]>
Commit | Line | Data |
---|---|---|
1 | import validator from 'validator' | |
2 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' | |
3 | import { exists, isArray, isDateValid } from '../misc' | |
4 | import { isActivityPubUrlValid, isBaseActivityValid, setValidAttributedTo } from './misc' | |
5 | import { isHostValid } from '../servers' | |
6 | import { peertubeTruncate } from '@server/helpers/core-utils' | |
7 | ||
8 | function isActorEndpointsObjectValid (endpointObject: any) { | |
9 | if (endpointObject?.sharedInbox) { | |
10 | return isActivityPubUrlValid(endpointObject.sharedInbox) | |
11 | } | |
12 | ||
13 | // Shared inbox is optional | |
14 | return true | |
15 | } | |
16 | ||
17 | function isActorPublicKeyObjectValid (publicKeyObject: any) { | |
18 | return isActivityPubUrlValid(publicKeyObject.id) && | |
19 | isActivityPubUrlValid(publicKeyObject.owner) && | |
20 | isActorPublicKeyValid(publicKeyObject.publicKeyPem) | |
21 | } | |
22 | ||
23 | function isActorTypeValid (type: string) { | |
24 | return type === 'Person' || type === 'Application' || type === 'Group' || type === 'Service' || type === 'Organization' | |
25 | } | |
26 | ||
27 | function isActorPublicKeyValid (publicKey: string) { | |
28 | return exists(publicKey) && | |
29 | typeof publicKey === 'string' && | |
30 | publicKey.startsWith('-----BEGIN PUBLIC KEY-----') && | |
31 | publicKey.includes('-----END PUBLIC KEY-----') && | |
32 | validator.isLength(publicKey, CONSTRAINTS_FIELDS.ACTORS.PUBLIC_KEY) | |
33 | } | |
34 | ||
35 | const actorNameAlphabet = '[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\\-_.:]' | |
36 | const actorNameRegExp = new RegExp(`^${actorNameAlphabet}+$`) | |
37 | function isActorPreferredUsernameValid (preferredUsername: string) { | |
38 | return exists(preferredUsername) && validator.matches(preferredUsername, actorNameRegExp) | |
39 | } | |
40 | ||
41 | function isActorPrivateKeyValid (privateKey: string) { | |
42 | return exists(privateKey) && | |
43 | typeof privateKey === 'string' && | |
44 | (privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') || privateKey.startsWith('-----BEGIN PRIVATE KEY-----')) && | |
45 | // Sometimes there is a \n at the end, so just assert the string contains the end mark | |
46 | (privateKey.includes('-----END RSA PRIVATE KEY-----') || privateKey.includes('-----END PRIVATE KEY-----')) && | |
47 | validator.isLength(privateKey, CONSTRAINTS_FIELDS.ACTORS.PRIVATE_KEY) | |
48 | } | |
49 | ||
50 | function isActorFollowingCountValid (value: string) { | |
51 | return exists(value) && validator.isInt('' + value, { min: 0 }) | |
52 | } | |
53 | ||
54 | function isActorFollowersCountValid (value: string) { | |
55 | return exists(value) && validator.isInt('' + value, { min: 0 }) | |
56 | } | |
57 | ||
58 | function isActorDeleteActivityValid (activity: any) { | |
59 | return isBaseActivityValid(activity, 'Delete') | |
60 | } | |
61 | ||
62 | function sanitizeAndCheckActorObject (actor: any) { | |
63 | if (!isActorTypeValid(actor.type)) return false | |
64 | ||
65 | normalizeActor(actor) | |
66 | ||
67 | return exists(actor) && | |
68 | isActivityPubUrlValid(actor.id) && | |
69 | isActivityPubUrlValid(actor.inbox) && | |
70 | isActorPreferredUsernameValid(actor.preferredUsername) && | |
71 | isActivityPubUrlValid(actor.url) && | |
72 | isActorPublicKeyObjectValid(actor.publicKey) && | |
73 | isActorEndpointsObjectValid(actor.endpoints) && | |
74 | ||
75 | (!actor.outbox || isActivityPubUrlValid(actor.outbox)) && | |
76 | (!actor.following || isActivityPubUrlValid(actor.following)) && | |
77 | (!actor.followers || isActivityPubUrlValid(actor.followers)) && | |
78 | ||
79 | setValidAttributedTo(actor) && | |
80 | setValidDescription(actor) && | |
81 | // If this is a group (a channel), it should be attributed to an account | |
82 | // In PeerTube we use this to attach a video channel to a specific account | |
83 | (actor.type !== 'Group' || actor.attributedTo.length !== 0) | |
84 | } | |
85 | ||
86 | function normalizeActor (actor: any) { | |
87 | if (!actor) return | |
88 | ||
89 | if (!actor.url) { | |
90 | actor.url = actor.id | |
91 | } else if (typeof actor.url !== 'string') { | |
92 | actor.url = actor.url.href || actor.url.url | |
93 | } | |
94 | ||
95 | if (!isDateValid(actor.published)) actor.published = undefined | |
96 | ||
97 | if (actor.summary && typeof actor.summary === 'string') { | |
98 | actor.summary = peertubeTruncate(actor.summary, { length: CONSTRAINTS_FIELDS.USERS.DESCRIPTION.max }) | |
99 | ||
100 | if (actor.summary.length < CONSTRAINTS_FIELDS.USERS.DESCRIPTION.min) { | |
101 | actor.summary = null | |
102 | } | |
103 | } | |
104 | } | |
105 | ||
106 | function isValidActorHandle (handle: string) { | |
107 | if (!exists(handle)) return false | |
108 | ||
109 | const parts = handle.split('@') | |
110 | if (parts.length !== 2) return false | |
111 | ||
112 | return isHostValid(parts[1]) | |
113 | } | |
114 | ||
115 | function areValidActorHandles (handles: string[]) { | |
116 | return isArray(handles) && handles.every(h => isValidActorHandle(h)) | |
117 | } | |
118 | ||
119 | function setValidDescription (obj: any) { | |
120 | if (!obj.summary) obj.summary = null | |
121 | ||
122 | return true | |
123 | } | |
124 | ||
125 | // --------------------------------------------------------------------------- | |
126 | ||
127 | export { | |
128 | normalizeActor, | |
129 | actorNameAlphabet, | |
130 | areValidActorHandles, | |
131 | isActorEndpointsObjectValid, | |
132 | isActorPublicKeyObjectValid, | |
133 | isActorTypeValid, | |
134 | isActorPublicKeyValid, | |
135 | isActorPreferredUsernameValid, | |
136 | isActorPrivateKeyValid, | |
137 | isActorFollowingCountValid, | |
138 | isActorFollowersCountValid, | |
139 | isActorDeleteActivityValid, | |
140 | sanitizeAndCheckActorObject, | |
141 | isValidActorHandle | |
142 | } |