X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=sidebyside;f=server%2Fhelpers%2Fcustom-validators%2Fvideos.ts;h=714f7ac956c25b8dcc35f02b716830430a131e10;hb=b014b6b9c7cb68d09c52b44046afe486c0736426;hp=c5ef4cb5f3308fd8d8b8c899ba2f27982dd13ae3;hpb=69818c9394366b954b6ba3bd697bd9d2b09f2a16;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/helpers/custom-validators/videos.ts b/server/helpers/custom-validators/videos.ts index c5ef4cb5f..714f7ac95 100644 --- a/server/helpers/custom-validators/videos.ts +++ b/server/helpers/custom-validators/videos.ts @@ -1,181 +1,229 @@ +import { Response } from 'express' +import 'express-validator' import { values } from 'lodash' +import 'multer' import * as validator from 'validator' - +import { UserRight, VideoPrivacy, VideoRateType } from '../../../shared' import { CONSTRAINTS_FIELDS, VIDEO_CATEGORIES, VIDEO_LICENCES, - VIDEO_LANGUAGES, - VIDEO_RATE_TYPES + VIDEO_MIMETYPE_EXT, + VIDEO_PRIVACIES, + VIDEO_RATE_TYPES, + VIDEO_STATES } from '../../initializers' -import { isUserUsernameValid } from './users' -import { isArray, exists } from './misc' +import { VideoModel } from '../../models/video/video' +import { exists, isArray, isFileValid } from './misc' +import { VideoChannelModel } from '../../models/video/video-channel' +import { UserModel } from '../../models/account/user' +import * as magnetUtil from 'magnet-uri' +import { fetchVideo, VideoFetchType } from '../video' const VIDEOS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEOS -const VIDEO_ABUSES_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEO_ABUSES -const VIDEO_EVENTS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEO_EVENTS -function isVideoAuthorValid (value: string) { - return isUserUsernameValid(value) +function isVideoCategoryValid (value: any) { + return value === null || VIDEO_CATEGORIES[ value ] !== undefined } -function isVideoDateValid (value: string) { - return exists(value) && validator.isISO8601(value) +function isVideoStateValid (value: any) { + return exists(value) && VIDEO_STATES[ value ] !== undefined } -function isVideoCategoryValid (value: number) { - return VIDEO_CATEGORIES[value] !== undefined +function isVideoLicenceValid (value: any) { + return value === null || VIDEO_LICENCES[ value ] !== undefined } -function isVideoLicenceValid (value: number) { - return VIDEO_LICENCES[value] !== undefined +function isVideoLanguageValid (value: any) { + return value === null || + (typeof value === 'string' && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.LANGUAGE)) } -function isVideoLanguageValid (value: number) { - return value === null || VIDEO_LANGUAGES[value] !== undefined +function isVideoDurationValid (value: string) { + return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.DURATION) } -function isVideoNSFWValid (value: any) { - return typeof value === 'boolean' || (typeof value === 'string' && validator.isBoolean(value)) +function isVideoTruncatedDescriptionValid (value: string) { + return exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.TRUNCATED_DESCRIPTION) } function isVideoDescriptionValid (value: string) { - return exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.DESCRIPTION) + return value === null || (exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.DESCRIPTION)) } -function isVideoDurationValid (value: string) { - return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.DURATION) +function isVideoSupportValid (value: string) { + return value === null || (exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.SUPPORT)) } -function isVideoExtnameValid (value: string) { - return VIDEOS_CONSTRAINTS_FIELDS.EXTNAME.indexOf(value) !