This methods will clean and do basic formatting of an entity data. You should always execute it on data coming from an untrusted source. MyModel.sanitize() will:
remove properties that are marked as not writable in schemas
convert 'null' (string) values to null
convert entity refs that have been populated back to their Datastore Key
// user.model.js
const userSchema = new Schema({
name : { type: String },
createdOn : { type: Date, write: false } // write is not allowed
});
// or with a Joi schema
const schema = new Schema({
name: { joi: Joi.string() },
createdOn: { joi: Joi.date().strip() } // strip() will remove the property when Sanitizing
}, { joi: true });
module.exports = gstore.model('User', userSchema);
// user.controller.js
const User = require('./user.model');
let data = req.body;
console.log(data);
/*
{
createdOn: '2016-03-01T21:30:00',
name: 'null',
propertyNotDefined: 'abcdef',
}
*/
// Now sanitize the body request
data = User.sanitize(req.body);
console.log(data);
/*
{
name: null,
}
*/
