diff --git a/src/api/endpoints/drive/files.js b/src/api/endpoints/drive/files.ts similarity index 53% rename from src/api/endpoints/drive/files.js rename to src/api/endpoints/drive/files.ts index cbfe720266..c1441c554b 100644 --- a/src/api/endpoints/drive/files.js +++ b/src/api/endpoints/drive/files.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../it'; import DriveFile from '../../models/drive-file'; import serialize from '../../serializers/drive-file'; @@ -19,33 +19,25 @@ module.exports = (params, user, app) => new Promise(async (res, rej) => { // Get 'limit' parameter - let limit = params.limit; - if (limit !== undefined && limit !== null) { - limit = parseInt(limit, 10); + const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed(); + if (limitErr) return rej('invalid limit param'); - // From 1 to 100 - if (!(1 <= limit && limit <= 100)) { - return rej('invalid limit range'); - } - } else { - limit = 10; - } + // Get 'since_id' parameter + const [sinceId, sinceIdErr] = it(params.since_id).expect.id().qed(); + if (sinceIdErr) return rej('invalid since_id param'); - const since = params.since_id || null; - const max = params.max_id || null; + // Get 'max_id' parameter + const [maxId, maxIdErr] = it(params.max_id).expect.id().qed(); + if (maxIdErr) return rej('invalid max_id param'); // Check if both of since_id and max_id is specified - if (since !== null && max !== null) { + if (sinceId !== null && maxId !== null) { return rej('cannot set since_id and max_id'); } // Get 'folder_id' parameter - let folder = params.folder_id; - if (folder === undefined || folder === null) { - folder = null; - } else { - folder = new mongo.ObjectID(folder); - } + const [folderId, folderIdErr] = it(params.folder_id).expect.nullable.id().default(null).qed(); + if (folderIdErr) return rej('invalid folder_id param'); // Construct query const sort = { @@ -53,16 +45,16 @@ module.exports = (params, user, app) => }; const query = { user_id: user._id, - folder_id: folder - }; - if (since !== null) { + folder_id: folderId + } as any; + if (sinceId) { sort._id = 1; query._id = { - $gt: new mongo.ObjectID(since) + $gt: sinceId }; - } else if (max !== null) { + } else if (maxId) { query._id = { - $lt: new mongo.ObjectID(max) + $lt: maxId }; } diff --git a/src/api/endpoints/drive/files/create.js b/src/api/endpoints/drive/files/create.ts similarity index 80% rename from src/api/endpoints/drive/files/create.js rename to src/api/endpoints/drive/files/create.ts index 9690b05cfd..7efd149813 100644 --- a/src/api/endpoints/drive/files/create.js +++ b/src/api/endpoints/drive/files/create.ts @@ -4,10 +4,8 @@ * Module dependencies */ import * as fs from 'fs'; -import * as mongo from 'mongodb'; -import File from '../../../models/drive-file'; +import it from '../../../it'; import { validateFileName } from '../../../models/drive-file'; -import User from '../../../models/user'; import serialize from '../../../serializers/drive-file'; import create from '../../../common/add-file-to-drive'; @@ -45,15 +43,11 @@ module.exports = (file, params, user) => } // Get 'folder_id' parameter - let folder = params.folder_id; - if (folder === undefined || folder === null) { - folder = null; - } else { - folder = new mongo.ObjectID(folder); - } + const [folderId, folderIdErr] = it(params.folder_id).expect.nullable.id().default(null).qed(); + if (folderIdErr) return rej('invalid folder_id param'); // Create file - const driveFile = await create(user, buffer, name, null, folder); + const driveFile = await create(user, buffer, name, null, folderId); // Serialize const fileObj = await serialize(driveFile); diff --git a/src/api/endpoints/drive/files/find.js b/src/api/endpoints/drive/files/find.ts similarity index 65% rename from src/api/endpoints/drive/files/find.js rename to src/api/endpoints/drive/files/find.ts index 358767c5ed..393b8c5b98 100644 --- a/src/api/endpoints/drive/files/find.js +++ b/src/api/endpoints/drive/files/find.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../../it'; import DriveFile from '../../../models/drive-file'; import serialize from '../../../serializers/drive-file'; @@ -18,25 +18,19 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'name' parameter - const name = params.name; - if (name === undefined || name === null) { - return rej('name is required'); - } + const [name, nameErr] = it(params.name).expect.string().required().qed(); + if (nameErr) return rej('invalid name param'); // Get 'folder_id' parameter - let folder = params.folder_id; - if (folder === undefined || folder === null) { - folder = null; - } else { - folder = new mongo.ObjectID(folder); - } + const [folderId, folderIdErr] = it(params.folder_id).expect.nullable.id().default(null).qed(); + if (folderIdErr) return rej('invalid folder_id param'); // Issue query const files = await DriveFile .find({ name: name, user_id: user._id, - folder_id: folder + folder_id: folderId }, { fields: { data: false diff --git a/src/api/endpoints/drive/files/show.js b/src/api/endpoints/drive/files/show.ts similarity index 75% rename from src/api/endpoints/drive/files/show.js rename to src/api/endpoints/drive/files/show.ts index 5ae98a4a7c..2024a56ca6 100644 --- a/src/api/endpoints/drive/files/show.js +++ b/src/api/endpoints/drive/files/show.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../../it'; import DriveFile from '../../../models/drive-file'; import serialize from '../../../serializers/drive-file'; @@ -18,14 +18,13 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'file_id' parameter - const fileId = params.file_id; - if (fileId === undefined || fileId === null) { - return rej('file_id is required'); - } + const [fileId, fileIdErr] = it(params.file_id).expect.id().required().qed(); + if (fileIdErr) return rej('invalid file_id param'); + // Fetch file const file = await DriveFile .findOne({ - _id: new mongo.ObjectID(fileId), + _id: fileId, user_id: user._id }, { fields: { diff --git a/src/api/endpoints/drive/files/update.js b/src/api/endpoints/drive/files/update.ts similarity index 67% rename from src/api/endpoints/drive/files/update.js rename to src/api/endpoints/drive/files/update.ts index 8e2ff33e9d..595d501658 100644 --- a/src/api/endpoints/drive/files/update.js +++ b/src/api/endpoints/drive/files/update.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../../it'; import DriveFolder from '../../../models/drive-folder'; import DriveFile from '../../../models/drive-file'; import { validateFileName } from '../../../models/drive-file'; @@ -21,19 +21,13 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'file_id' parameter - const fileId = params.file_id; - if (fileId === undefined || fileId === null) { - return rej('file_id is required'); - } - - // Validate id - if (!mongo.ObjectID.isValid(fileId)) { - return rej('incorrect file_id'); - } + const [fileId, fileIdErr] = it(params.file_id).expect.id().required().qed(); + if (fileIdErr) return rej('invalid file_id param'); + // Fetch file const file = await DriveFile .findOne({ - _id: new mongo.ObjectID(fileId), + _id: fileId, user_id: user._id }, { fields: { @@ -46,29 +40,19 @@ module.exports = (params, user) => } // Get 'name' parameter - let name = params.name; - if (name) { - name = name.trim(); - if (validateFileName(name)) { - file.name = name; - } else { - return rej('invalid file name'); - } - } + const [name, nameErr] = it(params.name).expect.string().validate(validateFileName).qed(); + if (nameErr) return rej('invalid name param'); + if (name) file.name = name; // Get 'folder_id' parameter - let folderId = params.folder_id; + const [folderId, folderIdErr] = it(params.folder_id).expect.nullable.id().qed(); + if (folderIdErr) return rej('invalid folder_id param'); + if (folderId !