1 import express from 'express'
2 import { body, param, query } from 'express-validator'
3 import { areValidActorHandles } from '@server/helpers/custom-validators/activitypub/actor'
4 import { toArray } from '@server/helpers/custom-validators/misc'
5 import { getServerActor } from '@server/models/application/application'
6 import { HttpStatusCode } from '../../../shared/models/http/http-error-codes'
7 import { isEachUniqueHostValid, isHostValid } from '../../helpers/custom-validators/servers'
8 import { logger } from '../../helpers/logger'
9 import { WEBSERVER } from '../../initializers/constants'
10 import { AccountBlocklistModel } from '../../models/account/account-blocklist'
11 import { ServerModel } from '../../models/server/server'
12 import { ServerBlocklistModel } from '../../models/server/server-blocklist'
13 import { areValidationErrors, doesAccountNameWithHostExist } from './shared'
15 const blockAccountValidator = [
16 body('accountName').exists().withMessage('Should have an account name with host'),
18 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
19 logger.debug('Checking blockAccountByAccountValidator parameters', { parameters: req.body })
21 if (areValidationErrors(req, res)) return
22 if (!await doesAccountNameWithHostExist(req.body.accountName, res)) return
24 const user = res.locals.oauth.token.User
25 const accountToBlock = res.locals.account
27 if (user.Account.id === accountToBlock.id) {
29 status: HttpStatusCode.CONFLICT_409,
30 message: 'You cannot block yourself.'
39 const unblockAccountByAccountValidator = [
40 param('accountName').exists().withMessage('Should have an account name with host'),
42 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
43 logger.debug('Checking unblockAccountByAccountValidator parameters', { parameters: req.params })
45 if (areValidationErrors(req, res)) return
46 if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return
48 const user = res.locals.oauth.token.User
49 const targetAccount = res.locals.account
50 if (!await doesUnblockAccountExist(user.Account.id, targetAccount.id, res)) return
56 const unblockAccountByServerValidator = [
57 param('accountName').exists().withMessage('Should have an account name with host'),
59 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
60 logger.debug('Checking unblockAccountByServerValidator parameters', { parameters: req.params })
62 if (areValidationErrors(req, res)) return
63 if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return
65 const serverActor = await getServerActor()
66 const targetAccount = res.locals.account
67 if (!await doesUnblockAccountExist(serverActor.Account.id, targetAccount.id, res)) return
73 const blockServerValidator = [
74 body('host').custom(isHostValid).withMessage('Should have a valid host'),
76 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
77 logger.debug('Checking serverGetValidator parameters', { parameters: req.body })
79 if (areValidationErrors(req, res)) return
81 const host: string = req.body.host
83 if (host === WEBSERVER.HOST) {
85 status: HttpStatusCode.CONFLICT_409,
86 message: 'You cannot block your own server.'
90 const server = await ServerModel.loadOrCreateByHost(host)
92 res.locals.server = server
98 const unblockServerByAccountValidator = [
99 param('host').custom(isHostValid).withMessage('Should have an account name with host'),
101 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
102 logger.debug('Checking unblockServerByAccountValidator parameters', { parameters: req.params })
104 if (areValidationErrors(req, res)) return
106 const user = res.locals.oauth.token.User
107 if (!await doesUnblockServerExist(user.Account.id, req.params.host, res)) return
113 const unblockServerByServerValidator = [
114 param('host').custom(isHostValid).withMessage('Should have an account name with host'),
116 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
117 logger.debug('Checking unblockServerByServerValidator parameters', { parameters: req.params })
119 if (areValidationErrors(req, res)) return
121 const serverActor = await getServerActor()
122 if (!await doesUnblockServerExist(serverActor.Account.id, req.params.host, res)) return
128 const blocklistStatusValidator = [
131 .customSanitizer(toArray)
132 .custom(isEachUniqueHostValid).withMessage('Should have a valid hosts array'),
136 .customSanitizer(toArray)
137 .custom(areValidActorHandles).withMessage('Should have a valid accounts array'),
139 (req: express.Request, res: express.Response, next: express.NextFunction) => {
140 logger.debug('Checking blocklistStatusValidator parameters', { query: req.query })
142 if (areValidationErrors(req, res)) return
148 // ---------------------------------------------------------------------------
151 blockServerValidator,
152 blockAccountValidator,
153 unblockAccountByAccountValidator,
154 unblockServerByAccountValidator,
155 unblockAccountByServerValidator,
156 unblockServerByServerValidator,
157 blocklistStatusValidator
160 // ---------------------------------------------------------------------------
162 async function doesUnblockAccountExist (accountId: number, targetAccountId: number, res: express.Response) {
163 const accountBlock = await AccountBlocklistModel.loadByAccountAndTarget(accountId, targetAccountId)
166 status: HttpStatusCode.NOT_FOUND_404,
167 message: 'Account block entry not found.'
172 res.locals.accountBlock = accountBlock
176 async function doesUnblockServerExist (accountId: number, host: string, res: express.Response) {
177 const serverBlock = await ServerBlocklistModel.loadByAccountAndHost(accountId, host)
180 status: HttpStatusCode.NOT_FOUND_404,
181 message: 'Server block entry not found.'
186 res.locals.serverBlock = serverBlock