Merge branch 'master' into feature/is/restrictions-descriptions

Author: irvinesunday

.github/ISSUE_TEMPLATE/workflows/azure-pipelines_release.yml

@@ -0,0 +1,259 @@
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License.
+name: $(TeamProject)_$(BuildDefinitionName)_$(SourceBranchName)_$(Date:yyyyMMdd)$(Rev:.r)
+
+# Trigger is on github tags
+trigger:
+  tags:
+    include:
+      - '*'
+
+# No Pull request (PR) triggers for release
+pr: none
+
+pool:
+  vmImage: 'windows-latest'
+  
+variables:
+  buildPlatform: 'Any CPU'
+  buildConfiguration: 'Release'
+  snExe: 'C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\sn.exe'
+  snExe64: 'C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.8 Tools\x64\sn.exe'
+  ProductBinPath: '$(Build.SourcesDirectory)\bin\$(BuildConfiguration)'
+  mainDll: 'Microsoft.OpenApi.OData.Reader.dll'
+  testDll: 'Microsoft.OpenApi.OData.Reader.Tests.dll'
+  skipComponentGovernanceDetection: true
+
+steps:
+
+- task: UseDotNet@2
+  displayName: 'Use .NET 6'
+  inputs:
+    version: 6.x
+
+- task: PoliCheck@1
+  displayName: 'Run PoliCheck "OpenApi.OData-master\src"'
+  inputs:
+    inputType: CmdLine
+    cmdLineArgs: '/F:$(Build.SourcesDirectory)/src /T:9 /Sev:"1|2" /PE:2 /O:poli_result_src.xml'
+
+- task: PoliCheck@1
+  displayName: 'Run PoliCheck "OpenApi.OData-master\test"'
+  inputs:
+    inputType: CmdLine
+    cmdLineArgs: '/F:$(Build.SourcesDirectory)/test /T:9 /Sev:"1|2" /PE:2 /O:poli_result_test.xml'
+
+- task: PoliCheck@1
+  displayName: 'PoliCheck for OpenApi.OData-master\tool'
+  inputs:
+    inputType: CmdLine
+    cmdLineArgs: '/F:$(Build.SourcesDirectory)/tool /T:9 /Sev:"1|2" /PE:2 /O:poli_result_tool.xml'
+    
+# Install the nuget tooler.
+- task: NuGetToolInstaller@0
+  displayName: 'Use NuGet >=5.2.0'
+  inputs:
+    versionSpec: '>=5.2.0'
+    checkLatest: true
+
+# Build the Product project
+- task: DotNetCoreCLI@2
+  displayName: 'build Microsoft.OpenAPI.OData.Reader.csproj '
+  inputs:
+    projects: '$(Build.SourcesDirectory)\src\Microsoft.OpenApi.OData.Reader\Microsoft.OpenAPI.OData.Reader.csproj'
+    arguments: '--configuration $(BuildConfiguration) --no-incremental'
+
+# Build the Unit test project
+- task: DotNetCoreCLI@2
+  displayName: 'build Microsoft.OpenAPI.OData.Reader.Tests.csproj'
+  inputs:
+    projects: '$(Build.SourcesDirectory)\test\Microsoft.OpenAPI.OData.Reader.Tests\Microsoft.OpenApi.OData.Reader.Tests.csproj'
+    arguments: '--configuration $(BuildConfiguration) --no-incremental'
+
+# because the assemblies are delay-signed, we need to disable
+# strong name validation so that the tests may run,
+# otherwise our assemblies will fail to load
+- task: Powershell@2
+  displayName: 'Skip strong name validation'
+  inputs:
+    targetType: 'inline'
+    script: |
+      & "$(snExe)" /Vr $(ProductBinPath)\net472\$(mainDll)
+      & "$(snExe64)" /Vr $(ProductBinPath)\net472\$(mainDll)
+      & "$(snExe)" /Vr $(ProductBinPath)\test\net472\$(testDll)
+      & "$(snExe64)" /Vr $(ProductBinPath)\test\net472\$(testDll)
+
+# Run the Unit test
+- task: DotNetCoreCLI@2
+  displayName: 'Run Microsoft.OpenApi.OData.Reader.Tests.csproj'
+  inputs:
+    command: test
+    projects: '$(Build.SourcesDirectory)\test\Microsoft.OpenAPI.OData.Reader.Tests\Microsoft.OpenApi.OData.Reader.Tests.csproj'
+    arguments: '--configuration $(BuildConfiguration) --no-build'
+
+# CredScan
+- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
+  displayName: 'Run CredScan - Src'
+  inputs:
+    toolMajorVersion: 'V2'
+    scanFolder: '$(Build.SourcesDirectory)\src'
+    debugMode: false
+
+- task: securedevelopmentteam.vss-secure-development-tools.build-task-credscan.CredScan@2
+  displayName: 'Run CredScan - Test'
+  inputs:
+    toolMajorVersion: 'V2'
+    scanFolder: '$(Build.SourcesDirectory)\test'
+    debugMode: false
+  
+# Microsoft.CodeAnalysis.FxCopAnalyzers is added into the project.
+# Typically, .NET Standard (.NET Core) project doesn't need the FxCop.
+
+# Needn't the AntiMalware@3 task?
+- task: AntiMalware@3
+  displayName: 'Run MpCmdRun.exe - ProductBinPath'
+  inputs:
+    FileDirPath: '$(ProductBinPath)'
+  enabled: false
+
+- task: BinSkim@3
+  displayName: 'Run BinSkim - Product Binaries'
+  inputs:
+    InputType: Basic
+    AnalyzeTarget: '$(ProductBinPath)\**\Microsoft.OpenApi.OData.Reader.dll'
+    AnalyzeSymPath: '$(ProductBinPath)'
+    AnalyzeVerbose: true
+    AnalyzeHashes: true
+    AnalyzeEnvironment: true
