|
|
@ -1,7 +1,8 @@ |
|
|
|
var isObject = require('is-object'); |
|
|
|
var isObject = require('is-object'); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// validate inputs, convert types and apply defaults
|
|
|
|
// validate inputs, convert types and apply defaults
|
|
|
|
function sanitize( req, latlon_is_required ){ |
|
|
|
module.exports = function sanitize( req, latlon_is_required ){ |
|
|
|
|
|
|
|
|
|
|
|
var clean = req.clean || {}; |
|
|
|
var clean = req.clean || {}; |
|
|
|
var params = req.query; |
|
|
|
var params = req.query; |
|
|
@ -12,87 +13,102 @@ function sanitize( req, latlon_is_required ){ |
|
|
|
params = {}; |
|
|
|
params = {}; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
var is_invalid_lat = function(lat) { |
|
|
|
try { |
|
|
|
return isNaN( lat ) || lat < -90 || lat > 90; |
|
|
|
sanitize_coord( 'lat', clean, params.lat, latlon_is_required ); |
|
|
|
}; |
|
|
|
sanitize_coord( 'lon', clean, params.lon, latlon_is_required ); |
|
|
|
|
|
|
|
sanitize_zoom_level(clean, params.zoom); |
|
|
|
var is_invalid_lon = function(lon) { |
|
|
|
sanitize_bbox(clean, params.bbox); |
|
|
|
return isNaN( lon ) || lon < -180 || lon > 180; |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// lat
|
|
|
|
|
|
|
|
var lat = parseFloat( params.lat, 10 ); |
|
|
|
|
|
|
|
if (!isNaN(lat)) { |
|
|
|
|
|
|
|
if( is_invalid_lat(lat) ){ |
|
|
|
|
|
|
|
return { |
|
|
|
|
|
|
|
'error': true, |
|
|
|
|
|
|
|
'message': 'invalid param \'lat\': must be >-90 and <90' |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
clean.lat = lat; |
|
|
|
catch (err) { |
|
|
|
} else if (latlon_is_required) { |
|
|
|
|
|
|
|
return { |
|
|
|
return { |
|
|
|
'error': true, |
|
|
|
'error': true, |
|
|
|
'message': 'missing param \'lat\': must be >-90 and <90' |
|
|
|
'message': err.message |
|
|
|
}; |
|
|
|
}; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// lon
|
|
|
|
req.clean = clean; |
|
|
|
var lon = parseFloat( params.lon, 10 ); |
|
|
|
|
|
|
|
if (!isNaN(lon)) { |
|
|
|
return { 'error': false }; |
|
|
|
if( is_invalid_lon(lon) ){ |
|
|
|
|
|
|
|
return { |
|
|
|
|
|
|
|
'error': true, |
|
|
|
|
|
|
|
'message': 'invalid param \'lon\': must be >-180 and <180' |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
clean.lon = lon; |
|
|
|
|
|
|
|
} else if (latlon_is_required) { |
|
|
|
|
|
|
|
return { |
|
|
|
|
|
|
|
'error': true, |
|
|
|
|
|
|
|
'message': 'missing param \'lon\': must be >-180 and <180' |
|
|
|
|
|
|
|
}; |
|
|
|
}; |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// zoom level
|
|
|
|
|
|
|
|
var zoom = parseInt( params.zoom, 10 ); |
|
|
|
/** |
|
|
|
if( !isNaN( zoom ) ){ |
|
|
|
* Parse and validate bbox parameter |
|
|
|
clean.zoom = Math.min( Math.max( zoom, 1 ), 18 ); // max
|
|
|
|
* bbox = bottom_left lat, bottom_left lon, top_right lat, top_right lon |
|
|
|
|
|
|
|
* bbox = left,bottom,right,top |
|
|
|
|
|
|
|
* bbox = min Longitude , min Latitude , max Longitude , max Latitude |
|
|
|
|
|
|
|
* |
|
|
|
|
|
|
|
* @param {object} clean |
|
|
|
|
|
|
|
* @param {string} param |
|
|
|
|
|
|
|
*/ |
|
|
|
|
|
|
|
function sanitize_bbox( clean, param ) { |
|
|
|
|
|
|
|
if( !param ) { |
|
|
|
|
|
|
|
return; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// bbox
|
|
|
|
|
|
|
|
// bbox = bottom_left lat, bottom_left lon, top_right lat, top_right lon
|
|
|
|
|
|
|
|
// bbox = left,bottom,right,top
