]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/middlewares/validators/videos/video-channels.ts
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add banners support
[github/Chocobozzz/PeerTube.git] / server / middlewares / validators / videos / video-channels.ts
1 import * as express from 'express'
2 import { body, param, query } from 'express-validator'
3 import { VIDEO_CHANNELS } from '@server/initializers/constants'
4 import { MChannelAccountDefault, MUser } from '@server/types/models'
5 import { UserRight } from '../../../../shared'
6 import { isActorPreferredUsernameValid } from '../../../helpers/custom-validators/activitypub/actor'
7 import { isBooleanValid, toBooleanOrNull } from '../../../helpers/custom-validators/misc'
8 import {
9 isVideoChannelDescriptionValid,
10 isVideoChannelNameValid,
11 isVideoChannelSupportValid
12 } from '../../../helpers/custom-validators/video-channels'
13 import { logger } from '../../../helpers/logger'
14 import { doesLocalVideoChannelNameExist, doesVideoChannelNameWithHostExist } from '../../../helpers/middlewares'
15 import { ActorModel } from '../../../models/activitypub/actor'
16 import { VideoChannelModel } from '../../../models/video/video-channel'
17 import { areValidationErrors } from '../utils'
18 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
19
20 const videoChannelsAddValidator = [
21 body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'),
22 body('displayName').custom(isVideoChannelNameValid).withMessage('Should have a valid display name'),
23 body('description').optional().custom(isVideoChannelDescriptionValid).withMessage('Should have a valid description'),
24 body('support').optional().custom(isVideoChannelSupportValid).withMessage('Should have a valid support text'),
25
26 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
27 logger.debug('Checking videoChannelsAdd parameters', { parameters: req.body })
28
29 if (areValidationErrors(req, res)) return
30
31 const actor = await ActorModel.loadLocalByName(req.body.name)
32 if (actor) {
33 res.status(HttpStatusCode.CONFLICT_409)
34 .send({ error: 'Another actor (account/channel) with this name on this instance already exists or has already existed.' })
35 .end()
36 return false
37 }
38
39 const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id)
40 if (count >= VIDEO_CHANNELS.MAX_PER_USER) {
41 res.status(HttpStatusCode.BAD_REQUEST_400)
42 .send({ error: `You cannot create more than ${VIDEO_CHANNELS.MAX_PER_USER} channels` })
43 .end()
44 return false
45 }
46
47 return next()
48 }
49 ]
50
51 const videoChannelsUpdateValidator = [
52 param('nameWithHost').exists().withMessage('Should have an video channel name with host'),
53 body('displayName')
54 .optional()
55 .custom(isVideoChannelNameValid).withMessage('Should have a valid display name'),
56 body('description')
57 .optional()
58 .custom(isVideoChannelDescriptionValid).withMessage('Should have a valid description'),
59 body('support')
60 .optional()
61 .custom(isVideoChannelSupportValid).withMessage('Should have a valid support text'),
62 body('bulkVideosSupportUpdate')
63 .optional()
64 .custom(isBooleanValid).withMessage('Should have a valid bulkVideosSupportUpdate boolean field'),
65
66 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
67 logger.debug('Checking videoChannelsUpdate parameters', { parameters: req.body })
68
69 if (areValidationErrors(req, res)) return
70 if (!await doesVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
71
72 // We need to make additional checks
73 if (res.locals.videoChannel.Actor.isOwned() === false) {
74 return res.status(HttpStatusCode.FORBIDDEN_403)
75 .json({ error: 'Cannot update video channel of another server' })
76 }
77
78 if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) {
79 return res.status(HttpStatusCode.FORBIDDEN_403)
80 .json({ error: 'Cannot update video channel of another user' })
81 }
82
83 return next()
84 }
85 ]
86
87 const videoChannelsRemoveValidator = [
88 param('nameWithHost').exists().withMessage('Should have an video channel name with host'),
89
90 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
91 logger.debug('Checking videoChannelsRemove parameters', { parameters: req.params })
92
93 if (areValidationErrors(req, res)) return
94 if (!await doesVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
95
96 if (!checkUserCanDeleteVideoChannel(res.locals.oauth.token.User, res.locals.videoChannel, res)) return
97 if (!await checkVideoChannelIsNotTheLastOne(res)) return
98
99 return next()
100 }
101 ]
102
103 const videoChannelsNameWithHostValidator = [
104 param('nameWithHost').exists().withMessage('Should have an video channel name with host'),
105
106 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
107 logger.debug('Checking videoChannelsNameWithHostValidator parameters', { parameters: req.params })
108
109 if (areValidationErrors(req, res)) return
110
111 if (!await doesVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
112
113 return next()
114 }
115 ]
116
117 const localVideoChannelValidator = [
118 param('name').custom(isVideoChannelNameValid).withMessage('Should have a valid video channel name'),
119
120 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
121 logger.debug('Checking localVideoChannelValidator parameters', { parameters: req.params })
122
123 if (areValidationErrors(req, res)) return
124 if (!await doesLocalVideoChannelNameExist(req.params.name, res)) return
125
126 return next()
127 }
128 ]
129
130 const videoChannelStatsValidator = [
131 query('withStats')
132 .optional()
133 .customSanitizer(toBooleanOrNull)
134 .custom(isBooleanValid).withMessage('Should have a valid stats flag'),
135
136 (req: express.Request, res: express.Response, next: express.NextFunction) => {
137 if (areValidationErrors(req, res)) return
138 return next()
139 }
140 ]
141
142 // ---------------------------------------------------------------------------
143
144 export {
145 videoChannelsAddValidator,
146 videoChannelsUpdateValidator,
147 videoChannelsRemoveValidator,
148 videoChannelsNameWithHostValidator,
149 localVideoChannelValidator,
150 videoChannelStatsValidator
151 }
152
153 // ---------------------------------------------------------------------------
154
155 function checkUserCanDeleteVideoChannel (user: MUser, videoChannel: MChannelAccountDefault, res: express.Response) {
156 if (videoChannel.Actor.isOwned() === false) {
157 res.status(HttpStatusCode.FORBIDDEN_403)
158 .json({ error: 'Cannot remove video channel of another server.' })
159 .end()
160
161 return false
162 }
163
164 // Check if the user can delete the video channel
165 // The user can delete it if s/he is an admin
166 // Or if s/he is the video channel's account
167 if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && videoChannel.Account.userId !== user.id) {
168 res.status(HttpStatusCode.FORBIDDEN_403)
169 .json({ error: 'Cannot remove video channel of another user' })
170 .end()
171
172 return false
173 }
174
175 return true
176 }
177
178 async function checkVideoChannelIsNotTheLastOne (res: express.Response) {
179 const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id)
180
181 if (count <= 1) {
182 res.status(HttpStatusCode.CONFLICT_409)
183 .json({ error: 'Cannot remove the last channel of this user' })
184 .end()
185
186 return false
187 }
188
189 return true
190 }
ActivityPub-federated video streaming platform using P2P directly in your web browser