diff --git a/src/api/endpoints/i/appdata/get.js b/src/api/endpoints/i/appdata/get.ts similarity index 100% rename from src/api/endpoints/i/appdata/get.js rename to src/api/endpoints/i/appdata/get.ts diff --git a/src/api/endpoints/i/appdata/set.js b/src/api/endpoints/i/appdata/set.ts similarity index 100% rename from src/api/endpoints/i/appdata/set.js rename to src/api/endpoints/i/appdata/set.ts diff --git a/src/api/endpoints/i/authorized_apps.js b/src/api/endpoints/i/authorized_apps.ts similarity index 60% rename from src/api/endpoints/i/authorized_apps.js rename to src/api/endpoints/i/authorized_apps.ts index 3c0cf75057..fb56a107e7 100644 --- a/src/api/endpoints/i/authorized_apps.js +++ b/src/api/endpoints/i/authorized_apps.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../it'; import AccessToken from '../../models/access-token'; import serialize from '../../serializers/app'; @@ -18,28 +18,16 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'limit' parameter - let limit = params.limit; - if (limit !== undefined && limit !== null) { - limit = parseInt(limit, 10); - - // From 1 to 100 - if (!(1 <= limit && limit <= 100)) { - return rej('invalid limit range'); - } - } else { - limit = 10; - } + const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed(); + if (limitErr) return rej('invalid limit param'); // Get 'offset' parameter - let offset = params.offset; - if (offset !== undefined && offset !== null) { - offset = parseInt(offset, 10); - } else { - offset = 0; - } + const [offset, offsetErr] = it(params.offset).expect.number().min(0).default(0).qed(); + if (offsetErr) return rej('invalid offset param'); // Get 'sort' parameter - let sort = params.sort || 'desc'; + const [sort, sortError] = it(params.sort).expect.string().or('desc asc').default('desc').qed(); + if (sortError) return rej('invalid sort param'); // Get tokens const tokens = await AccessToken diff --git a/src/api/endpoints/i/favorites.js b/src/api/endpoints/i/favorites.ts similarity index 52% rename from src/api/endpoints/i/favorites.js rename to src/api/endpoints/i/favorites.ts index 28e402e366..c04d318379 100644 --- a/src/api/endpoints/i/favorites.js +++ b/src/api/endpoints/i/favorites.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../it'; import Favorite from '../../models/favorite'; import serialize from '../../serializers/post'; @@ -11,37 +11,26 @@ import serialize from '../../serializers/post'; * Get followers of a user * * @param {any} params + * @param {any} user * @return {Promise} */ -module.exports = (params) => +module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'limit' parameter - let limit = params.limit; - if (limit !== undefined && limit !== null) { - limit = parseInt(limit, 10); - - // From 1 to 100 - if (!(1 <= limit && limit <= 100)) { - return rej('invalid limit range'); - } - } else { - limit = 10; - } + const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed(); + if (limitErr) return rej('invalid limit param'); // Get 'offset' parameter - let offset = params.offset; - if (offset !== undefined && offset !== null) { - offset = parseInt(offset, 10); - } else { - offset = 0; - } + const [offset, offsetErr] = it(params.offset).expect.number().min(0).default(0).qed(); + if (offsetErr) return rej('invalid offset param'); // Get 'sort' parameter - let sort = params.sort || 'desc'; + const [sort, sortError] = it(params.sort).expect.string().or('desc asc').default('desc').qed(); + if (sortError) return rej('invalid sort param'); // Get favorites - const favorites = await Favorites + const favorites = await Favorite .find({ user_id: user._id }, { diff --git a/src/api/endpoints/i/notifications.js b/src/api/endpoints/i/notifications.ts similarity index 59% rename from src/api/endpoints/i/notifications.js rename to src/api/endpoints/i/notifications.ts index d5174439e2..21537ea799 100644 --- a/src/api/endpoints/i/notifications.js +++ b/src/api/endpoints/i/notifications.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../it'; import Notification from '../../models/notification'; import serialize from '../../serializers/notification'; import getFriends from '../../common/get-friends'; @@ -19,44 +19,38 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'following' parameter - const following = params.following; + const [following, followingError] = + it(params.following).expect.boolean().default(false).qed(); + if (followingError) return rej('invalid following param'); // Get 'mark_as_read' parameter - let markAsRead = params.mark_as_read; - if (markAsRead == null) { - markAsRead = true; - } + const [markAsRead, markAsReadErr] = it(params.mark_as_read).expect.boolean().default(true).qed(); + if (markAsReadErr) return rej('invalid mark_as_read param'); // Get 'type' parameter - let type = params.type; - if (type !