rules:
  tsys-operation-id-camel-case:
    description: Operation IDs must use camelCase
    severity: warn
    given: "$.paths[*][*].operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]*$"

  tsys-operation-summary-title-case:
    description: Operation summaries must use Title Case
    severity: warn
    given: "$.paths[*][*].summary"
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z][a-zA-Z0-9 ]*$"

  tsys-paths-kebab-case:
    description: API paths must use kebab-case
    severity: warn
    given: "$.paths[*]~"
    then:
      function: pattern
      functionOptions:
        match: "^(/[a-z0-9-]+|/\\{[a-zA-Z0-9]+\\})*$"

  tsys-must-have-tags:
    description: All operations must have at least one tag
    severity: error
    given: "$.paths[*][get,post,put,patch,delete]"
    then:
      field: tags
      function: truthy

  tsys-must-have-200-or-201:
    description: All operations must define a success response
    severity: error
    given: "$.paths[*][get,post,put,patch,delete].responses"
    then:
      function: schema
      functionOptions:
        schema:
          anyOf:
            - required: ["200"]
            - required: ["201"]

  tsys-payment-security:
    description: Payment endpoints must use security schemes
    severity: error
    given: "$.paths[/transactions/authorize,/transactions/sale][post]"
    then:
      field: security
      function: truthy

  tsys-financial-amount-format:
    description: Financial amount fields must use float format
    severity: warn
    given: "$.components.schemas[*].properties.amount"
    then:
      function: schema
      functionOptions:
        schema:
          properties:
            format:
              enum: ["float", "double"]

  tsys-pci-card-data:
    description: Card number fields must be described as tokenized or masked
    severity: error
    given: "$.components.schemas[*].properties.cardNumber"
    then:
      field: description
      function: truthy

  tsys-pagination-required:
    description: List operations should support pagination
    severity: warn
    given: "$.paths[*][get][?(@.operationId =~ /^list/)]"
    then:
      field: parameters
      function: truthy

  tsys-error-response-required:
    description: All operations must define error responses
    severity: warn
    given: "$.paths[*][post,put,delete].responses"
    then:
      function: schema
      functionOptions:
        schema:
          anyOf:
            - required: ["400"]
            - required: ["401"]
            - required: ["404"]