+
+- task: PublishSecurityAnalysisLogs@2
+  displayName: 'Publish Security Analysis Logs'
+  inputs:
+    ArtifactName: SecurityLogs
+
+- task: PostAnalysis@1
+  displayName: 'Post Analysis'
+  inputs:
+    BinSkim: true
+    CredScan: true
+    PoliCheck: true
+
+- task: EsrpCodeSigning@1
+  displayName: 'ESRP CodeSigning'
+  inputs:
+    ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)'
+    FolderPath: '$(Build.SourcesDirectory)\bin\$(BuildConfiguration)'
+    Pattern: Microsoft.OpenApi.OData.Reader.dll
+    signConfigType: inlineSignParams
+    inlineOperation: |
+     [
+       {
+         "keyCode": "CP-230012",
+         "operationSetCode": "SigntoolSign",
+         "parameters": [
+         {
+           "parameterName": "OpusName",
+           "parameterValue": "TestSign"
+         },
+         {
+           "parameterName": "OpusInfo",
+           "parameterValue": "http://test"
+         },
+         {
+           "parameterName": "PageHash",
+           "parameterValue": "/NPH"
+         },
+         {
+           "parameterName": "FileDigest",
+           "parameterValue": "/fd sha256"
+         },
+         {
+           "parameterName": "TimeStamp",
+           "parameterValue": "/tr \"http://rfc3161.gtm.corp.microsoft.com/TSS/HttpTspServer\" /td sha256"
+         }
+         ],
+         "toolName": "signtool.exe",
+         "toolVersion": "6.2.9304.0"
+       },
+       {
+         "keyCode": "CP-230012",
+         "operationSetCode": "SigntoolVerify",
+         "parameters": [
+         {
+           "parameterName": "VerifyAll",
+           "parameterValue": "/all"
+         }
+         ],
+         "toolName": "signtool.exe",
+         "toolVersion": "6.2.9304.0"
+       }
+     ]
+    SessionTimeout: 20
+
+- task: MSBuild@1
+  displayName: 'Get Nuget Package Metadata'
+  inputs:
+    solution: '$(Build.SourcesDirectory)\tool\GetNugetPackageMetadata.proj'
+    platform: '$(BuildPlatform)'
+    configuration: '$(BuildConfiguration)'
+
+- task: PowerShell@2
+  displayName: 'Validate project version has been incremented'
+  inputs:
+    targetType: 'filePath'
+    filePath: $(System.DefaultWorkingDirectory)\scripts\ValidateProjectVersionUpdated.ps1
+    arguments: '-projectVersion "$(VersionFullSemantic)"'
+
+- task: NuGetCommand@2
+  displayName: 'NuGet pack Release.nuspec'
+  inputs:
+    command: custom
+    arguments: 'pack $(Build.SourcesDirectory)\src\Microsoft.OpenApi.OData.Reader\Microsoft.OpenAPI.OData.Reader.Release.nuspec -NonInteractive -OutputDirectory $(Build.ArtifactStagingDirectory)\Nuget -Properties Configuration=$(BuildConfiguration);ProductRoot=$(ProductBinPath);VersionFullSemantic=$(VersionFullSemantic);NightlyBuildVersion=$(VersionNugetNightlyBuild);VersionNuGetSemantic=$(VersionNuGetSemantic);OpenApiCorePackageDependency="$(OpenApiCorePackageDependency)";ODataEdmPackageDependency="$(ODataEdmPackageDependency)";  -Verbosity Detailed -Symbols -SymbolPackageFormat snupkg'
+    
+- task: EsrpCodeSigning@1
+  displayName: 'ESRP CodeSigning Nuget Packages'
+  inputs:
+    ConnectedServiceName: 'microsoftgraph ESRP CodeSign DLL and NuGet (AKV)'
+    FolderPath: '$(Build.ArtifactStagingDirectory)\Nuget'
+    Pattern: '*.nupkg'
+    signConfigType: inlineSignParams
+    inlineOperation: |
+     [
+         {
+             "keyCode": "CP-401405",
+             "operationSetCode": "NuGetSign",
+             "parameters": [ ],
+             "toolName": "sign",
+             "toolVersion": "1.0"
+         },
+         {
+             "keyCode": "CP-401405",
+             "operationSetCode": "NuGetVerify",
+             "parameters": [ ],
+             "toolName": "sign",
+             "toolVersion": "1.0"
+         }
+     ]
+    SessionTimeout: 20
+
+- task: PublishBuildArtifacts@1
+  displayName: 'Publish Artifact - Nuget Packages'
+  inputs:
+    PathtoPublish: '$(Build.ArtifactStagingDirectory)\Nuget'
+    ArtifactName: Nuget
+    
+- task: NuGetCommand@2
+  displayName: 'Push nuget package to nuget.org'
+  inputs:
+    command: push
+    packagesToPush: '$(Build.ArtifactStagingDirectory)\Nuget\*.nupkg'
+    nuGetFeedType: external
+    publishFeedCredentials: 'OpenAPI Nuget Connection'
+
+- task: GithubRelease@1
+  displayName: 'Create Github Release (v$(VersionFullSemantic))'
+  inputs:
+    githubConnection: 'github - danielmbaluka'
+    title: 'v$(VersionFullSemantic)'
+    tagSource: userSpecifiedTag
+    tag: 'v$(VersionFullSemantic)'

