Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

point model property validation in api's #149

Open
10 tasks
ddfridley opened this issue Jul 2, 2024 · 3 comments · May be fixed by #161
Open
10 tasks

point model property validation in api's #149

ddfridley opened this issue Jul 2, 2024 · 3 comments · May be fixed by #161
Assignees
@edmundj0
Labels
javascript

Comments

@ddfridley
Copy link
Contributor

ddfridley commented Jul 2, 2024
edited
Loading

We are deliberately loose on validity checks in the point model, but in the api calls is where we have the most vulnerability to hacks - (people deliberately inserting bad stuff).

We need to create methods for strong validity checks for the properties in model/point.js and export them so that the api's can use them.

See Joi an it's methods for validity checking in undebate-ssp/app/socket-apis/find-and-set-election-doc

In app/models/point.js Create and export validity checks for:

  • _id
  • title
  • description
  • parentId
  • category
  • round
  • others to be determined
  • create jest tests for each of the above, with one passing and one failing case
    apply the validity tests, for required, and optional fields if present, and create an additional jest test for failing
  • socket-apis/upsert-point
  • socket-apis/upsert-why

The name of the validity test should match the name of the property. Even better to consider if there is some shorthand way using joi or just an object to make the code clean and minimal in the apis.
@edmundj0 edmundj0 self-assigned this Jul 9, 2024
@ddfridley ddfridley moved this from Todo to In Progress in EnCiv Cross Repo Project Management Jul 9, 2024
@ddfridley
Copy link
Contributor Author

@edmundj0 how is this going? Thanks.

@edmundj0
Copy link
Collaborator

just created a draft pr, should be done soon, but let me know if I'm not going in the right direction!

@ddfridley
Copy link
Contributor Author

@edmundj0 how's school? You were pretty close on this one, what's the status. If you can't work on it any more for a while, can you let me know, and push anything else you've got. Things are starting to come together and we are tying all the components into a single UI. Thanks.

@ddfridley ddfridley linked a pull request Oct 14, 2024 that will close this issue
Point Model Property Validations in APIs #161
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@edmundj0 edmundj0

Labels
javascript
Projects
EnCiv Cross Repo Project Management
Status: In Progress
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Point Model Property Validations in APIs EnCiv/civil-pursuit
2 participants
@ddfridley @edmundj0