Avoid sanitization in some fields #27
Comments
|
Hi @YagoQuinoy Can you give me an example? |
|
Let's see this example: exports.index = function(req, res) {
var parsedUrl = url.parse(req.url);
var queryObj = queryString.parse(parsedUrl.query);
var search = JSON.parse(queryObj.q);
console.log(search.dates.from); // '222015-11-18T23:00:00.000Z' <- String type
var sanitized = inspector.sanitize(searchSchema, search); // Example: Just want to parse ISODate Strings into Date due to type sanitization.
var result = inspector.validate(searchSchema, sanitized); // If more data is wrong, search is not valid.
if (!result.valid) {
console.log(result.format());
return handleError(res, new Error('Very bad!'));
}
return res.status(200).json({
message: 'Everything is fine'
});
}Having this schema var accommodationTypeEnum = require('api/models/accommodationType/accommodationType.enum');
module.exports = {
type: 'object',
properties: {
accommodationType: {
type: 'string',
optional: true,
exec: function(schema, accommodationType) {
if (accommodationTypeEnum.indexOf(accommodationType) > -1) {
this.report('That type isn\'t allowed', 'CODE-288');
}
}
},
coords: {
type: 'object',
properties: {
northeast: {
type: 'object',
properties: {
lng: {
type: 'number',
min: -90,
max: 90,
error: 'Bad longitude',
code: 'CODE-288'
},
lat: {
type: 'number',
min: -180,
max: 180,
error: 'Bad latitude',
code: 'CODE-288'
}
}
},
southwest: {
type: 'object',
properties: {
lng: {
type: 'number',
min: -90,
max: 90,
error: 'Bad longitude',
code: 'CODE-288'
},
lat: {
type: 'number',
min: -180,
max: 180,
error: 'Bad latitude',
code: 'CODE-288'
}
}
}
}
},
dates: {
type: 'object',
properties: {
from: {
type: 'date',
exec: function(schema, dates) {
if (dates.from < new Date()) {
this.report('Can\' travel to the past', 'CODE-288');
}
}
},
to: {
type: 'date'
}
},
exec: function(schema, dates) {
if (dates.to < dates.from) {
this.report('Crossing dates', 'CODE-288');
}
}
},
occupants: {
type: 'object',
properties: {
adults: {
type: 'number',
gte: 1,
error: 'Need one adult',
code: 'CODE-288'
},
children: {
type: 'number',
gte: 0,
optional: true,
error: 'Negative children?',
code: 'CODE-288'
},
childrenAges: {
type: 'array',
items: {
type: 'number',
gte: 0
},
optional: true,
error: 'Negative children ages',
code: 'CODE-288'
}
},
exec: function(schema, occupants) {
if (occupants.children !== occupants.childrenAges.length) {
this.report('The number of children doesn\'t match with the children ages length', 'CODE-288');
}
}
}
} |
|
I found a solution for tis example using the 'pattern' option. |
|
Ok I see, what you can do is to use 2 different schemas, one for the sanitization and one for the validation. This is how I always do. The pattern option is one solution too yes! |
|
That's a nice solution! It would be nice that you could add those kind of tips at the documentation. |
|
I will, than you @YagoQuinoy! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There is a way to avoid sanitization in some fields?
I'm interested on sanitization to parse date strings into date object(otherwise, validation fails), but at the same time i don't want to sanitize other fields. I want them to fail.
The text was updated successfully, but these errors were encountered: