New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix(RequestMethod): Any interface HTTP Request method verification #9
Conversation
* Fix(TokenExpireTime): Agent TokenExpireTime || Console TokenExpireTime (#7) * fix(TokenExpireTime):agent token not console token * Fix(Dockerfile):NodeJS Version * Fix(TokenExpireTime):Update Docs * Update axios to >=0.21.1: GHSA-4w2v-q235-vp99 * Add interface parameter verification logic (application, user, role) * Add interface parameter verification logic (category,permission,resource,user_role) Co-authored-by: iGeeky <igeeky.io@gmail.com>
HTTP Request method verification
@Hcreak I think using exceptions to implement such checks might make the code a bit cleaner. This requires the following steps:
In addition, you need to submit the corresponding unit test at the same time. To ensure that the newly added code is covered by the unit tests. Doing this, in terms of performance, may not be the best, but it will make the code in the business method more simple.Often a single line of code is all that is needed to complete the check. |
I don't understand this place, |
@Hcreak |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When you modify the code, you need to execute the unit tests completely and make sure that all cases pass.
For a complete test, use the command: cd wolf/server && npm run test
To test a single module: cd wolf/server && mocha --exit test/20.user.test.js
In addition, you need to add test cases for the newly added code. Please refer to the code under wolf/server/test.
@@ -37,6 +38,14 @@ class BasicService extends Service { | |||
return this.success({exist}) | |||
} | |||
|
|||
// for REST | |||
async checkMethod(method) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You don't need async here, right?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes.It does not need to be asynchronous. Sorry I have not finished.
@Hcreak After you change the response code to 400, many test cases will need to change the expected status code to 400. Make sure that all test cases pass. |
@iGeeky All unit tests have passed :-) |
对部分接口的HTTP请求方式进行校验 不正确的请求方式将被阻止并给出
ERR_METHOD_INVALID
错误信息