wip

f11bdf36 · syuilo · d1557bca · f11bdf36 · f11bdf36 · f11bdf36
Commit f11bdf36 authored 8 years ago by syuilo
--- a/src/api/endpoints/app/create.js
+++ b/src/api/endpoints/app/create.js
@@ -4,7 +4,9 @@
 * Module dependencies
 */
 import rndstr from 'rndstr';
+import it from '../../it';
 import App from '../../models/app';
+import { isValidNameId } from '../../models/app';
 import serialize from '../../serializers/app';

 /**
@@ -71,41 +73,25 @@ module.exports = async (params, user) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'name_id' parameter
-	const nameId = params.name_id;
-	if (nameId == null) {
-		return rej('name_id is required');
-	} else if (typeof nameId != 'string') {
-		return rej('name_id must be a string');
-	}
-
-	// Validate name_id
-	if (!/^[a-zA-Z0-9\-]{3,30}$/.test(nameId)) {
-		return rej('invalid name_id');
-	}
+	const [nameId, nameIdErr] = it(params.name_id).expect.string().required().validate(isValidNameId).qed();
+	if (nameIdErr) return rej('invalid name_id param');

 	// Get 'name' parameter
-	const name = params.name;
-	if (name == null || name == '') {
-		return rej('name is required');
-	}
+	const [name, nameErr] = it(params.name).expect.string().required().qed();
+	if (nameErr) return rej('invalid name param');

 	// Get 'description' parameter
-	const description = params.description;
-	if (description == null || description == '') {
-		return rej('description is required');
-	}
+	const [description, descriptionErr] = it(params.description).expect.string().required().qed();
+	if (descriptionErr) return rej('invalid description param');

 	// Get 'permission' parameter
-	const permission = params.permission;
-	if (permission == null || permission == '') {
-		return rej('permission is required');
-	}
+	const [permission, permissionErr] = it(params.permission).expect.array().unique().allString().required().qed();
+	if (permissionErr) return rej('invalid permission param');

 	// Get 'callback_url' parameter
-	let callback = params.callback_url;
-	if (callback === '') {
-		callback = null;
-	}
+	// TODO: Check it is valid url
+	const [callbackUrl, callbackUrlErr] = it(params.callback_url).expect.nullable.string().default(null).qed();
+	if (callbackUrlErr) return rej('invalid callback_url param');

 	// Generate secret
 	const secret = rndstr('a-zA-Z0-9', 32);
@@ -118,8 +104,8 @@ module.exports = async (params, user) =>
 		name_id: nameId,
 		name_id_lower: nameId.toLowerCase(),
 		description: description,
-		permission: permission.split(','),
-		callback_url: callback,
+		permission: permission,
+		callback_url: callbackUrl,
 		secret: secret
 	});


--- a/src/api/endpoints/app/name_id/available.js
+++ b/src/api/endpoints/app/name_id/available.js
@@ -3,7 +3,9 @@
 /**
 * Module dependencies
 */
+import it from '../../../it';
 import App from '../../../models/app';
+import { isValidNameId } from '../../../models/app';

 /**
 * @swagger
@@ -44,15 +46,8 @@ module.exports = async (params) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'name_id' parameter
-	const nameId = params.name_id;
-	if (nameId == null || nameId == '') {
-		return rej('name_id is required');
-	}
-
-	// Validate name_id
-	if (!/^[a-zA-Z0-9\-]{3,30}$/.test(nameId)) {
-		return rej('invalid name_id');
-	}
+	const [nameId, nameIdErr] = it(params.name_id).expect.string().required().validate(isValidNameId).qed();
+	if (nameIdErr) return rej('invalid name_id param');

 	// Get exist
 	const exist = await App

--- a/src/api/endpoints/app/show.js
+++ b/src/api/endpoints/app/show.js
@@ -3,7 +3,7 @@
 /**
 * Module dependencies
 */
-import * as mongo from 'mongodb';
+import it from '../../it';
 import App from '../../models/app';
 import serialize from '../../serializers/app';

@@ -50,16 +50,12 @@ module.exports = (params, user, _, isSecure) =>
 	new Promise(async (res, rej) =>
 {
 	// Get 'app_id' parameter
-	let appId = params.app_id;
-	if (appId == null || appId == '') {
-		appId = null;
-	}
+	const [appId, appIdErr] = it(params.app_id, 'id');
+	if (appIdErr) return rej('invalid app_id param');

 	// Get 'name_id' parameter
-	let nameId = params.name_id;
-	if (nameId == null || nameId == '') {
-		nameId = null;
-	}
+	const [nameId, nameIdErr] = it(params.name_id, 'string');
+	if (nameIdErr) return rej('invalid name_id param');

 	if (appId === null && nameId === null) {
 		return rej('app_id or name_id is required');
@@ -67,7 +63,7 @@ module.exports = (params, user, _, isSecure) =>

 	// Lookup app
 	const app = appId !== null
-		? await App.findOne({ _id: new mongo.ObjectID(appId) })
+		? await App.findOne({ _id: appId })
 		: await App.findOne({ name_id_lower: nameId.toLowerCase() });

 	if (app === null) {

--- a/src/api/models/app.ts
+++ b/src/api/models/app.ts
@@ -7,3 +7,7 @@ const collection = db.get('apps');
 (collection as any).index('secret'); // fuck type definition

 export default collection as any; // fuck type definition
+
+export function isValidNameId(nameId: string): boolean {
+	return typeof nameId == 'string' && /^[a-zA-Z0-9\-]{3,30}$/.test(nameId);
+}
--- a/src/api/serializers/app.ts
+++ b/src/api/serializers/app.ts
@@ -21,8 +21,8 @@ export default (
 	app: any,
 	me?: any,
 	options?: {
-		includeSecret: boolean,
-		includeProfileImageIds: boolean
+		includeSecret?: boolean,
+		includeProfileImageIds?: boolean
 	}
 ) => new Promise<any>(async (resolve, reject) => {
 	const opts = options || {