Documentation/Templates/Advanced Validation

Advanced Validation

Custom JavaScript rules and server-side validation

Custom JavaScript Validation

Growth Plan

Overview

Write custom JavaScript code to validate column values with complex business logic.

Custom validation rules allow you to implement any validation logic that can't be expressed with built-in rules. Your code runs in a secure sandbox with access to the cell value and the entire row data.

Available variables:

javascript

// value - The current cell value being validated
// row - Object containing all column values for this row

// Return true if valid, false if invalid
return value !== null && row.status === "active";

Example: Cross-Column Validation

Validate that an end date is after a start date:

javascript

// Validate end_date is after start_date
const startDate = new Date(row.start_date);
const endDate = new Date(value);

if (isNaN(startDate.getTime()) || isNaN(endDate.getTime())) {
  return false;
}

return endDate > startDate;

Example: SKU Format Validation

Validate a product SKU format with category prefix:

javascript

// SKU must be: CATEGORY-XXXXX format
// Category from row, 5 digits
const category = row.category?.toUpperCase();
const regex = new RegExp(`^${category}-\d{5}$`);

return regex.test(value);

Security

Custom rules run in a secure sandbox with no access to the network, file system, or external APIs. Dangerous patterns like eval, Function, and global access are blocked.

Server-Side Validation

Scale Plan

Overview

Validate import data against your own API endpoint for database lookups and external validation.

Server-side validation sends batches of import data to your endpoint. Your API validates the data and returns any errors. This is perfect for checking if emails already exist in your database, validating foreign keys, or calling external services.

Configuration Options

Option	Description	Default
`endpoint`	Your validation API URL	Required
`method`	HTTP method (POST or PUT)	POST
`timeout`	Request timeout in milliseconds	10000
`retryCount`	Number of retries on failure	1
`batchSize`	Rows per request batch	100
`onError`	Error handling: reject_all, reject_failed, warn_only	reject_failed
`signingSecret`	HMAC secret for request verification	Optional

Request Format

Rowporter sends POST requests to your endpoint with this payload:

json

{
  "templateId": "clm123...",
  "importId": "clm456...",
  "batchIndex": 0,
  "totalBatches": 5,
  "rows": [
    { "index": 0, "data": { "email": "user@example.com", "name": "John" } },
    { "index": 1, "data": { "email": "jane@example.com", "name": "Jane" } }
  ]
}

Response Format

Your endpoint must return a JSON response with validation results:

json

{
  "valid": false,
  "errors": [
    {
      "rowIndex": 0,
      "column": "email",
      "message": "Email already exists in database"
    }
  ],
  "warnings": [
    {
      "rowIndex": 1,
      "message": "User will be created as inactive"
    }
  ]
}

Signature Verification

If you configure a signing secret, Rowporter includes an HMAC-SHA256 signature in the X-Rowporter-Signature header. Verify this to ensure requests are authentic.

Back to Templates