Improve handling inputs globally

kkamara · kkamara · commit 6fd4d3ddab84 · 2025-09-10T17:57:58.000+01:00
diff --git a/src/models/v1/product.js b/src/models/v1/product.js
@@ -645,7 +645,7 @@ module.exports = (sequelize, DataTypes) => {
         return "The name field is required.";
       } else if ("string" !== typeof payload.name) {
         return "The name field must be a string.";
-      } else if (50 < payload.name.length) {
+      } else if (50 < payload.name.trim().length) {
         return "The name field must be less than 51 characters.";
       } else {
         const nameExists = await this.getProductBySlug(
@@ -666,18 +666,22 @@ module.exports = (sequelize, DataTypes) => {
         return "The weight field is required.";
       } else if (null === `${payload.weight}`.match(numberWithOptionalDecimalPartRegex)) {
         return "The weight field must be a number"
+      } else if (500 < Number(payload.weight)) {
+        return "The weight field number must not be greater than 500.";
       }
 
       if (undefined === payload.price) {
         return "The price field is required.";
       } else if (null === `${payload.price}`.match(numberWithOptionalDecimalPartRegex)) {
         return "The price field must be a number"
+      } else if (500 < Number(payload.price)) {
+        return "The price field number must not be greater than 500.";
       }
 
       if (payload.description) {
         if ("string" !== typeof payload.description) {
           return "The description field must be a string.";
-        } else if (1000 < payload.description.length) {
+        } else if (1000 < payload.description.trim().length) {
           return "The description field must be less than 1001 characters.";
         }
       }
@@ -728,19 +732,19 @@ module.exports = (sequelize, DataTypes) => {
       if (payload.stripeProductId) {
         if ("string" !== typeof payload.stripeProductId) {
           return "The stripe product id field must be of type string."
-        } else if (15 > payload.stripeProductId.length) {
+        } else if (15 > payload.stripeProductId.trim().length) {
           return "The stripe product id field length must be greater than 15 characters.";
-        } else if (30 < payload.stripeProductId.length) {
+        } else if (30 < payload.stripeProductId.trim().length) {
           return "The stripe product id field length must not exceed 30 characters.";
         }
       }
       
       if (payload.stripePriceId) {
         if ("string" !== typeof payload.stripePriceId) {
           return "The stripe price id field must be of type string."
-        } else if (15 > payload.stripePriceId.length) {
+        } else if (15 > payload.stripePriceId.trim().length) {
           return "The stripe price id field length must be greater than 15 characters.";
-        } else if (50 < payload.stripePriceId.length) {
+        } else if (50 < payload.stripePriceId.trim().length) {
           return "The stripe price id field length must not exceed 50 characters.";
         }
       }
@@ -766,7 +770,7 @@ module.exports = (sequelize, DataTypes) => {
         return "The name field is required.";
       } else if ("string" !== typeof payload.name) {
         return "The name field must be a string.";
-      } else if (50 < payload.name.length) {
+      } else if (50 < payload.name.trim().length) {
         return "The name field must be less than 51 characters.";
       } else {
         const newSlug = slugify(payload.name);
@@ -790,18 +794,22 @@ module.exports = (sequelize, DataTypes) => {
         return "The weight field is required.";
       } else if (null === `${payload.weight}`.match(numberWithOptionalDecimalPartRegex)) {
         return "The weight field must be a number"
+      } else if (500 < Number(payload.weight)) {
+        return "The weight field number must not be greater than 500.";
       }
 
       if (undefined === payload.price) {
         return "The price field is required.";
       } else if (null === `${payload.price}`.match(numberWithOptionalDecimalPartRegex)) {
         return "The price field must be a number"
+      } else if (500 < Number(payload.price)) {
+        return "The price field number must not be greater than 500.";
       }
 
