From 401d793da448e5f2e269d92fa8e9f4a9ca7ffa09 Mon Sep 17 00:00:00 2001 From: asyncnomi Date: Thu, 15 Dec 2022 10:50:07 +0100 Subject: [PATCH] Add supplement and amount type verification --- index.js | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/index.js b/index.js index 61dbc53..48ad37c 100644 --- a/index.js +++ b/index.js @@ -19,6 +19,7 @@ let AdminUsersUid = ["asyncnomi", "johan", "enthalpine", "fas", "arina", "billy" let UsersToken = {}; let TokenDurationSecond = 3600; let MaxAmountCrepe = 10; +let Supplements = ["nature", "sucre", "nutella", "confiture"]; var ldapConf = JSON.parse(fs.readFileSync("ldap-conf.json")); var LDAP = new LdapAuth({ @@ -115,13 +116,26 @@ fastify.post('/addPrank', async (request, reply) => { if ("where" in content && "amount" in content && "supplement" in content) { - if (amound < MaxAmountCrepe) { + let amount = parseInt(content.amount) + if (isNaN(amount)) { + return { + success: false, + why: "Unable to parse the amount as integer" + } + } + if (!Supplements.contains(content.supplement)) { + return { + success: false, + why: "This supplement isn't available" + } + } + if (amount < MaxAmountCrepe) { let prankUid = makeid(16); PrankData[prankUid] = { creator: content.uid, type: content.type, where: content.where, - amount: content.amount, + amount: amount, supplement: content.supplement, note: content.note, state: "Pending",