X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=sidebyside;f=server%2Fcontrollers%2Fapi%2Fvideos%2Fabuse.ts;h=08e11b00bd930e5b0e604be68f7d3e73a454f179;hb=c48e82b5e0478434de30626d14594a97f2402e7c;hp=7782fc6390cb3aa187d11ba23b5f5cc3e632548a;hpb=9a12f169c15b638fe78cf6e85a1993550a25e404;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/controllers/api/videos/abuse.ts b/server/controllers/api/videos/abuse.ts
index 7782fc639..08e11b00b 100644
--- a/server/controllers/api/videos/abuse.ts
+++ b/server/controllers/api/videos/abuse.ts
@@ -1,5 +1,5 @@
 import * as express from 'express'
-import { UserRight, VideoAbuseCreate } from '../../../../shared'
+import { UserRight, VideoAbuseCreate, VideoAbuseState } from '../../../../shared'
 import { logger } from '../../../helpers/logger'
 import { getFormattedObjects } from '../../../helpers/utils'
 import { sequelizeTypescript } from '../../../initializers'
@@ -12,8 +12,10 @@ import {
   paginationValidator,
   setDefaultPagination,
   setDefaultSort,
+  videoAbuseGetValidator,
   videoAbuseReportValidator,
-  videoAbusesSortValidator
+  videoAbusesSortValidator,
+  videoAbuseUpdateValidator
 } from '../../../middlewares'
 import { AccountModel } from '../../../models/account/account'
 import { VideoModel } from '../../../models/video/video'
@@ -32,11 +34,23 @@ abuseVideoRouter.get('/abuse',
   setDefaultPagination,
   asyncMiddleware(listVideoAbuses)
 )
-abuseVideoRouter.post('/:id/abuse',
+abuseVideoRouter.put('/:videoId/abuse/:id',
+  authenticate,
+  ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
+  asyncMiddleware(videoAbuseUpdateValidator),
+  asyncRetryTransactionMiddleware(updateVideoAbuse)
+)
+abuseVideoRouter.post('/:videoId/abuse',
   authenticate,
   asyncMiddleware(videoAbuseReportValidator),
   asyncRetryTransactionMiddleware(reportVideoAbuse)
 )
+abuseVideoRouter.delete('/:videoId/abuse/:id',
+  authenticate,
+  ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
+  asyncMiddleware(videoAbuseGetValidator),
+  asyncRetryTransactionMiddleware(deleteVideoAbuse)
+)
 
 // ---------------------------------------------------------------------------
 
@@ -46,12 +60,39 @@ export {
 
 // ---------------------------------------------------------------------------
 
-async function listVideoAbuses (req: express.Request, res: express.Response, next: express.NextFunction) {
+async function listVideoAbuses (req: express.Request, res: express.Response) {
   const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort)
 
   return res.json(getFormattedObjects(resultList.data, resultList.total))
 }
 
+async function updateVideoAbuse (req: express.Request, res: express.Response) {
+  const videoAbuse: VideoAbuseModel = res.locals.videoAbuse
+
+  if (req.body.moderationComment !== undefined) videoAbuse.moderationComment = req.body.moderationComment
+  if (req.body.state !== undefined) videoAbuse.state = req.body.state
+
+  await sequelizeTypescript.transaction(t => {
+    return videoAbuse.save({ transaction: t })
+  })
+
+  // Do not send the delete to other instances, we updated OUR copy of this video abuse
+
+  return res.type('json').status(204).end()
+}
+
+async function deleteVideoAbuse (req: express.Request, res: express.Response) {
+  const videoAbuse: VideoAbuseModel = res.locals.videoAbuse
+
+  await sequelizeTypescript.transaction(t => {
+    return videoAbuse.destroy({ transaction: t })
+  })
+
+  // Do not send the delete to other instances, we delete OUR copy of this video abuse
+
+  return res.type('json').status(204).end()
+}
+
 async function reportVideoAbuse (req: express.Request, res: express.Response) {
   const videoInstance = res.locals.video as VideoModel
   const reporterAccount = res.locals.oauth.token.User.Account as AccountModel
@@ -60,22 +101,27 @@ async function reportVideoAbuse (req: express.Request, res: express.Response) {
   const abuseToCreate = {
     reporterAccountId: reporterAccount.id,
     reason: body.reason,
-    videoId: videoInstance.id
+    videoId: videoInstance.id,
+    state: VideoAbuseState.PENDING
   }
 
-  await sequelizeTypescript.transaction(async t => {
+  const videoAbuse: VideoAbuseModel = await sequelizeTypescript.transaction(async t => {
     const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t })
     videoAbuseInstance.Video = videoInstance
     videoAbuseInstance.Account = reporterAccount
 
     // We send the video abuse to the origin server
     if (videoInstance.isOwned() === false) {
-      await sendVideoAbuse(reporterAccount.Actor, videoAbuseInstance, videoInstance, t)
+      await sendVideoAbuse(reporterAccount.Actor, videoAbuseInstance, videoInstance)
     }
 
     auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON()))
-    logger.info('Abuse report for video %s created.', videoInstance.name)
+
+    return videoAbuseInstance
   })
 
-  return res.type('json').status(204).end()
+  logger.info('Abuse report for video %s created.', videoInstance.name)
+  return res.json({
+    videoAbuse: videoAbuse.toFormattedJSON()
+  }).end()
 }