Better sanitization and validation for project-linked-file

This commit is contained in:
Shane Kilkelly 2018-05-24 11:30:03 +01:00
parent 1cbc901492
commit b5e8ed81b9

View file

@ -43,13 +43,18 @@ SourceFileNotFoundError.prototype.__proto__ = Error.prototype
module.exports = ProjectFileAgent = module.exports = ProjectFileAgent =
sanitizeData: (data) -> sanitizeData: (data) ->
return data return _.pick(
data,
'source_project_id',
'source_entity_path',
'source_project_display_name'
)
_validate: (data) -> _validate: (data) ->
return ( return (
!!data.source_project_id && data.source_project_id? &&
!!data.source_entity_path && data.source_entity_path? &&
!!data.source_project_display_name data.source_project_display_name?
) )
checkAuth: (project_id, data, current_user_id, callback = (error, allowed)->) -> checkAuth: (project_id, data, current_user_id, callback = (error, allowed)->) ->