( rawQuery: Record<string, any>, schema: SchemaOverview, accountability?: Accountability | null, )
| 17 | * Sanitize the query parameters and parse them where necessary. |
| 18 | */ |
| 19 | export async function sanitizeQuery( |
| 20 | rawQuery: Record<string, any>, |
| 21 | schema: SchemaOverview, |
| 22 | accountability?: Accountability | null, |
| 23 | ): Promise<Query> { |
| 24 | const env = useEnv(); |
| 25 | |
| 26 | const query: Query = {}; |
| 27 | |
| 28 | const hasMaxLimit = |
| 29 | 'QUERY_LIMIT_MAX' in env && |
| 30 | Number(env['QUERY_LIMIT_MAX']) >= 0 && |
| 31 | !Number.isNaN(Number(env['QUERY_LIMIT_MAX'])) && |
| 32 | Number.isFinite(Number(env['QUERY_LIMIT_MAX'])); |
| 33 | |
| 34 | if (rawQuery['limit'] !== undefined) { |
| 35 | const limit = sanitizeLimit(rawQuery['limit']); |
| 36 | |
| 37 | if (typeof limit === 'number') { |
| 38 | query.limit = limit === -1 && hasMaxLimit ? Number(env['QUERY_LIMIT_MAX']) : limit; |
| 39 | } |
| 40 | } else if (hasMaxLimit) { |
| 41 | query.limit = Math.min(Number(env['QUERY_LIMIT_DEFAULT']), Number(env['QUERY_LIMIT_MAX'])); |
| 42 | } |
| 43 | |
| 44 | if (rawQuery['fields']) { |
| 45 | query.fields = sanitizeFields(rawQuery['fields']); |
| 46 | } |
| 47 | |
| 48 | if (rawQuery['groupBy']) { |
| 49 | query.group = sanitizeFields(rawQuery['groupBy']); |
| 50 | } |
| 51 | |
| 52 | if (rawQuery['aggregate']) { |
| 53 | query.aggregate = sanitizeAggregate(rawQuery['aggregate']); |
| 54 | } |
| 55 | |
| 56 | if (rawQuery['sort']) { |
| 57 | query.sort = sanitizeSort(rawQuery['sort']); |
| 58 | } |
| 59 | |
| 60 | if (rawQuery['filter']) { |
| 61 | query.filter = await sanitizeFilter(rawQuery['filter'], schema, accountability || null); |
| 62 | } |
| 63 | |
| 64 | if (rawQuery['offset'] !== undefined) { |
| 65 | query.offset = sanitizeOffset(rawQuery['offset']); |
| 66 | } |
| 67 | |
| 68 | if (rawQuery['page']) { |
| 69 | query.page = sanitizePage(rawQuery['page']); |
| 70 | } |
| 71 | |
| 72 | if (rawQuery['meta']) { |
| 73 | (query as any).meta = sanitizeMeta(rawQuery['meta']); |
| 74 | } |
| 75 | |
| 76 | if (rawQuery['search'] && typeof rawQuery['search'] === 'string') { |
no test coverage detected