add strict remove & forbidden remove sanitizations

icebob · icebob · commit 4b0fa29521c2 · 2019-11-07T22:31:32.000+01:00
diff --git a/examples/next.js b/examples/next.js
@@ -10,26 +10,26 @@ let v = new Validator({
 const schema = {
 	//id: { type: "number", positive: true, integer: true, convert: true },
 	//name: { type: "string", min: 3, max: 255, padStart: 5 },
-	//token: { type: "forbidden" },
+	token: { type: "forbidden", remove: true },
 	//password: { type: "string", min: 6 },
 	//confirmPassword: { type: "equal", field: "password" },
-	//roles: { type: "array", items: "string", min: 1 },
+	//roles: { type: "array", items: "string", min: 1, default: ["user"] },
 	/*friends: { type: "array", items: { type: "object", properties: {
 		name: "string",
 		username: "string"
 	}}},*/
-	/*address: { type: "object", properties: {
+	/*address: { type: "object", strict: "remove", properties: {
 		country: "string",
 		city: "string"
 	} },*/
-	bio: { type: "string", convert: true },
+	//bio: { type: "string", convert: true },
 	//age: { type: "number", min: 18 },
 	//email: { type: "email", mode: "precise", normalize: true },
 	//verified: { type: "equal", value: true, strict: true },
 	//status: "boolean" // short-hand def
 	//createdAt: { type: "date", convert: true },
 	//status: { type: "boolean", convert: true },
-	//code: { type: "string", padEnd: 10, padChar: "\u2605" },
+	//code: { type: "string", padEnd: 10, padChar: "\u2605", default: "default-code" },
 	/*status: [
 		{ type: "boolean" },
 		{ type: "number" }
@@ -63,14 +63,15 @@ const obj = {
 		zip: "1112"
 	},
 	bio: null,
-	roles: ["admin", "user", 3, 2, true],
+	//roles: ["admin", "user", 3, 2, true],
 	friends: [
 		{ name: "John", username: "johnny" },
 		{ name: "Jane", username: "jane" }
 	],
 	password: "123456",
 	confirmPassword: "123456",
-	code: "123",
+	token: "abcdef",
+	//code: "123",
 	status: 1,
 	verified: true,
 
diff --git a/lib/rules/array.js b/lib/rules/array.js
@@ -74,7 +74,7 @@ module.exports = function({ schema, messages }, path, context) {
 		`);
 
 		const rule = this.getRuleFromSchema(schema.items);
-		src.push(this.compileRule(rule, context, path, "arr[i] = context.fn[%%INDEX%%](arr[i], (parentField ? parentField : \"\") + \"[\" + i + \"]\", parent, errors, context);"));
+		src.push(this.compileRule(rule, context, path, "arr[i] = context.fn[%%INDEX%%](arr[i], (parentField ? parentField : \"\") + \"[\" + i + \"]\", parent, errors, context);", "arr[i]"));
 		/*
 		const res = rule.ruleFunction.call(this, rule, path, context);
 		context.rules[context.index] = rule;
diff --git a/lib/rules/forbidden.js b/lib/rules/forbidden.js
@@ -3,12 +3,29 @@
 /**	Signature: function(value, field, parent, errors, context)
  */
 module.exports = function checkForbidden({ schema, messages }, path) {
-	return {
-		source: `
-			if (value !== null && value !== undefined)
-				${this.makeError({ type: "forbidden",  actual: "value", messages })}
+	const src = [];
+
+	src.push(`
+		if (value !== null && value !== undefined) {
+	`);
+
+	if (schema.remove) {
+		src.push(`
+			return undefined;
+		`);
 
-			return value;
-		`
+	} else {
+		src.push(`
+			${this.makeError({ type: "forbidden",  actual: "value", messages })}
+		`);
+	}
+
+	src.push(`
+		}
+		return value;
+	`);
+
+	return {
+		source: src.join("\n")
 	};
 };
diff --git a/lib/rules/multi.js b/lib/rules/multi.js
@@ -19,17 +19,7 @@ module.exports = function({ schema, messages }, path, context) {
 		`);
 
 		const rule = this.getRuleFromSchema(schema.rules[i]);
-		context.rules[context.index] = rule;
-		const res = rule.ruleFunction.call(this, rule, path, context);
-		if (res.source) {
-			const fn = new Function("value", "field", "parent", "errors", "context", res.source);
-			context.fn[context.index] = fn;
-			src.push(`
-					var tmpVal = context.fn[${context.index}](value, field, parent, errors, context);
-				`);
-		}
-		context.index++;
-
+		src.push(this.compileRule(rule, context, path, "var tmpVal = context.fn[%%INDEX%%](value, field, parent, errors, context);", "tmpVal"));
 		src.push(`
 				if (errors.length == errBefore) {
 					hasValid = true;
diff --git a/lib/rules/object.js b/lib/rules/object.js
@@ -61,23 +61,11 @@ module.exports = function({ schema, messages }, path, context) {
 			sourceCode.push(`value = ${safePropName};`);
 
 			const rule = this.getRuleFromSchema(subSchema[property]);
-			sourceCode.push(this.compileRule(rule, context, newPath, `${safePropName} = context.fn[%%INDEX%%](value, field, parentObj, errors, context);`));
-			/*context.rules[context.index] = rule;
-			const res = rule.ruleFunction.call(this, rule, newPath, context);
-			if (res.source) {
-				const fn = new Function("value", "field", "parent", "errors", "context", res.source);
-				context.fn[context.index] = fn;
-				sourceCode.push(this.wrapRequiredCheckSourceCode(rule, `
-					${safePropName} = context.fn[${context.index}](value, field, parentObj, errors, context);
-				`));
-			} else {
-				sourceCode.push(this.wrapRequiredCheckSourceCode(rule));
-			}
-			context.index++;*/
+			sourceCode.push(this.compileRule(rule, context, newPath, `${safePropName} = context.fn[%%INDEX%%](value, field, parentObj, errors, context);`, safePropName));
 		}
 
