import * as validator from 'validator'
-import { exists, isDateValid } from '../misc'
-import { isActivityPubUrlValid, isBaseActivityValid } from './misc'
-import * as sanitizeHtml from 'sanitize-html'
+import { ACTIVITY_PUB } from '../../../initializers/constants'
+import { exists, isArray, isDateValid } from '../misc'
+import { isActivityPubUrlValid } from './misc'
-function isVideoCommentCreateActivityValid (activity: any) {
- return isBaseActivityValid(activity, 'Create') &&
- isVideoCommentObjectValid(activity.object)
-}
+function sanitizeAndCheckVideoCommentObject (comment: any) {
+ if (!comment || comment.type !== 'Note') return false
+
+ normalizeComment(comment)
-function isVideoCommentObjectValid (comment: any) {
- return comment.type === 'Note' &&
- isActivityPubUrlValid(comment.id) &&
- sanitizeCommentHTML(comment) &&
+ return isActivityPubUrlValid(comment.id) &&
isCommentContentValid(comment.content) &&
isActivityPubUrlValid(comment.inReplyTo) &&
isDateValid(comment.published) &&
- isActivityPubUrlValid(comment.url)
-}
-
-function isVideoCommentDeleteActivityValid (activity: any) {
- return isBaseActivityValid(activity, 'Delete')
+ isActivityPubUrlValid(comment.url) &&
+ isArray(comment.to) &&
+ (
+ comment.to.indexOf(ACTIVITY_PUB.PUBLIC) !== -1 ||
+ comment.cc.indexOf(ACTIVITY_PUB.PUBLIC) !== -1
+ ) // Only accept public comments
}
// ---------------------------------------------------------------------------
export {
- isVideoCommentCreateActivityValid,
- isVideoCommentDeleteActivityValid
+ sanitizeAndCheckVideoCommentObject
}
// ---------------------------------------------------------------------------
-function sanitizeCommentHTML (comment: any) {
- return sanitizeHtml(comment.content, {
- allowedTags: [ 'b', 'i', 'em', 'span', 'a' ],
- allowedAttributes: {
- 'a': [ 'href' ]
- }
- })
-}
-
function isCommentContentValid (content: any) {
return exists(content) && validator.isLength('' + content, { min: 1 })
}
+
+function normalizeComment (comment: any) {
+ if (!comment) return
+
+ if (typeof comment.url !== 'string') {
+ if (typeof comment.url === 'object') comment.url = comment.url.href || comment.url.url
+ else comment.url = comment.id
+ }
+
+ return
+}