all files / express-stormpath/lib/helpers/ stripped-account-response.js

100% Statements 19/19
86.67% Branches 13/15
100% Functions 3/3
100% Lines 19/19
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49                                  153×   153×     153× 31×   31×                  
'use strict';
 
var _ = require('lodash');
 
/**
 * Returns an account object, but strips all of the linked resources and sensitive properties.
 *
 * @function
 *
 * @param {Object} account - The stormpath account object.
 */
function strippedAccount(account, expansionMap) {
  expansionMap = typeof expansionMap === 'object' ? expansionMap : {};
 
  var strippedAccount = _.clone(account);
  var hiddenProperties = ['stormpathMigrationRecoveryAnswer', 'emailVerificationToken'];
 
  // Profile data is copied onto custom data, so we don't need to expose profile
 
  Eif (strippedAccount.profile) {
    delete strippedAccount.profile;
  }
 
  Object.keys(strippedAccount).forEach(function (property) {
 
    var expandable = !!expansionMap[property];
 
    if (strippedAccount[property] && strippedAccount[property].href && !expandable) {
      delete strippedAccount[property];
    }
 
    if (property === 'customData') {
      Object.keys(strippedAccount[property]).forEach(function (subProperty) {
        if (hiddenProperties.indexOf(subProperty) > -1) {
          delete strippedAccount[property][subProperty];
        }
        if (subProperty.match('stormpathApiKey')) {
          delete strippedAccount[property][subProperty];
        }
      });
    }
 
 
  });
 
  return strippedAccount;
}
 
module.exports = strippedAccount;