Skip to content

Commit

Permalink
Sanitize Mongo collection names falling back on "useRawColletionNames"
Browse files Browse the repository at this point in the history
  • Loading branch information
leodutra committed Feb 13, 2017
1 parent 5ab4a80 commit 77b74a7
Showing 1 changed file with 11 additions and 11 deletions.
22 changes: 11 additions & 11 deletions lib/mongodb-backend.js
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,11 @@ var _ = require('lodash');
// If prefix is specified, it will be prepended to this name, like acl_resources
var aclCollectionName = 'resources';

function MongoDBBackend(db, prefix, useSingle){
function MongoDBBackend(db, prefix, useSingle, useRawColletionNames){
this.db = db;
this.prefix = typeof prefix !== 'undefined' ? prefix : '';
this.useSingle = (typeof useSingle !== 'undefined') ? useSingle : false;
this.useRawColletionNames = useRawColletionNames === false; // requires explicit boolean false value
}

MongoDBBackend.prototype = {
Expand Down Expand Up @@ -61,7 +62,7 @@ MongoDBBackend.prototype = {
var searchParams = (this.useSingle? {_bucketname: bucket, key:key} : {key:key});
var collName = (this.useSingle? aclCollectionName : bucket);

this.db.collection(this.prefix + removeUnsupportedChar(collName),function(err,collection){
this.db.collection(this.prefix + removeUnsupportedChar(collName, this.useRawColletionNames),function(err,collection){
if(err instanceof Error) return cb(err);
// Excluding bucket field from search result
collection.findOne(searchParams, {_bucketname: 0},function(err, doc){
Expand All @@ -84,7 +85,7 @@ MongoDBBackend.prototype = {
var searchParams = (this.useSingle? {_bucketname: bucket, key: { $in: keys }} : {key: { $in: keys }});
var collName = (this.useSingle? aclCollectionName : bucket);

this.db.collection(this.prefix + removeUnsupportedChar(collName),function(err,collection){
this.db.collection(this.prefix + removeUnsupportedChar(collName, this.useRawColletionNames),function(err,collection){
if(err instanceof Error) return cb(err);
// Excluding bucket field from search result
collection.find(searchParams, {_bucketname: 0}).toArray(function(err,docs){
Expand Down Expand Up @@ -116,7 +117,7 @@ MongoDBBackend.prototype = {
var collName = (self.useSingle? aclCollectionName : bucket);
transaction.push(function(cb){
values = makeArray(values);
self.db.collection(self.prefix + removeUnsupportedChar(collName), function(err,collection){
self.db.collection(self.prefix + removeUnsupportedChar(collName, self.useRawColletionNames), function(err,collection){
if(err instanceof Error) return cb(err);

// build doc from array values
Expand All @@ -132,7 +133,7 @@ MongoDBBackend.prototype = {
});

transaction.push(function(cb) {
self.db.collection(self.prefix + collName, function(err,collection){
self.db.collection(self.prefix + removeUnsupportedChar(collName, self.useRawColletionNames), function(err,collection){
// Create index
collection.ensureIndex({_bucketname: 1, key: 1}, function(err){
if (err instanceof Error) {
Expand All @@ -158,7 +159,7 @@ MongoDBBackend.prototype = {
var collName = (self.useSingle? aclCollectionName : bucket);

transaction.push(function(cb){
self.db.collection(self.prefix + removeUnsupportedChar(collName),function(err,collection){
self.db.collection(self.prefix + removeUnsupportedChar(collName, self.useRawColletionNames),function(err,collection){
if(err instanceof Error) return cb(err);
collection.remove(updateParams,{safe:true},function(err){
if(err instanceof Error) return cb(err);
Expand All @@ -182,7 +183,7 @@ MongoDBBackend.prototype = {

values = makeArray(values);
transaction.push(function(cb){
self.db.collection(self.prefix + removeUnsupportedChar(collName),function(err,collection){
self.db.collection(self.prefix + removeUnsupportedChar(collName, self.useRawColletionNames),function(err,collection){
if(err instanceof Error) return cb(err);

// build doc from array values
Expand All @@ -199,11 +200,10 @@ MongoDBBackend.prototype = {
}
}

function removeUnsupportedChar(text) {
if (typeof text == 'string' || text instanceof String) {
function removeUnsupportedChar(text, useRawColletionNames) {
if (!useRawColletionNames && (typeof text === 'string' || text instanceof String)) {
text = decodeURIComponent(text);
text = text.replace(/\//g, '');
text = text.replace(/ /g, '');
text = text.replace(/[/\s]+/g, ''); // replaces slashes and spaces
}
return text;
}
Expand Down

0 comments on commit 77b74a7

Please sign in to comment.