This commit is contained in:
syuilo 2017-03-03 19:48:00 +09:00
parent d1557bcae8
commit f11bdf36b9
5 changed files with 31 additions and 50 deletions

View File

@ -4,7 +4,9 @@
* Module dependencies
*/
import rndstr from 'rndstr';
import it from '../../it';
import App from '../../models/app';
import { isValidNameId } from '../../models/app';
import serialize from '../../serializers/app';
/**
@ -71,41 +73,25 @@ module.exports = async (params, user) =>
new Promise(async (res, rej) =>
{
// Get 'name_id' parameter
const nameId = params.name_id;
if (nameId == null) {
return rej('name_id is required');
} else if (typeof nameId != 'string') {
return rej('name_id must be a string');
}
// Validate name_id
if (!/^[a-zA-Z0-9\-]{3,30}$/.test(nameId)) {
return rej('invalid name_id');
}
const [nameId, nameIdErr] = it(params.name_id).expect.string().required().validate(isValidNameId).qed();
if (nameIdErr) return rej('invalid name_id param');
// Get 'name' parameter
const name = params.name;
if (name == null || name == '') {
return rej('name is required');
}
const [name, nameErr] = it(params.name).expect.string().required().qed();
if (nameErr) return rej('invalid name param');
// Get 'description' parameter
const description = params.description;
if (description == null || description == '') {
return rej('description is required');
}
const [description, descriptionErr] = it(params.description).expect.string().required().qed();
if (descriptionErr) return rej('invalid description param');
// Get 'permission' parameter
const permission = params.permission;
if (permission == null || permission == '') {
return rej('permission is required');
}
const [permission, permissionErr] = it(params.permission).expect.array().unique().allString().required().qed();
if (permissionErr) return rej('invalid permission param');
// Get 'callback_url' parameter
let callback = params.callback_url;
if (callback === '') {
callback = null;
}
// TODO: Check it is valid url
const [callbackUrl, callbackUrlErr] = it(params.callback_url).expect.nullable.string().default(null).qed();
if (callbackUrlErr) return rej('invalid callback_url param');
// Generate secret
const secret = rndstr('a-zA-Z0-9', 32);
@ -118,8 +104,8 @@ module.exports = async (params, user) =>
name_id: nameId,
name_id_lower: nameId.toLowerCase(),
description: description,
permission: permission.split(','),
callback_url: callback,
permission: permission,
callback_url: callbackUrl,
secret: secret
});

View File

@ -3,7 +3,9 @@
/**
* Module dependencies
*/
import it from '../../../it';
import App from '../../../models/app';
import { isValidNameId } from '../../../models/app';
/**
* @swagger
@ -44,15 +46,8 @@ module.exports = async (params) =>
new Promise(async (res, rej) =>
{
// Get 'name_id' parameter
const nameId = params.name_id;
if (nameId == null || nameId == '') {
return rej('name_id is required');
}
// Validate name_id
if (!/^[a-zA-Z0-9\-]{3,30}$/.test(nameId)) {
return rej('invalid name_id');
}
const [nameId, nameIdErr] = it(params.name_id).expect.string().required().validate(isValidNameId).qed();
if (nameIdErr) return rej('invalid name_id param');
// Get exist
const exist = await App

View File

@ -3,7 +3,7 @@
/**
* Module dependencies
*/
import * as mongo from 'mongodb';
import it from '../../it';
import App from '../../models/app';
import serialize from '../../serializers/app';
@ -50,16 +50,12 @@ module.exports = (params, user, _, isSecure) =>
new Promise(async (res, rej) =>
{
// Get 'app_id' parameter
let appId = params.app_id;
if (appId == null || appId == '') {
appId = null;
}
const [appId, appIdErr] = it(params.app_id, 'id');
if (appIdErr) return rej('invalid app_id param');
// Get 'name_id' parameter
let nameId = params.name_id;
if (nameId == null || nameId == '') {
nameId = null;
}
const [nameId, nameIdErr] = it(params.name_id, 'string');
if (nameIdErr) return rej('invalid name_id param');
if (appId === null && nameId === null) {
return rej('app_id or name_id is required');
@ -67,7 +63,7 @@ module.exports = (params, user, _, isSecure) =>
// Lookup app
const app = appId !== null
? await App.findOne({ _id: new mongo.ObjectID(appId) })
? await App.findOne({ _id: appId })
: await App.findOne({ name_id_lower: nameId.toLowerCase() });
if (app === null) {

View File

@ -7,3 +7,7 @@ const collection = db.get('apps');
(collection as any).index('secret'); // fuck type definition
export default collection as any; // fuck type definition
export function isValidNameId(nameId: string): boolean {
return typeof nameId == 'string' && /^[a-zA-Z0-9\-]{3,30}$/.test(nameId);
}

View File

@ -21,8 +21,8 @@ export default (
app: any,
me?: any,
options?: {
includeSecret: boolean,
includeProfileImageIds: boolean
includeSecret?: boolean,
includeProfileImageIds?: boolean
}
) => new Promise<any>(async (resolve, reject) => {
const opts = options || {