X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fcontrollers%2Factivitypub%2Fclient.ts;h=71a5b623256dcb1c2c190a2163ade4bfe4396369;hb=de94ac86a211dec657332d964693857ec235ce40;hp=d36d10de1b3d33bc63bec0bc25e12bf2f57be458;hpb=74dc3bca2b14f5fd3fe80c394dfc34177a46db77;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/controllers/activitypub/client.ts b/server/controllers/activitypub/client.ts index d36d10de1..71a5b6232 100644 --- a/server/controllers/activitypub/client.ts +++ b/server/controllers/activitypub/client.ts @@ -1,11 +1,21 @@ -// Intercept ActivityPub client requests +import * as cors from 'cors' import * as express from 'express' +import { getServerActor } from '@server/models/application/application' +import { MAccountId, MActorId, MChannelId, MVideoId, MVideoUrl } from '@server/types/models' import { VideoPrivacy, VideoRateType } from '../../../shared/models/videos' +import { VideoPlaylistPrivacy } from '../../../shared/models/videos/playlist/video-playlist-privacy.model' import { activityPubCollectionPagination, activityPubContextify } from '../../helpers/activitypub' import { ROUTE_CACHE_LIFETIME, WEBSERVER } from '../../initializers/constants' -import { buildAnnounceWithVideoAudience, buildLikeActivity } from '../../lib/activitypub/send' import { audiencify, getAudience } from '../../lib/activitypub/audience' +import { buildAnnounceWithVideoAudience, buildLikeActivity } from '../../lib/activitypub/send' import { buildCreateActivity } from '../../lib/activitypub/send/send-create' +import { buildDislikeActivity } from '../../lib/activitypub/send/send-dislike' +import { + getLocalVideoCommentsActivityPubUrl, + getLocalVideoDislikesActivityPubUrl, + getLocalVideoLikesActivityPubUrl, + getLocalVideoSharesActivityPubUrl +} from '../../lib/activitypub/url' import { asyncMiddleware, executeIfActivityPub, @@ -14,32 +24,24 @@ import { videosCustomGetValidator, videosShareValidator } from '../../middlewares' -import { getAccountVideoRateValidator, videoCommentGetValidator } from '../../middlewares/validators' +import { cacheRoute } from '../../middlewares/cache' +import { getAccountVideoRateValidatorFactory, videoCommentGetValidator } from '../../middlewares/validators' +import { videoFileRedundancyGetValidator, videoPlaylistRedundancyGetValidator } from '../../middlewares/validators/redundancy' +import { videoPlaylistElementAPGetValidator, videoPlaylistsGetValidator } from '../../middlewares/validators/videos/video-playlists' import { AccountModel } from '../../models/account/account' -import { ActorModel } from '../../models/activitypub/actor' +import { AccountVideoRateModel } from '../../models/account/account-video-rate' import { ActorFollowModel } from '../../models/activitypub/actor-follow' import { VideoModel } from '../../models/video/video' +import { VideoCaptionModel } from '../../models/video/video-caption' import { VideoCommentModel } from '../../models/video/video-comment' +import { VideoPlaylistModel } from '../../models/video/video-playlist' import { VideoShareModel } from '../../models/video/video-share' -import { cacheRoute } from '../../middlewares/cache' import { activityPubResponse } from './utils' -import { AccountVideoRateModel } from '../../models/account/account-video-rate' -import { - getRateUrl, - getVideoCommentsActivityPubUrl, - getVideoDislikesActivityPubUrl, - getVideoLikesActivityPubUrl, - getVideoSharesActivityPubUrl -} from '../../lib/activitypub' -import { VideoCaptionModel } from '../../models/video/video-caption' -import { videoFileRedundancyGetValidator, videoPlaylistRedundancyGetValidator } from '../../middlewares/validators/redundancy' -import { getServerActor } from '../../helpers/utils' -import { buildDislikeActivity } from '../../lib/activitypub/send/send-dislike' -import { videoPlaylistElementAPGetValidator, videoPlaylistsGetValidator } from '../../middlewares/validators/videos/video-playlists' -import { VideoPlaylistModel } from '../../models/video/video-playlist' -import { VideoPlaylistPrivacy } from '../../../shared/models/videos/playlist/video-playlist-privacy.model' const activityPubClientRouter = express.Router() +activityPubClientRouter.use(cors()) + +// Intercept ActivityPub client requests activityPubClientRouter.get('/accounts?/:name', executeIfActivityPub, @@ -63,18 +65,18 @@ activityPubClientRouter.get('/accounts?/:name/playlists', ) activityPubClientRouter.get('/accounts?