You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It'd be quite annoying to open each issue for each of these dot points, so instead of doing so, I've created this issue which is comprised of all of the problems which I have found currently with staff-api.
For each dot point, only one reference example is included, please fix all other existing similar problems
It'd be quite annoying to open each issue for each of these dot points, so instead of doing so, I've created this issue which is comprised of all of the problems which I have found currently with staff-api.
For each dot point, only one reference example is included, please fix all other existing similar problems
Style
unless
overif !(expression)
, exampleAmeba did not run here probably due to it not going into the deeper macro context
Refactor
Security
User var() for query sanitisation like here instead of thisOptimisation
Mass Assignment
Prevent mass assignment of fields like
id
, and implement direct deserialisation, i.e.create_from_json
examples
For this example, I'm not sure why we are serialising credentials here though
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/controllers/bookings.cr#L114-L115
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/controllers/tenants.cr#L11-L18
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/controllers/guests.cr#L180-L188
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/controllers/guests.cr#L145-L169
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/controllers/bookings.cr#L53-L54
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/controllers/bookings.cr#L78
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/controllers/bookings.cr#L114-L138
Double serialisation
examples
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/controllers/guests.cr#L168
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/controllers/utilities/responders.cr#L5-L25
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/models/booking.cr#L151-L159
#as_json
for selective serialisationImplement #as_json or expand [Clear JSONDeserialise model to accept annotation as macro arg in
examples
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/models/tenant.cr#L67-L74
https://github.com/place-labs/staff-api/blob/c099e3befe407b8a2c6c8a3958d704706c19fa4b/src/models/booking.cr#L151-L159
Implement #as_json for 1, 2
The text was updated successfully, but these errors were encountered: