]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/middlewares/validators/abuse.ts
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add new abuses tests
[github/Chocobozzz/PeerTube.git] / server / middlewares / validators / abuse.ts
1 import * as express from 'express'
2 import { body, param, query } from 'express-validator'
3 import {
4 isAbuseFilterValid,
5 isAbuseModerationCommentValid,
6 isAbusePredefinedReasonsValid,
7 isAbusePredefinedReasonValid,
8 isAbuseReasonValid,
9 isAbuseStateValid,
10 isAbuseTimestampCoherent,
11 isAbuseTimestampValid,
12 isAbuseVideoIsValid
13 } from '@server/helpers/custom-validators/abuses'
14 import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '@server/helpers/custom-validators/misc'
15 import { doesCommentIdExist } from '@server/helpers/custom-validators/video-comments'
16 import { logger } from '@server/helpers/logger'
17 import { doesAbuseExist, doesAccountIdExist, doesVideoAbuseExist, doesVideoExist } from '@server/helpers/middlewares'
18 import { AbuseCreate } from '@shared/models'
19 import { areValidationErrors } from './utils'
20
21 const abuseReportValidator = [
22 body('account.id')
23 .optional()
24 .custom(isIdValid)
25 .withMessage('Should have a valid accountId'),
26
27 body('video.id')
28 .optional()
29 .custom(isIdOrUUIDValid)
30 .withMessage('Should have a valid videoId'),
31 body('video.startAt')
32 .optional()
33 .customSanitizer(toIntOrNull)
34 .custom(isAbuseTimestampValid)
35 .withMessage('Should have valid starting time value'),
36 body('video.endAt')
37 .optional()
38 .customSanitizer(toIntOrNull)
39 .custom(isAbuseTimestampValid)
40 .withMessage('Should have valid ending time value')
41 .bail()
42 .custom(isAbuseTimestampCoherent)
43 .withMessage('Should have a startAt timestamp beginning before endAt'),
44
45 body('comment.id')
46 .optional()
47 .custom(isIdValid)
48 .withMessage('Should have a valid commentId'),
49
50 body('reason')
51 .custom(isAbuseReasonValid)
52 .withMessage('Should have a valid reason'),
53
54 body('predefinedReasons')
55 .optional()
56 .custom(isAbusePredefinedReasonsValid)
57 .withMessage('Should have a valid list of predefined reasons'),
58
59 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
60 logger.debug('Checking abuseReport parameters', { parameters: req.body })
61
62 if (areValidationErrors(req, res)) return
63
64 const body: AbuseCreate = req.body
65
66 if (body.video?.id && !await doesVideoExist(body.video.id, res)) return
67 if (body.account?.id && !await doesAccountIdExist(body.account.id, res)) return
68 if (body.comment?.id && !await doesCommentIdExist(body.comment.id, res)) return
69
70 if (!body.video?.id && !body.account?.id && !body.comment?.id) {
71 res.status(400)
72 .json({ error: 'video id or account id or comment id is required.' })
73
74 return
75 }
76
77 return next()
78 }
79 ]
80
81 const abuseGetValidator = [
82 param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
83
84 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
85 logger.debug('Checking abuseGetValidator parameters', { parameters: req.body })
86
87 if (areValidationErrors(req, res)) return
88 if (!await doesAbuseExist(req.params.id, res)) return
89
90 return next()
91 }
92 ]
93
94 const abuseUpdateValidator = [
95 param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
96
97 body('state')
98 .optional()
99 .custom(isAbuseStateValid).withMessage('Should have a valid abuse state'),
100 body('moderationComment')
101 .optional()
102 .custom(isAbuseModerationCommentValid).withMessage('Should have a valid moderation comment'),
103
104 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
105 logger.debug('Checking abuseUpdateValidator parameters', { parameters: req.body })
106
107 if (areValidationErrors(req, res)) return
108 if (!await doesAbuseExist(req.params.id, res)) return
109
110 return next()
111 }
112 ]
113
114 const abuseListValidator = [
115 query('id')
116 .optional()
117 .custom(isIdValid).withMessage('Should have a valid id'),
118 query('filter')
119 .optional()
120 .custom(isAbuseFilterValid)
121 .withMessage('Should have a valid filter'),
122 query('predefinedReason')
123 .optional()
124 .custom(isAbusePredefinedReasonValid)
125 .withMessage('Should have a valid predefinedReason'),
126 query('search')
127 .optional()
128 .custom(exists).withMessage('Should have a valid search'),
129 query('state')
130 .optional()
131 .custom(isAbuseStateValid).withMessage('Should have a valid abuse state'),
132 query('videoIs')
133 .optional()
134 .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
135 query('searchReporter')
136 .optional()
