[github/Chocobozzz/PeerTube.git] / server / controllers / api / videos / abuse.ts

import * as express from 'express'
import { UserRight, VideoAbuseCreate } from '../../../../shared'
import { logger } from '../../../helpers/logger'
import { getFormattedObjects } from '../../../helpers/utils'
import { sequelizeTypescript } from '../../../initializers'
import { sendVideoAbuse } from '../../../lib/activitypub/send'
import {
  asyncMiddleware,
  asyncRetryTransactionMiddleware,
  authenticate,
  ensureUserHasRight,
  paginationValidator,
  setDefaultPagination,
  setDefaultSort,
  videoAbuseReportValidator,
  videoAbusesSortValidator
} from '../../../middlewares'
import { AccountModel } from '../../../models/account/account'
import { VideoModel } from '../../../models/video/video'
import { VideoAbuseModel } from '../../../models/video/video-abuse'
import { auditLoggerFactory, VideoAbuseAuditView } from '../../../helpers/audit-logger'

const auditLogger = auditLoggerFactory('abuse')
const abuseVideoRouter = express.Router()

abuseVideoRouter.get('/abuse',
  authenticate,
  ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
  paginationValidator,
  videoAbusesSortValidator,
  setDefaultSort,
  setDefaultPagination,
  asyncMiddleware(listVideoAbuses)
)
abuseVideoRouter.post('/:id/abuse',
  authenticate,
  asyncMiddleware(videoAbuseReportValidator),
  asyncRetryTransactionMiddleware(reportVideoAbuse)
)

// ---------------------------------------------------------------------------

export {
  abuseVideoRouter
}

// ---------------------------------------------------------------------------

async function listVideoAbuses (req: express.Request, res: express.Response, next: express.NextFunction) {
  const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort)

  return res.json(getFormattedObjects(resultList.data, resultList.total))
}

async function reportVideoAbuse (req: express.Request, res: express.Response) {
  const videoInstance = res.locals.video as VideoModel
  const reporterAccount = res.locals.oauth.token.User.Account as AccountModel
  const body: VideoAbuseCreate = req.body

  const abuseToCreate = {
    reporterAccountId: reporterAccount.id,
    reason: body.reason,
    videoId: videoInstance.id
  }

  await sequelizeTypescript.transaction(async t => {
    const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t })
    videoAbuseInstance.Video = videoInstance
    videoAbuseInstance.Account = reporterAccount

    // We send the video abuse to the origin server
    if (videoInstance.isOwned() === false) {
      await sendVideoAbuse(reporterAccount.Actor, videoAbuseInstance, videoInstance, t)
    }

    auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON()))
    logger.info('Abuse report for video %s created.', videoInstance.name)
  })

  return res.type('json').status(204).end()
}
Commit	Line	Data
4d4e5cd4	1	import * as express from 'express'
50d6de9c	2	import { UserRight, VideoAbuseCreate } from '../../../../shared'
da854ddd C	3	import { logger } from '../../../helpers/logger'
da854ddd C	4	import { getFormattedObjects } from '../../../helpers/utils'
3fd3ab2d	5	import { sequelizeTypescript } from '../../../initializers'
50d6de9c	6	import { sendVideoAbuse } from '../../../lib/activitypub/send'
65fcc311	7	import {
90d4bb81 C	8	asyncMiddleware,
	9	asyncRetryTransactionMiddleware,
	10	authenticate,
	11	ensureUserHasRight,
	12	paginationValidator,
	13	setDefaultPagination,
	14	setDefaultSort,
	15	videoAbuseReportValidator,
1174a847	16	videoAbusesSortValidator
65fcc311	17	} from '../../../middlewares'
3fd3ab2d C	18	import { AccountModel } from '../../../models/account/account'
	19	import { VideoModel } from '../../../models/video/video'
	20	import { VideoAbuseModel } from '../../../models/video/video-abuse'
80e36cd9	21	import { auditLoggerFactory, VideoAbuseAuditView } from '../../../helpers/audit-logger'
65fcc311	22
80e36cd9	23	const auditLogger = auditLoggerFactory('abuse')
65fcc311 C	24	const abuseVideoRouter = express.Router()
	25
	26	abuseVideoRouter.get('/abuse',
	27	authenticate,
954605a8	28	ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
65fcc311 C	29	paginationValidator,
65fcc311 C	30	videoAbusesSortValidator,
1174a847	31	setDefaultSort,
f05a1c30	32	setDefaultPagination,
eb080476	33	asyncMiddleware(listVideoAbuses)
d33242b0	34	)
65fcc311 C	35	abuseVideoRouter.post('/:id/abuse',
65fcc311 C	36	authenticate,
a2431b7d	37	asyncMiddleware(videoAbuseReportValidator),
90d4bb81	38	asyncRetryTransactionMiddleware(reportVideoAbuse)
d33242b0 C	39	)
	40
	41	// ---------------------------------------------------------------------------
	42
65fcc311 C	43	export {
	44	abuseVideoRouter
	45	}
d33242b0 C	46
	47	// ---------------------------------------------------------------------------
	48
eb080476	49	async function listVideoAbuses (req: express.Request, res: express.Response, next: express.NextFunction) {
3fd3ab2d	50	const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort)
eb080476 C	51
eb080476 C	52	return res.json(getFormattedObjects(resultList.data, resultList.total))
d33242b0 C	53	}
d33242b0 C	54
eb080476	55	async function reportVideoAbuse (req: express.Request, res: express.Response) {
3fd3ab2d C	56	const videoInstance = res.locals.video as VideoModel
3fd3ab2d C	57	const reporterAccount = res.locals.oauth.token.User.Account as AccountModel
4771e000	58	const body: VideoAbuseCreate = req.body
d33242b0	59
eb080476	60	const abuseToCreate = {
8e13fa7d	61	reporterAccountId: reporterAccount.id,
4771e000	62	reason: body.reason,
8e13fa7d	63	videoId: videoInstance.id
d33242b0 C	64	}
d33242b0 C	65
3fd3ab2d C	66	await sequelizeTypescript.transaction(async t => {
3fd3ab2d C	67	const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t })
21e0727a	68	videoAbuseInstance.Video = videoInstance
80e36cd9	69	videoAbuseInstance.Account = reporterAccount
8e13fa7d C	70
8e13fa7d C	71	// We send the video abuse to the origin server
eb080476	72	if (videoInstance.isOwned() === false) {
50d6de9c	73	await sendVideoAbuse(reporterAccount.Actor, videoAbuseInstance, videoInstance, t)
eb080476	74	}
eb080476	75
80e36cd9 AB	76	auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON()))
	77	logger.info('Abuse report for video %s created.', videoInstance.name)
	78	})
90d4bb81 C	79
90d4bb81 C	80	return res.type('json').status(204).end()
d33242b0	81	}