diff --git a/js/apps/system/sessions/app.js b/js/apps/system/sessions/app.js index f0a87105ce..5161f60dbc 100644 --- a/js/apps/system/sessions/app.js +++ b/js/apps/system/sessions/app.js @@ -3,10 +3,12 @@ (function () { 'use strict'; var _ = require('underscore'), + joi = require('joi'), Foxx = require('org/arangodb/foxx'), errors = require('./errors'), controller = new Foxx.Controller(applicationContext), - api = Foxx.requireApp(applicationContext.mount).sessionStorage; + api = Foxx.requireApp(applicationContext.mount).sessionStorage, + sessionId = joi.string().description('Session ID'); controller.post('/', function (req, res) { var session = api.create(req.body()); @@ -21,10 +23,7 @@ var session = api.get(req.urlParameters.sid); res.json(session.forClient()); }) - .pathParam('sid', { - description: 'Session ID', - type: 'string' - }) + .pathParam('sid', {type: sessionId}) .errorResponse(errors.SessionExpired, 404, 'Session has expired') .errorResponse(errors.SessionNotFound, 404, 'Session does not exist') .summary('Read session') @@ -37,10 +36,7 @@ session.save(); res.json(session.forClient()); }) - .pathParam('sid', { - description: 'Session ID', - type: 'string' - }) + .pathParam('sid', {type: sessionId}) .errorResponse(errors.SessionExpired, 404, 'Session has expired') .errorResponse(errors.SessionNotFound, 404, 'Session does not exist') .errorResponse(SyntaxError, 400, 'Malformed or non-JSON session data.') @@ -54,10 +50,7 @@ session.save(); res.json(session.forClient()); }) - .pathParam('sid', { - description: 'Session ID', - type: 'string' - }) + .pathParam('sid', {type: sessionId}) .errorResponse(errors.SessionExpired, 404, 'Session has expired') .errorResponse(errors.SessionNotFound, 404, 'Session does not exist') .errorResponse(SyntaxError, 400, 'Malformed or non-JSON session data.') @@ -68,10 +61,7 @@ api.destroy(req.urlParameters.sid); res.status(204); }) - .pathParam('sid', { - description: 'Session ID', - type: 'string' - }) + .pathParam('sid', {type: sessionId}) .errorResponse(errors.SessionNotFound, 404, 'Session does not exist') .summary('Delete session') .notes('Removes the session with the given sid from the database.'); diff --git a/js/apps/system/sessions/storage.js b/js/apps/system/sessions/storage.js index 67afab2e7f..77794310a6 100644 --- a/js/apps/system/sessions/storage.js +++ b/js/apps/system/sessions/storage.js @@ -3,6 +3,7 @@ (function () { 'use strict'; var _ = require('underscore'), + joi = require('joi'), internal = require('internal'), arangodb = require('org/arangodb'), db = arangodb.db, @@ -11,15 +12,15 @@ Foxx = require('org/arangodb/foxx'), errors = require('./errors'), cfg = applicationContext.configuration, - Session = Foxx.Model.extend({}, { - attributes: { - _key: {type: 'string', required: true}, - uid: {type: 'string', required: false}, - sessionData: {type: 'object', required: true}, - userData: {type: 'object', required: true}, - created: {type: 'integer', required: true}, - lastAccess: {type: 'integer', required: true}, - lastUpdate: {type: 'integer', required: true} + Session = Foxx.Model.extend({ + schema: { + _key: joi.string().required(), + uid: joi.string().optional(), + sessionData: joi.object().required(), + userData: joi.object().required(), + created: joi.number().integer().required(), + lastAccess: joi.number().integer().required(), + lastUpdate: joi.number().integer().required() } }), sessions = new Foxx.Repository( diff --git a/js/apps/system/users/storage.js b/js/apps/system/users/storage.js index bb72b1336a..0a02c83569 100644 --- a/js/apps/system/users/storage.js +++ b/js/apps/system/users/storage.js @@ -3,15 +3,16 @@ (function () { 'use strict'; var _ = require('underscore'), + joi = require('joi'), arangodb = require('org/arangodb'), db = arangodb.db, Foxx = require('org/arangodb/foxx'), errors = require('./errors'), - User = Foxx.Model.extend({}, { - attributes: { - user: {type: 'string', required: true}, - authData: {type: 'object', required: true}, - userData: {type: 'object', required: true} + User = Foxx.Model.extend({ + schema: { + user: joi.string().required(), + authData: joi.object().required(), + userData: joi.object().required() } }), users = new Foxx.Repository(