scripts/ValidateProjectVersionUpdated.ps1

@@ -0,0 +1,47 @@
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License.
+
+<#
+.Synopsis
+    Validates that the package version has been updated
+.Description
+    Validates that the package version has been updated by comparing the version
+    specified in the project file with the latest package version published on
+    NuGet. If the version has not been updated, the script will fail and indicate
+    that the project version neeeds to be updated.
+
+.Parameter projectVersion
+    Specifies the current project version. The project version currently is maintained 
+    in the versioning.props file
+#>
+
+Param(
+	[parameter(Mandatory = $true)]
+	[string]$projectVersion
+)
+
+$packageName = "Microsoft.OpenApi.OData"
+
+# Cast the project version string to System.Version
+[version]$currentProjectVersion = $projectVersion
+
+# API is case-sensitive
+$packageName = $packageName.ToLower()
+$url = "https://api.nuget.org/v3/registration5-semver1/$packageName/index.json"
+
+# Call the NuGet API for the package and get the current published version.
+$nugetIndex = Invoke-RestMethod -Uri $url -Method Get
+$publishedVersionString = $nugetIndex.items[0].upper
+
+# Cast the published version string to System.Version
+[version]$currentPublishedVersion = $publishedVersionString
+
+# Validate that the version number has been updated.
+if ($currentProjectVersion -le $currentPublishedVersion) {
+    Write-Error "The project version in versioning.props file ($projectVersion) `
+    has not been bumped up. The current published version is $publishedVersionString. `
+    Please increment the current project version."
+}
+else {
+    Write-Host "Validated that the version has been updated from $publishedVersionString to $currentProjectVersion" -ForegroundColor Green
+}

src/Microsoft.OpenApi.OData.Reader/Edm/ODataPathProvider.cs

@@ -247,6 +247,8 @@ private void RetrieveComplexPropertyPaths(IEdmEntityType entityType, ODataPath c
                                                     .Where(x => x.Type.IsComplex() ||
                                                             x.Type.IsCollection() && x.Type.Definition.AsElementType() is IEdmComplexType))
             {
+                if (!ShouldCreateComplexPropertyPaths(sp, convertSettings)) continue;
+
                 currentPath.Push(new ODataComplexPropertySegment(sp));
                 AppendPath(currentPath.Clone());
 