== undefined && type !== null) { - type = type.split(',').map(x => x.trim()); - } + const [type, typeErr] = it(params.type).expect.array().unique().allString().qed(); + if (typeErr) return rej('invalid type param'); // Get 'limit' parameter - let limit = params.limit; - if (limit !== undefined && limit !== null) { - limit = parseInt(limit, 10); + const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed(); + if (limitErr) return rej('invalid limit param'); - // From 1 to 100 - if (!(1 <= limit && limit <= 100)) { - return rej('invalid limit range'); - } - } else { - limit = 10; - } + // Get 'since_id' parameter + const [sinceId, sinceIdErr] = it(params.since_id).expect.id().qed(); + if (sinceIdErr) return rej('invalid since_id param'); - const since = params.since_id || null; - const max = params.max_id || null; + // Get 'max_id' parameter + const [maxId, maxIdErr] = it(params.max_id).expect.id().qed(); + if (maxIdErr) return rej('invalid max_id param'); // Check if both of since_id and max_id is specified - if (since !== null && max !== null) { + if (sinceId !== null && maxId !== null) { return rej('cannot set since_id and max_id'); } const query = { notifiee_id: user._id - }; + } as any; const sort = { _id: -1 @@ -77,14 +71,14 @@ module.exports = (params, user) => }; } - if (since !== null) { + if (sinceId) { sort._id = 1; query._id = { - $gt: new mongo.ObjectID(since) + $gt: sinceId }; - } else if (max !== null) { + } else if (maxId) { query._id = { - $lt: new mongo.ObjectID(max) + $lt: maxId }; } diff --git a/src/api/endpoints/i/signin_history.js b/src/api/endpoints/i/signin_history.ts similarity index 57% rename from src/api/endpoints/i/signin_history.js rename to src/api/endpoints/i/signin_history.ts index ede821e3cf..db36438bfe 100644 --- a/src/api/endpoints/i/signin_history.js +++ b/src/api/endpoints/i/signin_history.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../it'; import Signin from '../../models/signin'; import serialize from '../../serializers/signin'; @@ -18,42 +18,38 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'limit' parameter - let limit = params.limit; - if (limit !== undefined && limit !== null) { - limit = parseInt(limit, 10); + const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed(); + if (limitErr) return rej('invalid limit param'); - // From 1 to 100 - if (!(1 <= limit && limit <= 100)) { - return rej('invalid limit range'); - } - } else { - limit = 10; - } + // Get 'since_id' parameter + const [sinceId, sinceIdErr] = it(params.since_id).expect.id().qed(); + if (sinceIdErr) return rej('invalid since_id param'); - const since = params.since_id || null; - const max = params.max_id || null; + // Get 'max_id' parameter + const [maxId, maxIdErr] = it(params.max_id).expect.id().qed(); + if (maxIdErr) return rej('invalid max_id param'); // Check if both of since_id and max_id is specified - if (since !== null && max !== null) { + if (sinceId !== null && maxId !== null) { return rej('cannot set since_id and max_id'); } const query = { user_id: user._id - }; + } as any; const sort = { _id: -1 }; - if (since !== null) { + if (sinceId) { sort._id = 1; query._id = { - $gt: new mongo.ObjectID(since) + $gt: sinceId }; - } else if (max !== null) { + } else if (maxId) { query._id = { - $lt: new mongo.ObjectID(max) + $lt: maxId }; } diff --git a/src/api/endpoints/i/update.js b/src/api/endpoints/i/update.ts similarity index 89% rename from src/api/endpoints/i/update.js rename to src/api/endpoints/i/update.ts index 4abb4fcb7b..1e46315ceb 100644 --- a/src/api/endpoints/i/update.js +++ b/src/api/endpoints/i/update.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../it'; import User from '../../models/user'; import { isValidName, isValidBirthday } from '../../models/user'; import serialize from '../../serializers/user'; @@ -23,18 +23,9 @@ module.exports = async (params, user, _, isSecure) => new Promise(async (res, rej) => { // Get 'name' parameter - const name = params.name; - if (name !== undefined && name !== null) { - if (typeof name != 'string') { - return rej('name must be a string'); - } - - if (!isValidName(name)) { - return rej('invalid name'); - } - - user.name = name; - } + const [name, nameErr] = it(params.name).expect.string().validate(isValidName).qed(); + if (nameErr) return rej('invalid name param'); + user.name = name; // Get 'description' parameter const description = params.description; diff --git a/src/api/endpoints/posts/create.ts b/src/api/endpoints/posts/create.ts index 686c3a67d0..3dc121305c 100644 --- a/src/api/endpoints/posts/create.ts +++ b/src/api/endpoints/posts/create.ts @@ -131,21 +131,18 @@ module.exports = (params, user, app) => let poll = null; if (_poll !