-import { body, param } from 'express-validator/check'
import * as express from 'express'
-
-import { checkErrors } from './utils'
-import { database as db } from '../../initializers'
+import { body, param } from 'express-validator/check'
+import { UserRight } from '../../../shared'
+import { logger } from '../../helpers'
+import { isAccountIdExist } from '../../helpers/custom-validators/accounts'
+import { isIdOrUUIDValid, isIdValid } from '../../helpers/custom-validators/misc'
import {
- logger,
- isIdOrUUIDValid,
isVideoChannelDescriptionValid,
- isVideoChannelNameValid,
- checkVideoChannelExists,
- checkVideoAccountExists
-} from '../../helpers'
-import { UserInstance } from '../../models'
-import { UserRight } from '../../../shared'
+ isVideoChannelExist,
+ isVideoChannelNameValid
+} from '../../helpers/custom-validators/video-channels'
+import { UserModel } from '../../models/account/user'
+import { VideoChannelModel } from '../../models/video/video-channel'
+import { VideoChannelShareModel } from '../../models/video/video-channel-share'
+import { areValidationErrors } from './utils'
const listVideoAccountChannelsValidator = [
param('accountId').custom(isIdOrUUIDValid).withMessage('Should have a valid account id'),
- (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ async (req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking listVideoAccountChannelsValidator parameters', { parameters: req.body })
- checkErrors(req, res, () => {
- checkVideoAccountExists(req.params.accountId, res, next)
- })
+ if (areValidationErrors(req, res)) return
+ if (!await isAccountIdExist(req.params.accountId, res)) return
+
+ return next()
}
]
(req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking videoChannelsAdd parameters', { parameters: req.body })
- checkErrors(req, res, next)
+ if (areValidationErrors(req, res)) return
+
+ return next()
}
]
body('name').optional().custom(isVideoChannelNameValid).withMessage('Should have a valid name'),
body('description').optional().custom(isVideoChannelDescriptionValid).withMessage('Should have a valid description'),
- (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ async (req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking videoChannelsUpdate parameters', { parameters: req.body })
- checkErrors(req, res, () => {
- checkVideoChannelExists(req.params.id, res, () => {
- // We need to make additional checks
- if (res.locals.videoChannel.isOwned() === false) {
- return res.status(403)
- .json({ error: 'Cannot update video channel of another server' })
- .end()
- }
-
- if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) {
- return res.status(403)
- .json({ error: 'Cannot update video channel of another user' })
- .end()
- }
-
- next()
- })
- })
+ if (areValidationErrors(req, res)) return
+ if (!await isVideoChannelExist(req.params.id, res)) return
+
+ // We need to make additional checks
+ if (res.locals.videoChannel.isOwned() === false) {
+ return res.status(403)
+ .json({ error: 'Cannot update video channel of another server' })
+ .end()
+ }
+
+ if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) {
+ return res.status(403)
+ .json({ error: 'Cannot update video channel of another user' })
+ .end()
+ }
+
+ return next()
}
]
const videoChannelsRemoveValidator = [
param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
- (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ async (req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking videoChannelsRemove parameters', { parameters: req.params })
- checkErrors(req, res, () => {
- checkVideoChannelExists(req.params.id, res, () => {
- // Check if the user who did the request is able to delete the video
- checkUserCanDeleteVideoChannel(res, () => {
- checkVideoChannelIsNotTheLastOne(res, next)
- })
- })
- })
+ if (areValidationErrors(req, res)) return
+ if (!await isVideoChannelExist(req.params.id, res)) return
+
+ // Check if the user who did the request is able to delete the video
+ if (!checkUserCanDeleteVideoChannel(res.locals.oauth.token.User, res.locals.videoChannel, res)) return
+ if (!await checkVideoChannelIsNotTheLastOne(res)) return
+
+ return next()
}
]
-const videoChannelGetValidator = [
+const videoChannelsGetValidator = [
param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
- (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ async (req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking videoChannelsGet parameters', { parameters: req.params })
- checkErrors(req, res, () => {
- checkVideoChannelExists(req.params.id, res, next)
- })
+ if (areValidationErrors(req, res)) return
+ if (!await isVideoChannelExist(req.params.id, res)) return
+
+ return next()
+ }
+]
+
+const videoChannelsShareValidator = [
+ param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
+ param('accountId').custom(isIdValid).not().isEmpty().withMessage('Should have a valid account id'),
+
+ async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+ logger.debug('Checking videoChannelShare parameters', { parameters: req.params })
+
+ if (areValidationErrors(req, res)) return
+ if (!await isVideoChannelExist(req.params.id, res)) return
+
+ const share = await VideoChannelShareModel.load(res.locals.video.id, req.params.accountId, undefined)
+ if (!share) {
+ return res.status(404)
+ .end()
+ }
+
+ res.locals.videoChannelShare = share
+
+ return next()
}
]
videoChannelsAddValidator,
videoChannelsUpdateValidator,
videoChannelsRemoveValidator,
- videoChannelGetValidator
+ videoChannelsGetValidator,
+ videoChannelsShareValidator
}
// ---------------------------------------------------------------------------
-function checkUserCanDeleteVideoChannel (res: express.Response, callback: () => void) {
- const user: UserInstance = res.locals.oauth.token.User
-
+function checkUserCanDeleteVideoChannel (user: UserModel, videoChannel: VideoChannelModel, res: express.Response) {
// Retrieve the user who did the request
- if (res.locals.videoChannel.isOwned() === false) {
- return res.status(403)
+ if (videoChannel.isOwned() === false) {
+ res.status(403)
.json({ error: 'Cannot remove video channel of another server.' })
.end()
+
+ return false
}
// Check if the user can delete the video channel
// The user can delete it if s/he is an admin
// Or if s/he is the video channel's account
- if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && res.locals.videoChannel.Account.userId !== user.id) {
- return res.status(403)
+ if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && videoChannel.Account.userId !== user.id) {
+ res.status(403)
.json({ error: 'Cannot remove video channel of another user' })
.end()
+
+ return false
}
- // If we reach this comment, we can delete the video
- callback()
+ return true
}
-function checkVideoChannelIsNotTheLastOne (res: express.Response, callback: () => void) {
- db.VideoChannel.countByAccount(res.locals.oauth.token.User.Account.id)
- .then(count => {
- if (count <= 1) {
- return res.status(409)
- .json({ error: 'Cannot remove the last channel of this user' })
- .end()
- }
-
- callback()
- })
+async function checkVideoChannelIsNotTheLastOne (res: express.Response) {
+ const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id)
+
+ if (count <= 1) {
+ res.status(409)
+ .json({ error: 'Cannot remove the last channel of this user' })
+ .end()
+
+ return false
+ }
+
+ return true
}
projects / github / Chocobozzz / PeerTube.git / blobdiff