openapi-generator
openapi-generator copied to clipboard
OpenAPITools
[REQ] Include the variables of nested schemas in each CodegenProperty
Is your feature request related to a problem? Please describe.
I am attempting to create automated tests and documentation from a complex schema object. The language I am currently working in is python although I believe this would be a feature request of the Generator.
I am using the jar file for version 7.2.0 of the generator.
Given the following path spec, I am not able to access any vars past the first level of properties. I would want to use examples that are on each property but that doesn't give me quite what I need/expect.
Using what is available now I can generate the following example, which is mostly correct minus the nested objects like owner, source, etc...
Mustache:
{{#bodyParams}}
{{#vars}}
{{name}} = {{{example}}}
{{/vars}}
{{/bodyParams}}
create_access_profile_request = sailpoint.v3.CreateAccessProfileRequest(
id="2c91808a7190d06e01719938fcd20792",
name="Employee-database-read-write",
description="Collection of entitlements to read/write the employee database",
created="2021-03-01T22:32:58.104Z",
modified="2021-03-02T20:22:28.104Z",
enabled=True,
owner=sailpoint.v3.models.create_access_profile_request_owner.createAccessProfile_request_owner(
type="IDENTITY",
id="2c9180a46faadee4016fb4e018c20639",
name="support",
),
source=sailpoint.v3.models.create_access_profile_request_source.createAccessProfile_request_source(
id="2c91809773dee3610173fdb0b6061ef4",
type="SOURCE",
name="ODS-AD-SOURCE",
),
entitlements=[
sailpoint.v3.models.create_access_profile_request_entitlements_inner.createAccessProfile_request_entitlements_inner(
type="ENTITLEMENT",
id="2c91809773dee32014e13e122092014e",
name="CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local",
)
],
requestable=True,
access_request_config=sailpoint.v3.models.create_access_profile_request_access_request_config.createAccessProfile_request_accessRequestConfig(
comments_required=True,
denial_comments_required=True,
approval_schemes=[
sailpoint.v3.models.create_access_profile_request_access_request_config_approval_schemes_inner.createAccessProfile_request_accessRequestConfig_approvalSchemes_inner(
approver_type="GOVERNANCE_GROUP",
approver_id="46c79819-a69f-49a2-becb-12c971ae66c6",
)
],
),
revocation_request_config=sailpoint.v3.models.create_access_profile_request_revocation_request_config.createAccessProfile_request_revocationRequestConfig(
approval_schemes=[
sailpoint.v3.models.create_access_profile_request_access_request_config_approval_schemes_inner.createAccessProfile_request_accessRequestConfig_approvalSchemes_inner(
approver_type="GOVERNANCE_GROUP",
approver_id="46c79819-a69f-49a2-becb-12c971ae66c6",
)
],
),
segments=[
"f7b1b8a3-5fed-4fd4-ad29-82014e137e19",
"29cb6c06-1da8-43ea-8be4-b3125f248f2a",
],
provisioning_criteria=sailpoint.v3.models.create_access_profile_request_provisioning_criteria.createAccessProfile_request_provisioningCriteria(
operation="EQUALS",
attribute="email",
value="[email protected]",
children=[
sailpoint.v3.models.create_access_profile_request_provisioning_criteria_children_inner.createAccessProfile_request_provisioningCriteria_children_inner(
operation="EQUALS",
attribute="email",
value="[email protected]",
)
],
),
)
paths:
/access-profiles:
post:
operationId: createAccessProfile
tags:
- Access Profiles
summary: Create an Access Profile
description: >-
This API creates an Access Profile.
A token with API, ORG_ADMIN, ROLE_ADMIN, ROLE_SUBADMIN, SOURCE_ADMIN, or SOURCE_SUBADMIN authority is required to
call this API. In addition, a token with only ROLE_SUBADMIN or SOURCE_SUBADMIN authority must be associated with the
Access Profile's Source.
The maximum supported length for the description field is 2000 characters.
Longer descriptions will be preserved for existing access profiles, however, any new access profiles as well as any updates to existing descriptions will be limited to 2000 characters.
requestBody:
required: true
content:
application/json:
schema:
type: object
description: Access Profile
properties:
id:
type: string
description: The ID of the Access Profile
example: 2c91808a7190d06e01719938fcd20792
readOnly: true
name:
type: string
description: Name of the Access Profile
example: Employee-database-read-write
description:
type: string
nullable: true
description: Information about the Access Profile
example: Collection of entitlements to read/write the employee database
created:
type: string
description: Date the Access Profile was created
format: 'date-time'
example: '2021-03-01T22:32:58.104Z'
readOnly: true
modified:
type: string
description: Date the Access Profile was last modified.