       if (payload.description) {
         if ("string" !== typeof payload.description) {
           return "The description field must be a string.";
-        } else if (1000 < payload.description.length) {
+        } else if (1000 < payload.description.trim().length) {
           return "The description field must be less than 1001 characters.";
         }
       }
@@ -883,14 +891,14 @@ module.exports = (sequelize, DataTypes) => {
 
     static getNewProductData(payload) {
       const result = {
-        name: payload.name,
+        name: payload.name.trim(),
         units: payload.units,
         weight: payload.weight,
         price: payload.price,
         isLive: false,
       };
       if (payload.description) {
-        result.description = payload.description;
+        result.description = payload.description.trim();
       }
       if (payload.category) {
         result.category = payload.category;
@@ -904,24 +912,24 @@ module.exports = (sequelize, DataTypes) => {
         }
       }
       if (payload.stripeProductId) {
-        result.stripeProductId = payload.stripeProductId;
+        result.stripeProductId = payload.stripeProductId.trim();
       }
       if (payload.stripePriceId) {
-        result.stripePriceId = payload.stripePriceId;
+        result.stripePriceId = payload.stripePriceId.trim();
       }
       return result;
     }
 
     static getEditProductData(payload) {
       const result = {
-        name: payload.name,
+        name: payload.name.trim(),
         units: payload.units,
         weight: payload.weight,
         price: payload.price,
         isLive: false,
       };
       if (payload.description) {
-        result.description = payload.description;
+        result.description = payload.description.trim();
       }
       if (payload.category) {
         result.category = payload.category;
@@ -935,10 +943,10 @@ module.exports = (sequelize, DataTypes) => {
         }
       }
       if (payload.stripeProductId) {
-        result.stripeProductId = payload.stripeProductId;
+        result.stripeProductId = payload.stripeProductId.trim();
       }
       if (payload.stripePriceId) {
-        result.stripePriceId = payload.stripePriceId;
+        result.stripePriceId = payload.stripePriceId.trim();
       }
       return result;
     }
diff --git a/src/models/v1/user.js b/src/models/v1/user.js
@@ -292,7 +292,7 @@ module.exports = (sequelize, DataTypes) => {
         return "The email field is missing.";
       } else if ("string" !== typeof bodyInput.email) {
         return "The email field must be of type string";
-      } else if (30 < bodyInput.email.length) {
+      } else if (30 < bodyInput.email.trim().length) {
         return "The email field length must not exceed 30 characters.";
       } else if (null === bodyInput.email.match(validEmailRegex)) {
         return "The email field must be a valid email address.";
@@ -508,7 +508,7 @@ module.exports = (sequelize, DataTypes) => {
         return "The email field is missing.";
       } else if ("string" !== typeof bodyInput.email) {
         return "The email field must be of type string";
-      } else if (30 < bodyInput.email.length) {
+      } else if (30 < bodyInput.email.trim().length) {
         return "The email field length must not exceed 30 characters.";
       } else if (null === bodyInput.email.match(validEmailRegex)) {
         return "The email field must be a valid email address.";
@@ -541,7 +541,7 @@ module.exports = (sequelize, DataTypes) => {
         return false;
       }
       
-      return { email, password, };
+      return { email: email.trim(), password, };
     }
 
     /**
diff --git a/src/models/v1/userAddress.js b/src/models/v1/userAddress.js
@@ -153,36 +153,46 @@ module.exports = (sequelize, DataTypes) => {
         return "The address line 1 field is required.";
       } else if ("string" !== typeof payload.addressLine1) {
         return "The address line 1 field must be of type string.";
+      } else if (50 < payload.addressLine1.trim().length) {
+        return "The address line 1 field must not exceed 50 characters";
       }
 
       if (payload.addressLine2) {
         if ("string" !== typeof payload.addressLine2) {
           return "The address line 2 field must be of type string.";
         }
+      } else if (50 < payload.addressLine2.trim().length) {
+        return "The address line 2 field must not exceed 50 characters";
       }
 
       if (!payload.zipCode) {
         return "The zip code field is required.";
       } else if ("string" !== typeof payload.zipCode) {
         return "The zip code field must be of type string.";
+      } else if (10 < payload.zipCode.trim().length) {
+        return "The zip code field must not exceed 10 characters";
       }
 
       if (!payload.city) {
         return "The city field is required.";
       } else if ("string" !== typeof payload.city) {
         return "The city field must be of type string.";
+      } else if (20 < payload.city.trim().length) {
+        return "The city field must not exceed 20 characters";
       }
 
       if (!payload.state) {
         return "The state field is required.";
       } else if ("string" !== typeof payload.state) {
         return "The state field must be of type string.";
+      } else if (20 < payload.state.trim().length) {
+        return "The address line 1 field must not exceed 20 characters";
       }
 
       if (payload.telephoneAreaCode) {
         if ("string" !== typeof payload.telephoneAreaCode) {
           return "The telephone area code field must be of type string.";
-        } else if (6 < payload.telephoneAreaCode.length) {
+        } else if (6 < payload.telephoneAreaCode.trim().length) {
           return "The telephone area code field must not be greater than 6 characters.";
         }
       }
@@ -191,7 +201,7 @@ module.exports = (sequelize, DataTypes) => {
         return "The telephone field is required.";
       } else if ("string" !== typeof payload.telephone) {
         return "The telephone field must be of type string.";
-      } else if (30 < payload.telephone.length) {
+      } else if (30 < payload.telephone.trim().length) {
         return "The telephone field must not be greater than 30 characters.";
       }
 
@@ -216,31 +226,31 @@ module.exports = (sequelize, DataTypes) => {
       const result = {};
 
       if (payload.addressLine1) {
-        result.addressLine1 = payload.addressLine1;
+        result.addressLine1 = payload.addressLine1.trim();
       }
 
       if (payload.addressLine2) {
-        result.addressLine2 = payload.addressLine2;
+        result.addressLine2 = payload.addressLine2.trim();
       }
 
       if (payload.zipCode) {
-        result.zipCode = payload.zipCode;
+        result.zipCode = payload.zipCode.trim();
       }
 
       if (payload.city) {
-        result.city = payload.city;
+        result.city = payload.city.trim();
       }
 
       if (payload.state) {
-        result.state = payload.state;
+        result.state = payload.state.trim();
       }
 
       if (payload.telephoneAreaCode) {
-        result.telephoneAreaCode = payload.telephoneAreaCode;
+        result.telephoneAreaCode = payload.telephoneAreaCode.trim();
       }
 
       if (payload.telephone) {
-        result.telephone = payload.telephone;
+        result.telephone = payload.telephone.trim();
       }
 
       return result;