== -1 +function isVideoNameValid (value: string) { + return exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.NAME) } -function isVideoInfoHashValid (value: string) { - return exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.INFO_HASH) +function isVideoTagValid (tag: string) { + return exists(tag) && validator.isLength(tag, VIDEOS_CONSTRAINTS_FIELDS.TAG) } -function isVideoNameValid (value: string) { - return exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.NAME) +function isVideoTagsValid (tags: string[]) { + return tags === null || ( + isArray(tags) && + validator.isInt(tags.length.toString(), VIDEOS_CONSTRAINTS_FIELDS.TAGS) && + tags.every(tag => isVideoTagValid(tag)) + ) } -function isVideoTagsValid (tags: string[]) { - return isArray(tags) && - validator.isInt(tags.length.toString(), VIDEOS_CONSTRAINTS_FIELDS.TAGS) && - tags.every(function (tag) { - return exists(tag) && validator.isLength(tag, VIDEOS_CONSTRAINTS_FIELDS.TAG) - }) +function isVideoViewsValid (value: string) { + return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.VIEWS) } -function isVideoThumbnailValid (value: string) { - return exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.THUMBNAIL) +function isVideoRatingTypeValid (value: string) { + return value === 'none' || values(VIDEO_RATE_TYPES).indexOf(value as VideoRateType) !== -1 } -function isVideoThumbnailDataValid (value: string) { - return exists(value) && validator.isByteLength(value, VIDEOS_CONSTRAINTS_FIELDS.THUMBNAIL_DATA) +const videoFileTypes = Object.keys(VIDEO_MIMETYPE_EXT).map(m => `(${m})`) +const videoFileTypesRegex = videoFileTypes.join('|') + +function isVideoFile (files: { [ fieldname: string ]: Express.Multer.File[] } | Express.Multer.File[]) { + return isFileValid(files, videoFileTypesRegex, 'videofile', null) } -function isVideoRemoteIdValid (value: string) { - return exists(value) && validator.isUUID(value, 4) +const videoImageTypes = CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME + .map(v => v.replace('.', '')) + .join('|') +const videoImageTypesRegex = `image/(${videoImageTypes})` + +function isVideoImage (files: { [ fieldname: string ]: Express.Multer.File[] } | Express.Multer.File[], field: string) { + return isFileValid(files, videoImageTypesRegex, field, CONSTRAINTS_FIELDS.VIDEOS.IMAGE.FILE_SIZE.max, true) } -function isVideoAbuseReasonValid (value: string) { - return exists(value) && validator.isLength(value, VIDEO_ABUSES_CONSTRAINTS_FIELDS.REASON) +function isVideoPrivacyValid (value: number) { + return validator.isInt(value + '') && VIDEO_PRIVACIES[ value ] !== undefined } -function isVideoAbuseReporterUsernameValid (value: string) { - return isUserUsernameValid(value) +function isScheduleVideoUpdatePrivacyValid (value: number) { + return validator.isInt(value + '') && + ( + value === VideoPrivacy.UNLISTED || + value === VideoPrivacy.PUBLIC + ) } -function isVideoViewsValid (value: string) { - return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.VIEWS) +function isVideoFileInfoHashValid (value: string | null | undefined) { + return exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.INFO_HASH) } -function isVideoLikesValid (value: string) { - return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.LIKES) +function isVideoFileResolutionValid (value: string) { + return exists(value) && validator.isInt(value + '') } -function isVideoDislikesValid (value: string) { - return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.DISLIKES) +function isVideoFPSResolutionValid (value: string) { + return value === null || validator.isInt(value + '') } -function isVideoEventCountValid (value: string) { - return exists(value) && validator.isInt(value + '', VIDEO_EVENTS_CONSTRAINTS_FIELDS.COUNT) +function isVideoFileSizeValid (value: string) { + return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.FILE_SIZE) } -function isVideoRatingTypeValid (value: string) { - return values(VIDEO_RATE_TYPES).indexOf(value) !