New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Avoid sanitization in some fields #27
Comments
Hi @YagoQuinoy Can you give me an example? |
Let's see this example: exports.index = function(req, res) {
var parsedUrl = url.parse(req.url);
var queryObj = queryString.parse(parsedUrl.query);
var search = JSON.parse(queryObj.q);
console.log(search.dates.from); // '222015-11-18T23:00:00.000Z' <- String type
var sanitized = inspector.sanitize(searchSchema, search); // Example: Just want to parse ISODate Strings into Date due to type sanitization.
var result = inspector.validate(searchSchema, sanitized); // If more data is wrong, search is not valid.
if (!result.valid) {
console.log(result.format());
return handleError(res, new Error('Very bad!'));
}
return res.status(200).json({
message: 'Everything is fine'
});
} Having this schema var accommodationTypeEnum = require('api/models/accommodationType/accommodationType.enum');
module.exports = {
type: 'object',
properties: {
accommodationType: {
type: 'string',
optional: true,
exec: function(schema, accommodationType) {
if (accommodationTypeEnum.indexOf(accommodationType) > -1) {
this.report('That type isn\'t allowed', 'CODE-288');
}
}
},
coords: {
type: 'object',
properties: {
northeast: {
type: 'object',
properties: {
lng: {
type: 'number',
min: -90,
max: 90,
error: 'Bad longitude',
code: 'CODE-288'
},
lat: {
type: 'number',
min: -180,
max: 180,
error: 'Bad latitude',
code: 'CODE-288'
}
}
},
southwest: {
type: 'object',
properties: {
lng: {
type: 'number',
min: -90,
max: 90,
error: 'Bad longitude',
code: 'CODE-288'
},
lat: {
type: 'number',
min: -180,
max: 180,
error: 'Bad latitude',
code: 'CODE-288'
}
}
}
}
},
dates: {
type: 'object',
properties: {
from: {
type: 'date',
exec: function(schema, dates) {
if (dates.from < new Date()) {
this.report('Can\' travel to the past', 'CODE-288');
}
}
},
to: {
type: 'date'
}
},
exec: function(schema, dates) {
if (dates.to < dates.from) {
this.report('Crossing dates', 'CODE-288');
}
}
},
occupants: {
type: 'object',
properties: {
adults: {
type: 'number',
gte: 1,
error: 'Need one adult',
code: 'CODE-288'
},
children: {
type: 'number',
gte: 0,
optional: true,
error: 'Negative children?',
code: 'CODE-288'
},
childrenAges: {
type: 'array',
items: {
type: 'number',
gte: 0
},
optional: true,
error: 'Negative children ages',
code: 'CODE-288'
}
},
exec: function(schema, occupants) {
if (occupants.children !== occupants.childrenAges.length) {
this.report('The number of children doesn\'t match with the children ages length', 'CODE-288');
}
}
}
} |
I found a solution for tis example using the 'pattern' option. |
Ok I see, what you can do is to use 2 different schemas, one for the sanitization and one for the validation. This is how I always do. The pattern option is one solution too yes! |
That's a nice solution! It would be nice that you could add those kind of tips at the documentation. |
I will, than you @YagoQuinoy! |
There is a way to avoid sanitization in some fields?
I'm interested on sanitization to parse date strings into date object(otherwise, validation fails), but at the same time i don't want to sanitize other fields. I want them to fail.
The text was updated successfully, but these errors were encountered: