Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
};
// PUT /role/{id}
exports.update = {
description: 'Update an existing role',
pre: [AuthCtrl.authorize(Resources.ROLE)],
handler: RoleCtrl.update,
validate: {
params: Joi.object({
id: Joi.number()
.integer()
.required()
.description('The id of the role')
}),
payload: Joi.object({
id: Joi.forbidden(),
name: Joi.string()
.min(Role.NAME_MIN_LENGTH)
.max(Role.NAME_MAX_LENGTH)
.description('The name of the role'),
description: Joi.string()
.max(Role.DESC_MAX_LENGTH)
.description('The description of the role')
})
}
};
// PUT /role/{id}/users
exports.addUsers = {
description: 'Add users to an existing role',
pre: [AuthCtrl.authorize(Resources.ROLE)],
handler: RoleCtrl.addUsers,
const proxiesSchemas = {
kinesis: Joi.object({
kinesis: proxy.append({ streamName: stringOrRef.required(), partitionKey, request })
}),
s3: Joi.object({
s3: proxy.append({
action: Joi.string()
.valid('GetObject', 'PutObject', 'DeleteObject')
.required(),
bucket: stringOrRef.required(),
// don't accept a key when requestParameters has a 'integration.request.path.object' property
key: Joi.when('requestParameters', {
is: requestParameters
.keys({ 'integration.request.path.object': Joi.string().required() })
.required(),
then: Joi.forbidden(),
otherwise: key.required()
}),
requestParameters
})
}),
sns: Joi.object({
sns: proxy.append({ topicName: stringOrGetAtt('topicName', 'TopicName').required(), request })
}),
sqs: Joi.object({
sqs: proxy.append({
queueName: stringOrGetAtt('queueName', 'QueueName').required(),
requestParameters
})
}),
dynamodb: Joi.object({
dynamodb: proxy.append({
.integer()
.positive()
.required()
.description('The ID of the user')
})
}
};
// PUT /user/{id}
exports.update = {
description: 'Update an existing user',
pre: [AuthCtrl.authorize(Resources.USER)],
handler: UserCtrl.update,
validate: {
payload: Joi.object({
id: Joi.forbidden(),
username: Joi.string()
.min(User.USERNAME_MIN_LENGTH)
.max(User.USERNAME_MAX_LENGTH)
.description('The username of the user'),
name: Joi.string()
.min(User.NAME_MIN_LENGTH)
.max(User.NAME_MAX_LENGTH)
.description('The real name of the user'),
email: Joi.string()
.email()
.description('the email of the user'),
password: Joi.string()
.min(User.PASSWORD_MIN_LENGTH)
.max(User.PASSWORD_MAX_LENGTH)
.description('The password of the user'),
avatar: Joi.string()
timeout: Joi.number().integer().positive().allow(false).default(10 * 1000),
defaultContentType: Joi.string().default('application/json'),
compression: Joi.object()
.pattern(/.+/, Joi.object())
.default()
})
.default(),
plugins: Joi.object(),
response: Joi.object({
disconnectStatusCode: Joi.number().integer().min(400).default(499),
emptyStatusCode: Joi.valid(200, 204).default(204),
failAction: internals.failAction,
modify: Joi.boolean(),
options: Joi.object(),
ranges: Joi.boolean().default(true),
sample: Joi.number().min(0).max(100).when('modify', { then: Joi.forbidden() }),
schema: Joi.alternatives(Joi.object(), Joi.array(), Joi.function()).allow(true, false),
status: Joi.object().pattern(/\d\d\d/, Joi.alternatives(Joi.object(), Joi.array(), Joi.function()).allow(true, false))
})
.default(),
security: Joi.object({
hsts: Joi.alternatives([
Joi.object({
maxAge: Joi.number(),
includeSubdomains: Joi.boolean(),
includeSubDomains: Joi.boolean(),
preload: Joi.boolean()
}),
Joi.boolean(),
Joi.number()
])
.default(15768000),
exports.update = {
description: 'Update an existing permission',
pre: [AuthCtrl.authorize(Resources.PERMISSION)],
handler: PermissionCtrl.update,
validate: {
params: Joi.object({
id: Joi.number()
.integer()
.positive()
.required()
