diff options
-rw-r--r-- | server.js | 8 | ||||
-rw-r--r-- | server/helpers/custom-validators/index.js | 2 | ||||
-rw-r--r-- | server/helpers/custom-validators/misc.js | 11 | ||||
-rw-r--r-- | server/helpers/custom-validators/pods.js | 21 | ||||
-rw-r--r-- | server/middlewares/validators/pods.js | 29 | ||||
-rw-r--r-- | server/tests/api/check-params.js | 109 |
6 files changed, 105 insertions, 75 deletions
@@ -53,7 +53,13 @@ app.use(bodyParser.json()) | |||
53 | app.use(bodyParser.urlencoded({ extended: false })) | 53 | app.use(bodyParser.urlencoded({ extended: false })) |
54 | // Validate some params for the API | 54 | // Validate some params for the API |
55 | app.use(expressValidator({ | 55 | app.use(expressValidator({ |
56 | customValidators: Object.assign({}, customValidators.misc, customValidators.users, customValidators.videos) | 56 | customValidators: Object.assign( |
57 | {}, | ||
58 | customValidators.misc, | ||
59 | customValidators.pods, | ||
60 | customValidators.users, | ||
61 | customValidators.videos | ||
62 | ) | ||
57 | })) | 63 | })) |
58 | 64 | ||
59 | // ----------- Views, routes and static files ----------- | 65 | // ----------- Views, routes and static files ----------- |
diff --git a/server/helpers/custom-validators/index.js b/server/helpers/custom-validators/index.js index ab3066822..96b5b20b9 100644 --- a/server/helpers/custom-validators/index.js +++ b/server/helpers/custom-validators/index.js | |||
@@ -1,11 +1,13 @@ | |||
1 | 'use strict' | 1 | 'use strict' |
2 | 2 | ||
3 | const miscValidators = require('./misc') | 3 | const miscValidators = require('./misc') |
4 | const podsValidators = require('./pods') | ||
4 | const usersValidators = require('./users') | 5 | const usersValidators = require('./users') |
5 | const videosValidators = require('./videos') | 6 | const videosValidators = require('./videos') |
6 | 7 | ||
7 | const validators = { | 8 | const validators = { |
8 | misc: miscValidators, | 9 | misc: miscValidators, |
10 | pods: podsValidators, | ||
9 | users: usersValidators, | 11 | users: usersValidators, |
10 | videos: videosValidators | 12 | videos: videosValidators |
11 | } | 13 | } |
diff --git a/server/helpers/custom-validators/misc.js b/server/helpers/custom-validators/misc.js index 13904ea1b..782ae3dee 100644 --- a/server/helpers/custom-validators/misc.js +++ b/server/helpers/custom-validators/misc.js | |||
@@ -1,11 +1,8 @@ | |||
1 | 'use strict' | 1 | 'use strict' |
2 | 2 | ||
3 | const validator = require('express-validator').validator | ||
4 | |||
5 | const miscValidators = { | 3 | const miscValidators = { |
6 | exists: exists, | 4 | exists: exists, |
7 | isArray: isArray, | 5 | isArray: isArray |
8 | isEachUrl: isEachUrl | ||
9 | } | 6 | } |
10 | 7 | ||
11 | function exists (value) { | 8 | function exists (value) { |
@@ -16,12 +13,6 @@ function isArray (value) { | |||
16 | return Array.isArray(value) | 13 | return Array.isArray(value) |
17 | } | 14 | } |
18 | 15 | ||
19 | function isEachUrl (urls) { | ||
20 | return urls.every(function (url) { | ||
21 | return validator.isURL(url) | ||
22 | }) | ||
23 | } | ||
24 | |||
25 | // --------------------------------------------------------------------------- | 16 | // --------------------------------------------------------------------------- |
26 | 17 | ||
27 | module.exports = miscValidators | 18 | module.exports = miscValidators |
diff --git a/server/helpers/custom-validators/pods.js b/server/helpers/custom-validators/pods.js new file mode 100644 index 000000000..28d04a05d --- /dev/null +++ b/server/helpers/custom-validators/pods.js | |||
@@ -0,0 +1,21 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | const validator = require('express-validator').validator | ||
4 | |||
5 | const miscValidators = require('./misc') | ||
6 | |||
7 | const podsValidators = { | ||
8 | isEachUniqueUrlValid: isEachUniqueUrlValid | ||
9 | } | ||
10 | |||
11 | function isEachUniqueUrlValid (urls) { | ||
12 | return miscValidators.isArray(urls) && | ||
13 | urls.length !== 0 && | ||
14 | urls.every(function (url) { | ||
15 | return validator.isURL(url) && urls.indexOf(url) === urls.lastIndexOf(url) | ||
16 | }) | ||
17 | } | ||
18 | |||
19 | // --------------------------------------------------------------------------- | ||
20 | |||
21 | module.exports = podsValidators | ||
diff --git a/server/middlewares/validators/pods.js b/server/middlewares/validators/pods.js index 7c4d04aff..3c605c45e 100644 --- a/server/middlewares/validators/pods.js +++ b/server/middlewares/validators/pods.js | |||
@@ -10,23 +10,24 @@ const validatorsPod = { | |||
10 | } | 10 | } |
11 | 11 | ||
12 | function makeFriends (req, res, next) { | 12 | function makeFriends (req, res, next) { |
13 | req.checkBody('urls', 'Should have an array of urls').isArray() | 13 | req.checkBody('urls', 'Should have an array of unique urls').isEachUniqueUrlValid() |
14 | req.checkBody('urls', 'Should be an url').isEachUrl() | ||
15 | 14 | ||
16 | logger.debug('Checking makeFriends parameters', { parameters: req.body }) | 15 | logger.debug('Checking makeFriends parameters', { parameters: req.body }) |
17 | 16 | ||
18 | friends.hasFriends(function (err, hasFriends) { | 17 | checkErrors(req, res, function () { |
19 | if (err) { | 18 | friends.hasFriends(function (err, hasFriends) { |
20 | logger.error('Cannot know if we have friends.', { error: err }) | 19 | if (err) { |
21 | res.sendStatus(500) | 20 | logger.error('Cannot know if we have friends.', { error: err }) |
22 | } | 21 | res.sendStatus(500) |
23 | 22 | } | |
24 | if (hasFriends === true) { | 23 | |
25 | // We need to quit our friends before make new ones | 24 | if (hasFriends === true) { |
26 | res.sendStatus(409) | 25 | // We need to quit our friends before make new ones |
27 | } else { | 26 | res.sendStatus(409) |
28 | return next() | 27 | } else { |
29 | } | 28 | return next() |
29 | } | ||
30 | }) | ||
30 | }) | 31 | }) |
31 | } | 32 | } |
32 | 33 | ||
diff --git a/server/tests/api/check-params.js b/server/tests/api/check-params.js index ec666417c..4f7b26561 100644 --- a/server/tests/api/check-params.js +++ b/server/tests/api/check-params.js | |||
@@ -44,50 +44,7 @@ describe('Test parameters validator', function () { | |||
44 | describe('Of the pods API', function () { | 44 | describe('Of the pods API', function () { |
45 | const path = '/api/v1/pods/' | 45 | const path = '/api/v1/pods/' |
46 | 46 | ||
47 | describe('When adding a pod', function () { | 47 | describe('When making friends', function () { |
48 | it('Should fail with nothing', function (done) { | ||
49 | const data = {} | ||
50 | requestsUtils.makePostBodyRequest(server.url, path, null, data, done) | ||
51 | }) | ||
52 | |||
53 | it('Should fail without public key', function (done) { | ||
54 | const data = { | ||
55 | url: 'http://coucou.com' | ||
56 | } | ||
57 | requestsUtils.makePostBodyRequest(server.url, path, null, data, done) | ||
58 | }) | ||
59 | |||
60 | it('Should fail without an url', function (done) { | ||
61 | const data = { | ||
62 | publicKey: 'mysuperpublickey' | ||
63 | } | ||
64 | requestsUtils.makePostBodyRequest(server.url, path, null, data, done) | ||
65 | }) | ||
66 | |||
67 | it('Should fail with an incorrect url', function (done) { | ||
68 | const data = { | ||
69 | url: 'coucou.com', | ||
70 | publicKey: 'mysuperpublickey' | ||
71 | } | ||
72 | requestsUtils.makePostBodyRequest(server.url, path, null, data, function () { | ||
73 | data.url = 'http://coucou' | ||
74 | requestsUtils.makePostBodyRequest(server.url, path, null, data, function () { | ||
75 | data.url = 'coucou' | ||
76 | requestsUtils.makePostBodyRequest(server.url, path, null, data, done) | ||
77 | }) | ||
78 | }) | ||
79 | }) | ||
80 | |||
81 | it('Should succeed with the correct parameters', function (done) { | ||
82 | const data = { | ||
83 | url: 'http://coucou.com', | ||
84 | publicKey: 'mysuperpublickey' | ||
85 | } | ||
86 | requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 200) | ||
87 | }) | ||
88 | }) | ||
89 | |||
90 | describe('For the friends API', function () { | ||
91 | let userAccessToken = null | 48 | let userAccessToken = null |
92 | 49 | ||
93 | before(function (done) { | 50 | before(function (done) { |
@@ -115,27 +72,36 @@ describe('Test parameters validator', function () { | |||
115 | it('Should fail without urls', function (done) { | 72 | it('Should fail without urls', function (done) { |
