Acasă Explorează Ajutor
Autentificare
wiki
/
weseek__growi
oglindă de https://github.com/weseek/growi
2
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Răsfoiți Sursa

implemented express-validator

shinoka7 6 ani în urmă
părinte
30cda04e97
comite
b1440bdf05
4 a modificat fișierele cu 33 adăugiri și 18 ștergeri
Vedere unificată Arată Statisticile Diff
  1. 1 0
      package.json
  2. 17 13
      src/server/form/comment.js
  3. 6 4
      src/server/routes/comment.js
  4. 9 1
      yarn.lock

+ 1 - 0
package.json
Vizualizați fișierul 

@@ -85,6 +85,7 @@
 
     "express-form": "~0.12.0",
 
     "express-form": "~0.12.0",
 
     "express-sanitizer": "^1.0.4",
 
     "express-sanitizer": "^1.0.4",
 
     "express-session": "^1.16.1",
 
     "express-session": "^1.16.1",
 
+    "express-validator": "^5.3.1",
 
     "express-webpack-assets": "^0.1.0",
 
     "express-webpack-assets": "^0.1.0",
 
     "googleapis": "^39.1.0",
 
     "googleapis": "^39.1.0",
 
     "graceful-fs": "^4.1.11",
 
     "graceful-fs": "^4.1.11",

+ 17 - 13
src/server/form/comment.js
Vizualizați fișierul 

@@ -1,15 +1,19 @@
 
-const form = require('express-form');
 
+const { body } = require('express-validator/check');
 
+const mongoose = require('mongoose');
 
 
 
-const field = form.field;
 
+const ObjectId = mongoose.Schema.Types.ObjectId;
 
+module.exports = [
 
+  body('commentForm.page_id').exists(),
 
+  body('commentForm.revision_id').exists(),
 
+  body('commentForm.comment').exists(),
 
+  body('commentForm.comment_position').isInt(),
 
+  body('commentForm.is_markdown').isBoolean(),
 
+  body('commentForm.replyTo').exists().custom((value) => {
 
+    if (value === '') {
 
+      return undefined;
 
+    }
 
+    return ObjectId(value);
 
+  }),
 
 
 
-module.exports = form(
 
-  field('commentForm.page_id').trim().required(),
 
-  field('commentForm.revision_id').trim().required(),
 
-  field('commentForm.comment').trim().required(),
 
-  field('commentForm.comment_position').trim().toInt(),
 
-  field('commentForm.is_markdown').trim().toBooleanStrict(),
 
-  field('commentForm.replyTo').trim(),
 
-
 
-  field('slackNotificationForm.isSlackEnabled').trim().toBooleanStrict().required(),
 
-  field('slackNotificationForm.slackChannels').trim(),
 
-);
 
+  body('slackNotificationForm.isSlackEnabled').isBoolean().exists(),
 
+];

+ 6 - 4
src/server/routes/comment.js
Vizualizați fișierul 

@@ -61,11 +61,13 @@ module.exports = function(crowi, app) {
 
    * @apiParam {Number} comment_position=-1 Line number of the comment
 
    * @apiParam {Number} comment_position=-1 Line number of the comment
 
    */
 
    */
 
   api.add = async function(req, res) {
 
   api.add = async function(req, res) {
 
-    const commentForm = req.form.commentForm;
 
-    const slackNotificationForm = req.form.slackNotificationForm;
 
+    const { commentForm, slackNotificationForm } = req.body;
 
+    const { validationResult } = require('express-validator/check');
 
 
 
-    if (!req.form.isValid) {
 
+    const errors = validationResult(req.body);
 
+    if (!errors.isEmpty()) {
 
       // return res.json(ApiResponse.error('Invalid comment.'));
 
       // return res.json(ApiResponse.error('Invalid comment.'));
 
+      // return res.status(422).json({ errors: errors.array() });
 
       return res.json(ApiResponse.error('コメントを入力してください。'));
 
       return res.json(ApiResponse.error('コメントを入力してください。'));
 
     }
 
     }
 
 
 
@@ -74,7 +76,7 @@ module.exports = function(crowi, app) {
 
     const comment = commentForm.comment;
 
     const comment = commentForm.comment;
 
     const position = commentForm.comment_position || -1;
 
     const position = commentForm.comment_position || -1;
 
     const isMarkdown = commentForm.is_markdown;
 
     const isMarkdown = commentForm.is_markdown;
 
-    const replyTo = commentForm.replyTo === '' ? undefined : commentForm.replyTo;
 
+    const replyTo = commentForm.replyTo;
 
 
 
     // check whether accessible
 
     // check whether accessible
 
     const isAccessible = await Page.isAccessiblePageByViewer(pageId, req.user);
 
     const isAccessible = await Page.isAccessiblePageByViewer(pageId, req.user);

+ 9 - 1
yarn.lock
Vizualizați fișierul 

@@ -3887,6 +3887,14 @@ express-session@^1.16.1:
 
     safe-buffer "5.1.2"
 
     safe-buffer "5.1.2"
 
     uid-safe "~2.1.5"
 
     uid-safe "~2.1.5"
 
 
 
+express-validator@^5.3.1:
 
+  version "5.3.1"
 
+  resolved "https://registry.yarnpkg.com/express-validator/-/express-validator-5.3.1.tgz#6f42c6d52554441b0360c40ccfb555b1770affe2"
 
+  integrity sha512-g8xkipBF6VxHbO1+ksC7nxUU7+pWif0+OZXjZTybKJ/V0aTVhuCoHbyhIPgSYVldwQLocGExPtB2pE0DqK4jsw==
 
+  dependencies:
 
+    lodash "^4.17.10"
 
+    validator "^10.4.0"
 
+
 
 express-webpack-assets@^0.1.0:
 
 express-webpack-assets@^0.1.0:
 
   version "0.1.0"
 
   version "0.1.0"
 
   resolved "https://registry.yarnpkg.com/express-webpack-assets/-/express-webpack-assets-0.1.0.tgz#000fb3413eb0d512cbd6cd3f6a10b5e70dbe0079"
 
   resolved "https://registry.yarnpkg.com/express-webpack-assets/-/express-webpack-assets-0.1.0.tgz#000fb3413eb0d512cbd6cd3f6a10b5e70dbe0079"
 
@@ -10939,7 +10947,7 @@ validate-npm-package-license@^3.0.1:
 
     spdx-correct "~1.0.0"
 
     spdx-correct "~1.0.0"
 
     spdx-expression-parse "~1.0.0"
 
     spdx-expression-parse "~1.0.0"
 
 
 
-validator@>=10.11.0, validator@^10.0.0:
 
+validator@>=10.11.0, validator@^10.0.0, validator@^10.4.0:
 
   version "10.11.0"
 
   version "10.11.0"
 
   resolved "https://registry.yarnpkg.com/validator/-/validator-10.11.0.tgz#003108ea6e9a9874d31ccc9e5006856ccd76b228"
 
   resolved "https://registry.yarnpkg.com/validator/-/validator-10.11.0.tgz#003108ea6e9a9874d31ccc9e5006856ccd76b228"
 
   integrity sha512-X/p3UZerAIsbBfN/IwahhYaBbY68EN/UQBWHtsbXGT5bfrH/p4NQzUCG1kF/rtKaNpnJ7jAu6NGTdSNtyNIXMw==
 
   integrity sha512-X/p3UZerAIsbBfN/IwahhYaBbY68EN/UQBWHtsbXGT5bfrH/p4NQzUCG1kF/rtKaNpnJ7jAu6NGTdSNtyNIXMw==