]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blobdiff - server/controllers/activitypub/client.ts
projects / github / Chocobozzz / PeerTube.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix incorrect IDs in AP federation
[github/Chocobozzz/PeerTube.git] / server / controllers / activitypub / client.ts
diff --git a/server/controllers/activitypub/client.ts b/server/controllers/activitypub/client.ts
index d36d10de1b3d33bc63bec0bc25e12bf2f57be458..71a5b623256dcb1c2c190a2163ade4bfe4396369 100644 (file)
--- a/server/controllers/activitypub/client.ts
+++ b/server/controllers/activitypub/client.ts
@@ -1,11 +1,21 @@
-// Intercept ActivityPub client requests
+import * as cors from 'cors'
 import * as express from 'express'
+import { getServerActor } from '@server/models/application/application'
+import { MAccountId, MActorId, MChannelId, MVideoId, MVideoUrl } from '@server/types/models'
 import { VideoPrivacy, VideoRateType } from '../../../shared/models/videos'
+import { VideoPlaylistPrivacy } from '../../../shared/models/videos/playlist/video-playlist-privacy.model'
 import { activityPubCollectionPagination, activityPubContextify } from '../../helpers/activitypub'
 import { ROUTE_CACHE_LIFETIME, WEBSERVER } from '../../initializers/constants'
-import { buildAnnounceWithVideoAudience, buildLikeActivity } from '../../lib/activitypub/send'
 import { audiencify, getAudience } from '../../lib/activitypub/audience'
+import { buildAnnounceWithVideoAudience, buildLikeActivity } from '../../lib/activitypub/send'
 import { buildCreateActivity } from '../../lib/activitypub/send/send-create'
+import { buildDislikeActivity } from '../../lib/activitypub/send/send-dislike'
+import {
+  getLocalVideoCommentsActivityPubUrl,
+  getLocalVideoDislikesActivityPubUrl,
+  getLocalVideoLikesActivityPubUrl,
+  getLocalVideoSharesActivityPubUrl
+} from '../../lib/activitypub/url'
 import {
   asyncMiddleware,
   executeIfActivityPub,
@@ -14,32 +24,24 @@ import {
   videosCustomGetValidator,
   videosShareValidator
 } from '../../middlewares'
-import { getAccountVideoRateValidator, videoCommentGetValidator } from '../../middlewares/validators'
+import { cacheRoute } from '../../middlewares/cache'
+import { getAccountVideoRateValidatorFactory, videoCommentGetValidator } from '../../middlewares/validators'
+import { videoFileRedundancyGetValidator, videoPlaylistRedundancyGetValidator } from '../../middlewares/validators/redundancy'
+import { videoPlaylistElementAPGetValidator, videoPlaylistsGetValidator } from '../../middlewares/validators/videos/video-playlists'
 import { AccountModel } from '../../models/account/account'
-import { ActorModel } from '../../models/activitypub/actor'
+import { AccountVideoRateModel } from '../../models/account/account-video-rate'
 import { ActorFollowModel } from '../../models/activitypub/actor-follow'
 import { VideoModel } from '../../models/video/video'
+import { VideoCaptionModel } from '../../models/video/video-caption'
 import { VideoCommentModel } from '../../models/video/video-comment'
+import { VideoPlaylistModel } from '../../models/video/video-playlist'
 import { VideoShareModel } from '../../models/video/video-share'
-import { cacheRoute } from '../../middlewares/cache'
 import { activityPubResponse } from './utils'
-import { AccountVideoRateModel } from '../../models/account/account-video-rate'
-import {
-  getRateUrl,
-  getVideoCommentsActivityPubUrl,
-  getVideoDislikesActivityPubUrl,
-  getVideoLikesActivityPubUrl,
-  getVideoSharesActivityPubUrl
-} from '../../lib/activitypub'
-import { VideoCaptionModel } from '../../models/video/video-caption'
-import { videoFileRedundancyGetValidator, videoPlaylistRedundancyGetValidator } from '../../middlewares/validators/redundancy'
-import { getServerActor } from '../../helpers/utils'
-import { buildDislikeActivity } from '../../lib/activitypub/send/send-dislike'
-import { videoPlaylistElementAPGetValidator, videoPlaylistsGetValidator } from '../../middlewares/validators/videos/video-playlists'
-import { VideoPlaylistModel } from '../../models/video/video-playlist'
-import { VideoPlaylistPrivacy } from '../../../shared/models/videos/playlist/video-playlist-privacy.model'
 
