Kill without validation (#2089)
* remove WithoutValidation from config and push * remove one use of WithoutValidation * remove another WithoutValidation * Kill WithoutValidation and skipValidation
This commit is contained in:
Drew
Florent Vilmart
@@ -80,18 +80,13 @@ const validateQuery = query => {
|
||||
});
|
||||
}
|
||||
|
||||
function DatabaseController(adapter, { skipValidation } = {}) {
|
||||
function DatabaseController(adapter) {
|
||||
this.adapter = adapter;
|
||||
|
||||
// We don't want a mutable this.schema, because then you could have
|
||||
// one request that uses different schemas for different parts of
|
||||
// it. Instead, use loadSchema to get a schema.
|
||||
this.schemaPromise = null;
|
||||
this.skipValidation = !!skipValidation;
|
||||
}
|
||||
|
||||
DatabaseController.prototype.WithoutValidation = function() {
|
||||
return new DatabaseController(this.adapter, { skipValidation: true });
|
||||
}
|
||||
|
||||
DatabaseController.prototype.collectionExists = function(className) {
|
||||
@@ -105,9 +100,6 @@ DatabaseController.prototype.purgeCollection = function(className) {
|
||||
};
|
||||
|
||||
DatabaseController.prototype.validateClassName = function(className) {
|
||||
if (this.skipValidation) {
|
||||
return Promise.resolve();
|
||||
}
|
||||
if (!SchemaController.classNameIsValid(className)) {
|
||||
return Promise.reject(new Parse.Error(Parse.Error.INVALID_CLASS_NAME, 'invalid className: ' + className));
|
||||
}
|
||||
@@ -189,8 +181,7 @@ DatabaseController.prototype.update = function(className, query, update, {
|
||||
acl,
|
||||
many,
|
||||
upsert,
|
||||
} = {}) {
|
||||
|
||||
} = {}, skipSanitization = false) {
|
||||
const originalUpdate = update;
|
||||
// Make a copy of the object, so we don't mutate the incoming data.
|
||||
update = deepcopy(update);
|
||||
@@ -252,7 +243,7 @@ DatabaseController.prototype.update = function(className, query, update, {
|
||||
if (!result) {
|
||||
return Promise.reject(new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Object not found.'));
|
||||
}
|
||||
if (this.skipValidation) {
|
||||
if (skipSanitization) {
|
||||
return Promise.resolve(result);
|
||||
}
|
||||
return sanitizeDatabaseResult(originalUpdate, result);
|
||||
|
||||
@@ -45,8 +45,7 @@ export class UserController extends AdaptableController {
|
||||
// TODO: Better error here.
|
||||
throw undefined;
|
||||
}
|
||||
let database = this.config.database.WithoutValidation();
|
||||
return database.update('_User', {
|
||||
return this.config.database.update('_User', {
|
||||
username: username,
|
||||
_email_verify_token: token
|
||||
}, {emailVerified: true}).then(document => {
|
||||
@@ -58,8 +57,7 @@ export class UserController extends AdaptableController {
|
||||
}
|
||||
|
||||
checkResetTokenValidity(username, token) {
|
||||
let database = this.config.database.WithoutValidation();
|
||||
return database.find('_User', {
|
||||
return this.config.database.find('_User', {
|
||||
username: username,
|
||||
_perishable_token: token
|
||||
}, {limit: 1}).then(results => {
|
||||
@@ -114,9 +112,7 @@ export class UserController extends AdaptableController {
|
||||
}
|
||||
|
||||
setPasswordResetToken(email) {
|
||||
let token = randomString(25);
|
||||
let database = this.config.database.WithoutValidation();
|
||||
return database.update('_User', {email: email}, {_perishable_token: token});
|
||||
return this.config.database.update('_User', { email }, { _perishable_token: randomString(25) }, {}, true)
|
||||
}
|
||||
|
||||
sendPasswordResetEmail(email) {
|
||||
@@ -126,8 +122,8 @@ export class UserController extends AdaptableController {
|
||||
return;
|
||||
}
|
||||
|
||||
return this.setPasswordResetToken(email).then((user) => {
|
||||
|
||||
return this.setPasswordResetToken(email)
|
||||
.then(user => {
|
||||
const token = encodeURIComponent(user._perishable_token);
|
||||
const username = encodeURIComponent(user.username);
|
||||
let link = `${this.config.requestResetPasswordURL}?token=${token}&username=${username}`
|
||||
@@ -149,14 +145,12 @@ export class UserController extends AdaptableController {
|
||||
}
|
||||
|
||||
updatePassword(username, token, password, config) {
|
||||
return this.checkResetTokenValidity(username, token).then((user) => {
|
||||
return updateUserPassword(user.objectId, password, this.config);
|
||||
}).then(() => {
|
||||
// clear reset password token
|
||||
return this.config.database.WithoutValidation().update('_User', { username }, {
|
||||
_perishable_token: {__op: 'Delete'}
|
||||
});
|
||||
});
|
||||
return this.checkResetTokenValidity(username, token)
|
||||
.then(user => updateUserPassword(user.objectId, password, this.config))
|
||||
// clear reset password token
|
||||
.then(() => this.config.database.update('_User', { username }, {
|
||||
_perishable_token: {__op: 'Delete'}
|
||||
}));
|
||||
}
|
||||
|
||||
defaultVerificationEmail({link, user, appName, }) {
|
||||
|
||||
Reference in New Issue
Block a user