ensl/ensl_gathers
0
0
Fork 0
mirror of https://github.com/ENSL/ensl_gathers.git synced 2025-01-19 08:01:07 +00:00
Code Issues Projects Releases Packages Wiki Activity

Constrain user input on limit

Browse source
This commit is contained in:
Chris Blanchard 2015-12-29 02:23:56 +00:00
parent 21a8e26147
commit 04668bab46
2 changed files with 31 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
config/routes.js
View file

@ -31,8 +31,11 @@ module.exports = app => {
});
app.get("/api/messages", (request, response) => {
const limit = parseInt(request.query.limit, 10) || 250;
const page = parseInt(request.query.page, 10) || 0;
let limit = parseInt(request.query.limit, 10) || 250;
if (limit > 250 || limit < 1) limit = 250;
let query = {};
let searchTerm = request.query.query;
if (searchTerm) {

28
spec/messages.integration.js
View file

@ -71,7 +71,33 @@ describe("Messages", () => {
done();
});
});
it ("returns a maximum of last 250 messages");
it ("returns a maximum of last 250 messages", done => {
async.times(250, (n, next) => {
Message.create({
author: {
username: user.username,
avatar: user.avatar
},
content: "Message " + n
}, next);
}, (error) => {
if (error) return done(error);
request(app)
.get("/api/messages")
.query({
limit: 251
})
.expect("Content-Type", /json/)
.expect(200)
.end((error, response) => {
if (error) return done(error);
let result = response.body;
assert.equal(result.messages.length, 250);
assert.equal(result.limit, 250);
done();
});
});
});
it ("is sensitive to pagination", done => {
request(app)
.get("/api/messages")