1 files changed, 38 insertions, 1 deletions
diff --git a/app/Controllers/Http/WorkspaceController.js b/app/Controllers/Http/WorkspaceController.js
index 5573382..3d45893 100644
--- a/app/Controllers/Http/WorkspaceController.js
+++ b/app/Controllers/Http/WorkspaceController.js
@@ -1,6 +1,10 @@
 'use strict'
 const Workspace = use('App/Models/Workspace');
+const {
+  validateAll
+} = use('Validator');
 const uuid = require('uuid/v4');
 class WorkspaceController {
@@ -16,6 +20,17 @@ class WorkspaceController {
      return response.send('Missing or invalid api token')
    }
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required|alpha',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        "message": "Invalid POST arguments",
+        "status": 401
+      })
+    }
    const data = request.all();
    // Get new, unused uuid
@@ -56,6 +71,18 @@ class WorkspaceController {
      return response.send('Missing or invalid api token')
    }
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      name: 'required|alpha',
+      services: 'required|array'
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        "message": "Invalid POST arguments",
+        "status": 401
+      })
+    }
    const data = request.all();
    const {
      id
@@ -95,7 +122,17 @@ class WorkspaceController {
      return response.send('Missing or invalid api token')
    }
-    const data = request.all();
+    // Validate user input
+    const validation = await validateAll(request.all(), {
+      id: 'required',
+    });
+    if (validation.fails()) {
+      return response.status(401).send({
+        "message": "Invalid POST arguments",
+        "status": 401
+      })
+    }
    const {
      id
    } = params;

diff --git a/app/Controllers/Http/WorkspaceController.js b/app/Controllers/Http/WorkspaceController.js index 5573382..3d45893 100644 --- a/app/Controllers/Http/WorkspaceController.js +++ b/app/Controllers/Http/WorkspaceController.js
@@ -1,6 +1,10 @@
1	'use strict'	1	'use strict'
2		2
3	const Workspace = use('App/Models/Workspace');	3	const Workspace = use('App/Models/Workspace');
		4	const {
		5	validateAll
		6	} = use('Validator');
		7
4	const uuid = require('uuid/v4');	8	const uuid = require('uuid/v4');
5		9
6	class WorkspaceController {	10	class WorkspaceController {
@@ -16,6 +20,17 @@ class WorkspaceController {
16	return response.send('Missing or invalid api token')	20	return response.send('Missing or invalid api token')
17	}	21	}
18		22
		23	// Validate user input
		24	const validation = await validateAll(request.all(), {
		25	name: 'required\|alpha',
		26	});
		27	if (validation.fails()) {
		28	return response.status(401).send({
		29	"message": "Invalid POST arguments",
		30	"status": 401
		31	})
		32	}
		33
19	const data = request.all();	34	const data = request.all();
20		35
21	// Get new, unused uuid	36	// Get new, unused uuid
@@ -56,6 +71,18 @@ class WorkspaceController {
56	return response.send('Missing or invalid api token')	71	return response.send('Missing or invalid api token')
57	}	72	}
58		73
		74	// Validate user input
		75	const validation = await validateAll(request.all(), {
		76	name: 'required\|alpha',
		77	services: 'required\|array'
		78	});
		79	if (validation.fails()) {
		80	return response.status(401).send({
		81	"message": "Invalid POST arguments",
		82	"status": 401
		83	})
		84	}
		85
59	const data = request.all();	86	const data = request.all();
60	const {	87	const {
61	id	88	id
@@ -95,7 +122,17 @@ class WorkspaceController {
95	return response.send('Missing or invalid api token')	122	return response.send('Missing or invalid api token')
96	}	123	}
97		124
98	const data = request.all();	125	// Validate user input
		126	const validation = await validateAll(request.all(), {
		127	id: 'required',
		128	});
		129	if (validation.fails()) {
		130	return response.status(401).send({
		131	"message": "Invalid POST arguments",
		132	"status": 401
		133	})
		134	}
		135
99	const {	136	const {
100	id	137	id
101	} = params;	138	} = params;