@stuntman/server - npm Package Compare versions

Comparing version 0.1.9 to 0.1.10

dist/api/validators.js

@@ -9,9 +9,13 @@ "use strict";
     }
-    if (typeof rule.id !== 'string') {
+    // TODO make a nice regex to limit rule names
+    if (typeof rule.id !== 'string' || !rule.id.trim()) {
         throw new shared_1.AppError({ httpCode: shared_1.HttpCode.BAD_REQUEST, message: 'invalid rule.id' });
     }
-    if (typeof rule.matches !== 'object' || !('remoteFn' in rule.matches) || typeof rule.matches.remoteFn !== 'string') {
+    if (typeof rule.matches !== 'object' ||
+        !('remoteFn' in rule.matches) ||
+        typeof rule.matches.remoteFn !== 'string' ||
+        !rule.matches.remoteFn.trim()) {
         throw new shared_1.AppError({ httpCode: shared_1.HttpCode.BAD_REQUEST, message: 'invalid rule.matches' });
     }
-    if (rule.priority && typeof rule.priority !== 'number') {
+    if (typeof rule.priority !== 'undefined' && (typeof rule.priority !== 'number' || rule.priority < 0)) {
         throw new shared_1.AppError({ httpCode: shared_1.HttpCode.BAD_REQUEST, message: 'invalid rule.priority' });
@@ -32,9 +36,16 @@ }
     if (typeof rule.actions.mockResponse !== 'undefined') {
-        if (typeof rule.actions.mockResponse !== 'object') {
+        if (typeof rule.actions.mockResponse !== 'object' || Array.isArray(rule.actions.mockResponse)) {
             throw new shared_1.AppError({ httpCode: shared_1.HttpCode.BAD_REQUEST, message: 'invalid rule.actions.mockResponse' });
         }
-        if ('remoteFn' in rule.actions.mockResponse && typeof rule.actions.mockResponse.remoteFn !== 'string') {
+        if ('remoteFn' in rule.actions.mockResponse &&
+            ('rawHeaders' in rule.actions.mockResponse ||
+                'status' in rule.actions.mockResponse ||
+                'body' in rule.actions.mockResponse)) {
             throw new shared_1.AppError({ httpCode: shared_1.HttpCode.BAD_REQUEST, message: 'invalid rule.actions.mockResponse' });
         }
-        else if ('status' in rule.actions.mockResponse) {
+        if ('remoteFn' in rule.actions.mockResponse &&
+            (typeof rule.actions.mockResponse.remoteFn !== 'string' || !rule.actions.mockResponse.remoteFn.trim())) {
+            throw new shared_1.AppError({ httpCode: shared_1.HttpCode.BAD_REQUEST, message: 'invalid rule.actions.mockResponse' });
+        }
+        if (!('remoteFn' in rule.actions.mockResponse)) {
             if (typeof rule.actions.mockResponse.status !== 'number') {
@@ -48,2 +59,3 @@ throw new shared_1.AppError({
                 (!Array.isArray(rule.actions.mockResponse.rawHeaders) ||
+                    rule.actions.mockResponse.rawHeaders.length % 2 !== 0 ||
                     rule.actions.mockResponse.rawHeaders.some((header) => typeof header !== 'string'))) {
@@ -86,3 +98,6 @@ throw new shared_1.AppError({
     }
-    if (!rule.ttlSeconds || rule.ttlSeconds < shared_1.MIN_RULE_TTL_SECONDS || rule.ttlSeconds > shared_1.MAX_RULE_TTL_SECONDS) {
+    if (!rule.ttlSeconds ||
+        typeof rule.ttlSeconds !== 'number' ||
+        rule.ttlSeconds < shared_1.MIN_RULE_TTL_SECONDS ||
+        rule.ttlSeconds > shared_1.MAX_RULE_TTL_SECONDS) {
         throw new shared_1.AppError({
@@ -89,0 +104,0 @@ httpCode: shared_1.HttpCode.BAD_REQUEST,

package.json

 {
   "name": "@stuntman/server",
-  "version": "0.1.9",
+  "version": "0.1.10",
   "description": "Stuntman - HTTP proxy / mock server with API",
@@ -5,0 +5,0 @@ "main": "dist/index.js",

