ac-sanitizer 3.9.16 → 3.10.0

package/CHANGELOG.md

@@ -1,3 +1,38 @@
+<a name="3.10.0"></a>
+ 
+# [3.10.0](https://github.com/mmpro/ac-sanitizer/compare/v3.9.18..v3.10.0) (2022-04-24 18:45:04)
+
+
+### Feature
+
+* **App:** Add type any | MP | [ff0858e978b7f7195f68ad5c9c346723107075fb](https://github.com/mmpro/ac-sanitizer/commit/ff0858e978b7f7195f68ad5c9c346723107075fb)    
+Type any will try to determine the actual type but gives you flexibility while sanitizing.  
+Related issues: [/issues#undefined](https://github.com//issues/undefined)
+<a name="3.9.18"></a>
+
+## [3.9.18](https://github.com/mmpro/ac-sanitizer/compare/v3.9.17..v3.9.18) (2022-04-24 18:09:53)
+
+
+### Bug Fix
+
+* **App:** Minor fix for special fields | MP | [dc5a393127a74ebe948c8c5c953969688463422b](https://github.com/mmpro/ac-sanitizer/commit/dc5a393127a74ebe948c8c5c953969688463422b)    
+Only check if they are in payload.  
+Related issues: [/issues#undefined](https://github.com//issues/undefined)
+<a name="3.9.17"></a>
+
+## [3.9.17](https://github.com/mmpro/ac-sanitizer/compare/v3.9.16..v3.9.17) (2022-04-24 14:58:01)
+
+
+### Bug Fix
+
+* **App:** Check required fields first | MP | [9dacfd1f2849f6c4b96a211b37f40ec0064ed456](https://github.com/mmpro/ac-sanitizer/commit/9dacfd1f2849f6c4b96a211b37f40ec0064ed456)    
+Check requirements before any other checks are made.  
+Related issues: [/issues#undefined](https://github.com//issues/undefined)
+### Tests
+
+* **App:** Increased test coverage | MP | [3598e6a6b278ce560125ec92d8157f014db6466c](https://github.com/mmpro/ac-sanitizer/commit/3598e6a6b278ce560125ec92d8157f014db6466c)    
+Coverage now > 98%.  
+Related issues: [/issues#undefined](https://github.com//issues/undefined)
 <a name="3.9.16"></a>
 
 ## [3.9.16](https://github.com/mmpro/ac-sanitizer/compare/v3.9.15..v3.9.16) (2022-04-24 14:23:01)

package/README.md

@@ -69,6 +69,7 @@ countrylist | list of country names | e.g. Laos, Brazil, Norway...
 
 Type | Options | Remarks
 --- | --- | --- |
+any | | Any can be string, integer, boolean, object or array - it will be automatically detected.
 base64 | | Checks if a string is base64 encoded, optional with field option "convert" (to string)
 boolean | | 
 cidr | | Check CIDR, see example

package/index.js

@@ -94,39 +94,6 @@ const sanitizer = function() {
       // mark deprecated fields
       if (_.get(field, 'deprecated') && value) deprecated.push(fieldName)
 
-      /// SPECIAL FIELDS
-      // special field - can be string or integer -> determine type and then use type settings
-      if (field.type === 'integer | string') {
-        if (!_.isString(value) && !_.isFinite(parseInt(value))) {
-          error = { message: fieldName + '_neitherStringNorInteger' }
-          return {
-            error
-          }
-        }
-        if (_.isString(value)) {
-          field.type = 'string'
-        }
-        else if (_.isFinite(parseInt(value))) {
-          field.type = 'integer'
-        }
-      }
-      // special field - can be boolean or integer -> determine type and then use type settings
-      if (field.type === 'integer | boolean' && value) {
-        if (!_.isBoolean(value) && !_.isFinite(parseInt(value))) {
-          error = { message: fieldName + '_neitherBooleanNorInteger' }
-          return {
-            error
-          }
-        }
-        if (_.isBoolean(value)) {
-            field.type = 'boolean'
-        }
-        else if (_.isFinite(parseInt(value))) {
-          field.type = 'integer'
-        }
-      }
-      ///// END SPECIAL FIELDS
-
       // REQUIREMENTS
       let fieldIsRequired = false
       if (_.has(field, 'required')) {
@@ -147,6 +114,63 @@ const sanitizer = function() {
         }
       }
 
+      if (!error && _.has(paramsToCheck, fieldName)) {
+        /// SPECIAL FIELDS
+        // field type any, can be any field
+        if (field.type === 'any') {
+          if (_.isString(value)) {
+            field.type = 'string'
+          }
+          else if (_.isPlainObject(value)) {
+            field.type = 'object'
+          }
+          else if (_.isArray(value)) {
+            field.type = 'array'
+          }
+          else if (_.isBoolean(value)) {
+            field.type = 'boolean'
+          }
+          else if (_.isFinite(parseInt(value))) {
+            field.type = 'integer'
+          }
+          else {
+            error = { message: fieldName + '_any_couldNotResolveType' }
+          }
+        }
+
+        // special field - can be string or integer -> determine type and then use type settings
+        if (field.type === 'integer | string') {
+          if (!_.isString(value) && !_.isFinite(parseInt(value))) {
+            error = { message: fieldName + '_neitherStringNorInteger' }
+            return {
+              error
+            }
+          }
+          if (_.isString(value)) {
+            field.type = 'string'
+          }
+          else if (_.isFinite(parseInt(value))) {
+            field.type = 'integer'
+          }
+        }
+        // special field - can be boolean or integer -> determine type and then use type settings
+        if (field.type === 'integer | boolean' && value) {
+          if (!_.isBoolean(value) && !_.isFinite(parseInt(value))) {
+            error = { message: fieldName + '_neitherBooleanNorInteger' }
+            return {
+              error
+            }
+          }
+          if (_.isBoolean(value)) {
+              field.type = 'boolean'
+          }
+          else if (_.isFinite(parseInt(value))) {
+            field.type = 'integer'
+          }
+        }
+        ///// END SPECIAL FIELDS
+      }
+
       if (error) {
         // do not process other conditions
       }
@@ -168,27 +192,36 @@ const sanitizer = function() {
       }
       else if (_.indexOf(['number', 'integer', 'long', 'short', 'float'], field.type) > -1) {
         if (typeof value != 'number' || isNaN(value)) error = { message: fieldName + '_' + getTypeMapping('integer', 'errorMessage') }
+        else {
+          //  Number types - usually we allow only non-negative values (unsigned). If you want negative values, set type.subtype 'signed'
+          if (field.type === 'number') console.error('SANITIZER - number should not be used, be more precise')
+          if (field.type === 'number') field.type = 'integer'
 
-        //  Number types - usually we allow only non-negative values (unsigned). If you want negative values, set type.subtype 'signed'
-        if (field.type === 'number') console.error('SANITIZER - number should not be used, be more precise')
-        if (field.type === 'number') field.type = 'integer'
-
-        const subtype = _.get(field, 'subtype')
-        let ranges = {
-          integer: [(subtype === 'signed' ? -Math.pow(2, 31) : 0), Math.pow(2, 31)], 
-          long: [(subtype === 'signed' ? -(Math.pow(2,53) - 1) : 0), Math.pow(2, 53)-1],
-          short: [(subtype === 'signed' ? -Math.pow(2, 15) : 0), Math.pow(2, 15)],
-          float: [(subtype === 'signed' ? -Math.pow(2, 31) : 0), Math.pow(2, 31)]
-        }
-        let range = _.get(field, 'range', _.get(ranges, field.type, ranges.integer))
+          if (field.type === 'float' && value !== parseFloat(value)) {
+            error = { message: fieldName + '_not_' + field.type, additionalInfo: { value } }
+          }
+          else if (value !== parseInt(value)) {
+            error = { message: fieldName + '_typeIncorrect', additionalInfo: { value, int: parseInt(value) } }
+          }
+          else {
+            const subtype = _.get(field, 'subtype')
+            let ranges = {
+              integer: [(subtype === 'signed' ? -Math.pow(2, 31) : 0), Math.pow(2, 31)], 
+              long: [(subtype === 'signed' ? -(Math.pow(2,53) - 1) : 0), Math.pow(2, 53)-1],
+              short: [(subtype === 'signed' ? -Math.pow(2, 15) : 0), Math.pow(2, 15)],
+              float: [(subtype === 'signed' ? -Math.pow(2, 31) : 0), Math.pow(2, 31)]
+            }
+            let range = _.get(field, 'range', _.get(ranges, field.type, ranges.integer))
 
-        if (field.type === 'float') value = parseFloat(value)
-        else value = parseInt(value)
+            if (field.type === 'float') value = parseFloat(value)
+            else value = parseInt(value)
 