== undefined) { if (folderId === null) { file.folder_id = null; } else { - // Validate id - if (!mongo.ObjectID.isValid(folderId)) { - return rej('incorrect folder_id'); - } - - folderId = new mongo.ObjectID(folderId); - + // Fetch folder const folder = await DriveFolder .findOne({ _id: folderId, diff --git a/src/api/endpoints/drive/files/upload_from_url.js b/src/api/endpoints/drive/files/upload_from_url.ts similarity index 66% rename from src/api/endpoints/drive/files/upload_from_url.js rename to src/api/endpoints/drive/files/upload_from_url.ts index 3619a6f107..b6f4789317 100644 --- a/src/api/endpoints/drive/files/upload_from_url.js +++ b/src/api/endpoints/drive/files/upload_from_url.ts @@ -5,10 +5,8 @@ */ import * as URL from 'url'; const download = require('download'); -import * as mongo from 'mongodb'; -import File from '../../../models/drive-file'; +import it from '../../../it'; import { validateFileName } from '../../../models/drive-file'; -import User from '../../../models/user'; import serialize from '../../../serializers/drive-file'; import create from '../../../common/add-file-to-drive'; @@ -24,10 +22,8 @@ module.exports = (params, user) => { // Get 'url' parameter // TODO: Validate this url - const url = params.url; - if (url == null) { - return rej('url is required'); - } + const [url, urlErr] = it(params.url).expect.string().required().qed(); + if (urlErr) return rej('invalid url param'); let name = URL.parse(url).pathname.split('/').pop(); if (!validateFileName(name)) { @@ -35,18 +31,14 @@ module.exports = (params, user) => } // Get 'folder_id' parameter - let folder = params.folder_id; - if (folder === undefined || folder === null) { - folder = null; - } else { - folder = new mongo.ObjectID(folder); - } + const [folderId, folderIdErr] = it(params.folder_id).expect.nullable.id().default(null).qed(); + if (folderIdErr) return rej('invalid folder_id param'); // Download file const data = await download(url); // Create file - const driveFile = await create(user, data, name, null, folder); + const driveFile = await create(user, data, name, null, folderId); // Serialize const fileObj = await serialize(driveFile); diff --git a/src/api/endpoints/drive/folders.js b/src/api/endpoints/drive/folders.ts similarity index 53% rename from src/api/endpoints/drive/folders.js rename to src/api/endpoints/drive/folders.ts index 631d68769f..3f4a5bac0e 100644 --- a/src/api/endpoints/drive/folders.js +++ b/src/api/endpoints/drive/folders.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../it'; import DriveFolder from '../../models/drive-folder'; import serialize from '../../serializers/drive-folder'; @@ -19,33 +19,25 @@ module.exports = (params, user, app) => new Promise(async (res, rej) => { // Get 'limit' parameter - let limit = params.limit; - if (limit !== undefined && limit !== null) { - limit = parseInt(limit, 10); + const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed(); + if (limitErr) return rej('invalid limit param'); - // From 1 to 100 - if (!(1 <= limit && limit <= 100)) { - return rej('invalid limit range'); - } - } else { - limit = 10; - } + // Get 'since_id' parameter + const [sinceId, sinceIdErr] = it(params.since_id).expect.id().qed(); + if (sinceIdErr) return rej('invalid since_id param'); - const since = params.since_id || null; - const max = params.max_id || null; + // Get 'max_id' parameter + const [maxId, maxIdErr] = it(params.max_id).expect.id().qed(); + if (maxIdErr) return rej('invalid max_id param'); // Check if both of since_id and max_id is specified - if (since !== null && max !== null) { + if (sinceId !== null && maxId !== null) { return rej('cannot set since_id and max_id'); } // Get 'folder_id' parameter - let folder = params.folder_id; - if (folder === undefined || folder === null) { - folder = null; - } else { - folder = new mongo.ObjectID(folder); - } + const [folderId, folderIdErr] = it(params.folder_id).expect.nullable.id().default(null).qed(); + if (folderIdErr) return rej('invalid folder_id param'); // Construct query const sort = { @@ -53,16 +45,16 @@ module.exports = (params, user, app) => }; const query = { user_id: user._id, - parent_id: folder - }; - if (since !