Added validators
This commit is contained in:
Naida Vatric
@@ -3,7 +3,6 @@ const express=require('express');
|
|||||||
const cors= require('cors');
|
const cors= require('cors');
|
||||||
const bodyParser= require('body-parser');
|
const bodyParser= require('body-parser');
|
||||||
const knex= require ('knex');
|
const knex= require ('knex');
|
||||||
const { check, validationResult } = require('express-validator');
|
|
||||||
|
|
||||||
const app=express();
|
const app=express();
|
||||||
//Enabling CORS
|
//Enabling CORS
|
||||||
@@ -28,6 +27,8 @@ const addpermission= require('./endpoints/addpermission');
|
|||||||
const clearpermissions= require('./endpoints/clearpermissions');
|
const clearpermissions= require('./endpoints/clearpermissions');
|
||||||
const testuserperm= require('./endpoints/testuserperm');
|
const testuserperm= require('./endpoints/testuserperm');
|
||||||
const querypermiss= require('./endpoints/querypermiss');
|
const querypermiss= require('./endpoints/querypermiss');
|
||||||
|
//Requiremenst for input data validation
|
||||||
|
const { addUserValidationRules, addPermissionValidationRules, validate, } = require('./validators/validator')
|
||||||
|
|
||||||
//Checking basics
|
//Checking basics
|
||||||
app.get('/', (req, res) => {
|
app.get('/', (req, res) => {
|
||||||
@@ -35,15 +36,7 @@ app.get('/', (req, res) => {
|
|||||||
})
|
})
|
||||||
|
|
||||||
//Call for adding a user to a group
|
//Call for adding a user to a group
|
||||||
app.post('/addusertogroup', [
|
app.post('/addusertogroup', addUserValidationRules(), validate, (req, res) => {
|
||||||
//Simple input validation with express-validator
|
|
||||||
check('reqgroup').isAlphanumeric().isLength({min:3}),
|
|
||||||
check('requser').isAlphanumeric().isLength({min:3})
|
|
||||||
], (req, res) => {
|
|
||||||
const errors = validationResult(req)
|
|
||||||
if (!errors.isEmpty()) {
|
|
||||||
return res.status(422).json('Incorrect input data. Can not add an user.');
|
|
||||||
}
|
|
||||||
addusertogroup.handleAddUserToGroup(req, res, db)});
|
addusertogroup.handleAddUserToGroup(req, res, db)});
|
||||||
|
|
||||||
//Call for clearing all users from group
|
//Call for clearing all users from group
|
||||||
@@ -52,24 +45,7 @@ app.post('/cleargroup', (req,res) => {
|
|||||||
});
|
});
|
||||||
|
|
||||||
//Call for adding a permission to a user or group
|
//Call for adding a permission to a user or group
|
||||||
app.post('/addpermission', [
|
app.post('/addpermission', addPermissionValidationRules(), validate, (req, res) => {
|
||||||
//Simple input validation with express-validator
|
|
||||||
check('reqowner').isAlphanumeric().isLength({min:3}),
|
|
||||||
//check('reqobjname').isAlphanumeric().isLength({min:3}),
|
|
||||||
check('reqtype').isAlphanumeric().isLength({min:3}),
|
|
||||||
check('reqownertype').custom((value, {req, loc, pah}) => {
|
|
||||||
if (value.toLowerCase()==='group' || value.toLowerCase()==='user') {
|
|
||||||
return value;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
})
|
|
||||||
], (req, res) => {
|
|
||||||
const errors = validationResult(req)
|
|
||||||
if (!errors.isEmpty()) {
|
|
||||||
return res.status(422).json('Incorrect input data. Can not add a permission.');
|
|
||||||
}
|
|
||||||
addpermission.handleAddPermission(req, res, db)});
|
addpermission.handleAddPermission(req, res, db)});
|
||||||
|
|
||||||
//Call for clearing all permissions from user or group
|
//Call for clearing all permissions from user or group
|
||||||
|
|||||||
49
validators/validator.js
Normal file
49
validators/validator.js
Normal file
@@ -0,0 +1,49 @@
|
|||||||
|
//Help file with needed validators for API calls
|
||||||
|
|
||||||
|
const { body, validationResult } = require('express-validator')
|
||||||
|
|
||||||
|
//Validation rules function for call of adding user to group
|
||||||
|
const addUserValidationRules = () => {
|
||||||
|
return [
|
||||||
|
//Groupname min character length is 3 and no special characters in name
|
||||||
|
body('reqgroup').isAlphanumeric().isLength({min:3}),
|
||||||
|
//Username min character length is 3 and no special characters in name
|
||||||
|
body('requser').isAlphanumeric().isLength({min:3})
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
||||||
|
//Validation rules function for call of adding permission to a user or group
|
||||||
|
const addPermissionValidationRules = () => {
|
||||||
|
return [
|
||||||
|
//Group or user name min character length is 3 and no special characters in name
|
||||||
|
body('reqowner').isAlphanumeric().isLength({min:3}),
|
||||||
|
//Object name min character length is 3
|
||||||
|
body('reqobjname').isLength({min:3}),
|
||||||
|
//Permission type min character length is 3 and no special characters
|
||||||
|
body('reqtype').isAlphanumeric().isLength({min:3}),
|
||||||
|
//Owner type can be user or group
|
||||||
|
body('reqownertype').custom((value, {req, loc, pah}) => {
|
||||||
|
if (value.toLowerCase()==='group' || value.toLowerCase()==='user') {
|
||||||
|
return value;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
]
|
||||||
|
}
|
||||||
|
//Function to perform validation
|
||||||
|
const validate = (req, res, next) => {
|
||||||
|
const errors = validationResult(req)
|
||||||
|
if (errors.isEmpty()) {
|
||||||
|
return next();
|
||||||
|
}
|
||||||
|
return res.status(422).json('Error! Incorrect input data!');
|
||||||
|
}
|
||||||
|
|
||||||
|
module.exports = {
|
||||||
|
addUserValidationRules,
|
||||||
|
addPermissionValidationRules,
|
||||||
|
validate,
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user