Comments (2)
You have linked to the "old" Microsoft API Guidelines, but Azure has published updated API Guidelines here and this style guide and ruleset are a companion to these updated guidelines.
As for your specific concern:
my understanding is that all these properties must be marked as "readOnly", since they are only ever used in responses
OpenAPI v2 describes readOnly
this way:
Relevant only for Schema
"properties"
definitions. Declares the property as "read only". This means that it MAY be sent as part of a response but MUST NOT be sent as part of the request. Properties marked asreadOnly
beingtrue
SHOULD NOT be in therequired
list of the defined schema. Default value isfalse
.
So by the specification you are correct that a required
property should not be marked readOnly
.
But the specification does not require that a schema that is only used for responses mark all its properties as readOnly
. And while it seems harmless to do so, it prevents the use of required
in response schemas, which is a useful tool in documenting which properties will always be present in a response. So I think that marking properties of a schema that is only used in a response as readOnly
is an anti-pattern and should be discouraged.
In fact, the OpenAPI committee recognized the problems with the definition of readOnly
in OpenAPI v2 and changed in in OpenAPI v3 to say:
If the property is marked as
readOnly
beingtrue
and is in therequired
list, therequired
will take effect on the response only.
So in OpenAPI v3, there is no conflict between readOnly
and required
.
from azure-api-style-guide.
I think this issue is addressed but please reopen if there is something specific you believe is still needed.
from azure-api-style-guide.
Related Issues (20)
- Fix readOnly rule to handle OpenAPI 2 polymorphism pattern.
- Add a rule to check that the schemas for all 2XX responses are the same
- Fix test setup to handle @object() in given statements of yaml ruleset
- Add example for overriding rules... HOT 2
- Update Style Guide to cover securityDefintions HOT 4
- az-pagination-response must check allOf when looking for response schema properties
- Some rules not working correctly in VS Code extension HOT 1
- Add rule to flag 202 with other 2XX response codes on an operation
- Flag parameters or properties with "Date" and or "Time" in the name and no format
- Flag path parameters that are not "type: string"
- Add rule to check repeatability headers
- Add a rule to check for valid / recommended media types
- Add rule to check `format` is allowed for `type`
- Look for header keys, e.g. correlationId in the body... HOT 1
- Revisit typing guidance for parameters borrowed from OData HOT 3
- Add rule to flag '/:' in path
- Add rule to flag "application/json" response with `type: string`.
- Verify version dates aren't in the future
- Some rules have broken for oas3 format
- When to use minLength, maxLength, etc.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-api-style-guide.