mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-01-27 22:49:56 -05:00
commit
b631931b2b
2 changed files with 43 additions and 7 deletions
|
@ -48,7 +48,7 @@ validateSchema = function (tableName, model) {
|
|||
|
||||
//check validations objects
|
||||
if (schema[tableName][columnKey].hasOwnProperty('validations')) {
|
||||
validationErrors.concat(validate(model[columnKey], columnKey, schema[tableName][columnKey].validations));
|
||||
validationErrors = validationErrors.concat(validate(model[columnKey], columnKey, schema[tableName][columnKey].validations));
|
||||
}
|
||||
|
||||
//check type
|
||||
|
@ -71,10 +71,15 @@ validateSchema = function (tableName, model) {
|
|||
// form default-settings.json
|
||||
validateSettings = function (defaultSettings, model) {
|
||||
var values = model.toJSON(),
|
||||
validationErrors = [],
|
||||
matchingDefault = defaultSettings[values.key];
|
||||
|
||||
if (matchingDefault && matchingDefault.validations) {
|
||||
return validate(values.value, values.key, matchingDefault.validations);
|
||||
validationErrors = validationErrors.concat(validate(values.value, values.key, matchingDefault.validations));
|
||||
}
|
||||
|
||||
if (validationErrors.length !== 0) {
|
||||
return when.reject(validationErrors);
|
||||
}
|
||||
};
|
||||
|
||||
|
@ -117,9 +122,7 @@ validate = function (value, key, validations) {
|
|||
validationOptions.shift();
|
||||
}, this);
|
||||
|
||||
if (validationErrors.length !== 0) {
|
||||
return when.reject(validationErrors);
|
||||
}
|
||||
return validationErrors;
|
||||
};
|
||||
|
||||
module.exports = {
|
||||
|
|
|
@ -488,10 +488,10 @@ describe('Post API', function () {
|
|||
var jsonResponse = res.body,
|
||||
changedValue = false;
|
||||
jsonResponse.should.exist;
|
||||
jsonResponse.posts[0].page.should.eql(1);
|
||||
jsonResponse.posts[0].page.should.eql(true);
|
||||
jsonResponse.posts[0].page = changedValue;
|
||||
|
||||
request.put(testUtils.API.getApiQuery('posts/1/'))
|
||||
request.put(testUtils.API.getApiQuery('posts/7/'))
|
||||
.set('X-CSRF-Token', csrfToken)
|
||||
.send(jsonResponse)
|
||||
.expect(200)
|
||||
|
@ -512,6 +512,39 @@ describe('Post API', function () {
|
|||
});
|
||||
});
|
||||
|
||||
it('can\'t edit post with invalid page field', function (done) {
|
||||
request.get(testUtils.API.getApiQuery('posts/7/'))
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
var jsonResponse = res.body,
|
||||
changedValue = 'invalid';
|
||||
jsonResponse.should.exist;
|
||||
jsonResponse.posts[0].page.should.eql(false);
|
||||
jsonResponse.posts[0].page = changedValue;
|
||||
|
||||
request.put(testUtils.API.getApiQuery('posts/7/'))
|
||||
.set('X-CSRF-Token', csrfToken)
|
||||
.send(jsonResponse)
|
||||
.expect(422)
|
||||
.end(function (err, res) {
|
||||
if (err) {
|
||||
return done(err);
|
||||
}
|
||||
|
||||
var putBody = res.body;
|
||||
_.has(res.headers, 'x-cache-invalidate').should.equal(false);
|
||||
res.should.be.json;
|
||||
jsonResponse = res.body;
|
||||
jsonResponse.errors.should.exist;
|
||||
testUtils.API.checkResponseValue(jsonResponse.errors[0], ['message', 'type']);
|
||||
done();
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
it('can\'t edit a post with invalid CSRF token', function (done) {
|
||||
request.get(testUtils.API.getApiQuery('posts/1/'))
|
||||
.end(function (err, res) {
|
||||
|
|
Loading…
Add table
Reference in a new issue