-import * as Bluebird from 'bluebird'
-import { Response } from 'express'
import * as validator from 'validator'
-import { CONSTRAINTS_FIELDS } from '../../../initializers'
-import { ActorModel } from '../../../models/activitypub/actor'
-import { isAccountNameValid } from '../accounts'
-import { exists, isUUIDValid } from '../misc'
-import { isVideoChannelDescriptionValid, isVideoChannelNameValid } from '../video-channels'
+import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
+import { exists, isArray } from '../misc'
+import { truncate } from 'lodash'
import { isActivityPubUrlValid, isBaseActivityValid, setValidAttributedTo } from './misc'
+import { isHostValid } from '../servers'
function isActorEndpointsObjectValid (endpointObject: any) {
return isActivityPubUrlValid(endpointObject.sharedInbox)
return exists(publicKey) &&
typeof publicKey === 'string' &&
publicKey.startsWith('-----BEGIN PUBLIC KEY-----') &&
- publicKey.endsWith('-----END PUBLIC KEY-----') &&
- validator.isLength(publicKey, CONSTRAINTS_FIELDS.ACTOR.PUBLIC_KEY)
+ publicKey.indexOf('-----END PUBLIC KEY-----') !== -1 &&
+ validator.isLength(publicKey, CONSTRAINTS_FIELDS.ACTORS.PUBLIC_KEY)
}
+const actorNameAlphabet = '[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\\-_.]'
+const actorNameRegExp = new RegExp(`^${actorNameAlphabet}+$`)
function isActorPreferredUsernameValid (preferredUsername: string) {
- return isAccountNameValid(preferredUsername) || isVideoChannelNameValid(preferredUsername)
-}
-
-const actorNameRegExp = new RegExp('[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_]+')
-function isActorNameValid (name: string) {
- return exists(name) && validator.matches(name, actorNameRegExp)
+ return exists(preferredUsername) && validator.matches(preferredUsername, actorNameRegExp)
}
function isActorPrivateKeyValid (privateKey: string) {
return exists(privateKey) &&
typeof privateKey === 'string' &&
privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') &&
- privateKey.endsWith('-----END RSA PRIVATE KEY-----') &&
- validator.isLength(privateKey, CONSTRAINTS_FIELDS.ACTOR.PRIVATE_KEY)
-}
+ // Sometimes there is a \n at the end, so just assert the string contains the end mark
+ privateKey.indexOf('-----END RSA PRIVATE KEY-----') !== -1 &&
+ validator.isLength(privateKey, CONSTRAINTS_FIELDS.ACTORS.PRIVATE_KEY)
+}
+
+function isActorObjectValid (actor: any) {
+ return exists(actor) &&
+ isActivityPubUrlValid(actor.id) &&
+ isActorTypeValid(actor.type) &&
+ isActivityPubUrlValid(actor.following) &&
+ isActivityPubUrlValid(actor.followers) &&
+ isActivityPubUrlValid(actor.inbox) &&
+ isActivityPubUrlValid(actor.outbox) &&
+ isActorPreferredUsernameValid(actor.preferredUsername) &&
+ isActivityPubUrlValid(actor.url) &&
+ isActorPublicKeyObjectValid(actor.publicKey) &&
+ isActorEndpointsObjectValid(actor.endpoints) &&
+ setValidAttributedTo(actor) &&
-function isRemoteActorValid (remoteActor: any) {
- return isActivityPubUrlValid(remoteActor.id) &&
- isUUIDValid(remoteActor.uuid) &&
- isActorTypeValid(remoteActor.type) &&
- isActivityPubUrlValid(remoteActor.following) &&
- isActivityPubUrlValid(remoteActor.followers) &&
- isActivityPubUrlValid(remoteActor.inbox) &&
- isActivityPubUrlValid(remoteActor.outbox) &&
- isActorNameValid(remoteActor.name) &&
- isActorPreferredUsernameValid(remoteActor.preferredUsername) &&
- isActivityPubUrlValid(remoteActor.url) &&
- isActorPublicKeyObjectValid(remoteActor.publicKey) &&
- isActorEndpointsObjectValid(remoteActor.endpoints) &&
- (!remoteActor.summary || isVideoChannelDescriptionValid(remoteActor.summary)) &&
- setValidAttributedTo(remoteActor) &&
// If this is not an account, it should be attributed to an account
// In PeerTube we use this to attach a video channel to a specific account
- (remoteActor.type === 'Person' || remoteActor.attributedTo.length !== 0)
+ (actor.type === 'Person' || actor.attributedTo.length !== 0)
}
function isActorFollowingCountValid (value: string) {
return isBaseActivityValid(activity, 'Delete')
}
-function isActorFollowActivityValid (activity: any) {
- return isBaseActivityValid(activity, 'Follow') &&
- isActivityPubUrlValid(activity.object)
-}
+function sanitizeAndCheckActorObject (object: any) {
+ normalizeActor(object)
-function isActorAcceptActivityValid (activity: any) {
- return isBaseActivityValid(activity, 'Accept')
+ return isActorObjectValid(object)
}
-function isActorIdExist (id: number | string, res: Response) {
- let promise: Bluebird<ActorModel>
+function normalizeActor (actor: any) {
+ if (!actor || !actor.url) return
- if (validator.isInt('' + id)) {
- promise = ActorModel.load(+id)
- } else { // UUID
- promise = ActorModel.loadByUUID('' + id)
+ if (typeof actor.url !== 'string') {
+ actor.url = actor.url.href || actor.url.url
}
- return isActorExist(promise, res)
-}
+ if (actor.summary && typeof actor.summary === 'string') {
+ actor.summary = truncate(actor.summary, { length: CONSTRAINTS_FIELDS.USERS.DESCRIPTION.max })
-function isLocalActorNameExist (name: string, res: Response) {
- const promise = ActorModel.loadLocalByName(name)
+ if (actor.summary.length < CONSTRAINTS_FIELDS.USERS.DESCRIPTION.min) {
+ actor.summary = null
+ }
+ }
- return isActorExist(promise, res)
+ return
}
-async function isActorExist (p: Bluebird<ActorModel>, res: Response) {
- const actor = await p
-
- if (!actor) {
- res.status(404)
- .send({ error: 'Actor not found' })
- .end()
+function isValidActorHandle (handle: string) {
+ if (!exists(handle)) return false
- return false
- }
+ const parts = handle.split('@')
+ if (parts.length !== 2) return false
- res.locals.actor = actor
+ return isHostValid(parts[1])
+}
- return true
+function areValidActorHandles (handles: string[]) {
+ return isArray(handles) && handles.every(h => isValidActorHandle(h))
}
// ---------------------------------------------------------------------------
export {
+ normalizeActor,
+ actorNameAlphabet,
+ areValidActorHandles,
isActorEndpointsObjectValid,
isActorPublicKeyObjectValid,
isActorTypeValid,
isActorPublicKeyValid,
isActorPreferredUsernameValid,
isActorPrivateKeyValid,
- isRemoteActorValid,
+ isActorObjectValid,
isActorFollowingCountValid,
isActorFollowersCountValid,
- isActorFollowActivityValid,
- isActorAcceptActivityValid,
isActorDeleteActivityValid,
- isActorIdExist,
- isLocalActorNameExist,
- isActorNameValid,
- isActorExist
+ sanitizeAndCheckActorObject,
+ isValidActorHandle
}