rules:
  rely-operation-ids-camel-case:
    description: Operation IDs must use camelCase
    message: "Operation ID '{{value}}' must use camelCase"
    severity: error
    given: "$.paths[*][*].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  rely-summary-title-case:
    description: Operation summaries must use Title Case
    message: "Summary '{{value}}' must use Title Case"
    severity: warn
    given: "$.paths[*][*].summary"
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][a-zA-Z0-9 -]*$"

  rely-tags-required:
    description: Every operation must have at least one tag
    message: Operation must include at least one tag
    severity: error
    given: "$.paths[*][*]"
    then:
      field: tags
      function: truthy

  rely-bearer-auth:
    description: API must define Bearer authentication
    message: API must use Bearer token authentication
    severity: error
    given: "$.components.securitySchemes"
    then:
      field: bearerAuth
      function: truthy

  rely-api-path-prefix:
    description: All paths must begin with /api/v1/
    message: "Path '{{property}}' must start with /api/v1/"
    severity: error
    given: "$.paths"
    then:
      function: pattern
      functionOptions:
        match: "^/api/v1/"

  rely-crud-response-schemas:
    description: Successful GET responses must have a schema
    message: GET 200 responses must define a content schema
    severity: warn
    given: "$.paths[*].get.responses[200].content.application/json"
    then:
      field: schema
      function: truthy

  rely-delete-204:
    description: DELETE operations should return 204
    message: DELETE operations should return a 204 No Content response
    severity: warn
    given: "$.paths[*].delete.responses"
    then:
      field: "204"
      function: truthy

  rely-post-request-body:
    description: POST operations must have a requestBody
    message: POST operations must define a requestBody
    severity: error
    given: "$.paths[*].post"
    then:
      field: requestBody
      function: truthy

  rely-path-ids-in-path:
    description: Resource ID path parameters should use {id} naming pattern
    message: Path ID parameters should follow consistent naming (blueprintId, entityId, etc.)
    severity: warn
    given: "$.paths[*][*].parameters[?(@.in == 'path')]"
    then:
      field: name
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z]*Id$"

  rely-401-on-all-operations:
    description: All protected operations must define a 401 response
    message: Operation must define a 401 Unauthorized response
    severity: error
    given: "$.paths[*][*].responses"
    then:
      field: "401"
      function: truthy