== -1 +function isVideoMagnetUriValid (value: string) { + if (!exists(value)) return false + + const parsed = magnetUtil.decode(value) + return parsed && isVideoFileInfoHashValid(parsed.infoHash) } -function isVideoFile (value: string, files: { [ fieldname: string ]: Express.Multer.File[] }) { - // Should have files - if (!files) return false +function checkUserCanManageVideo (user: UserModel, video: VideoModel, right: UserRight, res: Response) { + // Retrieve the user who did the request + if (video.isOwned() === false) { + res.status(403) + .json({ error: 'Cannot manage a video of another server.' }) + .end() + return false + } + + // Check if the user can delete the video + // The user can delete it if he has the right + // Or if s/he is the video's account + const account = video.VideoChannel.Account + if (user.hasRight(right) === false && account.userId !== user.id) { + res.status(403) + .json({ error: 'Cannot manage a video of another user.' }) + .end() + return false + } + + return true +} + +async function isVideoExist (id: string, res: Response, fetchType: VideoFetchType = 'all') { + const userId = res.locals.oauth ? res.locals.oauth.token.User.id : undefined + + const video = await fetchVideo(id, fetchType, userId) + + if (video === null) { + res.status(404) + .json({ error: 'Video not found' }) + .end() + + return false + } + + if (fetchType !== 'none') res.locals.video = video + return true +} + +async function isVideoChannelOfAccountExist (channelId: number, user: UserModel, res: Response) { + if (user.hasRight(UserRight.UPDATE_ANY_VIDEO) === true) { + const videoChannel = await VideoChannelModel.loadAndPopulateAccount(channelId) + if (videoChannel === null) { + res.status(400) + .json({ error: 'Unknown video `video channel` on this instance.' }) + .end() + + return false + } - // Should have videofile file - const videofile = files.videofile - if (!videofile || videofile.length === 0) return false + res.locals.videoChannel = videoChannel + return true + } - // The file should exist - const file = videofile[0] - if (!file || !file.originalname) return false + const videoChannel = await VideoChannelModel.loadByIdAndAccount(channelId, user.Account.id) + if (videoChannel === null) { + res.status(400) + .json({ error: 'Unknown video `video channel` for this account.' }) + .end() - return new RegExp('^video/(webm|mp4|ogg)$', 'i').test(file.mimetype) + return false + } + + res.locals.videoChannel = videoChannel + return true } // --------------------------------------------------------------------------- export { - isVideoAuthorValid, - isVideoDateValid, isVideoCategoryValid, + checkUserCanManageVideo, isVideoLicenceValid, isVideoLanguageValid, - isVideoNSFWValid, + isVideoTruncatedDescriptionValid, isVideoDescriptionValid, - isVideoDurationValid, - isVideoInfoHashValid, + isVideoFileInfoHashValid, isVideoNameValid, isVideoTagsValid, - isVideoThumbnailValid, - isVideoThumbnailDataValid, - isVideoExtnameValid, - isVideoRemoteIdValid, - isVideoAbuseReasonValid, - isVideoAbuseReporterUsernameValid, + isVideoFPSResolutionValid, + isScheduleVideoUpdatePrivacyValid, isVideoFile, + isVideoMagnetUriValid, + isVideoStateValid, isVideoViewsValid, - isVideoLikesValid, isVideoRatingTypeValid, - isVideoDislikesValid, - isVideoEventCountValid -} - -declare global { - namespace ExpressValidator { - export interface Validator { - isVideoAuthorValid, - isVideoDateValid, - isVideoCategoryValid, - isVideoLicenceValid, - isVideoLanguageValid, - isVideoNSFWValid, - isVideoDescriptionValid, - isVideoDurationValid, - isVideoInfoHashValid, - isVideoNameValid, - isVideoTagsValid, - isVideoThumbnailValid, - isVideoThumbnailDataValid, - isVideoExtnameValid, - isVideoRemoteIdValid, - isVideoAbuseReasonValid, - isVideoAbuseReporterUsernameValid, - isVideoFile, - isVideoViewsValid, - isVideoLikesValid, - isVideoRatingTypeValid, - isVideoDislikesValid, - isVideoEventCountValid - } - } + isVideoDurationValid, + isVideoTagValid, + isVideoPrivacyValid, + isVideoFileResolutionValid, + isVideoFileSizeValid, + isVideoExist, + isVideoImage, + isVideoChannelOfAccountExist, + isVideoSupportValid }