mirror of
https://github.com/Unleash/unleash.git
synced 2025-01-01 00:08:27 +01:00
parent
2fe47e85ee
commit
2a751a4789
@ -46,7 +46,13 @@ module.exports = function(config) {
|
|||||||
})
|
})
|
||||||
);
|
);
|
||||||
|
|
||||||
app.use(validator([]));
|
app.use(
|
||||||
|
validator({
|
||||||
|
customValidators: {
|
||||||
|
isUrlFirendlyName: input => encodeURIComponent(input) === input,
|
||||||
|
},
|
||||||
|
})
|
||||||
|
);
|
||||||
|
|
||||||
if (publicFolder) {
|
if (publicFolder) {
|
||||||
app.use(baseUriPath, express.static(publicFolder));
|
app.use(baseUriPath, express.static(publicFolder));
|
||||||
|
@ -15,8 +15,6 @@ const ValidationError = require('../../error/validation-error.js');
|
|||||||
const validateRequest = require('../../error/validate-request');
|
const validateRequest = require('../../error/validate-request');
|
||||||
const extractUser = require('../../extract-user');
|
const extractUser = require('../../extract-user');
|
||||||
|
|
||||||
const nameRegex = /^[0-9a-zA-Z\-._]+$/;
|
|
||||||
|
|
||||||
const handleErrors = (req, res, error) => {
|
const handleErrors = (req, res, error) => {
|
||||||
logger.warn('Error creating or updating feature', error);
|
logger.warn('Error creating or updating feature', error);
|
||||||
switch (error.constructor) {
|
switch (error.constructor) {
|
||||||
@ -110,9 +108,7 @@ module.exports.router = function(config) {
|
|||||||
|
|
||||||
router.post('/validate', (req, res) => {
|
router.post('/validate', (req, res) => {
|
||||||
req.checkBody('name', 'Name is required').notEmpty();
|
req.checkBody('name', 'Name is required').notEmpty();
|
||||||
req
|
req.checkBody('name', 'Name must be URL friendly').isUrlFirendlyName();
|
||||||
.checkBody('name', 'Name must match format ^[0-9a-zA-Z\\.\\-\\_]+$')
|
|
||||||
.matches(/^[0-9a-zA-Z\\.\\-\\_]+$/i);
|
|
||||||
|
|
||||||
validateRequest(req)
|
validateRequest(req)
|
||||||
.then(validateUniqueName)
|
.then(validateUniqueName)
|
||||||
@ -122,9 +118,8 @@ module.exports.router = function(config) {
|
|||||||
|
|
||||||
router.post('/', (req, res) => {
|
router.post('/', (req, res) => {
|
||||||
req.checkBody('name', 'Name is required').notEmpty();
|
req.checkBody('name', 'Name is required').notEmpty();
|
||||||
req
|
req.checkBody('name', 'Name must be URL friendly').isUrlFirendlyName();
|
||||||
.checkBody('name', `Name must match format ${nameRegex.source}`)
|
|
||||||
.matches(nameRegex);
|
|
||||||
const userName = extractUser(req);
|
const userName = extractUser(req);
|
||||||
|
|
||||||
validateRequest(req)
|
validateRequest(req)
|
||||||
|
@ -96,7 +96,7 @@ test('should require at least one strategy when updating a feature toggle', t =>
|
|||||||
.expect(400);
|
.expect(400);
|
||||||
});
|
});
|
||||||
|
|
||||||
test('valid feature names pass validation', async t => {
|
test('valid feature names should pass validation', t => {
|
||||||
t.plan(0);
|
t.plan(0);
|
||||||
const { request, base } = getSetup();
|
const { request, base } = getSetup();
|
||||||
|
|
||||||
@ -123,3 +123,30 @@ test('valid feature names pass validation', async t => {
|
|||||||
)
|
)
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
test('invalid feature names should not pass validation', t => {
|
||||||
|
t.plan(0);
|
||||||
|
const { request, base } = getSetup();
|
||||||
|
|
||||||
|
const invalidNames = [
|
||||||
|
'some example',
|
||||||
|
'some$example',
|
||||||
|
'me&me',
|
||||||
|
' ',
|
||||||
|
'o2%ae',
|
||||||
|
];
|
||||||
|
|
||||||
|
return Promise.all(
|
||||||
|
invalidNames.map(name =>
|
||||||
|
request
|
||||||
|
.post(`${base}/api/admin/features`)
|
||||||
|
.send({
|
||||||
|
name,
|
||||||
|
enabled: false,
|
||||||
|
strategies: [{ name: 'default' }],
|
||||||
|
})
|
||||||
|
.set('Content-Type', 'application/json')
|
||||||
|
.expect(400)
|
||||||
|
)
|
||||||
|
);
|
||||||
|
});
|
||||||
|
Loading…
Reference in New Issue
Block a user