From 459596443fe1cea79a29d310e001989176edc80f Mon Sep 17 00:00:00 2001
From: Cagdas U <cagdasugurlu01@gmail.com>
Date: Mon, 9 Aug 2021 07:54:27 +0300
Subject: [PATCH] fix(role-service): update validations to accept positive
 integers

* Update JOI validations of the below fields to accept only positive integers.
  * `timeToInterview`,
  * `timeToCandidate`,
  * `numberOfMembers`,
  * `numberOfMembersAvailable`,
  * all rate fields

Addresses: https://github.com/topcoder-platform/taas-app/issues/403#issuecomment-892774361, https://github.com/topcoder-platform/taas-app/issues/425
---
 src/bootstrap.js            |  2 +-
 src/services/RoleService.js | 64 ++++++++++++++++++-------------------
 2 files changed, 33 insertions(+), 33 deletions(-)

diff --git a/src/bootstrap.js b/src/bootstrap.js
index a81e5dcc..896b14f7 100644
--- a/src/bootstrap.js
+++ b/src/bootstrap.js
@@ -26,7 +26,7 @@ Joi.workPeriodPaymentUpdateStatus = () => Joi.string().valid(..._.values(WorkPer
 // See https://joi.dev/api/?v=17.3.0#string fro details why it's like this.
 // In many cases we would like to allow empty string to make it easier to create UI for editing data.
 Joi.stringAllowEmpty = () => Joi.string().allow('')
-Joi.smallint = () => Joi.number().min(-32768).max(32767)
+Joi.smallint = () => Joi.number().integer().min(-32768).max(32767)
 
 function buildServices (dir) {
   const files = fs.readdirSync(dir)
diff --git a/src/services/RoleService.js b/src/services/RoleService.js
index 7ff7de65..ba128170 100644
--- a/src/services/RoleService.js
+++ b/src/services/RoleService.js
@@ -131,24 +131,24 @@ createRole.schema = Joi.object().keys({
     description: Joi.string().max(1000),
     listOfSkills: Joi.array().items(Joi.string().max(50).required()),
     rates: Joi.array().items(Joi.object().keys({
-      global: Joi.smallint(),
-      inCountry: Joi.smallint(),
-      offShore: Joi.smallint(),
-      niche: Joi.smallint(),
-      rate30Niche: Joi.smallint(),
-      rate30Global: Joi.smallint(),
-      rate30InCountry: Joi.smallint(),
-      rate30OffShore: Joi.smallint(),
-      rate20Niche: Joi.smallint(),
-      rate20Global: Joi.smallint(),
-      rate20InCountry: Joi.smallint(),
-      rate20OffShore: Joi.smallint()
+      global: Joi.smallint().min(1),
+      inCountry: Joi.smallint().min(1),
+      offShore: Joi.smallint().min(1),
+      niche: Joi.smallint().min(1),
+      rate30Niche: Joi.smallint().min(1),
+      rate30Global: Joi.smallint().min(1),
+      rate30InCountry: Joi.smallint().min(1),
+      rate30OffShore: Joi.smallint().min(1),
+      rate20Niche: Joi.smallint().min(1),
+      rate20Global: Joi.smallint().min(1),
+      rate20InCountry: Joi.smallint().min(1),
+      rate20OffShore: Joi.smallint().min(1)
     }).required()).required(),
-    numberOfMembers: Joi.number(),
-    numberOfMembersAvailable: Joi.smallint(),
+    numberOfMembers: Joi.number().integer().min(1),
+    numberOfMembersAvailable: Joi.smallint().min(1),
     imageUrl: Joi.string().uri().max(255),
-    timeToCandidate: Joi.smallint(),
-    timeToInterview: Joi.smallint()
+    timeToCandidate: Joi.smallint().min(1),
+    timeToInterview: Joi.smallint().min(1)
   }).required()
 }).required()
 
@@ -189,24 +189,24 @@ updateRole.schema = Joi.object().keys({
     description: Joi.string().max(1000).allow(null),
     listOfSkills: Joi.array().items(Joi.string().max(50).required()).allow(null),
     rates: Joi.array().items(Joi.object().keys({
-      global: Joi.smallint().required(),
-      inCountry: Joi.smallint().required(),
-      offShore: Joi.smallint().required(),
-      niche: Joi.smallint(),
-      rate30Niche: Joi.smallint(),
-      rate30Global: Joi.smallint(),
-      rate30InCountry: Joi.smallint(),
-      rate30OffShore: Joi.smallint(),
-      rate20Global: Joi.smallint(),
-      rate20Niche: Joi.smallint(),
-      rate20InCountry: Joi.smallint(),
-      rate20OffShore: Joi.smallint()
+      global: Joi.smallint().min(1).required(),
+      inCountry: Joi.smallint().min(1).required(),
+      offShore: Joi.smallint().min(1).required(),
+      niche: Joi.smallint().min(1),
+      rate30Niche: Joi.smallint().min(1),
+      rate30Global: Joi.smallint().min(1),
+      rate30InCountry: Joi.smallint().min(1),
+      rate30OffShore: Joi.smallint().min(1),
+      rate20Global: Joi.smallint().min(1),
+      rate20Niche: Joi.smallint().min(1),
+      rate20InCountry: Joi.smallint().min(1),
+      rate20OffShore: Joi.smallint().min(1)
     }).required()),
-    numberOfMembers: Joi.number().allow(null),
-    numberOfMembersAvailable: Joi.smallint().allow(null),
+    numberOfMembers: Joi.number().integer().min(1).allow(null),
+    numberOfMembersAvailable: Joi.smallint().min(1).allow(null),
     imageUrl: Joi.string().uri().max(255).allow(null),
-    timeToCandidate: Joi.smallint().allow(null),
-    timeToInterview: Joi.smallint().allow(null)
+    timeToCandidate: Joi.smallint().min(1).allow(null),
+    timeToInterview: Joi.smallint().min(1).allow(null)
   }).required()
 }).required()