[github/Chocobozzz/PeerTube.git] / server / middlewares / validators / abuse.ts

import * as express from 'express'
import { body, param, query } from 'express-validator'
import {
  isAbuseModerationCommentValid,
  isAbusePredefinedReasonsValid,
  isAbusePredefinedReasonValid,
  isAbuseReasonValid,
  isAbuseStateValid,
  isAbuseTimestampCoherent,
  isAbuseTimestampValid,
  isAbuseVideoIsValid
} from '@server/helpers/custom-validators/abuses'
import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '@server/helpers/custom-validators/misc'
import { logger } from '@server/helpers/logger'
import { doesAbuseExist, doesVideoAbuseExist, doesVideoExist } from '@server/helpers/middlewares'
import { areValidationErrors } from './utils'

const abuseReportValidator = [
  param('videoId')
    .custom(isIdOrUUIDValid)
    .not()
    .isEmpty()
    .withMessage('Should have a valid videoId'),
  body('reason')
    .custom(isAbuseReasonValid)
    .withMessage('Should have a valid reason'),
  body('predefinedReasons')
    .optional()
    .custom(isAbusePredefinedReasonsValid)
    .withMessage('Should have a valid list of predefined reasons'),
  body('startAt')
    .optional()
    .customSanitizer(toIntOrNull)
    .custom(isAbuseTimestampValid)
    .withMessage('Should have valid starting time value'),
  body('endAt')
    .optional()
    .customSanitizer(toIntOrNull)
    .custom(isAbuseTimestampValid)
    .withMessage('Should have valid ending time value')
    .bail()
    .custom(isAbuseTimestampCoherent)
    .withMessage('Should have a startAt timestamp beginning before endAt'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking abuseReport parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return
    if (!await doesVideoExist(req.params.videoId, res)) return

    // TODO: check comment or video (exlusive)

    return next()
  }
]

const abuseGetValidator = [
  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
  param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking abuseGetValidator parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return
    // if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return

    return next()
  }
]

const abuseUpdateValidator = [
  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
  param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
  body('state')
    .optional()
    .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
  body('moderationComment')
    .optional()
    .custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking abuseUpdateValidator parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return
    // if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return

    return next()
  }
]

const abuseListValidator = [
  query('id')
    .optional()
    .custom(isIdValid).withMessage('Should have a valid id'),
  query('predefinedReason')
    .optional()
    .custom(isAbusePredefinedReasonValid)
    .withMessage('Should have a valid predefinedReason'),
  query('search')
    .optional()
    .custom(exists).withMessage('Should have a valid search'),
  query('state')
    .optional()
    .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
  query('videoIs')
    .optional()
    .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
  query('searchReporter')
    .optional()
    .custom(exists).withMessage('Should have a valid reporter search'),
  query('searchReportee')
    .optional()
    .custom(exists).withMessage('Should have a valid reportee search'),
  query('searchVideo')
    .optional()
    .custom(exists).withMessage('Should have a valid video search'),
  query('searchVideoChannel')
    .optional()
    .custom(exists).withMessage('Should have a valid video channel search'),

  (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking abuseListValidator parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return

    return next()
  }
]

// FIXME: deprecated in 2.3. Remove these validators

const videoAbuseReportValidator = [
  param('videoId')
    .custom(isIdOrUUIDValid)
    .not()
    .isEmpty()
    .withMessage('Should have a valid videoId'),
  body('reason')
    .custom(isAbuseReasonValid)
    .withMessage('Should have a valid reason'),
  body('predefinedReasons')
    .optional()
    .custom(isAbusePredefinedReasonsValid)
    .withMessage('Should have a valid list of predefined reasons'),
  body('startAt')
    .optional()
    .customSanitizer(toIntOrNull)
    .custom(isAbuseTimestampValid)
    .withMessage('Should have valid starting time value'),
  body('endAt')
    .optional()
    .customSanitizer(toIntOrNull)
    .custom(isAbuseTimestampValid)
    .withMessage('Should have valid ending time value')
    .bail()
    .custom(isAbuseTimestampCoherent)
    .withMessage('Should have a startAt timestamp beginning before endAt'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking videoAbuseReport parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return
    if (!await doesVideoExist(req.params.videoId, res)) return

    return next()
  }
]

const videoAbuseGetValidator = [
  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
  param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking videoAbuseGetValidator parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return
    if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return

    return next()
  }
]

const videoAbuseUpdateValidator = [
  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
  param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
  body('state')
    .optional()
    .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
  body('moderationComment')
    .optional()
    .custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),

