server/middlewares/validators/videos/videos.ts

   1 import express from 'express'
   2 import { body, header, param, query, ValidationChain } from 'express-validator'
   3 import { isTestInstance } from '@server/helpers/core-utils'
   4 import { getResumableUploadPath } from '@server/helpers/upload'
   5 import { Redis } from '@server/lib/redis'
   6 import { isAbleToUploadVideo } from '@server/lib/user'
   7 import { getServerActor } from '@server/models/application/application'
   8 import { ExpressPromiseHandler } from '@server/types/express'
   9 import { MUserAccountId, MVideoFullLight } from '@server/types/models'
  10 import { getAllPrivacies } from '@shared/core-utils'
  11 import { HttpStatusCode, ServerErrorCode, UserRight, VideoInclude, VideoPrivacy } from '@shared/models'
  12 import {
  13   exists,
  14   isBooleanValid,
  15   isDateValid,
  16   isFileFieldValid,
  17   isIdValid,
  18   isUUIDValid,
  19   toArray,
  20   toBooleanOrNull,
  21   toIntOrNull,
  22   toValueOrNull
  23 } from '../../../helpers/custom-validators/misc'
  24 import { isBooleanBothQueryValid, isNumberArray, isStringArray } from '../../../helpers/custom-validators/search'
  25 import {
  26   isScheduleVideoUpdatePrivacyValid,
  27   isVideoCategoryValid,
  28   isVideoDescriptionValid,
  29   isVideoFileMimeTypeValid,
  30   isVideoFileSizeValid,
  31   isVideoFilterValid,
  32   isVideoImage,
  33   isVideoIncludeValid,
  34   isVideoLanguageValid,
  35   isVideoLicenceValid,
  36   isVideoNameValid,
  37   isVideoOriginallyPublishedAtValid,
  38   isVideoPrivacyValid,
  39   isVideoSupportValid,
  40   isVideoTagsValid
  41 } from '../../../helpers/custom-validators/videos'
  42 import { cleanUpReqFiles } from '../../../helpers/express-utils'
  43 import { getDurationFromVideoFile } from '../../../helpers/ffprobe-utils'
  44 import { logger } from '../../../helpers/logger'
  45 import { deleteFileAndCatch } from '../../../helpers/utils'
  46 import { getVideoWithAttributes } from '../../../helpers/video'
  47 import { CONFIG } from '../../../initializers/config'
  48 import { CONSTRAINTS_FIELDS, OVERVIEWS } from '../../../initializers/constants'
  49 import { isLocalVideoAccepted } from '../../../lib/moderation'
  50 import { Hooks } from '../../../lib/plugins/hooks'
  51 import { VideoModel } from '../../../models/video/video'
  52 import { authenticatePromiseIfNeeded } from '../../auth'
  53 import {
  54   areValidationErrors,
  55   checkUserCanManageVideo,
  56   doesVideoChannelOfAccountExist,
  57   doesVideoExist,
  58   doesVideoFileOfVideoExist,
  59   isValidVideoIdParam
  60 } from '../shared'
  61
  62 const videosAddLegacyValidator = getCommonVideoEditAttributes().concat([
  63   body('videofile')
  64     .custom((value, { req }) => isFileFieldValid(req.files, 'videofile'))
  65     .withMessage('Should have a file'),
  66   body('name')
  67     .trim()
  68     .custom(isVideoNameValid).withMessage(
  69       `Should have a video name between ${CONSTRAINTS_FIELDS.VIDEOS.NAME.min} and ${CONSTRAINTS_FIELDS.VIDEOS.NAME.max} characters long`
  70     ),
  71   body('channelId')
  72     .customSanitizer(toIntOrNull)
  73     .custom(isIdValid).withMessage('Should have correct video channel id'),
  74
  75   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
  76     logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files })
  77
  78     if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
  79
  80     const videoFile: express.VideoUploadFile = req.files['videofile'][0]
  81     const user = res.locals.oauth.token.User
  82
  83     if (!await commonVideoChecksPass({ req, res, user, videoFileSize: videoFile.size, files: req.files })) {
  84       return cleanUpReqFiles(req)
  85     }
  86
  87     try {
  88       if (!videoFile.duration) await addDurationToVideo(videoFile)
  89     } catch (err) {
  90       logger.error('Invalid input file in videosAddLegacyValidator.', { err })
  91
  92       res.fail({
  93         status: HttpStatusCode.UNPROCESSABLE_ENTITY_422,
  94         message: 'Video file unreadable.'
