diff --git a/sanitiser/_single_scalar_parameters.js b/sanitiser/_single_scalar_parameters.js new file mode 100644 index 00000000..6bf2fd55 --- /dev/null +++ b/sanitiser/_single_scalar_parameters.js @@ -0,0 +1,23 @@ + +var _ = require('lodash'), + check = require('check-types'); + +// validate inputs +function sanitize( raw, clean ){ + // error & warning messages + var messages = { errors: [], warnings: [] }; + + Object.keys(raw).forEach(function(key) { + if (_.isArray(raw[key])) { + messages.errors.push('\'' + key + '\' parameter can only have one value'); + } else if (_.isObject(raw[key])) { + messages.errors.push('\'' + key + '\' parameter must be a scalar'); + } + + }); + + return messages; +} + +// export function +module.exports = sanitize; diff --git a/sanitiser/autocomplete.js b/sanitiser/autocomplete.js index 84e8752a..c6dc08da 100644 --- a/sanitiser/autocomplete.js +++ b/sanitiser/autocomplete.js @@ -1,5 +1,6 @@ var sanitizeAll = require('../sanitiser/sanitizeAll'), sanitizers = { + singleScalarParameters: require('../sanitiser/_single_scalar_parameters'), text: require('../sanitiser/_text'), size: require('../sanitiser/_size'), private: require('../sanitiser/_flag_bool')('private', false), diff --git a/sanitiser/place.js b/sanitiser/place.js index be68e4aa..74c80c6b 100644 --- a/sanitiser/place.js +++ b/sanitiser/place.js @@ -1,6 +1,7 @@ var sanitizeAll = require('../sanitiser/sanitizeAll'), sanitizers = { + singleScalarParameters: require('../sanitiser/_single_scalar_parameters'), ids: require('../sanitiser/_ids'), private: require('../sanitiser/_flag_bool')('private', false) }; diff --git a/sanitiser/reverse.js b/sanitiser/reverse.js index 25e8d71b..dd9eeb1d 100644 --- a/sanitiser/reverse.js +++ b/sanitiser/reverse.js @@ -1,6 +1,7 @@ var sanitizeAll = require('../sanitiser/sanitizeAll'), sanitizers = { + singleScalarParameters: require('../sanitiser/_single_scalar_parameters'), layers: require('../sanitiser/_targets')('layers', require('../query/layers')), sources: require('../sanitiser/_targets')('sources', require('../query/sources')), size: require('../sanitiser/_size'), diff --git a/sanitiser/search.js b/sanitiser/search.js index 22737180..e1b79528 100644 --- a/sanitiser/search.js +++ b/sanitiser/search.js @@ -1,6 +1,7 @@ var sanitizeAll = require('../sanitiser/sanitizeAll'), sanitizers = { + singleScalarParameters: require('../sanitiser/_single_scalar_parameters'), text: require('../sanitiser/_text'), size: require('../sanitiser/_size'), layers: require('../sanitiser/_targets')('layers', require( '../query/layers' )), diff --git a/test/unit/run.js b/test/unit/run.js index efa0c4de..50c301de 100644 --- a/test/unit/run.js +++ b/test/unit/run.js @@ -30,6 +30,7 @@ var tests = [ require('./middleware/distance'), require('./middleware/confidenceScoreReverse'), require('./sanitiser/_size'), + require('./sanitiser/_single_scalar_parameters'), ]; tests.map(function(t) { diff --git a/test/unit/sanitiser/_single_scalar_parameters.js b/test/unit/sanitiser/_single_scalar_parameters.js new file mode 100644 index 00000000..4b1fc9d0 --- /dev/null +++ b/test/unit/sanitiser/_single_scalar_parameters.js @@ -0,0 +1,60 @@ +var sanitize = require('../../../sanitiser/_single_scalar_parameters'); + +module.exports.tests = {}; + +module.exports.tests.single_scalar_parameters = function(test, common) { + test('all duplicate parameters should have error messages returned', function(t) { + var raw = { + arrayParameter1: ['value1', 'value2'], + scalarParameter: 'value', + arrayParameter2: ['value3'] + }; + var clean = {}; + var errorsAndWarnings = sanitize(raw, clean); + t.deepEquals(errorsAndWarnings, { + errors: [ + '\'arrayParameter1\' parameter can only have one value', + '\'arrayParameter2\' parameter can only have one value', + ], + warnings: [] + }); + t.end(); + }); + + test('object parameters should have error messages returned', function(t) { + var raw = { + objectParameter1: { key1: 'value1', key2: 'value2'}, + scalarParameter: 'value', + objectParameter2: { } + }; + var clean = {}; + var errorsAndWarnings = sanitize(raw, clean); + t.deepEquals(errorsAndWarnings, { + errors: [ + '\'objectParameter1\' parameter must be a scalar', + '\'objectParameter2\' parameter must be a scalar' + ], + warnings: [] + }); + t.end(); + }); + + test('request with all scalar parameters should return empty errors', function(t) { + var raw = { scalarParameter1: 'value1', scalarParameter2: 2, scalarParameter3: true }; + var clean = {}; + var errorsAndWarnings = sanitize(raw, clean); + t.deepEquals(errorsAndWarnings, { errors: [], warnings: [] }); + t.end(); + }); + +}; + +module.exports.all = function (tape, common) { + function test(name, testFunction) { + return tape('SANTIZE _single_scalar_parameters ' + name, testFunction); + } + + for( var testCase in module.exports.tests ){ + module.exports.tests[testCase](test, common); + } +}; diff --git a/test/unit/sanitiser/autocomplete.js b/test/unit/sanitiser/autocomplete.js index a2a0e59e..4044d7f1 100644 --- a/test/unit/sanitiser/autocomplete.js +++ b/test/unit/sanitiser/autocomplete.js @@ -4,7 +4,7 @@ module.exports.tests = {}; module.exports.tests.sanitisers = function(test, common) { test('check sanitiser list', function (t) { - var expected = ['text', 'size', 'private', 'geo_autocomplete' ]; + var expected = ['singleScalarParameters', 'text', 'size', 'private', 'geo_autocomplete' ]; t.deepEqual(Object.keys(autocomplete.sanitiser_list), expected); t.end(); }); diff --git a/test/unit/sanitiser/place.js b/test/unit/sanitiser/place.js index ca97cf54..c3cd81cf 100644 --- a/test/unit/sanitiser/place.js +++ b/test/unit/sanitiser/place.js @@ -19,6 +19,14 @@ module.exports.tests.interface = function(test, common) { }); }; +module.exports.tests.sanitisers = function(test, common) { + test('check sanitiser list', function (t) { + var expected = ['singleScalarParameters', 'ids', 'private' ]; + t.deepEqual(Object.keys(place.sanitiser_list), expected); + t.end(); + }); +}; + module.exports.tests.sanitize_private = function(test, common) { var invalid_values = [null, -1, 123, NaN, 'abc']; invalid_values.forEach(function(value) { diff --git a/test/unit/sanitiser/reverse.js b/test/unit/sanitiser/reverse.js index 759aef28..818829f9 100644 --- a/test/unit/sanitiser/reverse.js +++ b/test/unit/sanitiser/reverse.js @@ -36,7 +36,7 @@ module.exports.tests.interface = function(test, common) { module.exports.tests.sanitisers = function(test, common) { test('check sanitiser list', function (t) { - var expected = ['layers', 'sources', 'size', 'private', 'geo_reverse', 'boundary_country']; + var expected = ['singleScalarParameters', 'layers', 'sources', 'size', 'private', 'geo_reverse', 'boundary_country']; t.deepEqual(Object.keys(reverse.sanitiser_list), expected); t.end(); }); diff --git a/test/unit/sanitiser/search.js b/test/unit/sanitiser/search.js index daa2f7ea..f50a46a2 100644 --- a/test/unit/sanitiser/search.js +++ b/test/unit/sanitiser/search.js @@ -25,7 +25,7 @@ module.exports.tests.interface = function(test, common) { module.exports.tests.sanitisers = function(test, common) { test('check sanitiser list', function (t) { - var expected = ['text', 'size', 'layers', 'sources', 'private', 'geo_search', 'boundary_country' ]; + var expected = ['singleScalarParameters', 'text', 'size', 'layers', 'sources', 'private', 'geo_search', 'boundary_country' ]; t.deepEqual(Object.keys(search.sanitiser_list), expected); t.end(); }); @@ -33,7 +33,7 @@ module.exports.tests.sanitisers = function(test, common) { module.exports.tests.sanitize_invalid_text = function(test, common) { test('invalid text', function(t) { - var invalid = [ '', 100, null, undefined, new Date() ]; + var invalid = [ '', 100, null, undefined ]; invalid.forEach( function( text ){ var req = { query: { text: text } }; sanitize(req, function(){