joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #1834 from drew-gross/move-stuff

Browse Source 
Move query format validation into Parse Server
This commit is contained in:
Peter J. Shin
2016-05-23 12:46:44 -07:00
parent 8b43d2644f c416cad43f
commit 6b28075194
4 changed files with 44 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Adapters/Storage/Mongo/MongoStorageAdapter.js
View File

@@ -180,11 +180,11 @@ export class MongoStorageAdapter {
// If no objects match, reject with OBJECT_NOT_FOUND. If objects are found and deleted, resolve with undefined.
// If there is some other error, reject with INTERNAL_SERVER_ERROR.
// Currently accepts validate for legacy reasons. Currently accepts the schema, that may not actually be necessary.
deleteObjectsByQuery(className, query, validate, schema) {
// Currently accepts the schema, that may not actually be necessary.
deleteObjectsByQuery(className, query, schema) {
return this.adaptiveCollection(className)
.then(collection => {
let mongoWhere = transform.transformWhere(className, query, { validate }, schema);
let mongoWhere = transform.transformWhere(className, query, schema);
return collection.deleteMany(mongoWhere)
})
.then(({ result }) => {

23
src/Adapters/Storage/Mongo/MongoTransform.js
View File

@@ -141,7 +141,7 @@ const valueAsDate = value => {
return false;
}
function transformQueryKeyValue(className, key, value, { validate } = {}, schema) {
function transformQueryKeyValue(className, key, value, schema) {
switch(key) {
case 'createdAt':
if (valueAsDate(value)) {
@@ -167,15 +167,9 @@ function transformQueryKeyValue(className, key, value, { validate } = {}, schema
case '_perishable_token':
case '_email_verify_token': return {key, value}
case '$or':
if (!(value instanceof Array)) {
throw new Parse.Error(Parse.Error.INVALID_QUERY, 'bad $or format - use an array value');
}
return {key: '$or', value: value.map(subQuery => transformWhere(className, subQuery, {}, schema))};
return {key: '$or', value: value.map(subQuery => transformWhere(className, subQuery, schema))};
case '$and':
if (!(value instanceof Array)) {
throw new Parse.Error(Parse.Error.INVALID_QUERY, 'bad $and format - use an array value');
}
return {key: '$and', value: value.map(subQuery => transformWhere(className, subQuery, {}, schema))};
return {key: '$and', value: value.map(subQuery => transformWhere(className, subQuery, schema))};
default:
// Other auth data
const authDataMatch = key.match(/^authData\.([a-zA-Z0-9_]+)\.id$/);
@@ -184,9 +178,6 @@ function transformQueryKeyValue(className, key, value, { validate } = {}, schema
// Special-case auth data.
return {key: `_auth_data_${provider}.id`, value};
}
if (validate && !key.match(/^[a-zA-Z][a-zA-Z0-9_\.]*$/)) {
throw new Parse.Error(Parse.Error.INVALID_KEY_NAME, 'invalid key name: ' + key);
}
}
const expectedTypeIsArray =
@@ -223,14 +214,10 @@ function transformQueryKeyValue(className, key, value, { validate } = {}, schema
// Main exposed method to help run queries.
// restWhere is the "where" clause in REST API form.
// Returns the mongo form of the query.
// Throws a Parse.Error if the input query is invalid.
function transformWhere(className, restWhere, { validate = true } = {}, schema) {
function transformWhere(className, restWhere, schema) {
let mongoWhere = {};
if (restWhere['ACL']) {
throw new Parse.Error(Parse.Error.INVALID_QUERY, 'Cannot query on ACL.');
}
for (let restKey in restWhere) {
let out = transformQueryKeyValue(className, restKey, restWhere[restKey], { validate }, schema);
let out = transformQueryKeyValue(className, restKey, restWhere[restKey], schema);
mongoWhere[out.key] = out.value;
}
return mongoWhere;