Modifying Data Requests Using Cloud Code

You have the option to modify a request send by the user before or after it is processed by Telerik Platform. This allows you, in different situations, to harden your app security, ensure consistent results, or enhance your app's behavior.

In this article:

Set Custom Result

Using Everlive.Response.setObjectResult(), you can completely replace the result of a request with your own custom data. This can be any data type: an object, a string, an array, and so on. The second and third arguments, with which you can set a custom HTTP status code and pass additional data respectively, are optional.

Everlive.Events.beforeRead(function(request, context, done) {
    Everlive.Response.setObjectResult({"Message" : "Hello from Cloud Code"}, 200, {"ArbitraryParam" : "This is arbitrary additional information"});
    done();
});

The result will be similar to this:

{
    "Result": {
        "Message": "Hello from Cloud Code"
    }
}

Return Non-Result Data

Using the after event handlers, you can pass arbitrary information next to the request's response. To do that, use the additionalData field of the response object.

Note that data passed as additionalData is added as a separate entity instead of a new query result field. See Set Properties Dynamically if you want to do the latter.

Values are returned exactly the way you specify them. A numeric field will be returned as a numeric field, an array will be returned as an array, and an object will be returned as an object.

Everlive.Events.afterRead(function(request, response, context, done) {
    response.additionalData.MyValue = 5;
    response.additionalData.MyComplexObject = {
        a: 5,
        b: new Date()
    };
    done();
});

The result will be similar to this:

{
    "MyValue": 5,
    "MyComplexObject": {
        "a": 5,
        "b": "2012-12-04T09:55:50.000Z"
    },
    "Result": <default result from the request goes here>
}

Force a Value Within Certain Limits

You might want to implement another layer of security over the in-app input validation that can be circumvented by malicious individuals. Cloud Code for Data allows you to do this by modifying the request before its executed.

Assume you want to define a Gender field that only accepts values 1, 2, and 3, where 1 stands for "undefined", 2 for "male", and 3 for "female". Using Cloud Code for Data, compare the incoming Gender value with a predefined array of values and overwrite it with 1 for "undefined" if it strays from the values inside the array.

Everlive.Events.beforeCreate(function(request, context, done) {
    normalizeItemData(request.data);
    done();
});

Everlive.Events.beforeUpdate(function(request, context, done) {
    normalizeItemData(request.data);
    done();
});

var allowedGenderValues = [1, 2, 3];

var normalizeItemData = function(item) {
    if (allowedGenderValues.indexOf(item.Gender) == -1) {
        item.Gender = 1;
    }
};

Include Querying Expressions

Using Cloud Code for Data, you can refine the results of each request by defining a filter, fields, sort, paging, or expand expression straight in a pre-processing function. This way, you can always limit the result without having to define them in client code.

Set these expressions in the request object. Learn about the expressions format in the Querying section.

The following example uses a fieldsExpression to narrow down the return fields to Id (always returned, unless explicitly set to 0) and DisplayName.

Everlive.Events.beforeRead(function(request, context, done) {
    request.fieldsExpression = {"DisplayName" : 1};

    done();
});

The result of the query above will simply return an Id and DisplayName for each user:

{
    "Result": [
        {
            "Id": "136b5368-2ef4-40fa-a62d-5f409fbc173c",
            "DisplayName": "Seth Peterson"
        },
        {
            "Id": "cd94813a-893d-4463-8281-7b4439c62a2d",
            "DisplayName": "Michael Taylor"
        },
        {
            "Id": "bc224f8b-8a3b-4e13-ac33-07801eb1d0ed",
            "DisplayName": "Andy Gerald"
        }],
     "Count" : 3
}

Set Properties Dynamically

You can add properties to the return object dynamically—properties that are otherwise not a part of the pre-defined content type structure.

The following example sorts the result by CreatedAt before appending an ordinal to each return item.

Everlive.Events.beforeRead(function(request, context, done) {
    request.fieldsExpression = {"DisplayName" : 1};
    request.sortExpression = {"CreatedAt" : 1};
    done();
});

Everlive.Events.afterRead(function(request, response, context, done) {
    if(!response.error) {
        for(var i = 0; i < response.result.length; i++) {
            response.result[i].Ordinal = i+1;
        }
    }
    done();
});

The result of the query above contains the Id, DisplayName, and Ordinal fields:

{
    "Result": [
        {
            "Id": "136b5368-2ef4-40fa-a62d-5f409fbc173c",
            "DisplayName": "Seth Peterson",
            "Ordinal": 1
        },
        {
            "Id": "cd94813a-893d-4463-8281-7b4439c62a2d",
            "DisplayName": "Michael Taylor",
            "Ordinal": 2
        },
        {
            "Id": "bc224f8b-8a3b-4e13-ac33-07801eb1d0ed",
            "DisplayName": "Andy Gerald",
            "Ordinal": 3
        }],
     "Count" : 3
}

See Also

Start a free trial Request a demo
Contact us: +1-888-365-2779
sales@telerik.com
Copyright © 2016-2017, Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved.