1 import * as express from 'express'
2 import { body, param, query } from 'express-validator'
3 import { VIDEO_CHANNELS } from '@server/initializers/constants'
4 import { MChannelAccountDefault, MUser } from '@server/types/models'
5 import { UserRight } from '../../../../shared'
6 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
7 import { isActorPreferredUsernameValid } from '../../../helpers/custom-validators/activitypub/actor'
8 import { isBooleanValid, toBooleanOrNull } from '../../../helpers/custom-validators/misc'
10 isVideoChannelDescriptionValid,
11 isVideoChannelNameValid,
12 isVideoChannelSupportValid
13 } from '../../../helpers/custom-validators/video-channels'
14 import { logger } from '../../../helpers/logger'
15 import { doesLocalVideoChannelNameExist, doesVideoChannelNameWithHostExist } from '../../../helpers/middlewares'
16 import { ActorModel } from '../../../models/actor/actor'
17 import { VideoChannelModel } from '../../../models/video/video-channel'
18 import { areValidationErrors } from '../utils'
20 const videoChannelsAddValidator = [
21 body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'),
22 body('displayName').custom(isVideoChannelNameValid).withMessage('Should have a valid display name'),
23 body('description').optional().custom(isVideoChannelDescriptionValid).withMessage('Should have a valid description'),
24 body('support').optional().custom(isVideoChannelSupportValid).withMessage('Should have a valid support text'),
26 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
27 logger.debug('Checking videoChannelsAdd parameters', { parameters: req.body })
29 if (areValidationErrors(req, res)) return
31 const actor = await ActorModel.loadLocalByName(req.body.name)
34 status: HttpStatusCode.CONFLICT_409,
35 message: 'Another actor (account/channel) with this name on this instance already exists or has already existed.'
40 const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id)
41 if (count >= VIDEO_CHANNELS.MAX_PER_USER) {
42 res.fail({ message: `You cannot create more than ${VIDEO_CHANNELS.MAX_PER_USER} channels` })
50 const videoChannelsUpdateValidator = [
51 param('nameWithHost').exists().withMessage('Should have an video channel name with host'),
54 .custom(isVideoChannelNameValid).withMessage('Should have a valid display name'),
57 .custom(isVideoChannelDescriptionValid).withMessage('Should have a valid description'),
60 .custom(isVideoChannelSupportValid).withMessage('Should have a valid support text'),
61 body('bulkVideosSupportUpdate')
63 .custom(isBooleanValid).withMessage('Should have a valid bulkVideosSupportUpdate boolean field'),
65 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
66 logger.debug('Checking videoChannelsUpdate parameters', { parameters: req.body })
68 if (areValidationErrors(req, res)) return
69 if (!await doesVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
71 // We need to make additional checks
72 if (res.locals.videoChannel.Actor.isOwned() === false) {
74 status: HttpStatusCode.FORBIDDEN_403,
75 message: 'Cannot update video channel of another server'
79 if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) {
81 status: HttpStatusCode.FORBIDDEN_403,
82 message: 'Cannot update video channel of another user'
90 const videoChannelsRemoveValidator = [
91 param('nameWithHost').exists().withMessage('Should have an video channel name with host'),
93 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
94 logger.debug('Checking videoChannelsRemove parameters', { parameters: req.params })
96 if (areValidationErrors(req, res)) return
97 if (!await doesVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
99 if (!checkUserCanDeleteVideoChannel(res.locals.oauth.token.User, res.locals.videoChannel, res)) return
100 if (!await checkVideoChannelIsNotTheLastOne(res)) return
106 const videoChannelsNameWithHostValidator = [
107 param('nameWithHost').exists().withMessage('Should have an video channel name with host'),
109 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
110 logger.debug('Checking videoChannelsNameWithHostValidator parameters', { parameters: req.params })
112 if (areValidationErrors(req, res)) return
114 if (!await doesVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
120 const localVideoChannelValidator = [
121 param('name').custom(isVideoChannelNameValid).withMessage('Should have a valid video channel name'),
123 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
124 logger.debug('Checking localVideoChannelValidator parameters', { parameters: req.params })
126 if (areValidationErrors(req, res)) return
127 if (!await doesLocalVideoChannelNameExist(req.params.name, res)) return
133 const videoChannelStatsValidator = [
136 .customSanitizer(toBooleanOrNull)
137 .custom(isBooleanValid).withMessage('Should have a valid stats flag'),
139 (req: express.Request, res: express.Response, next: express.NextFunction) => {
140 if (areValidationErrors(req, res)) return
145 // ---------------------------------------------------------------------------
148 videoChannelsAddValidator,
149 videoChannelsUpdateValidator,
150 videoChannelsRemoveValidator,
151 videoChannelsNameWithHostValidator,
152 localVideoChannelValidator,
153 videoChannelStatsValidator
156 // ---------------------------------------------------------------------------
158 function checkUserCanDeleteVideoChannel (user: MUser, videoChannel: MChannelAccountDefault, res: express.Response) {
159 if (videoChannel.Actor.isOwned() === false) {
161 status: HttpStatusCode.FORBIDDEN_403,
162 message: 'Cannot remove video channel of another server.'
167 // Check if the user can delete the video channel
168 // The user can delete it if s/he is an admin
169 // Or if s/he is the video channel's account
170 if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && videoChannel.Account.userId !== user.id) {
172 status: HttpStatusCode.FORBIDDEN_403,
173 message: 'Cannot remove video channel of another user'
181 async function checkVideoChannelIsNotTheLastOne (res: express.Response) {
182 const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id)
186 status: HttpStatusCode.CONFLICT_409,
187 message: 'Cannot remove the last channel of this user'