1 import * as express from 'express'
2 import { createAccountAbuse, createVideoAbuse, createVideoCommentAbuse } from '@server/lib/moderation'
3 import { AbuseModel } from '@server/models/abuse/abuse'
4 import { getServerActor } from '@server/models/application/application'
5 import { AbuseCreate, abusePredefinedReasonsMap, AbuseState, UserRight } from '../../../shared'
6 import { getFormattedObjects } from '../../helpers/utils'
7 import { sequelizeTypescript } from '../../initializers/database'
15 asyncRetryTransactionMiddleware,
21 } from '../../middlewares'
22 import { AccountModel } from '../../models/account/account'
24 const abuseRouter = express.Router()
28 ensureUserHasRight(UserRight.MANAGE_ABUSES),
34 asyncMiddleware(listAbuses)
36 abuseRouter.put('/:id',
38 ensureUserHasRight(UserRight.MANAGE_ABUSES),
39 asyncMiddleware(abuseUpdateValidator),
40 asyncRetryTransactionMiddleware(updateAbuse)
44 asyncMiddleware(abuseReportValidator),
45 asyncRetryTransactionMiddleware(reportAbuse)
47 abuseRouter.delete('/:id',
49 ensureUserHasRight(UserRight.MANAGE_ABUSES),
50 asyncMiddleware(abuseGetValidator),
51 asyncRetryTransactionMiddleware(deleteAbuse)
54 // ---------------------------------------------------------------------------
59 // FIXME: deprecated in 2.3. Remove these exports
66 // ---------------------------------------------------------------------------
68 async function listAbuses (req: express.Request, res: express.Response) {
69 const user = res.locals.oauth.token.user
70 const serverActor = await getServerActor()
72 const resultList = await AbuseModel.listForApi({
73 start: req.query.start,
74 count: req.query.count,
77 filter: req.query.filter,
78 predefinedReason: req.query.predefinedReason,
79 search: req.query.search,
80 state: req.query.state,
81 videoIs: req.query.videoIs,
82 searchReporter: req.query.searchReporter,
83 searchReportee: req.query.searchReportee,
84 searchVideo: req.query.searchVideo,
85 searchVideoChannel: req.query.searchVideoChannel,
86 serverAccountId: serverActor.Account.id,
90 return res.json(getFormattedObjects(resultList.data, resultList.total))
93 async function updateAbuse (req: express.Request, res: express.Response) {
94 const abuse = res.locals.abuse
96 if (req.body.moderationComment !== undefined) abuse.moderationComment = req.body.moderationComment
97 if (req.body.state !== undefined) abuse.state = req.body.state
99 await sequelizeTypescript.transaction(t => {
100 return abuse.save({ transaction: t })
103 // Do not send the delete to other instances, we updated OUR copy of this video abuse
105 return res.type('json').status(204).end()
108 async function deleteAbuse (req: express.Request, res: express.Response) {
109 const abuse = res.locals.abuse
111 await sequelizeTypescript.transaction(t => {
112 return abuse.destroy({ transaction: t })
115 // Do not send the delete to other instances, we delete OUR copy of this video abuse
117 return res.type('json').status(204).end()
120 async function reportAbuse (req: express.Request, res: express.Response) {
121 const videoInstance = res.locals.videoAll
122 const commentInstance = res.locals.videoCommentFull
123 const accountInstance = res.locals.account
125 const body: AbuseCreate = req.body
127 const { id } = await sequelizeTypescript.transaction(async t => {
128 const reporterAccount = await AccountModel.load(res.locals.oauth.token.User.Account.id, t)
129 const predefinedReasons = body.predefinedReasons?.map(r => abusePredefinedReasonsMap[r])
132 reporterAccountId: reporterAccount.id,
134 state: AbuseState.PENDING,
139 return createVideoAbuse({
144 startAt: body.video.startAt,
145 endAt: body.video.endAt
150 return createVideoCommentAbuse({
159 return createAccountAbuse({
167 return res.json({ abuse: { id } })