projects / github / Chocobozzz / PeerTube.git / blame
| Commit | Line | Data |
|---|---|---|
| 69818c93 C |
1 | import 'express-validator' |
| 2 | import * as express from 'express' | |
| 0a6658fd C |
3 | import * as Promise from 'bluebird' |
| 4 | import * as validator from 'validator' | |
| 69818c93 | 5 | |
| e02643f3 | 6 | import { database as db } from '../../initializers/database' |
| 65fcc311 | 7 | import { checkErrors } from './utils' |
| 291e8d3e | 8 | import { isSignupAllowed, logger } from '../../helpers' |
| 77a5501f | 9 | import { UserInstance, VideoInstance } from '../../models' |
| 9bd26629 | 10 | |
| 69818c93 | 11 | function usersAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
| 9bd26629 C |
12 | req.checkBody('username', 'Should have a valid username').isUserUsernameValid() |
| 13 | req.checkBody('password', 'Should have a valid password').isUserPasswordValid() | |
| ad4a8a1c | 14 | req.checkBody('email', 'Should have a valid email').isEmail() |
| b0f9f39e | 15 | req.checkBody('videoQuota', 'Should have a valid user quota').isUserVideoQuotaValid() |
| 9bd26629 | 16 | |
| 9bd26629 C |
17 | logger.debug('Checking usersAdd parameters', { parameters: req.body }) |
| 18 | ||
| 075f16ca | 19 | checkErrors(req, res, () => { |
| 77a5501f C |
20 | checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next) |
| 21 | }) | |
| 22 | } | |
| 6fcd19ba | 23 | |
| 77a5501f C |
24 | function usersRegisterValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
| 25 | req.checkBody('username', 'Should have a valid username').isUserUsernameValid() | |
| 26 | req.checkBody('password', 'Should have a valid password').isUserPasswordValid() | |
| 27 | req.checkBody('email', 'Should have a valid email').isEmail() | |
| 28 | ||
| 29 | logger.debug('Checking usersRegister parameters', { parameters: req.body }) | |
| 30 | ||
| 31 | checkErrors(req, res, () => { | |
| 32 | checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next) | |
| bf68dd75 | 33 | }) |
| 9bd26629 C |
34 | } |
| 35 | ||
| 69818c93 | 36 | function usersRemoveValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
| feb4bdfd | 37 | req.checkParams('id', 'Should have a valid id').notEmpty().isInt() |
| 9bd26629 C |
38 | |
| 39 | logger.debug('Checking usersRemove parameters', { parameters: req.params }) | |
| 40 | ||
| 075f16ca | 41 | checkErrors(req, res, () => { |
| 77a5501f C |
42 | checkUserExists(req.params.id, res, (err, user) => { |
| 43 | if (err) { | |
| 44 | logger.error('Error in usersRemoveValidator.', err) | |
| 45 | return res.sendStatus(500) | |
| 46 | } | |
| 9bd26629 | 47 | |
| 77a5501f | 48 | if (user.username === 'root') return res.status(400).send('Cannot remove the root user') |
| af1068ce | 49 | |
| 77a5501f C |
50 | next() |
| 51 | }) | |
| 9bd26629 C |
52 | }) |
| 53 | } | |
| 54 | ||
| 69818c93 | 55 | function usersUpdateValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
| feb4bdfd | 56 | req.checkParams('id', 'Should have a valid id').notEmpty().isInt() |
| 8094a898 C |
57 | req.checkBody('email', 'Should have a valid email attribute').optional().isEmail() |
| 58 | req.checkBody('videoQuota', 'Should have a valid user quota').optional().isUserVideoQuotaValid() | |
| 59 | ||
| 60 | logger.debug('Checking usersUpdate parameters', { parameters: req.body }) | |
| 61 | ||
| 62 | checkErrors(req, res, () => { | |
| 63 | checkUserExists(req.params.id, res, next) | |
| 64 | }) | |
| 65 | } | |
| 66 | ||
| 67 | function usersUpdateMeValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | |
| 9bd26629 | 68 | // Add old password verification |
| 1d49e1e2 | 69 | req.checkBody('password', 'Should have a valid password').optional().isUserPasswordValid() |
| 8094a898 | 70 | req.checkBody('email', 'Should have a valid email attribute').optional().isEmail() |