.description('The id of the permission')
}),
payload: Joi.object({
id: Joi.forbidden(),
action: Joi.forbidden(),
resource: Joi.forbidden(),
description: Joi.string()
.max(Permission.DESCRIPTION_MAX_LENGTH)
.required()
.description('The description of the permission')
})
}
};
.description('The real name of the user'),
email: Joi.string()
.email()
.description('the email of the user'),
password: Joi.string()
.min(User.PASSWORD_MIN_LENGTH)
.max(User.PASSWORD_MAX_LENGTH)
.description('The password of the user'),
avatar: Joi.string()
.uri({
scheme: ['http', 'https'],
allowRelative: true
})
.description('The URI to the user avatar'),
active: Joi.boolean().description('If the user is active'),
roles: Joi.forbidden()
})
}
};
Joi.boolean(),
Joi.object({ raw: Joi.boolean(), name: Joi.string() })
])
.default(false),
cookie: Joi.object({
name: Joi.string().default('sid'),
encoding: Joi.valid('iron').default('iron'),
password: Joi.required(),
ignoreErrors: Joi.valid(true).default(true)
})
.unknown()
.default(),
keepAlive: Joi.boolean()
.when('cookie.ttl', { is: Joi.number().min(1), otherwise: Joi.forbidden() })
.default(false),
redirectTo: Joi.alternatives([
Joi.string(),
Joi.func()
])
.allow(false),
requestDecoratorName: Joi.string().default('cookieAuth'),
validateFunc: Joi.func()
})
.required();
internals.CookieAuth = class {
.description('The new name'),
email: Joi.string()
.email()
.description('The new email'),
password: Joi.string()
.min(User.PASSWORD_MIN_LENGTH)
.max(User.PASSWORD_MAX_LENGTH)
.description('The new password'),
avatar: Joi.string()
.uri({
scheme: ['http', 'https'],
allowRelative: true
})
.description('The new user avatar URI'),
roles: Joi.forbidden(),
active: Joi.forbidden()
})
}
};
.max(User.NAME_MAX_LENGTH)
.description('The new name'),
email: Joi.string()
.email()
.description('The new email'),
password: Joi.string()
.min(User.PASSWORD_MIN_LENGTH)
.max(User.PASSWORD_MAX_LENGTH)
.description('The new password'),
avatar: Joi.string()
.uri({
scheme: ['http', 'https'],
allowRelative: true
})
.description('The new user avatar URI'),
roles: Joi.forbidden(),
active: Joi.forbidden()
})
}
};
internals.schema = Joi.object({
provider: Joi.object({
name: Joi.string().optional().default('custom'),
protocol: Joi.string().valid('oauth', 'oauth2'),
temporary: Joi.string().when('protocol', { is: 'oauth', then: Joi.required(), otherwise: Joi.forbidden() }),
signatureMethod: Joi.string().valid('HMAC-SHA1', 'RSA-SHA1').when('protocol', { is: 'oauth', then: Joi.default('HMAC-SHA1'), otherwise: Joi.forbidden() }),
auth: Joi.string().required(),
useParamsAuth: internals.flexBoolean.default(false).when('protocol', { is: 'oauth2', then: Joi.optional(), otherwise: Joi.forbidden() }),
token: Joi.string().required(),
headers: Joi.object(),
profile: Joi.func(),
profileMethod: Joi.string().valid('get', 'post').default('get'),
scope: Joi.alternatives().try(
Joi.array().items(Joi.string()),
Joi.func()
).when('protocol', { is: 'oauth2', otherwise: Joi.forbidden() }),
scopeSeparator: Joi.string().when('protocol', { is: 'oauth2', otherwise: Joi.forbidden() })
}).required(),
password: Joi.string().required(),
clientId: Joi.string().required(),
clientSecret: Joi.alternatives().when('protocol', {
is: 'oauth',
then: Joi.string().required().allow(''),
otherwise: Joi.alternatives().try(Joi.string().allow(''), Joi.object())
}).required(),
cookie: Joi.string(),
isSameSite: Joi.valid('Strict', 'Lax').allow(false).default('Strict'),
isSecure: internals.flexBoolean,
isHttpOnly: internals.flexBoolean,
ttl: Joi.number(),
domain: Joi.string().allow(null),
providerParams: Joi.alternatives().try(Joi.object(), Joi.func()),