Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add boolean isSecret metadata attribute? #249

Closed
chrisdostert opened this issue Feb 11, 2017 · 6 comments
Closed

Add boolean isSecret metadata attribute? #249

chrisdostert opened this issue Feb 11, 2017 · 6 comments
Milestone
draft-07

Comments

@chrisdostert
Copy link

chrisdostert commented Feb 11, 2017
edited
Loading

It would be fantastic to have an optional "isSecret" metadata attribute similar to "description" and "title", which was a boolean.

The intent for the instance of that schema would then be captured by the schema and consumers of said schema could then handle this in their own way.
@chrisdostert
Copy link
Author

chrisdostert commented Feb 11, 2017
edited
Loading

just had an interesting thought; this attribute along with "default" are somewhat useless depending on use case.

If the schema is being used for object validation they don't apply; if the schema is being used for object creation or presentation (such as form display) they do apply.

@awwright
Copy link
Member

awwright commented Feb 12, 2017 via email

@chrisdostert
Copy link
Author

chrisdostert commented Feb 12, 2017
edited
Loading

One example use case is in the swagger spec.
They have defined a custom type "password" to "Hint UIs the input needs to be obscured".

possible description:
This keyword can be used to indicate instances of the schema are secret. It is RECOMMENDED that implementations keep the instance secret, the meaning of which will be application specific. As a common example, a UI may hide characters of a string as a user types it.

@handrews
Copy link
Contributor

@chrisdostert if this is primarily presentation-oriented (hiding the characters of the string) then I think it would belong with #67 JSON UI Schema.

Another possible use would be in hyper-schema to indicate that an "isSecret": true field should only be transmitted via a secure protocol. But then, the URI scheme usually handles that so it's not clear to me that it's really useful in hyper-schema.

I'd probably lean towards putting this in the proposed UI Schema vocabulary.

As for "default", see #204.

@Samze Samze mentioned this issue Aug 1, 2017
Closed
@handrews
Copy link
Contributor

handrews commented Oct 8, 2017

I've warmed to this proposal given how we've reorganized the annotation keywords during this draft.

I'd probably call it secret to match readOnly (because it's not isReadOnly)

This keyword, in a hyper-schema context, would generally mean that while it is usable in requests, it would never be present in responses. That, plus the UI usage, provides use cases in two separate vocabularies, which I think is a good way to answer the question, "is this useful?"

@handrews handrews mentioned this issue Oct 8, 2017
Merged
@handrews handrews added this to the draft-07 (wright-*-02) milestone Oct 8, 2017
@handrews handrews mentioned this issue Oct 18, 2017
Open
@handrews
Copy link
Contributor

Merged #433 adding writeOnly, and json-schema-org/json-schema-vocabularies#6 tracks the remainder of the secret proposal.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
draft-07
Development

No branches or pull requests
3 participants
@awwright @chrisdostert @handrews