 const activityPubClientRouter = express.Router()
+activityPubClientRouter.use(cors())
+
+// Intercept ActivityPub client requests
 
 activityPubClientRouter.get('/accounts?/:name',
   executeIfActivityPub,
@@ -63,18 +65,18 @@ activityPubClientRouter.get('/accounts?/:name/playlists',
 )
 activityPubClientRouter.get('/accounts?/:name/likes/:videoId',
   executeIfActivityPub,
-  asyncMiddleware(getAccountVideoRateValidator('like')),
-  getAccountVideoRate('like')
+  asyncMiddleware(getAccountVideoRateValidatorFactory('like')),
+  getAccountVideoRateFactory('like')
 )
 activityPubClientRouter.get('/accounts?/:name/dislikes/:videoId',
   executeIfActivityPub,
-  asyncMiddleware(getAccountVideoRateValidator('dislike')),
-  getAccountVideoRate('dislike')
+  asyncMiddleware(getAccountVideoRateValidatorFactory('dislike')),
+  getAccountVideoRateFactory('dislike')
 )
 
 activityPubClientRouter.get('/videos/watch/:id',
   executeIfActivityPub,
-  asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.ACTIVITY_PUB.VIDEOS)),
+  asyncMiddleware(cacheRoute()(ROUTE_CACHE_LIFETIME.ACTIVITY_PUB.VIDEOS)),
   asyncMiddleware(videosCustomGetValidator('only-video-with-rights')),
   asyncMiddleware(videoController)
 )
@@ -85,7 +87,7 @@ activityPubClientRouter.get('/videos/watch/:id/activity',
 )
 activityPubClientRouter.get('/videos/watch/:id/announces',
   executeIfActivityPub,
-  asyncMiddleware(videosCustomGetValidator('only-video')),
+  asyncMiddleware(videosCustomGetValidator('only-immutable-attributes')),
   asyncMiddleware(videoAnnouncesController)
 )
 activityPubClientRouter.get('/videos/watch/:id/announces/:actorId',
@@ -95,17 +97,17 @@ activityPubClientRouter.get('/videos/watch/:id/announces/:actorId',
 )
 activityPubClientRouter.get('/videos/watch/:id/likes',
   executeIfActivityPub,
-  asyncMiddleware(videosCustomGetValidator('only-video')),
+  asyncMiddleware(videosCustomGetValidator('only-immutable-attributes')),
   asyncMiddleware(videoLikesController)
 )
 activityPubClientRouter.get('/videos/watch/:id/dislikes',
   executeIfActivityPub,
-  asyncMiddleware(videosCustomGetValidator('only-video')),
+  asyncMiddleware(videosCustomGetValidator('only-immutable-attributes')),
   asyncMiddleware(videoDislikesController)
 )
 activityPubClientRouter.get('/videos/watch/:id/comments',
   executeIfActivityPub,
-  asyncMiddleware(videosCustomGetValidator('only-video')),
+  asyncMiddleware(videosCustomGetValidator('only-immutable-attributes')),
   asyncMiddleware(videoCommentsController)
 )
 activityPubClientRouter.get('/videos/watch/:videoId/comments/:commentId',
@@ -122,7 +124,7 @@ activityPubClientRouter.get('/videos/watch/:videoId/comments/:commentId/activity
 activityPubClientRouter.get('/video-channels/:name',
   executeIfActivityPub,
   asyncMiddleware(localVideoChannelValidator),
-  asyncMiddleware(videoChannelController)
+  videoChannelController
 )
 activityPubClientRouter.get('/video-channels/:name/followers',
   executeIfActivityPub,
@@ -134,6 +136,11 @@ activityPubClientRouter.get('/video-channels/:name/following',
   asyncMiddleware(localVideoChannelValidator),
   asyncMiddleware(videoChannelFollowingController)
 )
+activityPubClientRouter.get('/video-channels/:name/playlists',
+  executeIfActivityPub,
+  asyncMiddleware(localVideoChannelValidator),
+  asyncMiddleware(videoChannelPlaylistsController)
+)
 
 activityPubClientRouter.get('/redundancy/videos/:videoId/:resolution([0-9]+)(-:fps([0-9]+))?',
   executeIfActivityPub,
@@ -148,13 +155,13 @@ activityPubClientRouter.get('/redundancy/streaming-playlists/:streamingPlaylistT
 
 activityPubClientRouter.get('/video-playlists/:playlistId',
   executeIfActivityPub,
-  asyncMiddleware(videoPlaylistsGetValidator),
+  asyncMiddleware(videoPlaylistsGetValidator('all')),
   asyncMiddleware(videoPlaylistController)
 )
-activityPubClientRouter.get('/video-playlists/:playlistId/:videoId',
+activityPubClientRouter.get('/video-playlists/:playlistId/videos/:playlistElementId',
   executeIfActivityPub,
   asyncMiddleware(videoPlaylistElementAPGetValidator),
-  asyncMiddleware(videoPlaylistElementController)
+  videoPlaylistElementController
 )
 
