diff --git a/src/Controllers/DatabaseController.js b/src/Controllers/DatabaseController.js index 5e5106f7..074f4f25 100644 --- a/src/Controllers/DatabaseController.js +++ b/src/Controllers/DatabaseController.js @@ -80,18 +80,13 @@ const validateQuery = query => { }); } -function DatabaseController(adapter, { skipValidation } = {}) { +function DatabaseController(adapter) { this.adapter = adapter; // We don't want a mutable this.schema, because then you could have // one request that uses different schemas for different parts of // it. Instead, use loadSchema to get a schema. this.schemaPromise = null; - this.skipValidation = !!skipValidation; -} - -DatabaseController.prototype.WithoutValidation = function() { - return new DatabaseController(this.adapter, { skipValidation: true }); } DatabaseController.prototype.collectionExists = function(className) { @@ -105,9 +100,6 @@ DatabaseController.prototype.purgeCollection = function(className) { }; DatabaseController.prototype.validateClassName = function(className) { - if (this.skipValidation) { - return Promise.resolve(); - } if (!SchemaController.classNameIsValid(className)) { return Promise.reject(new Parse.Error(Parse.Error.INVALID_CLASS_NAME, 'invalid className: ' + className)); } @@ -189,8 +181,7 @@ DatabaseController.prototype.update = function(className, query, update, { acl, many, upsert, -} = {}) { - +} = {}, skipSanitization = false) { const originalUpdate = update; // Make a copy of the object, so we don't mutate the incoming data. update = deepcopy(update); @@ -252,7 +243,7 @@ DatabaseController.prototype.update = function(className, query, update, { if (!result) { return Promise.reject(new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Object not found.')); } - if (this.skipValidation) { + if (skipSanitization) { return Promise.resolve(result); } return sanitizeDatabaseResult(originalUpdate, result); diff --git a/src/Controllers/UserController.js b/src/Controllers/UserController.js index cf5a9789..98070fca 100644 --- a/src/Controllers/UserController.js +++ b/src/Controllers/UserController.js @@ -45,8 +45,7 @@ export class UserController extends AdaptableController { // TODO: Better error here. throw undefined; } - let database = this.config.database.WithoutValidation(); - return database.update('_User', { + return this.config.database.update('_User', { username: username, _email_verify_token: token }, {emailVerified: true}).then(document => { @@ -58,8 +57,7 @@ export class UserController extends AdaptableController { } checkResetTokenValidity(username, token) { - let database = this.config.database.WithoutValidation(); - return database.find('_User', { + return this.config.database.find('_User', { username: username, _perishable_token: token }, {limit: 1}).then(results => { @@ -114,9 +112,7 @@ export class UserController extends AdaptableController { } setPasswordResetToken(email) { - let token = randomString(25); - let database = this.config.database.WithoutValidation(); - return database.update('_User', {email: email}, {_perishable_token: token}); + return this.config.database.update('_User', { email }, { _perishable_token: randomString(25) }, {}, true) } sendPasswordResetEmail(email) { @@ -126,8 +122,8 @@ export class UserController extends AdaptableController { return; } - return this.setPasswordResetToken(email).then((user) => { - + return this.setPasswordResetToken(email) + .then(user => { const token = encodeURIComponent(user._perishable_token); const username = encodeURIComponent(user.username); let link = `${this.config.requestResetPasswordURL}?token=${token}&username=${username}` @@ -149,14 +145,12 @@ export class UserController extends AdaptableController { } updatePassword(username, token, password, config) { - return this.checkResetTokenValidity(username, token).then((user) => { - return updateUserPassword(user.objectId, password, this.config); - }).then(() => { - // clear reset password token - return this.config.database.WithoutValidation().update('_User', { username }, { - _perishable_token: {__op: 'Delete'} - }); - }); + return this.checkResetTokenValidity(username, token) + .then(user => updateUserPassword(user.objectId, password, this.config)) + // clear reset password token + .then(() => this.config.database.update('_User', { username }, { + _perishable_token: {__op: 'Delete'} + })); } defaultVerificationEmail({link, user, appName, }) { diff --git a/src/Routers/GlobalConfigRouter.js b/src/Routers/GlobalConfigRouter.js index f876ab0b..30a0e113 100644 --- a/src/Routers/GlobalConfigRouter.js +++ b/src/Routers/GlobalConfigRouter.js @@ -5,8 +5,7 @@ import * as middleware from "../middlewares"; export class GlobalConfigRouter extends PromiseRouter { getGlobalConfig(req) { - let database = req.config.database.WithoutValidation(); - return database.find('_GlobalConfig', { objectId: 1 }, { limit: 1 }).then((results) => { + return req.config.database.find('_GlobalConfig', { objectId: 1 }, { limit: 1 }).then((results) => { if (results.length != 1) { // If there is no config in the database - return empty config. return { response: { params: {} } }; @@ -23,8 +22,7 @@ export class GlobalConfigRouter extends PromiseRouter { acc[`params.${key}`] = params[key]; return acc; }, {}); - let database = req.config.database.WithoutValidation(); - return database.update('_GlobalConfig', {objectId: 1}, update, {upsert: true}).then(() => ({ response: { result: true } })); + return req.config.database.update('_GlobalConfig', {objectId: 1}, update, {upsert: true}).then(() => ({ response: { result: true } })); } mountRoutes() { diff --git a/src/pushStatusHandler.js b/src/pushStatusHandler.js index 934e8fa2..0429f4d1 100644 --- a/src/pushStatusHandler.js +++ b/src/pushStatusHandler.js @@ -1,5 +1,5 @@ import { md5Hash, newObjectId } from './cryptoUtils'; -import { logger } from './logger'; +import { logger } from './logger'; const PUSH_STATUS_COLLECTION = '_PushStatus'; @@ -19,7 +19,7 @@ export default function pushStatusHandler(config) { let initialPromise; let pushStatus; let objectId = newObjectId(); - let database = config.database.WithoutValidation(); + let database = config.database; let setInitial = function(body = {}, where, options = {source: 'rest'}) { let now = new Date();