-        let lowest = _.first(range)
-        let highest = _.size(range) === 2 && _.last(range)
-        if (value < lowest || (highest && value > highest)) {
-          error = { message: fieldName + '_outOfRange', additionalInfo: { range, value } }
+            let lowest = _.first(range)
+            let highest = _.size(range) === 2 && _.last(range)
+            if (value < lowest || (highest && value > highest)) {
+              error = { message: fieldName + '_outOfRange', additionalInfo: { range, value } }
+            }
+          }
         }
       }
       else if (field.type === 'string') {

package/package.json

@@ -4,7 +4,7 @@
   "author": "Mark Poepping (https://www.admiralcloud.com)",
   "license": "MIT",
   "repository": "admiralcloud/ac-sanitizer",
-  "version": "3.9.16",
+  "version": "3.10.0",
   "homepage": "https://www.admiralcloud.com",
   "dependencies": {
     "ac-countrylist": "^1.0.6",

package/test/suites/default.js

@@ -7,6 +7,16 @@ const timeOut = 60000
 module.exports = {
   testsuite: function() {
 
+    describe('ERROR', function() {
+      this.timeout(timeOut)
+      tests.error.test()
+    })
+
+    describe('ANY', function() {
+      this.timeout(timeOut)
+      tests.any.test()
+    })
+    
     describe('STRING', function() {
       this.timeout(timeOut)
       tests.string.test()

package/test/tests/any.js

@@ -0,0 +1,48 @@
+const _ = require('lodash')
+const expect = require('expect')
+const sanitizer = require('../../index')
+
+module.exports = {
+
+  test:  () => {
+
+    const baseTests = [
+      { name: 'Any - with string', type: 'any', value: 'admiralcloud', expected: 'admiralcloud' },
+      { name: 'Any - with integer', type: 'any', value: 123, expected: 123 },
+      { name: 'Any - with boolean', type: 'any', value: true, expected: true },
+      { name: 'Any - with boolean - false', type: 'any', value: false, expected: false },
+      { name: 'Any - with object', type: 'any', value: { a: 123 }, expected: { a: 123 } },
+      { name: 'Any - with array', type: 'any', value: [1,2,3], expected: [1,2,3] },
+      { name: 'Any - with array of objects', type: 'any', value: [{ a: 123 }], expected: [{ a: 123 }] },
+      { name: 'Any - with float - cannot auto-detect', type: 'any', value: 123.235, error: 'any_typeIncorrect', additionalInfo: { value: 123.235, int: 123 } },
+    ]
+
+    _.forEach(baseTests, (test) => {
+      it(test.name, (done) => {
+        let fieldsToCheck = {
+          params: {
+            any: _.get(test, 'value')
+          },
+          fields: [
+            { field: 'any', type: _.get(test, 'type') }
+          ]
+        }
+        let r = sanitizer.checkAndSanitizeValues(fieldsToCheck)
+        if (_.get(test, 'error')) {
+          expect(_.get(r, 'error.message')).toEqual(test.error)
+          if (_.get(test, 'additionalInfo')) {
+            expect(_.get(r, 'error.additionalInfo')).toEqual(_.get(test, 'additionalInfo'))
+          }
+        }
+        else {
+          expect(_.get(r, 'params.any')).toEqual(_.get(test, 'expected'))
+        }
+        return done()
+      })
+
+    })
+
+
+
+  }
+}

package/test/tests/array.js

@@ -5,10 +5,12 @@ const sanitizer = require('../../index')
 module.exports = {
 
   test:  () => {
+    const randomValueInt = sanitizer.randomValue({ type: 'array', valueType: 'integer' })
+    const randomValueString = sanitizer.randomValue({ type: 'array' })
 
     const baseTests = [
-      { name: 'Valid array of numbers', type: 'array', value: [1,2,3], expected: [1,2,3] },
-      { name: 'Valid array of strings', type: 'array', value: ['a', 'b', 'c'], expected:  ['a', 'b', 'c'] },
+      { name: 'Valid array of numbers', type: 'array', value: randomValueInt, expected: randomValueInt},
+      { name: 'Valid array of strings', type: 'array', value: randomValueString, expected: randomValueString },
       { name: 'Invalid array', type: 'array', value: 'a', error: 'array_notAnArray' },
       { name: 'Array with enum match', type: 'array', value: ['video'], enum: ['audio', 'video'], expected: ['video'] },
       { name: 'Array without enum match', type: 'array', value: ['cookie'], enum: ['audio', 'video'], error: 'array_notAnAllowedValue' },

package/test/tests/bool.js

@@ -9,6 +9,7 @@ module.exports = {
     const baseTests = [
       { name: 'Valid bool', type: 'boolean', value: true, expected: true },
       { name: 'Valid bool', type: 'boolean', value: false, expected: false },
+      { name: 'Valid bool from randomValue function', type: 'boolean', value: sanitizer.randomValue({ type: 'boolean' }), expected: true },
       { name: 'Valid bool as string', type: 'boolean', value: 'true', expected: true },
       { name: 'Valid bool as string', type: 'boolean', value: 'false', expected: false },
       { name: 'Invalid - value is integer', type: 'boolean', value: 123, error: 'bool_notBoolean' },