  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking videoAbuseUpdateValidator parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return
    if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return

    return next()
  }
]

const videoAbuseListValidator = [
  query('id')
    .optional()
    .custom(isIdValid).withMessage('Should have a valid id'),
  query('predefinedReason')
    .optional()
    .custom(isAbusePredefinedReasonValid)
    .withMessage('Should have a valid predefinedReason'),
  query('search')
    .optional()
    .custom(exists).withMessage('Should have a valid search'),
  query('state')
    .optional()
    .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
  query('videoIs')
    .optional()
    .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
  query('searchReporter')
    .optional()
    .custom(exists).withMessage('Should have a valid reporter search'),
  query('searchReportee')
    .optional()
    .custom(exists).withMessage('Should have a valid reportee search'),
  query('searchVideo')
    .optional()
    .custom(exists).withMessage('Should have a valid video search'),
  query('searchVideoChannel')
    .optional()
    .custom(exists).withMessage('Should have a valid video channel search'),

  (req: express.Request, res: express.Response, next: express.NextFunction) => {
    logger.debug('Checking videoAbuseListValidator parameters', { parameters: req.body })

    if (areValidationErrors(req, res)) return

    return next()
  }
]

// ---------------------------------------------------------------------------

export {
  abuseListValidator,
  abuseReportValidator,
  abuseGetValidator,
  abuseUpdateValidator,
  videoAbuseReportValidator,
  videoAbuseGetValidator,
  videoAbuseUpdateValidator,
  videoAbuseListValidator
}
Commit	Line	Data
d95d1559 C	1	import * as express from 'express'
	2	import { body, param, query } from 'express-validator'
	3	import {
	4	isAbuseModerationCommentValid,
	5	isAbusePredefinedReasonsValid,
	6	isAbusePredefinedReasonValid,
	7	isAbuseReasonValid,
	8	isAbuseStateValid,
	9	isAbuseTimestampCoherent,
	10	isAbuseTimestampValid,
	11	isAbuseVideoIsValid
	12	} from '@server/helpers/custom-validators/abuses'
	13	import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '@server/helpers/custom-validators/misc'
	14	import { logger } from '@server/helpers/logger'
	15	import { doesAbuseExist, doesVideoAbuseExist, doesVideoExist } from '@server/helpers/middlewares'
	16	import { areValidationErrors } from './utils'
	17
	18	const abuseReportValidator = [
	19	param('videoId')
	20	.custom(isIdOrUUIDValid)
	21	.not()
	22	.isEmpty()
	23	.withMessage('Should have a valid videoId'),
	24	body('reason')
	25	.custom(isAbuseReasonValid)
	26	.withMessage('Should have a valid reason'),
	27	body('predefinedReasons')
	28	.optional()
	29	.custom(isAbusePredefinedReasonsValid)
	30	.withMessage('Should have a valid list of predefined reasons'),
	31	body('startAt')
	32	.optional()
	33	.customSanitizer(toIntOrNull)
	34	.custom(isAbuseTimestampValid)
	35	.withMessage('Should have valid starting time value'),
	36	body('endAt')
	37	.optional()
	38	.customSanitizer(toIntOrNull)
	39	.custom(isAbuseTimestampValid)
	40	.withMessage('Should have valid ending time value')
	41	.bail()
	42	.custom(isAbuseTimestampCoherent)
	43	.withMessage('Should have a startAt timestamp beginning before endAt'),
	44
	45	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	46	logger.debug('Checking abuseReport parameters', { parameters: req.body })
	47
	48	if (areValidationErrors(req, res)) return
	49	if (!await doesVideoExist(req.params.videoId, res)) return
	50
	51	// TODO: check comment or video (exlusive)
	52
	53	return next()
	54	}
	55	]
	56
	57	const abuseGetValidator = [
	58	param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
	59	param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
	60
	61	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	62	logger.debug('Checking abuseGetValidator parameters', { parameters: req.body })
	63
	64	if (areValidationErrors(req, res)) return
65	// if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return
66
67	return next()
68	}
69	]
70
71	const abuseUpdateValidator = [
72	param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
73	param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
74	body('state')
75	.optional()
76	.custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
77	body('moderationComment')
78	.optional()
79	.custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),
80
81	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
82	logger.debug('Checking abuseUpdateValidator parameters', { parameters: req.body })
83
84	if (areValidationErrors(req, res)) return
85	// if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return
86
87	return next()
88	}
89	]
90
91	const abuseListValidator = [
92	query('id')
93	.optional()
94	.custom(isIdValid).withMessage('Should have a valid id'),
95	query('predefinedReason')
96	.optional()
97	.custom(isAbusePredefinedReasonValid)