  95       })
  96       return cleanUpReqFiles(req)
  97     }
  98
  99     if (!await isVideoAccepted(req, res, videoFile)) return cleanUpReqFiles(req)
 100
 101     return next()
 102   }
 103 ])
 104
 105 const videosResumableUploadIdValidator = [
 106   (req: express.Request, res: express.Response, next: express.NextFunction) => {
 107     const user = res.locals.oauth.token.User
 108     const uploadId = req.query.upload_id
 109
 110     if (uploadId.startsWith(user.id + '-') !== true) {
 111       return res.fail({
 112         status: HttpStatusCode.FORBIDDEN_403,
 113         message: 'You cannot send chunks in another user upload'
 114       })
 115     }
 116
 117     return next()
 118   }
 119 ]
 120
 121 /**
 122  * Gets called after the last PUT request
 123  */
 124 const videosAddResumableValidator = [
 125   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
 126     const user = res.locals.oauth.token.User
 127     const body: express.CustomUploadXFile<express.UploadXFileMetadata> = req.body
 128     const file = { ...body, duration: undefined, path: getResumableUploadPath(body.name), filename: body.metadata.filename }
 129     const cleanup = () => deleteFileAndCatch(file.path)
 130
 131     const uploadId = req.query.upload_id
 132     const sessionExists = await Redis.Instance.doesUploadSessionExist(uploadId)
 133
 134     if (sessionExists) {
 135       const sessionResponse = await Redis.Instance.getUploadSession(uploadId)
 136
 137       if (!sessionResponse) {
 138         res.setHeader('Retry-After', 300) // ask to retry after 5 min, knowing the upload_id is kept for up to 15 min after completion
 139
 140         return res.fail({
 141           status: HttpStatusCode.SERVICE_UNAVAILABLE_503,
 142           message: 'The upload is already being processed'
 143         })
 144       }
 145
 146       if (isTestInstance()) {
 147         res.setHeader('x-resumable-upload-cached', 'true')
 148       }
 149
 150       return res.json(sessionResponse)
 151     }
 152
 153     await Redis.Instance.setUploadSession(uploadId)
 154
 155     if (!await doesVideoChannelOfAccountExist(file.metadata.channelId, user, res)) return cleanup()
 156
 157     try {
 158       if (!file.duration) await addDurationToVideo(file)
 159     } catch (err) {
 160       logger.error('Invalid input file in videosAddResumableValidator.', { err })
 161
 162       res.fail({
 163         status: HttpStatusCode.UNPROCESSABLE_ENTITY_422,
 164         message: 'Video file unreadable.'
 165       })
 166       return cleanup()
 167     }
 168
 169     if (!await isVideoAccepted(req, res, file)) return cleanup()
 170
 171     res.locals.videoFileResumable = file
 172
 173     return next()
 174   }
 175 ]
 176
 177 /**
 178  * File is created in POST initialisation, and its body is saved as a 'metadata' field is saved by uploadx for later use.
