additional validation of data

2021-02-04 18:07:17 +01:00
parent 3b7ca3ccb3
commit 97aa4ae4d3
3 changed files with 24 additions and 6 deletions
--- a/models/restaurant.js
+++ b/models/restaurant.js
@@ -39,7 +39,8 @@ const restaurantSchema = mongoose.Schema({
  },
  imgUrl: {
    type: String,
-    maxlength: 128
+    maxlength: 128,
+    required: true
  },
  workingHours: {
    pn: {
--- a/routes/routeRestaurant.js
+++ b/routes/routeRestaurant.js
@@ -23,7 +23,7 @@ const {
  checkPassword,
 } = require("../services/services.js");
 const Restaurant = require("../models/restaurant.js");
-const { validateRestaurant } = require("../services/validations.js");
+const { validateRestaurantData, validateLunchSet } = require("../services/validations.js");

 var router = express.Router();

@@ -45,7 +45,7 @@ router.post("/", async (req, res) => {
  try {
    const token = req.headers["x-auth-token"];
    const user = validateUserToken(token);
-    validateRestaurant(req.body);
+    validateRestaurantData(req.body);
    const restaurant = await createRestaurant(req.body).catch((err) => {
      throw newError("Nie udało się zapisać zdjęcia.", 500);
    });
@@ -63,6 +63,7 @@ router.put("/", async (req, res) => {
  try {
    const token = req.headers["x-auth-token"];
    const user = validateUserToken(token);
+    validateRestaurantData(req.body);
    const oldRestaurant = await fetchRestaurant(req.body.restaurantId);
    const newRestaurant = await createRestaurant(req.body, oldRestaurant);
    await verifyRestaurantAccess(req.body.restaurantId, user);
@@ -113,6 +114,7 @@ router.post("/lunchSet", async (req, res) => {
  try {
    const token = req.headers["x-auth-token"];
    const user = validateUserToken(token);
+    validateLunchSet(req.body.set);
    await validateRestaurant(req.body.restaurantId);
    await verifyRestaurantAccess(req.body.restaurantId, user);
    await changeLunchMenuSet(
--- a/services/validations.js
+++ b/services/validations.js
@@ -43,11 +43,25 @@ const validateSearch = function(string){
    }
 }

-const validateRestaurant = function(requestBody){
+const validateRestaurantData = function(requestBody){
    const name = validator.isLength(requestBody.name, { max: 64 })
    const city = validator.isLength(requestBody.city, { max: 64 })
    const adress = validator.isLength(requestBody.adress, { max: 64 })
-    const imgURL = validator.isURL(requestBody.imgUrl) && validator.contains(requestBody.imgUrl, "https://menuicdn.fra1.digitaloceanspaces.com/")
+    const type = validator.isLength(requestBody.type, { max: 64 })
+    const description = true;
+    if(requestBody.description){
+        description = validator.isLength(requestBody.description, { max: 400 })
+    }
+    if(!name || !city || !adress || !type || !description){
+        throw newError("Dane nieprawidłowe", 400)
+    }
+}
+
+const validateLunchSet = function(set){
+    const name = validator.isLength(set.lunchSetName, { min: 2, max: 64 })
+    if(!name){
+        throw newError("Nieprawidłowe dane", 400)
+    }
 }

 // EXPORTS
@@ -56,4 +70,5 @@ exports.validateLogin = validateLogin;
 exports.validateRegister = validateRegister;
 exports.validatePassword = validatePassword;
 exports.validateSearch = validateSearch;
-exports.validateRestaurant = validateRestaurant;
+exports.validateRestaurantData = validateRestaurantData;
+exports.validateLunchSet = validateLunchSet;