-import 'express-validator'
-import { has, values } from 'lodash'
-
-import {
- REQUEST_ENDPOINTS,
- REQUEST_ENDPOINT_ACTIONS,
- REQUEST_VIDEO_EVENT_TYPES
-} from '../../../initializers'
-import { isArray, isDateValid, isUUIDValid } from '../misc'
+import validator from 'validator'
+import { logger } from '@server/helpers/logger'
+import { ActivityTrackerUrlObject, ActivityVideoFileMetadataUrlObject } from '@shared/models'
+import { LiveVideoLatencyMode, VideoState } from '../../../../shared/models/videos'
+import { ACTIVITY_PUB, CONSTRAINTS_FIELDS } from '../../../initializers/constants'
+import { peertubeTruncate } from '../../core-utils'
+import { isArray, isBooleanValid, isDateValid, isUUIDValid } from '../misc'
+import { isLiveLatencyModeValid } from '../video-lives'
import {
- isVideoThumbnailDataValid,
- isVideoAbuseReasonValid,
- isVideoAbuseReporterUsernameValid,
- isVideoViewsValid,
- isVideoLikesValid,
- isVideoDislikesValid,
- isVideoEventCountValid,
- isRemoteVideoCategoryValid,
- isRemoteVideoLicenceValid,
- isRemoteVideoLanguageValid,
- isVideoNSFWValid,
- isVideoTruncatedDescriptionValid,
+ isVideoDescriptionValid,
isVideoDurationValid,
- isVideoFileInfoHashValid,
isVideoNameValid,
- isVideoTagsValid,
- isVideoFileExtnameValid,
- isVideoFileResolutionValid
+ isVideoStateValid,
+ isVideoTagValid,
+ isVideoViewsValid
} from '../videos'
-import { isVideoChannelDescriptionValid, isVideoChannelNameValid } from '../video-channels'
-import { isVideoAuthorNameValid } from '../video-authors'
-
-const ENDPOINT_ACTIONS = REQUEST_ENDPOINT_ACTIONS[REQUEST_ENDPOINTS.VIDEOS]
-
-const checkers: { [ id: string ]: (obj: any) => boolean } = {}
-checkers[ENDPOINT_ACTIONS.ADD_VIDEO] = checkAddVideo
-checkers[ENDPOINT_ACTIONS.UPDATE_VIDEO] = checkUpdateVideo
-checkers[ENDPOINT_ACTIONS.REMOVE_VIDEO] = checkRemoveVideo
-checkers[ENDPOINT_ACTIONS.REPORT_ABUSE] = checkReportVideo
-checkers[ENDPOINT_ACTIONS.ADD_CHANNEL] = checkAddVideoChannel
-checkers[ENDPOINT_ACTIONS.UPDATE_CHANNEL] = checkUpdateVideoChannel
-checkers[ENDPOINT_ACTIONS.REMOVE_CHANNEL] = checkRemoveVideoChannel
-checkers[ENDPOINT_ACTIONS.ADD_AUTHOR] = checkAddAuthor
-checkers[ENDPOINT_ACTIONS.REMOVE_AUTHOR] = checkRemoveAuthor
-
-function removeBadRequestVideos (requests: any[]) {
- for (let i = requests.length - 1; i >= 0 ; i--) {
- const request = requests[i]
- const video = request.data
-
- if (
- !video ||
- checkers[request.type] === undefined ||
- checkers[request.type](video) === false
- ) {
- requests.splice(i, 1)
- }
- }
+import { isActivityPubUrlValid, isActivityPubVideoDurationValid, isBaseActivityValid, setValidAttributedTo } from './misc'
+
+function sanitizeAndCheckVideoTorrentUpdateActivity (activity: any) {
+ return isBaseActivityValid(activity, 'Update') &&
+ sanitizeAndCheckVideoTorrentObject(activity.object)
}
-function removeBadRequestVideosQadu (requests: any[]) {
- for (let i = requests.length - 1; i >= 0 ; i--) {
- const request = requests[i]
- const video = request.data
-
- if (
- !video ||
- (
- isUUIDValid(video.uuid) &&
- (has(video, 'views') === false || isVideoViewsValid(video.views)) &&
- (has(video, 'likes') === false || isVideoLikesValid(video.likes)) &&
- (has(video, 'dislikes') === false || isVideoDislikesValid(video.dislikes))
- ) === false
- ) {
- requests.splice(i, 1)
- }
+function sanitizeAndCheckVideoTorrentObject (video: any) {
+ if (!video || video.type !== 'Video') return false
+
+ if (!setValidRemoteTags(video)) {
+ logger.debug('Video has invalid tags', { video })
+ return false
+ }
+ if (!setValidRemoteVideoUrls(video)) {
+ logger.debug('Video has invalid urls', { video })
+ return false
+ }
+ if (!setRemoteVideoContent(video)) {
+ logger.debug('Video has invalid content', { video })
+ return false
}
+ if (!setValidAttributedTo(video)) {
+ logger.debug('Video has invalid attributedTo', { video })
+ return false
+ }
+ if (!setValidRemoteCaptions(video)) {
+ logger.debug('Video has invalid captions', { video })
+ return false