 // ---------------------------------------------------------------------------
@@ -187,20 +194,26 @@ async function accountFollowingController (req: express.Request, res: express.Re
 
 async function accountPlaylistsController (req: express.Request, res: express.Response) {
   const account = res.locals.account
-  const activityPubResult = await actorPlaylists(req, account)
+  const activityPubResult = await actorPlaylists(req, { account })
+
+  return activityPubResponse(activityPubContextify(activityPubResult), res)
+}
+
+async function videoChannelPlaylistsController (req: express.Request, res: express.Response) {
+  const channel = res.locals.videoChannel
+  const activityPubResult = await actorPlaylists(req, { channel })
 
   return activityPubResponse(activityPubContextify(activityPubResult), res)
 }
 
-function getAccountVideoRate (rateType: VideoRateType) {
+function getAccountVideoRateFactory (rateType: VideoRateType) {
   return (req: express.Request, res: express.Response) => {
     const accountVideoRate = res.locals.accountVideoRate
 
     const byActor = accountVideoRate.Account.Actor
-    const url = getRateUrl(rateType, byActor, accountVideoRate.Video)
     const APObject = rateType === 'like'
-      ? buildLikeActivity(url, byActor, accountVideoRate.Video)
-      : buildDislikeActivity(url, byActor, accountVideoRate.Video)
+      ? buildLikeActivity(accountVideoRate.url, byActor, accountVideoRate.Video)
+      : buildDislikeActivity(accountVideoRate.url, byActor, accountVideoRate.Video)
 
     return activityPubResponse(activityPubContextify(APObject), res)
   }
@@ -208,18 +221,19 @@ function getAccountVideoRate (rateType: VideoRateType) {
 
 async function videoController (req: express.Request, res: express.Response) {
   // We need more attributes
-  const video = await VideoModel.loadForGetAPI(res.locals.video.id)
+  const video = await VideoModel.loadAndPopulateAccountAndServerAndTags(res.locals.onlyVideoWithRights.id)
 
-  if (video.url.startsWith(WEBSERVER.URL) === false) return res.redirect(video.url)
+  if (redirectIfNotOwned(video.url, res)) return
 
   // We need captions to render AP object
-  video.VideoCaptions = await VideoCaptionModel.listVideoCaptions(video.id)
+  const captions = await VideoCaptionModel.listVideoCaptions(video.id)
+  const videoWithCaptions = Object.assign(video, { VideoCaptions: captions })
 
-  const audience = getAudience(video.VideoChannel.Account.Actor, video.privacy === VideoPrivacy.PUBLIC)
-  const videoObject = audiencify(video.toActivityPubObject(), audience)
+  const audience = getAudience(videoWithCaptions.VideoChannel.Account.Actor, videoWithCaptions.privacy === VideoPrivacy.PUBLIC)
+  const videoObject = audiencify(videoWithCaptions.toActivityPubObject(), audience)
 
   if (req.path.endsWith('/activity')) {
-    const data = buildCreateActivity(video.url, video.VideoChannel.Account.Actor, videoObject, audience)
+    const data = buildCreateActivity(videoWithCaptions.url, video.VideoChannel.Account.Actor, videoObject, audience)
     return activityPubResponse(activityPubContextify(data), res)
   }
 
@@ -229,15 +243,17 @@ async function videoController (req: express.Request, res: express.Response) {
 async function videoAnnounceController (req: express.Request, res: express.Response) {
   const share = res.locals.videoShare
 
-  if (share.url.startsWith(WEBSERVER.URL) === false) return res.redirect(share.url)
+  if (redirectIfNotOwned(share.url, res)) return
 
-  const { activity } = await buildAnnounceWithVideoAudience(share.Actor, share, res.locals.video, undefined)
+  const { activity } = await buildAnnounceWithVideoAudience(share.Actor, share, res.locals.videoAll, undefined)
 
