-import * as validator from 'validator'
-import { CONSTRAINTS_FIELDS } from '../../../initializers'
-import { exists, isArray } from '../misc'
-import { truncate } from 'lodash'
+import validator from 'validator'
+import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
+import { exists, isArray, isDateValid } from '../misc'
import { isActivityPubUrlValid, isBaseActivityValid, setValidAttributedTo } from './misc'
import { isHostValid } from '../servers'
+import { peertubeTruncate } from '@server/helpers/core-utils'
function isActorEndpointsObjectValid (endpointObject: any) {
- return isActivityPubUrlValid(endpointObject.sharedInbox)
+ if (endpointObject?.sharedInbox) {
+ return isActivityPubUrlValid(endpointObject.sharedInbox)
+ }
+
+ // Shared inbox is optional
+ return true
}
function isActorPublicKeyObjectValid (publicKeyObject: any) {
}
function isActorTypeValid (type: string) {
- return type === 'Person' || type === 'Application' || type === 'Group'
+ return type === 'Person' || type === 'Application' || type === 'Group' || type === 'Service' || type === 'Organization'
}
function isActorPublicKeyValid (publicKey: string) {
return exists(publicKey) &&
typeof publicKey === 'string' &&
publicKey.startsWith('-----BEGIN PUBLIC KEY-----') &&
- publicKey.indexOf('-----END PUBLIC KEY-----') !== -1 &&
+ publicKey.includes('-----END PUBLIC KEY-----') &&
validator.isLength(publicKey, CONSTRAINTS_FIELDS.ACTORS.PUBLIC_KEY)
}
-const actorNameRegExp = new RegExp('^[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\\-_]+$')
+const actorNameAlphabet = '[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\\-_.:]'
+const actorNameRegExp = new RegExp(`^${actorNameAlphabet}+$`)
function isActorPreferredUsernameValid (preferredUsername: string) {
return exists(preferredUsername) && validator.matches(preferredUsername, actorNameRegExp)
}
function isActorPrivateKeyValid (privateKey: string) {
return exists(privateKey) &&
typeof privateKey === 'string' &&
- privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') &&
+ (privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') || privateKey.startsWith('-----BEGIN PRIVATE KEY-----')) &&
// Sometimes there is a \n at the end, so just assert the string contains the end mark
- privateKey.indexOf('-----END RSA PRIVATE KEY-----') !== -1 &&
+ (privateKey.includes('-----END RSA PRIVATE KEY-----') || privateKey.includes('-----END PRIVATE KEY-----')) &&
validator.isLength(privateKey, CONSTRAINTS_FIELDS.ACTORS.PRIVATE_KEY)
}
-function isActorObjectValid (actor: any) {
- return exists(actor) &&
- isActivityPubUrlValid(actor.id) &&
- isActorTypeValid(actor.type) &&
- isActivityPubUrlValid(actor.following) &&
- isActivityPubUrlValid(actor.followers) &&
- isActivityPubUrlValid(actor.inbox) &&
- isActivityPubUrlValid(actor.outbox) &&
- isActorPreferredUsernameValid(actor.preferredUsername) &&
- isActivityPubUrlValid(actor.url) &&
- isActorPublicKeyObjectValid(actor.publicKey) &&
- isActorEndpointsObjectValid(actor.endpoints) &&
- setValidAttributedTo(actor) &&
-
- // If this is not an account, it should be attributed to an account
- // In PeerTube we use this to attach a video channel to a specific account
- (actor.type === 'Person' || actor.attributedTo.length !== 0)
-}
-
function isActorFollowingCountValid (value: string) {
return exists(value) && validator.isInt('' + value, { min: 0 })
}
return isBaseActivityValid(activity, 'Delete')
}
-function isActorFollowActivityValid (activity: any) {
- return isBaseActivityValid(activity, 'Follow') &&
- isActivityPubUrlValid(activity.object)
-}
+function sanitizeAndCheckActorObject (actor: any) {
+ if (!isActorTypeValid(actor.type)) return false
-function isActorAcceptActivityValid (activity: any) {
- return isBaseActivityValid(activity, 'Accept')
-}
+ normalizeActor(actor)
-function isActorRejectActivityValid (activity: any) {
- return isBaseActivityValid(activity, 'Reject')
-}
+ return exists(actor) &&
+ isActivityPubUrlValid(actor.id) &&
+ isActivityPubUrlValid(actor.inbox) &&
+ isActorPreferredUsernameValid(actor.preferredUsername) &&
+ isActivityPubUrlValid(actor.url) &&
+ isActorPublicKeyObjectValid(actor.publicKey) &&
+ isActorEndpointsObjectValid(actor.endpoints) &&
-function isActorUpdateActivityValid (activity: any) {
- normalizeActor(activity.object)
+ (!actor.outbox || isActivityPubUrlValid(actor.outbox)) &&
+ (!actor.following || isActivityPubUrlValid(actor.following)) &&
+ (!actor.followers || isActivityPubUrlValid(actor.followers)) &&
- return isBaseActivityValid(activity, 'Update') &&
- isActorObjectValid(activity.object)
+ setValidAttributedTo(actor) &&
+ setValidDescription(actor) &&
+ // If this is a group (a channel), it should be attributed to an account
+ // In PeerTube we use this to attach a video channel to a specific account
+ (actor.type !== 'Group' || actor.attributedTo.length !== 0)
}
function normalizeActor (actor: any) {
- if (!actor || !actor.url) return
+ if (!actor) return
- if (typeof actor.url !== 'string') {
+ if (!actor.url) {
+ actor.url = actor.id
+ } else if (typeof actor.url !== 'string') {
actor.url = actor.url.href || actor.url.url
}
+ if (!isDateValid(actor.published)) actor.published = undefined
+
if (actor.summary && typeof actor.summary === 'string') {
- actor.summary = truncate(actor.summary, { length: CONSTRAINTS_FIELDS.USERS.DESCRIPTION.max })
+ actor.summary = peertubeTruncate(actor.summary, { length: CONSTRAINTS_FIELDS.USERS.DESCRIPTION.max })
if (actor.summary.length < CONSTRAINTS_FIELDS.USERS.DESCRIPTION.min) {
actor.summary = null
}
}
-
- return
}
function isValidActorHandle (handle: string) {
return isArray(handles) && handles.every(h => isValidActorHandle(h))
}
+function setValidDescription (obj: any) {
+ if (!obj.summary) obj.summary = null
+
+ return true
+}
+
// ---------------------------------------------------------------------------
export {
normalizeActor,
+ actorNameAlphabet,
areValidActorHandles,
isActorEndpointsObjectValid,
isActorPublicKeyObjectValid,
isActorPublicKeyValid,
isActorPreferredUsernameValid,
isActorPrivateKeyValid,
- isActorObjectValid,
isActorFollowingCountValid,
isActorFollowersCountValid,
- isActorFollowActivityValid,
- isActorAcceptActivityValid,
- isActorRejectActivityValid,
isActorDeleteActivityValid,
- isActorUpdateActivityValid,
+ sanitizeAndCheckActorObject,
isValidActorHandle
}