== null) { + parent_id: folderId + } as any; + if (sinceId) { sort._id = 1; query._id = { - $gt: new mongo.ObjectID(since) + $gt: sinceId }; - } else if (max !== null) { + } else if (maxId) { query._id = { - $lt: new mongo.ObjectID(max) + $lt: maxId }; } diff --git a/src/api/endpoints/drive/folders/create.js b/src/api/endpoints/drive/folders/create.ts similarity index 63% rename from src/api/endpoints/drive/folders/create.js rename to src/api/endpoints/drive/folders/create.ts index 9ba989c212..d327572af7 100644 --- a/src/api/endpoints/drive/folders/create.js +++ b/src/api/endpoints/drive/folders/create.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../../it'; import DriveFolder from '../../../models/drive-folder'; import { isValidFolderName } from '../../../models/drive-folder'; import serialize from '../../../serializers/drive-folder'; @@ -20,33 +20,17 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'name' parameter - let name = params.name; - if (name !== undefined && name !== null) { - name = name.trim(); - if (name.length === 0) { - name = null; - } else if (!isValidFolderName(name)) { - return rej('invalid name'); - } - } else { - name = null; - } + const [name, nameErr] = it(params.name).expect.string().validate(isValidFolderName).default('無題のフォルダー').qed(); + if (nameErr) return rej('invalid name param'); - if (name == null) { - name = '無題のフォルダー'; - } - - // Get 'folder_id' parameter - let parentId = params.folder_id; - if (parentId === undefined || parentId === null) { - parentId = null; - } else { - parentId = new mongo.ObjectID(parentId); - } + // Get 'parent_id' parameter + const [parentId, parentIdErr] = it(params.parent_id).expect.nullable.id().default(null).qed(); + if (parentIdErr) return rej('invalid parent_id param'); // If the parent folder is specified let parent = null; - if (parentId !== null) { + if (parentId) { + // Fetch parent folder parent = await DriveFolder .findOne({ _id: parentId, @@ -54,7 +38,7 @@ module.exports = (params, user) => }); if (parent === null) { - return reject('parent-not-found'); + return rej('parent-not-found'); } } diff --git a/src/api/endpoints/drive/folders/find.js b/src/api/endpoints/drive/folders/find.ts similarity index 67% rename from src/api/endpoints/drive/folders/find.js rename to src/api/endpoints/drive/folders/find.ts index 802d3a7909..041e9ccb2a 100644 --- a/src/api/endpoints/drive/folders/find.js +++ b/src/api/endpoints/drive/folders/find.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../../it'; import DriveFolder from '../../../models/drive-folder'; import serialize from '../../../serializers/drive-folder'; @@ -18,18 +18,12 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'name' parameter - const name = params.name; - if (name === undefined || name === null) { - return rej('name is required'); - } + const [name, nameErr] = it(params.name).expect.string().required().qed(); + if (nameErr) return rej('invalid name param'); // Get 'parent_id' parameter - let parentId = params.parent_id; - if (parentId === undefined || parentId === null) { - parentId = null; - } else { - parentId = new mongo.ObjectID(parentId); - } + const [parentId, parentIdErr] = it(params.parent_id).expect.id().qed(); + if (parentIdErr) return rej('invalid parent_id param'); // Issue query const folders = await DriveFolder diff --git a/src/api/endpoints/drive/folders/show.js b/src/api/endpoints/drive/folders/show.ts similarity index 74% rename from src/api/endpoints/drive/folders/show.js rename to src/api/endpoints/drive/folders/show.ts index 986d32cf60..3b3ed41719 100644 --- a/src/api/endpoints/drive/folders/show.js +++ b/src/api/endpoints/drive/folders/show.