-import * as express from 'express'
+import express from 'express'
import { body, param, query, ValidationChain } from 'express-validator'
-import { ExpressPromiseHandler } from '@server/types/express'
+import { ExpressPromiseHandler } from '@server/types/express-handler'
import { MUserAccountId } from '@server/types/models'
-import { UserRight, VideoPlaylistCreate, VideoPlaylistUpdate } from '../../../../shared'
-import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
-import { VideoPlaylistPrivacy } from '../../../../shared/models/videos/playlist/video-playlist-privacy.model'
-import { VideoPlaylistType } from '../../../../shared/models/videos/playlist/video-playlist-type.model'
+import { forceNumber } from '@shared/core-utils'
+import {
+ HttpStatusCode,
+ UserRight,
+ VideoPlaylistCreate,
+ VideoPlaylistPrivacy,
+ VideoPlaylistType,
+ VideoPlaylistUpdate
+} from '@shared/models'
import {
isArrayOf,
isIdOrUUIDValid,
isIdValid,
isUUIDValid,
+ toCompleteUUID,
toIntArray,
toIntOrNull,
toValueOrNull
isVideoPlaylistTimestampValid,
isVideoPlaylistTypeValid
} from '../../../helpers/custom-validators/video-playlists'
-import { isVideoImage } from '../../../helpers/custom-validators/videos'
+import { isVideoImageValid } from '../../../helpers/custom-validators/videos'
import { cleanUpReqFiles } from '../../../helpers/express-utils'
-import { logger } from '../../../helpers/logger'
-import { doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist, VideoPlaylistFetchType } from '../../../helpers/middlewares'
import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
import { VideoPlaylistElementModel } from '../../../models/video/video-playlist-element'
import { MVideoPlaylist } from '../../../types/models/video/video-playlist'
-import { authenticatePromiseIfNeeded } from '../../auth'
-import { areValidationErrors } from '../utils'
+import { authenticatePromise } from '../../auth'
+import {
+ areValidationErrors,
+ doesVideoChannelIdExist,
+ doesVideoExist,
+ doesVideoPlaylistExist,
+ isValidPlaylistIdParam,
+ VideoPlaylistFetchType
+} from '../shared'
const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([
body('displayName')
- .custom(isVideoPlaylistNameValid).withMessage('Should have a valid display name'),
+ .custom(isVideoPlaylistNameValid),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking videoPlaylistsAddValidator parameters', { parameters: req.body })
-
if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
const body: VideoPlaylistCreate = req.body
if (body.videoChannelId && !await doesVideoChannelIdExist(body.videoChannelId, res)) return cleanUpReqFiles(req)
- if (body.privacy === VideoPlaylistPrivacy.PUBLIC && !body.videoChannelId) {
+ if (
+ !body.videoChannelId &&
+ (body.privacy === VideoPlaylistPrivacy.PUBLIC || body.privacy === VideoPlaylistPrivacy.UNLISTED)
+ ) {
cleanUpReqFiles(req)
- return res.status(HttpStatusCode.BAD_REQUEST_400)
- .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' })
+
+ return res.fail({ message: 'Cannot set "public" or "unlisted" a playlist that is not assigned to a channel.' })
}
return next()
])
const videoPlaylistsUpdateValidator = getCommonPlaylistEditAttributes().concat([
- param('playlistId')
- .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+ isValidPlaylistIdParam('playlistId'),
body('displayName')
.optional()
- .custom(isVideoPlaylistNameValid).withMessage('Should have a valid display name'),
+ .custom(isVideoPlaylistNameValid),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking videoPlaylistsUpdateValidator parameters', { parameters: req.body })
-
if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return cleanUpReqFiles(req)
)
) {
cleanUpReqFiles(req)
- return res.status(HttpStatusCode.BAD_REQUEST_400)
- .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' })
+
+ return res.fail({ message: 'Cannot set "public" a playlist that is not assigned to a channel.' })
}
if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) {
cleanUpReqFiles(req)
- return res.status(HttpStatusCode.BAD_REQUEST_400)
- .json({ error: 'Cannot update a watch later playlist.' })
+
+ return res.fail({ message: 'Cannot update a watch later playlist.' })
}
if (body.videoChannelId && !await doesVideoChannelIdExist(body.videoChannelId, res)) return cleanUpReqFiles(req)
])
const videoPlaylistsDeleteValidator = [
- param('playlistId')
- .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+ isValidPlaylistIdParam('playlistId'),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking videoPlaylistsDeleteValidator parameters', { parameters: req.params })
-
if (areValidationErrors(req, res)) return
if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return
const videoPlaylist = getPlaylist(res)
if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) {
- return res.status(HttpStatusCode.BAD_REQUEST_400)
- .json({ error: 'Cannot delete a watch later playlist.' })
+ return res.fail({ message: 'Cannot delete a watch later playlist.' })
}
if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) {
const videoPlaylistsGetValidator = (fetchType: VideoPlaylistFetchType) => {
return [
- param('playlistId')
- .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+ isValidPlaylistIdParam('playlistId'),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking videoPlaylistsGetValidator parameters', { parameters: req.params })
-
if (areValidationErrors(req, res)) return
if (!await doesVideoPlaylistExist(req.params.playlistId, res, fetchType)) return
if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) {
if (isUUIDValid(req.params.playlistId)) return next()
- return res.status(HttpStatusCode.NOT_FOUND_404).end()
+ return res.fail({
+ status: HttpStatusCode.NOT_FOUND_404,
+ message: 'Playlist not found'
+ })
}
if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
- await authenticatePromiseIfNeeded(req, res)
+ await authenticatePromise(req, res)
const user = res.locals.oauth ? res.locals.oauth.token.User : null
!user ||
(videoPlaylist.OwnerAccount.id !== user.Account.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST))
) {
- return res.status(HttpStatusCode.FORBIDDEN_403)
- .json({ error: 'Cannot get this private video playlist.' })
+ return res.fail({
+ status: HttpStatusCode.FORBIDDEN_403,
+ message: 'Cannot get this private video playlist.'
+ })
}
return next()
}
const videoPlaylistsSearchValidator = [
- query('search').optional().not().isEmpty().withMessage('Should have a valid search'),
+ query('search')
+ .optional()
+ .not().isEmpty(),
(req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking videoPlaylists search query', { parameters: req.query })
-
if (areValidationErrors(req, res)) return
return next()
]
const videoPlaylistsAddVideoValidator = [
- param('playlistId')
- .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+ isValidPlaylistIdParam('playlistId'),
+
body('videoId')
- .custom(isIdOrUUIDValid).withMessage('Should have a valid video id/uuid'),
+ .customSanitizer(toCompleteUUID)
+ .custom(isIdOrUUIDValid).withMessage('Should have a valid video id/uuid/short uuid'),
body('startTimestamp')
.optional()
- .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid start timestamp'),
+ .custom(isVideoPlaylistTimestampValid),
body('stopTimestamp')
.optional()
- .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid stop timestamp'),
+ .custom(isVideoPlaylistTimestampValid),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking videoPlaylistsAddVideoValidator parameters', { parameters: req.params })
-
if (areValidationErrors(req, res)) return
if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
]
const videoPlaylistsUpdateOrRemoveVideoValidator = [
- param('playlistId')
- .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+ isValidPlaylistIdParam('playlistId'),
param('playlistElementId')
- .custom(isIdValid).withMessage('Should have an element id/uuid'),
+ .customSanitizer(toCompleteUUID)
+ .custom(isIdValid).withMessage('Should have an element id/uuid/short uuid'),
body('startTimestamp')
.optional()
- .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid start timestamp'),
+ .custom(isVideoPlaylistTimestampValid),
body('stopTimestamp')
.optional()
- .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid stop timestamp'),
+ .custom(isVideoPlaylistTimestampValid),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking videoPlaylistsRemoveVideoValidator parameters', { parameters: req.params })
-
if (areValidationErrors(req, res)) return
if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
const videoPlaylistElement = await VideoPlaylistElementModel.loadById(req.params.playlistElementId)
if (!videoPlaylistElement) {
- res.status(HttpStatusCode.NOT_FOUND_404)
- .json({ error: 'Video playlist element not found' })
- .end()
-
+ res.fail({
+ status: HttpStatusCode.NOT_FOUND_404,
+ message: 'Video playlist element not found'
+ })
return
}
res.locals.videoPlaylistElement = videoPlaylistElement
]
const videoPlaylistElementAPGetValidator = [
- param('playlistId')
- .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+ isValidPlaylistIdParam('playlistId'),
param('playlistElementId')
- .custom(isIdValid).withMessage('Should have an playlist element id'),
+ .custom(isIdValid),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking videoPlaylistElementAPGetValidator parameters', { parameters: req.params })
-
if (areValidationErrors(req, res)) return
- const playlistElementId = parseInt(req.params.playlistElementId + '', 10)
+ const playlistElementId = forceNumber(req.params.playlistElementId)
const playlistId = req.params.playlistId
const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndElementIdForAP(playlistId, playlistElementId)
if (!videoPlaylistElement) {
- res.status(HttpStatusCode.NOT_FOUND_404)
- .json({ error: 'Video playlist element not found' })
- .end()
-
+ res.fail({
+ status: HttpStatusCode.NOT_FOUND_404,
+ message: 'Video playlist element not found'
+ })
return
}
if (videoPlaylistElement.VideoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
- return res.status(HttpStatusCode.FORBIDDEN_403).end()
+ return res.fail({
+ status: HttpStatusCode.FORBIDDEN_403,
+ message: 'Cannot get this private video playlist.'
+ })
}
res.locals.videoPlaylistElementAP = videoPlaylistElement
]
const videoPlaylistsReorderVideosValidator = [
- param('playlistId')
- .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+ isValidPlaylistIdParam('playlistId'),
+
body('startPosition')
- .isInt({ min: 1 }).withMessage('Should have a valid start position'),
+ .isInt({ min: 1 }),
body('insertAfterPosition')
- .isInt({ min: 0 }).withMessage('Should have a valid insert after position'),
+ .isInt({ min: 0 }),
body('reorderLength')
.optional()
- .isInt({ min: 1 }).withMessage('Should have a valid range length'),
+ .isInt({ min: 1 }),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking videoPlaylistsReorderVideosValidator parameters', { parameters: req.params })
-
if (areValidationErrors(req, res)) return
if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
const reorderLength: number = req.body.reorderLength
if (startPosition >= nextPosition || insertAfterPosition >= nextPosition) {
- res.status(HttpStatusCode.BAD_REQUEST_400)
- .json({ error: `Start position or insert after position exceed the playlist limits (max: ${nextPosition - 1})` })
- .end()
-
+ res.fail({ message: `Start position or insert after position exceed the playlist limits (max: ${nextPosition - 1})` })
return
}
if (reorderLength && reorderLength + startPosition > nextPosition) {
- res.status(HttpStatusCode.BAD_REQUEST_400)
- .json({ error: `Reorder length with this start position exceeds the playlist limits (max: ${nextPosition - startPosition})` })
- .end()
-
+ res.fail({ message: `Reorder length with this start position exceeds the playlist limits (max: ${nextPosition - startPosition})` })
return
}
const commonVideoPlaylistFiltersValidator = [
query('playlistType')
.optional()
- .custom(isVideoPlaylistTypeValid).withMessage('Should have a valid playlist type'),
+ .custom(isVideoPlaylistTypeValid),
(req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking commonVideoPlaylistFiltersValidator parameters', { parameters: req.params })
-
if (areValidationErrors(req, res)) return
return next()
.custom(v => isArrayOf(v, isIdValid)).withMessage('Should have a valid video ids array'),
(req: express.Request, res: express.Response, next: express.NextFunction) => {
- logger.debug('Checking areVideosInPlaylistExistValidator parameters', { parameters: req.query })
-
if (areValidationErrors(req, res)) return
return next()
function getCommonPlaylistEditAttributes () {
return [
body('thumbnailfile')
- .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile'))
+ .custom((value, { req }) => isVideoImageValid(req.files, 'thumbnailfile'))
.withMessage(
'This thumbnail file is not supported or too large. Please, make sure it is of the following type: ' +
CONSTRAINTS_FIELDS.VIDEO_PLAYLISTS.IMAGE.EXTNAME.join(', ')
body('description')
.optional()
.customSanitizer(toValueOrNull)
- .custom(isVideoPlaylistDescriptionValid).withMessage('Should have a valid description'),
+ .custom(isVideoPlaylistDescriptionValid),
body('privacy')
.optional()
.customSanitizer(toIntOrNull)
- .custom(isVideoPlaylistPrivacyValid).withMessage('Should have correct playlist privacy'),
+ .custom(isVideoPlaylistPrivacyValid),
body('videoChannelId')
.optional()
.customSanitizer(toIntOrNull)
function checkUserCanManageVideoPlaylist (user: MUserAccountId, videoPlaylist: MVideoPlaylist, right: UserRight, res: express.Response) {
if (videoPlaylist.isOwned() === false) {
- res.status(HttpStatusCode.FORBIDDEN_403)
- .json({ error: 'Cannot manage video playlist of another server.' })
- .end()
-
+ res.fail({
+ status: HttpStatusCode.FORBIDDEN_403,
+ message: 'Cannot manage video playlist of another server.'
+ })
return false
}
// The user can delete it if s/he is an admin
// Or if s/he is the video playlist's owner
if (user.hasRight(right) === false && videoPlaylist.ownerAccountId !== user.Account.id) {
- res.status(HttpStatusCode.FORBIDDEN_403)
- .json({ error: 'Cannot manage video playlist of another user' })
- .end()
-
+ res.fail({
+ status: HttpStatusCode.FORBIDDEN_403,
+ message: 'Cannot manage video playlist of another user'
+ })
return false
}
projects / github / Chocobozzz / PeerTube.git / blobdiff