 		// Strict handler
-		if (schema.strict === true) {
+		if (schema.strict) {
 			const allowedProps = Object.keys(subSchema);
 
 			sourceCode.push(`
@@ -91,7 +79,19 @@ module.exports = function({ schema, messages }, path, context) {
 					}
 				}
 				if (invalidProps.length) {
+			`);
+			if (schema.strict == "remove") {
+				sourceCode.push(`
+					invalidProps.forEach(function(field) {
+						delete parentObj[field];
+					});
+				`);
+			} else {
+				sourceCode.push(`
 					${this.makeError({ type: "objectStrict", expected: "\"" + allowedProps.join(", ") + "\"", actual: "invalidProps.join(', ')", messages })}
+				`);
+			}
+			sourceCode.push(`
 				}
 			`);
 		}
diff --git a/lib/validator.js b/lib/validator.js
@@ -58,22 +58,30 @@ Validator.prototype.validate = function(obj, schema) {
 	return check(obj);
 };
 
-Validator.prototype.wrapRequiredCheckSourceCode = function(rule, innerSrc) {
+Validator.prototype.wrapRequiredCheckSourceCode = function(rule, innerSrc, resVar) {
 	const src = [];
+	const defaultValue = rule.schema.default != null ? JSON.stringify(rule.schema.default) : null;
+
 	// Required, optional, forbidden
+	src.push(`
+		if (value === undefined || value === null) {
+	`);
 	if (rule.schema.optional === true || rule.schema.type == "forbidden") {
 		// Optional field
-		src.push(`
-		if (value === undefined || value === null) {
-			// Do nothing, it's an optional field
-		} else {`);
+		if (defaultValue != null && resVar) {
+			src.push(`${resVar} = ${defaultValue};`);
+		} else {
+			src.push("// Do nothing, it's an optional field");
+		}
 	} else {
 		// Required field
-		src.push(`
-		if (value === undefined || value === null) {
-			${this.makeError({ type: "required", actual: "value", messages: rule.messages })}
-		} else {`);
+		if (defaultValue != null && resVar) {
+			src.push(`${resVar} = ${defaultValue};`);
+		} else {
+			src.push(this.makeError({ type: "required", actual: "value", messages: rule.messages }));
+		}
 	}
+	src.push("} else {");
 
 	if (innerSrc)
 		src.push(innerSrc);
@@ -125,22 +133,7 @@ Validator.prototype.compile = function(schema) {
 	];
 
 	const rule = this.getRuleFromSchema(schema);
-	sourceCode.push(this.compileRule(rule, context, null, "context.fn[%%INDEX%%](value, field, null, errors, context);"));
-	/*
-	context.rules[context.index] = rule;
-	const res = rule.ruleFunction.call(this, rule, null, context);
-	if (res.source) {
-		const fn = new Function("value", "field", "parent", "errors", "context", res.source);
-		context.fn[context.index] = fn;
-		sourceCode.push(this.wrapRequiredCheckSourceCode(rule, `
-			context.fn[${context.index}](value, field, null, errors, context);
-		`));
-
-	} else {
-		sourceCode.push(this.wrapRequiredCheckSourceCode(rule));
-	}
-	context.index++;
-	*/
+	sourceCode.push(this.compileRule(rule, context, null, "context.fn[%%INDEX%%](value, field, null, errors, context);", "value"));
 
 	sourceCode.push("if (errors.length) {");
 	sourceCode.push(`
@@ -180,7 +173,7 @@ Validator.prototype.compile = function(schema) {
 	};
 };
 
-Validator.prototype.compileRule = function(rule, context, path, innerSrc) {
+Validator.prototype.compileRule = function(rule, context, path, innerSrc, resVar) {
 	const sourceCode = [];
 
 	const item = this.cache.get(rule.schema);
@@ -195,7 +188,7 @@ Validator.prototype.compileRule = function(rule, context, path, innerSrc) {
 				${innerSrc.replace("%%INDEX%%", rule.index)}
 				rule.cycleStack.pop(value);
 			}
-		`));
+		`, resVar));
 
 	} else {
 		this.cache.set(rule.schema, rule);
@@ -206,7 +199,7 @@ Validator.prototype.compileRule = function(rule, context, path, innerSrc) {
 		if (res.source) {
 			const fn = new Function("value", "field", "parent", "errors", "context", res.source);
 			context.fn[rule.index] = fn;
-			sourceCode.push(this.wrapRequiredCheckSourceCode(rule, innerSrc.replace("%%INDEX%%", rule.index)));
+			sourceCode.push(this.wrapRequiredCheckSourceCode(rule, innerSrc.replace("%%INDEX%%", rule.index), resVar));
 		} else {
 			sourceCode.push(this.wrapRequiredCheckSourceCode(rule));
 		}
