server/helpers/custom-validators/activitypub/videos.ts

   1 import * as validator from 'validator'
   2 import { ACTIVITY_PUB, CONSTRAINTS_FIELDS } from '../../../initializers'
   3 import { peertubeTruncate } from '../../core-utils'
   4 import { exists, isBooleanValid, isDateValid, isUUIDValid } from '../misc'
   5 import {
   6   isVideoAbuseReasonValid,
   7   isVideoDurationValid,
   8   isVideoNameValid,
   9   isVideoTagValid,
  10   isVideoTruncatedDescriptionValid,
  11   isVideoViewsValid
  12 } from '../videos'
  13 import { isActivityPubUrlValid, isBaseActivityValid, setValidAttributedTo } from './misc'
  14
  15 function sanitizeAndCheckVideoTorrentCreateActivity (activity: any) {
  16   return isBaseActivityValid(activity, 'Create') &&
  17     sanitizeAndCheckVideoTorrentObject(activity.object)
  18 }
  19
  20 function sanitizeAndCheckVideoTorrentUpdateActivity (activity: any) {
  21   return isBaseActivityValid(activity, 'Update') &&
  22     sanitizeAndCheckVideoTorrentObject(activity.object)
  23 }
  24
  25 function isVideoTorrentDeleteActivityValid (activity: any) {
  26   return isBaseActivityValid(activity, 'Delete')
  27 }
  28
  29 function isVideoFlagValid (activity: any) {
  30   return isBaseActivityValid(activity, 'Create') &&
  31     activity.object.type === 'Flag' &&
  32     isVideoAbuseReasonValid(activity.object.content) &&
  33     isActivityPubUrlValid(activity.object.object)
  34 }
  35
  36 function isActivityPubVideoDurationValid (value: string) {
  37   // https://www.w3.org/TR/activitystreams-vocabulary/#dfn-duration
  38   return exists(value) &&
  39     typeof value === 'string' &&
  40     value.startsWith('PT') &&
  41     value.endsWith('S') &&
  42     isVideoDurationValid(value.replace(/[^0-9]+/g, ''))
  43 }
  44
  45 function sanitizeAndCheckVideoTorrentObject (video: any) {
  46   if (video.type !== 'Video') return false
  47
  48   if (!setValidRemoteTags(video)) return false
  49   if (!setValidRemoteVideoUrls(video)) return false
  50   if (!setRemoteVideoTruncatedContent(video)) return false
  51   if (!setValidAttributedTo(video)) return false
  52
  53   return isActivityPubUrlValid(video.id) &&
  54     isVideoNameValid(video.name) &&
  55     isActivityPubVideoDurationValid(video.duration) &&
  56     isUUIDValid(video.uuid) &&
  57     (!video.category || isRemoteNumberIdentifierValid(video.category)) &&
  58     (!video.licence || isRemoteNumberIdentifierValid(video.licence)) &&
  59     (!video.language || isRemoteStringIdentifierValid(video.language)) &&
  60     isVideoViewsValid(video.views) &&
  61     isBooleanValid(video.sensitive) &&
  62     isBooleanValid(video.commentsEnabled) &&
  63     isDateValid(video.published) &&
  64     isDateValid(video.updated) &&
  65     (!video.content || isRemoteVideoContentValid(video.mediaType, video.content)) &&
  66     isRemoteVideoIconValid(video.icon) &&
  67     video.url.length !== 0 &&
  68     video.attributedTo.length !== 0
  69 }
  70
  71 // ---------------------------------------------------------------------------
  72
  73 export {
  74   sanitizeAndCheckVideoTorrentCreateActivity,
  75   sanitizeAndCheckVideoTorrentUpdateActivity,
  76   isVideoTorrentDeleteActivityValid,
  77   isRemoteStringIdentifierValid,
  78   isVideoFlagValid,
  79   sanitizeAndCheckVideoTorrentObject
  80 }
  81
  82 // ---------------------------------------------------------------------------
  83
  84 function setValidRemoteTags (video: any) {
  85   if (Array.isArray(video.tag) === false) return false
  86
  87   video.tag = video.tag.filter(t => {
  88     return t.type === 'Hashtag' &&
  89       isVideoTagValid(t.name)
  90   })
  91
  92   return true
  93 }
  94
  95 function isRemoteNumberIdentifierValid (data: any) {
  96   return validator.isInt(data.identifier, { min: 0 })
  97 }
  98
  99 function isRemoteStringIdentifierValid (data: any) {
 100   return typeof data.identifier === 'string'
 101 }
 102
 103 function isRemoteVideoContentValid (mediaType: string, content: string) {
 104   return mediaType === 'text/markdown' && isVideoTruncatedDescriptionValid(content)
 105 }
 106
 107 function isRemoteVideoIconValid (icon: any) {
 108   return icon.type === 'Image' &&
 109     isActivityPubUrlValid(icon.url) &&
 110     icon.mediaType === 'image/jpeg' &&
 111     validator.isInt(icon.width + '', { min: 0 }) &&
 112     validator.isInt(icon.height + '', { min: 0 })
 113 }
 114
 115 function setValidRemoteVideoUrls (video: any) {
 116   if (Array.isArray(video.url) === false) return false
 117
 118   video.url = video.url.filter(u => isRemoteVideoUrlValid(u))
 119
 120   return true
 121 }
 122
 123 function setRemoteVideoTruncatedContent (video: any) {
 124   if (video.content) {
 125     video.content = peertubeTruncate(video.content, CONSTRAINTS_FIELDS.VIDEOS.TRUNCATED_DESCRIPTION.max)
 126   }
 127
 128   return true
 129 }
 130
 131 function isRemoteVideoUrlValid (url: any) {
 132   return url.type === 'Link' &&
 133     (
 134       ACTIVITY_PUB.URL_MIME_TYPES.VIDEO.indexOf(url.mimeType) !== -1 &&
 135       isActivityPubUrlValid(url.href) &&
 136       validator.isInt(url.width + '', { min: 0 }) &&
 137       validator.isInt(url.size + '', { min: 0 })
 138     ) ||
 139     (
 140       ACTIVITY_PUB.URL_MIME_TYPES.TORRENT.indexOf(url.mimeType) !== -1 &&
 141       isActivityPubUrlValid(url.href) &&
 142       validator.isInt(url.width + '', { min: 0 })
 143     ) ||
 144     (
 145       ACTIVITY_PUB.URL_MIME_TYPES.MAGNET.indexOf(url.mimeType) !== -1 &&
 146       validator.isLength(url.href, { min: 5 }) &&
 147       validator.isInt(url.width + '', { min: 0 })
 148     )
 149 }