| 1d49e1e2 | 71 | req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid() |
| 9bd26629 | 72 | |
| 77a5501f | 73 | logger.debug('Checking usersUpdateMe parameters', { parameters: req.body }) |
| 9bd26629 C |
74 | |
| 75 | checkErrors(req, res, next) | |
| 76 | } | |
| 77 | ||
| 8094a898 C |
78 | function usersGetValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
| 79 | req.checkParams('id', 'Should have a valid id').notEmpty().isInt() | |
| 80 | ||
| 81 | checkErrors(req, res, () => { | |
| 82 | checkUserExists(req.params.id, res, next) | |
| 83 | }) | |
| 84 | } | |
| 85 | ||
| 69818c93 | 86 | function usersVideoRatingValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
| 0a6658fd | 87 | req.checkParams('videoId', 'Should have a valid video id').notEmpty().isVideoIdOrUUIDValid() |
| d38b8281 C |
88 | |
| 89 | logger.debug('Checking usersVideoRating parameters', { parameters: req.params }) | |
| 90 | ||
| 075f16ca | 91 | checkErrors(req, res, () => { |
| 0a6658fd C |
92 | let videoPromise: Promise<VideoInstance> |
| 93 | ||
| 94 | if (validator.isUUID(req.params.videoId)) { | |
| 95 | videoPromise = db.Video.loadByUUID(req.params.videoId) | |
| 96 | } else { | |
| 97 | videoPromise = db.Video.load(req.params.videoId) | |
| 98 | } | |
| 99 | ||
| 100 | videoPromise | |
| 6fcd19ba C |
101 | .then(video => { |
| 102 | if (!video) return res.status(404).send('Video not found') | |
| 103 | ||
| 104 | next() | |
| 105 | }) | |
| 106 | .catch(err => { | |
| ad0997ad | 107 | logger.error('Error in user request validator.', err) |
| d38b8281 | 108 | return res.sendStatus(500) |
| 6fcd19ba | 109 | }) |
| d38b8281 C |
110 | }) |
| 111 | } | |
| 112 | ||
| 291e8d3e C |
113 | function ensureUserRegistrationAllowed (req: express.Request, res: express.Response, next: express.NextFunction) { |
| 114 | isSignupAllowed().then(allowed => { | |
| 115 | if (allowed === false) { | |
| 116 | return res.status(403).send('User registration is not enabled or user limit is reached.') | |
| 117 | } | |
| 118 | ||
| 119 | return next() | |
| 120 | }) | |
| 121 | } | |
| 122 | ||
| 9bd26629 C |
123 | // --------------------------------------------------------------------------- |
| 124 | ||
| 65fcc311 C |
125 | export { |
| 126 | usersAddValidator, | |
| 77a5501f | 127 | usersRegisterValidator, |
| 65fcc311 C |
128 | usersRemoveValidator, |
| 129 | usersUpdateValidator, | |
| 8094a898 | 130 | usersUpdateMeValidator, |
| 291e8d3e | 131 | usersVideoRatingValidator, |
| 8094a898 C |
132 | ensureUserRegistrationAllowed, |
| 133 | usersGetValidator | |
| 134 | } | |
| 135 | ||
| 136 | // --------------------------------------------------------------------------- | |
| 137 | ||
| 77a5501f | 138 | function checkUserExists (id: number, res: express.Response, callback: (err: Error, user: UserInstance) => void) { |
| 8094a898 C |
139 | db.User.loadById(id) |
| 140 | .then(user => { | |
| 141 | if (!user) return res.status(404).send('User not found') | |
| 142 | ||
| 143 | res.locals.user = user | |
| 77a5501f | 144 | callback(null, user) |
| 8094a898 C |
145 | }) |
| 146 | .catch(err => { | |
| 147 | logger.error('Error in user request validator.', err) | |
| 148 | return res.sendStatus(500) | |
| 149 | }) | |
| 65fcc311 | 150 | } |
| 77a5501f C |
151 | |
| 152 | function checkUserDoesNotAlreadyExist (username: string, email: string, res: express.Response, callback: () => void) { | |
| 153 | db.User.loadByUsernameOrEmail(username, email) | |
| 154 | .then(user => { | |
| 155 | if (user) return res.status(409).send('User already exists.') | |
| 156 | ||
| 157 | callback() | |
| 158 | }) | |
| 159 | .catch(err => { | |
| 160 | logger.error('Error in usersAdd request validator.', err) | |
| 161 | return res.sendStatus(500) | |
| 162 | }) | |
| 163 | } |