Skip to content

Kill without validation #2089

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jun 27, 2016
Merged

Kill without validation #2089

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
6f7fac9
remove WithoutValidation from config and push
drew-gross Jun 17, 2016
9a3ad16
remove one use of WithoutValidation
drew-gross Jun 17, 2016
f171c6b
remove another WithoutValidation
drew-gross Jun 17, 2016
a9bc1d7
Kill WithoutValidation and skipValidation
drew-gross Jun 17, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 3 additions & 12 deletions src/Controllers/DatabaseController.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -80,18 +80,13 @@ const validateQuery = query => {
});
}

function DatabaseController(adapter, { skipValidation } = {}) {
function DatabaseController(adapter) {
this.adapter = adapter;

// We don't want a mutable this.schema, because then you could have
// one request that uses different schemas for different parts of
// it. Instead, use loadSchema to get a schema.
this.schemaPromise = null;
this.skipValidation = !!skipValidation;
}

DatabaseController.prototype.WithoutValidation = function() {
return new DatabaseController(this.adapter, { skipValidation: true });
}

DatabaseController.prototype.collectionExists = function(className) {
Expand All @@ -105,9 +100,6 @@ DatabaseController.prototype.purgeCollection = function(className) {
};

DatabaseController.prototype.validateClassName = function(className) {
if (this.skipValidation) {
return Promise.resolve();
}
if (!SchemaController.classNameIsValid(className)) {
return Promise.reject(new Parse.Error(Parse.Error.INVALID_CLASS_NAME, 'invalid className: ' + className));
}
Expand Down Expand Up @@ -189,8 +181,7 @@ DatabaseController.prototype.update = function(className, query, update, {
acl,
many,
upsert,
} = {}) {

} = {}, skipSanitization = false) {
const originalUpdate = update;
// Make a copy of the object, so we don't mutate the incoming data.
update = deepcopy(update);
Expand Down Expand Up @@ -252,7 +243,7 @@ DatabaseController.prototype.update = function(className, query, update, {
if (!result) {
return Promise.reject(new Parse.Error(Parse.Error.OBJECT_NOT_FOUND, 'Object not found.'));
}
if (this.skipValidation) {
if (skipSanitization) {
return Promise.resolve(result);
}
return sanitizeDatabaseResult(originalUpdate, result);
Expand Down
28 changes: 11 additions & 17 deletions src/Controllers/UserController.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,7 @@ export class UserController extends AdaptableController {
// TODO: Better error here.
throw undefined;
}
let database = this.config.database.WithoutValidation();
return database.update('_User', {
return this.config.database.update('_User', {
username: username,
_email_verify_token: token
}, {emailVerified: true}).then(document => {
Expand All @@ -58,8 +57,7 @@ export class UserController extends AdaptableController {
}

checkResetTokenValidity(username, token) {
let database = this.config.database.WithoutValidation();
return database.find('_User', {
return this.config.database.find('_User', {
username: username,
_perishable_token: token
}, {limit: 1}).then(results => {
Expand Down Expand Up @@ -114,9 +112,7 @@ export class UserController extends AdaptableController {
}

setPasswordResetToken(email) {
let token = randomString(25);
let database = this.config.database.WithoutValidation();
return database.update('_User', {email: email}, {_perishable_token: token});
return this.config.database.update('_User', { email }, { _perishable_token: randomString(25) }, {}, true)
}

sendPasswordResetEmail(email) {
Expand All @@ -126,8 +122,8 @@ export class UserController extends AdaptableController {
return;
}

return this.setPasswordResetToken(email).then((user) => {

return this.setPasswordResetToken(email)
.then(user => {
const token = encodeURIComponent(user._perishable_token);
const username = encodeURIComponent(user.username);
let link = `${this.config.requestResetPasswordURL}?token=${token}&username=${username}`
Expand All @@ -149,14 +145,12 @@ export class UserController extends AdaptableController {
}

updatePassword(username, token, password, config) {
return this.checkResetTokenValidity(username, token).then((user) => {
return updateUserPassword(user.objectId, password, this.config);
}).then(() => {
// clear reset password token
return this.config.database.WithoutValidation().update('_User', { username }, {
_perishable_token: {__op: 'Delete'}
});
});
return this.checkResetTokenValidity(username, token)
.then(user => updateUserPassword(user.objectId, password, this.config))
// clear reset password token
.then(() => this.config.database.update('_User', { username }, {
_perishable_token: {__op: 'Delete'}
}));
}

defaultVerificationEmail({link, user, appName, }) {
Expand Down
6 changes: 2 additions & 4 deletions src/Routers/GlobalConfigRouter.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,7 @@ import * as middleware from "../middlewares";

export class GlobalConfigRouter extends PromiseRouter {
getGlobalConfig(req) {
let database = req.config.database.WithoutValidation();
return database.find('_GlobalConfig', { objectId: 1 }, { limit: 1 }).then((results) => {
return req.config.database.find('_GlobalConfig', { objectId: 1 }, { limit: 1 }).then((results) => {
if (results.length != 1) {
// If there is no config in the database - return empty config.
return { response: { params: {} } };
Expand All @@ -23,8 +22,7 @@ export class GlobalConfigRouter extends PromiseRouter {
acc[`params.${key}`] = params[key];
return acc;
}, {});
let database = req.config.database.WithoutValidation();
return database.update('_GlobalConfig', {objectId: 1}, update, {upsert: true}).then(() => ({ response: { result: true } }));
return req.config.database.update('_GlobalConfig', {objectId: 1}, update, {upsert: true}).then(() => ({ response: { result: true } }));
}

mountRoutes() {
Expand Down
4 changes: 2 additions & 2 deletions src/pushStatusHandler.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import { md5Hash, newObjectId } from './cryptoUtils';
import { logger } from './logger';
import { logger } from './logger';

const PUSH_STATUS_COLLECTION = '_PushStatus';

Expand All @@ -19,7 +19,7 @@ export default function pushStatusHandler(config) {
let initialPromise;
let pushStatus;
let objectId = newObjectId();
let database = config.database.WithoutValidation();
let database = config.database;

let setInitial = function(body = {}, where, options = {source: 'rest'}) {
let now = new Date();
Expand Down