wip

author: syuilo <syuilotan@yahoo.co.jp> 2017-03-03 08:56:07 +0900
committer: syuilo <syuilotan@yahoo.co.jp> 2017-03-03 08:56:07 +0900
commit: dc45055f2ffcea2369f12d104999746220b22c90 (patch)
tree: d3ec8f4a03076fe804c906cd60656e197f3010f2 /src/api/endpoints
parent: wip (diff)
download: sharkey-dc45055f2ffcea2369f12d104999746220b22c90.tar.gz
sharkey-dc45055f2ffcea2369f12d104999746220b22c90.tar.bz2
sharkey-dc45055f2ffcea2369f12d104999746220b22c90.zip
8 files changed, 66 insertions, 111 deletions
diff --git a/src/api/endpoints/i/appdata/get.js b/src/api/endpoints/i/appdata/get.ts
index 7f1bdf0713..7f1bdf0713 100644
--- a/src/api/endpoints/i/appdata/get.js
+++ b/src/api/endpoints/i/appdata/get.ts
diff --git a/src/api/endpoints/i/appdata/set.js b/src/api/endpoints/i/appdata/set.ts
index 57001f4e8b..57001f4e8b 100644
--- a/src/api/endpoints/i/appdata/set.js
+++ b/src/api/endpoints/i/appdata/set.ts
diff --git a/src/api/endpoints/i/authorized_apps.js b/src/api/endpoints/i/authorized_apps.ts
index 3c0cf75057..fb56a107e7 100644
--- a/src/api/endpoints/i/authorized_apps.js
+++ b/src/api/endpoints/i/authorized_apps.ts
@@ -3,7 +3,7 @@
 /**
  * Module dependencies
  */
-import * as mongo from 'mongodb';
+import it from '../../it';
 import AccessToken from '../../models/access-token';
 import serialize from '../../serializers/app';
 
@@ -18,28 +18,16 @@ module.exports = (params, user) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'limit' parameter
-	let limit = params.limit;
-	if (limit !== undefined && limit !== null) {
-		limit = parseInt(limit, 10);
-
-		// From 1 to 100
-		if (!(1 <= limit && limit <= 100)) {
-			return rej('invalid limit range');
-		}
-	} else {
-		limit = 10;
-	}
+	const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed();
+	if (limitErr) return rej('invalid limit param');
 
 	// Get 'offset' parameter
-	let offset = params.offset;
-	if (offset !== undefined && offset !== null) {
-		offset = parseInt(offset, 10);
-	} else {
-		offset = 0;
-	}
+	const [offset, offsetErr] = it(params.offset).expect.number().min(0).default(0).qed();
+	if (offsetErr) return rej('invalid offset param');
 
 	// Get 'sort' parameter
-	let sort = params.sort || 'desc';
+	const [sort, sortError] = it(params.sort).expect.string().or('desc asc').default('desc').qed();
+	if (sortError) return rej('invalid sort param');
 
 	// Get tokens
 	const tokens = await AccessToken
diff --git a/src/api/endpoints/i/favorites.js b/src/api/endpoints/i/favorites.ts
index 28e402e366..c04d318379 100644
--- a/src/api/endpoints/i/favorites.js
+++ b/src/api/endpoints/i/favorites.ts
@@ -3,7 +3,7 @@
 /**
  * Module dependencies
  */
-import * as mongo from 'mongodb';
+import it from '../../it';
 import Favorite from '../../models/favorite';
 import serialize from '../../serializers/post';
 
@@ -11,37 +11,26 @@ import serialize from '../../serializers/post';
  * Get followers of a user
  *
  * @param {any} params
+ * @param {any} user
  * @return {Promise<any>}
  */
-module.exports = (params) =>
+module.exports = (params, user) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'limit' parameter
-	let limit = params.limit;
-	if (limit !== undefined && limit !== null) {
-		limit = parseInt(limit, 10);
-
-		// From 1 to 100
-		if (!(1 <= limit && limit <= 100)) {
-			return rej('invalid limit range');
-		}
-	} else {
-		limit = 10;
-	}
+	const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed();
+	if (limitErr) return rej('invalid limit param');
 
 	// Get 'offset' parameter
-	let offset = params.offset;
-	if (offset !== undefined && offset !== null) {
-		offset = parseInt(offset, 10);
-	} else {
-		offset = 0;
-	}
+	const [offset, offsetErr] = it(params.offset).expect.number().min(0).default(0).qed();
+	if (offsetErr) return rej('invalid offset param');
 
