1 // a library for validations
2 // over time we expect to extract more helpers and move them here.
3 exports.init = function(newDoc, oldDoc, userCtx, secObj) {
6 v.forbidden = function(message) {
7 throw({forbidden : message});
10 v.unauthorized = function(message) {
11 throw({unauthorized : message});
14 v.assert = function(should, message) {
15 if (!should) v.forbidden(message);
18 v.isAdmin = function() {
19 return userCtx.roles.indexOf('_admin') != -1
22 v.isRole = function(role) {
23 return userCtx.roles.indexOf(role) != -1
26 v.require = function() {
27 for (var i=0; i < arguments.length; i++) {
28 var field = arguments[i];
29 message = "The '"+field+"' field is required.";
30 if (typeof newDoc[field] == "undefined") v.forbidden(message);
34 v.unchanged = function(field) {
35 if (oldDoc && oldDoc[field] != newDoc[field])
36 v.forbidden("You may not change the '"+field+"' field.");
39 v.matches = function(field, regex, message) {
40 if (!newDoc[field].match(regex)) {
41 message = message || "Format of '"+field+"' field is invalid.";
46 // this ensures that the date will be UTC, parseable, and collate correctly
47 v.dateFormat = function(field) {
48 message = "Sorry, '"+field+"' is not a valid date format. Try: 2010-02-24T17:00:03.432Z";
49 v.matches(field, /\d{4}\-\d{2}\-\d{2}T\d{2}:\d{2}:\d{2}(\.\d*)?Z/, message);