 179  * see https://github.com/kukhariev/node-uploadx/blob/dc9fb4a8ac5a6f481902588e93062f591ec6ef03/packages/core/src/handlers/uploadx.ts
 180  *
 181  * Uploadx doesn't use next() until the upload completes, so this middleware has to be placed before uploadx
 182  * see https://github.com/kukhariev/node-uploadx/blob/dc9fb4a8ac5a6f481902588e93062f591ec6ef03/packages/core/src/handlers/base-handler.ts
 183  *
 184  */
 185 const videosAddResumableInitValidator = getCommonVideoEditAttributes().concat([
 186   body('filename')
 187     .isString()
 188     .exists()
 189     .withMessage('Should have a valid filename'),
 190   body('name')
 191     .trim()
 192     .custom(isVideoNameValid).withMessage(
 193       `Should have a video name between ${CONSTRAINTS_FIELDS.VIDEOS.NAME.min} and ${CONSTRAINTS_FIELDS.VIDEOS.NAME.max} characters long`
 194     ),
 195   body('channelId')
 196     .customSanitizer(toIntOrNull)
 197     .custom(isIdValid).withMessage('Should have correct video channel id'),
 198
 199   header('x-upload-content-length')
 200     .isNumeric()
 201     .exists()
 202     .withMessage('Should specify the file length'),
 203   header('x-upload-content-type')
 204     .isString()
 205     .exists()
 206     .withMessage('Should specify the file mimetype'),
 207
 208   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
 209     const videoFileMetadata = {
 210       mimetype: req.headers['x-upload-content-type'] as string,
 211       size: +req.headers['x-upload-content-length'],
 212       originalname: req.body.filename
 213     }
 214
 215     const user = res.locals.oauth.token.User
 216     const cleanup = () => cleanUpReqFiles(req)
 217
 218     logger.debug('Checking videosAddResumableInitValidator parameters and headers', {
 219       parameters: req.body,
 220       headers: req.headers,
 221       files: req.files
 222     })
 223
 224     if (areValidationErrors(req, res)) return cleanup()
 225
 226     const files = { videofile: [ videoFileMetadata ] }
 227     if (!await commonVideoChecksPass({ req, res, user, videoFileSize: videoFileMetadata.size, files })) return cleanup()
 228
 229     // multer required unsetting the Content-Type, now we can set it for node-uploadx
 230     req.headers['content-type'] = 'application/json; charset=utf-8'
 231     // place previewfile in metadata so that uploadx saves it in .META
 232     if (req.files?.['previewfile']) req.body.previewfile = req.files['previewfile']
 233
 234     return next()
 235   }
 236 ])
 237
 238 const videosUpdateValidator = getCommonVideoEditAttributes().concat([
 239   isValidVideoIdParam('id'),
 240
 241   body('name')
 242     .optional()
 243     .trim()
 244     .custom(isVideoNameValid).withMessage(
 245       `Should have a video name between ${CONSTRAINTS_FIELDS.VIDEOS.NAME.min} and ${CONSTRAINTS_FIELDS.VIDEOS.NAME.max} characters long`
 246     ),
 247   body('channelId')
 248     .optional()
 249     .customSanitizer(toIntOrNull)
 250     .custom(isIdValid).withMessage('Should have correct video channel id'),
 251
 252   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
 253     logger.debug('Checking videosUpdate parameters', { parameters: req.body })
 254
 255     if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
 256     if (areErrorsInScheduleUpdate(req, res)) return cleanUpReqFiles(req)
 257     if (!await doesVideoExist(req.params.id, res)) return cleanUpReqFiles(req)
 258
 259     // Check if the user who did the request is able to update the video
 260     const user = res.locals.oauth.token.User
 261     if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.UPDATE_ANY_VIDEO, res)) return cleanUpReqFiles(req)
 262
 263     if (req.body.channelId && !await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
 264
 265     return next()
 266   }
 267 ])
 268
 269 async function checkVideoFollowConstraints (req: express.Request, res: express.Response, next: express.NextFunction) {
 270   const video = getVideoWithAttributes(res)
 271
 272   // Anybody can watch local videos
 273   if (video.isOwned() === true) return next()
 274
 275   // Logged user
 276   if (res.locals.oauth) {
 277     // Users can search or watch remote videos
 278     if (CONFIG.SEARCH.REMOTE_URI.USERS === true) return next()
 279   }
 280
 281   // Anybody can search or watch remote videos
 282   if (CONFIG.SEARCH.REMOTE_URI.ANONYMOUS === true) return next()
 283
 284   // Check our instance follows an actor that shared this video
 285   const serverActor = await getServerActor()
 286   if (await VideoModel.checkVideoHasInstanceFollow(video.id, serverActor.id) === true) return next()
 287
 288   return res.fail({
 289     status: HttpStatusCode.FORBIDDEN_403,
 290     message: 'Cannot get this video regarding follow constraints',
 291     type: ServerErrorCode.DOES_NOT_RESPECT_FOLLOW_CONSTRAINTS,
 292     data: {
 293       originUrl: video.url
 294     }
 295   })
 296 }
 297
 298 const videosCustomGetValidator = (
 299   fetchType: 'for-api' | 'all' | 'only-video' | 'only-immutable-attributes',
 300   authenticateInQuery = false
 301 ) => {
 302   return [
 303     isValidVideoIdParam('id'),
 304
 305     async (req: express.Request, res: express.Response, next: express.NextFunction) => {
 306       logger.debug('Checking videosGet parameters', { parameters: req.params })
 307
 308       if (areValidationErrors(req, res)) return
 309       if (!await doesVideoExist(req.params.id, res, fetchType)) return
 310
 311       // Controllers does not need to check video rights
 312       if (fetchType === 'only-immutable-attributes') return next()
 313
 314       const video = getVideoWithAttributes(res) as MVideoFullLight
 315
 316       // Video private or blacklisted
 317       if (video.requiresAuth()) {
 318         await authenticatePromiseIfNeeded(req, res, authenticateInQuery)
 319
 320         const user = res.locals.oauth ? res.locals.oauth.token.User : null
 321
 322         // Only the owner or a user that have blocklist rights can see the video
 323         if (!user || !user.canGetVideo(video)) {
 324           return res.fail({
 325             status: HttpStatusCode.FORBIDDEN_403,
 326             message: 'Cannot get this private/internal or blocklisted video'
 327           })
 328         }
 329
 330         return next()
 331       }
 332
 333       // Video is public, anyone can access it
 334       if (video.privacy === VideoPrivacy.PUBLIC) return next()
 335
 336       // Video is unlisted, check we used the uuid to fetch it
 337       if (video.privacy === VideoPrivacy.UNLISTED) {
 338         if (isUUIDValid(req.params.id)) return next()
 339
 340         // Don't leak this unlisted video
 341         return res.fail({
 342           status: HttpStatusCode.NOT_FOUND_404,
 343           message: 'Video not found'
 344         })
 345       }
 346     }
 347   ]
 348 }
 349
 350 const videosGetValidator = videosCustomGetValidator('all')
 351 const videosDownloadValidator = videosCustomGetValidator('all', true)
 352
 353 const videoFileMetadataGetValidator = getCommonVideoEditAttributes().concat([
 354   isValidVideoIdParam('id'),
 355
 356   param('videoFileId')
 357     .custom(isIdValid).not().isEmpty().withMessage('Should have a valid videoFileId'),
 358
 359   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
 360     logger.debug('Checking videoFileMetadataGet parameters', { parameters: req.params })
 361
 362     if (areValidationErrors(req, res)) return
 363     if (!await doesVideoFileOfVideoExist(+req.params.videoFileId, req.params.id, res)) return
 364
 365     return next()
 366   }
 367 ])
 368
 369 const videosRemoveValidator = [
 370   isValidVideoIdParam('id'),
 371
 372   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
 373     logger.debug('Checking videosRemove parameters', { parameters: req.params })
 374
 375     if (areValidationErrors(req, res)) return
 376     if (!await doesVideoExist(req.params.id, res)) return