98	.withMessage('Should have a valid predefinedReason'),
99	query('search')
100	.optional()
101	.custom(exists).withMessage('Should have a valid search'),
102	query('state')
103	.optional()
104	.custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
105	query('videoIs')
106	.optional()
107	.custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
108	query('searchReporter')
109	.optional()
110	.custom(exists).withMessage('Should have a valid reporter search'),
111	query('searchReportee')
112	.optional()
113	.custom(exists).withMessage('Should have a valid reportee search'),
114	query('searchVideo')
115	.optional()
116	.custom(exists).withMessage('Should have a valid video search'),
117	query('searchVideoChannel')
118	.optional()
119	.custom(exists).withMessage('Should have a valid video channel search'),
120
121	(req: express.Request, res: express.Response, next: express.NextFunction) => {
122	logger.debug('Checking abuseListValidator parameters', { parameters: req.body })
123
124	if (areValidationErrors(req, res)) return
125
126	return next()
127	}
128	]
129
130	// FIXME: deprecated in 2.3. Remove these validators
131
132	const videoAbuseReportValidator = [
133	param('videoId')
134	.custom(isIdOrUUIDValid)
135	.not()
136	.isEmpty()
137	.withMessage('Should have a valid videoId'),
138	body('reason')
139	.custom(isAbuseReasonValid)
140	.withMessage('Should have a valid reason'),
141	body('predefinedReasons')
142	.optional()
143	.custom(isAbusePredefinedReasonsValid)
144	.withMessage('Should have a valid list of predefined reasons'),
145	body('startAt')
146	.optional()
147	.customSanitizer(toIntOrNull)
148	.custom(isAbuseTimestampValid)
149	.withMessage('Should have valid starting time value'),
150	body('endAt')
151	.optional()
152	.customSanitizer(toIntOrNull)
153	.custom(isAbuseTimestampValid)
154	.withMessage('Should have valid ending time value')
155	.bail()
156	.custom(isAbuseTimestampCoherent)
157	.withMessage('Should have a startAt timestamp beginning before endAt'),
158
159	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
160	logger.debug('Checking videoAbuseReport parameters', { parameters: req.body })
161
162	if (areValidationErrors(req, res)) return
163	if (!await doesVideoExist(req.params.videoId, res)) return
164
165	return next()
166	}
167	]
168
169	const videoAbuseGetValidator = [
170	param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
171	param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
172
173	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
174	logger.debug('Checking videoAbuseGetValidator parameters', { parameters: req.body })
175
176	if (areValidationErrors(req, res)) return
177	if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return
178
179	return next()
180	}
181	]
182
183	const videoAbuseUpdateValidator = [
184	param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
185	param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
186	body('state')
187	.optional()
188	.custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
189	body('moderationComment')
190	.optional()
191	.custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),
192
193	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
194	logger.debug('Checking videoAbuseUpdateValidator parameters', { parameters: req.body })
195
196	if (areValidationErrors(req, res)) return
197	if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return
198
199	return next()
200	}
201	]
202
203	const videoAbuseListValidator = [
204	query('id')
205	.optional()
206	.custom(isIdValid).withMessage('Should have a valid id'),
207	query('predefinedReason')
208	.optional()
209	.custom(isAbusePredefinedReasonValid)
210	.withMessage('Should have a valid predefinedReason'),
211	query('search')
212	.optional()
213	.custom(exists).withMessage('Should have a valid search'),
214	query('state')
215	.optional()
216	.custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
217	query('videoIs')
218	.optional()
219	.custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
220	query('searchReporter')
221	.optional()
222	.custom(exists).withMessage('Should have a valid reporter search'),
223	query('searchReportee')
224	.optional()
225	.custom(exists).withMessage('Should have a valid reportee search'),
226	query('searchVideo')
227	.optional()
228	.custom(exists).withMessage('Should have a valid video search'),
229	query('searchVideoChannel')
230	.optional()
231	.custom(exists).withMessage('Should have a valid video channel search'),
232
233	(req: express.Request, res: express.Response, next: express.NextFunction) => {
234	logger.debug('Checking videoAbuseListValidator parameters', { parameters: req.body })
235
236	if (areValidationErrors(req, res)) return
237
238	return next()
239	}
240	]
241
242	// ---------------------------------------------------------------------------
243
244	export {
245	abuseListValidator,
246	abuseReportValidator,
247	abuseGetValidator,
248	abuseUpdateValidator,
249	videoAbuseReportValidator,
250	videoAbuseGetValidator,
251	videoAbuseUpdateValidator,
252	videoAbuseListValidator
253	}