aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--server.js8
-rw-r--r--server/helpers/custom-validators/index.js2
-rw-r--r--server/helpers/custom-validators/misc.js11
-rw-r--r--server/helpers/custom-validators/pods.js21
-rw-r--r--server/middlewares/validators/pods.js29
-rw-r--r--server/tests/api/check-params.js109
6 files changed, 105 insertions, 75 deletions
diff --git a/server.js b/server.js
index d38c5830f..676597fae 100644
--- a/server.js
+++ b/server.js
@@ -53,7 +53,13 @@ app.use(bodyParser.json())
53app.use(bodyParser.urlencoded({ extended: false })) 53app.use(bodyParser.urlencoded({ extended: false }))
54// Validate some params for the API 54// Validate some params for the API
55app.use(expressValidator({ 55app.use(expressValidator({
56 customValidators: Object.assign({}, customValidators.misc, customValidators.users, customValidators.videos) 56 customValidators: Object.assign(
57 {},
58 customValidators.misc,
59 customValidators.pods,
60 customValidators.users,
61 customValidators.videos
62 )
57})) 63}))
58 64
59// ----------- Views, routes and static files ----------- 65// ----------- Views, routes and static files -----------
diff --git a/server/helpers/custom-validators/index.js b/server/helpers/custom-validators/index.js
index ab3066822..96b5b20b9 100644
--- a/server/helpers/custom-validators/index.js
+++ b/server/helpers/custom-validators/index.js
@@ -1,11 +1,13 @@
1'use strict' 1'use strict'
2 2
3const miscValidators = require('./misc') 3const miscValidators = require('./misc')
4const podsValidators = require('./pods')
4const usersValidators = require('./users') 5const usersValidators = require('./users')
5const videosValidators = require('./videos') 6const videosValidators = require('./videos')
6 7
7const validators = { 8const validators = {
8 misc: miscValidators, 9 misc: miscValidators,
10 pods: podsValidators,
9 users: usersValidators, 11 users: usersValidators,
10 videos: videosValidators 12 videos: videosValidators
11} 13}
diff --git a/server/helpers/custom-validators/misc.js b/server/helpers/custom-validators/misc.js
index 13904ea1b..782ae3dee 100644
--- a/server/helpers/custom-validators/misc.js
+++ b/server/helpers/custom-validators/misc.js
@@ -1,11 +1,8 @@
1'use strict' 1'use strict'
2 2
3const validator = require('express-validator').validator
4
5const miscValidators = { 3const miscValidators = {
6 exists: exists, 4 exists: exists,
7 isArray: isArray, 5 isArray: isArray
8 isEachUrl: isEachUrl
9} 6}
10 7
11function exists (value) { 8function exists (value) {
@@ -16,12 +13,6 @@ function isArray (value) {
16 return Array.isArray(value) 13 return Array.isArray(value)
17} 14}
18 15
19function isEachUrl (urls) {
20 return urls.every(function (url) {
21 return validator.isURL(url)
22 })
23}
24
25// --------------------------------------------------------------------------- 16// ---------------------------------------------------------------------------
26 17
27module.exports = miscValidators 18module.exports = miscValidators
diff --git a/server/helpers/custom-validators/pods.js b/server/helpers/custom-validators/pods.js
new file mode 100644
index 000000000..28d04a05d
--- /dev/null
+++ b/server/helpers/custom-validators/pods.js
@@ -0,0 +1,21 @@
1'use strict'
2
3const validator = require('express-validator').validator
4
5const miscValidators = require('./misc')
6
7const podsValidators = {
8 isEachUniqueUrlValid: isEachUniqueUrlValid
9}
10
11function isEachUniqueUrlValid (urls) {
12 return miscValidators.isArray(urls) &&
13 urls.length !== 0 &&
14 urls.every(function (url) {
15 return validator.isURL(url) && urls.indexOf(url) === urls.lastIndexOf(url)
16 })
17}
18
19// ---------------------------------------------------------------------------
20
21module.exports = podsValidators
diff --git a/server/middlewares/validators/pods.js b/server/middlewares/validators/pods.js
index 7c4d04aff..3c605c45e 100644
--- a/server/middlewares/validators/pods.js
+++ b/server/middlewares/validators/pods.js
@@ -10,23 +10,24 @@ const validatorsPod = {
10} 10}
11 11
12function makeFriends (req, res, next) { 12function makeFriends (req, res, next) {
13 req.checkBody('urls', 'Should have an array of urls').isArray() 13 req.checkBody('urls', 'Should have an array of unique urls').isEachUniqueUrlValid()
14 req.checkBody('urls', 'Should be an url').isEachUrl()
15 14
16 logger.debug('Checking makeFriends parameters', { parameters: req.body }) 15 logger.debug('Checking makeFriends parameters', { parameters: req.body })
17 16
18 friends.hasFriends(function (err, hasFriends) { 17 checkErrors(req, res, function () {
19 if (err) { 18 friends.hasFriends(function (err, hasFriends) {
20 logger.error('Cannot know if we have friends.', { error: err }) 19 if (err) {
21 res.sendStatus(500) 20 logger.error('Cannot know if we have friends.', { error: err })
22 } 21 res.sendStatus(500)
23 22 }
24 if (hasFriends === true) { 23
25 // We need to quit our friends before make new ones 24 if (hasFriends === true) {
26 res.sendStatus(409) 25 // We need to quit our friends before make new ones
27 } else { 26 res.sendStatus(409)
28 return next() 27 } else {
29 } 28 return next()
29 }
30 })
30 }) 31 })
31} 32}
32 33
diff --git a/server/tests/api/check-params.js b/server/tests/api/check-params.js
index ec666417c..4f7b26561 100644
--- a/server/tests/api/check-params.js
