Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixed Validation Bypass Issue #10
  • Loading branch information
Manvel authored and Manvel committed Aug 8, 2020
1 parent 8a3cb77 commit e3eec12
Show file tree
Hide file tree
Showing 13 changed files with 553 additions and 467 deletions.
6 changes: 0 additions & 6 deletions .idea/vcs.xml

This file was deleted.

18 changes: 9 additions & 9 deletions README.md
Expand Up @@ -6,16 +6,16 @@ Json Pattern Validator.

***jpv*** - it is an easy-to-use JSON schema validator library for large and complex data.

Validating a JSON object by comparing it with a pattern object, passing through all the nodes of the pattern using constious simple validation methods.
Validating a JSON object by comparing it by source like pattern, passing through all the nodes of the pattern using constious simple validation methods.

#### Main concept

Verification comes with the **jpv.validate** function

```javascript
jpv.validate(
json, // --> The JSON Object you want to validate
pattern // --> The pattern object using the same structure as JSON with the validation patterns.
json, // --> The JSON Object you want to validate
pattern // --> The json-like pattern
)
```
> The function returns only true or false
Expand Down Expand Up @@ -213,7 +213,7 @@ Available defined patterns:



#### "and", "or", "not" operators
### "and", "or", "not" operators

JPV allows you to use the most fundamental operators “or”, “and”, “not”, as we do in almost every programming language.

Expand Down Expand Up @@ -269,7 +269,7 @@ Using these operators we can write big and complex conditions like:
);
const json = {
key1: 'example@gmal.com',
key1: 'example@gmail.com',
key2: '1234567890'
}
Expand All @@ -284,7 +284,7 @@ Using these operators we can write big and complex conditions like:
```


#### Functional
### Functional

This is the future specifically for custom validation patterns.
Patterns with functions will be called any time when validating:
Expand All @@ -303,7 +303,7 @@ Patterns with functions will be called any time when validating:
```

#### Modes
### Modes

There are two ```standard``` and ```strict``` modes.

Expand Down Expand Up @@ -349,7 +349,7 @@ Example of usage strict and standard modes
```


#### Arrays
### Arrays

To validate nested arrays elements all you need is to create **one** nested pattern inside an array.
Each array element will be validated according to the first element of the pattern.
Expand Down Expand Up @@ -409,7 +409,7 @@ const json = { index: "[email]"}
const pattern = { index: jpv.exact("[number]") }
```

#### Debugging
### Debugging

The *jpv.validate* function returns only a boolean type.
But if you want more information about errors, just turn on debugging mode ({debug: true}) in the third argument of function.
Expand Down
40 changes: 32 additions & 8 deletions index.js
Expand Up @@ -42,6 +42,27 @@ function comparePattern (value, pattern) {
throw new Error('Invalid Pattern');
}

/**
* Custom Is Array
* @param value
* @returns boolean
*/
function isArray (value) {
if (Object.prototype.hasOwnProperty.call(Array, 'isArray')) {
return Array.isArray(value);
}
if (typeof value !== 'object') {
return false;
}
if (Object.prototype.toString.call(value) !== '[object Array]') {
return false;
}
if (!(value instanceof Array)) {
return false;
}
return true;
}

/**
* OR operator
* @param patterns
Expand Down Expand Up @@ -120,20 +141,19 @@ const compare = (value, pattern, options) => {
const res = (result) => {
let val = '';
if (!pattern || ((typeof pattern !== 'object') && (typeof pattern !== 'string') && typeof pattern !== 'function')) {
val = String(pattern)
val = String(pattern);
} else if (pattern.constructor === JpvObject) {
val = `operator "${pattern.type}": ${JSON.stringify(pattern.value)}`;
} else {
JSON.stringify(pattern)
JSON.stringify(pattern);
}


if (typeof pattern === 'function') {
val = pattern.toString();
}
if (!result && options && options.debug) {
options.logger(`error - the value of: {${options.deepLog.join('.')}: ` +
`${String(value)}} not matched with: ${val}`);
`${String(value)}} not matched with: ${val}`);
}
return result;
};
Expand Down Expand Up @@ -270,6 +290,10 @@ const compare = (value, pattern, options) => {

// pattern = object
if (typeof pattern === 'object') {
if (isArray(pattern)) {
return res(isArray(value));
}

if (value !== null) {
return res(value.constructor === pattern.constructor);
}
Expand Down Expand Up @@ -393,13 +417,13 @@ const iterate = (value, pattern, valid, cb, options) => {
* Iterate through value
* */
for (const property in value) {
if (value.hasOwnProperty(property)) {
if (Object.prototype.hasOwnProperty.call(value, String(property))) {
const level = push(options, property, value.constructor);
valid = (() => {
/*
* When missing pattern
* */
if (!pattern.hasOwnProperty(property)) {
if (!Object.prototype.hasOwnProperty.call(pattern, String(property))) {
return (valid = cb(value[property], undefined, options));
}

Expand All @@ -411,8 +435,8 @@ const iterate = (value, pattern, valid, cb, options) => {
/*
* iterate if pattern is an Array
* */
if ((pattern[property].constructor === Array) && (pattern[property].length > 0)) {
if (value[property].constructor !== Array) {
if ((isArray(pattern[property])) && (pattern[property].length > 0)) {
if (!isArray(value[property])) {
return (valid = cb(value[property], pattern[property], options));
}
for (let i = 0; i < value[property].length; i++) {
Expand Down

0 comments on commit e3eec12

Please sign in to comment.