package/test/tests/country.js

@@ -5,9 +5,10 @@ const sanitizer = require('../../index')
 module.exports = {
 
   test:  () => {
+    const randomValue = sanitizer.randomValue({ type: 'countryCode' })
 
     const baseTests = [
-      { name: 'Valid countryCode', type: 'countryCode', value: 'de', expected: 'de' },
+      { name: 'Valid countryCode', type: 'countryCode', value: randomValue, expected: randomValue },
       { name: 'Invalid countryCode', type: 'countryCode', value: 'germany', error: 'countryCode_notAValidCountryCode' },
     ]
 

package/test/tests/date.js

@@ -15,6 +15,7 @@ module.exports = {
       { name: 'Invalid date with .', type: 'date', value: '32.01.2020', error: 'date_notaDate' },
       { name: 'Invalid date', type: 'date', value: '2020-13-30', error: 'date_notaDate' },
       { name: 'Valid DateTime ISO8601', type: 'date', value: '2020-10-17T16:34:50+02:00', expected: '2020-10-17T16:34:50+02:00' },
+      { name: 'Invalid date with custom date format', type: 'date', dateFormat: 'mmm-xyt', value: '2020-13-30', error: 'date_notaDate' },
   
       
     ]
@@ -25,7 +26,7 @@ module.exports = {
             date: _.get(test, 'value')
           },
           fields: [
-            { field: 'date', type: _.get(test, 'type'), required: _.get(test, 'required') }
+            { field: 'date', type: _.get(test, 'type'), required: _.get(test, 'required'), dateFormat: _.get(test, 'dateFormat') }
           ]
         }
 

package/test/tests/error.js

@@ -0,0 +1,46 @@
+const _ = require('lodash')
+const expect = require('expect')
+const sanitizer = require('../../index')
+
+module.exports = {
+
+  test:  () => {
+
+    const baseTests = [
+      { name: 'Non-existing type', type: 'xyt', value: 'abc', error: 'errorField_typeCheck_xyt_notDefined' },
+      { name: 'AdminLevel not sufficient', type: 'string', value: 'abc', adminLevel: 10, error: 'fieldName_adminLevelNotSufficient' },
+      { name: 'AdminLevel not sufficient, omit fields', omitFields: true, type: 'string', value: 'abc', adminLevel: 10, expected: undefined }
+    ]
+
+
+    _.forEach(baseTests, (test) => {
+      it(test.name, (done) => {
+        let fieldsToCheck = {
+          adminLevel: 4,
+          params: {
+            errorField: _.get(test, 'value'),
+          },
+          fields: [
+            { field: 'errorField', type: _.get(test, 'type'), required: _.get(test, 'required'), adminLevel: _.get(test, 'adminLevel'), omitFields: _.get(test, 'omitFields') }
+          ]
+        }
+
+        let r = sanitizer.checkAndSanitizeValues(fieldsToCheck)
+        if (_.get(test, 'error')) {
+          expect(_.get(r, 'error.message')).toEqual(test.error)
+          if (_.get(test, 'additionalInfo')) {
+            expect(_.get(r, 'error.additionalInfo')).toEqual(_.get(test, 'additionalInfo'))
+          }
+        }
+        else {
+          expect(_.get(r, 'params.email')).toEqual(_.get(test, 'expected'))
+        }
+        return done()
+      })
+
+    })
+
+
+
+  }
+}

package/test/tests/index.js

@@ -1,4 +1,5 @@
 module.exports = {
+  any: require('./any'),
   array: require('./array'),
   base64: require('./base64'),
   bool: require('./bool'),
@@ -7,6 +8,7 @@ module.exports = {
   country: require('./country'),
   date: require('./date'),
   email: require('./email'),
+  error: require('./error'),
   fileExtension: require('./fileExtension'),
   fqdn: require('./fqdn'),
   gps: require('./gps'),

package/test/tests/iso639.js

@@ -5,14 +5,17 @@ const sanitizer = require('../../index')
 module.exports = {
 
   test:  () => {
+    const randomValue1 = sanitizer.randomValue({ type: 'iso-639-1' })
+    const randomValue2 = sanitizer.randomValue({ type: 'iso-639-2' })
 