+++ b/server/tests/api/check-params.js
@@ -44,50 +44,7 @@ describe('Test parameters validator', function () {
44 describe('Of the pods API', function () { 44 describe('Of the pods API', function () {
45 const path = '/api/v1/pods/' 45 const path = '/api/v1/pods/'
46 46
47 describe('When adding a pod', function () { 47 describe('When making friends', function () {
48 it('Should fail with nothing', function (done) {
49 const data = {}
50 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
51 })
52
53 it('Should fail without public key', function (done) {
54 const data = {
55 url: 'http://coucou.com'
56 }
57 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
58 })
59
60 it('Should fail without an url', function (done) {
61 const data = {
62 publicKey: 'mysuperpublickey'
63 }
64 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
65 })
66
67 it('Should fail with an incorrect url', function (done) {
68 const data = {
69 url: 'coucou.com',
70 publicKey: 'mysuperpublickey'
71 }
72 requestsUtils.makePostBodyRequest(server.url, path, null, data, function () {
73 data.url = 'http://coucou'
74 requestsUtils.makePostBodyRequest(server.url, path, null, data, function () {
75 data.url = 'coucou'
76 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
77 })
78 })
79 })
80
81 it('Should succeed with the correct parameters', function (done) {
82 const data = {
83 url: 'http://coucou.com',
84 publicKey: 'mysuperpublickey'
85 }
86 requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 200)
87 })
88 })
89
90 describe('For the friends API', function () {
91 let userAccessToken = null 48 let userAccessToken = null
92 49
93 before(function (done) { 50 before(function (done) {
@@ -115,27 +72,36 @@ describe('Test parameters validator', function () {
115 it('Should fail without urls', function (done) { 72 it('Should fail without urls', function (done) {
116 request(server.url) 73 request(server.url)
117 .post(path + '/makefriends') 74 .post(path + '/makefriends')
118 .set('Authorization', 'Bearer faketoken') 75 .set('Authorization', 'Bearer ' + server.accessToken)
119 .set('Accept', 'application/json') 76 .set('Accept', 'application/json')
120 .expect(401, done) 77 .expect(400, done)
121 }) 78 })
122 79
123 it('Should fail with urls is not an array', function (done) { 80 it('Should fail with urls is not an array', function (done) {
124 request(server.url) 81 request(server.url)
125 .post(path + '/makefriends') 82 .post(path + '/makefriends')
126 .send({ urls: 'http://localhost:9002' }) 83 .send({ urls: 'http://localhost:9002' })
127 .set('Authorization', 'Bearer faketoken') 84 .set('Authorization', 'Bearer ' + server.accessToken)
128 .set('Accept', 'application/json') 85 .set('Accept', 'application/json')
129 .expect(401, done) 86 .expect(400, done)
130 }) 87 })
131 88
132 it('Should fail if the array is not composed by urls', function (done) { 89 it('Should fail if the array is not composed by urls', function (done) {
133 request(server.url) 90 request(server.url)
134 .post(path + '/makefriends') 91 .post(path + '/makefriends')
135 .send({ urls: [ 'http://localhost:9002', 'localhost:coucou' ] }) 92 .send({ urls: [ 'http://localhost:9002', 'localhost:coucou' ] })
136 .set('Authorization', 'Bearer faketoken') 93 .set('Authorization', 'Bearer ' + server.accessToken)
137 .set('Accept', 'application/json') 94 .set('Accept', 'application/json')
138 .expect(401, done) 95 .expect(400, done)
96 })
97
98 it('Should fail if urls are not unique', function (done) {
99 request(server.url)
100 .post(path + '/makefriends')
101 .send({ urls: [ 'http://localhost:9002', 'http://localhost:9002' ] })
102 .set('Authorization', 'Bearer ' + server.accessToken)
103 .set('Accept', 'application/json')
104 .expect(400, done)
139 }) 105 })
140 106
141 it('Should fail with a invalid token', function (done) { 107 it('Should fail with a invalid token', function (done) {
@@ -177,6 +143,49 @@ describe('Test parameters validator', function () {
177 }) 143 })
178 }) 144 })
179 }) 145 })
146
147 describe('When adding a pod', function () {
148 it('Should fail with nothing', function (done) {
149 const data = {}
150 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
151 })
152
153 it('Should fail without public key', function (done) {
154 const data = {
155 url: 'http://coucou.com'
156 }
157 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
158 })
159
160 it('Should fail without an url', function (done) {
161 const data = {
162 publicKey: 'mysuperpublickey'
163 }
164 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
165 })
166
167 it('Should fail with an incorrect url', function (done) {
168 const data = {
169 url: 'coucou.com',
170 publicKey: 'mysuperpublickey'
171 }
172 requestsUtils.makePostBodyRequest(server.url, path, null, data, function () {
173 data.url = 'http://coucou'
174 requestsUtils.makePostBodyRequest(server.url, path, null, data, function () {
175 data.url = 'coucou'
176 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
177 })
178 })
179 })
180
181 it('Should succeed with the correct parameters', function (done) {
182 const data = {
183 url: 'http://coucou.com',
184 publicKey: 'mysuperpublickey'
185 }
186 requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 200)
187 })
188 })
180 }) 189 })
181 190
182 describe('Of the videos API', function () { 191 describe('Of the videos API', function () {