jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Check the data type of values in the post request

Browse Source
This commit is contained in:
Girish Ramakrishnan
2014-11-06 09:34:48 -08:00
parent fa58516421
commit aa585dc4f0
2 changed files with 25 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/apps.js
+3 -3
View File
@@ -93,9 +93,9 @@ function installApp(req, res, next) {
var data = req.body;
if (!data) return next(new HttpError(400, 'Cannot parse data field'));
if (!data.appStoreId) return next(new HttpError(400, 'appStoreId is required'));
if (!data.password) return next(new HttpError(400, 'password is required'));
if (!data.location) return next(new HttpError(400, 'location is required'));
if (typeof data.appStoreId !== 'string') return next(new HttpError(400, 'appStoreId is required'));
if (typeof data.password !== 'string') return next(new HttpError(400, 'password is required'));
if (typeof data.location !== 'string') return next(new HttpError(400, 'location is required'));
if (('portBindings' in data) && typeof data.portBindings !== 'object') return next(new HttpError(400, 'portBindings must be an object'));
if (typeof data.restrictAccessTo !== 'string') return next(new HttpError(400, 'restrictAccessTo is required'));
src/routes/test/apps-test.js
+22
View File
@@ -157,6 +157,28 @@ describe('App API', function () {
});
});
it('app install fails - invalid location type', function (done) {
request.post(SERVER_URL + '/api/v1/app/install')
.query({ access_token: token })
.send({ appStoreId: APP_STORE_ID, password: PASSWORD, location: 42, restrictAccessTo: '' })
.end(function (err, res) {
expect(res.statusCode).to.equal(400);
expect(res.body.message).to.eql('location is required');
done(err);
});
});
it('app install fails - invalid password type', function (done) {
request.post(SERVER_URL + '/api/v1/app/install')
.query({ access_token: token })
.send({ appStoreId: APP_STORE_ID, password: 3.52, location: 'ninja', restrictAccessTo: '' })
.end(function (err, res) {
expect(res.statusCode).to.equal(400);
expect(res.body.message).to.eql('password is required');
done(err);
});
});
it('app install fails - reserved location', function (done) {
request.post(SERVER_URL + '/api/v1/app/install')
.query({ access_token: token })