mirror of
https://github.com/Unleash/unleash.git
synced 2025-01-25 00:07:47 +01:00
parent
b8c2899f17
commit
5e1fd4ae8e
@ -46,7 +46,13 @@ module.exports = function(config) {
|
||||
})
|
||||
);
|
||||
|
||||
app.use(validator([]));
|
||||
app.use(
|
||||
validator({
|
||||
customValidators: {
|
||||
isUrlFirendlyName: input => encodeURIComponent(input) === input,
|
||||
},
|
||||
})
|
||||
);
|
||||
|
||||
if (publicFolder) {
|
||||
app.use(baseUriPath, express.static(publicFolder));
|
||||
|
@ -15,8 +15,6 @@ const ValidationError = require('../../error/validation-error.js');
|
||||
const validateRequest = require('../../error/validate-request');
|
||||
const extractUser = require('../../extract-user');
|
||||
|
||||
const nameRegex = /^[0-9a-zA-Z\-._]+$/;
|
||||
|
||||
const handleErrors = (req, res, error) => {
|
||||
logger.warn('Error creating or updating feature', error);
|
||||
switch (error.constructor) {
|
||||
@ -110,9 +108,7 @@ module.exports.router = function(config) {
|
||||
|
||||
router.post('/validate', (req, res) => {
|
||||
req.checkBody('name', 'Name is required').notEmpty();
|
||||
req
|
||||
.checkBody('name', 'Name must match format ^[0-9a-zA-Z\\.\\-\\_]+$')
|
||||
.matches(/^[0-9a-zA-Z\\.\\-\\_]+$/i);
|
||||
req.checkBody('name', 'Name must be URL friendly').isUrlFirendlyName();
|
||||
|
||||
validateRequest(req)
|
||||
.then(validateUniqueName)
|
||||
@ -122,9 +118,8 @@ module.exports.router = function(config) {
|
||||
|
||||
router.post('/', (req, res) => {
|
||||
req.checkBody('name', 'Name is required').notEmpty();
|
||||
req
|
||||
.checkBody('name', `Name must match format ${nameRegex.source}`)
|
||||
.matches(nameRegex);
|
||||
req.checkBody('name', 'Name must be URL friendly').isUrlFirendlyName();
|
||||
|
||||
const userName = extractUser(req);
|
||||
|
||||
validateRequest(req)
|
||||
|
@ -96,7 +96,7 @@ test('should require at least one strategy when updating a feature toggle', t =>
|
||||
.expect(400);
|
||||
});
|
||||
|
||||
test('valid feature names pass validation', async t => {
|
||||
test('valid feature names should pass validation', t => {
|
||||
t.plan(0);
|
||||
const { request, base } = getSetup();
|
||||
|
||||
@ -123,3 +123,30 @@ test('valid feature names pass validation', async t => {
|
||||
)
|
||||
);
|
||||
});
|
||||
|
||||
test('invalid feature names should not pass validation', t => {
|
||||
t.plan(0);
|
||||
const { request, base } = getSetup();
|
||||
|
||||
const invalidNames = [
|
||||
'some example',
|
||||
'some$example',
|
||||
'me&me',
|
||||
' ',
|
||||
'o2%ae',
|
||||
];
|
||||
|
||||
return Promise.all(
|
||||
invalidNames.map(name =>
|
||||
request
|
||||
.post(`${base}/api/admin/features`)
|
||||
.send({
|
||||
name,
|
||||
enabled: false,
|
||||
strategies: [{ name: 'default' }],
|
||||
})
|
||||
.set('Content-Type', 'application/json')
|
||||
.expect(400)
|
||||
)
|
||||
);
|
||||
});
|
||||
|
Loading…
Reference in New Issue
Block a user