Update input validation

routes/manageRestaurantInformation.js

@@ -6,6 +6,8 @@ const Restaurant = require('../models/restaurant');
 const OpeningHours = require('../models/openingHours');
 const openGeocoder = require('node-open-geocoder');
 
+const inputValidator = require('../middleware/inputValidationMiddleware.js');
+const validationSchema = require('../validationSchemas.js');
 const auth = require('../middleware/authorizationMiddleware.js');
 const isOwner = require('../middleware/checkIfOwnerMiddleware.js');
 const findRestaurant = require('../middleware/findRestaurantOfOwnerMiddleware.js');
@@ -81,7 +83,7 @@ router.get('/', auth, isOwner, findRestaurant, async (req, res) => {
 });
 
 //Edit restaurant's information
-router.put('/', auth, isOwner, findRestaurant, async (req, res) => {
+router.put('/', auth, inputValidator(validationSchema.configureDataOfRestaurantValidation), isOwner, findRestaurant, async (req, res) => {
     try {
         await openGeocoder()
             .geocode(req.body.address + ', ' + req.body.city)

routes/ownerProfile.js

@@ -6,6 +6,8 @@ const bcrypt = require('bcrypt');
 
 const Owner = require('../models/owner.js');
 
+const inputValidator = require('../middleware/inputValidationMiddleware.js');
+const validationSchema = require('../validationSchemas.js');
 const auth = require('../middleware/authorizationMiddleware.js');
 const isOwner = require('../middleware/checkIfOwnerMiddleware.js');
 
@@ -21,7 +23,7 @@ router.get('/', auth, isOwner, async (req, res) => {
 });
 
 //Edit profile data of the owner
-router.put('/', auth, isOwner, async (req, res) => {
+router.put('/', auth, inputValidator(validationSchema.editOwnerProfileValidation), isOwner, async (req, res) => {
     try {
         //check if the the email is already taken (it must be unique)
         const owners = await Owner.findAll({
@@ -73,7 +75,7 @@ router.delete('/', auth, isOwner, async (req, res) => {
 });
 
 //Change password of the owner
-router.put('/password', auth, isOwner, async (req, res) => {
+router.put('/password', auth, inputValidator(validationSchema.changeOwnerPassword), isOwner, async (req, res) => {
     try {
         //check if the old password sent is correct
         const oldPassword = await Owner.findAll({

validationSchemas.js

@@ -1,40 +1,43 @@
 const Joi = require('joi');
 const schemas = {
     loginValidation: Joi.object().keys({
-        username: Joi.string().regex(/^[a-zA-Z0-9]/).min(5),
-        password: Joi.string().regex(/^[a-zA-Z0-9]/).min(5),
+        username: Joi.string(),
+        password: Joi.string(),
         isRestaurantOwner: Joi.boolean()
     }),
     registrationCustomerValidation: Joi.object().keys({
         username: Joi.string().regex(/^[a-zA-Z0-9]/).min(5).required(),
         email: Joi.string().trim().email({minDomainAtoms: 1}).required(),
-        password: Joi.string().regex(/^[a-zA-Z0-9]/).min(5).required(),
+        password: Joi.string().min(5).required(),
     }),
     registrationOwnerValidation: Joi.object().keys({
         username: Joi.string().regex(/^[a-zA-Z0-9]/).min(5).required(),
         name: Joi.string().regex(/^[a-zA-Z0-9]/).min(1).required(),
         surname: Joi.string().regex(/^[a-zA-Z0-9]/).min(1).required(),
         email: Joi.string().trim().email({minDomainAtoms: 1}).required(),
-        password: Joi.string().regex(/^[a-zA-Z0-9]/).min(5).required(),
+        password: Joi.string().min(5).required(),
     }),
     registrationConsultantValidation: Joi.object().keys({
         username: Joi.string().regex(/^[a-zA-Z0-9]/).min(5).required(),
-        password: Joi.string().regex(/^[a-zA-Z0-9]/).min(5).required(),
+        password: Joi.string().min(5).required(),
         name: Joi.string().regex(/^[a-zA-Z0-9]/).min(1).required(),
         surname: Joi.string().regex(/^[a-zA-Z0-9]/).min(1).required(),
         email: Joi.string().trim().email({minDomainAtoms: 1}).required(),
-        companySecret: Joi.string().regex(/^[a-zA-Z0-9]/).min(5).required()
+        companySecret: Joi.string().min(5).required()
     }),
+    //Add an empty menu to a restaurant
     addMenuValidation: Joi.object().keys({
         name: Joi.string().regex(/^[a-zA-Z0-9]/).min(1).required(),
         description: Joi.string().regex(/^[a-zA-Z0-9]/).min(1).required(),
         tags: Joi.array().items(Joi.string().regex(/^[a-zA-Z0-9]/))
     }),
+    //Edit a menu's information (not its items)
     editMenuValidation: Joi.object().keys({
         name: Joi.string().regex(/^[a-zA-Z0-9]/).min(1).required(),
         description: Joi.string().regex(/^[a-zA-Z0-9]/).min(1).required(),
         tags: Joi.array().items(Joi.string().regex(/^[a-zA-Z0-9]/))
     }),
+    //Edit restaurant's information
     configureDataOfRestaurantValidation: Joi.object().keys({
         name: Joi.string().min(1).required(),
         address: Joi.string().min(1).required(),
@@ -48,6 +51,17 @@ const schemas = {
             openTime: Joi.string(),
             closeTime: Joi.string()
         }))
+    }),
+    //Edit profile data of the owner
+    editOwnerProfileValidation: Joi.object().keys({
+        email: Joi.string().trim().email({minDomainAtoms: 1}).required(),
+        name: Joi.string().regex(/^[a-zA-Z0-9]/).min(1).required(),
+        surname: Joi.string().regex(/^[a-zA-Z0-9]/).min(1).required(),
+    }),
+    //Change the password of the owner
+    changeOwnerPassword: Joi.object().keys({
+        oldPassword: Joi.strin().required(),
+        newPassword: Joi.string().min(5).required(),
     })
 
     // define all the other schemas below