From 1ce0476c49958a7b90d43fa825fb22fc6fd420f9 Mon Sep 17 00:00:00 2001
From: regalijan <r@regalijan.com>
Date: Thu, 19 Oct 2023 16:50:16 -0400
Subject: [PATCH] Move inactivity notice validation to separate exported
 function

---
 functions/api/inactivity/new.ts      | 65 +++++-----------------------
 functions/api/inactivity/validate.ts | 49 +++++++++++++++++++++
 2 files changed, 61 insertions(+), 53 deletions(-)
 create mode 100644 functions/api/inactivity/validate.ts

diff --git a/functions/api/inactivity/new.ts b/functions/api/inactivity/new.ts
index c644220..9d6df41 100644
--- a/functions/api/inactivity/new.ts
+++ b/functions/api/inactivity/new.ts
@@ -1,58 +1,17 @@
-export async function onRequestPost(context: RequestContext) {
-  if (!context.data.departments)
-    return new Response('{"error":"Not in any departments"}', {
-      headers: {
-        "content-type": "application/json",
-      },
-      status: 403,
-    });
+import validateInactivity from "./validate.js";
 
+export async function onRequestPost(context: RequestContext) {
   const { departments, end, reason, start } = context.data.body;
 
-  if (
-    !Array.isArray(departments) ||
-    !departments.length ||
-    typeof end !== "string" ||
-    typeof reason !== "string" ||
-    typeof start !== "string"
-  )
-    return new Response('{"error":"Invalid notice"}', {
-      headers: {
-        "content-type": "application/json",
-      },
-      status: 400,
-    });
-
-  const endDate = new Date(end);
-  const startDate = new Date(start);
-  const now = new Date();
-
-  if (
-    isNaN(endDate.getFullYear()) ||
-    isNaN(startDate.getFullYear()) ||
-    endDate.getFullYear() < now.getFullYear() ||
-    endDate.getFullYear() > now.getFullYear() + 1 ||
-    startDate.getFullYear() < now.getFullYear() ||
-    startDate.getFullYear() > now.getFullYear() + 1 ||
-    endDate.valueOf() < startDate.valueOf()
-  )
-    return new Response('{"error":"Dates are invalid"}', {
-      headers: {
-        "content-type": "application/json",
-      },
-      status: 400,
-    });
+  const validationFailureResponse = validateInactivity(
+    departments,
+    end,
+    reason,
+    start,
+    context.data.departments,
+  );
 
-  if (!departments.every((d) => context.data.departments.includes(d)))
-    return new Response(
-      '{"error":"Cannot file a notice in a department you are not part of"}',
-      {
-        headers: {
-          "content-type": "application/json",
-        },
-        status: 400,
-      }
-    );
+  if (validationFailureResponse) return validationFailureResponse;
 
   const inactivityId =
     context.data.current_user.id +
@@ -74,11 +33,11 @@ export async function onRequestPost(context: RequestContext) {
     }),
     {
       expirationTtl: 63072000,
-    }
+    },
   );
 
   await context.env.D1.prepare(
-    "INSERT INTO inactivity_notices (created_at, id, user) VALUES (?, ?, ?);"
+    "INSERT INTO inactivity_notices (created_at, id, user) VALUES (?, ?, ?);",
   )
     .bind(Date.now(), inactivityId, context.data.current_user.id)
     .run();
diff --git a/functions/api/inactivity/validate.ts b/functions/api/inactivity/validate.ts
new file mode 100644
index 0000000..2ab9909
--- /dev/null
+++ b/functions/api/inactivity/validate.ts
@@ -0,0 +1,49 @@
+function errorResponse(error: string, status = 400): Response {
+  return new Response(JSON.stringify({ error }), {
+    headers: {
+      "content-type": "application/json",
+    },
+    status,
+  });
+}
+
+export default function (
+  selectedDepartments: string[],
+  end: any,
+  reason: any,
+  start: any,
+  userDepartments?: string[],
+): void | Response {
+  if (!userDepartments)
+    return errorResponse("Not part of any departments", 403);
+
+  if (
+    !Array.isArray(selectedDepartments) ||
+    !selectedDepartments.length ||
+    typeof end !== "string" ||
+    typeof reason !== "string" ||
+    typeof start !== "string"
+  )
+    return errorResponse("Invalid notice");
+
+  if (!selectedDepartments.every((dept) => userDepartments.includes(dept)))
+    return errorResponse(
+      "Cannot file an inactivity notice in a department you are not part of",
+      403,
+    );
+
+  const endDate = new Date(end);
+  const now = new Date();
+  const startDate = new Date(start);
+
+  if (
+    isNaN(endDate.getFullYear()) ||
+    isNaN(startDate.getFullYear()) ||
+    endDate.getFullYear() < now.getFullYear() ||
+    endDate.getFullYear() > now.getFullYear() + 1 ||
+    startDate.getFullYear() < now.getFullYear() ||
+    startDate.getFullYear() > now.getFullYear() + 1 ||
+    endDate.valueOf() < startDate.valueOf()
+  )
+    return errorResponse("Dates are invalid");
+}