aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoreug-vs <eug-vs@keemail.me>2020-07-05 13:33:00 +0300
committereug-vs <eug-vs@keemail.me>2020-07-05 13:34:41 +0300
commit85b3cc20e8f453868d06d55a688ee8dfe90b80d4 (patch)
treed0af5a84e190a0b80d48c8456771b8cb7e0f5ca4
parent8f48be5b879b1ae92937dfa1d1f37f08fb167dfa (diff)
downloadwhich-api-85b3cc20e8f453868d06d55a688ee8dfe90b80d4.tar.gz
feat: protect all services
-rw-r--r--services/feedback/feedback.hooks.ts7
-rw-r--r--services/polls/polls.hooks.ts6
-rw-r--r--services/votes/votes.hooks.ts6
3 files changed, 15 insertions, 4 deletions
diff --git a/services/feedback/feedback.hooks.ts b/services/feedback/feedback.hooks.ts
index 7ae6c5d..5bc2552 100644
--- a/services/feedback/feedback.hooks.ts
+++ b/services/feedback/feedback.hooks.ts
@@ -1,4 +1,4 @@
-import { populate, discard } from 'feathers-hooks-common';
+import { populate, discard, disallow } from 'feathers-hooks-common';
import requireAuth from '../../hooks/requireAuth';
import signAuthority from '../../hooks/signAuthority';
import sortByDate from '../../hooks/sortByDate';
@@ -18,7 +18,10 @@ const populateAuthor = populate({
export default {
before: {
create: [requireAuth, signAuthority],
- find: sortByDate
+ find: sortByDate,
+ remove: disallow('external'),
+ patch: disallow('external'),
+ update: disallow('external')
},
after: {
all: [populateAuthor, discard('authorId')]
diff --git a/services/polls/polls.hooks.ts b/services/polls/polls.hooks.ts
index e3d04e7..35eae29 100644
--- a/services/polls/polls.hooks.ts
+++ b/services/polls/polls.hooks.ts
@@ -1,4 +1,5 @@
import { HookContext } from '@feathersjs/feathers';
+import { disallow } from 'feathers-hooks-common';
import { Types } from 'mongoose';
import bluebird from 'bluebird'; import _ from 'lodash';
import { Poll } from 'which-types';
@@ -46,7 +47,10 @@ const convertPoll = async (context: HookContext): Promise<HookContext> => {
export default {
before: {
find: sortByDate,
- create: signAuthority
+ create: signAuthority,
+ remove: disallow('external'),
+ update: disallow('external'),
+ patch: disallow('external')
},
after: {
all: convertPoll
diff --git a/services/votes/votes.hooks.ts b/services/votes/votes.hooks.ts
index 56e9000..923e897 100644
--- a/services/votes/votes.hooks.ts
+++ b/services/votes/votes.hooks.ts
@@ -1,9 +1,13 @@
+import { disallow } from 'feathers-hooks-common';
import requireAuth from '../../hooks/requireAuth';
import signAuthority from '../../hooks/signAuthority';
export default {
before: {
- create: [requireAuth, signAuthority]
+ create: [requireAuth, signAuthority],
+ remove: disallow('external'),
+ update: disallow('external'),
+ patch: disallow('external')
}
};