New rule: request-contains-parameter

[RomanHotsiy]

trafficstars

Is your feature request related to a problem? Please describe.

We need a built-in rule similar to response-contains-header but for checking request parameters: request-contains-parameter

It can't be done with configurable rules properly as parameters may exists on multiple levels: Path-level params and Operation-levle params so we probably need a separate rule for this case.

Describe the solution you'd like

rules:
  request-contains-parameter:
    severity: error
    parameters:
      get:
        - name: X-REQUEST-ID
          in: header
      post:
        - name: X-REQUEST-ID
          in: header
        - name: X-CSRF-TOKEN
          in: header

Describe alternatives you've considered

Maybe some different shapes of the parameters config?

Additional context

See related rule issue: https://github.com/Redocly/redocly-cli/issues/1253

[tatomyr]

What if we want to enforce a parameter for all operations? Use something like all keyword instead of get, post &c.? Apart from that looks valid. I believe we can adjust the syntax during implementation.

[lornajane]

I am OK to have this added if we think there will be enough usage to justify maintaining it.

[adamaltman]

I like this idea. It seems practical. However, what about when you want to target specific subset of operations?

Here is a practical example:

• Collections are GET requests and paginated and should have specific parameters (for example limit).
• Non collections could also be GET requests but wouldn't have pagination so the limit parameter shouldn't be defined there.

[RomanHotsiy]

However, what about when you want to target specific subset of operations?

I have no ideas on this unfortunately. The only way to achieve something like that is to implement #1253.

Does anyone have some other ideas?