Fixes naming convention permission check for data items with path attribute only.

[vladlosev]

This change fixes the false positive in the permission checking code when the path attribute is used. Without the fix, the added test fails, as the as the code always tries to check the key attribute, even when only path is provided. It ends up coercing the undefined value to a sting and testing that.

[Flydiverny]

I'm thinking its better we check for the respective keys and validate them if present.

      externalData.forEach((secretProperty, index) => {
        if ('path' in secretProperty && !reNaming.test(secretProperty.path)) {
          allowed = false
          reason = `path ${secretProperty.path} does not match naming convention ${namingConvention}`
          return {
            allowed, reason
          }
        }

        if ('key' in secretProperty && !reNaming.test(secretProperty.key)) {
          allowed = false
          reason = `key name ${secretProperty.key} does not match naming convention ${namingConvention}`
          return {
            allowed, reason
          }
        }
      })

They never should be present at the same time, but if validation or other layer of the code allows for it, then this would potentially allow bypassing the validation. By supplying a bogus path that would validate and using a key which is ignored by validation.

[vladlosev]

Yeah, checking path and key independently makes sense. I updated the code to do that.