Skip to content

Commit

Permalink
better props validation
Browse files Browse the repository at this point in the history
  • Loading branch information
tudddorrr committed Sep 24, 2024
1 parent 3d64a69 commit 310e2b5
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 6 deletions.
20 changes: 14 additions & 6 deletions src/services/api/leaderboard-api.service.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { HasPermission, Routes, Request, Response, Validate, ForwardTo, forwardRequest, Docs } from 'koa-clay'
import { HasPermission, Routes, Request, Response, Validate, ForwardTo, forwardRequest, Docs, ValidationCondition } from 'koa-clay'
import LeaderboardAPIPolicy from '../../policies/api/leaderboard-api.policy'
import APIService from './api-service'
import { EntityManager } from '@mikro-orm/mysql'
Expand Down Expand Up @@ -53,18 +53,26 @@ export default class LeaderboardAPIService extends APIService {

@Validate({
headers: ['x-talo-alias'],
body: ['score']
body: {
score: {
required: true
},
props: {
validation: async (val: unknown): Promise<ValidationCondition[]> => [
{
check: val ? Array.isArray(val) : true,
error: 'Props must be an array'
}
]
}
}
})
@HasPermission(LeaderboardAPIPolicy, 'post')
@Docs(LeaderboardAPIDocs.post)
async post(req: Request): Promise<Response> {
const { score, props } = req.body
const em: EntityManager = req.ctx.em

if (props && !Array.isArray(props)) {
req.ctx.throw(400, 'Props must be an array')
}

const leaderboard: Leaderboard = req.ctx.state.leaderboard

let entry: LeaderboardEntry = null
Expand Down
26 changes: 26 additions & 0 deletions tests/services/_api/leaderboard-api/post.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -330,4 +330,30 @@ describe('Leaderboard API service - post', () => {
{ key: 'key1', value: 'value1' }
])
})

it('should return a 400 if props are not an array', async () => {
const [apiKey, token] = await createAPIKeyAndToken([APIKeyScope.WRITE_LEADERBOARDS])
const player = await new PlayerFactory([apiKey.game]).one()
const leaderboard = await new LeaderboardFactory([apiKey.game]).state(() => ({ unique: false })).one()
await (<EntityManager>global.em).persistAndFlush([player, leaderboard])

const res = await request(global.app)
.post(`/v1/leaderboards/${leaderboard.internalName}/entries`)
.send({
score: 300,
props: {
key1: 'value1',
key2: 'value2'
}
})
.auth(token, { type: 'bearer' })
.set('x-talo-alias', String(player.aliases[0].id))
.expect(400)

expect(res.body).toStrictEqual({
errors: {
props: ['Props must be an array']
}
})
})
})

0 comments on commit 310e2b5

Please sign in to comment.