diff --git a/app/api/settings/routes.js b/app/api/settings/routes.js index 86aa0d6d86..e11fb73932 100644 --- a/app/api/settings/routes.js +++ b/app/api/settings/routes.js @@ -1,16 +1,58 @@ +import Joi from 'joi'; import settings from 'api/settings/settings'; +import { validateRequest } from '../utils'; import needsAuthorization from '../auth/authMiddleware'; -export default app => { - app.post('/api/settings', needsAuthorization(), (req, res) => { - settings.save(req.body) - .then(response => res.json(response)) - .catch(res.error); - }); +export default (app) => { + app.post('/api/settings', + needsAuthorization(), + validateRequest(Joi.object().keys({ + _id: Joi.string(), + __v: Joi.number(), + project: Joi.string(), + site_name: Joi.string().allow(''), + home_page: Joi.string().allow(''), + private: Joi.boolean(), + mailerConfig: Joi.string().allow(''), + analyticsTrackingId: Joi.string().allow(''), + dateFormat: Joi.string().allow(''), + custom: Joi.any(), + customCSS: Joi.string().allow(''), + languages: Joi.array().items( + Joi.object().keys({ + _id: Joi.string(), + key: Joi.string(), + label: Joi.string(), + default: Joi.boolean() + }) + ), + filters: Joi.array().items( + Joi.object().keys({ + _id: Joi.string(), + id: Joi.string(), + name: Joi.string(), + items: Joi.any() + }) + ), + links: Joi.array().items( + Joi.object().keys({ + _id: Joi.string(), + localID: Joi.string(), + title: Joi.string(), + url: Joi.string() + }) + ) + }).required()), + (req, res) => { + settings.save(req.body) + .then(response => res.json(response)) + .catch(res.error); + } + ); app.get('/api/settings', (req, res) => { settings.get() - .then((response) => res.json(response)) + .then(response => res.json(response)) .catch(res.error); }); }; diff --git a/app/api/settings/specs/__snapshots__/routes.spec.js.snap b/app/api/settings/specs/__snapshots__/routes.spec.js.snap new file mode 100644 index 0000000000..4d3a8cea2b --- /dev/null +++ b/app/api/settings/specs/__snapshots__/routes.spec.js.snap @@ -0,0 +1,196 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`relationtypes routes POST should have a validation schema 1`] = ` +Object { + "children": Object { + "__v": Object { + "invalids": Array [ + Infinity, + -Infinity, + ], + "type": "number", + }, + "_id": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + "analyticsTrackingId": Object { + "type": "string", + "valids": Array [ + "", + ], + }, + "custom": Object { + "type": "any", + }, + "customCSS": Object { + "type": "string", + "valids": Array [ + "", + ], + }, + "dateFormat": Object { + "type": "string", + "valids": Array [ + "", + ], + }, + "filters": Object { + "flags": Object { + "sparse": false, + }, + "items": Array [ + Object { + "children": Object { + "_id": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + "id": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + "items": Object { + "type": "any", + }, + "name": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + }, + "type": "object", + }, + ], + "type": "array", + }, + "home_page": Object { + "type": "string", + "valids": Array [ + "", + ], + }, + "languages": Object { + "flags": Object { + "sparse": false, + }, + "items": Array [ + Object { + "children": Object { + "_id": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + "default": Object { + "falsy": Array [ + false, + ], + "flags": Object { + "insensitive": true, + }, + "truthy": Array [ + true, + ], + "type": "boolean", + }, + "key": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + "label": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + }, + "type": "object", + }, + ], + "type": "array", + }, + "links": Object { + "flags": Object { + "sparse": false, + }, + "items": Array [ + Object { + "children": Object { + "_id": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + "localID": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + "title": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + "url": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + }, + "type": "object", + }, + ], + "type": "array", + }, + "mailerConfig": Object { + "type": "string", + "valids": Array [ + "", + ], + }, + "private": Object { + "falsy": Array [ + false, + ], + "flags": Object { + "insensitive": true, + }, + "truthy": Array [ + true, + ], + "type": "boolean", + }, + "project": Object { + "invalids": Array [ + "", + ], + "type": "string", + }, + "site_name": Object { + "type": "string", + "valids": Array [ + "", + ], + }, + }, + "flags": Object { + "presence": "required", + }, + "type": "object", +} +`; diff --git a/app/api/settings/specs/routes.spec.js b/app/api/settings/specs/routes.spec.js index 2eff1fb26e..982abaf3be 100644 --- a/app/api/settings/specs/routes.spec.js +++ b/app/api/settings/specs/routes.spec.js @@ -25,6 +25,10 @@ describe('relationtypes routes', () => { }); describe('POST', () => { + it('should have a validation schema', () => { + expect(routes.post.validation('/api/settings')).toMatchSnapshot(); + }); + it('should save settings', (done) => { spyOn(settings, 'save').and.returnValue(mockRequest); routes.post('/api/settings', {body: {collection_name: 'my new name'}})