 377
 378     // Check if the user who did the request is able to delete the video
 379     if (!checkUserCanManageVideo(res.locals.oauth.token.User, res.locals.videoAll, UserRight.REMOVE_ANY_VIDEO, res)) return
 380
 381     return next()
 382   }
 383 ]
 384
 385 const videosOverviewValidator = [
 386   query('page')
 387     .optional()
 388     .isInt({ min: 1, max: OVERVIEWS.VIDEOS.SAMPLES_COUNT })
 389     .withMessage('Should have a valid pagination'),
 390
 391   (req: express.Request, res: express.Response, next: express.NextFunction) => {
 392     if (areValidationErrors(req, res)) return
 393
 394     return next()
 395   }
 396 ]
 397
 398 function getCommonVideoEditAttributes () {
 399   return [
 400     body('thumbnailfile')
 401       .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage(
 402         'This thumbnail file is not supported or too large. Please, make sure it is of the following type: ' +
 403         CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ')
 404       ),
 405     body('previewfile')
 406       .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage(
 407         'This preview file is not supported or too large. Please, make sure it is of the following type: ' +
 408         CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ')
 409       ),
 410
 411     body('category')
 412       .optional()
 413       .customSanitizer(toIntOrNull)
 414       .custom(isVideoCategoryValid).withMessage('Should have a valid category'),
 415     body('licence')
 416       .optional()
 417       .customSanitizer(toIntOrNull)
 418       .custom(isVideoLicenceValid).withMessage('Should have a valid licence'),
 419     body('language')
 420       .optional()
 421       .customSanitizer(toValueOrNull)
 422       .custom(isVideoLanguageValid).withMessage('Should have a valid language'),
 423     body('nsfw')
 424       .optional()
 425       .customSanitizer(toBooleanOrNull)
 426       .custom(isBooleanValid).withMessage('Should have a valid NSFW attribute'),
 427     body('waitTranscoding')
 428       .optional()
 429       .customSanitizer(toBooleanOrNull)
 430       .custom(isBooleanValid).withMessage('Should have a valid wait transcoding attribute'),
 431     body('privacy')
 432       .optional()
 433       .customSanitizer(toValueOrNull)
 434       .custom(isVideoPrivacyValid).withMessage('Should have correct video privacy'),
 435     body('description')
 436       .optional()
 437       .customSanitizer(toValueOrNull)
 438       .custom(isVideoDescriptionValid).withMessage('Should have a valid description'),
 439     body('support')
 440       .optional()
 441       .customSanitizer(toValueOrNull)
 442       .custom(isVideoSupportValid).withMessage('Should have a valid support text'),
 443     body('tags')
 444       .optional()
 445       .customSanitizer(toValueOrNull)
 446       .custom(isVideoTagsValid)
 447       .withMessage(
 448         `Should have an array of up to ${CONSTRAINTS_FIELDS.VIDEOS.TAGS.max} tags between ` +
 449         `${CONSTRAINTS_FIELDS.VIDEOS.TAG.min} and ${CONSTRAINTS_FIELDS.VIDEOS.TAG.max} characters each`
 450       ),
 451     body('commentsEnabled')
 452       .optional()
 453       .customSanitizer(toBooleanOrNull)
 454       .custom(isBooleanValid).withMessage('Should have comments enabled boolean'),
 455     body('downloadEnabled')
 456       .optional()
 457       .customSanitizer(toBooleanOrNull)
 458       .custom(isBooleanValid).withMessage('Should have downloading enabled boolean'),
 459     body('originallyPublishedAt')
 460       .optional()
 461       .customSanitizer(toValueOrNull)
 462       .custom(isVideoOriginallyPublishedAtValid).withMessage('Should have a valid original publication date'),
 463     body('scheduleUpdate')
 464       .optional()
 465       .customSanitizer(toValueOrNull),
 466     body('scheduleUpdate.updateAt')
 467       .optional()
 468       .custom(isDateValid).withMessage('Should have a schedule update date that conforms to ISO 8601'),
