]>
Commit | Line | Data |
---|---|---|
4d4e5cd4 | 1 | import * as express from 'express' |
1ebddadd | 2 | import { UserRight, VideoAbuseCreate, VideoAbuseState, VideoAbuse, videoAbusePredefinedReasonsMap } from '../../../../shared' |
da854ddd | 3 | import { logger } from '../../../helpers/logger' |
8dc8a34e | 4 | import { getFormattedObjects } from '../../../helpers/utils' |
80fdaf06 | 5 | import { sequelizeTypescript } from '../../../initializers/database' |
65fcc311 | 6 | import { |
90d4bb81 C |
7 | asyncMiddleware, |
8 | asyncRetryTransactionMiddleware, | |
9 | authenticate, | |
10 | ensureUserHasRight, | |
11 | paginationValidator, | |
12 | setDefaultPagination, | |
13 | setDefaultSort, | |
268eebed | 14 | videoAbuseGetValidator, |
90d4bb81 | 15 | videoAbuseReportValidator, |
268eebed | 16 | videoAbusesSortValidator, |
feb34f6b C |
17 | videoAbuseUpdateValidator, |
18 | videoAbuseListValidator | |
65fcc311 | 19 | } from '../../../middlewares' |
3fd3ab2d | 20 | import { AccountModel } from '../../../models/account/account' |
3fd3ab2d | 21 | import { VideoAbuseModel } from '../../../models/video/video-abuse' |
80e36cd9 | 22 | import { auditLoggerFactory, VideoAbuseAuditView } from '../../../helpers/audit-logger' |
cef534ed | 23 | import { Notifier } from '../../../lib/notifier' |
1e7eb25f | 24 | import { sendVideoAbuse } from '../../../lib/activitypub/send/send-flag' |
26d6bf65 | 25 | import { MVideoAbuseAccountVideo } from '../../../types/models/video' |
8dc8a34e | 26 | import { getServerActor } from '@server/models/application/application' |
26d6bf65 | 27 | import { MAccountDefault } from '@server/types/models' |
65fcc311 | 28 | |
80e36cd9 | 29 | const auditLogger = auditLoggerFactory('abuse') |
65fcc311 C |
30 | const abuseVideoRouter = express.Router() |
31 | ||
32 | abuseVideoRouter.get('/abuse', | |
33 | authenticate, | |
954605a8 | 34 | ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES), |
65fcc311 C |
35 | paginationValidator, |
36 | videoAbusesSortValidator, | |
1174a847 | 37 | setDefaultSort, |
f05a1c30 | 38 | setDefaultPagination, |
feb34f6b | 39 | videoAbuseListValidator, |
eb080476 | 40 | asyncMiddleware(listVideoAbuses) |
d33242b0 | 41 | ) |
268eebed C |
42 | abuseVideoRouter.put('/:videoId/abuse/:id', |
43 | authenticate, | |
44 | ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES), | |
45 | asyncMiddleware(videoAbuseUpdateValidator), | |
46 | asyncRetryTransactionMiddleware(updateVideoAbuse) | |
47 | ) | |
48 | abuseVideoRouter.post('/:videoId/abuse', | |
65fcc311 | 49 | authenticate, |
a2431b7d | 50 | asyncMiddleware(videoAbuseReportValidator), |
90d4bb81 | 51 | asyncRetryTransactionMiddleware(reportVideoAbuse) |
d33242b0 | 52 | ) |
268eebed C |
53 | abuseVideoRouter.delete('/:videoId/abuse/:id', |
54 | authenticate, | |
55 | ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES), | |
56 | asyncMiddleware(videoAbuseGetValidator), | |
57 | asyncRetryTransactionMiddleware(deleteVideoAbuse) | |
58 | ) | |
d33242b0 C |
59 | |
60 | // --------------------------------------------------------------------------- | |
61 | ||
65fcc311 C |
62 | export { |
63 | abuseVideoRouter | |
64 | } | |
d33242b0 C |
65 | |
66 | // --------------------------------------------------------------------------- | |
67 | ||
268eebed | 68 | async function listVideoAbuses (req: express.Request, res: express.Response) { |
f0a47bc9 C |
69 | const user = res.locals.oauth.token.user |
70 | const serverActor = await getServerActor() | |
71 | ||
72 | const resultList = await VideoAbuseModel.listForApi({ | |
73 | start: req.query.start, | |
74 | count: req.query.count, | |
75 | sort: req.query.sort, | |
feb34f6b | 76 | id: req.query.id, |
1ebddadd | 77 | predefinedReason: req.query.predefinedReason, |
844db39e | 78 | search: req.query.search, |
feb34f6b C |
79 | state: req.query.state, |
