]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blame_incremental - server/controllers/api/videos/abuse.ts
Add gitlab ci support
[github/Chocobozzz/PeerTube.git] / server / controllers / api / videos / abuse.ts
... / ...
CommitLineData
1import * as express from 'express'
2import { UserRight, VideoAbuseCreate, VideoAbuseState } from '../../../../shared'
3import { logger } from '../../../helpers/logger'
4import { getFormattedObjects } from '../../../helpers/utils'
5import { sequelizeTypescript } from '../../../initializers'
6import {
7 asyncMiddleware,
8 asyncRetryTransactionMiddleware,
9 authenticate,
10 ensureUserHasRight,
11 paginationValidator,
12 setDefaultPagination,
13 setDefaultSort,
14 videoAbuseGetValidator,
15 videoAbuseReportValidator,
16 videoAbusesSortValidator,
17 videoAbuseUpdateValidator
18} from '../../../middlewares'
19import { AccountModel } from '../../../models/account/account'
20import { VideoAbuseModel } from '../../../models/video/video-abuse'
21import { auditLoggerFactory, VideoAbuseAuditView } from '../../../helpers/audit-logger'
22import { Notifier } from '../../../lib/notifier'
23import { sendVideoAbuse } from '../../../lib/activitypub/send/send-flag'
24
25const auditLogger = auditLoggerFactory('abuse')
26const abuseVideoRouter = express.Router()
27
28abuseVideoRouter.get('/abuse',
29 authenticate,
30 ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
31 paginationValidator,
32 videoAbusesSortValidator,
33 setDefaultSort,
34 setDefaultPagination,
35 asyncMiddleware(listVideoAbuses)
36)
37abuseVideoRouter.put('/:videoId/abuse/:id',
38 authenticate,
39 ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
40 asyncMiddleware(videoAbuseUpdateValidator),
41 asyncRetryTransactionMiddleware(updateVideoAbuse)
42)
43abuseVideoRouter.post('/:videoId/abuse',
44 authenticate,
45 asyncMiddleware(videoAbuseReportValidator),
46 asyncRetryTransactionMiddleware(reportVideoAbuse)
47)
48abuseVideoRouter.delete('/:videoId/abuse/:id',
49 authenticate,
50 ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
51 asyncMiddleware(videoAbuseGetValidator),
52 asyncRetryTransactionMiddleware(deleteVideoAbuse)
53)
54
55// ---------------------------------------------------------------------------
56
57export {
58 abuseVideoRouter
59}
60
61// ---------------------------------------------------------------------------
62
63async function listVideoAbuses (req: express.Request, res: express.Response) {
64 const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort)
65
66 return res.json(getFormattedObjects(resultList.data, resultList.total))
67}
68
69async function updateVideoAbuse (req: express.Request, res: express.Response) {
70 const videoAbuse = res.locals.videoAbuse
71
72 if (req.body.moderationComment !== undefined) videoAbuse.moderationComment = req.body.moderationComment
73 if (req.body.state !== undefined) videoAbuse.state = req.body.state
74
75 await sequelizeTypescript.transaction(t => {
76 return videoAbuse.save({ transaction: t })
77 })
78
79 // Do not send the delete to other instances, we updated OUR copy of this video abuse
80
81 return res.type('json').status(204).end()
82}
83
84async function deleteVideoAbuse (req: express.Request, res: express.Response) {
85 const videoAbuse = res.locals.videoAbuse
86
87 await sequelizeTypescript.transaction(t => {
88 return videoAbuse.destroy({ transaction: t })
89 })
90
91 // Do not send the delete to other instances, we delete OUR copy of this video abuse
92
93 return res.type('json').status(204).end()
94}
95
96async function reportVideoAbuse (req: express.Request, res: express.Response) {
97 const videoInstance = res.locals.video
98 const body: VideoAbuseCreate = req.body
99
100 const videoAbuse: VideoAbuseModel = await sequelizeTypescript.transaction(async t => {
101 const reporterAccount = await AccountModel.load(res.locals.oauth.token.User.Account.id, t)
102
103 const abuseToCreate = {
104 reporterAccountId: reporterAccount.id,
105 reason: body.reason,
106 videoId: videoInstance.id,
107 state: VideoAbuseState.PENDING
108 }
109
110 const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t })
111 videoAbuseInstance.Video = videoInstance
112 videoAbuseInstance.Account = reporterAccount
113
114 // We send the video abuse to the origin server
115 if (videoInstance.isOwned() === false) {
116 await sendVideoAbuse(reporterAccount.Actor, videoAbuseInstance, videoInstance, t)
117 }
118
119 auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON()))
120
121 return videoAbuseInstance
122 })
123
124 Notifier.Instance.notifyOnNewVideoAbuse(videoAbuse)
125
126 logger.info('Abuse report for video %s created.', videoInstance.name)
127
128 return res.json({ videoAbuse: videoAbuse.toFormattedJSON() }).end()
129}