format: 'date-time'
example: '2021-03-02T20:22:28.104Z'
readOnly: true
enabled:
type: boolean
default: true
description: Whether the Access Profile is enabled. If the Access Profile is enabled then you must include at least one Entitlement.
example: true
owner:
type: object
nullable: false
description: The owner of this object.
properties:
type:
type: string
enum:
- IDENTITY
description: Owner type. This field must be either left null or set to 'IDENTITY' on input, otherwise a 400 Bad Request error will result.
example: 'IDENTITY'
id:
type: string
description: Identity id
example: '2c9180a46faadee4016fb4e018c20639'
name:
type: string
description: Human-readable display name of the owner. It may be left null or omitted in a POST or PATCH. If set, it must match the current value of the owner's display name, otherwise a 400 Bad Request error will result.
example: 'support'
source:
type: object
properties:
id:
type: string
description: The ID of the Source with with which the Access Profile is associated
example: 2c91809773dee3610173fdb0b6061ef4
type:
type: string
enum:
- SOURCE
description: The type of the Source, will always be SOURCE
example: SOURCE
name:
type: string
description: The display name of the associated Source
example: "ODS-AD-SOURCE"
entitlements:
type: array
nullable: true
description: A list of entitlements associated with the Access Profile. If enabled is false this is allowed to be empty otherwise it needs to contain at least one Entitlement.
items:
type: object
description: Entitlement including a specific set of access.
properties:
type:
type: string
description: Entitlement's DTO type.
enum:
- ENTITLEMENT
example: ENTITLEMENT
id:
type: string
description: Entitlement's ID.
example: 2c91809773dee32014e13e122092014e
name:
type: string
nullable: true
description: Entitlement's display name.
example: "CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local"
requestable:
type: boolean
default: true
description: >-
Whether the Access Profile is requestable via access request. Currently, making an Access Profile non-requestable is only supported
for customers enabled with the new Request Center. Otherwise, attempting to create an Access Profile with a value
**false** in this field results in a 400 error.
example: true
accessRequestConfig:
type: object
nullable : true
properties:
commentsRequired:
type: boolean
description: Whether the requester of the containing object must provide comments justifying the request
example: true
nullable: true
default: false
denialCommentsRequired:
type: boolean
description: Whether an approver must provide comments when denying the request
example: true
nullable: true
default: false
approvalSchemes:
type: array
nullable : true
description: List describing the steps in approving the request
items:
type: object
properties:
approverType:
type: string
enum:
- APP_OWNER
- OWNER
- SOURCE_OWNER
- MANAGER
- GOVERNANCE_GROUP
description: >-
Describes the individual or group that is responsible for an approval step. Values are as follows.
**APP_OWNER**: The owner of the Application
**OWNER**: Owner of the associated Access Profile or Role
**SOURCE_OWNER**: Owner of the Source associated with an Access Profile
**MANAGER**: Manager of the Identity making the request
**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field
example: GOVERNANCE_GROUP
approverId:
type: string
nullable: true
description: Id of the specific approver, used only when approverType is GOVERNANCE_GROUP
example: 46c79819-a69f-49a2-becb-12c971ae66c6
revocationRequestConfig:
type: object
nullable : true
properties:
approvalSchemes:
type: array
nullable: true
description: List describing the steps in approving the revocation request
items:
type: object
properties:
approverType:
type: string
enum:
- APP_OWNER
- OWNER
- SOURCE_OWNER
- MANAGER
- GOVERNANCE_GROUP
description: >-
Describes the individual or group that is responsible for an approval step. Values are as follows.
**APP_OWNER**: The owner of the Application
**OWNER**: Owner of the associated Access Profile or Role
**SOURCE_OWNER**: Owner of the Source associated with an Access Profile
**MANAGER**: Manager of the Identity making the request
**GOVERNANCE_GROUP**: A Governance Group, the ID of which is specified by the **approverId** field
example: GOVERNANCE_GROUP
approverId:
type: string
nullable: true
description: Id of the specific approver, used only when approverType is GOVERNANCE_GROUP
example: 46c79819-a69f-49a2-becb-12c971ae66c6
segments:
type: array
nullable: true
items:
type: string
description: List of IDs of segments, if any, to which this Access Profile is assigned.
example: [
"f7b1b8a3-5fed-4fd4-ad29-82014e137e19",
"29cb6c06-1da8-43ea-8be4-b3125f248f2a"
]
provisioningCriteria:
type: object
nullable: true
description: Defines matching criteria for an Account to be provisioned with a specific Access Profile
properties:
operation:
type: string
enum:
- EQUALS
- NOT_EQUALS
- CONTAINS
- HAS
- AND
- OR
description: Supported operations on ProvisioningCriteria
example: EQUALS
attribute:
type: string
description: >-
Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS,
this field is required. Otherwise, specifying it is an error.
example: email
nullable: true
value:
type: string
nullable: true
description: >-
String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS,
NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is
not String-typed, it will be converted to the appropriate type.
example: "[email protected]"
children:
type: array
items:
type: object
description: Defines matching criteria for an Account to be provisioned with a specific Access Profile
properties:
operation:
type: string
enum:
- EQUALS
- NOT_EQUALS
- CONTAINS
- HAS
- AND
- OR
description: Supported operations on ProvisioningCriteria
example: EQUALS
attribute:
type: string
description: >-
Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS,
this field is required. Otherwise, specifying it is an error.
example: email
nullable: true
value:
type: string
nullable: true
description: >-
String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS,
NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is
not String-typed, it will be converted to the appropriate type.
example: "[email protected]"
children:
type: array
items:
type: object
description: Defines matching criteria for an Account to be provisioned with a specific Access Profile
properties:
operation:
type: string
enum:
- EQUALS
- NOT_EQUALS
- CONTAINS
- HAS
- AND
- OR
description: Supported operations on ProvisioningCriteria
example: EQUALS
attribute:
type: string
description: >-
Name of the Account attribute to be tested. If **operation** is one of EQUALS, NOT_EQUALS, CONTAINS, or HAS,
this field is required. Otherwise, specifying it is an error.
example: email
nullable: true
value:
type: string
description: >-
String value to test the Account attribute w/r/t the specified operation. If the operation is one of EQUALS,
NOT_EQUALS, or CONTAINS, this field is required. Otherwise, specifying it is an error. If the Attribute is
not String-typed, it will be converted to the appropriate type.
example: "[email protected]"
children:
type: string
description: >-
Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum
of three levels of criteria are supported, including leaf nodes.
example: null
nullable: true
nullable: true
description: >-
Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum
of three levels of criteria are supported, including leaf nodes.
example: null
nullable: true
description: >-
Array of child criteria. Required if the operation is AND or OR, otherwise it must be left null. A maximum
of three levels of criteria are supported, including leaf nodes.
example: null
required:
- owner
- name
- source
responses:
'201':
description: Access Profile created
content:
application/json:
schema:
type: object
security:
- UserContextAuth: [idn:access-profile:manage]
Describe the solution you'd like
What I would expect it to look like is below:
create_access_profile_request = sailpoint.v3.CreateAccessProfileRequest(
id="2c91808a7190d06e01719938fcd20792",
name="Employee-database-read-write",
description="Collection of entitlements to read/write the employee database",
created="2021-03-01T22:32:58.104Z",
modified="2021-03-02T20:22:28.104Z",
enabled=True,
owner=sailpoint.v3.CreateAccessProfileRequestOwner(
type="IDENTITY",
id="2c9180a46faadee4016fb4e018c20639",
name="support",
),
source=sailpoint.v3.CreateAccessProfileRequestSource(
id="2c91809773dee3610173fdb0b6061ef4",
type="SOURCE",
name="ODS-AD-SOURCE",
),
entitlements=[
sailpoint.v3.CreateAccessProfileRequestEntitlementsInner(
type="ENTITLEMENT",
id="2c91809773dee32014e13e122092014e",
name="CN=entitlement.490efde5,OU=OrgCo,OU=ServiceDept,DC=HQAD,DC=local",
)
],
requestable=True,
access_request_config=sailpoint.v3.CreateAccessProfileRequestAccessRequestConfig(
comments_required=True,
denial_comments_required=True,
approval_schemes=[
sailpoint.v3.CreateAccessProfileRequestAccessRequestConfigApprovalSchemesInner(
approver_type="GOVERNANCE_GROUP",
approver_id="46c79819-a69f-49a2-becb-12c971ae66c6",
)
],
),
revocation_request_config=sailpoint.v3.CreateAccessProfileRequestRevocationRequestConfig(
approval_schemes=[
sailpoint.v3.CreateAccessProfileRequestAccessRequestConfigApprovalSchemesInner(
approver_type="GOVERNANCE_GROUP",
approver_id="46c79819-a69f-49a2-becb-12c971ae66c6",
)
],
),
segments=[
"f7b1b8a3-5fed-4fd4-ad29-82014e137e19",
"29cb6c06-1da8-43ea-8be4-b3125f248f2a",
],
provisioning_criteria=sailpoint.v3.CreateAccessProfileRequestProvisioningCriteria(
operation="EQUALS",
attribute="email",
value="[email protected]",
children=[
sailpoint.v3.CreateAccessProfileRequestProvisioningCriteriaChildrenInner(
operation="EQUALS",
attribute="email",
value="[email protected]",
)
],
),
)
It looks like I have access to the CamelCased initializers for each nested variable( owner, source, etc...) on the CodegenProperty but the vars object is empty for any nested variables. I am thinking I could build out the example code myself in the mustache template if I had access to all nested variables.
