Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
if (urlSegments.length < 2) { throw new Error('No index name given in the URL. Please do use following URL format: /api/catalog//_search') } else {
indexName = urlSegments[1];
if (urlSegments.length > 2) { entityType = urlSegments[2] }
if (config.elasticsearch.indices.indexOf(indexName) < 0) {
throw new Error('Invalid / inaccessible index name given in the URL. Please do use following URL format: /api/catalog//_search')
}
if (urlSegments[urlSegments.length - 1].indexOf('_search') !== 0) {
throw new Error('Please do use following URL format: /api/catalog//_search')
}
}
// pass the request to elasticsearch
const elasticBackendUrl = adjustBackendProxyUrl(req, indexName, entityType, config)
const userToken = requestBody.groupToken
// Decode token and get group id
if (userToken && userToken.length > 10) {
const decodeToken = jwt.decode(userToken, config.authHashSecret ? config.authHashSecret : config.objHashSecret)
groupId = decodeToken.group_id || groupId
} else if (requestBody.groupId) {
groupId = requestBody.groupId || groupId
}
delete requestBody.groupToken
delete requestBody.groupId
let auth = null;
// Only pass auth if configured