-  return activityPubResponse(activityPubContextify(activity), res)
+  return activityPubResponse(activityPubContextify(activity, 'Announce'), res)
 }
 
 async function videoAnnouncesController (req: express.Request, res: express.Response) {
-  const video = res.locals.video
+  const video = res.locals.onlyImmutableVideo
+
+  if (redirectIfNotOwned(video.url, res)) return
 
   const handler = async (start: number, count: number) => {
     const result = await VideoShareModel.listAndCountByVideoId(video.id, start, count)
@@ -246,41 +262,49 @@ async function videoAnnouncesController (req: express.Request, res: express.Resp
       data: result.rows.map(r => r.url)
     }
   }
-  const json = await activityPubCollectionPagination(getVideoSharesActivityPubUrl(video), handler, req.query.page)
+  const json = await activityPubCollectionPagination(getLocalVideoSharesActivityPubUrl(video), handler, req.query.page)
 
   return activityPubResponse(activityPubContextify(json), res)
 }
 
 async function videoLikesController (req: express.Request, res: express.Response) {
-  const video = res.locals.video
-  const json = await videoRates(req, 'like', video, getVideoLikesActivityPubUrl(video))
+  const video = res.locals.onlyImmutableVideo
+
+  if (redirectIfNotOwned(video.url, res)) return
+
+  const json = await videoRates(req, 'like', video, getLocalVideoLikesActivityPubUrl(video))
 
   return activityPubResponse(activityPubContextify(json), res)
 }
 
 async function videoDislikesController (req: express.Request, res: express.Response) {
-  const video = res.locals.video
-  const json = await videoRates(req, 'dislike', video, getVideoDislikesActivityPubUrl(video))
+  const video = res.locals.onlyImmutableVideo
+
+  if (redirectIfNotOwned(video.url, res)) return
+
+  const json = await videoRates(req, 'dislike', video, getLocalVideoDislikesActivityPubUrl(video))
 
   return activityPubResponse(activityPubContextify(json), res)
 }
 
 async function videoCommentsController (req: express.Request, res: express.Response) {
-  const video = res.locals.video
+  const video = res.locals.onlyImmutableVideo
+
+  if (redirectIfNotOwned(video.url, res)) return
 
   const handler = async (start: number, count: number) => {
-    const result = await VideoCommentModel.listAndCountByVideoId(video.id, start, count)
+    const result = await VideoCommentModel.listAndCountByVideoForAP(video, start, count)
     return {
       total: result.count,
       data: result.rows.map(r => r.url)
     }
   }
-  const json = await activityPubCollectionPagination(getVideoCommentsActivityPubUrl(video), handler, req.query.page)
+  const json = await activityPubCollectionPagination(getLocalVideoCommentsActivityPubUrl(video), handler, req.query.page)
 
   return activityPubResponse(activityPubContextify(json), res)
 }
 
-async function videoChannelController (req: express.Request, res: express.Response) {
+function videoChannelController (req: express.Request, res: express.Response) {
   const videoChannel = res.locals.videoChannel
 
   return activityPubResponse(activityPubContextify(videoChannel.toActivityPubObject()), res)
@@ -301,19 +325,22 @@ async function videoChannelFollowingController (req: express.Request, res: expre
 }
 
 async function videoCommentController (req: express.Request, res: express.Response) {
-  const videoComment = res.locals.videoComment
+  const videoComment = res.locals.videoCommentFull
 
-  if (videoComment.url.startsWith(WEBSERVER.URL) === false) return res.redirect(videoComment.url)
+  if (redirectIfNotOwned(videoComment.url, res)) return
 
   const threadParentComments = await VideoCommentModel.listThreadParentComments(videoComment, undefined)
   const isPublic = true // Comments are always public
-  const audience = getAudience(videoComment.Account.Actor, isPublic)
+  let videoCommentObject = videoComment.toActivityPubObject(threadParentComments)
 
-  const videoCommentObject = audiencify(videoComment.toActivityPubObject(threadParentComments), audience)
+  if (videoComment.Account) {
+    const audience = getAudience(videoComment.Account.Actor, isPublic)
+    videoCommentObject = audiencify(videoCommentObject, audience)
 
-  if (req.path.endsWith('/activity')) {
-    const data = buildCreateActivity(videoComment.url, videoComment.Account.Actor, videoCommentObject, audience)
-    return activityPubResponse(activityPubContextify(data), res)
+    if (req.path.endsWith('/activity')) {
+      const data = buildCreateActivity(videoComment.url, videoComment.Account.Actor, videoCommentObject, audience)
+      return activityPubResponse(activityPubContextify(data), res)
+    }
   }
 
   return activityPubResponse(activityPubContextify(videoCommentObject), res)
@@ -321,7 +348,8 @@ async function videoCommentController (req: express.Request, res: express.Respon
 
 async function videoRedundancyController (req: express.Request, res: express.Response) {
   const videoRedundancy = res.locals.videoRedundancy
-  if (videoRedundancy.url.startsWith(WEBSERVER.URL) === false) return res.redirect(videoRedundancy.url)
+
+  if (redirectIfNotOwned(videoRedundancy.url, res)) return
 
   const serverActor = await getServerActor()
 