 	// Get 'sort' parameter
-	let sort = params.sort || 'desc';
+	const [sort, sortError] = it(params.sort).expect.string().or('desc asc').default('desc').qed();
+	if (sortError) return rej('invalid sort param');
 
 	// Get favorites
-	const favorites = await Favorites
+	const favorites = await Favorite
 		.find({
 			user_id: user._id
 		}, {
diff --git a/src/api/endpoints/i/notifications.js b/src/api/endpoints/i/notifications.ts
index d5174439e2..21537ea799 100644
--- a/src/api/endpoints/i/notifications.js
+++ b/src/api/endpoints/i/notifications.ts
@@ -3,7 +3,7 @@
 /**
  * Module dependencies
  */
-import * as mongo from 'mongodb';
+import it from '../../it';
 import Notification from '../../models/notification';
 import serialize from '../../serializers/notification';
 import getFriends from '../../common/get-friends';
@@ -19,44 +19,38 @@ module.exports = (params, user) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'following' parameter
-	const following = params.following;
+	const [following, followingError] =
+		it(params.following).expect.boolean().default(false).qed();
+	if (followingError) return rej('invalid following param');
 
 	// Get 'mark_as_read' parameter
-	let markAsRead = params.mark_as_read;
-	if (markAsRead == null) {
-		markAsRead = true;
-	}
+	const [markAsRead, markAsReadErr] = it(params.mark_as_read).expect.boolean().default(true).qed();
+	if (markAsReadErr) return rej('invalid mark_as_read param');
 
 	// Get 'type' parameter
-	let type = params.type;
-	if (type !== undefined && type !== null) {
-		type = type.split(',').map(x => x.trim());
-	}
+	const [type, typeErr] = it(params.type).expect.array().unique().allString().qed();
+	if (typeErr) return rej('invalid type param');
 
 	// Get 'limit' parameter
-	let limit = params.limit;
-	if (limit !== undefined && limit !== null) {
-		limit = parseInt(limit, 10);
+	const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed();
+	if (limitErr) return rej('invalid limit param');
 
-		// From 1 to 100
-		if (!(1 <= limit && limit <= 100)) {
-			return rej('invalid limit range');
-		}
-	} else {
-		limit = 10;
-	}
+	// Get 'since_id' parameter
+	const [sinceId, sinceIdErr] = it(params.since_id).expect.id().qed();
+	if (sinceIdErr) return rej('invalid since_id param');
 
-	const since = params.since_id || null;
-	const max = params.max_id || null;
+	// Get 'max_id' parameter
+	const [maxId, maxIdErr] = it(params.max_id).expect.id().qed();
+	if (maxIdErr) return rej('invalid max_id param');
 
 	// Check if both of since_id and max_id is specified
-	if (since !== null && max !== null) {
+	if (sinceId !== null && maxId !== null) {
 		return rej('cannot set since_id and max_id');
 	}
 
 	const query = {
 		notifiee_id: user._id
-	};
+	} as any;
 
 	const sort = {
 		_id: -1
@@ -77,14 +71,14 @@ module.exports = (params, user) =>
 		};
 	}
 
-	if (since !== null) {
+	if (sinceId) {
 		sort._id = 1;
 		query._id = {
-			$gt: new mongo.ObjectID(since)
+			$gt: sinceId
 		};
-	} else if (max !== null) {
+	} else if (maxId) {
 		query._id = {
-			$lt: new mongo.ObjectID(max)
+			$lt: maxId
 		};
 	}
 
diff --git a/src/api/endpoints/i/signin_history.js b/src/api/endpoints/i/signin_history.ts
index ede821e3cf..db36438bfe 100644
--- a/src/api/endpoints/i/signin_history.js
+++ b/src/api/endpoints/i/signin_history.ts
@@ -3,7 +3,7 @@
 /**
  * Module dependencies
  */
-import * as mongo from 'mongodb';
+import it from '../../it';
 import Signin from '../../models/signin';
 import serialize from '../../serializers/signin';
 
@@ -18,42 +18,38 @@ module.exports = (params, user) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'limit' parameter
-	let limit = params.limit;
-	if (limit !== undefined && limit !== null) {
-		limit = parseInt(limit, 10);
+	const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed();
+	if (limitErr) return rej('invalid limit param');
 
