
+      const startParam = params[startParamIndex];
+      if (
+        !startParam.schema ||
+        startParam.schema.type !== 'string' ||
+        !!startParam.required
+      ) {
+        result[checkStatus].push({
+          path: ['paths', path, 'get', 'parameters', startParamIndex],
+          message: `The ${
+            startParam.name
+          } parameter must be of type string and optional.`
+        });
+      }
+    }
+
+    // - The response body must contain a `limit` property that is type integer and required
+
+    const propertiesPath = [
+      'paths',
+      path,
+      'get',
+      'responses',
+      resp,
+      'content',
+      'application/json',
+      'schema',
+      'properties'
+    ];
+
+    const limitProp = jsonResponse.schema.properties.limit;
+    if (!limitProp) {
+      result[checkStatus].push({
+        path: propertiesPath,
+        message: `A paginated list operation must include a "limit" property in the response body schema.`
+      });
+    } else if (
+      limitProp.type !== 'integer' ||
+      !jsonResponse.schema.required ||
+      jsonResponse.schema.required.indexOf('limit') === -1
+    ) {
+      result[checkStatus].push({
+        path: [...propertiesPath, 'limit'],
+        message: `The "limit" property in the response body of a paginated list operation must be of type integer and required.`
+      });
+    }
+
+    // - If the operation has an `offset` query parameter, the response body must contain an `offset` property this is type integer and required
+
+    if (offsetParamIndex !== -1) {
+      const offsetProp = jsonResponse.schema.properties.offset;
+      if (!offsetProp) {
+        result[checkStatus].push({
+          path: propertiesPath,
+          message: `A paginated list operation with an "offset" parameter must include an "offset" property in the response body schema.`
+        });
+      } else if (
+        offsetProp.type !== 'integer' ||
+        !jsonResponse.schema.required ||
+        jsonResponse.schema.required.indexOf('offset') === -1
+      ) {
+        result[checkStatus].push({
+          path: [...propertiesPath, 'offset'],
+          message: `The "offset" property in the response body of a paginated list operation must be of type integer and required.`
+        });
+      }
+    }
+
+    // - The response body must contain an array property with the same plural resource name appearing in the collection’s URL.
+
+    const pluralResourceName = path.split('/').pop();
+    const resourcesProp = jsonResponse.schema.properties[pluralResourceName];
+    if (!resourcesProp || resourcesProp.type !== 'array') {
+      result[checkStatus].push({
+        path: propertiesPath,
+        message: `A paginated list operation must include an array property whose name matches the final segment of the path.`
+      });
+    }
+  }
+
+  return { errors: result.error, warnings: result.warning };
+};

test/cli-validator/mockFiles/oas3/clean.yml

@@ -21,6 +21,15 @@ paths:
           schema:
             type: integer
             format: int32
+            default: 10
+            maximum: 100
+        - name: offset
+          in: query
+          description: Offset of first element to return in results.
+          required: false
+          schema:
+            type: integer
+            format: int32
       responses:
         '200':
           description: An paged array of pets
@@ -102,13 +111,31 @@ components:
       description:
         A list of pets
       required:
-        - list
+        - pets
+        - next_url
+        - limit
+        - offset
       properties:
-        list:
+        pets:
           type: array
           description: "object containing a list of pets"
           items:
             $ref: "#/components/schemas/Pet"
+        next_url:
+          type: string
+          description: this is the url to next page
+        limit:
+          type: integer
+          format: int32
+          description: limit
+        offset:
+          type: integer
+          format: int32
+          description: offset
+        next_token:
+          type: string
+          description: next token
+
     Error:
       description:
         An error in processing a service request