@@ -330,14 +358,16 @@ async function videoRedundancyController (req: express.Request, res: express.Res
 
   if (req.path.endsWith('/activity')) {
     const data = buildCreateActivity(videoRedundancy.url, serverActor, object, audience)
-    return activityPubResponse(activityPubContextify(data), res)
+    return activityPubResponse(activityPubContextify(data, 'CacheFile'), res)
   }
 
-  return activityPubResponse(activityPubContextify(object), res)
+  return activityPubResponse(activityPubContextify(object, 'CacheFile'), res)
 }
 
 async function videoPlaylistController (req: express.Request, res: express.Response) {
-  const playlist = res.locals.videoPlaylist
+  const playlist = res.locals.videoPlaylistFull
+
+  if (redirectIfNotOwned(playlist.url, res)) return
 
   // We need more attributes
   playlist.OwnerAccount = await AccountModel.load(playlist.ownerAccountId)
@@ -349,8 +379,10 @@ async function videoPlaylistController (req: express.Request, res: express.Respo
   return activityPubResponse(activityPubContextify(object), res)
 }
 
-async function videoPlaylistElementController (req: express.Request, res: express.Response) {
-  const videoPlaylistElement = res.locals.videoPlaylistElement
+function videoPlaylistElementController (req: express.Request, res: express.Response) {
+  const videoPlaylistElement = res.locals.videoPlaylistElementAP
+
+  if (redirectIfNotOwned(videoPlaylistElement.url, res)) return
 
   const json = videoPlaylistElement.toActivityPubObject()
   return activityPubResponse(activityPubContextify(json), res)
@@ -358,7 +390,7 @@ async function videoPlaylistElementController (req: express.Request, res: expres
 
 // ---------------------------------------------------------------------------
 
-async function actorFollowing (req: express.Request, actor: ActorModel) {
+async function actorFollowing (req: express.Request, actor: MActorId) {
   const handler = (start: number, count: number) => {
     return ActorFollowModel.listAcceptedFollowingUrlsForApi([ actor.id ], undefined, start, count)
   }
@@ -366,7 +398,7 @@ async function actorFollowing (req: express.Request, actor: ActorModel) {
   return activityPubCollectionPagination(WEBSERVER.URL + req.path, handler, req.query.page)
 }
 
-async function actorFollowers (req: express.Request, actor: ActorModel) {
+async function actorFollowers (req: express.Request, actor: MActorId) {
   const handler = (start: number, count: number) => {
     return ActorFollowModel.listAcceptedFollowerUrlsForAP([ actor.id ], undefined, start, count)
   }
@@ -374,15 +406,15 @@ async function actorFollowers (req: express.Request, actor: ActorModel) {
   return activityPubCollectionPagination(WEBSERVER.URL + req.path, handler, req.query.page)
 }
 
-async function actorPlaylists (req: express.Request, account: AccountModel) {
+async function actorPlaylists (req: express.Request, options: { account: MAccountId } | { channel: MChannelId }) {
   const handler = (start: number, count: number) => {
-    return VideoPlaylistModel.listPublicUrlsOfForAP(account.id, start, count)
+    return VideoPlaylistModel.listPublicUrlsOfForAP(options, start, count)
   }
 
   return activityPubCollectionPagination(WEBSERVER.URL + req.path, handler, req.query.page)
 }
 
-function videoRates (req: express.Request, rateType: VideoRateType, video: VideoModel, url: string) {
+function videoRates (req: express.Request, rateType: VideoRateType, video: MVideoId, url: string) {
   const handler = async (start: number, count: number) => {
     const result = await AccountVideoRateModel.listAndCountAccountUrlsByVideoId(rateType, video.id, start, count)
     return {
@@ -392,3 +424,12 @@ function videoRates (req: express.Request, rateType: VideoRateType, video: Video
   }
   return activityPubCollectionPagination(url, handler, req.query.page)
 }
+
+function redirectIfNotOwned (url: string, res: express.Response) {
+  if (url.startsWith(WEBSERVER.URL) === false) {
+    res.redirect(url)
+    return true
+  }
+
+  return false
+}
ActivityPub-federated video streaming platform using P2P directly in your web browser