From fe20a393b1d00424ef09825ca9a8e9d4025c64e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bertrand=20N=C3=A9ron?= <bneron@pasteur.fr>
Date: Tue, 27 Mar 2012 08:47:39 +0000
Subject: [PATCH] add function which  - allow only admin to create/update
 document  - perform some basic checking on structure of newDocument

---
 src/couchapp/secreton/validate_doc_update.js | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 src/couchapp/secreton/validate_doc_update.js

diff --git a/src/couchapp/secreton/validate_doc_update.js b/src/couchapp/secreton/validate_doc_update.js
new file mode 100644
index 0000000..7262d8b
--- /dev/null
+++ b/src/couchapp/secreton/validate_doc_update.js
@@ -0,0 +1,15 @@
+	
+function(newDoc, oldDoc, userCtx, secObj) {
+	 if(!userCtx || userCtx.roles.indexOf("admin") == -1 ) {
+         throw({forbidden: "Bad user userCtx.name="+userCtx.name+" , userCtx.roles="+userCtx.roles});
+      } else {
+    	  if (!newDoc.code) throw({forbidden : "Secretion system must have a code"});
+    	  if (!newDoc.genes) throw({forbidden : "Secretion system must have a genes"});
+    	  if (!newDoc.T3SS_family) throw({forbidden : "Secretion system must have a T3SS_family"});
+    	  if (!newDoc.replicon) throw({forbidden : "Secretion system must have a replicon"});
+    	  if (!newDoc.replicon.strain) throw({forbidden : "Replicon must have a strain"});
+    	  if (!newDoc.replicon.type) throw({forbidden : "Replicon must have a type"});
+    	  if (!newDoc.replicon.name) throw({forbidden : "Replicon must have a name"});
+      }
+}
+
-- 
GitLab