|
|
@ -1,26 +1,31 @@ |
|
|
|
var sanitizeAll = require('../../../sanitizer/sanitizeAll'); |
|
|
|
var sanitizeAll = require('../../../sanitizer/sanitizeAll'); |
|
|
|
|
|
|
|
const Joi = require('joi'); |
|
|
|
|
|
|
|
|
|
|
|
module.exports.tests = {}; |
|
|
|
module.exports.tests = {}; |
|
|
|
|
|
|
|
|
|
|
|
module.exports.tests.all = function(test, common) { |
|
|
|
module.exports.tests.all = function(test, common) { |
|
|
|
test('req.clean/errors/warnings should be initialized when they are not', function(t) { |
|
|
|
test('req.clean/errors/warnings should be initialized when they are not', function(t) { |
|
|
|
var req = {}; |
|
|
|
var req = {}; |
|
|
|
var sanitizers = [ |
|
|
|
var sanitizers = { |
|
|
|
function() { |
|
|
|
'first': { |
|
|
|
req.clean.a = 'first sanitizer'; |
|
|
|
sanitize: function(){ |
|
|
|
return { |
|
|
|
req.clean.a = 'first sanitizer'; |
|
|
|
errors: ['error 1', 'error 2'], |
|
|
|
return { |
|
|
|
warnings: ['warning 1', 'warning 2'] |
|
|
|
errors: ['error 1', 'error 2'], |
|
|
|
}; |
|
|
|
warnings: ['warning 1', 'warning 2'] |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
} |
|
|
|
}, |
|
|
|
}, |
|
|
|
function() { |
|
|
|
'second': { |
|
|
|
req.clean.b = 'second sanitizer'; |
|
|
|
sanitize: function() { |
|
|
|
return { |
|
|
|
req.clean.b = 'second sanitizer'; |
|
|
|
errors: ['error 3'], |
|
|
|
return { |
|
|
|
warnings: ['warning 3'] |
|
|
|
errors: ['error 3'], |
|
|
|
}; |
|
|
|
warnings: ['warning 3'] |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
]; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
var expected_req = { |
|
|
|
var expected_req = { |
|
|
|
clean: { |
|
|
|
clean: { |
|
|
@ -31,7 +36,7 @@ module.exports.tests.all = function(test, common) { |
|
|
|
warnings: ['warning 1', 'warning 2', 'warning 3'] |
|
|
|
warnings: ['warning 1', 'warning 2', 'warning 3'] |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll(req, sanitizers, function(){ |
|
|
|
sanitizeAll.sanitize(req, sanitizers, function (){ |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
}); |
|
|
@ -47,22 +52,26 @@ module.exports.tests.all = function(test, common) { |
|
|
|
warnings: ['pre-existing warning'] |
|
|
|
warnings: ['pre-existing warning'] |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
var sanitizers = [ |
|
|
|
var sanitizers = { |
|
|
|
function() { |
|
|
|
'first': { |
|
|
|
req.clean.a = 'first sanitizer'; |
|
|
|
sanitize: function(){ |
|
|
|
return { |
|
|
|
req.clean.a = 'first sanitizer'; |
|
|
|
errors: ['error 1', 'error 2'], |
|
|
|
return { |
|
|
|
warnings: ['warning 1', 'warning 2'] |
|
|
|
errors: ['error 1', 'error 2'], |
|
|
|
}; |
|
|
|
warnings: ['warning 1', 'warning 2'] |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
} |
|
|
|
}, |
|
|
|
}, |
|
|
|
function() { |
|
|
|
'second': { |
|
|
|
req.clean.b = 'second sanitizer'; |
|
|
|
sanitize: function() { |
|
|
|
return { |
|
|
|
req.clean.b = 'second sanitizer'; |
|
|
|
errors: ['error 3'], |
|
|
|
return { |
|
|
|
warnings: ['warning 3'] |
|
|
|
errors: ['error 3'], |
|
|
|
}; |
|
|
|
warnings: ['warning 3'] |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
]; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
var expected_req = { |
|
|
|
var expected_req = { |
|
|
|
clean: { |
|
|
|
clean: { |
|
|
@ -74,7 +83,7 @@ module.exports.tests.all = function(test, common) { |
|
|
|
warnings: ['pre-existing warning', 'warning 1', 'warning 2', 'warning 3'] |
|
|
|
warnings: ['pre-existing warning', 'warning 1', 'warning 2', 'warning 3'] |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll(req, sanitizers, function(){ |
|
|
|
sanitizeAll.sanitize(req, sanitizers, function () { |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
}); |
|
|
@ -84,33 +93,35 @@ module.exports.tests.all = function(test, common) { |
|
|
|
test('req.query should be passed to individual sanitizers when available', function(t) { |
|
|
|
test('req.query should be passed to individual sanitizers when available', function(t) { |
|
|
|
var req = { |
|
|
|
var req = { |
|
|
|
query: { |
|
|
|
query: { |
|
|
|
value: 'query value' |
|
|
|
value: 'query' |
|
|
|
} |
|
|
|
} |
|
|
|
}; |
|
|
|
}; |
|
|
|
var sanitizers = [ |
|
|
|
var sanitizers = { |
|
|
|
function(params) { |
|
|
|
'first': { |
|
|
|
req.clean.query = params; |
|
|
|
sanitize: function(params) { |
|
|