@@ -280,6 +282,27 @@ private void RetrieveComplexPropertyPaths(IEdmEntityType entityType, ODataPath c
             }
         }
 
+        /// <summary>
+        /// Evaluates whether or not to create paths for complex properties.
+        /// </summary>
+        /// <param name="complexProperty">The target complex property.</param>
+        /// <param name="convertSettings">The settings for the current conversion.</param>
+        /// <returns>true or false.</returns>
+        private bool ShouldCreateComplexPropertyPaths(IEdmStructuralProperty complexProperty, OpenApiConvertSettings convertSettings)
+        {
+            Debug.Assert(complexProperty != null);
+            Debug.Assert(convertSettings != null);
+
+            if (!convertSettings.RequireRestrictionAnnotationsToGenerateComplexPropertyPaths)
+                return true;
+
+            bool isReadable = _model.GetRecord<ReadRestrictionsType>(complexProperty, CapabilitiesConstants.ReadRestrictions)?.Readable ?? false;
+            bool isUpdatable = _model.GetRecord<UpdateRestrictionsType>(complexProperty, CapabilitiesConstants.UpdateRestrictions)?.Updatable ?? false;
+            bool isInsertable = _model.GetRecord<InsertRestrictionsType>(complexProperty, CapabilitiesConstants.InsertRestrictions)?.Insertable ?? false;
+
+            return isReadable || isUpdatable || isInsertable;
+        }
+
         /// <summary>
         /// Retrieves the paths for a media entity stream.
         /// </summary>

src/Microsoft.OpenApi.OData.Reader/Microsoft.OpenAPI.OData.Reader.csproj

@@ -8,8 +8,7 @@
     <LangVersion Condition="'$(Configuration)|$(Platform)'=='Release|AnyCPU'">latest</LangVersion>
     <LangVersion Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">latest</LangVersion>
     <SignAssembly>true</SignAssembly>
-    <AssemblyOriginatorKeyFile>..\..\tool\35MSSharedLib1024.snk</AssemblyOriginatorKeyFile>
-    <DelaySign>true</DelaySign>
+    <AssemblyOriginatorKeyFile>..\..\tool\Microsoft.OpenApi.OData.snk</AssemblyOriginatorKeyFile>
     <OutputPath Condition="'$(Configuration)|$(Platform)'=='Debug|AnyCPU'">..\..\bin\Debug\</OutputPath>
     <OutputPath Condition="'$(Configuration)|$(Platform)'=='Release|AnyCPU'">..\..\bin\Release\</OutputPath>
     <GeneratePackageOnBuild>false</GeneratePackageOnBuild>

src/Microsoft.OpenApi.OData.Reader/OpenApiConvertSettings.cs

@@ -225,6 +225,11 @@ public string PathPrefix
         /// </summary>
         public string InnerErrorComplexTypeName { get; set; } = "InnerError";
 
+        /// <summary>
+        /// Gets/Sets a value indicating whether or not to use restrictions annotations to generate paths for complex properties.
+        /// </summary>
+        public bool RequireRestrictionAnnotationsToGenerateComplexPropertyPaths { get; set; } = true;
+
         internal OpenApiConvertSettings Clone()
         {
             var newSettings = new OpenApiConvertSettings
@@ -262,7 +267,8 @@ internal OpenApiConvertSettings Clone()
                 EnableDeprecationInformation = this.EnableDeprecationInformation,
                 AddEnumDescriptionExtension = this.AddEnumDescriptionExtension,
                 ErrorResponsesAsDefault = this.ErrorResponsesAsDefault,
-                InnerErrorComplexTypeName = this.InnerErrorComplexTypeName
+                InnerErrorComplexTypeName = this.InnerErrorComplexTypeName,
+                RequireRestrictionAnnotationsToGenerateComplexPropertyPaths = this.RequireRestrictionAnnotationsToGenerateComplexPropertyPaths
             };
 
             return newSettings;