]>
Commit | Line | Data |
---|---|---|
444c0a0e C |
1 | import * as express from 'express' |
2 | import { body } from 'express-validator' | |
3 | import { isBulkRemoveCommentsOfScopeValid } from '@server/helpers/custom-validators/bulk' | |
4 | import { doesAccountNameWithHostExist } from '@server/helpers/middlewares' | |
5 | import { UserRight } from '@shared/models' | |
6 | import { BulkRemoveCommentsOfBody } from '@shared/models/bulk/bulk-remove-comments-of-body.model' | |
7 | import { logger } from '../../helpers/logger' | |
8 | import { areValidationErrors } from './utils' | |
2d53be02 | 9 | import { HttpStatusCode } from '@shared/core-utils/miscs/http-error-codes' |
444c0a0e C |
10 | |
11 | const bulkRemoveCommentsOfValidator = [ | |
12 | body('accountName').exists().withMessage('Should have an account name with host'), | |
13 | body('scope') | |
14 | .custom(isBulkRemoveCommentsOfScopeValid).withMessage('Should have a valid scope'), | |
15 | ||
16 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | |
17 | logger.debug('Checking bulkRemoveCommentsOfValidator parameters', { parameters: req.body }) | |
18 | ||
19 | if (areValidationErrors(req, res)) return | |
20 | if (!await doesAccountNameWithHostExist(req.body.accountName, res)) return | |
21 | ||
22 | const user = res.locals.oauth.token.User | |
23 | const body = req.body as BulkRemoveCommentsOfBody | |
24 | ||
25 | if (body.scope === 'instance' && user.hasRight(UserRight.REMOVE_ANY_VIDEO_COMMENT) !== true) { | |
2d53be02 | 26 | return res.status(HttpStatusCode.FORBIDDEN_403) |
444c0a0e C |
27 | .json({ |
28 | error: 'User cannot remove any comments of this instance.' | |
29 | }) | |
30 | } | |
31 | ||
32 | return next() | |
33 | } | |
34 | ] | |
35 | ||
36 | // --------------------------------------------------------------------------- | |
37 | ||
38 | export { | |
39 | bulkRemoveCommentsOfValidator | |
40 | } | |
41 | ||
42 | // --------------------------------------------------------------------------- |