README.md

@@ -6,2 +6,3 @@ # Stuntman server
 [![Coverage Status](https://coveralls.io/repos/github/andrzej-woof/stuntman/badge.svg)][coverage]
+![License](https://img.shields.io/github/license/andrzej-woof/stuntman)
 
@@ -8,0 +9,0 @@ [npmjs]: https://www.npmjs.com/package/@stuntman/server

src/api/validators.ts

@@ -8,9 +8,15 @@ import { AppError, HttpCode, MAX_RULE_TTL_SECONDS, MIN_RULE_TTL_SECONDS, logger, RawHeaders } from '@stuntman/shared';
     }
-    if (typeof rule.id !== 'string') {
+    // TODO make a nice regex to limit rule names
+    if (typeof rule.id !== 'string' || !rule.id.trim()) {
         throw new AppError({ httpCode: HttpCode.BAD_REQUEST, message: 'invalid rule.id' });
     }
-    if (typeof rule.matches !== 'object' || !('remoteFn' in rule.matches) || typeof rule.matches.remoteFn !== 'string') {
+    if (
+        typeof rule.matches !== 'object' ||
+        !('remoteFn' in rule.matches) ||
+        typeof rule.matches.remoteFn !== 'string' ||
+        !rule.matches.remoteFn.trim()
+    ) {
         throw new AppError({ httpCode: HttpCode.BAD_REQUEST, message: 'invalid rule.matches' });
     }
-    if (rule.priority && typeof rule.priority !== 'number') {
+    if (typeof rule.priority !== 'undefined' && (typeof rule.priority !== 'number' || rule.priority < 0)) {
         throw new AppError({ httpCode: HttpCode.BAD_REQUEST, message: 'invalid rule.priority' });
@@ -33,8 +39,20 @@ }
     if (typeof rule.actions.mockResponse !== 'undefined') {
-        if (typeof rule.actions.mockResponse !== 'object') {
+        if (typeof rule.actions.mockResponse !== 'object' || Array.isArray(rule.actions.mockResponse)) {
             throw new AppError({ httpCode: HttpCode.BAD_REQUEST, message: 'invalid rule.actions.mockResponse' });
         }
-        if ('remoteFn' in rule.actions.mockResponse && typeof rule.actions.mockResponse.remoteFn !== 'string') {
+        if (
+            'remoteFn' in rule.actions.mockResponse &&
+            ('rawHeaders' in rule.actions.mockResponse ||
+                'status' in rule.actions.mockResponse ||
+                'body' in rule.actions.mockResponse)
+        ) {
             throw new AppError({ httpCode: HttpCode.BAD_REQUEST, message: 'invalid rule.actions.mockResponse' });
-        } else if ('status' in rule.actions.mockResponse) {
+        }
+        if (
+            'remoteFn' in rule.actions.mockResponse &&
+            (typeof rule.actions.mockResponse.remoteFn !== 'string' || !rule.actions.mockResponse.remoteFn.trim())
+        ) {
+            throw new AppError({ httpCode: HttpCode.BAD_REQUEST, message: 'invalid rule.actions.mockResponse' });
+        }
+        if (!('remoteFn' in rule.actions.mockResponse)) {
             if (typeof rule.actions.mockResponse.status !== 'number') {
@@ -49,2 +67,3 @@ throw new AppError({
                 (!Array.isArray(rule.actions.mockResponse.rawHeaders) ||
+                    rule.actions.mockResponse.rawHeaders.length % 2 !== 0 ||
                     rule.actions.mockResponse.rawHeaders.some((header) => typeof header !== 'string'))
@@ -94,3 +113,8 @@ ) {
     }
-    if (!rule.ttlSeconds || rule.ttlSeconds < MIN_RULE_TTL_SECONDS || rule.ttlSeconds > MAX_RULE_TTL_SECONDS) {
+    if (
+        !rule.ttlSeconds ||
+        typeof rule.ttlSeconds !== 'number' ||
+        rule.ttlSeconds < MIN_RULE_TTL_SECONDS ||
+        rule.ttlSeconds > MAX_RULE_TTL_SECONDS
+    ) {
         throw new AppError({
@@ -97,0 +121,0 @@ httpCode: HttpCode.BAD_REQUEST,

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

196681

increased by1.24%

Lines of code

2527

increased by1.57%

Number of lines in readme file

138

increased by0.73%

No dependency changes