0.0.1 • Published 7 years ago

condor-validate v0.0.1

Weekly downloads
3
License
MIT
Repository
github
Last release
7 years ago

condor-validate

Validation middleware for Condor GRPC Server. It provide helpers to validate requests and metadata.

Build Status Coverage Status

Installation

npm i --save condor-validate
npm i --save condor-framework

Usage

const Condor = require('condor-framework');
const condorValidator = require('condor-validator');
const Greeter = require('./greeter');

const server = new Condor()
  .add('path/to/file.proto', 'GreeterService', new Greeter())
  .use(condorValidator(/* options */))
  .start();

And, then in your Greeter class:

module.exports = class {
  sayHello(ctx) {
    // check the values of request
    ctx.checkRequest('name').notEmpty('Name cannot be empty');
    ctx.checkRequest('age').optional().isInt().gte(0, 'Age cannot be negative');
    ctx.checkRequest('other.email').optional().isEmail('Invalid email');
    
    // checks the value of ctx.metadata.get('authorization')[0]
    ctx.checkMetadata('authorization').notEmpty();
    
    // you can determine the index of metadata to check
    ctx.checkMetadata('authorization', 1).notEmpty();
    
    // You can also check using jsonpath (view https://github.com/dchester/jsonpath)
    ctx.checkRequest('$.store.book[*].author').first().notEmpty();
    
    // if any errors, finalizes the call
    ctx.validate();
    
    // this line will execute only if there aren't any errors
    return {'greeting': `Hello ${ctx.req.name}`};
  }
}

API

  • checkRequest(field). Checks the field in the request. Field is an string that can be simple, nested, contain arrays, or be a jsonpath:

    • simple: When the property you want to check is ctx.req.simple
    • nested.field: When the property you want to check is ctx.req.nested.field
    • other[0].field: When the property you want to check is ctx.req.other[0].field
    • $.another[0].field: When you want to use json path to access the property. See [jsonpath](https://github.com/dchester/jsonpath) documentation for more information.
  • checkMetadata(field, [index]): Checks the filed in the authorization metadata. If no index provided, index 0 will be used.

  • validate([code], [message]): Validates if there are any errors in ctx.errors.

If there are one or more errors, ctx.validate() will throw an error with INVALID_ARGUMENT code, and the ctx.errors object in the detail, finishing the request.

The user will receive an error like:

{
  "code": 3,
  "details": "{\"name\": \"Name cannot be empty\", \"other.email\": \"Invalid email\"}"
}

If you want to launch with another status code or with your own message, you can do it as well:

// if there are errors, respond with cancelled status
ctx.validate(ctx.status.CANCELLED);

// if there are errors, respond with cancelled status and custom message
ctx.validate(ctx.status.CANCELLED, 'Request cancelled by the server');

// which is the same as
if (ctx.errors) {
  throw {
    'code': ctx.status.CANCELLED,
    'details': 'Request cancelled by server',
  };
}

Validators

options,version or locale please see validator

  • optional() - the param may not in the params.if the param not exists,it has no error,no matter whether have other checker or not.
  • empty(tip) - the params can be a empty string.
  • notEmpty(tip) - check if the param is not empty.
  • notBlank(tip) - check if the param is not blank,use /^\s*$/gi reg to check.
  • match(pattern,tip) - pattern must be a RegExp instance ,eg. /abc/i
  • notMatch(pattern,tip) - pattern must be a RegExp instance ,eg. /xyz/i
  • ensure(assertion, tip, shouldBail) if assertion is false,the asserting failed.
  • ensureNot(assertion, tip, shouldBail) if assertion is true,the asserting failed.
  • isInt(tip,options) - check if the param is integer.
  • isFloat(tip,options) - check if the param is float.
  • isLength(min,max,tip) - check the param length.
  • len(min,max,tip) - the abbreviation of isLength.
  • isIn(arr,tip) - check if the param is in the array.
  • in(arr,tip) - the abbreviation of isIn.
  • eq(value,tip) - check if the param equal to the value.
  • neq(value,tip) - check if the param not equal to the value.
  • gt(num,tip) - check if the param great then the value.
  • lt(num,tip) - check if the param less then the value.
  • ge(num,tip) - check if the param great then or equal the value.
  • le(num,tip) - check if the param less then or equal the value.
  • contains(str,tip) - check if the param contains the str.
  • notContains(str,tip) - check if the param not contains the str.
  • isEmail(tip,options) - check if the param is an email.
  • isUrl(tip,options) - check if the param is an URL.
  • isIp(tip) - check if the param is an IP (version 4 or 6).
  • isAlpha(tip,locale) - check if the param contains only letters (a-zA-Z).
  • isNumeric(tip) - check if the param contains only numbers.
  • isAlphanumeric(tip,locale) - check if the param contains only letters and numbers.
  • isBase64(tip) - check if a param is base64 encoded.
  • isHexadecimal(tip) - check if the param is a hexadecimal number.
  • isHexColor(tip) - check if the param is a hexadecimal color.
  • isLowercase(tip) - check if the param is lowercase.
  • isUppercase(tip) - check if the param is uppercase.
  • isDivisibleBy(num,tip) - check if the param is a number that's divisible by another.
  • isNull(tip) - check if the param is null.
  • isByteLength(min,max,tip) - check if the param's length (in bytes) falls in a range.
  • byteLength(min,max,tip) - the abbreviation of isByteLength.
  • isUUID(tip,version) - check if the param is a UUID (version 3, 4 or 5).
  • isDate(tip) - check if the param is a date.
  • isAfter(date,tip) - check if the param is a date that's after the specified date.
  • isBefore(date,tip) - check if the param is a date that's before the specified date.
  • isCreditCard(tip) - check if the param is a credit card.
  • isISBN(tip,version) - check if the param is an ISBN (version 10 or 13).
  • isJSON(tip) - check if the param is valid JSON (note: uses JSON.parse).
  • isMultibyte(tip) - check if the param contains one or more multibyte chars.
  • isAscii(tip) - check if the param contains ASCII chars only.
  • isFullWidth(tip) - check if the param contains any full-width chars.
  • isHalfWidth(tip) - check if the param contains any half-width chars.
  • isVariableWidth(tip) - check if the param contains a mixture of full and half-width chars
  • isSurrogatePair(tip) - check if the param contains any surrogate pairs chars.
  • isCurrency(tip,options) - check if the param is a currency.
  • isDataURI(tip) - check if the param is a data uri.
  • isMobilePhone(tip,locale) - check if the param is a mobile phone.
  • isISO8601(tip) - check if the param is a ISO8601 string. eg.2004-05-03
  • isMACAddress(tip) - check if the param is a MAC address.eg.C8:3A:35:CC:ED:80
  • isISIN(tip) - check if the param is a ISIN.
  • isFQDN(tip,options) - check if the param is a fully qualified domain name. eg.www.google.com

For json path:

  • check(fn,tip,scope) - if fn return false then check failed.fn format function(value,key,requestParams):boolean
  • filter(fn,scope) - filter the value if value is array.fn format function(value,index,key,requestParams):boolean
  • get(index) - change the value to the specified index value
  • first() - get the first value!

Known issues

  • Sanitizers haven't been tested, and should not work, except maybe for simple fields.
  • json path options haven't been fully tested

Under the hood

Built on top of Validator class of koa-validate module, which uses validator module. Inspired on express-validator and koa-validate.

In the future, we will use a differente Validator class in order to make sanitizers work.

License and Credits

MIT License. Copyright 2017

Built by the GRPC experts at Devsu.