|
return { |
|
|
|
req.clean.query = params; |
|
|
|
errors: [], |
|
|
|
return { |
|
|
|
warnings: [] |
|
|
|
errors: [], |
|
|
|
}; |
|
|
|
warnings: [] |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
]; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
var expected_req = { |
|
|
|
var expected_req = { |
|
|
|
query: { |
|
|
|
query: { |
|
|
|
value: 'query value' |
|
|
|
value: 'query' |
|
|
|
}, |
|
|
|
}, |
|
|
|
clean: { |
|
|
|
clean: { |
|
|
|
query: { |
|
|
|
query: { |
|
|
|
value: 'query value' |
|
|
|
value: 'query' |
|
|
|
} |
|
|
|
} |
|
|
|
}, |
|
|
|
}, |
|
|
|
errors: [], |
|
|
|
errors: [], |
|
|
|
warnings: [] |
|
|
|
warnings: [] |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll(req, sanitizers, function(){ |
|
|
|
sanitizeAll.sanitize(req, sanitizers, function () { |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
}); |
|
|
@ -119,18 +130,20 @@ module.exports.tests.all = function(test, common) { |
|
|
|
|
|
|
|
|
|
|
|
test('an empty object should be passed to individual sanitizers when req.query is unavailable', function(t) { |
|
|
|
test('an empty object should be passed to individual sanitizers when req.query is unavailable', function(t) { |
|
|
|
var req = {}; |
|
|
|
var req = {}; |
|
|
|
var sanitizers = [ |
|
|
|
var sanitizers = { |
|
|
|
function(params) { |
|
|
|
'first': { |
|
|
|
if (Object.keys(params).length === 0) { |
|
|
|
sanitize: function(params) { |
|
|
|
req.clean.empty_object_was_passed = true; |
|
|
|
if (Object.keys(params).length === 0) { |
|
|
|
|
|
|
|
req.clean.empty_object_was_passed = true; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return { |
|
|
|
|
|
|
|
errors: [], |
|
|
|
|
|
|
|
warnings: [] |
|
|
|
|
|
|
|
}; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
return { |
|
|
|
|
|
|
|
errors: [], |
|
|
|
|
|
|
|
warnings: [] |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
]; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
var expected_req = { |
|
|
|
var expected_req = { |
|
|
|
clean: { |
|
|
|
clean: { |
|
|
@ -140,13 +153,66 @@ module.exports.tests.all = function(test, common) { |
|
|
|
warnings: [] |
|
|
|
warnings: [] |
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll(req, sanitizers, function(){ |
|
|
|
sanitizeAll.sanitize(req, sanitizers, function () { |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.deepEquals(req, expected_req); |
|
|
|
t.end(); |
|
|
|
t.end(); |
|
|
|
}); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
}); |
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
test('unexpected parameters should throw warning', function(t) { |
|
|
|
|
|
|
|
var req = { |
|
|
|
|
|
|
|
query: { |
|
|
|
|
|
|
|
unknown_value: 'query value' |
|
|
|
|
|
|
|
}, |
|
|
|
|
|
|
|
errors: [], |
|
|
|
|
|
|
|
warnings: [] |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
var sanitizers = { |
|
|
|
|
|
|
|
'first': { |
|
|
|
|
|
|
|
expected: function _expected () { |
|
|
|
|
|
|
|
// add value as a valid parameter for joi
|
|
|
|
|
|
|
|
return [{ |
|
|
|
|
|
|
|
name: 'value' |
|
|
|
|
|
|
|
}]; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll.checkParameters(req, sanitizers, function () { |
|
|
|
|
|
|
|
t.equals(req.errors.length, 0); |
|
|
|
|
|
|
|
t.deepEquals(req.warnings[0], 'Invalid Parameter: unknown_value'); |
|
|
|
|
|
|
|
t.end(); |
|
|
|
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
test('expected parameters should not throw warning', function(t) { |
|
|
|
|
|
|
|
var req = { |
|
|
|
|
|
|
|
query: { |
|
|
|
|
|
|
|
value: 'query value' |
|
|
|
|
|
|
|
}, |
|
|
|
|
|
|
|
errors: [], |
|
|
|
|
|
|
|
warnings: [] |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
var sanitizers = { |
|
|
|
|
|
|
|
'first': { |
|
|
|
|
|
|
|
expected: function _expected () { |
|
|
|
|
|
|
|
// add value as a valid parameter for joi
|
|
|
|
|
|
|
|
return [{ |
|
|
|
|
|
|
|
name: 'value' |
|
|
|
|
|
|
|
}]; |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
sanitizeAll.checkParameters(req, sanitizers, function () { |
|
|
|
|
|
|
|
t.equals(req.errors.length, 0); |
|
|
|
|
|
|
|
t.equals(req.warnings.length, 0); |
|
|
|
|
|
|
|
t.end(); |
|
|
|
|
|
|
|
}); |
|
|
|
|
|
|
|
}); |
|
|
|
|
|
|
|
|
|
|
|
}; |
|
|
|
}; |
|
|
|
|
|
|
|
|
|
|
|
module.exports.all = function (tape, common) { |
|
|
|
module.exports.all = function (tape, common) { |
|
|
|