1 import * as express from 'express'
2 import { body, param, query, ValidationChain } from 'express-validator'
3 import { logger } from '../../helpers/logger'
4 import { areValidationErrors } from './utils'
5 import { isNpmPluginNameValid, isPluginNameValid, isPluginTypeValid, isPluginVersionValid } from '../../helpers/custom-validators/plugins'
6 import { PluginManager } from '../../lib/plugins/plugin-manager'
7 import { isBooleanValid, isSafePath, toBooleanOrNull, exists, toIntOrNull } from '../../helpers/custom-validators/misc'
8 import { PluginModel } from '../../models/server/plugin'
9 import { InstallOrUpdatePlugin } from '../../../shared/models/plugins/install-plugin.model'
10 import { PluginType } from '../../../shared/models/plugins/plugin.type'
11 import { CONFIG } from '../../initializers/config'
12 import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
14 const getPluginValidator = (pluginType: PluginType, withVersion = true) => {
15 const validators: (ValidationChain | express.Handler)[] = [
16 param('pluginName').custom(isPluginNameValid).withMessage('Should have a valid plugin name')
21 param('pluginVersion').custom(isPluginVersionValid).withMessage('Should have a valid plugin version')
25 return validators.concat([
26 (req: express.Request, res: express.Response, next: express.NextFunction) => {
27 logger.debug('Checking getPluginValidator parameters', { parameters: req.params })
29 if (areValidationErrors(req, res)) return
31 const npmName = PluginModel.buildNpmName(req.params.pluginName, pluginType)
32 const plugin = PluginManager.Instance.getRegisteredPluginOrTheme(npmName)
34 if (!plugin) return res.sendStatus(HttpStatusCode.NOT_FOUND_404)
35 if (withVersion && plugin.version !== req.params.pluginVersion) return res.sendStatus(HttpStatusCode.NOT_FOUND_404)
37 res.locals.registeredPlugin = plugin
44 const getExternalAuthValidator = [
45 param('authName').custom(exists).withMessage('Should have a valid auth name'),
47 (req: express.Request, res: express.Response, next: express.NextFunction) => {
48 logger.debug('Checking getExternalAuthValidator parameters', { parameters: req.params })
50 if (areValidationErrors(req, res)) return
52 const plugin = res.locals.registeredPlugin
53 if (!plugin.registerHelpers) return res.sendStatus(HttpStatusCode.NOT_FOUND_404)
55 const externalAuth = plugin.registerHelpers.getExternalAuths().find(a => a.authName === req.params.authName)
56 if (!externalAuth) return res.sendStatus(HttpStatusCode.NOT_FOUND_404)
58 res.locals.externalAuth = externalAuth
64 const pluginStaticDirectoryValidator = [
65 param('staticEndpoint').custom(isSafePath).withMessage('Should have a valid static endpoint'),
67 (req: express.Request, res: express.Response, next: express.NextFunction) => {
68 logger.debug('Checking pluginStaticDirectoryValidator parameters', { parameters: req.params })
70 if (areValidationErrors(req, res)) return
76 const listPluginsValidator = [
79 .customSanitizer(toIntOrNull)
80 .custom(isPluginTypeValid).withMessage('Should have a valid plugin type'),
83 .customSanitizer(toBooleanOrNull)
84 .custom(isBooleanValid).withMessage('Should have a valid uninstalled attribute'),
86 (req: express.Request, res: express.Response, next: express.NextFunction) => {
87 logger.debug('Checking listPluginsValidator parameters', { parameters: req.query })
89 if (areValidationErrors(req, res)) return
95 const installOrUpdatePluginValidator = [
98 .custom(isNpmPluginNameValid).withMessage('Should have a valid npm name'),
101 .custom(isSafePath).withMessage('Should have a valid safe path'),
103 (req: express.Request, res: express.Response, next: express.NextFunction) => {
104 logger.debug('Checking installOrUpdatePluginValidator parameters', { parameters: req.body })
106 if (areValidationErrors(req, res)) return
108 const body: InstallOrUpdatePlugin = req.body
109 if (!body.path && !body.npmName) {
110 return res.status(HttpStatusCode.BAD_REQUEST_400)
111 .json({ error: 'Should have either a npmName or a path' })
119 const uninstallPluginValidator = [
120 body('npmName').custom(isNpmPluginNameValid).withMessage('Should have a valid npm name'),
122 (req: express.Request, res: express.Response, next: express.NextFunction) => {
123 logger.debug('Checking uninstallPluginValidator parameters', { parameters: req.body })
125 if (areValidationErrors(req, res)) return
131 const existingPluginValidator = [
132 param('npmName').custom(isNpmPluginNameValid).withMessage('Should have a valid plugin name'),
134 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
135 logger.debug('Checking enabledPluginValidator parameters', { parameters: req.params })
137 if (areValidationErrors(req, res)) return
139 const plugin = await PluginModel.loadByNpmName(req.params.npmName)
141 return res.status(HttpStatusCode.NOT_FOUND_404)
142 .json({ error: 'Plugin not found' })
146 res.locals.plugin = plugin
152 const updatePluginSettingsValidator = [
153 body('settings').exists().withMessage('Should have settings'),
155 (req: express.Request, res: express.Response, next: express.NextFunction) => {
156 logger.debug('Checking enabledPluginValidator parameters', { parameters: req.body })
158 if (areValidationErrors(req, res)) return
164 const listAvailablePluginsValidator = [
167 .exists().withMessage('Should have a valid search'),
170 .customSanitizer(toIntOrNull)
171 .custom(isPluginTypeValid).withMessage('Should have a valid plugin type'),
172 query('currentPeerTubeEngine')
174 .custom(isPluginVersionValid).withMessage('Should have a valid current peertube engine'),
176 (req: express.Request, res: express.Response, next: express.NextFunction) => {
177 logger.debug('Checking enabledPluginValidator parameters', { parameters: req.query })
179 if (areValidationErrors(req, res)) return
181 if (CONFIG.PLUGINS.INDEX.ENABLED === false) {
182 return res.status(HttpStatusCode.BAD_REQUEST_400)
183 .json({ error: 'Plugin index is not enabled' })
191 // ---------------------------------------------------------------------------
194 pluginStaticDirectoryValidator,
196 updatePluginSettingsValidator,
197 uninstallPluginValidator,
198 listAvailablePluginsValidator,
199 existingPluginValidator,
200 installOrUpdatePluginValidator,
201 listPluginsValidator,
202 getExternalAuthValidator