yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor: add server side validation schema for authProviders (#4876)

Browse Source 
* refactor: move files to subfolder

* refactor: schema for authenticationProviders.info

* refactor: schema for authenticationProviders.update

* refactor: use validated body
This commit is contained in:
Mohamed ELIDRISSI
2023-02-14 23:49:24 +01:00
committed by GitHub
parent ab7b20958b
commit 0976e85a1a
5 changed files with 40 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/routes/api/apiKeys/apiKeys.ts
View File

@@ -15,7 +15,7 @@ router.post(
auth({ member: true }), auth({ member: true }),
validate(T.APIKeysCreateSchema), validate(T.APIKeysCreateSchema),
async (ctx: APIContext<T.APIKeysCreateReq>) => { async (ctx: APIContext<T.APIKeysCreateReq>) => {
const { name } = ctx.request.body; const { name } = ctx.input.body;
const { user } = ctx.state.auth; const { user } = ctx.state.auth;
authorize(user, "createApiKey", user.team); authorize(user, "createApiKey", user.team);
@@ -68,7 +68,7 @@ router.post(
auth({ member: true }), auth({ member: true }),
validate(T.APIKeysDeleteSchema), validate(T.APIKeysDeleteSchema),
async (ctx: APIContext<T.APIKeysDeleteReq>) => { async (ctx: APIContext<T.APIKeysDeleteReq>) => {
const { id } = ctx.request.body; const { id } = ctx.input.body;
const { user } = ctx.state.auth; const { user } = ctx.state.auth;
const key = await ApiKey.findByPk(id); const key = await ApiKey.findByPk(id);

0
server/routes/api/authenticationProviders.test.ts → server/routes/api/authenticationProviders/authenticationProviders.test.ts
View File

20
server/routes/api/authenticationProviders.ts → server/routes/api/authenticationProviders/authenticationProviders.ts
View File

@@ -1,6 +1,7 @@
import Router from "koa-router"; import Router from "koa-router";
import { sequelize } from "@server/database/sequelize"; import { sequelize } from "@server/database/sequelize";
import auth from "@server/middlewares/authentication"; import auth from "@server/middlewares/authentication";
import validate from "@server/middlewares/validate";
import { AuthenticationProvider, Event } from "@server/models"; import { AuthenticationProvider, Event } from "@server/models";
import { authorize } from "@server/policies"; import { authorize } from "@server/policies";
import { import {
@@ -8,19 +9,19 @@ import {
presentPolicies, presentPolicies,
} from "@server/presenters"; } from "@server/presenters";
import { APIContext } from "@server/types"; import { APIContext } from "@server/types";
import { assertUuid, assertPresent } from "@server/validation"; import allAuthenticationProviders from "../../auth/providers";
import allAuthenticationProviders from "../auth/providers"; import * as T from "./schema";
const router = new Router(); const router = new Router();
router.post( router.post(
"authenticationProviders.info", "authenticationProviders.info",
auth({ admin: true }), auth({ admin: true }),
async (ctx: APIContext) => { validate(T.AuthenticationProvidersInfoSchema),
const { id } = ctx.request.body; async (ctx: APIContext<T.AuthenticationProvidersInfoReq>) => {
assertUuid(id, "id is required"); const { id } = ctx.input.body;
const { user } = ctx.state.auth; const { user } = ctx.state.auth;
const authenticationProvider = await AuthenticationProvider.findByPk(id); const authenticationProvider = await AuthenticationProvider.findByPk(id);
authorize(user, "read", authenticationProvider); authorize(user, "read", authenticationProvider);
@@ -34,10 +35,9 @@ router.post(
router.post( router.post(
"authenticationProviders.update", "authenticationProviders.update",
auth({ admin: true }), auth({ admin: true }),
async (ctx: APIContext) => { validate(T.AuthenticationProvidersUpdateSchema),
const { id, isEnabled } = ctx.request.body; async (ctx: APIContext<T.AuthenticationProvidersUpdateReq>) => {
assertUuid(id, "id is required"); const { id, isEnabled } = ctx.input.body;
assertPresent(isEnabled, "isEnabled is required");
const { user } = ctx.state.auth; const { user } = ctx.state.auth;
const authenticationProvider = await sequelize.transaction( const authenticationProvider = await sequelize.transaction(

1
server/routes/api/authenticationProviders/index.ts Normal file
View File

@@ -0,0 +1 @@
export { default } from "./authenticationProviders";

27
server/routes/api/authenticationProviders/schema.ts Normal file
View File

@@ -0,0 +1,27 @@
import { z } from "zod";
import BaseSchema from "@server/routes/api/BaseSchema";
export const AuthenticationProvidersInfoSchema = BaseSchema.extend({
body: z.object({
/** Authentication Provider Id */
id: z.string().uuid(),
}),
});
export type AuthenticationProvidersInfoReq = z.infer<
typeof AuthenticationProvidersInfoSchema
>;
export const AuthenticationProvidersUpdateSchema = BaseSchema.extend({
body: z.object({
/** Authentication Provider Id */
id: z.string().uuid(),
/** Whether the Authentication Provider is enabled or not */
isEnabled: z.boolean(),
}),
});
export type AuthenticationProvidersUpdateReq = z.infer<
typeof AuthenticationProvidersUpdateSchema
>;