From e12cff2594a9ff76f19e4c5f89a93a84854f3a19 Mon Sep 17 00:00:00 2001
From: Damien <damien.armillon@gmail.com>
Date: Sun, 28 Apr 2019 22:43:46 +0200
Subject: [PATCH] =?UTF-8?q?V=C3=A9rification=20des=20entr=C3=A9es=20avec?=
=?UTF-8?q?=20celebrate?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
backend/package.json | 1 +
backend/routes/routesToucan.js | 52 ++++++++++++++++++----------------
backend/utils/schema.js | 10 +++++++
backend/yarn.lock | 43 +++++++++++++++++++++++++++-
4 files changed, 81 insertions(+), 25 deletions(-)
create mode 100644 backend/utils/schema.js
diff --git a/backend/package.json b/backend/package.json
index 10d4f1a..31bf8b9 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -7,6 +7,7 @@
"license": "MIT",
"dependencies": {
"body-parser": "^1.18.3",
+ "celebrate": "^9.1.0",
"express": "^4.16.4",
"mongoose": "^5.5.3"
}
diff --git a/backend/routes/routesToucan.js b/backend/routes/routesToucan.js
index 83a4af3..c8fb8d7 100644
--- a/backend/routes/routesToucan.js
+++ b/backend/routes/routesToucan.js
@@ -1,6 +1,8 @@
var express = require("express");
var fs = require("fs");
var path = require("path");
+var { celebrate } = require("celebrate");
+var { newToucan, validId } = require("../utils/schema");
var env = require("../.env");
var upload = require("../utils/fileSaver");
var Toucan = require("../models/modelToucan");
@@ -19,45 +21,47 @@ router.route("/toucans")
}
});
})
+
// Une route pour créer un toucan
- .post(upload.fields([{name:"toucan", maxCount:1 }, {name:"cover", maxCount:1 }]),function(req,res) {
- var toucan = new Toucan(req.body);
- var id = (toucan._id).toString();
- var index;
- // On renome les fichier avec la clé de l'entrée dans la database
- for (index in req.files) {
- var file = req.files[index][0];
- var extension = path.extname(file.path);
- var newPath = file.destination+"/"+id+extension;
- fs.rename(file.path,newPath, err => {
+ .post(
+ upload.fields([{name:"toucan", maxCount:1 }, {name:"cover", maxCount:1 }]),
+ celebrate({body:newToucan}),
+ function(req,res) {
+ var toucan = new Toucan(req.body);
+ var id = (toucan._id).toString();
+ var index;
+ // On renome les fichier avec la clé de l'entrée dans la database
+ for (index in req.files) {
+ var file = req.files[index][0];
+ var extension = path.extname(file.path);
+ var newPath = file.destination+"/"+id+extension;
+ fs.rename(file.path,newPath, err => {
+ if (err) {
+ res.err(err);
+ }
+ });
+ }
+ toucan.save(function(err) {
if (err) {
- res.err(err);
+ res.send(err);
+ } else {
+ res.send({message: "Toucan ajouté !", id: id});
}
});
- }
- toucan.save(function(err) {
- if (err) {
- res.send(err);
- } else {
- res.send({message: "Toucan ajouté !", id: id});
- }
});
- });
router.route("/pdf/:id")
- .get(function (req,res) {
- //var pdfPath= path.join(env.savedExtensions[1].path,"/",req.params.id,".pdf");
+ .get(celebrate({params: validId}), function (req,res) {
var pdfPath = path.format({
dir: env.savedExtensions[1].path,
name: req.params.id,
ext: ".pdf"
});
- console.log(pdfPath);
res.sendFile(pdfPath);
});
router.route("/img/:id")
- .get(function(req,res) {
+ .get(celebrate({params: validId}),function(req,res) {
var imgPath = path.join(env.savedExtensions[0].path,"/",req.params.id);
var fileKnown = false;
env.savedExtensions[0].extensions.forEach(ext => {
@@ -67,7 +71,7 @@ router.route("/img/:id")
}
});
if (fileKnown) {
- res.sendfile(imgPath);
+ res.sendFile(imgPath);
} else {
res.send(404,"Image non trouvée");
}
diff --git a/backend/utils/schema.js b/backend/utils/schema.js
new file mode 100644
index 0000000..e053b50
--- /dev/null
+++ b/backend/utils/schema.js
@@ -0,0 +1,10 @@
+var { Joi } = require("celebrate");
+
+var newToucan = Joi.object({
+ title: Joi.string().alphanum().required(),
+ date: Joi.date().required()
+});
+
+var validId = Joi.object({id: Joi.string().hex().length(24)});
+
+module.exports = { newToucan, validId };
