From ce3da6841c9169de93214fbf1996038ccf98fec4 Mon Sep 17 00:00:00 2001
From: Javier Segarra <jsegarra@verdnatura.es>
Date: Mon, 27 Nov 2023 15:07:14 +0100
Subject: [PATCH] refs #5878 feat: new middleware to validate body

---
 loopback/server/middleware.json              |  3 +-
 loopback/server/middleware/validate-model.js | 33 ++++++++++++++++++++
 2 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 loopback/server/middleware/validate-model.js

diff --git a/loopback/server/middleware.json b/loopback/server/middleware.json
index 31a2f113b..f06395e89 100644
--- a/loopback/server/middleware.json
+++ b/loopback/server/middleware.json
@@ -35,11 +35,12 @@
     }
   },
   "auth:after": {
+    "./middleware/validate-model": {},
     "./middleware/current-user": {},
     "./middleware/salix-version": {}
   },
   "parse": {
-    "body-parser#json":{} 
+    "body-parser#json":{}
   },
   "routes": {
     "loopback#rest": {
diff --git a/loopback/server/middleware/validate-model.js b/loopback/server/middleware/validate-model.js
new file mode 100644
index 000000000..7c1538190
--- /dev/null
+++ b/loopback/server/middleware/validate-model.js
@@ -0,0 +1,33 @@
+const {models} = require('vn-loopback/server/server');
+const validatorBodyModel = require('../../../modules/client/back/methods/client/body_model_validator');
+const makeSingular = s => {
+    if (s == null || s.length == 0)
+        return s;
+
+    return s.substring(0, s.length - 1);
+};
+function blobToB64(data) {
+    return new Uint8Array(data).reduce(function(data, byte) {
+        return data + String.fromCharCode(byte);
+    }, '');
+}
+module.exports = function(options) {
+    return function(req, res, next) {
+        const {method, originalUrl} = req;
+        if (['GET', 'DELETE'].includes(method)) return next();
+        let [module, id, path] = originalUrl.split('api/')[1].split('/');
+
+        let model = models[module];
+        if (!model) {
+            module = makeSingular(module);
+            model = models[module];
+        }
+        const properties = model.definition.rawProperties;
+        const data = JSON.parse(blobToB64(req.readableBuffer.tail.data));
+        let isValid = validatorBodyModel(properties, data);
+
+        if (!isValid.isValid)
+            next();
+        return next();
+    };
+};