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../../it'; import DriveFolder from '../../../models/drive-folder'; import serialize from '../../../serializers/drive-folder'; @@ -18,15 +18,13 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'folder_id' parameter - const folderId = params.folder_id; - if (folderId === undefined || folderId === null) { - return rej('folder_id is required'); - } + const [folderId, folderIdErr] = it(params.folder_id).expect.id().required().qed(); + if (folderIdErr) return rej('invalid folder_id param'); // Get folder const folder = await DriveFolder .findOne({ - _id: new mongo.ObjectID(folderId), + _id: folderId, user_id: user._id }); diff --git a/src/api/endpoints/drive/folders/update.js b/src/api/endpoints/drive/folders/update.ts similarity index 74% rename from src/api/endpoints/drive/folders/update.js rename to src/api/endpoints/drive/folders/update.ts index 713e17b43e..81d414354c 100644 --- a/src/api/endpoints/drive/folders/update.js +++ b/src/api/endpoints/drive/folders/update.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../../it'; import DriveFolder from '../../../models/drive-folder'; import { isValidFolderName } from '../../../models/drive-folder'; import serialize from '../../../serializers/drive-file'; @@ -20,20 +20,13 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'folder_id' parameter - const folderId = params.folder_id; - if (folderId === undefined || folderId === null) { - return rej('folder_id is required'); - } - - // Validate id - if (!mongo.ObjectID.isValid(folderId)) { - return rej('incorrect folder_id'); - } + const [folderId, folderIdErr] = it(params.folder_id).expect.id().required().qed(); + if (folderIdErr) return rej('invalid folder_id param'); // Fetch folder const folder = await DriveFolder .findOne({ - _id: new mongo.ObjectID(folderId), + _id: folderId, user_id: user._id }); @@ -42,29 +35,17 @@ module.exports = (params, user) => } // Get 'name' parameter - let name = params.name; - if (name) { - name = name.trim(); - if (isValidFolderName(name)) { - folder.name = name; - } else { - return rej('invalid folder name'); - } - } + const [name, nameErr] = it(params.name).expect.string().validate(isValidFolderName).qed(); + if (nameErr) return rej('invalid name param'); + if (name) folder.name = name; // Get 'parent_id' parameter - let parentId = params.parent_id; + const [parentId, parentIdErr] = it(params.parent_id).expect.nullable.id().qed(); + if (parentIdErr) return rej('invalid parent_id param'); if (parentId !== undefined) { if (parentId === null) { folder.parent_id = null; } else { - // Validate id - if (!mongo.ObjectID.isValid(parentId)) { - return rej('incorrect parent_id'); - } - - parentId = new mongo.ObjectID(parentId); - // Get parent folder const parent = await DriveFolder .findOne({ diff --git a/src/api/endpoints/drive/stream.js b/src/api/endpoints/drive/stream.ts similarity index 52% rename from src/api/endpoints/drive/stream.js rename to src/api/endpoints/drive/stream.ts index cd39261de8..6ede044f58 100644 --- a/src/api/endpoints/drive/stream.js +++ b/src/api/endpoints/drive/stream.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../it'; import DriveFile from '../../models/drive-file'; import serialize from '../../serializers/drive-file'; @@ -18,35 +18,25 @@ module.exports = (params, user) => new Promise(async (res, rej) => { // Get 'limit' parameter - let limit = params.limit; - if (limit !== undefined && limit !== null) { - limit = parseInt(limit, 10); + const [limit, limitErr] = it(params.limit).expect.number().range(1, 100).default(10).qed(); + if (limitErr) return rej('invalid limit param'); - // From 1 to 100 - if (!(1 <= limit && limit <= 100)) { - return rej('invalid limit range'); - } - } else { - limit = 10; - } + // Get 'since_id' parameter + const [sinceId, sinceIdErr] = it(params.since_id).expect.id().qed(); + if (sinceIdErr) return rej('invalid since_id param'); - const since = params.since_id || null; - const max = params.max_id || null; + // Get 'max_id' parameter + const [maxId, maxIdErr] = it(params.max_id).expect.id().qed(); + if (maxIdErr) return rej('invalid max_id param'); // Check if both of since_id and max_id is specified - if (since !== null && max !== null) { + if (sinceId !== null && maxId !== null) { return rej('cannot set since_id and max_id'); } // Get 'type' parameter - let type = params.type; - if (type === undefined || type === null) { - type = null; - } else if (!/^[a-zA-Z\/\-\*]+$/.test(type)) { - return rej('invalid type format'); - } else { - type = new RegExp(`^${type.replace(/\*/g, '.+?')}$`); - } + const [type, typeErr] = it(params.type).expect.string().match(/^[a-zA-Z\/\-\*]+$/).qed(); + if (typeErr) return rej('invalid type param'); // Construct query const sort = { @@ -54,19 +44,19 @@ module.exports = (params, user) => }; const query = { user_id: user._id - }; - if (since !== null) { + } as any; + if (sinceId) { sort._id = 1; query._id = { - $gt: new mongo.ObjectID(since) + $gt: sinceId }; - } else if (max !== null) { + } else if (maxId) { query._id = { - $lt: new mongo.ObjectID(max) + $lt: maxId }; } if (type !== null) { - query.type = type; + query.type = new RegExp(`^${type.replace(/\*/g, '.+?')}$`); } // Issue query diff --git a/src/api/endpoints/following/create.js b/src/api/endpoints/following/create.ts similarity index 85% rename from src/api/endpoints/following/create.js rename to src/api/endpoints/following/create.ts index 46ff77ddf1..0edc122b94 100644 --- a/src/api/endpoints/following/create.js +++ b/src/api/endpoints/following/create.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../it'; import User from '../../models/user'; import Following from '../../models/following'; import notify from '../../common/notify'; @@ -23,15 +23,8 @@ module.exports = (params, user) => const follower = user; // Get 'user_id' parameter - let userId = params.user_id; - if (userId === undefined || userId === null) { - return rej('user_id is required'); - } - - // Validate id - if (!mongo.ObjectID.isValid(userId)) { - return rej('incorrect user_id'); - } + const [userId, userIdErr] = it(params.user_id, 'id', true); + if (userIdErr) return rej('invalid user_id param'); // 自分自身 if (user._id.equals(userId)) { @@ -40,7 +33,7 @@ module.exports = (params, user) => // Get followee const followee = await User.findOne({ - _id: new mongo.ObjectID(userId) + _id: userId }, { fields: { data: false, diff --git a/src/api/endpoints/following/delete.js b/src/api/endpoints/following/delete.ts similarity index 83% rename from src/api/endpoints/following/delete.js rename to src/api/endpoints/following/delete.ts index 1085013d03..7f0e908068 100644 --- a/src/api/endpoints/following/delete.js +++ b/src/api/endpoints/following/delete.ts @@ -3,7 +3,7 @@ /** * Module dependencies */ -import * as mongo from 'mongodb'; +import it from '../../it'; import User from '../../models/user'; import Following from '../../models/following'; import event from '../../event'; @@ -22,15 +22,8 @@ module.exports = (params, user) => const follower = user; // Get 'user_id' parameter - let userId = params.user_id; - if (userId === undefined || userId === null) { - return rej('user_id is required'); - } - - // Validate id - if (!mongo.ObjectID.isValid(userId)) { - return rej('incorrect user_id'); - } + const [userId, userIdErr] = it(params.user_id, 'id', true); + if (userIdErr) return rej('invalid user_id param'); // Check if the followee is yourself if (user._id.equals(userId)) { @@ -39,7 +32,7 @@ module.exports = (params, user) => // Get followee const followee = await User.findOne({ - _id: new mongo.ObjectID(userId) + _id: userId }, { fields: { data: false,