 469     body('scheduleUpdate.privacy')
 470       .optional()
 471       .customSanitizer(toIntOrNull)
 472       .custom(isScheduleVideoUpdatePrivacyValid).withMessage('Should have correct schedule update privacy')
 473   ] as (ValidationChain | ExpressPromiseHandler)[]
 474 }
 475
 476 const commonVideosFiltersValidator = [
 477   query('categoryOneOf')
 478     .optional()
 479     .customSanitizer(toArray)
 480     .custom(isNumberArray).withMessage('Should have a valid one of category array'),
 481   query('licenceOneOf')
 482     .optional()
 483     .customSanitizer(toArray)
 484     .custom(isNumberArray).withMessage('Should have a valid one of licence array'),
 485   query('languageOneOf')
 486     .optional()
 487     .customSanitizer(toArray)
 488     .custom(isStringArray).withMessage('Should have a valid one of language array'),
 489   query('privacyOneOf')
 490     .optional()
 491     .customSanitizer(toArray)
 492     .custom(isNumberArray).withMessage('Should have a valid one of privacy array'),
 493   query('tagsOneOf')
 494     .optional()
 495     .customSanitizer(toArray)
 496     .custom(isStringArray).withMessage('Should have a valid one of tags array'),
 497   query('tagsAllOf')
 498     .optional()
 499     .customSanitizer(toArray)
 500     .custom(isStringArray).withMessage('Should have a valid all of tags array'),
 501   query('nsfw')
 502     .optional()
 503     .custom(isBooleanBothQueryValid).withMessage('Should have a valid NSFW attribute'),
 504   query('isLive')
 505     .optional()
 506     .customSanitizer(toBooleanOrNull)
 507     .custom(isBooleanValid).withMessage('Should have a valid live boolean'),
 508   query('filter')
 509     .optional()
 510     .custom(isVideoFilterValid).withMessage('Should have a valid filter attribute'),
 511   query('include')
 512     .optional()
 513     .custom(isVideoIncludeValid).withMessage('Should have a valid include attribute'),
 514   query('isLocal')
 515     .optional()
 516     .customSanitizer(toBooleanOrNull)
 517     .custom(isBooleanValid).withMessage('Should have a valid local boolean'),
 518   query('hasHLSFiles')
 519     .optional()
 520     .customSanitizer(toBooleanOrNull)
 521     .custom(isBooleanValid).withMessage('Should have a valid has hls boolean'),
 522   query('hasWebtorrentFiles')
 523     .optional()
 524     .customSanitizer(toBooleanOrNull)
 525     .custom(isBooleanValid).withMessage('Should have a valid has webtorrent boolean'),
 526   query('skipCount')
 527     .optional()
 528     .customSanitizer(toBooleanOrNull)
 529     .custom(isBooleanValid).withMessage('Should have a valid skip count boolean'),
 530   query('search')
 531     .optional()
 532     .custom(exists).withMessage('Should have a valid search'),
 533
 534   (req: express.Request, res: express.Response, next: express.NextFunction) => {
 535     logger.debug('Checking commons video filters query', { parameters: req.query })
 536
 537     if (areValidationErrors(req, res)) return
 538
 539     // FIXME: deprecated in 4.0, to remove
 540     {
 541       if (req.query.filter === 'all-local') {
 542         req.query.include = VideoInclude.NOT_PUBLISHED_STATE
 543         req.query.isLocal = true
 544         req.query.privacyOneOf = getAllPrivacies()
 545       } else if (req.query.filter === 'all') {
 546         req.query.include = VideoInclude.NOT_PUBLISHED_STATE
 547         req.query.privacyOneOf = getAllPrivacies()
 548       } else if (req.query.filter === 'local') {
 549         req.query.isLocal = true
 550       }
 551
 552       req.query.filter = undefined
 553     }
 554
 555     const user = res.locals.oauth?.token.User
 556
 557     if ((!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) !== true)) {
 558       if (req.query.include || req.query.privacyOneOf) {
 559         return res.fail({
 560           status: HttpStatusCode.UNAUTHORIZED_401,
 561           message: 'You are not allowed to see all videos.'
