From ac161950eba51049f0a3cc03788eecd7d50cf3d7 Mon Sep 17 00:00:00 2001
From: M M <cosmicray23@hotmail.com>
Date: Wed, 17 Jul 2024 14:21:25 -0700
Subject: [PATCH] Added validation to speedcheck route.

---
 Server/routes/pageSpeedCheckRoute.js | 74 ++++++++++++++++++++--------
 1 file changed, 53 insertions(+), 21 deletions(-)

diff --git a/Server/routes/pageSpeedCheckRoute.js b/Server/routes/pageSpeedCheckRoute.js
index 72f20d1ad..e62c45439 100644
--- a/Server/routes/pageSpeedCheckRoute.js
+++ b/Server/routes/pageSpeedCheckRoute.js
@@ -1,54 +1,86 @@
 const router = require("express").Router();
+const Joi = require("joi");
 const { verifyOwnership } = require("../middleware/verifyOwnership");
 const Monitor = require("../models/Monitor");
-const {
-  getPageSpeedChecks,
-  createPageSpeedCheck,
-  deletePageSpeedCheck,
-} = require("../controllers/pageSpeedCheckController");
+const { createPageSpeedCheck, getPageSpeedChecks, deletePageSpeedCheck } = require("../controllers/pageSpeedCheckController");
+const { getMonitorByIdValidation } = require("../validation/joi"); 
 
 /**
- * @route POST /:monitorId
+ * @route POST /pagespeed/:monitorId
  * @description Create a new PageSpeedCheck for a monitor
  * @access Private
  * @param {string} monitorId - The ID of the monitor
  * @middleware verifyOwnership - Ensures the user owns the monitor
  */
-
 router.post(
-  "/:monitorId",
-  verifyOwnership(Monitor, "monitorId"),
-  createPageSpeedCheck
+  "/pagespeed/:monitorId",
+  verifyOwnership(Monitor, "monitorId"), 
+  async (req, res, next) => {
+    try {
+      // Validate monitorId parameter
+      const { error } = getMonitorByIdValidation.validate(req.params);
+      if (error) {
+        return res.status(400).json({ error: error.details[0].message });
+      }
+
+      next();
+    } catch (error) {
+      next(error);
+    }
+  },
+  createPageSpeedCheck 
 );
 
-
 /**
- * @route GET /:monitorId
+ * @route GET /pagespeed/:monitorId
  * @description Get all PageSpeedChecks for a monitor
  * @access Private
  * @param {string} monitorId - The ID of the monitor
  * @middleware verifyOwnership - Ensures the user owns the monitor
  */
-
 router.get(
-  "/:monitorId",
-  verifyOwnership(Monitor, "monitorId"),
-  getPageSpeedChecks
+  "/pagespeed/:monitorId",
+  verifyOwnership(Monitor, "monitorId"), 
+  async (req, res, next) => {
+    try {
+      // Validate monitorId parameter
+      const { error } = getMonitorByIdValidation.validate(req.params);
+      if (error) {
+        return res.status(400).json({ error: error.details[0].message });
+      }
+
+      next();
+    } catch (error) {
+      next(error);
+    }
+  },
+  getPageSpeedChecks 
 );
 
 /**
- * @route POST /delete/:monitorId
+ * @route DELETE /pagespeed/:monitorId
  * @description Delete all PageSpeedChecks for a monitor
  * @access Private
  * @param {string} monitorId - The ID of the monitor
  * @middleware verifyOwnership - Ensures the user owns the monitor
  */
-
 router.delete(
-  "/:monitorId",
+  "/pagespeed/:monitorId",
   verifyOwnership(Monitor, "monitorId"),
-  deletePageSpeedCheck
+  async (req, res, next) => {
+    try {
+      // Validate monitorId parameter
+      const { error } = getMonitorByIdValidation.validate(req.params);
+      if (error) {
+        return res.status(400).json({ error: error.details[0].message });
+      }
+
+      next();
+    } catch (error) {
+      next(error);
+    }
+  },
+  deletePageSpeedCheck 
 );
 
-
 module.exports = router;