]>
Commit | Line | Data |
---|---|---|
4d4e5cd4 | 1 | import * as express from 'express' |
268eebed | 2 | import { UserRight, VideoAbuseCreate, VideoAbuseState } from '../../../../shared' |
da854ddd C |
3 | import { logger } from '../../../helpers/logger' |
4 | import { getFormattedObjects } from '../../../helpers/utils' | |
3fd3ab2d | 5 | import { sequelizeTypescript } from '../../../initializers' |
50d6de9c | 6 | import { sendVideoAbuse } from '../../../lib/activitypub/send' |
65fcc311 | 7 | import { |
90d4bb81 C |
8 | asyncMiddleware, |
9 | asyncRetryTransactionMiddleware, | |
10 | authenticate, | |
11 | ensureUserHasRight, | |
12 | paginationValidator, | |
13 | setDefaultPagination, | |
14 | setDefaultSort, | |
268eebed | 15 | videoAbuseGetValidator, |
90d4bb81 | 16 | videoAbuseReportValidator, |
268eebed C |
17 | videoAbusesSortValidator, |
18 | videoAbuseUpdateValidator | |
65fcc311 | 19 | } from '../../../middlewares' |
3fd3ab2d C |
20 | import { AccountModel } from '../../../models/account/account' |
21 | import { VideoModel } from '../../../models/video/video' | |
22 | import { VideoAbuseModel } from '../../../models/video/video-abuse' | |
80e36cd9 | 23 | import { auditLoggerFactory, VideoAbuseAuditView } from '../../../helpers/audit-logger' |
65fcc311 | 24 | |
80e36cd9 | 25 | const auditLogger = auditLoggerFactory('abuse') |
65fcc311 C |
26 | const abuseVideoRouter = express.Router() |
27 | ||
28 | abuseVideoRouter.get('/abuse', | |
29 | authenticate, | |
954605a8 | 30 | ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES), |
65fcc311 C |
31 | paginationValidator, |
32 | videoAbusesSortValidator, | |
1174a847 | 33 | setDefaultSort, |
f05a1c30 | 34 | setDefaultPagination, |
eb080476 | 35 | asyncMiddleware(listVideoAbuses) |
d33242b0 | 36 | ) |
268eebed C |
37 | abuseVideoRouter.put('/:videoId/abuse/:id', |
38 | authenticate, | |
39 | ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES), | |
40 | asyncMiddleware(videoAbuseUpdateValidator), | |
41 | asyncRetryTransactionMiddleware(updateVideoAbuse) | |
42 | ) | |
43 | abuseVideoRouter.post('/:videoId/abuse', | |
65fcc311 | 44 | authenticate, |
a2431b7d | 45 | asyncMiddleware(videoAbuseReportValidator), |
90d4bb81 | 46 | asyncRetryTransactionMiddleware(reportVideoAbuse) |
d33242b0 | 47 | ) |
268eebed C |
48 | abuseVideoRouter.delete('/:videoId/abuse/:id', |
49 | authenticate, | |
50 | ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES), | |
51 | asyncMiddleware(videoAbuseGetValidator), | |
52 | asyncRetryTransactionMiddleware(deleteVideoAbuse) | |
53 | ) | |
d33242b0 C |
54 | |
55 | // --------------------------------------------------------------------------- | |
56 | ||
65fcc311 C |
57 | export { |
58 | abuseVideoRouter | |
59 | } | |
d33242b0 C |
60 | |
61 | // --------------------------------------------------------------------------- | |
62 | ||
268eebed | 63 | async function listVideoAbuses (req: express.Request, res: express.Response) { |
3fd3ab2d | 64 | const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort) |
eb080476 C |
65 | |
66 | return res.json(getFormattedObjects(resultList.data, resultList.total)) | |
d33242b0 C |
67 | } |
68 | ||
268eebed C |
69 | async function updateVideoAbuse (req: express.Request, res: express.Response) { |
70 | const videoAbuse: VideoAbuseModel = res.locals.videoAbuse | |
71 | ||
72 | if (req.body.moderationComment !== undefined) videoAbuse.moderationComment = req.body.moderationComment | |
73 | if (req.body.state !== undefined) videoAbuse.state = req.body.state | |
74 | ||
75 | await sequelizeTypescript.transaction(t => { | |
76 | return videoAbuse.save({ transaction: t }) | |
77 | }) | |
78 | ||
79 | // Do not send the delete to other instances, we updated OUR copy of this video abuse | |
80 | ||
81 | return res.type('json').status(204).end() | |
82 | } | |
83 | ||
84 | async function deleteVideoAbuse (req: express.Request, res: express.Response) { | |
85 | const videoAbuse: VideoAbuseModel = res.locals.videoAbuse | |
86 | ||
87 | await sequelizeTypescript.transaction(t => { | |
88 | return videoAbuse.destroy({ transaction: t }) | |
89 | }) | |
90 | ||
91 | // Do not send the delete to other instances, we delete OUR copy of this video abuse | |
92 | ||
93 | return res.type('json').status(204).end() | |
94 | } | |
95 | ||
eb080476 | 96 | async function reportVideoAbuse (req: express.Request, res: express.Response) { |
3fd3ab2d C |
97 | const videoInstance = res.locals.video as VideoModel |
98 | const reporterAccount = res.locals.oauth.token.User.Account as AccountModel | |
4771e000 | 99 | const body: VideoAbuseCreate = req.body |
d33242b0 | 100 | |
eb080476 | 101 | const abuseToCreate = { |
8e13fa7d | 102 | reporterAccountId: reporterAccount.id, |
4771e000 | 103 | reason: body.reason, |
268eebed C |
104 | videoId: videoInstance.id, |
105 | state: VideoAbuseState.PENDING | |
d33242b0 C |
106 | } |
107 | ||
268eebed | 108 | const videoAbuse: VideoAbuseModel = await sequelizeTypescript.transaction(async t => { |
3fd3ab2d | 109 | const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t }) |
21e0727a | 110 | videoAbuseInstance.Video = videoInstance |
80e36cd9 | 111 | videoAbuseInstance.Account = reporterAccount |
8e13fa7d C |
112 | |
113 | // We send the video abuse to the origin server | |
eb080476 | 114 | if (videoInstance.isOwned() === false) { |
c48e82b5 | 115 | await sendVideoAbuse(reporterAccount.Actor, videoAbuseInstance, videoInstance) |
eb080476 | 116 | } |
eb080476 | 117 | |
80e36cd9 | 118 | auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON())) |
268eebed C |
119 | |
120 | return videoAbuseInstance | |
80e36cd9 | 121 | }) |
90d4bb81 | 122 | |
268eebed C |
123 | logger.info('Abuse report for video %s created.', videoInstance.name) |
124 | return res.json({ | |
125 | videoAbuse: videoAbuse.toFormattedJSON() | |
126 | }).end() | |
d33242b0 | 127 | } |