     const baseTests = [
-      { name: 'Valid ISO-639-1', type: 'iso-639-1', value: 'lo', expected: 'lo' },
-      { name: 'Valid ISO-639-2', type: 'iso-639-2', value: 'lao', expected: 'lao' },
+      { name: 'Valid ISO-639-1', type: 'iso-639-1', value: randomValue1, expected: randomValue1 },
+      { name: 'Valid ISO-639-2', type: 'iso-639-2', value: randomValue2, expected: randomValue2 },
       { name: 'Valid ISO-639-2 with convert', type: 'iso-639-2', value: 'lao', convert: 'nativeName', expected: 'ພາສາລາວ' },
       { name: 'Valid ISO-639-1 - check for both', type: 'iso-639', value: 'gn', convert: 'nativeName', expected: 'Avañeẽ' },
       { name: 'Valid ISO-639-2 - check for both', type: 'iso-639', value: 'grn', convert: 'nativeName', expected: 'Avañeẽ' },
       { name: 'Invalid ISO-639-1', type: 'iso-639-1', value: 'xyz', error: 'language_notAValidIso-639-1' },
+      { name: 'Valid ISO-639-1 with enum', type: 'iso-639-1', enum: 'iso-639-1', value: randomValue1, expected: randomValue1 },
     ]
 
 
@@ -23,7 +26,7 @@ module.exports = {
             'language': _.get(test, 'value')
           },
           fields: [
-            { field: 'language', type: _.get(test, 'type'), convert: _.get(test, 'convert') }
+            { field: 'language', type: _.get(test, 'type'), convert: _.get(test, 'convert'), enum: _.get(test, 'enum') }
           ]
         }
 

package/test/tests/number.js

@@ -26,6 +26,8 @@ module.exports = {
 
       const numberTests = []
       _.forEach(ranges, (range, key) => {  
+        const randomValue = sanitizer.randomValue({ type: key })
+
         let minValue = _.first(range)
         let maxValue = _.last(range)
         let tests = []
@@ -41,7 +43,7 @@ module.exports = {
             test.expected = test.value
           }
           if (test.value === 'random') {
-            test.value = parseInt(Math.random()*10000)
+            test.value = randomValue
             test.expected = test.value
           }
           if (test.value === 'randomNeg') {

package/test/tests/string.js

@@ -5,6 +5,7 @@ const sanitizer = require('../../index')
 module.exports = {
 
   test:  () => {
+    const randomValue = sanitizer.randomValue({ type: 'string' })
 
     const baseTests = [
       { name: 'Valid string', type: 'string', value: 'abc-123', expected: 'abc-123' },
@@ -14,7 +15,8 @@ module.exports = {
       { name: 'Invalid - minLength', type: 'string', value: 'ab', minLength: 3, error: 'string_stringTooShort_minLength3' },
       { name: 'Valid - minLength', type: 'string', value: 'abc', minLength: 3, expected: 'abc' },
       { name: 'Valid from enum', type: 'string', value: 'play', enum: ['play', 'pause'], expected: 'play' },
-      { name: 'Invalid from enum', type: 'string', value: 'stop', enum: ['play', 'pause'], error: 'string_notAnAllowedValue', additionalInfo: { value: 'stop' } }
+      { name: 'Invalid from enum', type: 'string', value: 'stop', enum: ['play', 'pause'], error: 'string_notAnAllowedValue', additionalInfo: { value: 'stop' } },
+      { name: 'Valid string from randomValue function', type: 'string', value: randomValue, expected: randomValue },
     ]
 
 

package/test/tests/stringOrInteger.js

@@ -7,23 +7,23 @@ module.exports = {
   test:  () => {
 
     const baseTests = [
-      { name: 'Valid string', type: 'integer | string', value: 'abc-123', expected: 'abc-123' },
+      { name: 'Missing but required value', type: 'integer | string', required: true, error: 'field_stringOrInteger_required' },
       { name: 'Valid empty string', type: 'integer | string', value: '', expected: '', minLength: 0 },
       { name: 'Valid integer', type: 'integer | string', value: 123, expected:  123 },
       { name: 'Invalid - neither string nor integer', type: 'integer | string', value: ['abc'], error: 'stringOrInteger_neitherStringNorInteger' },
+      { name: 'Valid - no data - ignore', type: 'integer | string' },
     ]
 
 
     _.forEach(baseTests, (test) => {
       it(test.name, (done) => {
         let fieldsToCheck = {
-          params: {
-            stringOrInteger: _.get(test, 'value')
-          },
+          params: {},
           fields: [
             { field: 'stringOrInteger', type: _.get(test, 'type'), required: _.get(test, 'required') }
           ]
         }
+        if (_.has(test, 'value')) fieldsToCheck.params.stringOrInteger = test.value
 
         let r = sanitizer.checkAndSanitizeValues(fieldsToCheck)
         if (_.get(test, 'error')) {