]>
git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/middlewares/validators/videos.js
86a7e39ae24bf87aca1a94650b2d0395c1e211e6
3 const checkErrors
= require('./utils').checkErrors
4 const constants
= require('../../initializers/constants')
5 const customVideosValidators
= require('../../helpers/custom-validators').videos
6 const db
= require('../../initializers/database')
7 const logger
= require('../../helpers/logger')
9 const validatorsVideos
= {
23 function videosAdd (req
, res
, next
) {
24 req
.checkBody('videofile', 'Should have a valid file').isVideoFile(req
.files
)
25 req
.checkBody('name', 'Should have a valid name').isVideoNameValid()
26 req
.checkBody('category', 'Should have a valid category').isVideoCategoryValid()
27 req
.checkBody('licence', 'Should have a valid licence').isVideoLicenceValid()
28 req
.checkBody('language', 'Should have a valid language').optional().isVideoLanguageValid()
29 req
.checkBody('nsfw', 'Should have a valid NSFW attribute').isVideoNSFWValid()
30 req
.checkBody('description', 'Should have a valid description').isVideoDescriptionValid()
31 req
.checkBody('tags', 'Should have correct tags').optional().isVideoTagsValid()
33 logger
.debug('Checking videosAdd parameters', { parameters: req
.body
, files: req
.files
})
35 checkErrors(req
, res
, function () {
36 const videoFile
= req
.files
.videofile
[0]
38 db
.Video
.getDurationFromFile(videoFile
.path
, function (err
, duration
) {
40 return res
.status(400).send('Cannot retrieve metadata of the file.')
43 if (!customVideosValidators
.isVideoDurationValid(duration
)) {
44 return res
.status(400).send('Duration of the video file is too big (max: ' + constants
.CONSTRAINTS_FIELDS
.VIDEOS
.DURATION
.max
+ 's).')
47 videoFile
.duration
= duration
53 function videosUpdate (req
, res
, next
) {
54 req
.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
55 req
.checkBody('name', 'Should have a valid name').optional().isVideoNameValid()
56 req
.checkBody('category', 'Should have a valid category').optional().isVideoCategoryValid()
57 req
.checkBody('licence', 'Should have a valid licence').optional().isVideoLicenceValid()
58 req
.checkBody('language', 'Should have a valid language').optional().isVideoLanguageValid()
59 req
.checkBody('nsfw', 'Should have a valid NSFW attribute').optional().isVideoNSFWValid()
60 req
.checkBody('description', 'Should have a valid description').optional().isVideoDescriptionValid()
61 req
.checkBody('tags', 'Should have correct tags').optional().isVideoTagsValid()
63 logger
.debug('Checking videosUpdate parameters', { parameters: req
.body
})
65 checkErrors(req
, res
, function () {
66 checkVideoExists(req
.params
.id
, res
, function () {
67 // We need to make additional checks
68 if (res
.locals
.video
.isOwned() === false) {
69 return res
.status(403).send('Cannot update video of another pod')
72 if (res
.locals
.video
.Author
.userId
!== res
.locals
.oauth
.token
.User
.id
) {
73 return res
.status(403).send('Cannot update video of another user')
81 function videosGet (req
, res
, next
) {
82 req
.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
84 logger
.debug('Checking videosGet parameters', { parameters: req
.params
})
86 checkErrors(req
, res
, function () {
87 checkVideoExists(req
.params
.id
, res
, next
)
91 function videosRemove (req
, res
, next
) {
92 req
.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
94 logger
.debug('Checking videosRemove parameters', { parameters: req
.params
})
96 checkErrors(req
, res
, function () {
97 checkVideoExists(req
.params
.id
, res
, function () {
98 // We need to make additional checks
100 // Check if the user who did the request is able to delete the video
101 checkUserCanDeleteVideo(res
.locals
.oauth
.token
.User
.id
, res
, function () {
108 function videosSearch (req
, res
, next
) {
109 const searchableColumns
= constants
.SEARCHABLE_COLUMNS
.VIDEOS
110 req
.checkParams('value', 'Should have a valid search').notEmpty()
111 req
.checkQuery('field', 'Should have correct searchable column').optional().isIn(searchableColumns
)
113 logger
.debug('Checking videosSearch parameters', { parameters: req
.params
})
115 checkErrors(req
, res
, next
)
118 function videoAbuseReport (req
, res
, next
) {
119 req
.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
120 req
.checkBody('reason', 'Should have a valid reason').isVideoAbuseReasonValid()
122 logger
.debug('Checking videoAbuseReport parameters', { parameters: req
.body
})
124 checkErrors(req
, res
, function () {
125 checkVideoExists(req
.params
.id
, res
, next
)
129 function videoRate (req
, res
, next
) {
130 req
.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
131 req
.checkBody('rating', 'Should have a valid rate type').isVideoRatingTypeValid()
133 logger
.debug('Checking videoRate parameters', { parameters: req
.body
})
135 checkErrors(req
, res
, function () {
136 checkVideoExists(req
.params
.id
, res
, next
)
140 // ---------------------------------------------------------------------------
142 module
.exports
= validatorsVideos
144 // ---------------------------------------------------------------------------
146 function checkVideoExists (id
, res
, callback
) {
147 db
.Video
.loadAndPopulateAuthorAndPodAndTags(id
, function (err
, video
) {
149 logger
.error('Error in video request validator.', { error: err
})
150 return res
.sendStatus(500)
153 if (!video
) return res
.status(404).send('Video not found')
155 res
.locals
.video
= video
160 function checkUserCanDeleteVideo (userId
, res
, callback
) {
161 // Retrieve the user who did the request
162 db
.User
.loadById(userId
, function (err
, user
) {
164 logger
.error('Error in video request validator.', { error: err
})
165 return res
.sendStatus(500)
168 // Check if the user can delete the video
169 // The user can delete it if s/he an admin
170 // Or if s/he is the video's author
171 if (user
.isAdmin() === false) {
172 if (res
.locals
.video
.isOwned() === false) {
173 return res
.status(403).send('Cannot remove video of another pod')
176 if (res
.locals
.video
.Author
.userId
!== res
.locals
.oauth
.token
.User
.id
) {
177 return res
.status(403).send('Cannot remove video of another user')
181 // If we reach this comment, we can delete the video
186 function checkVideoIsBlacklistable (req
, res
, callback
) {
187 if (res
.locals
.video
.isOwned() === true) {
188 return res
.status(403).send('Cannot blacklist a local video')
194 function videosBlacklist (req
, res
, next
) {
195 req
.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
197 logger
.debug('Checking videosBlacklist parameters', { parameters: req
.params
})
199 checkErrors(req
, res
, function () {
200 checkVideoExists(req
.params
.id
, res
, function() {
201 checkVideoIsBlacklistable(req
, res
, next
)