diff options
| author | Eugene Sokolov <eug-vs@keemail.me> | 2020-07-05 13:38:33 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-07-05 13:38:33 +0300 |
| commit | 96398e544463651413ea80821c09ae7573f46cb1 (patch) | |
| tree | df77b6f65247d87dbfde8000e918c83985624fc3 /services/feedback | |
| parent | da76bb1bd8797c4e1dc657c489f597bf64918ceb (diff) | |
| parent | 1c2f3c9e5b39826266d64f4227e53fff139ea948 (diff) | |
| download | which-api-96398e544463651413ea80821c09ae7573f46cb1.tar.gz | |
Merge pull request #17 from which-ecosystem/security
Prepare release-level backend security
Diffstat (limited to 'services/feedback')
| -rw-r--r-- | services/feedback/feedback.hooks.ts | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/services/feedback/feedback.hooks.ts b/services/feedback/feedback.hooks.ts index 56e9000..5bc2552 100644 --- a/services/feedback/feedback.hooks.ts +++ b/services/feedback/feedback.hooks.ts @@ -1,9 +1,30 @@ +import { populate, discard, disallow } from 'feathers-hooks-common'; import requireAuth from '../../hooks/requireAuth'; import signAuthority from '../../hooks/signAuthority'; +import sortByDate from '../../hooks/sortByDate'; + + +const populateAuthor = populate({ + schema: { + include: { + service: 'users', + nameAs: 'author', + parentField: 'authorId', + childField: '_id' + } + } +}); export default { before: { - create: [requireAuth, signAuthority] + create: [requireAuth, signAuthority], + find: sortByDate, + remove: disallow('external'), + patch: disallow('external'), + update: disallow('external') + }, + after: { + all: [populateAuthor, discard('authorId')] } }; |