UNPKG

@balderdash/sails-edge

Version:

API-driven framework for building realtime apps, using MVC conventions (based on Express and Socket.io)

sailsjs.com

balderdashy/sails

69 lines (55 loc) 2.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
/** * Module dependencies. */ var _ = require('lodash'); module.exports = function (sails) { /** * @param {Natural|String} id * @param {String} controllerId * @param {String} actionId * @returns id :: * If `id` is undefined, no `id` was provided * If `id` is false, `id` is invalid, and probably unintentional * Otherwise, `id` is valid and probably intentional */ return function validId (id, controllerId, actionId) { // Interlace app-global `config.controllers` with this controller's `_config` var controllerConfig = _.merge({}, sails.config.controllers, sails.controllers[controllerId]._config || {}); // The other CRUD methods are special reserved words-- in which case we always pass // As long as the CRUD 'shortcuts' are enabled, you cannot search for models // with an id of 'find', 'update', 'create', or 'destroy' if ( controllerConfig.blueprints.shortcuts && ( id === 'find' || id === 'update' || id === 'create' || id === 'destroy' )) { return false; } // If expectIntegerId check is disabled, `id` is always ok if ( !controllerConfig.blueprints.expectIntegerId ) { return id; } // Ensure that id is numeric (unless this check is disabled) var castId = +id; if (id && _.isNaN(castId)) { // If it's not, move on to next middleware // but emit a console warning explaining the situation // (if the app is in development mode): if (sails.config.environment === 'development') { sails.log.warn('\n', 'Just then, you were prevented from being routed \n', 'to the `' + actionId + '` blueprint for controller: ' + controllerId + ' using `id='+id+'`.\n', 'This is because REST blueprint routes expect natural number ids by default, '+ 'and so the `' + actionId + '()` middleware was skipped- \n', 'If you\'d like to disable this restriction, you can do so by setting \n', '`expectIntegerId: false` in the blueprint config for this controller.'); } return false; } // Id is an integer return parseInt(id, 10); }; };