wip

author: syuilo <syuilotan@yahoo.co.jp> 2017-03-03 19:48:00 +0900
committer: syuilo <syuilotan@yahoo.co.jp> 2017-03-03 19:48:00 +0900
commit: f11bdf36b9c75a3e10850e46ef045cf9675ab7f7 (patch)
tree: a72f760e3f1f218f8830326c9ea8bea0289bc23d /src/api
parent: wip (diff)
download: sharkey-f11bdf36b9c75a3e10850e46ef045cf9675ab7f7.tar.gz
sharkey-f11bdf36b9c75a3e10850e46ef045cf9675ab7f7.tar.bz2
sharkey-f11bdf36b9c75a3e10850e46ef045cf9675ab7f7.zip
5 files changed, 31 insertions, 50 deletions
diff --git a/src/api/endpoints/app/create.js b/src/api/endpoints/app/create.ts
index 8b85da7ffa..adbb205f62 100644
--- a/src/api/endpoints/app/create.js
+++ b/src/api/endpoints/app/create.ts
@@ -4,7 +4,9 @@
  * Module dependencies
  */
 import rndstr from 'rndstr';
+import it from '../../it';
 import App from '../../models/app';
+import { isValidNameId } from '../../models/app';
 import serialize from '../../serializers/app';
 
 /**
@@ -71,41 +73,25 @@ module.exports = async (params, user) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'name_id' parameter
-	const nameId = params.name_id;
-	if (nameId == null) {
-		return rej('name_id is required');
-	} else if (typeof nameId != 'string') {
-		return rej('name_id must be a string');
-	}
-
-	// Validate name_id
-	if (!/^[a-zA-Z0-9\-]{3,30}$/.test(nameId)) {
-		return rej('invalid name_id');
-	}
+	const [nameId, nameIdErr] = it(params.name_id).expect.string().required().validate(isValidNameId).qed();
+	if (nameIdErr) return rej('invalid name_id param');
 
 	// Get 'name' parameter
-	const name = params.name;
-	if (name == null || name == '') {
-		return rej('name is required');
-	}
+	const [name, nameErr] = it(params.name).expect.string().required().qed();
+	if (nameErr) return rej('invalid name param');
 
 	// Get 'description' parameter
-	const description = params.description;
-	if (description == null || description == '') {
-		return rej('description is required');
-	}
+	const [description, descriptionErr] = it(params.description).expect.string().required().qed();
+	if (descriptionErr) return rej('invalid description param');
 
 	// Get 'permission' parameter
-	const permission = params.permission;
-	if (permission == null || permission == '') {
-		return rej('permission is required');
-	}
+	const [permission, permissionErr] = it(params.permission).expect.array().unique().allString().required().qed();
+	if (permissionErr) return rej('invalid permission param');
 
 	// Get 'callback_url' parameter
-	let callback = params.callback_url;
-	if (callback === '') {
-		callback = null;
-	}
+	// TODO: Check it is valid url
+	const [callbackUrl, callbackUrlErr] = it(params.callback_url).expect.nullable.string().default(null).qed();
+	if (callbackUrlErr) return rej('invalid callback_url param');
 
 	// Generate secret
 	const secret = rndstr('a-zA-Z0-9', 32);
@@ -118,8 +104,8 @@ module.exports = async (params, user) =>
 		name_id: nameId,
 		name_id_lower: nameId.toLowerCase(),
 		description: description,
-		permission: permission.split(','),
-		callback_url: callback,
+		permission: permission,
+		callback_url: callbackUrl,
 		secret: secret
 	});
 
diff --git a/src/api/endpoints/app/name_id/available.js b/src/api/endpoints/app/name_id/available.ts
index 159d4fff4e..6af18ae83c 100644
--- a/src/api/endpoints/app/name_id/available.js
+++ b/src/api/endpoints/app/name_id/available.ts
@@ -3,7 +3,9 @@
 /**
  * Module dependencies
  */
+import it from '../../../it';
 import App from '../../../models/app';
+import { isValidNameId } from '../../../models/app';
 
 /**
  * @swagger
@@ -44,15 +46,8 @@ module.exports = async (params) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'name_id' parameter
-	const nameId = params.name_id;
-	if (nameId == null || nameId == '') {
-		return rej('name_id is required');
-	}
-
-	// Validate name_id
-	if (!/^[a-zA-Z0-9\-]{3,30}$/.test(nameId)) {
-		return rej('invalid name_id');
-	}
+	const [nameId, nameIdErr] = it(params.name_id).expect.string().required().validate(isValidNameId).qed();
+	if (nameIdErr) return rej('invalid name_id param');
 
 	// Get exist
 	const exist = await App
diff --git a/src/api/endpoints/app/show.js b/src/api/endpoints/app/show.ts
index ab5f6f4562..cfb03bb9e5 100644
--- a/src/api/endpoints/app/show.js
+++ b/src/api/endpoints/app/show.ts
@@ -3,7 +3,7 @@
 /**
  * Module dependencies
  */
-import * as mongo from 'mongodb';
+import it from '../../it';
 import App from '../../models/app';
 import serialize from '../../serializers/app';
 
@@ -50,16 +50,12 @@ module.exports = (params, user, _, isSecure) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'app_id' parameter
-	let appId = params.app_id;
-	if (appId == null || appId == '') {
-		appId = null;
-	}
+	const [appId, appIdErr] = it(params.app_id, 'id');
+	if (appIdErr) return rej('invalid app_id param');
 
 	// Get 'name_id' parameter
-	let nameId = params.name_id;
-	if (nameId == null || nameId == '') {
-		nameId = null;
-	}
+	const [nameId, nameIdErr] = it(params.name_id, 'string');
+	if (nameIdErr) return rej('invalid name_id param');
 
 	if (appId === null && nameId === null) {
 		return rej('app_id or name_id is required');
@@ -67,7 +63,7 @@ module.exports = (params, user, _, isSecure) =>
 
 	// Lookup app
 	const app = appId !== null
-		? await App.findOne({ _id: new mongo.ObjectID(appId) })
+		? await App.findOne({ _id: appId })
 		: await App.findOne({ name_id_lower: nameId.toLowerCase() });
 
 	if (app === null) {
diff --git a/src/api/models/app.ts b/src/api/models/app.ts
index a947d88e4c..bf5dc80c2c 100644
--- a/src/api/models/app.ts
+++ b/src/api/models/app.ts
@@ -7,3 +7,7 @@ const collection = db.get('apps');
 (collection as any).index('secret'); // fuck type definition
 
 export default collection as any; // fuck type definition
+
+export function isValidNameId(nameId: string): boolean {
+	return typeof nameId == 'string' && /^[a-zA-Z0-9\-]{3,30}$/.test(nameId);
+}
diff --git a/src/api/serializers/app.ts b/src/api/serializers/app.ts
index 9a02c5637a..fdeef338d9 100644
--- a/src/api/serializers/app.ts
+++ b/src/api/serializers/app.ts
@@ -21,8 +21,8 @@ export default (
 	app: any,
 	me?: any,
 	options?: {
-		includeSecret: boolean,
-		includeProfileImageIds: boolean
+		includeSecret?: boolean,
+		includeProfileImageIds?: boolean
 	}
 ) => new Promise<any>(async (resolve, reject) => {
 	const opts = options || {
author	syuilo <syuilotan@yahoo.co.jp>	2017-03-03 19:48:00 +0900
committer	syuilo <syuilotan@yahoo.co.jp>	2017-03-03 19:48:00 +0900
commit	f11bdf36b9c75a3e10850e46ef045cf9675ab7f7 (patch)
tree	a72f760e3f1f218f8830326c9ea8bea0289bc23d /src/api
parent	wip (diff)
download	sharkey-f11bdf36b9c75a3e10850e46ef045cf9675ab7f7.tar.gz sharkey-f11bdf36b9c75a3e10850e46ef045cf9675ab7f7.tar.bz2 sharkey-f11bdf36b9c75a3e10850e46ef045cf9675ab7f7.zip