116 | request(server.url) | 73 | request(server.url) |
117 | .post(path + '/makefriends') | 74 | .post(path + '/makefriends') |
118 | .set('Authorization', 'Bearer faketoken') | 75 | .set('Authorization', 'Bearer ' + server.accessToken) |
119 | .set('Accept', 'application/json') | 76 | .set('Accept', 'application/json') |
120 | .expect(401, done) | 77 | .expect(400, done) |
121 | }) | 78 | }) |
122 | 79 | ||
123 | it('Should fail with urls is not an array', function (done) { | 80 | it('Should fail with urls is not an array', function (done) { |
124 | request(server.url) | 81 | request(server.url) |
125 | .post(path + '/makefriends') | 82 | .post(path + '/makefriends') |
126 | .send({ urls: 'http://localhost:9002' }) | 83 | .send({ urls: 'http://localhost:9002' }) |
127 | .set('Authorization', 'Bearer faketoken') | 84 | .set('Authorization', 'Bearer ' + server.accessToken) |
128 | .set('Accept', 'application/json') | 85 | .set('Accept', 'application/json') |
129 | .expect(401, done) | 86 | .expect(400, done) |
130 | }) | 87 | }) |
131 | 88 | ||
132 | it('Should fail if the array is not composed by urls', function (done) { | 89 | it('Should fail if the array is not composed by urls', function (done) { |
133 | request(server.url) | 90 | request(server.url) |
134 | .post(path + '/makefriends') | 91 | .post(path + '/makefriends') |
135 | .send({ urls: [ 'http://localhost:9002', 'localhost:coucou' ] }) | 92 | .send({ urls: [ 'http://localhost:9002', 'localhost:coucou' ] }) |
136 | .set('Authorization', 'Bearer faketoken') | 93 | .set('Authorization', 'Bearer ' + server.accessToken) |
137 | .set('Accept', 'application/json') | 94 | .set('Accept', 'application/json') |
138 | .expect(401, done) | 95 | .expect(400, done) |
96 | }) | ||
97 | |||
98 | it('Should fail if urls are not unique', function (done) { | ||
99 | request(server.url) | ||
100 | .post(path + '/makefriends') | ||
101 | .send({ urls: [ 'http://localhost:9002', 'http://localhost:9002' ] }) | ||
102 | .set('Authorization', 'Bearer ' + server.accessToken) | ||
103 | .set('Accept', 'application/json') | ||
104 | .expect(400, done) | ||
139 | }) | 105 | }) |
140 | 106 | ||
141 | it('Should fail with a invalid token', function (done) { | 107 | it('Should fail with a invalid token', function (done) { |
@@ -177,6 +143,49 @@ describe('Test parameters validator', function () { | |||
177 | }) | 143 | }) |
178 | }) | 144 | }) |
179 | }) | 145 | }) |
146 | |||
147 | describe('When adding a pod', function () { | ||
148 | it('Should fail with nothing', function (done) { | ||
149 | const data = {} | ||
150 | requestsUtils.makePostBodyRequest(server.url, path, null, data, done) | ||
151 | }) | ||
152 | |||
153 | it('Should fail without public key', function (done) { | ||
154 | const data = { | ||
155 | url: 'http://coucou.com' | ||
156 | } | ||
157 | requestsUtils.makePostBodyRequest(server.url, path, null, data, done) | ||
158 | }) | ||
159 | |||
160 | it('Should fail without an url', function (done) { | ||
161 | const data = { | ||
162 | publicKey: 'mysuperpublickey' | ||
163 | } | ||
164 | requestsUtils.makePostBodyRequest(server.url, path, null, data, done) | ||
165 | }) | ||
166 | |||
167 | it('Should fail with an incorrect url', function (done) { | ||
168 | const data = { | ||
169 | url: 'coucou.com', | ||
170 | publicKey: 'mysuperpublickey' | ||
171 | } | ||
172 | requestsUtils.makePostBodyRequest(server.url, path, null, data, function () { | ||
173 | data.url = 'http://coucou' | ||
174 | requestsUtils.makePostBodyRequest(server.url, path, null, data, function () { | ||
175 | data.url = 'coucou' | ||
176 | requestsUtils.makePostBodyRequest(server.url, path, null, data, done) | ||
177 | }) | ||
178 | }) | ||
179 | }) | ||
180 | |||
181 | it('Should succeed with the correct parameters', function (done) { | ||
182 | const data = { | ||
183 | url: 'http://coucou.com', | ||
184 | publicKey: 'mysuperpublickey' | ||
185 | } | ||
186 | requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 200) | ||
187 | }) | ||
188 | }) | ||
180 | }) | 189 | }) |
181 | 190 | ||
182 | describe('Of the videos API', function () { | 191 | describe('Of the videos API', function () { |