\ No newline at end of file
diff --git a/backend/yarn.lock b/backend/yarn.lock
index 320d54b..269d36e 100644
--- a/backend/yarn.lock
+++ b/backend/yarn.lock
@@ -53,6 +53,14 @@ bytes@3.0.0:
resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.0.0.tgz#d32815404d689699f85a4ea4fa8755dd13a96048"
integrity sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg=
+celebrate@^9.1.0:
+ version "9.1.0"
+ resolved "https://registry.yarnpkg.com/celebrate/-/celebrate-9.1.0.tgz#cf5870729100d741c88ade891d6b5ccd15d7b496"
+ integrity sha512-QFVB7HazVEWUFbzyHkzw/f1Mq9Zg6uJ4MYcpl/Snpfa9wkUHn//HUlMvN0BWyZyc/X09HczNGnLBwSQFtMz1QQ==
+ dependencies:
+ escape-html "1.0.3"
+ joi "14.x.x"
+
content-disposition@0.5.2:
version "0.5.2"
resolved "https://registry.yarnpkg.com/content-disposition/-/content-disposition-0.5.2.tgz#0cf68bb9ddf5f2be7961c3a85178cb85dba78cb4"
@@ -107,7 +115,7 @@ encodeurl@~1.0.2:
resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59"
integrity sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=
-escape-html@~1.0.3:
+escape-html@1.0.3, escape-html@~1.0.3:
version "1.0.3"
resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988"
integrity sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg=
@@ -176,6 +184,11 @@ fresh@0.5.2:
resolved "https://registry.yarnpkg.com/fresh/-/fresh-0.5.2.tgz#3d8cadd90d976569fa835ab1f8e4b23a105605a7"
integrity sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac=
+hoek@6.x.x:
+ version "6.1.3"
+ resolved "https://registry.yarnpkg.com/hoek/-/hoek-6.1.3.tgz#73b7d33952e01fe27a38b0457294b79dd8da242c"
+ integrity sha512-YXXAAhmF9zpQbC7LEcREFtXfGq5K1fmd+4PHkBq8NUqmzW3G+Dq10bI/i0KucLRwss3YYFQ0fSfoxBZYiGUqtQ==
+
http-errors@1.6.3, http-errors@~1.6.2, http-errors@~1.6.3:
version "1.6.3"
resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-1.6.3.tgz#8b55680bb4be283a0b5bf4ea2e38580be1d9320d"
@@ -203,6 +216,22 @@ ipaddr.js@1.9.0:
resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.9.0.tgz#37df74e430a0e47550fe54a2defe30d8acd95f65"
integrity sha512-M4Sjn6N/+O6/IXSJseKqHoFc+5FdGJ22sXqnjTpdZweHK64MzEPAyQZyEU3R/KRv2GLoa7nNtg/C2Ev6m7z+eA==
+isemail@3.x.x:
+ version "3.2.0"
+ resolved "https://registry.yarnpkg.com/isemail/-/isemail-3.2.0.tgz#59310a021931a9fb06bbb51e155ce0b3f236832c"
+ integrity sha512-zKqkK+O+dGqevc93KNsbZ/TqTUFd46MwWjYOoMrjIMZ51eU7DtQG3Wmd9SQQT7i7RVnuTPEiYEWHU3MSbxC1Tg==
+ dependencies:
+ punycode "2.x.x"
+
+joi@14.x.x:
+ version "14.3.1"
+ resolved "https://registry.yarnpkg.com/joi/-/joi-14.3.1.tgz#164a262ec0b855466e0c35eea2a885ae8b6c703c"
+ integrity sha512-LQDdM+pkOrpAn4Lp+neNIFV3axv1Vna3j38bisbQhETPMANYRbFJFUyOZcOClYvM/hppMhGWuKSFEK9vjrB+bQ==
+ dependencies:
+ hoek "6.x.x"
+ isemail "3.x.x"
+ topo "3.x.x"
+
kareem@2.3.0:
version "2.3.0"
resolved "https://registry.yarnpkg.com/kareem/-/kareem-2.3.0.tgz#ef33c42e9024dce511eeaf440cd684f3af1fc769"
@@ -349,6 +378,11 @@ proxy-addr@~2.0.4:
forwarded "~0.1.2"
ipaddr.js "1.9.0"
+punycode@2.x.x:
+ version "2.1.1"
+ resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec"
+ integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==
+
qs@6.5.2:
version "6.5.2"
resolved "https://registry.yarnpkg.com/qs/-/qs-6.5.2.tgz#cb3ae806e8740444584ef154ce8ee98d403f3e36"
@@ -470,6 +504,13 @@ statuses@~1.4.0:
resolved "https://registry.yarnpkg.com/statuses/-/statuses-1.4.0.tgz#bb73d446da2796106efcc1b601a253d6c46bd087"
integrity sha512-zhSCtt8v2NDrRlPQpCNtw/heZLtfUDqxBM1udqikb/Hbk52LK4nQSwr10u77iopCW5LsyHpuXS0GnEc48mLeew==
+topo@3.x.x:
+ version "3.0.3"
+ resolved "https://registry.yarnpkg.com/topo/-/topo-3.0.3.tgz#d5a67fb2e69307ebeeb08402ec2a2a6f5f7ad95c"
+ integrity sha512-IgpPtvD4kjrJ7CRA3ov2FhWQADwv+Tdqbsf1ZnPUSAtCJ9e1Z44MmoSGDXGk4IppoZA7jd/QRkNddlLJWlUZsQ==
+ dependencies:
+ hoek "6.x.x"
+
type-is@~1.6.16:
version "1.6.16"
resolved "https://registry.yarnpkg.com/type-is/-/type-is-1.6.16.tgz#f89ce341541c672b25ee7ae3c73dee3b2be50194"
--
GitLab