extends:
  - spectral:oas
rules:
  particle-health-https-only:
    description: All Particle Health API servers must use HTTPS.
    severity: error
    given: $.servers[*].url
    then:
      function: pattern
      functionOptions:
        match: '^https://'
  particle-health-bearer-jwt:
    description: Particle Health uses OAuth 2 client-credentials with JWT bearer tokens.
    severity: error
    given: $.components.securitySchemes
    then:
      field: bearerAuth
      function: truthy
  particle-health-operation-id:
    description: Every operation must declare an operationId.
    severity: error
    given: $.paths[*][get,post,put,delete,patch]
    then:
      field: operationId
      function: truthy
  particle-health-operation-summary:
    description: Operations must include a Title Case summary.
    severity: warn
    given: $.paths[*][get,post,put,delete,patch]
    then:
      field: summary
      function: truthy
  particle-health-resource-tagging:
    description: Each operation must declare at least one resource tag.
    severity: warn
    given: $.paths[*][get,post,put,delete,patch]
    then:
      field: tags
      function: truthy
  particle-health-particle-patient-id:
    description: Path parameters referencing the Particle Patient ID should use the
      `particle_patient_id` parameter name.
    severity: info
    given: $.paths[*][get,post,put,delete,patch].parameters[?(@.in == 'path')]
    then:
      function: pattern
      functionOptions:
        match: '^(particle_patient_id|patient_id|id|resource_type|resource_id|state|zip|project_id|batch_id|batch_type|query_id|file_id)$'
        field: name
  particle-health-purpose-of-use-on-queries:
    description: Query creation operations should reference Purpose of Use semantics in their
      description.
    severity: info
    given: $.paths[*][post]
    then:
      field: description
      function: truthy