Original file line number	Diff line number	Diff line change
`@@ -153,36 +153,46 @@ module.exports = (sequelize, DataTypes) => {`
`153`	`153`	`return "The address line 1 field is required.";`
`154`	`154`	`} else if ("string" !== typeof payload.addressLine1) {`
`155`	`155`	`return "The address line 1 field must be of type string.";`
	`156`	`+ } else if (50 < payload.addressLine1.trim().length) {`
	`157`	`+ return "The address line 1 field must not exceed 50 characters";`
`156`	`158`	`}`
`157`	`159`
`158`	`160`	`if (payload.addressLine2) {`
`159`	`161`	`if ("string" !== typeof payload.addressLine2) {`
`160`	`162`	`return "The address line 2 field must be of type string.";`
`161`	`163`	`}`
	`164`	`+ } else if (50 < payload.addressLine2.trim().length) {`
	`165`	`+ return "The address line 2 field must not exceed 50 characters";`
`162`	`166`	`}`
`163`	`167`
`164`	`168`	`if (!payload.zipCode) {`
`165`	`169`	`return "The zip code field is required.";`
`166`	`170`	`} else if ("string" !== typeof payload.zipCode) {`
`167`	`171`	`return "The zip code field must be of type string.";`
	`172`	`+ } else if (10 < payload.zipCode.trim().length) {`
	`173`	`+ return "The zip code field must not exceed 10 characters";`
`168`	`174`	`}`
`169`	`175`
`170`	`176`	`if (!payload.city) {`
`171`	`177`	`return "The city field is required.";`
`172`	`178`	`} else if ("string" !== typeof payload.city) {`
`173`	`179`	`return "The city field must be of type string.";`
	`180`	`+ } else if (20 < payload.city.trim().length) {`
	`181`	`+ return "The city field must not exceed 20 characters";`
`174`	`182`	`}`
`175`	`183`
`176`	`184`	`if (!payload.state) {`
`177`	`185`	`return "The state field is required.";`
`178`	`186`	`} else if ("string" !== typeof payload.state) {`
`179`	`187`	`return "The state field must be of type string.";`
	`188`	`+ } else if (20 < payload.state.trim().length) {`
	`189`	`+ return "The address line 1 field must not exceed 20 characters";`
`180`	`190`	`}`
`181`	`191`
`182`	`192`	`if (payload.telephoneAreaCode) {`
`183`	`193`	`if ("string" !== typeof payload.telephoneAreaCode) {`
`184`	`194`	`return "The telephone area code field must be of type string.";`
`185`		`- } else if (6 < payload.telephoneAreaCode.length) {`
	`195`	`+ } else if (6 < payload.telephoneAreaCode.trim().length) {`
`186`	`196`	`return "The telephone area code field must not be greater than 6 characters.";`
`187`	`197`	`}`
`188`	`198`	`}`
`@@ -191,7 +201,7 @@ module.exports = (sequelize, DataTypes) => {`
`191`	`201`	`return "The telephone field is required.";`
`192`	`202`	`} else if ("string" !== typeof payload.telephone) {`
`193`	`203`	`return "The telephone field must be of type string.";`
`194`		`- } else if (30 < payload.telephone.length) {`
	`204`	`+ } else if (30 < payload.telephone.trim().length) {`
`195`	`205`	`return "The telephone field must not be greater than 30 characters.";`
`196`	`206`	`}`
`197`	`207`
`@@ -216,31 +226,31 @@ module.exports = (sequelize, DataTypes) => {`
`216`	`226`	`const result = {};`
`217`	`227`
`218`	`228`	`if (payload.addressLine1) {`
`219`		`- result.addressLine1 = payload.addressLine1;`
	`229`	`+ result.addressLine1 = payload.addressLine1.trim();`
`220`	`230`	`}`
`221`	`231`
`222`	`232`	`if (payload.addressLine2) {`
`223`		`- result.addressLine2 = payload.addressLine2;`
	`233`	`+ result.addressLine2 = payload.addressLine2.trim();`
`224`	`234`	`}`
`225`	`235`
`226`	`236`	`if (payload.zipCode) {`
`227`		`- result.zipCode = payload.zipCode;`
	`237`	`+ result.zipCode = payload.zipCode.trim();`
`228`	`238`	`}`
`229`	`239`
`230`	`240`	`if (payload.city) {`
`231`		`- result.city = payload.city;`
	`241`	`+ result.city = payload.city.trim();`
`232`	`242`	`}`
`233`	`243`
`234`	`244`	`if (payload.state) {`
`235`		`- result.state = payload.state;`
	`245`	`+ result.state = payload.state.trim();`
`236`	`246`	`}`
`237`	`247`
`238`	`248`	`if (payload.telephoneAreaCode) {`
`239`		`- result.telephoneAreaCode = payload.telephoneAreaCode;`
	`249`	`+ result.telephoneAreaCode = payload.telephoneAreaCode.trim();`
`240`	`250`	`}`
`241`	`251`
`242`	`252`	`if (payload.telephone) {`
`243`		`- result.telephone = payload.telephone;`
	`253`	`+ result.telephone = payload.telephone.trim();`
`244`	`254`	`}`
`245`	`255`
`246`	`256`	`return result;`