Download raw (1.5 KB)
// a library for validations // over time we expect to extract more helpers and move them here. exports.init = function(newDoc, oldDoc, userCtx, secObj) { var v = {}; v.forbidden = function(message) { throw({forbidden : message}); }; v.unauthorized = function(message) { throw({unauthorized : message}); }; v.assert = function(should, message) { if (!should) v.forbidden(message); } v.isAdmin = function() { return userCtx.roles.indexOf('_admin') != -1 }; v.isRole = function(role) { return userCtx.roles.indexOf(role) != -1 }; v.require = function() { for (var i=0; i < arguments.length; i++) { var field = arguments[i]; message = "The '"+field+"' field is required."; if (typeof newDoc[field] == "undefined") v.forbidden(message); }; }; v.unchanged = function(field) { if (oldDoc && oldDoc[field] != newDoc[field]) v.forbidden("You may not change the '"+field+"' field."); }; v.matches = function(field, regex, message) { if (!newDoc[field].match(regex)) { message = message || "Format of '"+field+"' field is invalid."; v.forbidden(message); } }; // this ensures that the date will be UTC, parseable, and collate correctly v.dateFormat = function(field) { message = "Sorry, '"+field+"' is not a valid date format. Try: 2010-02-24T17:00:03.432Z"; v.matches(field, /\d{4}\-\d{2}\-\d{2}T\d{2}:\d{2}:\d{2}(\.\d*)?Z/, message); } return v; };