137 .custom(exists).withMessage('Should have a valid reporter search'),
138 query('searchReportee')
139 .optional()
140 .custom(exists).withMessage('Should have a valid reportee search'),
141 query('searchVideo')
142 .optional()
143 .custom(exists).withMessage('Should have a valid video search'),
144 query('searchVideoChannel')
145 .optional()
146 .custom(exists).withMessage('Should have a valid video channel search'),
147
148 (req: express.Request, res: express.Response, next: express.NextFunction) => {
149 logger.debug('Checking abuseListValidator parameters', { parameters: req.body })
150
151 if (areValidationErrors(req, res)) return
152
153 return next()
154 }
155 ]
156
157 // FIXME: deprecated in 2.3. Remove these validators
158
159 const videoAbuseReportValidator = [
160 param('videoId')
161 .custom(isIdOrUUIDValid)
162 .not()
163 .isEmpty()
164 .withMessage('Should have a valid videoId'),
165 body('reason')
166 .custom(isAbuseReasonValid)
167 .withMessage('Should have a valid reason'),
168 body('predefinedReasons')
169 .optional()
170 .custom(isAbusePredefinedReasonsValid)
171 .withMessage('Should have a valid list of predefined reasons'),
172 body('startAt')
173 .optional()
174 .customSanitizer(toIntOrNull)
175 .custom(isAbuseTimestampValid)
176 .withMessage('Should have valid starting time value'),
177 body('endAt')
178 .optional()
179 .customSanitizer(toIntOrNull)
180 .custom(isAbuseTimestampValid)
181 .withMessage('Should have valid ending time value'),
182
183 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
184 logger.debug('Checking videoAbuseReport parameters', { parameters: req.body })
185
186 if (areValidationErrors(req, res)) return
187 if (!await doesVideoExist(req.params.videoId, res)) return
188
189 return next()
190 }
191 ]
192
193 const videoAbuseGetValidator = [
194 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
195 param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
196
197 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
198 logger.debug('Checking videoAbuseGetValidator parameters', { parameters: req.body })
199
200 if (areValidationErrors(req, res)) return
201 if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return
202
203 return next()
204 }
205 ]
206
207 const videoAbuseUpdateValidator = [
208 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
209 param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
210 body('state')
211 .optional()
212 .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
213 body('moderationComment')
214 .optional()
215 .custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),
216
217 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
218 logger.debug('Checking videoAbuseUpdateValidator parameters', { parameters: req.body })
219
220 if (areValidationErrors(req, res)) return
221 if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return
222
223 return next()
224 }
225 ]
226
227 const videoAbuseListValidator = [
228 query('id')
229 .optional()
230 .custom(isIdValid).withMessage('Should have a valid id'),
231 query('predefinedReason')
232 .optional()
233 .custom(isAbusePredefinedReasonValid)
234 .withMessage('Should have a valid predefinedReason'),
235 query('search')
236 .optional()
237 .custom(exists).withMessage('Should have a valid search'),
238 query('state')
239 .optional()
240 .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
241 query('videoIs')
242 .optional()
243 .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
244 query('searchReporter')
245 .optional()
246 .custom(exists).withMessage('Should have a valid reporter search'),
247 query('searchReportee')
248 .optional()
249 .custom(exists).withMessage('Should have a valid reportee search'),
250 query('searchVideo')
251 .optional()
252 .custom(exists).withMessage('Should have a valid video search'),
253 query('searchVideoChannel')
254 .optional()
255 .custom(exists).withMessage('Should have a valid video channel search'),
256
257 (req: express.Request, res: express.Response, next: express.NextFunction) => {
258 logger.debug('Checking videoAbuseListValidator parameters', { parameters: req.body })
259
260 if (areValidationErrors(req, res)) return
261
262 return next()
263 }
264 ]
265
266 // ---------------------------------------------------------------------------
267
268 export {
269 abuseListValidator,
270 abuseReportValidator,
271 abuseGetValidator,
272 abuseUpdateValidator,
273 videoAbuseReportValidator,
274 videoAbuseGetValidator,
275 videoAbuseUpdateValidator,
276 videoAbuseListValidator
277 }
ActivityPub-federated video streaming platform using P2P directly in your web browser