mirror of https://github.com/pelias/api.git
Peter Johnson a.k.a. insertcoffee
9 years ago
18 changed files with 321 additions and 315 deletions
@ -1,39 +1,26 @@ |
|||||||
var isObject = require('is-object'); |
|
||||||
var geo_common = require ('./_geo_common'); |
var geo_common = require ('./_geo_common'); |
||||||
|
var LAT_LON_IS_REQUIRED = true, |
||||||
|
CIRCLE_IS_REQUIRED = false, |
||||||
|
CIRCLE_MUST_BE_COMPLETE = false; |
||||||
|
|
||||||
// validate inputs, convert types and apply defaults
|
// validate inputs, convert types and apply defaults
|
||||||
module.exports = function sanitize( req ){ |
module.exports = function sanitize( raw, clean ){ |
||||||
var clean = req.clean || {}; |
|
||||||
var params = req.query; |
|
||||||
var latlon_is_required = true; |
|
||||||
var circle_is_required = false; |
|
||||||
var circle_must_be_complete = false; |
|
||||||
|
|
||||||
// ensure the input params are a valid object
|
// error & warning messages
|
||||||
if( !isObject( params ) ){ |
var messages = { errors: [], warnings: [] }; |
||||||
params = {}; |
|
||||||
} |
|
||||||
|
|
||||||
if( !isObject( params.point ) ){ |
|
||||||
params.point = {}; |
|
||||||
} |
|
||||||
|
|
||||||
try { |
try { |
||||||
geo_common.sanitize_coord( 'lat', clean, params['point.lat'], latlon_is_required ); |
geo_common.sanitize_coord( 'lat', clean, raw['point.lat'], LAT_LON_IS_REQUIRED ); |
||||||
geo_common.sanitize_coord( 'lon', clean, params['point.lon'], latlon_is_required ); |
geo_common.sanitize_coord( 'lon', clean, raw['point.lon'], LAT_LON_IS_REQUIRED ); |
||||||
|
|
||||||
// boundary.circle.* is not mandatory, and only specifying radius is fine,
|
// boundary.circle.* is not mandatory, and only specifying radius is fine,
|
||||||
// as point.lat/lon will be used to fill those values by default
|
// as point.lat/lon will be used to fill those values by default
|
||||||
geo_common.sanitize_boundary_circle( clean, params, circle_is_required, circle_must_be_complete); |
geo_common.sanitize_boundary_circle( clean, raw, CIRCLE_IS_REQUIRED, CIRCLE_MUST_BE_COMPLETE); |
||||||
} |
} |
||||||
catch (err) { |
catch (err) { |
||||||
return { |
messages.errors.push( err.message ); |
||||||
'error': true, |
|
||||||
'message': err.message |
|
||||||
}; |
|
||||||
} |
} |
||||||
|
|
||||||
req.clean = clean; |
return messages; |
||||||
|
|
||||||
return { 'error': false }; |
|
||||||
}; |
}; |
||||||
|
@ -1,38 +1,21 @@ |
|||||||
var isObject = require('is-object'); |
|
||||||
var geo_common = require ('./_geo_common'); |
var geo_common = require ('./_geo_common'); |
||||||
|
var LAT_LON_IS_REQUIRED = false; |
||||||
|
|
||||||
// validate inputs, convert types and apply defaults
|
// validate inputs, convert types and apply defaults
|
||||||
module.exports = function sanitize( req ){ |
module.exports = function sanitize( raw, clean ){ |
||||||
var clean = req.clean || {}; |
|
||||||
var params = req.query; |
|
||||||
var latlon_is_required = false; |
|
||||||
|
|
||||||
// ensure the input params are a valid object
|
|
||||||
if( !isObject( params ) ){ |
|
||||||
params = {}; |
|
||||||
} |
|
||||||
|
|
||||||
if( !isObject( params.focus ) ){ |
// error & warning messages
|
||||||
params.focus = {}; |
var messages = { errors: [], warnings: [] }; |
||||||
} |
|
||||||
|
|
||||||
if( !isObject( params.focus.point ) ){ |
|
||||||
params.focus.point = {}; |
|
||||||
} |
|
||||||
|
|
||||||
try { |
try { |
||||||
geo_common.sanitize_coord( 'lat', clean, params['focus.point.lat'], latlon_is_required ); |
geo_common.sanitize_coord( 'lat', clean, raw['focus.point.lat'], LAT_LON_IS_REQUIRED ); |
||||||
geo_common.sanitize_coord( 'lon', clean, params['focus.point.lon'], latlon_is_required ); |
geo_common.sanitize_coord( 'lon', clean, raw['focus.point.lon'], LAT_LON_IS_REQUIRED ); |
||||||
geo_common.sanitize_bbox(clean, params.bbox); |
geo_common.sanitize_bbox(raw, clean); |
||||||
} |
} |
||||||
catch (err) { |
catch (err) { |
||||||
return { |
messages.errors.push( err.message ); |
||||||
'error': true, |
|
||||||
'message': err.message |
|
||||||
}; |
|
||||||
} |
} |
||||||
|
|
||||||
req.clean = clean; |
return messages; |
||||||
|
|
||||||
return { 'error': false }; |
|
||||||
}; |
}; |
||||||
|
@ -1,17 +0,0 @@ |
|||||||
function sanitize( req, sanitiser, cb ){ |
|
||||||
|
|
||||||
req.clean = req.clean || {}; |
|
||||||
|
|
||||||
for (var s in sanitiser) {
|
|
||||||
var sanity = sanitiser[s](req); |
|
||||||
if (sanity.error) { |
|
||||||
return cb(sanity.message); |
|
||||||
} |
|
||||||
} |
|
||||||
|
|
||||||
return cb( undefined, req.clean ); |
|
||||||
|
|
||||||
} |
|
||||||
|
|
||||||
// export function
|
|
||||||
module.exports = sanitize; |
|
@ -1,44 +1,45 @@ |
|||||||
var isObject = require('is-object'); |
|
||||||
var sources_map = require( '../query/sources' ); |
|
||||||
var all_sources = Object.keys(sources_map); |
|
||||||
|
|
||||||
function sanitize( req ) { |
var check = require('check-types'), |
||||||
req.clean = req.clean || {}; |
sources_map = require( '../query/sources' ); |
||||||
var params = req.query; |
|
||||||
|
|
||||||
req.clean.types = req.clean.types || {}; |
var ALL_SOURCES = Object.keys(sources_map), |
||||||
|
ALL_SOURCES_JOINED = ALL_SOURCES.join(','); |
||||||
|
|
||||||
// ensure the input params are a valid object
|
function sanitize( raw, clean ) { |
||||||
if( !isObject( params ) ){ |
|
||||||
params = {}; |
// error & warning messages
|
||||||
} |
var messages = { errors: [], warnings: [] }; |
||||||
|
|
||||||
|
// init clean.types (if not already init)
|
||||||
|
clean.types = clean.types || {}; |
||||||
|
|
||||||
// default case (no layers specified in GET params)
|
// default case (no layers specified in GET params)
|
||||||
// don't even set the from_layers key in this case
|
// don't even set the from_layers key in this case
|
||||||
if('string' !== typeof params.source || !params.source.length){ |
if( check.unemptyString( raw.source ) ){ |
||||||
return { error: false }; |
|
||||||
} |
|
||||||
|
|
||||||
var sources = params.source.split(','); |
var sources = raw.source.split(','); |
||||||
|
|
||||||
var invalid_sources = sources.filter(function(source) { |
var invalid_sources = sources.filter(function(source) { |
||||||
return all_sources.indexOf(source) === -1; |
return ALL_SOURCES.indexOf(source) === -1; |
||||||
}); |
}); |
||||||
|
|
||||||
if (invalid_sources.length > 0) { |
if( invalid_sources.length > 0 ){ |
||||||
return { |
invalid_sources.forEach( function( invalid ){ |
||||||
error: true, |
messages.errors.push('\'' + invalid + '\' is an invalid source parameter. Valid options: ' + ALL_SOURCES_JOINED); |
||||||
msg: '`' + invalid_sources[0] + '` is an invalid source parameter. Valid options: ' + all_sources.join(', ') |
}); |
||||||
}; |
|
||||||
} |
} |
||||||
|
|
||||||
|
else { |
||||||
var types = sources.reduce(function(acc, source) { |
var types = sources.reduce(function(acc, source) { |
||||||
return acc.concat(sources_map[source]); |
return acc.concat(sources_map[source]); |
||||||
}, []); |
}, []); |
||||||
|
|
||||||
req.clean.types.from_source = types; |
clean.types.from_source = types; |
||||||
|
} |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
return { error: false }; |
return messages; |
||||||
} |
} |
||||||
|
|
||||||
module.exports = sanitize; |
module.exports = sanitize; |
||||||
|
@ -0,0 +1,26 @@ |
|||||||
|
|
||||||
|
function sanitize( req, sanitizers, cb ){ |
||||||
|
|
||||||
|
// init an object to store clean
|
||||||
|
// (sanitized) input parameters
|
||||||
|
req.clean = {}; |
||||||
|
|
||||||
|
// source of input parameters
|
||||||
|
// (in this case from the GET querystring params)
|
||||||
|
var params = req.query || {}; |
||||||
|
|
||||||
|
for (var s in sanitizers) { |
||||||
|
var sanity = sanitizers[s]( params, req.clean ); |
||||||
|
|
||||||
|
// errors
|
||||||
|
if( sanity.errors.length ){ |
||||||
|
return cb( sanity.errors[0] ); |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
return cb( undefined, req.clean ); |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
|
// export function
|
||||||
|
module.exports = sanitize; |
Loading…
Reference in new issue