[github/Chocobozzz/PeerTube.git] / server / helpers / custom-validators / plugins.ts

import { exists, isArray, isSafePath } from './misc'
import * as validator from 'validator'
import { PluginType } from '../../../shared/models/plugins/plugin.type'
import { CONSTRAINTS_FIELDS } from '../../initializers/constants'
import { PluginPackageJson } from '../../../shared/models/plugins/plugin-package-json.model'
import { isUrlValid } from './activitypub/misc'

const PLUGINS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.PLUGINS

function isPluginTypeValid (value: any) {
  return exists(value) && validator.isInt('' + value) && PluginType[value] !== undefined
}

function isPluginNameValid (value: string) {
  return exists(value) &&
    validator.isLength(value, PLUGINS_CONSTRAINTS_FIELDS.NAME) &&
    validator.matches(value, /^[a-z\-]+$/)
}

function isNpmPluginNameValid (value: string) {
  return exists(value) &&
    validator.isLength(value, PLUGINS_CONSTRAINTS_FIELDS.NAME) &&
    validator.matches(value, /^[a-z\-]+$/) &&
    (value.startsWith('peertube-plugin-') || value.startsWith('peertube-theme-'))
}

function isPluginDescriptionValid (value: string) {
  return exists(value) && validator.isLength(value, PLUGINS_CONSTRAINTS_FIELDS.DESCRIPTION)
}

function isPluginVersionValid (value: string) {
  if (!exists(value)) return false

  const parts = (value + '').split('.')

  return parts.length === 3 && parts.every(p => validator.isInt(p))
}

function isPluginEngineValid (engine: any) {
  return exists(engine) && exists(engine.peertube)
}

function isPluginHomepage (value: string) {
  return exists(value) && (!value || isUrlValid(value))
}

function isPluginBugs (value: string) {
  return exists(value) && (!value || isUrlValid(value))
}

function areStaticDirectoriesValid (staticDirs: any) {
  if (!exists(staticDirs) || typeof staticDirs !== 'object') return false

  for (const key of Object.keys(staticDirs)) {
    if (!isSafePath(staticDirs[key])) return false
  }

  return true
}

function areClientScriptsValid (clientScripts: any[]) {
  return isArray(clientScripts) &&
    clientScripts.every(c => {
      return isSafePath(c.script) && isArray(c.scopes)
    })
}

function areTranslationPathsValid (translations: any) {
  if (!exists(translations) || typeof translations !== 'object') return false

  for (const key of Object.keys(translations)) {
    if (!isSafePath(translations[key])) return false
  }

  return true
}

function areCSSPathsValid (css: any[]) {
  return isArray(css) && css.every(c => isSafePath(c))
}

function isThemeNameValid (name: string) {
  return isPluginNameValid(name)
}

function isPackageJSONValid (packageJSON: PluginPackageJson, pluginType: PluginType) {
  return isNpmPluginNameValid(packageJSON.name) &&
    isPluginDescriptionValid(packageJSON.description) &&
    isPluginEngineValid(packageJSON.engine) &&
    isPluginHomepage(packageJSON.homepage) &&
    exists(packageJSON.author) &&
    isPluginBugs(packageJSON.bugs) &&
    (pluginType === PluginType.THEME || isSafePath(packageJSON.library)) &&
    areStaticDirectoriesValid(packageJSON.staticDirs) &&
    areCSSPathsValid(packageJSON.css) &&
    areClientScriptsValid(packageJSON.clientScripts) &&
    areTranslationPathsValid(packageJSON.translations)
}

function isLibraryCodeValid (library: any) {
  return typeof library.register === 'function'
    && typeof library.unregister === 'function'
}

