From 672393e9159cfba0494eb39047f0d803398925db Mon Sep 17 00:00:00 2001 From: Typicode Date: Thu, 7 Jan 2016 04:12:04 +0100 Subject: [PATCH] Add --read-only option --- CHANGELOG.md | 8 +++++++- src/cli/index.js | 6 +++++- src/cli/run.js | 18 ++++++++---------- src/server/defaults.js | 11 +++++++++++ test/cli/index.js | 8 ++++++-- 5 files changed, 37 insertions(+), 14 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 811632a..ea6d761 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Change Log +## [0.8.6][2015-01-07] + +### Added + +* CLI option `-ro/--read-only` to allow only GET requests + ## [0.8.5][2015-12-28] ### Fixed @@ -16,7 +22,7 @@ ### Added -* CLI option `-q/--quied` +* CLI option `-q/--quiet` * Nested route `POST /posts/1/comments` * Not equal operator `GET /posts?id_ne=1` diff --git a/src/cli/index.js b/src/cli/index.js index dd16162..e3ab94d 100644 --- a/src/cli/index.js +++ b/src/cli/index.js @@ -32,6 +32,10 @@ module.exports = function () { alias: 's', description: 'Set static files directory' }, + 'read-only': { + alias: 'ro', + description: 'Allow only GET requests' + }, snapshots: { alias: 'S', description: 'Set snapshots directory', @@ -52,6 +56,7 @@ module.exports = function () { } }) .boolean('watch') + .boolean('read-only') .boolean('quiet') .help('help').alias('help', 'h') .version(pkg.version).alias('version', 'v') @@ -63,5 +68,4 @@ module.exports = function () { .argv run(argv) - } diff --git a/src/cli/run.js b/src/cli/run.js index aa53920..4bacaff 100644 --- a/src/cli/run.js +++ b/src/cli/run.js @@ -42,18 +42,16 @@ function createApp (source, object, routes, argv) { object ) - var defaults - if (argv.static) { - defaults = jsonServer.defaults({ - logger: !argv.quiet, - static: path.join(process.cwd(), argv.static) - }) - } else { - defaults = jsonServer.defaults({ - logger: !argv.quiet - }) + var defaultsOpts = { + logger: !argv.quiet, + readOnly: argv.readOnly } + if (argv.static) { + defaultsOpts.static = path.join(process.cwd(), argv.static) + } + + var defaults = jsonServer.defaults(defaultsOpts) app.use(defaults) if (routes) { diff --git a/src/server/defaults.js b/src/server/defaults.js index b6024a2..960846c 100644 --- a/src/server/defaults.js +++ b/src/server/defaults.js @@ -47,5 +47,16 @@ module.exports = function (opts) { next() }) + // Read-only + if (opts.readOnly) { + arr.push(function (req, res, next) { + if (req.method === 'GET') { + next() // Continue + } else { + res.sendStatus(403) // Forbidden + } + }) + } + return arr } diff --git a/test/cli/index.js b/test/cli/index.js index 36404e4..93aac70 100644 --- a/test/cli/index.js +++ b/test/cli/index.js @@ -82,10 +82,10 @@ describe('cli', function () { }) - describe('db.json -r routes.json -i _id', function () { + describe('db.json -r routes.json -i _id --read-only', function () { beforeEach(function (done) { - child = cli([dbFile, '-r', routesFile, '-i', '_id']) + child = cli([dbFile, '-r', routesFile, '-i', '_id', '--read-only']) serverReady(PORT, done) }) @@ -93,6 +93,10 @@ describe('cli', function () { request.get('/blog/posts/2').expect(200, done) }) + it('should allow only GET requests', function (done) { + request.post('/blog/posts').expect(403, done) + }) + }) describe('db.json -d 1000', function () {