+ }
+ if (!setValidRemoteIcon(video)) {
+ logger.debug('Video has invalid icons', { video })
+ return false
+ }
+
+ // Default attributes
+ if (!isVideoStateValid(video.state)) video.state = VideoState.PUBLISHED
+ if (!isBooleanValid(video.waitTranscoding)) video.waitTranscoding = false
+ if (!isBooleanValid(video.downloadEnabled)) video.downloadEnabled = true
+ if (!isBooleanValid(video.commentsEnabled)) video.commentsEnabled = false
+ if (!isBooleanValid(video.isLiveBroadcast)) video.isLiveBroadcast = false
+ if (!isBooleanValid(video.liveSaveReplay)) video.liveSaveReplay = false
+ if (!isBooleanValid(video.permanentLive)) video.permanentLive = false
+ if (!isLiveLatencyModeValid(video.latencyMode)) video.latencyMode = LiveVideoLatencyMode.DEFAULT
+
+ return isActivityPubUrlValid(video.id) &&
+ isVideoNameValid(video.name) &&
+ isActivityPubVideoDurationValid(video.duration) &&
+ isVideoDurationValid(video.duration.replace(/[^0-9]+/g, '')) &&
+ isUUIDValid(video.uuid) &&
+ (!video.category || isRemoteNumberIdentifierValid(video.category)) &&
+ (!video.licence || isRemoteNumberIdentifierValid(video.licence)) &&
+ (!video.language || isRemoteStringIdentifierValid(video.language)) &&
+ isVideoViewsValid(video.views) &&
+ isBooleanValid(video.sensitive) &&
+ isDateValid(video.published) &&
+ isDateValid(video.updated) &&
+ (!video.originallyPublishedAt || isDateValid(video.originallyPublishedAt)) &&
+ (!video.content || isRemoteVideoContentValid(video.mediaType, video.content)) &&
+ video.attributedTo.length !== 0
}
-function removeBadRequestVideosEvents (requests: any[]) {
- for (let i = requests.length - 1; i >= 0 ; i--) {
- const request = requests[i]
- const eventData = request.data
-
- if (
- !eventData ||
- (
- isUUIDValid(eventData.uuid) &&
- values(REQUEST_VIDEO_EVENT_TYPES).indexOf(eventData.eventType) !== -1 &&
- isVideoEventCountValid(eventData.count)
- ) === false
- ) {
- requests.splice(i, 1)
- }
- }
+function isRemoteVideoUrlValid (url: any) {
+ return url.type === 'Link' &&
+ // Video file link
+ (
+ ACTIVITY_PUB.URL_MIME_TYPES.VIDEO.includes(url.mediaType) &&
+ isActivityPubUrlValid(url.href) &&
+ validator.isInt(url.height + '', { min: 0 }) &&
+ validator.isInt(url.size + '', { min: 0 }) &&
+ (!url.fps || validator.isInt(url.fps + '', { min: -1 }))
+ ) ||
+ // Torrent link
+ (
+ ACTIVITY_PUB.URL_MIME_TYPES.TORRENT.includes(url.mediaType) &&
+ isActivityPubUrlValid(url.href) &&
+ validator.isInt(url.height + '', { min: 0 })
+ ) ||
+ // Magnet link
+ (
+ ACTIVITY_PUB.URL_MIME_TYPES.MAGNET.includes(url.mediaType) &&
+ validator.isLength(url.href, { min: 5 }) &&
+ validator.isInt(url.height + '', { min: 0 })
+ ) ||
+ // HLS playlist link
+ (
+ (url.mediaType || url.mimeType) === 'application/x-mpegURL' &&
+ isActivityPubUrlValid(url.href) &&
+ isArray(url.tag)
+ ) ||
+ isAPVideoTrackerUrlObject(url) ||
+ isAPVideoFileUrlMetadataObject(url)
+}
+
+function isAPVideoFileUrlMetadataObject (url: any): url is ActivityVideoFileMetadataUrlObject {
+ return url &&
+ url.type === 'Link' &&
+ url.mediaType === 'application/json' &&
+ isArray(url.rel) && url.rel.includes('metadata')
+}
+
+function isAPVideoTrackerUrlObject (url: any): url is ActivityTrackerUrlObject {
+ return isArray(url.rel) &&
+ url.rel.includes('tracker') &&
+ isActivityPubUrlValid(url.href)
}
// ---------------------------------------------------------------------------
export {
- removeBadRequestVideos,
- removeBadRequestVideosQadu,
- removeBadRequestVideosEvents
+ sanitizeAndCheckVideoTorrentUpdateActivity,
+ isRemoteStringIdentifierValid,
+ sanitizeAndCheckVideoTorrentObject,
+ isRemoteVideoUrlValid,
+ isAPVideoFileUrlMetadataObject,
+ isAPVideoTrackerUrlObject
}
// ---------------------------------------------------------------------------
-function isCommonVideoAttributesValid (video: any) {
- return isDateValid(video.createdAt) &&
- isDateValid(video.updatedAt) &&
- isRemoteVideoCategoryValid(video.category) &&
- isRemoteVideoLicenceValid(video.licence) &&
