1 import express from 'express'
2 import { body, param } from 'express-validator'
3 import { isValid as isIPValid, parse as parseIP } from 'ipaddr.js'
4 import { isPreImportVideoAccepted } from '@server/lib/moderation'
5 import { Hooks } from '@server/lib/plugins/hooks'
6 import { MUserAccountId, MVideoImport } from '@server/types/models'
7 import { HttpStatusCode, UserRight, VideoImportState } from '@shared/models'
8 import { VideoImportCreate } from '@shared/models/videos/import/video-import-create.model'
9 import { isIdValid, toIntOrNull } from '../../../helpers/custom-validators/misc'
10 import { isVideoImportTargetUrlValid, isVideoImportTorrentFile } from '../../../helpers/custom-validators/video-imports'
11 import { isVideoMagnetUriValid, isVideoNameValid } from '../../../helpers/custom-validators/videos'
12 import { cleanUpReqFiles } from '../../../helpers/express-utils'
13 import { logger } from '../../../helpers/logger'
14 import { CONFIG } from '../../../initializers/config'
15 import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
16 import { areValidationErrors, doesVideoChannelOfAccountExist, doesVideoImportExist } from '../shared'
17 import { getCommonVideoEditAttributes } from './videos'
19 const videoImportAddValidator = getCommonVideoEditAttributes().concat([
21 .customSanitizer(toIntOrNull)
22 .custom(isIdValid).withMessage('Should have correct video channel id'),
25 .custom(isVideoImportTargetUrlValid).withMessage('Should have a valid video import target URL'),
28 .custom(isVideoMagnetUriValid).withMessage('Should have a valid video magnet URI'),
30 .custom((value, { req }) => isVideoImportTorrentFile(req.files))
32 'This torrent file is not supported or too large. Please, make sure it is of the following type: ' +
33 CONSTRAINTS_FIELDS.VIDEO_IMPORTS.TORRENT_FILE.EXTNAME.join(', ')
37 .custom(isVideoNameValid).withMessage(
38 `Should have a video name between ${CONSTRAINTS_FIELDS.VIDEOS.NAME.min} and ${CONSTRAINTS_FIELDS.VIDEOS.NAME.max} characters long`
41 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
42 logger.debug('Checking videoImportAddValidator parameters', { parameters: req.body })
44 const user = res.locals.oauth.token.User
45 const torrentFile = req.files?.['torrentfile'] ? req.files['torrentfile'][0] : undefined
47 if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
49 if (CONFIG.IMPORT.VIDEOS.HTTP.ENABLED !== true && req.body.targetUrl) {
53 status: HttpStatusCode.CONFLICT_409,
54 message: 'HTTP import is not enabled on this instance.'
58 if (CONFIG.IMPORT.VIDEOS.TORRENT.ENABLED !== true && (req.body.magnetUri || torrentFile)) {
62 status: HttpStatusCode.CONFLICT_409,
63 message: 'Torrent/magnet URI import is not enabled on this instance.'
67 if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
69 // Check we have at least 1 required param
70 if (!req.body.targetUrl && !req.body.magnetUri && !torrentFile) {
73 return res.fail({ message: 'Should have a magnetUri or a targetUrl or a torrent file.' })
76 if (req.body.targetUrl) {
77 const hostname = new URL(req.body.targetUrl).hostname
79 if (isIPValid(hostname)) {
80 const parsed = parseIP(hostname)
82 if (parsed.range() !== 'unicast') {
86 status: HttpStatusCode.FORBIDDEN_403,
87 message: 'Cannot use non unicast IP as targetUrl.'
93 if (!await isImportAccepted(req, res)) return cleanUpReqFiles(req)
99 const videoImportDeleteValidator = [
101 .custom(isIdValid).withMessage('Should have correct import id'),
103 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
104 logger.debug('Checking videoImportDeleteValidator parameters', { parameters: req.params })
106 if (areValidationErrors(req, res)) return
108 if (!await doesVideoImportExist(parseInt(req.params.id), res)) return
109 if (!checkUserCanManageImport(res.locals.oauth.token.user, res.locals.videoImport, res)) return
111 if (res.locals.videoImport.state === VideoImportState.PENDING) {
113 status: HttpStatusCode.CONFLICT_409,
114 message: 'Cannot delete a pending video import. Cancel it or wait for the end of the import first.'
122 const videoImportCancelValidator = [
124 .custom(isIdValid).withMessage('Should have correct import id'),
126 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
127 logger.debug('Checking videoImportCancelValidator parameters', { parameters: req.params })
129 if (areValidationErrors(req, res)) return
131 if (!await doesVideoImportExist(parseInt(req.params.id), res)) return
132 if (!checkUserCanManageImport(res.locals.oauth.token.user, res.locals.videoImport, res)) return
134 if (res.locals.videoImport.state !== VideoImportState.PENDING) {
136 status: HttpStatusCode.CONFLICT_409,
137 message: 'Cannot cancel a non pending video import.'
145 // ---------------------------------------------------------------------------
148 videoImportAddValidator,
149 videoImportCancelValidator,
150 videoImportDeleteValidator
153 // ---------------------------------------------------------------------------
155 async function isImportAccepted (req: express.Request, res: express.Response) {
156 const body: VideoImportCreate = req.body
157 const hookName = body.targetUrl
158 ? 'filter:api.video.pre-import-url.accept.result'
159 : 'filter:api.video.pre-import-torrent.accept.result'
161 // Check we accept this video
162 const acceptParameters = {
163 videoImportBody: body,
164 user: res.locals.oauth.token.User
166 const acceptedResult = await Hooks.wrapFun(
167 isPreImportVideoAccepted,
172 if (!acceptedResult || acceptedResult.accepted !== true) {
173 logger.info('Refused to import video.', { acceptedResult, acceptParameters })
176 status: HttpStatusCode.FORBIDDEN_403,
177 message: acceptedResult.errorMessage || 'Refused to import video'
185 function checkUserCanManageImport (user: MUserAccountId, videoImport: MVideoImport, res: express.Response) {
186 if (user.hasRight(UserRight.MANAGE_VIDEO_IMPORTS) === false && videoImport.userId !== user.id) {
188 status: HttpStatusCode.FORBIDDEN_403,
189 message: 'Cannot manage video import of another user'