|
|
@ -35,10 +35,9 @@ module.exports.tests.all = function(test, common) { |
|
|
|
warnings: ['warning 1', 'warning 2', 'warning 3'] |
|
|
|
warnings: ['warning 1', 'warning 2', 'warning 3'] |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll.sanitize(req, sanitizers, function (){ |
|
|
|
sanitizeAll.runAllChecks(req, sanitizers); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
@ -82,13 +81,11 @@ module.exports.tests.all = function(test, common) { |
|
|
|
warnings: ['pre-existing warning', 'warning 1', 'warning 2', 'warning 3'] |
|
|
|
warnings: ['pre-existing warning', 'warning 1', 'warning 2', 'warning 3'] |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll.sanitize(req, sanitizers, function () { |
|
|
|
sanitizeAll.runAllChecks(req, sanitizers); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
test('req.query should be passed to individual sanitizers when available', function(t) { |
|
|
|
test('req.query should be passed to individual sanitizers when available', function(t) { |
|
|
|
var req = { |
|
|
|
var req = { |
|
|
|
query: { |
|
|
|
query: { |
|
|
@ -97,7 +94,7 @@ module.exports.tests.all = function(test, common) { |
|
|
|
}; |
|
|
|
}; |
|
|
|
var sanitizers = { |
|
|
|
var sanitizers = { |
|
|
|
'first': { |
|
|
|
'first': { |
|
|
|
sanitize: function(params) { |
|
|
|
sanitize: function (params) { |
|
|
|
req.clean.query = params; |
|
|
|
req.clean.query = params; |
|
|
|
return { |
|
|
|
return { |
|
|
|
errors: [], |
|
|
|
errors: [], |
|
|
@ -120,13 +117,11 @@ module.exports.tests.all = function(test, common) { |
|
|
|
warnings: [] |
|
|
|
warnings: [] |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll.sanitize(req, sanitizers, function () { |
|
|
|
sanitizeAll.runAllChecks(req, sanitizers); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
test('an empty object should be passed to individual sanitizers when req.query is unavailable', function(t) { |
|
|
|
test('an empty object should be passed to individual sanitizers when req.query is unavailable', function(t) { |
|
|
|
var req = {}; |
|
|
|
var req = {}; |
|
|
|
var sanitizers = { |
|
|
|
var sanitizers = { |
|
|
@ -152,13 +147,11 @@ module.exports.tests.all = function(test, common) { |
|
|
|
warnings: [] |
|
|
|
warnings: [] |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll.sanitize(req, sanitizers, function () { |
|
|
|
sanitizeAll.runAllChecks(req, sanitizers); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
test('unexpected parameters should throw warning', function(t) { |
|
|
|
test('unexpected parameters should throw warning', function(t) { |
|
|
|
var req = { |
|
|
|
var req = { |
|
|
|
query: { |
|
|
|
query: { |
|
|
@ -178,14 +171,12 @@ module.exports.tests.all = function(test, common) { |
|
|
|
} |
|
|
|
} |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll.checkParameters(req, sanitizers, function () { |
|
|
|
sanitizeAll.checkParameters(req, sanitizers); |
|
|
|
t.equals(req.errors.length, 0); |
|
|
|
t.equals(req.errors.length, 0); |
|
|
|
t.deepEquals(req.warnings[0], 'Invalid Parameter: unknown_value'); |
|
|
|
t.deepEquals(req.warnings[0], 'Invalid Parameter: unknown_value'); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
test('expected parameters should not throw warning', function(t) { |
|
|
|
test('expected parameters should not throw warning', function(t) { |
|
|
|
var req = { |
|
|
|
var req = { |
|
|
|
query: { |
|
|
|
query: { |
|
|
@ -205,14 +196,14 @@ module.exports.tests.all = function(test, common) { |
|
|
|
} |
|
|
|
} |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll.checkParameters(req, sanitizers, function () { |
|
|
|
sanitizeAll.checkParameters(req, sanitizers); |
|
|
|
t.equals(req.errors.length, 0); |
|
|
|
t.equals(req.errors.length, 0); |
|
|
|
t.equals(req.warnings.length, 0); |
|
|
|
t.equals(req.warnings.length, 0); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
|
|
|
|
}); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
test('runAllChecks calls both sanitize and expectedParameters function', function(t) { |
|
|
|
test('sanitizer without expected() should not validate parameters', function(t) { |
|
|
|
var req = { |
|
|
|
var req = { |
|
|
|
query: { |
|
|
|
query: { |
|
|
|
value: 'query' |
|
|
|
value: 'query' |
|
|
@ -227,12 +218,6 @@ module.exports.tests.all = function(test, common) { |
|
|
|
errors: [], |
|
|
|
errors: [], |
|
|
|
warnings: ['warning 1'] |
|
|
|
warnings: ['warning 1'] |
|
|
|
}; |
|
|
|
}; |
|
|
|
}, |
|
|
|
|
|
|
|
expected: function _expected () { |
|
|
|
|
|
|
|
// add value as a valid parameter
|
|
|
|
|
|
|
|
return [{ |
|
|
|
|
|
|
|
name: 'value' |
|
|
|
|
|
|
|
}]; |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
}; |
|
|
|
}; |
|
|
@ -250,11 +235,10 @@ module.exports.tests.all = function(test, common) { |
|
|
|
warnings: ['warning 1'] |
|
|
|
warnings: ['warning 1'] |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll.runAllChecks(req, sanitizers, function () { |
|
|
|
sanitizeAll.runAllChecks(req, sanitizers); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
}); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|