api/sanitiser/_id.js

// validate inputs, convert types and apply defaults
// id generally looks like 'geoname:4163334' (type:id)
// so, both type and id are required fields.

function sanitize( req ){
  
  req.clean   = req.clean || {};
  var params  = req.query;
  var indeces = require('../query/indeces');
  var delim   = ':';

  // ensure params is a valid object
  if( Object.prototype.toString.call( params ) !== '[object Object]' ){
    params = {};
  }

  var errormessage = function(fieldname, message) {
    return {
      'error': true,
      'message': message || ('invalid param \''+ fieldname + '\': text length, must be >0')
    };
  };

  if(('string' === typeof params.id && !params.id.length) || params.id === undefined){
    return errormessage('id');
  }

  if( params && params.id && params.id.length ){
    req.clean.ids = [];
    params.ids = Array.isArray(params.id) ? params.id : [params.id];
    
    // de-dupe
    params.ids = params.ids.filter(function(item, pos) {
      return params.ids.indexOf(item) === pos;
    });

    for (var i=0; i<params.ids.length; i++) {
      var thisparam = params.ids[i];
    
      // basic format/ presence of ':'
      if(thisparam.indexOf(delim) === -1) {
        return errormessage(null, 'invalid: must be of the format type:id for ex: \'geoname:4163334\'');
      }

      var param_index = thisparam.indexOf(delim);
      var type = thisparam.substring(0, param_index );
      var id   = thisparam.substring(param_index + 1);

      // id text
      if('string' !== typeof id || !id.length){
        return errormessage(thisparam);
      }
      // type text
      if('string' !== typeof type || !type.length){
        return errormessage(thisparam);
      }
      // type text must be one of the indeces
      if(indeces.indexOf(type) === -1){
        return errormessage('type', type + ' is invalid. It must be one of these values - [' + indeces.join(', ') + ']');
      }
      req.clean.ids.push({
        id: id,
        type: type
      });
    }
  }
  
  return { 'error': false };

}

// export function
module.exports = sanitize;
/get endpoint - controller and sanitizer 10 years ago			`// validate inputs, convert types and apply defaults`
simplifying things, DRY - one endpoint 'GET' handles single/multiple requests. plus test coverage 10 years ago			`// id generally looks like 'geoname:4163334' (type:id)`
/get endpoint - controller and sanitizer 10 years ago			`// so, both type and id are required fields.`

			`function sanitize( req ){`

type should be one of the indeces 10 years ago			`req.clean = req.clean \|\| {};`
			`var params = req.query;`
			`var indeces = require('../query/indeces');`
simplifying things, DRY - one endpoint 'GET' handles single/multiple requests. plus test coverage 10 years ago			`var delim = ':';`
/get endpoint - controller and sanitizer 10 years ago
			`// ensure params is a valid object`
			`if( Object.prototype.toString.call( params ) !== '[object Object]' ){`
			`params = {};`
			`}`

type should be one of the indeces 10 years ago			`var errormessage = function(fieldname, message) {`
/get endpoint - controller and sanitizer 10 years ago			`return {`
			`'error': true,`
type should be one of the indeces 10 years ago			`'message': message \|\| ('invalid param \''+ fieldname + '\': text length, must be >0')`
fixing all the js lint related issues (lintified) 10 years ago			`};`
/get endpoint - controller and sanitizer 10 years ago			`};`
type should be one of the indeces 10 years ago
simplifying things, DRY - one endpoint 'GET' handles single/multiple requests. plus test coverage 10 years ago			`if(('string' === typeof params.id && !params.id.length) \|\| params.id === undefined){`
/get endpoint - controller and sanitizer 10 years ago			`return errormessage('id');`
			`}`
going from ?id=123&type=geoname to ?id=geoname/123 tests updated 10 years ago
simplifying things, DRY - one endpoint 'GET' handles single/multiple requests. plus test coverage 10 years ago			`if( params && params.id && params.id.length ){`
			`req.clean.ids = [];`
			`params.ids = Array.isArray(params.id) ? params.id : [params.id];`

de-dupe as part of sanitizing 10 years ago			`// de-dupe`
			`params.ids = params.ids.filter(function(item, pos) {`
fixing all the js lint related issues (lintified) 10 years ago			`return params.ids.indexOf(item) === pos;`
de-dupe as part of sanitizing 10 years ago			`});`

simplifying things, DRY - one endpoint 'GET' handles single/multiple requests. plus test coverage 10 years ago			`for (var i=0; i<params.ids.length; i++) {`
			`var thisparam = params.ids[i];`

			`// basic format/ presence of ':'`
			`if(thisparam.indexOf(delim) === -1) {`
			`return errormessage(null, 'invalid: must be of the format type:id for ex: \'geoname:4163334\'');`
			`}`
/get endpoint - controller and sanitizer 10 years ago
take the first occurence of delim and compute id and type accordingly. This works with the case when the id has the delim character in it. 10 years ago			`var param_index = thisparam.indexOf(delim);`
			`var type = thisparam.substring(0, param_index );`
			`var id = thisparam.substring(param_index + 1);`
going from ?id=123&type=geoname to ?id=geoname/123 tests updated 10 years ago
simplifying things, DRY - one endpoint 'GET' handles single/multiple requests. plus test coverage 10 years ago			`// id text`
			`if('string' !== typeof id \|\| !id.length){`
			`return errormessage(thisparam);`
			`}`
			`// type text`
			`if('string' !== typeof type \|\| !type.length){`
			`return errormessage(thisparam);`
			`}`
			`// type text must be one of the indeces`
fixing all the js lint related issues (lintified) 10 years ago			`if(indeces.indexOf(type) === -1){`
			`return errormessage('type', type + ' is invalid. It must be one of these values - [' + indeces.join(', ') + ']');`
simplifying things, DRY - one endpoint 'GET' handles single/multiple requests. plus test coverage 10 years ago			`}`
			`req.clean.ids.push({`
			`id: id,`
			`type: type`
			`});`
			`}`
type should be one of the indeces 10 years ago			`}`
simplifying things, DRY - one endpoint 'GET' handles single/multiple requests. plus test coverage 10 years ago
/get endpoint - controller and sanitizer 10 years ago			`return { 'error': false };`

			`}`

			`// export function`
			`module.exports = sanitize;`