export {
  isPluginTypeValid,
  isPackageJSONValid,
  isThemeNameValid,
  isPluginHomepage,
  isPluginVersionValid,
  isPluginNameValid,
  isPluginDescriptionValid,
  isLibraryCodeValid,
  isNpmPluginNameValid
}
Commit	Line	Data
345da516 C	1	import { exists, isArray, isSafePath } from './misc'
	2	import * as validator from 'validator'
	3	import { PluginType } from '../../../shared/models/plugins/plugin.type'
	4	import { CONSTRAINTS_FIELDS } from '../../initializers/constants'
	5	import { PluginPackageJson } from '../../../shared/models/plugins/plugin-package-json.model'
	6	import { isUrlValid } from './activitypub/misc'
	7
	8	const PLUGINS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.PLUGINS
	9
	10	function isPluginTypeValid (value: any) {
	11	return exists(value) && validator.isInt('' + value) && PluginType[value] !== undefined
	12	}
	13
	14	function isPluginNameValid (value: string) {
	15	return exists(value) &&
	16	validator.isLength(value, PLUGINS_CONSTRAINTS_FIELDS.NAME) &&
	17	validator.matches(value, /^[a-z\-]+$/)
	18	}
	19
f023a19c C	20	function isNpmPluginNameValid (value: string) {
	21	return exists(value) &&
	22	validator.isLength(value, PLUGINS_CONSTRAINTS_FIELDS.NAME) &&
	23	validator.matches(value, /^[a-z\-]+$/) &&
	24	(value.startsWith('peertube-plugin-') \|\| value.startsWith('peertube-theme-'))
	25	}
	26
345da516 C	27	function isPluginDescriptionValid (value: string) {
	28	return exists(value) && validator.isLength(value, PLUGINS_CONSTRAINTS_FIELDS.DESCRIPTION)
	29	}
	30
	31	function isPluginVersionValid (value: string) {
	32	if (!exists(value)) return false
	33
	34	const parts = (value + '').split('.')
	35
	36	return parts.length === 3 && parts.every(p => validator.isInt(p))
	37	}
	38
	39	function isPluginEngineValid (engine: any) {
	40	return exists(engine) && exists(engine.peertube)
	41	}
	42
dba85a1e	43	function isPluginHomepage (value: string) {
485b2fb2 C	44	return exists(value) && (!value \|\| isUrlValid(value))
	45	}
	46
	47	function isPluginBugs (value: string) {
	48	return exists(value) && (!value \|\| isUrlValid(value))
dba85a1e C	49	}
dba85a1e C	50
d75db01f	51	function areStaticDirectoriesValid (staticDirs: any) {
345da516 C	52	if (!exists(staticDirs) \|\| typeof staticDirs !== 'object') return false
	53
	54	for (const key of Object.keys(staticDirs)) {
	55	if (!isSafePath(staticDirs[key])) return false
	56	}
	57
	58	return true
	59	}
	60
d75db01f	61	function areClientScriptsValid (clientScripts: any[]) {
345da516 C	62	return isArray(clientScripts) &&
	63	clientScripts.every(c => {
	64	return isSafePath(c.script) && isArray(c.scopes)
	65	})
	66	}
	67
d75db01f C	68	function areTranslationPathsValid (translations: any) {
	69	if (!exists(translations) \|\| typeof translations !== 'object') return false
	70
	71	for (const key of Object.keys(translations)) {
	72	if (!isSafePath(translations[key])) return false
	73	}
	74
	75	return true
	76	}
	77
	78	function areCSSPathsValid (css: any[]) {
345da516 C	79	return isArray(css) && css.every(c => isSafePath(c))
	80	}
	81
503c6f44 C	82	function isThemeNameValid (name: string) {
503c6f44 C	83	return isPluginNameValid(name)
7cd4d2ba C	84	}
7cd4d2ba C	85
345da516	86	function isPackageJSONValid (packageJSON: PluginPackageJson, pluginType: PluginType) {
f023a19c	87	return isNpmPluginNameValid(packageJSON.name) &&
345da516 C	88	isPluginDescriptionValid(packageJSON.description) &&
345da516 C	89	isPluginEngineValid(packageJSON.engine) &&
dba85a1e	90	isPluginHomepage(packageJSON.homepage) &&
345da516	91	exists(packageJSON.author) &&
485b2fb2	92	isPluginBugs(packageJSON.bugs) &&
345da516	93	(pluginType === PluginType.THEME \|\| isSafePath(packageJSON.library)) &&
d75db01f C	94	areStaticDirectoriesValid(packageJSON.staticDirs) &&
	95	areCSSPathsValid(packageJSON.css) &&
	96	areClientScriptsValid(packageJSON.clientScripts) &&
	97	areTranslationPathsValid(packageJSON.translations)
345da516 C	98	}
	99
	100	function isLibraryCodeValid (library: any) {
	101	return typeof library.register === 'function'
	102	&& typeof library.unregister === 'function'
	103	}
	104
	105	export {
	106	isPluginTypeValid,
	107	isPackageJSONValid,
503c6f44	108	isThemeNameValid,
dba85a1e	109	isPluginHomepage,
345da516 C	110	isPluginVersionValid,
	111	isPluginNameValid,
	112	isPluginDescriptionValid,
f023a19c C	113	isLibraryCodeValid,
f023a19c C	114	isNpmPluginNameValid
345da516	115	}