]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blame - server/controllers/api/videos/abuse.ts
projects / github / Chocobozzz / PeerTube.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
show last commit hash alongside server version in footer
[github/Chocobozzz/PeerTube.git] / server / controllers / api / videos / abuse.ts
CommitLineData
4d4e5cd4 1import * as express from 'express'
268eebed 2import { UserRight, VideoAbuseCreate, VideoAbuseState } from '../../../../shared'
da854ddd
C		 3import { logger } from '../../../helpers/logger'
4import { getFormattedObjects } from '../../../helpers/utils'
3fd3ab2d 5import { sequelizeTypescript } from '../../../initializers'
50d6de9c 6import { sendVideoAbuse } from '../../../lib/activitypub/send'
65fcc311 7import {
90d4bb81
C		 8 asyncMiddleware,
9 asyncRetryTransactionMiddleware,
10 authenticate,
11 ensureUserHasRight,
12 paginationValidator,
13 setDefaultPagination,
14 setDefaultSort,
268eebed 15 videoAbuseGetValidator,
90d4bb81 16 videoAbuseReportValidator,
268eebed
C		 17 videoAbusesSortValidator,
18 videoAbuseUpdateValidator
65fcc311 19} from '../../../middlewares'
3fd3ab2d
C		 20import { AccountModel } from '../../../models/account/account'
21import { VideoModel } from '../../../models/video/video'
22import { VideoAbuseModel } from '../../../models/video/video-abuse'
80e36cd9 23import { auditLoggerFactory, VideoAbuseAuditView } from '../../../helpers/audit-logger'
91411dba 24import { UserModel } from '../../../models/account/user'
65fcc311 25
80e36cd9 26const auditLogger = auditLoggerFactory('abuse')
65fcc311
C		 27const abuseVideoRouter = express.Router()
28
29abuseVideoRouter.get('/abuse',
30 authenticate,
954605a8 31 ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
65fcc311
C		 32 paginationValidator,
33 videoAbusesSortValidator,
1174a847 34 setDefaultSort,
f05a1c30 35 setDefaultPagination,
eb080476 36 asyncMiddleware(listVideoAbuses)
d33242b0 37)
268eebed
C		 38abuseVideoRouter.put('/:videoId/abuse/:id',
39 authenticate,
40 ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
41 asyncMiddleware(videoAbuseUpdateValidator),
42 asyncRetryTransactionMiddleware(updateVideoAbuse)
43)
44abuseVideoRouter.post('/:videoId/abuse',
65fcc311 45 authenticate,
a2431b7d 46 asyncMiddleware(videoAbuseReportValidator),
90d4bb81 47 asyncRetryTransactionMiddleware(reportVideoAbuse)
d33242b0 48)
268eebed
C		 49abuseVideoRouter.delete('/:videoId/abuse/:id',
50 authenticate,
51 ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
52 asyncMiddleware(videoAbuseGetValidator),
53 asyncRetryTransactionMiddleware(deleteVideoAbuse)
54)
d33242b0
C		 55
56// ---------------------------------------------------------------------------
57
65fcc311
C		 58export {
59 abuseVideoRouter
60}
d33242b0
C		 61
62// ---------------------------------------------------------------------------
63
268eebed 64async function listVideoAbuses (req: express.Request, res: express.Response) {
3fd3ab2d 65 const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort)
eb080476
C		 66
67 return res.json(getFormattedObjects(resultList.data, resultList.total))
d33242b0
C		 68}
69
268eebed
C		 70async function updateVideoAbuse (req: express.Request, res: express.Response) {
71 const videoAbuse: VideoAbuseModel = res.locals.videoAbuse
72
73 if (req.body.moderationComment !== undefined) videoAbuse.moderationComment = req.body.moderationComment
74 if (req.body.state !== undefined) videoAbuse.state = req.body.state
75
76 await sequelizeTypescript.transaction(t => {
77 return videoAbuse.save({ transaction: t })
78 })
79
80 // Do not send the delete to other instances, we updated OUR copy of this video abuse
81
82 return res.type('json').status(204).end()
83}
84
85async function deleteVideoAbuse (req: express.Request, res: express.Response) {
86 const videoAbuse: VideoAbuseModel = res.locals.videoAbuse
87
88 await sequelizeTypescript.transaction(t => {
89 return videoAbuse.destroy({ transaction: t })
90 })
91
92 // Do not send the delete to other instances, we delete OUR copy of this video abuse
93
94 return res.type('json').status(204).end()
95}
96
eb080476 97async function reportVideoAbuse (req: express.Request, res: express.Response) {
3fd3ab2d 98 const videoInstance = res.locals.video as VideoModel
4771e000 99 const body: VideoAbuseCreate = req.body
d33242b0 100
268eebed 101 const videoAbuse: VideoAbuseModel = await sequelizeTypescript.transaction(async t => {
91411dba
C		 102 const reporterAccount = await AccountModel.load((res.locals.oauth.token.User as UserModel).Account.id, t)
103
104 const abuseToCreate = {
105 reporterAccountId: reporterAccount.id,
106 reason: body.reason,
107 videoId: videoInstance.id,
108 state: VideoAbuseState.PENDING
109 }
110
3fd3ab2d 111 const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t })
21e0727a 112 videoAbuseInstance.Video = videoInstance
80e36cd9 113 videoAbuseInstance.Account = reporterAccount
8e13fa7d
C		 114
115 // We send the video abuse to the origin server
eb080476 116 if (videoInstance.isOwned() === false) {
c48e82b5 117 await sendVideoAbuse(reporterAccount.Actor, videoAbuseInstance, videoInstance)
eb080476 118 }
eb080476 119
80e36cd9 120 auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON()))
268eebed
C		 121
122 return videoAbuseInstance
80e36cd9 123 })
90d4bb81 124
268eebed 125 logger.info('Abuse report for video %s created.', videoInstance.name)
91411dba
C		 126
127 return res.json({ videoAbuse: videoAbuse.toFormattedJSON() }).end()
d33242b0 128}
ActivityPub-federated video streaming platform using P2P directly in your web browser