+ }
+
+ if (req.body.channelName) {
+ if (req.body.channelName === req.body.username) {
+ return res.fail({ message: 'Channel name cannot be the same as user username.' })
+ }
+
+ const existing = await ActorModel.loadLocalByName(req.body.channelName)
+ if (existing) {
+ return res.fail({
+ status: HttpStatusCode.CONFLICT_409,
+ message: `Channel with name ${req.body.channelName} already exists.`
+ })
+ }
+ }
+
+ return next()
+ }
+]
+
+const usersRemoveValidator = [
+ param('id')
+ .custom(isIdValid),
+
+ async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ if (areValidationErrors(req, res)) return
+ if (!await checkUserIdExist(req.params.id, res)) return
+
+ const user = res.locals.user
+ if (user.username === 'root') {
+ return res.fail({ message: 'Cannot remove the root user' })
+ }
+
+ return next()
+ }
+]
+
+const usersBlockingValidator = [
+ param('id')
+ .custom(isIdValid),
+ body('reason')
+ .optional()
+ .custom(isUserBlockedReasonValid),
+
+ async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ if (areValidationErrors(req, res)) return
+ if (!await checkUserIdExist(req.params.id, res)) return
+
+ const user = res.locals.user
+ if (user.username === 'root') {
+ return res.fail({ message: 'Cannot block the root user' })
+ }
+
+ return next()
+ }
+]
+
+const deleteMeValidator = [
+ (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ const user = res.locals.oauth.token.User
+ if (user.username === 'root') {
+ return res.fail({ message: 'You cannot delete your root account.' })
+ }
+
+ return next()
+ }
+]
+
+const usersUpdateValidator = [
+ param('id').custom(isIdValid),
+
+ body('password')
+ .optional()
+ .custom(isUserPasswordValid),
+ body('email')
+ .optional()
+ .isEmail(),
+ body('emailVerified')
+ .optional()
+ .isBoolean(),
+ body('videoQuota')
+ .optional()
+ .custom(isUserVideoQuotaValid),
+ body('videoQuotaDaily')
+ .optional()
+ .custom(isUserVideoQuotaDailyValid),
+ body('pluginAuth')
+ .optional()
+ .exists(),
+ body('role')
+ .optional()
+ .customSanitizer(toIntOrNull)
+ .custom(isUserRoleValid),
+ body('adminFlags')
+ .optional()
+ .custom(isUserAdminFlagsValid),
+
+ async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ if (areValidationErrors(req, res, { omitBodyLog: true })) return
+ if (!await checkUserIdExist(req.params.id, res)) return
+
+ const user = res.locals.user
+ if (user.username === 'root' && req.body.role !== undefined && user.role !== req.body.role) {
+ return res.fail({ message: 'Cannot change root role.' })
+ }
+
+ return next()
+ }
+]
+
+const usersUpdateMeValidator = [
+ body('displayName')
+ .optional()
+ .custom(isUserDisplayNameValid),
+ body('description')
+ .optional()
+ .custom(isUserDescriptionValid),
+ body('currentPassword')
+ .optional()
+ .custom(isUserPasswordValid),
+ body('password')
+ .optional()
+ .custom(isUserPasswordValid),
+ body('emailPublic')
+ .optional()
+ .custom(isUserEmailPublicValid),
+ body('email')
+ .optional()
+ .isEmail(),
+ body('nsfwPolicy')
+ .optional()
+ .custom(isUserNSFWPolicyValid),
+ body('autoPlayVideo')
+ .optional()
+ .custom(isUserAutoPlayVideoValid),
+ body('p2pEnabled')
+ .optional()
+ .custom(isUserP2PEnabledValid).withMessage('Should have a valid p2p enabled boolean'),
+ body('videoLanguages')
+ .optional()
+ .custom(isUserVideoLanguages),
+ body('videosHistoryEnabled')
+ .optional()
+ .custom(isUserVideosHistoryEnabledValid).withMessage('Should have a valid videos history enabled boolean'),
+ body('theme')
+ .optional()
+ .custom(v => isThemeNameValid(v) && isThemeRegistered(v)),
+
+ body('noInstanceConfigWarningModal')
+ .optional()
+ .custom(v => isUserNoModal(v)).withMessage('Should have a valid noInstanceConfigWarningModal boolean'),
+ body('noWelcomeModal')
+ .optional()
+ .custom(v => isUserNoModal(v)).withMessage('Should have a valid noWelcomeModal boolean'),
+ body('noAccountSetupWarningModal')
+ .optional()
+ .custom(v => isUserNoModal(v)).withMessage('Should have a valid noAccountSetupWarningModal boolean'),
+
+ body('autoPlayNextVideo')
+ .optional()
+ .custom(v => isUserAutoPlayNextVideoValid(v)).withMessage('Should have a valid autoPlayNextVideo boolean'),
+
+ async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ const user = res.locals.oauth.token.User
+
+ if (req.body.password || req.body.email) {
+ if (user.pluginAuth !== null) {
+ return res.fail({ message: 'You cannot update your email or password that is associated with an external auth system.' })
+ }
+
+ if (!req.body.currentPassword) {
+ return res.fail({ message: 'currentPassword parameter is missing.' })
+ }