/:name/likes/:videoId', executeIfActivityPub, - asyncMiddleware(getAccountVideoRateValidator('like')), - getAccountVideoRate('like') + asyncMiddleware(getAccountVideoRateValidatorFactory('like')), + getAccountVideoRateFactory('like') ) activityPubClientRouter.get('/accounts?/:name/dislikes/:videoId', executeIfActivityPub, - asyncMiddleware(getAccountVideoRateValidator('dislike')), - getAccountVideoRate('dislike') + asyncMiddleware(getAccountVideoRateValidatorFactory('dislike')), + getAccountVideoRateFactory('dislike') ) activityPubClientRouter.get('/videos/watch/:id', executeIfActivityPub, - asyncMiddleware(cacheRoute(ROUTE_CACHE_LIFETIME.ACTIVITY_PUB.VIDEOS)), + asyncMiddleware(cacheRoute()(ROUTE_CACHE_LIFETIME.ACTIVITY_PUB.VIDEOS)), asyncMiddleware(videosCustomGetValidator('only-video-with-rights')), asyncMiddleware(videoController) ) @@ -85,7 +87,7 @@ activityPubClientRouter.get('/videos/watch/:id/activity', ) activityPubClientRouter.get('/videos/watch/:id/announces', executeIfActivityPub, - asyncMiddleware(videosCustomGetValidator('only-video')), + asyncMiddleware(videosCustomGetValidator('only-immutable-attributes')), asyncMiddleware(videoAnnouncesController) ) activityPubClientRouter.get('/videos/watch/:id/announces/:actorId', @@ -95,17 +97,17 @@ activityPubClientRouter.get('/videos/watch/:id/announces/:actorId', ) activityPubClientRouter.get('/videos/watch/:id/likes', executeIfActivityPub, - asyncMiddleware(videosCustomGetValidator('only-video')), + asyncMiddleware(videosCustomGetValidator('only-immutable-attributes')), asyncMiddleware(videoLikesController) ) activityPubClientRouter.get('/videos/watch/:id/dislikes', executeIfActivityPub, - asyncMiddleware(videosCustomGetValidator('only-video')), + asyncMiddleware(videosCustomGetValidator('only-immutable-attributes')), asyncMiddleware(videoDislikesController) ) activityPubClientRouter.get('/videos/watch/:id/comments', executeIfActivityPub, - asyncMiddleware(videosCustomGetValidator('only-video')), + asyncMiddleware(videosCustomGetValidator('only-immutable-attributes')), asyncMiddleware(videoCommentsController) ) activityPubClientRouter.get('/videos/watch/:videoId/comments/:commentId', @@ -122,7 +124,7 @@ activityPubClientRouter.get('/videos/watch/:videoId/comments/:commentId/activity activityPubClientRouter.get('/video-channels/:name', executeIfActivityPub, asyncMiddleware(localVideoChannelValidator), - asyncMiddleware(videoChannelController) + videoChannelController ) activityPubClientRouter.get('/video-channels/:name/followers', executeIfActivityPub, @@ -134,6 +136,11 @@ activityPubClientRouter.get('/video-channels/:name/following', asyncMiddleware(localVideoChannelValidator), asyncMiddleware(videoChannelFollowingController) ) +activityPubClientRouter.get('/video-channels/:name/playlists', + executeIfActivityPub, + asyncMiddleware(localVideoChannelValidator), + asyncMiddleware(videoChannelPlaylistsController) +) activityPubClientRouter.get('/redundancy/videos/:videoId/:resolution([0-9]+)(-:fps([0-9]+))?', executeIfActivityPub, @@ -148,13 +155,13 @@ activityPubClientRouter.get('/redundancy/streaming-playlists/:streamingPlaylistT activityPubClientRouter.get('/video-playlists/:playlistId', executeIfActivityPub, - asyncMiddleware(videoPlaylistsGetValidator), + asyncMiddleware(videoPlaylistsGetValidator('all')), asyncMiddleware(videoPlaylistController) ) -activityPubClientRouter.get('/video-playlists/:playlistId/:videoId', +activityPubClientRouter.get('/video-playlists/:playlistId/videos/:playlistElementId', executeIfActivityPub, asyncMiddleware(videoPlaylistElementAPGetValidator), - asyncMiddleware(videoPlaylistElementController) + videoPlaylistElementController ) // --------------------------------------------------------------------------- @@ -187,20 +194,26 @@ async function accountFollowingController (req: express.Request, res: express.Re async function accountPlaylistsController (req: express.Request, res: express.Response) { const account = res.locals.account - const activityPubResult = await actorPlaylists(req, account) + const activityPubResult = await actorPlaylists(req, { account }) + + return activityPubResponse(activityPubContextify(activityPubResult), res) +} + +async function videoChannelPlaylistsController (req: express.Request, res: express.Response) { + const channel = res.locals.videoChannel + const activityPubResult = await actorPlaylists(req, { channel }) return activityPubResponse(activityPubContextify(activityPubResult), res) } -function