server/controllers/api/videos/abuse.ts

   1 import * as express from 'express'
   2
   3 import { database as db } from '../../../initializers/database'
   4 import {
   5   logger,
   6   getFormattedObjects,
   7   retryTransactionWrapper
   8 } from '../../../helpers'
   9 import {
  10   authenticate,
  11   ensureUserHasRight,
  12   paginationValidator,
  13   videoAbuseReportValidator,
  14   videoAbusesSortValidator,
  15   setVideoAbusesSort,
  16   setPagination,
  17   asyncMiddleware
  18 } from '../../../middlewares'
  19 import { VideoInstance } from '../../../models'
  20 import { VideoAbuseCreate, UserRight } from '../../../../shared'
  21 import { sendVideoAbuse } from '../../../lib/index'
  22
  23 const abuseVideoRouter = express.Router()
  24
  25 abuseVideoRouter.get('/abuse',
  26   authenticate,
  27   ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
  28   paginationValidator,
  29   videoAbusesSortValidator,
  30   setVideoAbusesSort,
  31   setPagination,
  32   asyncMiddleware(listVideoAbuses)
  33 )
  34 abuseVideoRouter.post('/:id/abuse',
  35   authenticate,
  36   asyncMiddleware(videoAbuseReportValidator),
  37   asyncMiddleware(reportVideoAbuseRetryWrapper)
  38 )
  39
  40 // ---------------------------------------------------------------------------
  41
  42 export {
  43   abuseVideoRouter
  44 }
  45
  46 // ---------------------------------------------------------------------------
  47
  48 async function listVideoAbuses (req: express.Request, res: express.Response, next: express.NextFunction) {
  49   const resultList = await db.VideoAbuse.listForApi(req.query.start, req.query.count, req.query.sort)
  50
  51   return res.json(getFormattedObjects(resultList.data, resultList.total))
  52 }
  53
  54 async function reportVideoAbuseRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) {
  55   const options = {
  56     arguments: [ req, res ],
  57     errorMessage: 'Cannot report abuse to the video with many retries.'
  58   }
  59
  60   await retryTransactionWrapper(reportVideoAbuse, options)
  61
  62   return res.type('json').status(204).end()
  63 }
  64
  65 async function reportVideoAbuse (req: express.Request, res: express.Response) {
  66   const videoInstance = res.locals.video as VideoInstance
  67   const reporterAccount = res.locals.oauth.token.User.Account
  68   const body: VideoAbuseCreate = req.body
  69
  70   const abuseToCreate = {
  71     reporterAccountId: reporterAccount.id,
  72     reason: body.reason,
  73     videoId: videoInstance.id
  74   }
  75
  76   await db.sequelize.transaction(async t => {
  77     const videoAbuseInstance = await db.VideoAbuse.create(abuseToCreate, { transaction: t })
  78     videoAbuseInstance.Video = videoInstance
  79
  80     // We send the video abuse to the origin server
  81     if (videoInstance.isOwned() === false) {
  82       await sendVideoAbuse(reporterAccount, videoAbuseInstance, videoInstance, t)
  83     }
  84   })
  85
  86   logger.info('Abuse report for video %s created.', videoInstance.name)
  87 }