1 import * as express from 'express'
2 import { body, param, query, ValidationChain } from 'express-validator'
3 import { logger } from '../../helpers/logger'
4 import { areValidationErrors } from './utils'
5 import { isNpmPluginNameValid, isPluginNameValid, isPluginTypeValid, isPluginVersionValid } from '../../helpers/custom-validators/plugins'
6 import { PluginManager } from '../../lib/plugins/plugin-manager'
7 import { isBooleanValid, isSafePath, toBooleanOrNull, exists, toIntOrNull } from '../../helpers/custom-validators/misc'
8 import { PluginModel } from '../../models/server/plugin'
9 import { InstallOrUpdatePlugin } from '../../../shared/models/plugins/install-plugin.model'
10 import { PluginType } from '../../../shared/models/plugins/plugin.type'
11 import { CONFIG } from '../../initializers/config'
13 const getPluginValidator = (pluginType: PluginType, withVersion = true) => {
14 const validators: (ValidationChain | express.Handler)[] = [
15 param('pluginName').custom(isPluginNameValid).withMessage('Should have a valid plugin name')
20 param('pluginVersion').custom(isPluginVersionValid).withMessage('Should have a valid plugin version')
24 return validators.concat([
25 (req: express.Request, res: express.Response, next: express.NextFunction) => {
26 logger.debug('Checking getPluginValidator parameters', { parameters: req.params })
28 if (areValidationErrors(req, res)) return
30 const npmName = PluginModel.buildNpmName(req.params.pluginName, pluginType)
31 const plugin = PluginManager.Instance.getRegisteredPluginOrTheme(npmName)
33 if (!plugin) return res.sendStatus(404)
34 if (withVersion && plugin.version !== req.params.pluginVersion) return res.sendStatus(404)
36 res.locals.registeredPlugin = plugin
43 const getExternalAuthValidator = [
44 param('authName').custom(exists).withMessage('Should have a valid auth name'),
46 (req: express.Request, res: express.Response, next: express.NextFunction) => {
47 logger.debug('Checking getExternalAuthValidator parameters', { parameters: req.params })
49 if (areValidationErrors(req, res)) return
51 const plugin = res.locals.registeredPlugin
52 if (!plugin.registerHelpersStore) return res.sendStatus(404)
54 const externalAuth = plugin.registerHelpersStore.getExternalAuths().find(a => a.authName === req.params.authName)
55 if (!externalAuth) return res.sendStatus(404)
57 res.locals.externalAuth = externalAuth
63 const pluginStaticDirectoryValidator = [
64 param('staticEndpoint').custom(isSafePath).withMessage('Should have a valid static endpoint'),
66 (req: express.Request, res: express.Response, next: express.NextFunction) => {
67 logger.debug('Checking pluginStaticDirectoryValidator parameters', { parameters: req.params })
69 if (areValidationErrors(req, res)) return
75 const listPluginsValidator = [
78 .customSanitizer(toIntOrNull)
79 .custom(isPluginTypeValid).withMessage('Should have a valid plugin type'),
82 .customSanitizer(toBooleanOrNull)
83 .custom(isBooleanValid).withMessage('Should have a valid uninstalled attribute'),
85 (req: express.Request, res: express.Response, next: express.NextFunction) => {
86 logger.debug('Checking listPluginsValidator parameters', { parameters: req.query })
88 if (areValidationErrors(req, res)) return
94 const installOrUpdatePluginValidator = [
97 .custom(isNpmPluginNameValid).withMessage('Should have a valid npm name'),
100 .custom(isSafePath).withMessage('Should have a valid safe path'),
102 (req: express.Request, res: express.Response, next: express.NextFunction) => {
103 logger.debug('Checking installOrUpdatePluginValidator parameters', { parameters: req.body })
105 if (areValidationErrors(req, res)) return
107 const body: InstallOrUpdatePlugin = req.body
108 if (!body.path && !body.npmName) {
109 return res.status(400)
110 .json({ error: 'Should have either a npmName or a path' })
118 const uninstallPluginValidator = [
119 body('npmName').custom(isNpmPluginNameValid).withMessage('Should have a valid npm name'),
121 (req: express.Request, res: express.Response, next: express.NextFunction) => {
122 logger.debug('Checking uninstallPluginValidator parameters', { parameters: req.body })
124 if (areValidationErrors(req, res)) return
130 const existingPluginValidator = [
131 param('npmName').custom(isNpmPluginNameValid).withMessage('Should have a valid plugin name'),
133 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
134 logger.debug('Checking enabledPluginValidator parameters', { parameters: req.params })
136 if (areValidationErrors(req, res)) return
138 const plugin = await PluginModel.loadByNpmName(req.params.npmName)
140 return res.status(404)
141 .json({ error: 'Plugin not found' })
145 res.locals.plugin = plugin
151 const updatePluginSettingsValidator = [
152 body('settings').exists().withMessage('Should have settings'),
154 (req: express.Request, res: express.Response, next: express.NextFunction) => {
155 logger.debug('Checking enabledPluginValidator parameters', { parameters: req.body })
157 if (areValidationErrors(req, res)) return
163 const listAvailablePluginsValidator = [
166 .exists().withMessage('Should have a valid search'),
169 .customSanitizer(toIntOrNull)
170 .custom(isPluginTypeValid).withMessage('Should have a valid plugin type'),
171 query('currentPeerTubeEngine')
173 .custom(isPluginVersionValid).withMessage('Should have a valid current peertube engine'),
175 (req: express.Request, res: express.Response, next: express.NextFunction) => {
176 logger.debug('Checking enabledPluginValidator parameters', { parameters: req.query })
178 if (areValidationErrors(req, res)) return
180 if (CONFIG.PLUGINS.INDEX.ENABLED === false) {
181 return res.status(400)
182 .json({ error: 'Plugin index is not enabled' })
190 // ---------------------------------------------------------------------------
193 pluginStaticDirectoryValidator,
195 updatePluginSettingsValidator,
196 uninstallPluginValidator,
197 listAvailablePluginsValidator,
198 existingPluginValidator,
199 installOrUpdatePluginValidator,
200 listPluginsValidator,
201 getExternalAuthValidator