|
|
|
|
|
|
|
|
// bbox = min Longitude , min Latitude , max Longitude , max Latitude
|
|
|
|
|
|
|
|
if (params.bbox) { |
|
|
|
|
|
|
|
var bbox = []; |
|
|
|
var bbox = []; |
|
|
|
var bboxArr = params.bbox.split(','); |
|
|
|
var bboxArr = param.split( ',' ); |
|
|
|
|
|
|
|
|
|
|
|
if( Array.isArray( bboxArr ) && bboxArr.length === 4 ) { |
|
|
|
if( Array.isArray( bboxArr ) && bboxArr.length === 4 ) { |
|
|
|
|
|
|
|
|
|
|
|
bbox = bboxArr.filter( function( latlon, index ) { |
|
|
|
bbox = bboxArr.filter( function( latlon, index ) { |
|
|
|
latlon = parseFloat( latlon, 10 ); |
|
|
|
latlon = parseFloat( latlon, 10 ); |
|
|
|
return !(index % 2 === 0 ? is_invalid_lat(latlon) : is_invalid_lon(latlon));
|
|
|
|
return !(lat_lon_checks[(index % 2 === 0 ? 'lat' : 'lon')].is_invalid( latlon )); |
|
|
|
}); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
if( bbox.length === 4 ) { |
|
|
|
if( bbox.length === 4 ) { |
|
|
|
clean.bbox = { |
|
|
|
clean.bbox = { |
|
|
|
top : Math.max(bbox[0], bbox[2]), |
|
|
|
right: Math.max( bbox[0], bbox[2] ), |
|
|
|
right : Math.max(bbox[1], bbox[3]), |
|
|
|
top: Math.max( bbox[1], bbox[3] ), |
|
|
|
bottom: Math.min(bbox[0], bbox[2]), |
|
|
|
left: Math.min( bbox[0], bbox[2] ), |
|
|
|
left : Math.min(bbox[1], bbox[3]) |
|
|
|
bottom: Math.min( bbox[1], bbox[3] ) |
|
|
|
}; |
|
|
|
}; |
|
|
|
} else { |
|
|
|
} else { |
|
|
|
return { |
|
|
|
throw new Error('invalid bbox'); |
|
|
|
'error': true, |
|
|
|
|
|
|
|
'message': 'invalid bbox' |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
req.clean = clean; |
|
|
|
/** |
|
|
|
|
|
|
|
* Validate lat,lon values |
|
|
|
|
|
|
|
* |
|
|
|
|
|
|
|
* @param {string} coord lat|lon |
|
|
|
|
|
|
|
* @param {object} clean |
|
|
|
|
|
|
|
* @param {string} param |
|
|
|
|
|
|
|
* @param {bool} latlon_is_required |
|
|
|
|
|
|
|
*/ |
|
|
|
|
|
|
|
function sanitize_coord( coord, clean, param, latlon_is_required ) { |
|
|
|
|
|
|
|
var value = parseFloat( param, 10 ); |
|
|
|
|
|
|
|
if ( !isNaN( value ) ) { |
|
|
|
|
|
|
|
if( lat_lon_checks[coord].is_invalid( value ) ){ |
|
|
|
|
|
|
|
throw new Error( 'invalid ' + lat_lon_checks[coord].error_msg ); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
clean[coord] = value; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
else if (latlon_is_required) { |
|
|
|
|
|
|
|
throw new Error('missing ' + lat_lon_checks[coord].error_msg); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return { 'error': false }; |
|
|
|
function sanitize_zoom_level( clean, param ) { |
|
|
|
|
|
|
|
var zoom = parseInt( param, 10 ); |
|
|
|
|
|
|
|
if( !isNaN( zoom ) ){ |
|
|
|
|
|
|
|
clean.zoom = Math.min( Math.max( zoom, 1 ), 18 ); // max
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var lat_lon_checks = { |
|
|
|
|
|
|
|
lat: { |
|
|
|
|
|
|
|
is_invalid: function is_invalid_lat(lat) { |
|
|
|
|
|
|
|
return isNaN( lat ) || lat < -90 || lat > 90; |
|
|
|
|
|
|
|
}, |
|
|
|
|
|
|
|
error_msg: 'param \'lat\': must be >-90 and <90' |
|
|
|
|
|
|
|
}, |
|
|
|
|
|
|
|
lon: { |
|
|
|
|
|
|
|
is_invalid: function is_invalid_lon(lon) { |
|
|
|
|
|
|
|
return isNaN(lon) || lon < -180 || lon > 180; |
|
|
|
|
|
|
|
}, |
|
|
|
|
|
|
|
error_msg: 'param \'lon\': must be >-180 and <180' |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
// export function
|
|
|
|
|
|
|
|
module.exports = sanitize; |
|
|
|
|
|
|
|