Add blacklist reason field

[github/Chocobozzz/PeerTube.git] / server / controllers / api / users.ts

diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts
index dbe736bff9a6cb57eba32e02ad5846ea826ba8cc..543b20baa647604a9339a62c370b77419ab49761 100644 (file)
--- a/server/controllers/api/users.ts
+++ b/server/controllers/api/users.ts
@@ -29,7 +29,14 @@ import {
   usersUpdateValidator,
   usersVideoRatingValidator
 } from '../../middlewares'
-import { usersAskResetPasswordValidator, usersResetPasswordValidator, videosSortValidator } from '../../middlewares/validators'
+import {
+  deleteMeValidator,
+  usersAskResetPasswordValidator,
+  usersBlockingValidator,
+  usersResetPasswordValidator,
+  videoImportsSortValidator,
+  videosSortValidator
+} from '../../middlewares/validators'
 import { AccountVideoRateModel } from '../../models/account/account-video-rate'
 import { UserModel } from '../../models/account/user'
 import { OAuthTokenModel } from '../../models/oauth/oauth-token'
@@ -40,6 +47,7 @@ import { UserVideoQuota } from '../../../shared/models/users/user-video-quota.mo
 import { updateAvatarValidator } from '../../middlewares/validators/avatar'
 import { updateActorAvatarFile } from '../../lib/avatar'
 import { auditLoggerFactory, UserAuditView } from '../../helpers/audit-logger'
+import { VideoImportModel } from '../../models/video/video-import'
 
 const auditLogger = auditLoggerFactory('users')
 
@@ -56,12 +64,26 @@ usersRouter.get('/me',
   authenticate,
   asyncMiddleware(getUserInformation)
 )
+usersRouter.delete('/me',
+  authenticate,
+  asyncMiddleware(deleteMeValidator),
+  asyncMiddleware(deleteMe)
+)
 
 usersRouter.get('/me/video-quota-used',
   authenticate,
   asyncMiddleware(getUserVideoQuotaUsed)
 )
 
+usersRouter.get('/me/videos/imports',
+  authenticate,
+  paginationValidator,
+  videoImportsSortValidator,
+  setDefaultSort,
+  setDefaultPagination,
+  asyncMiddleware(getUserVideoImports)
+)
+
 usersRouter.get('/me/videos',
   authenticate,
   paginationValidator,
@@ -87,6 +109,19 @@ usersRouter.get('/',
   asyncMiddleware(listUsers)
 )
 
+usersRouter.post('/:id/block',
+  authenticate,
+  ensureUserHasRight(UserRight.MANAGE_USERS),
+  asyncMiddleware(usersBlockingValidator),
+  asyncMiddleware(blockUser)
+)
+usersRouter.post('/:id/unblock',
+  authenticate,
+  ensureUserHasRight(UserRight.MANAGE_USERS),
+  asyncMiddleware(usersBlockingValidator),
+  asyncMiddleware(unblockUser)
+)
+
 usersRouter.get('/:id',
   authenticate,
   ensureUserHasRight(UserRight.MANAGE_USERS),
@@ -166,18 +201,30 @@ async function getUserVideos (req: express.Request, res: express.Response, next:
     user.Account.id,
     req.query.start as number,
     req.query.count as number,
-    req.query.sort as VideoSortField,
-    false // Display my NSFW videos
+    req.query.sort as VideoSortField
   )
 
   const additionalAttributes = {
     waitTranscoding: true,
     state: true,
-    scheduledUpdate: true
+    scheduledUpdate: true,
+    blacklistInfo: true
   }
   return res.json(getFormattedObjects(resultList.data, resultList.total, { additionalAttributes }))
 }
 
+async function getUserVideoImports (req: express.Request, res: express.Response, next: express.NextFunction) {
+  const user = res.locals.oauth.token.User as UserModel
+  const resultList = await VideoImportModel.listUserVideoImportsForApi(
+    user.id,
+    req.query.start as number,
+    req.query.count as number,
+    req.query.sort
+  )
+
+  return res.json(getFormattedObjects(resultList.data, resultList.total))
+}
+
 async function createUser (req: express.Request, res: express.Response) {
   const body: UserCreate = req.body
   const userToCreate = new UserModel({
@@ -245,6 +292,23 @@ async function getUserVideoQuotaUsed (req: express.Request, res: express.Respons
   return res.json(data)
 }
 
+async function unblockUser (req: express.Request, res: express.Response, next: express.NextFunction) {
+  const user: UserModel = res.locals.user
+
+  await changeUserBlock(res, user, false)
+
+  return res.status(204).end()
+}
+
+async function blockUser (req: express.Request, res: express.Response, next: express.NextFunction) {
+  const user: UserModel = res.locals.user
+  const reason = req.body.reason
+
+  await changeUserBlock(res, user, true, reason)
+
+  return res.status(204).end()
+}
+
 function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
   return res.json((res.locals.user as UserModel).toFormattedJSON())
 }
@@ -269,8 +333,18 @@ async function listUsers (req: express.Request, res: express.Response, next: exp
   return res.json(getFormattedObjects(resultList.data, resultList.total))
 }
 
+async function deleteMe (req: express.Request, res: express.Response) {
+  const user: UserModel = res.locals.oauth.token.User
+
+  await user.destroy()
+
+  auditLogger.delete(res.locals.oauth.token.User.Account.Actor.getIdentifier(), new UserAuditView(user.toFormattedJSON()))
+
+  return res.sendStatus(204)
+}
+
 async function removeUser (req: express.Request, res: express.Response, next: express.NextFunction) {
-  const user = await UserModel.loadById(req.params.id)
+  const user: UserModel = res.locals.user
 
   await user.destroy()
 
@@ -380,3 +454,24 @@ async function resetUserPassword (req: express.Request, res: express.Response, n
 function success (req: express.Request, res: express.Response, next: express.NextFunction) {
   res.end()
 }
+
+async function changeUserBlock (res: express.Response, user: UserModel, block: boolean, reason?: string) {
+  const oldUserAuditView = new UserAuditView(user.toFormattedJSON())
+
+  user.blocked = block
+  user.blockedReason = reason || null
+
+  await sequelizeTypescript.transaction(async t => {
+    await OAuthTokenModel.deleteUserToken(user.id, t)
+
+    await user.save({ transaction: t })
+  })
+
+  await Emailer.Instance.addUserBlockJob(user, block, reason)
+
+  auditLogger.update(
+    res.locals.oauth.token.User.Account.Actor.getIdentifier(),
+    new UserAuditView(user.toFormattedJSON()),
+    oldUserAuditView
+  )
+}