diff options
author | eug-vs <eug-vs@keemail.me> | 2020-07-05 13:33:00 +0300 |
---|---|---|
committer | eug-vs <eug-vs@keemail.me> | 2020-07-05 13:34:41 +0300 |
commit | 85b3cc20e8f453868d06d55a688ee8dfe90b80d4 (patch) | |
tree | d0af5a84e190a0b80d48c8456771b8cb7e0f5ca4 | |
parent | 8f48be5b879b1ae92937dfa1d1f37f08fb167dfa (diff) | |
download | which-api-85b3cc20e8f453868d06d55a688ee8dfe90b80d4.tar.gz |
feat: protect all services
-rw-r--r-- | services/feedback/feedback.hooks.ts | 7 | ||||
-rw-r--r-- | services/polls/polls.hooks.ts | 6 | ||||
-rw-r--r-- | services/votes/votes.hooks.ts | 6 |
3 files changed, 15 insertions, 4 deletions
diff --git a/services/feedback/feedback.hooks.ts b/services/feedback/feedback.hooks.ts index 7ae6c5d..5bc2552 100644 --- a/services/feedback/feedback.hooks.ts +++ b/services/feedback/feedback.hooks.ts @@ -1,4 +1,4 @@ -import { populate, discard } from 'feathers-hooks-common'; +import { populate, discard, disallow } from 'feathers-hooks-common'; import requireAuth from '../../hooks/requireAuth'; import signAuthority from '../../hooks/signAuthority'; import sortByDate from '../../hooks/sortByDate'; @@ -18,7 +18,10 @@ const populateAuthor = populate({ export default { before: { create: [requireAuth, signAuthority], - find: sortByDate + find: sortByDate, + remove: disallow('external'), + patch: disallow('external'), + update: disallow('external') }, after: { all: [populateAuthor, discard('authorId')] diff --git a/services/polls/polls.hooks.ts b/services/polls/polls.hooks.ts index e3d04e7..35eae29 100644 --- a/services/polls/polls.hooks.ts +++ b/services/polls/polls.hooks.ts @@ -1,4 +1,5 @@ import { HookContext } from '@feathersjs/feathers'; +import { disallow } from 'feathers-hooks-common'; import { Types } from 'mongoose'; import bluebird from 'bluebird'; import _ from 'lodash'; import { Poll } from 'which-types'; @@ -46,7 +47,10 @@ const convertPoll = async (context: HookContext): Promise<HookContext> => { export default { before: { find: sortByDate, - create: signAuthority + create: signAuthority, + remove: disallow('external'), + update: disallow('external'), + patch: disallow('external') }, after: { all: convertPoll diff --git a/services/votes/votes.hooks.ts b/services/votes/votes.hooks.ts index 56e9000..923e897 100644 --- a/services/votes/votes.hooks.ts +++ b/services/votes/votes.hooks.ts @@ -1,9 +1,13 @@ +import { disallow } from 'feathers-hooks-common'; import requireAuth from '../../hooks/requireAuth'; import signAuthority from '../../hooks/signAuthority'; export default { before: { - create: [requireAuth, signAuthority] + create: [requireAuth, signAuthority], + remove: disallow('external'), + update: disallow('external'), + patch: disallow('external') } }; |