-		// From 1 to 100
-		if (!(1 <= limit && limit <= 100)) {
-			return rej('invalid limit range');
-		}
-	} else {
-		limit = 10;
-	}
+	// Get 'since_id' parameter
+	const [sinceId, sinceIdErr] = it(params.since_id).expect.id().qed();
+	if (sinceIdErr) return rej('invalid since_id param');
 
-	const since = params.since_id || null;
-	const max = params.max_id || null;
+	// Get 'max_id' parameter
+	const [maxId, maxIdErr] = it(params.max_id).expect.id().qed();
+	if (maxIdErr) return rej('invalid max_id param');
 
 	// Check if both of since_id and max_id is specified
-	if (since !== null && max !== null) {
+	if (sinceId !== null && maxId !== null) {
 		return rej('cannot set since_id and max_id');
 	}
 
 	const query = {
 		user_id: user._id
-	};
+	} as any;
 
 	const sort = {
 		_id: -1
 	};
 
-	if (since !== null) {
+	if (sinceId) {
 		sort._id = 1;
 		query._id = {
-			$gt: new mongo.ObjectID(since)
+			$gt: sinceId
 		};
-	} else if (max !== null) {
+	} else if (maxId) {
 		query._id = {
-			$lt: new mongo.ObjectID(max)
+			$lt: maxId
 		};
 	}
 
diff --git a/src/api/endpoints/i/update.js b/src/api/endpoints/i/update.ts
index 4abb4fcb7b..1e46315ceb 100644
--- a/src/api/endpoints/i/update.js
+++ b/src/api/endpoints/i/update.ts
@@ -3,7 +3,7 @@
 /**
  * Module dependencies
  */
-import * as mongo from 'mongodb';
+import it from '../../it';
 import User from '../../models/user';
 import { isValidName, isValidBirthday } from '../../models/user';
 import serialize from '../../serializers/user';
@@ -23,18 +23,9 @@ module.exports = async (params, user, _, isSecure) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'name' parameter
-	const name = params.name;
-	if (name !== undefined && name !== null) {
-		if (typeof name != 'string') {
-			return rej('name must be a string');
-		}
-
-		if (!isValidName(name)) {
-			return rej('invalid name');
-		}
-
-		user.name = name;
-	}
+	const [name, nameErr] = it(params.name).expect.string().validate(isValidName).qed();
+	if (nameErr) return rej('invalid name param');
+	user.name = name;
 
 	// Get 'description' parameter
 	const description = params.description;
diff --git a/src/api/endpoints/posts/create.ts b/src/api/endpoints/posts/create.ts
index 686c3a67d0..3dc121305c 100644
--- a/src/api/endpoints/posts/create.ts
+++ b/src/api/endpoints/posts/create.ts
@@ -131,21 +131,18 @@ module.exports = (params, user, app) =>
 
 	let poll = null;
 	if (_poll !== null) {
-		const [pollChoices, pollChoicesErr] = it(params.poll, 'set', false, [
-			choices => {
-				const shouldReject = choices.some(choice => {
+		const [pollChoices, pollChoicesErr] =
+			it(params.poll).expect.array()
+				.unique()
+				.allString()
+				.range(1, 10)
+				.validate(choices => !choices.some(choice => {
 					if (typeof choice != 'string') return true;
 					if (choice.trim().length == 0) return true;
 					if (choice.trim().length > 50) return true;
 					return false;
-				});
-				return shouldReject ? new Error('invalid poll choices') : true;
-			},
-			// 選択肢がひとつならエラー
-			choices => choices.length == 1 ? new Error('poll choices must be ひとつ以上') : true,
-			// 選択肢が多すぎてもエラー
-			choices => choices.length > 10 ? new Error('many poll choices') : true,
-		]);
+				}))
+				.qed();
 		if (pollChoicesErr) return rej('invalid poll choices');
 
 		_poll.choices = pollChoices.map((choice, i) => ({
author	syuilo <syuilotan@yahoo.co.jp>	2017-03-03 08:56:07 +0900
committer	syuilo <syuilotan@yahoo.co.jp>	2017-03-03 08:56:07 +0900
commit	dc45055f2ffcea2369f12d104999746220b22c90 (patch)
tree	d3ec8f4a03076fe804c906cd60656e197f3010f2 /src/api/endpoints
parent	wip (diff)
download	sharkey-dc45055f2ffcea2369f12d104999746220b22c90.tar.gz sharkey-dc45055f2ffcea2369f12d104999746220b22c90.tar.bz2 sharkey-dc45055f2ffcea2369f12d104999746220b22c90.zip