- isRemoteVideoLanguageValid(video.language) &&
- isVideoNSFWValid(video.nsfw) &&
- isVideoTruncatedDescriptionValid(video.truncatedDescription) &&
- isVideoDurationValid(video.duration) &&
- isVideoNameValid(video.name) &&
- isVideoTagsValid(video.tags) &&
- isUUIDValid(video.uuid) &&
- isVideoViewsValid(video.views) &&
- isVideoLikesValid(video.likes) &&
- isVideoDislikesValid(video.dislikes) &&
- isArray(video.files) &&
- video.files.every(videoFile => {
- if (!videoFile) return false
-
- return (
- isVideoFileInfoHashValid(videoFile.infoHash) &&
- isVideoFileExtnameValid(videoFile.extname) &&
- isVideoFileResolutionValid(videoFile.resolution)
- )
- })
-}
+function setValidRemoteTags (video: any) {
+ if (Array.isArray(video.tag) === false) return false
-function checkAddVideo (video: any) {
- return isCommonVideoAttributesValid(video) &&
- isUUIDValid(video.channelUUID) &&
- isVideoThumbnailDataValid(video.thumbnailData)
-}
+ video.tag = video.tag.filter(t => {
+ return t.type === 'Hashtag' &&
+ isVideoTagValid(t.name)
+ })
-function checkUpdateVideo (video: any) {
- return isCommonVideoAttributesValid(video)
+ return true
}
-function checkRemoveVideo (video: any) {
- return isUUIDValid(video.uuid)
+function setValidRemoteCaptions (video: any) {
+ if (!video.subtitleLanguage) video.subtitleLanguage = []
+
+ if (Array.isArray(video.subtitleLanguage) === false) return false
+
+ video.subtitleLanguage = video.subtitleLanguage.filter(caption => {
+ if (!isActivityPubUrlValid(caption.url)) caption.url = null
+
+ return isRemoteStringIdentifierValid(caption)
+ })
+
+ return true
}
-function checkReportVideo (abuse: any) {
- return isUUIDValid(abuse.videoUUID) &&
- isVideoAbuseReasonValid(abuse.reportReason) &&
- isVideoAbuseReporterUsernameValid(abuse.reporterUsername)
+function isRemoteNumberIdentifierValid (data: any) {
+ return validator.isInt(data.identifier, { min: 0 })
}
-function checkAddVideoChannel (videoChannel: any) {
- return isUUIDValid(videoChannel.uuid) &&
- isVideoChannelNameValid(videoChannel.name) &&
- isVideoChannelDescriptionValid(videoChannel.description) &&
- isDateValid(videoChannel.createdAt) &&
- isDateValid(videoChannel.updatedAt) &&
- isUUIDValid(videoChannel.ownerUUID)
+function isRemoteStringIdentifierValid (data: any) {
+ return typeof data.identifier === 'string'
}
-function checkUpdateVideoChannel (videoChannel: any) {
- return isUUIDValid(videoChannel.uuid) &&
- isVideoChannelNameValid(videoChannel.name) &&
- isVideoChannelDescriptionValid(videoChannel.description) &&
- isDateValid(videoChannel.createdAt) &&
- isDateValid(videoChannel.updatedAt) &&
- isUUIDValid(videoChannel.ownerUUID)
+function isRemoteVideoContentValid (mediaType: string, content: string) {
+ return mediaType === 'text/markdown' && isVideoDescriptionValid(content)
}
-function checkRemoveVideoChannel (videoChannel: any) {
- return isUUIDValid(videoChannel.uuid)
+function setValidRemoteIcon (video: any) {
+ if (video.icon && !isArray(video.icon)) video.icon = [ video.icon ]
+ if (!video.icon) video.icon = []
+
+ video.icon = video.icon.filter(icon => {
+ return icon.type === 'Image' &&
+ isActivityPubUrlValid(icon.url) &&
+ icon.mediaType === 'image/jpeg' &&
+ validator.isInt(icon.width + '', { min: 0 }) &&
+ validator.isInt(icon.height + '', { min: 0 })
+ })
+
+ return video.icon.length !== 0
}
-function checkAddAuthor (author: any) {
- return isUUIDValid(author.uuid) &&
- isVideoAuthorNameValid(author.name)
+function setValidRemoteVideoUrls (video: any) {
+ if (Array.isArray(video.url) === false) return false
+
+ video.url = video.url.filter(u => isRemoteVideoUrlValid(u))
+
+ return true
}
-function checkRemoveAuthor (author: any) {
- return isUUIDValid(author.uuid)
+function setRemoteVideoContent (video: any) {
+ if (video.content) {
+ video.content = peertubeTruncate(video.content, { length: CONSTRAINTS_FIELDS.VIDEOS.DESCRIPTION.max })
+ }
+
+ return true
}
projects / github / Chocobozzz / PeerTube.git / blobdiff