Add object key/ID validation. Centralize key generation/checking.
This commit is contained in:
parent
e1f59482c4
commit
dcd65d087c
|
@ -1008,8 +1008,3 @@ Zotero.Collection.prototype._refreshChildItems = Zotero.Promise.coroutine(functi
|
|||
return this.loadChildItems(true);
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
Zotero.Collection.prototype._generateKey = function () {
|
||||
return Zotero.Utilities.generateObjectKey();
|
||||
}
|
||||
|
|
|
@ -27,17 +27,32 @@
|
|||
Zotero.DataObjectUtilities = {
|
||||
"checkLibraryID": function (libraryID) {
|
||||
if (libraryID === null) {
|
||||
Zotero.debug("Deprecated: libraryID cannot be NULL\n\n" + Components.stack, 2);
|
||||
Zotero.debug("Deprecated: libraryID cannot be NULL", 2, 1);
|
||||
}
|
||||
else {
|
||||
var intValue = parseInt(libraryID);
|
||||
if (libraryID != intValue) {
|
||||
throw new Error("libraryID must be an integer");
|
||||
if (libraryID != intValue || intValue < 0) {
|
||||
throw new Error("libraryID must be a positive integer");
|
||||
}
|
||||
}
|
||||
return intValue;
|
||||
},
|
||||
|
||||
"checkDataID": function(dataID) {
|
||||
var intValue = parseInt(dataID);
|
||||
if (dataID != intValue || dataID < 0)
|
||||
throw new Error("id must be a positive integer");
|
||||
return intValue;
|
||||
},
|
||||
|
||||
"checkKey": function(key) {
|
||||
if (!key) return null;
|
||||
if (!Zotero.Utilities.isValidObjectKey(key)) {
|
||||
throw new Error("key is not valid");
|
||||
}
|
||||
return key;
|
||||
},
|
||||
|
||||
"getObjectTypePlural": function getObjectTypePlural(objectType) {
|
||||
return objectType == 'search' ? 'searches' : objectType + 's';
|
||||
},
|
||||
|
|
|
@ -83,13 +83,6 @@ Zotero.ID_Tracker = function () {
|
|||
}
|
||||
});
|
||||
|
||||
|
||||
this.isValidKey = function (value) {
|
||||
var re = /^[23456789ABCDEFGHIJKLMNPQRSTUVWXYZ]{8}$/
|
||||
return re.test(value);
|
||||
}
|
||||
|
||||
|
||||
function getBigInt(max) {
|
||||
if (!max) {
|
||||
max = 9007199254740991;
|
||||
|
|
|
@ -1642,13 +1642,6 @@ Zotero.Search.prototype._buildQuery = Zotero.Promise.coroutine(function* () {
|
|||
this._sqlParams = sqlParams.length ? sqlParams : false;
|
||||
});
|
||||
|
||||
|
||||
Zotero.Search.prototype._generateKey = function () {
|
||||
return Zotero.Utilities.generateObjectKey();
|
||||
}
|
||||
|
||||
|
||||
|
||||
Zotero.Searches = new function(){
|
||||
Zotero.DataObjects.apply(this, ['search', 'searches', 'savedSearch', 'savedSearches']);
|
||||
this.constructor.prototype = new Zotero.DataObjects();
|
||||
|
|
|
@ -1812,16 +1812,26 @@ Zotero.Utilities = {
|
|||
return Zotero.ItemTypes.getImageSrc(attachment.mimeType === "application/pdf"
|
||||
? "attachment-pdf" : "attachment-snapshot");
|
||||
},
|
||||
|
||||
|
||||
"allowedKeyChars": "23456789ABCDEFGHIJKLMNPQRSTUVWXYZ",
|
||||
|
||||
/**
|
||||
* Generates a valid object key for the server API
|
||||
*/
|
||||
"generateObjectKey":function generateObjectKey() {
|
||||
// TODO: add 'L' and 'Y' after 3.0.11 cut-off
|
||||
var baseString = "23456789ABCDEFGHIJKMNPQRSTUVWXZ";
|
||||
return Zotero.Utilities.randomString(8, baseString);
|
||||
return Zotero.Utilities.randomString(8, Zotero.Utilities.allowedKeyChars);
|
||||
},
|
||||
|
||||
|
||||
/**
|
||||
* Check if an object key is in a valid format
|
||||
*/
|
||||
"isValidObjectKey":function(key) {
|
||||
if (!Zotero.Utilities.objectKeyRegExp) {
|
||||
Zotero.Utilities.objectKeyRegExp = new RegExp('^[' + Zotero.Utilities.allowedKeyChars + ']{8}$');
|
||||
}
|
||||
return Zotero.Utilities.objectKeyRegExp.test(key);
|
||||
},
|
||||
|
||||
/**
|
||||
* Provides unicode support and other additional features for regular expressions
|
||||
* See https://github.com/slevithan/xregexp for usage
|
||||
|
|
Loading…
Reference in New Issue
Block a user