Update route.js to support "put" more than 2 levels deep

jspears / mers

Mongoose Express Rest Service

MIT License

343 stars 42 forks source link

Update route.js to support "put" more than 2 levels deep #28

Closed VARG0S closed 10 years ago

VARG0S commented 10 years ago

Modified routes.js to support deeper "levels" was having trouble with the code in router.put binding to an $id more than 2 levels deep


while (o && pos.length - 1) {
  o = o[pos.shift()]
}

Example: Using the example from the readme, posting to

http://localhost:3000/rest/blogpost/$id/comments/

will work fine, however if you add another level like

http://localhost:3000/rest/blogpost/$id/comments/$id/notes/

then an error would occur.

I modified the code to assume that any additional layers would follow a path of

/level1/$id/level2/$id/level3/...etc

jspears commented 10 years ago

Thanks for the patch... Not real crazy about using eval for this, especially since they are untrusted strings, it would not be hard to create a vulenerability. I'll rework the walk stuff to do the right thing.

VARG0S commented 10 years ago

Sounds good, we weren't too crazy about the eval either, but it sufficed for a demo we are working on. Thanks!

jspears commented 10 years ago

I think I have some fixes in there for you. If you have issues let me know, otherwise I will do a release in a day or two.

On Wed, May 14, 2014 at 12:43 PM, Matt notifications@github.com wrote:

Sounds good, we weren't too crazy about the eval either, but it sufficed for a demo we are working on. Thanks!

— Reply to this email directly or view it on GitHubhttps://github.com/jspears/mers/pull/28#issuecomment-43105714 .