 562         })
 563       }
 564     }
 565
 566     return next()
 567   }
 568 ]
 569
 570 // ---------------------------------------------------------------------------
 571
 572 export {
 573   videosAddLegacyValidator,
 574   videosAddResumableValidator,
 575   videosAddResumableInitValidator,
 576   videosResumableUploadIdValidator,
 577
 578   videosUpdateValidator,
 579   videosGetValidator,
 580   videoFileMetadataGetValidator,
 581   videosDownloadValidator,
 582   checkVideoFollowConstraints,
 583   videosCustomGetValidator,
 584   videosRemoveValidator,
 585
 586   getCommonVideoEditAttributes,
 587
 588   commonVideosFiltersValidator,
 589
 590   videosOverviewValidator
 591 }
 592
 593 // ---------------------------------------------------------------------------
 594
 595 function areErrorsInScheduleUpdate (req: express.Request, res: express.Response) {
 596   if (req.body.scheduleUpdate) {
 597     if (!req.body.scheduleUpdate.updateAt) {
 598       logger.warn('Invalid parameters: scheduleUpdate.updateAt is mandatory.')
 599
 600       res.fail({ message: 'Schedule update at is mandatory.' })
 601       return true
 602     }
 603   }
 604
 605   return false
 606 }
 607
 608 async function commonVideoChecksPass (parameters: {
 609   req: express.Request
 610   res: express.Response
 611   user: MUserAccountId
 612   videoFileSize: number
 613   files: express.UploadFilesForCheck
 614 }): Promise<boolean> {
 615   const { req, res, user, videoFileSize, files } = parameters
 616
 617   if (areErrorsInScheduleUpdate(req, res)) return false
 618
 619   if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return false
 620
 621   if (!isVideoFileMimeTypeValid(files)) {
 622     res.fail({
 623       status: HttpStatusCode.UNSUPPORTED_MEDIA_TYPE_415,
 624       message: 'This file is not supported. Please, make sure it is of the following type: ' +
 625                CONSTRAINTS_FIELDS.VIDEOS.EXTNAME.join(', ')
 626     })
 627     return false
 628   }
 629
 630   if (!isVideoFileSizeValid(videoFileSize.toString())) {
 631     res.fail({
 632       status: HttpStatusCode.PAYLOAD_TOO_LARGE_413,
 633       message: 'This file is too large. It exceeds the maximum file size authorized.',
 634       type: ServerErrorCode.MAX_FILE_SIZE_REACHED
 635     })
 636     return false
 637   }
 638
 639   if (await isAbleToUploadVideo(user.id, videoFileSize) === false) {
 640     res.fail({
 641       status: HttpStatusCode.PAYLOAD_TOO_LARGE_413,
 642       message: 'The user video quota is exceeded with this video.',
 643       type: ServerErrorCode.QUOTA_REACHED
 644     })
 645     return false
 646   }
 647
 648   return true
 649 }
 650
 651 export async function isVideoAccepted (
 652   req: express.Request,
 653   res: express.Response,
 654   videoFile: express.VideoUploadFile
 655 ) {
 656   // Check we accept this video
 657   const acceptParameters = {
 658     videoBody: req.body,
 659     videoFile,
 660     user: res.locals.oauth.token.User
 661   }
 662   const acceptedResult = await Hooks.wrapFun(
 663     isLocalVideoAccepted,
 664     acceptParameters,
 665     'filter:api.video.upload.accept.result'
 666   )
 667
 668   if (!acceptedResult || acceptedResult.accepted !== true) {
 669     logger.info('Refused local video.', { acceptedResult, acceptParameters })
 670     res.fail({
 671       status: HttpStatusCode.FORBIDDEN_403,
 672       message: acceptedResult.errorMessage || 'Refused local video'
 673     })
 674     return false
 675   }
 676
 677   return true
 678 }
 679
 680 async function addDurationToVideo (videoFile: { path: string, duration?: number }) {
 681   const duration: number = await getDurationFromVideoFile(videoFile.path)
 682
 683   if (isNaN(duration)) throw new Error(`Couldn't get video duration`)
 684
 685   videoFile.duration = duration
 686 }