From 607ec5b36cc6771608d2143df087a724ad1a84d7 Mon Sep 17 00:00:00 2001 From: cg99 Date: Mon, 27 May 2024 10:16:26 +1000 Subject: [PATCH 1/5] category --- Controller/recipeController.js | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/Controller/recipeController.js b/Controller/recipeController.js index 9379464..5bae46c 100644 --- a/Controller/recipeController.js +++ b/Controller/recipeController.js @@ -109,9 +109,9 @@ exports.top5recipe = (req, res, next)=>{ next(); } -exports.getAllRecipe =catchAsync(async (req, res, next)=>{ +exports.getAllRecipe = catchAsync(async (req, res, next)=>{ try { - const features = new APIFeatures(Recipe.find(), req.query) + const features = new APIFeatures(Recipe.find().populate('category'), req.query) .filter() .sort() .limitFields() @@ -190,7 +190,7 @@ exports.getUserRecipes = async (req, res, next) => { }; exports.getSingleRecipe = catchAsync(async (req, res,next)=>{ - const oneRecipe= await Recipe.findById(req.params.id).populate('reviews'); + const oneRecipe = await Recipe.findById(req.params.id).populate('reviews'); if(!oneRecipe){ return next (new AppError(`Provided id ${req.params.id} is not found (or doesnt exist)`, 404)); } @@ -199,7 +199,6 @@ exports.getSingleRecipe = catchAsync(async (req, res,next)=>{ status:'Success', recipe:oneRecipe }) - }) From 377a3b825c5c5bf4ca477d2bf3ec8eb682bd4c10 Mon Sep 17 00:00:00 2001 From: cg99 Date: Mon, 27 May 2024 10:20:23 +1000 Subject: [PATCH 2/5] fix error message category --- Controller/categoryController.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Controller/categoryController.js b/Controller/categoryController.js index 459ba96..1efb5ae 100644 --- a/Controller/categoryController.js +++ b/Controller/categoryController.js @@ -9,10 +9,10 @@ exports.createCategory = catchAsync(async (req,res,next)=>{ const newCat = await Category.create(req.body); res.status(201).json({ status:'success', - review:newCat + category:newCat }) if(!newCat){ - return next (new AppError(' Something went wrong while posting your review', 400)) + return next (new AppError(' Something went wrong while creating your category', 400)) } }); From 1a6791eaf17087b1aa73c91ced7f40ebc4ff5994 Mon Sep 17 00:00:00 2001 From: Safar123 <49110664+Safar123@users.noreply.github.com> Date: Mon, 27 May 2024 10:29:00 +1000 Subject: [PATCH 3/5] Update app.js removing csurf package --- app.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/app.js b/app.js index 89dd203..f314a07 100644 --- a/app.js +++ b/app.js @@ -23,7 +23,6 @@ app.use(express.json()); app.use(mongoSanitize()); app.use(xss()); -app.use(csurf()); app.use(hpp()); const userRoute = require('./Routes/userRoutes'); @@ -48,4 +47,4 @@ app.all('*', (req, res, next)=>{ next(new GlobalError(`This ${req.originalUrl} link is not defined on this server`, 404)); }) app.use(errorHandler); -module.exports=app; \ No newline at end of file +module.exports=app; From f80502f75e248b2e97372f670600998e2bef5340 Mon Sep 17 00:00:00 2001 From: Safar123 <49110664+Safar123@users.noreply.github.com> Date: Mon, 27 May 2024 10:38:01 +1000 Subject: [PATCH 4/5] Update app.js disabling xss helmet and ratelimit --- app.js | 32 ++++++++++++++++---------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/app.js b/app.js index f314a07..250742f 100644 --- a/app.js +++ b/app.js @@ -2,28 +2,28 @@ const express = require ('express'); const morgan = require('morgan'); const GlobalError = require('./utils/globalError'); const errorHandler = require('./Controller/errorController'); -const rateLimit = require('express-rate-limit'); -const helmet = require('helmet'); -const mongoSanitize= require('express-mongo-sanitize'); -const xss = require('xss-clean'); -const hpp = require('hpp'); -const csurf = require('csurf'); +//const rateLimit = require('express-rate-limit'); +//const helmet = require('helmet'); +//const mongoSanitize= require('express-mongo-sanitize'); +//const xss = require('xss-clean'); +//const hpp = require('hpp'); +//const csurf = require('csurf'); const app = express(); -app.use(helmet()); +//app.use(helmet()); -const limiter = rateLimit({ - max:100, - windowMs:60*60*1000, - message:'Too many request from this IP. Please try an hour later' -}) +//const limiter = rateLimit({ +// max:100, +// windowMs:60*60*1000, + // message:'Too many request from this IP. Please try an hour later' +//}) -app.use('/api', limiter); +//app.use('/api', limiter); app.use(express.json()); -app.use(mongoSanitize()); -app.use(xss()); -app.use(hpp()); +// app.use(mongoSanitize()); +// app.use(xss()); +// app.use(hpp()); const userRoute = require('./Routes/userRoutes'); const recipeRoute = require('./Routes/recipeRoute'); From d5d92938c2e1085a87c179e7b3faee0e5c0841b7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 30 May 2024 08:03:27 +0000 Subject: [PATCH 5/5] fix: upgrade validator from 13.11.0 to 13.12.0 Snyk has created this PR to upgrade validator from 13.11.0 to 13.12.0. See this package in npm: validator See this project in Snyk: https://app.snyk.io/org/safar123/project/09795921-b525-4503-b1b2-9f7427be350b?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 15 ++++++++------- package.json | 2 +- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1303922..86c4d97 100644 --- a/package-lock.json +++ b/package-lock.json @@ -25,7 +25,7 @@ "nodemailer": "^6.9.13", "sharp": "^0.33.3", "uuid": "^9.0.1", - "validator": "^13.11.0", + "validator": "^13.12.0", "xss-clean": "^0.1.4" }, "devDependencies": { @@ -3635,9 +3635,10 @@ } }, "node_modules/validator": { - "version": "13.11.0", - "resolved": "https://registry.npmjs.org/validator/-/validator-13.11.0.tgz", - "integrity": "sha512-Ii+sehpSfZy+At5nPdnyMhx78fEoPDkR2XW/zimHEL3MyGJQOCQ7WeP20jPYRz7ZCpcKLB21NxuXHF3bxjStBQ==", + "version": "13.12.0", + "resolved": "https://registry.npmjs.org/validator/-/validator-13.12.0.tgz", + "integrity": "sha512-c1Q0mCiPlgdTVVVIJIrBuxNicYE+t/7oKeI9MWLj3fh/uq2Pxh/3eeWbVZ4OcGW1TUf53At0njHw5SMdA3tmMg==", + "license": "MIT", "engines": { "node": ">= 0.10" } @@ -6339,9 +6340,9 @@ "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==" }, "validator": { - "version": "13.11.0", - "resolved": "https://registry.npmjs.org/validator/-/validator-13.11.0.tgz", - "integrity": "sha512-Ii+sehpSfZy+At5nPdnyMhx78fEoPDkR2XW/zimHEL3MyGJQOCQ7WeP20jPYRz7ZCpcKLB21NxuXHF3bxjStBQ==" + "version": "13.12.0", + "resolved": "https://registry.npmjs.org/validator/-/validator-13.12.0.tgz", + "integrity": "sha512-c1Q0mCiPlgdTVVVIJIrBuxNicYE+t/7oKeI9MWLj3fh/uq2Pxh/3eeWbVZ4OcGW1TUf53At0njHw5SMdA3tmMg==" }, "vary": { "version": "1.1.2", diff --git a/package.json b/package.json index 66867a9..2336f12 100644 --- a/package.json +++ b/package.json @@ -36,7 +36,7 @@ "nodemailer": "^6.9.13", "sharp": "^0.33.3", "uuid": "^9.0.1", - "validator": "^13.11.0", + "validator": "^13.12.0", "xss-clean": "^0.1.4" }, "devDependencies": {