0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-27 22:49:56 -05:00

Merge pull request #2755 from sebgie/fix-validation

Fix validation
This commit is contained in:
Hannah Wolfe 2014-05-14 16:29:36 +01:00
commit b631931b2b
2 changed files with 43 additions and 7 deletions

View file

@ -48,7 +48,7 @@ validateSchema = function (tableName, model) {
//check validations objects
if (schema[tableName][columnKey].hasOwnProperty('validations')) {
validationErrors.concat(validate(model[columnKey], columnKey, schema[tableName][columnKey].validations));
validationErrors = validationErrors.concat(validate(model[columnKey], columnKey, schema[tableName][columnKey].validations));
}
//check type
@ -71,10 +71,15 @@ validateSchema = function (tableName, model) {
// form default-settings.json
validateSettings = function (defaultSettings, model) {
var values = model.toJSON(),
validationErrors = [],
matchingDefault = defaultSettings[values.key];
if (matchingDefault && matchingDefault.validations) {
return validate(values.value, values.key, matchingDefault.validations);
validationErrors = validationErrors.concat(validate(values.value, values.key, matchingDefault.validations));
}
if (validationErrors.length !== 0) {
return when.reject(validationErrors);
}
};
@ -117,9 +122,7 @@ validate = function (value, key, validations) {
validationOptions.shift();
}, this);
if (validationErrors.length !== 0) {
return when.reject(validationErrors);
}
return validationErrors;
};
module.exports = {

View file

@ -488,10 +488,10 @@ describe('Post API', function () {
var jsonResponse = res.body,
changedValue = false;
jsonResponse.should.exist;
jsonResponse.posts[0].page.should.eql(1);
jsonResponse.posts[0].page.should.eql(true);
jsonResponse.posts[0].page = changedValue;
request.put(testUtils.API.getApiQuery('posts/1/'))
request.put(testUtils.API.getApiQuery('posts/7/'))
.set('X-CSRF-Token', csrfToken)
.send(jsonResponse)
.expect(200)
@ -512,6 +512,39 @@ describe('Post API', function () {
});
});
it('can\'t edit post with invalid page field', function (done) {
request.get(testUtils.API.getApiQuery('posts/7/'))
.end(function (err, res) {
if (err) {
return done(err);
}
var jsonResponse = res.body,
changedValue = 'invalid';
jsonResponse.should.exist;
jsonResponse.posts[0].page.should.eql(false);
jsonResponse.posts[0].page = changedValue;
request.put(testUtils.API.getApiQuery('posts/7/'))
.set('X-CSRF-Token', csrfToken)
.send(jsonResponse)
.expect(422)
.end(function (err, res) {
if (err) {
return done(err);
}
var putBody = res.body;
_.has(res.headers, 'x-cache-invalidate').should.equal(false);
res.should.be.json;
jsonResponse = res.body;
jsonResponse.errors.should.exist;
testUtils.API.checkResponseValue(jsonResponse.errors[0], ['message', 'type']);
done();
});
});
});
it('can\'t edit a post with invalid CSRF token', function (done) {
request.get(testUtils.API.getApiQuery('posts/1/'))
.end(function (err, res) {