We are deliberately loose on validity checks in the point model, but in the api calls is where we have the most vulnerability to hacks - (people deliberately inserting bad stuff).
We need to create methods for strong validity checks for the properties in model/point.js and export them so that the api's can use them.
In app/models/point.js Create and export validity checks for:
[ ] _id
[ ] title
[ ] description
[ ] parentId
[ ] category
[ ] round
[ ] others to be determined
[ ] create jest tests for each of the above, with one passing and one failing case
apply the validity tests, for required, and optional fields if present, and create an additional jest test for failing
[ ] socket-apis/upsert-point
[ ] socket-apis/upsert-why
The name of the validity test should match the name of the property. Even better to consider if there is some shorthand way using joi or just an object to make the code clean and minimal in the apis.
We are deliberately loose on validity checks in the point model, but in the api calls is where we have the most vulnerability to hacks - (people deliberately inserting bad stuff).
We need to create methods for strong validity checks for the properties in model/point.js and export them so that the api's can use them.
See Joi an it's methods for validity checking in undebate-ssp/app/socket-apis/find-and-set-election-doc
In app/models/point.js Create and export validity checks for:
The name of the validity test should match the name of the property. Even better to consider if there is some shorthand way using joi or just an object to make the code clean and minimal in the apis.