80 | videoIs: req.query.videoIs, | |
81 | searchReporter: req.query.searchReporter, | |
82 | searchReportee: req.query.searchReportee, | |
83 | searchVideo: req.query.searchVideo, | |
84 | searchVideoChannel: req.query.searchVideoChannel, | |
f0a47bc9 C |
85 | serverAccountId: serverActor.Account.id, |
86 | user | |
87 | }) | |
eb080476 C |
88 | |
89 | return res.json(getFormattedObjects(resultList.data, resultList.total)) | |
d33242b0 C |
90 | } |
91 | ||
268eebed | 92 | async function updateVideoAbuse (req: express.Request, res: express.Response) { |
dae86118 | 93 | const videoAbuse = res.locals.videoAbuse |
268eebed C |
94 | |
95 | if (req.body.moderationComment !== undefined) videoAbuse.moderationComment = req.body.moderationComment | |
96 | if (req.body.state !== undefined) videoAbuse.state = req.body.state | |
97 | ||
98 | await sequelizeTypescript.transaction(t => { | |
99 | return videoAbuse.save({ transaction: t }) | |
100 | }) | |
101 | ||
102 | // Do not send the delete to other instances, we updated OUR copy of this video abuse | |
103 | ||
104 | return res.type('json').status(204).end() | |
105 | } | |
106 | ||
107 | async function deleteVideoAbuse (req: express.Request, res: express.Response) { | |
dae86118 | 108 | const videoAbuse = res.locals.videoAbuse |
268eebed C |
109 | |
110 | await sequelizeTypescript.transaction(t => { | |
111 | return videoAbuse.destroy({ transaction: t }) | |
112 | }) | |
113 | ||
114 | // Do not send the delete to other instances, we delete OUR copy of this video abuse | |
115 | ||
116 | return res.type('json').status(204).end() | |
117 | } | |
118 | ||
eb080476 | 119 | async function reportVideoAbuse (req: express.Request, res: express.Response) { |
453e83ea | 120 | const videoInstance = res.locals.videoAll |
4771e000 | 121 | const body: VideoAbuseCreate = req.body |
df4c603d RK |
122 | let reporterAccount: MAccountDefault |
123 | let videoAbuseJSON: VideoAbuse | |
d33242b0 | 124 | |
df4c603d RK |
125 | const videoAbuseInstance = await sequelizeTypescript.transaction(async t => { |
126 | reporterAccount = await AccountModel.load(res.locals.oauth.token.User.Account.id, t) | |
1ebddadd | 127 | const predefinedReasons = body.predefinedReasons?.map(r => videoAbusePredefinedReasonsMap[r]) |
91411dba C |
128 | |
129 | const abuseToCreate = { | |
130 | reporterAccountId: reporterAccount.id, | |
131 | reason: body.reason, | |
132 | videoId: videoInstance.id, | |
1ebddadd RK |
133 | state: VideoAbuseState.PENDING, |
134 | predefinedReasons, | |
135 | startAt: body.startAt, | |
136 | endAt: body.endAt | |
91411dba C |
137 | } |
138 | ||
453e83ea | 139 | const videoAbuseInstance: MVideoAbuseAccountVideo = await VideoAbuseModel.create(abuseToCreate, { transaction: t }) |
21e0727a | 140 | videoAbuseInstance.Video = videoInstance |
80e36cd9 | 141 | videoAbuseInstance.Account = reporterAccount |
8e13fa7d C |
142 | |
143 | // We send the video abuse to the origin server | |
eb080476 | 144 | if (videoInstance.isOwned() === false) { |
2284f202 | 145 | await sendVideoAbuse(reporterAccount.Actor, videoAbuseInstance, videoInstance, t) |
eb080476 | 146 | } |
eb080476 | 147 | |
df4c603d RK |
148 | videoAbuseJSON = videoAbuseInstance.toFormattedJSON() |
149 | auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseJSON)) | |
268eebed C |
150 | |
151 | return videoAbuseInstance | |
80e36cd9 | 152 | }) |
90d4bb81 | 153 | |
df4c603d RK |
154 | Notifier.Instance.notifyOnNewVideoAbuse({ |
155 | videoAbuse: videoAbuseJSON, | |
156 | videoAbuseInstance, | |
157 | reporter: reporterAccount.Actor.getIdentifier() | |
158 | }) | |
2284f202 | 159 | |
1ebddadd | 160 | logger.info('Abuse report for video "%s" created.', videoInstance.name) |
91411dba | 161 | |
1d26d05f | 162 | return res.json({ videoAbuse: videoAbuseJSON }).end() |
d33242b0 | 163 | } |