fix(whitespace): Trim whitespace and quotes before checking text length

Previously, our text sanitizer code did not trim whitespace before
checking that the string was non-empty. This lead to strings consisting
only of whitespace being treated as valid. Not all our downstream
services (such as libpostal) accept whitespace-only input, so this
causes a rather harsh error.

This PR builds upon the code in https://github.com/pelias/api/pull/1170
and moves the trimming code above the nonEmptyString check. Now, a
whitespace-only input string produces the normal error for empty input.

Fixes https://github.com/pelias/api/issues/1158

sanitizer/_text.js

@@ -13,11 +13,12 @@ function _sanitize( raw, clean ){
   // invalid input 'text'
   // must call `!check.nonEmptyString` since `check.emptyString` returns
   //  `false` for `undefined` and `null`
-  if( !check.nonEmptyString( raw.text ) ){
-    messages.errors.push('invalid param \'text\': text length, must be >0');
+  const text =  _.trim( _.trim( raw.text ), QUOTES );
 
+  if( !check.nonEmptyString( text ) ){
+    messages.errors.push('invalid param \'text\': text length, must be >0');
   } else {
-    clean.text = _.trim( _.trim( raw.text ), QUOTES );
+    clean.text = text;
   }
 
   return messages;

test/unit/sanitizer/_text.js

@@ -124,6 +124,20 @@ module.exports.tests.text_parser = function(test, common) {
     t.deepEquals(validParameters, expected);
     t.end();
   });
+
+  test('whitespace-only input counts as empty', (t) => {
+    const raw = { text: ' ' };
+    const clean = {};
+
+    const expected_clean = {};
+
+    const messages = sanitizer.sanitize(raw, clean);
+
+    t.deepEquals(clean, expected_clean);
+    t.deepEquals(messages.errors, ['invalid param \'text\': text length, must be >0']);
+    t.deepEquals(messages.warnings, [], 'no warnings');
+    t.end();
+  });
 };
 
 module.exports.all = (tape, common) => {