== null) { - const [pollChoices, pollChoicesErr] = it(params.poll, 'set', false, [ - choices => { - const shouldReject = choices.some(choice => { + const [pollChoices, pollChoicesErr] = + it(params.poll).expect.array() + .unique() + .allString() + .range(1, 10) + .validate(choices => !choices.some(choice => { if (typeof choice != 'string') return true; if (choice.trim().length == 0) return true; if (choice.trim().length > 50) return true; return false; - }); - return shouldReject ? new Error('invalid poll choices') : true; - }, - // 選択肢がひとつならエラー - choices => choices.length == 1 ? new Error('poll choices must be ひとつ以上') : true, - // 選択肢が多すぎてもエラー - choices => choices.length > 10 ? new Error('many poll choices') : true, - ]); + })) + .qed(); if (pollChoicesErr) return rej('invalid poll choices'); _poll.choices = pollChoices.map((choice, i) => ({ diff --git a/src/api/it.ts b/src/api/it.ts index 039f879957..b08612c709 100644 --- a/src/api/it.ts +++ b/src/api/it.ts @@ -48,23 +48,27 @@ class QueryCore implements Query { value: any; error: Error; - constructor() { - this.value = null; + constructor(value: any) { + this.value = value; this.error = null; } - /** - * このインスタンスの値が null、またはエラーが存在しているなどして、処理をスキップするべきか否か - */ - get shouldSkip() { - return this.error !== null || this.value === null; + get isEmpty() { + return this.value === undefined || this.value === null; } /** - * このインスタンスの値が undefined または null の場合エラーにします + * このインスタンスの値が空、またはエラーが存在しているなどして、処理をスキップするべきか否か + */ + get shouldSkip() { + return this.error !== null || this.isEmpty; + } + + /** + * このインスタンスの値が空の場合エラーにします */ required() { - if (this.error === null && this.value === null) { + if (this.error === null && this.isEmpty) { this.error = new Error('required'); } return this; @@ -74,7 +78,7 @@ class QueryCore implements Query { * このインスタンスの値が設定されていないときにデフォルトで設定する値を設定します */ default(value: any) { - if (this.value === null) { + if (this.isEmpty) { this.value = value; } return this; @@ -109,13 +113,9 @@ class BooleanQuery extends QueryCore { error: Error; constructor(value) { - super(); - if (value === undefined || value === null) { - this.value = null; - } else if (typeof value != 'boolean') { + super(value); + if (!this.isEmpty && typeof value != 'boolean') { this.error = new Error('must-be-a-boolean'); - } else { - this.value = value; } } @@ -155,13 +155,9 @@ class NumberQuery extends QueryCore { error: Error; constructor(value) { - super(); - if (value === undefined || value === null) { - this.value = null; - } else if (!Number.isFinite(value)) { + super(value); + if (!this.isEmpty && !Number.isFinite(value)) { this.error = new Error('must-be-a-number'); - } else { - this.value = value; } } @@ -238,13 +234,9 @@ class StringQuery extends QueryCore { error: Error; constructor(value) { - super(); - if (value === undefined || value === null) { - this.value = null; - } else if (typeof value != 'string') { + super(value); + if (!this.isEmpty && typeof value != 'string') { this.error = new Error('must-be-a-string'); - } else { - this.value = value; } } @@ -327,13 +319,9 @@ class ArrayQuery extends QueryCore { error: Error; constructor(value) { - super(); - if (value === undefined || value === null) { - this.value = null; - } else if (!Array.isArray(value)) { + super(value); + if (!this.isEmpty && !Array.isArray(value)) { this.error = new Error('must-be-an-array'); - } else { - this.value = value; } } @@ -361,6 +349,18 @@ class ArrayQuery extends QueryCore { return this; } + /** + * このインスタンスの配列内の要素すべてが文字列であるか検証します + * ひとつでも文字列以外の要素が存在する場合エラーにします + */ + allString() { + if (this.shouldSkip) return this; + if (this.value.some(x => typeof x != 'string')) { + this.error = new Error('dirty-array'); + } + return this; + } + /** * このインスタンスの値が undefined または null の場合エラーにします */ @@ -397,13 +397,9 @@ class IdQuery extends QueryCore { error: Error; constructor(value) { - super(); - if (value === undefined || value === null) { - this.value = null; - } else if (typeof value != 'string' || !mongo.ObjectID.isValid(value)) { + super(value); + if (!this.isEmpty && (typeof value != 'string' || !mongo.ObjectID.isValid(value))) { this.error = new Error('must-be-an-id'); - } else { - this.value = new mongo.ObjectID(value); } } @@ -443,13 +439,9 @@ class ObjectQuery extends QueryCore { error: Error; constructor(value) { - super(); - if (value === undefined || value === null) { - this.value = null; - } else if (typeof value != 'object') { + super(value); + if (!this.isEmpty && typeof value != 'object') { this.error = new Error('must-be-an-object'); - } else { - this.value = value; } }