getAccountVideoRate (rateType: VideoRateType) { +function getAccountVideoRateFactory (rateType: VideoRateType) { return (req: express.Request, res: express.Response) => { const accountVideoRate = res.locals.accountVideoRate const byActor = accountVideoRate.Account.Actor - const url = getRateUrl(rateType, byActor, accountVideoRate.Video) const APObject = rateType === 'like' - ? buildLikeActivity(url, byActor, accountVideoRate.Video) - : buildDislikeActivity(url, byActor, accountVideoRate.Video) + ? buildLikeActivity(accountVideoRate.url, byActor, accountVideoRate.Video) + : buildDislikeActivity(accountVideoRate.url, byActor, accountVideoRate.Video) return activityPubResponse(activityPubContextify(APObject), res) } @@ -208,18 +221,19 @@ function getAccountVideoRate (rateType: VideoRateType) { async function videoController (req: express.Request, res: express.Response) { // We need more attributes - const video = await VideoModel.loadForGetAPI(res.locals.video.id) + const video = await VideoModel.loadAndPopulateAccountAndServerAndTags(res.locals.onlyVideoWithRights.id) - if (video.url.startsWith(WEBSERVER.URL) === false) return res.redirect(video.url) + if (redirectIfNotOwned(video.url, res)) return // We need captions to render AP object - video.VideoCaptions = await VideoCaptionModel.listVideoCaptions(video.id) + const captions = await VideoCaptionModel.listVideoCaptions(video.id) + const videoWithCaptions = Object.assign(video, { VideoCaptions: captions }) - const audience = getAudience(video.VideoChannel.Account.Actor, video.privacy === VideoPrivacy.PUBLIC) - const videoObject = audiencify(video.toActivityPubObject(), audience) + const audience = getAudience(videoWithCaptions.VideoChannel.Account.Actor, videoWithCaptions.privacy === VideoPrivacy.PUBLIC) + const videoObject = audiencify(videoWithCaptions.toActivityPubObject(), audience) if (req.path.endsWith('/activity')) { - const data = buildCreateActivity(video.url, video.VideoChannel.Account.Actor, videoObject, audience) + const data = buildCreateActivity(videoWithCaptions.url, video.VideoChannel.Account.Actor, videoObject, audience) return activityPubResponse(activityPubContextify(data), res) } @@ -229,15 +243,17 @@ async function videoController (req: express.Request, res: express.Response) { async function videoAnnounceController (req: express.Request, res: express.Response) { const share = res.locals.videoShare - if (share.url.startsWith(WEBSERVER.URL) === false) return res.redirect(share.url) + if (redirectIfNotOwned(share.url, res)) return - const { activity } = await buildAnnounceWithVideoAudience(share.Actor, share, res.locals.video, undefined) + const { activity } = await buildAnnounceWithVideoAudience(share.Actor, share, res.locals.videoAll, undefined) - return activityPubResponse(activityPubContextify(activity), res) + return activityPubResponse(activityPubContextify(activity, 'Announce'), res) } async function videoAnnouncesController (req: express.Request, res: express.Response) { - const video = res.locals.video + const video = res.locals.onlyImmutableVideo + + if (redirectIfNotOwned(video.url, res)) return const handler = async (start: number, count: number) => { const result = await VideoShareModel.listAndCountByVideoId(video.id, start, count) @@ -246,41 +262,49 @@ async function videoAnnouncesController (req: express.Request, res: express.Resp data: result.rows.map(r => r.url) } } - const json = await activityPubCollectionPagination(getVideoSharesActivityPubUrl(video), handler, req.query.page) + const json = await activityPubCollectionPagination(getLocalVideoSharesActivityPubUrl(video), handler, req.query.page) return activityPubResponse(activityPubContextify(json), res) } async function videoLikesController (req: express.Request, res: express.Response) { - const video = res.locals.video - const json = await videoRates(req, 'like', video, getVideoLikesActivityPubUrl(video)) + const video = res.locals.onlyImmutableVideo + + if (redirectIfNotOwned(video.url, res)) return + + const json = await videoRates(req, 'like', video, getLocalVideoLikesActivityPubUrl(video)) return activityPubResponse(activityPubContextify(json), res) } async function videoDislikesController (req: express.Request, res: express.Response) { - const video = res.locals.video - const json = await videoRates(req, 'dislike', video, getVideoDislikesActivityPubUrl(video)) + const video = res.locals.onlyImmutableVideo + + if (redirectIfNotOwned(video.url, res)) return + + const json = await videoRates(req, 'dislike', video, getLocalVideoDislikesActivityPubUrl(video)) return activityPubResponse(activityPubContextify(json), res) } async function videoCommentsController (req: express.Request, res: express.Response) { - const video = res.locals.video + const video = res.locals.onlyImmutableVideo + + if (redirectIfNotOwned(video.url, res)) return const handler = async (start: number, count: number) => { - const result = await VideoCommentModel.listAndCountByVideoId(video.id, start, count) + const result = await VideoCommentModel.listAndCountByVideoForAP(video, start, count) return { total: result.count, data: result.rows.map(r => r.url) } } - const json = await activityPubCollectionPagination(getVideoCommentsActivityPubUrl(video), handler, req.query.page) + const json = await activityPubCollectionPagination(getLocalVideoCommentsActivityPubUrl(video), handler, req.query.page) return activityPubResponse(activityPubContextify(json), res) } -async function videoChannelController (req: express.Request, res: express.Response) { +function videoChannelController (req: express.Request, res: express.Response) { const videoChannel = res.locals.videoChannel return activityPubResponse(activityPubContextify(videoChannel.toActivityPubObject()), res) @@ -301,19 +325,22 @@ async function videoChannelFollowingController (req: express.Request, res: expre } async function videoCommentController (req: express.Request, res: express.Response) { - const videoComment = res.locals.videoComment + const videoComment = res.locals.videoCommentFull - if (videoComment.url.startsWith(WEBSERVER.URL) === false) return res.redirect(videoComment.url) + if (redirectIfNotOwned(videoComment.url, res)) return const threadParentComments = await VideoCommentModel.listThreadParentComments(videoComment, undefined) const isPublic = true // Comments are always public - const audience = getAudience(videoComment.Account.Actor, isPublic) + let videoCommentObject = videoComment.toActivityPubObject(threadParentComments) - const videoCommentObject = audiencify(videoComment.toActivityPubObject(threadParentComments), audience) + if (videoComment.Account) { + const audience = getAudience(videoComment.Account.Actor, isPublic) + videoCommentObject = audiencify(videoCommentObject, audience) - if (req.path.endsWith('/activity')) { - const data = buildCreateActivity(videoComment.url, videoComment.Account.Actor, videoCommentObject, audience) - return activityPubResponse(activityPubContextify(data), res) + if (req.path.endsWith('/activity')) { + const data = buildCreateActivity(videoComment.url, videoComment.Account.Actor, videoCommentObject, audience) + return activityPubResponse(activityPubContextify(data), res) + } } return activityPubResponse(activityPubContextify(videoCommentObject), res) @@ -321,7 +348,8 @@ async function videoCommentController (req: express.Request, res: express.Respon async function videoRedundancyController (req: express.Request, res: express.Response) { const videoRedundancy = res.locals.videoRedundancy - if (videoRedundancy.url.startsWith(WEBSERVER.URL) === false) return res.redirect(videoRedundancy.url) + + if (redirectIfNotOwned(videoRedundancy.url, res)) return const serverActor = await getServerActor() @@ -330,14 +358,16 @@ async function videoRedundancyController (req: express.Request, res: express.Res if (req.path.endsWith('/activity')) { const data = buildCreateActivity(videoRedundancy.url, serverActor, object, audience) - return activityPubResponse(activityPubContextify(data), res) + return activityPubResponse(activityPubContextify(data, 'CacheFile'), res) } - return activityPubResponse(activityPubContextify(object), res) + return activityPubResponse(activityPubContextify(object, 'CacheFile'), res) } async function videoPlaylistController (req: express.Request, res: express.Response) { - const playlist = res.locals.videoPlaylist + const playlist = res.locals.videoPlaylistFull + + if (redirectIfNotOwned(playlist.url, res)) return // We need more attributes playlist.OwnerAccount = await AccountModel.load(playlist.ownerAccountId) @@ -349,8 +379,10 @@ async function videoPlaylistController (req: express.Request, res: express.Respo return activityPubResponse(activityPubContextify(object), res) } -async function videoPlaylistElementController (req: express.Request, res: express.Response) { - const videoPlaylistElement = res.locals.videoPlaylistElement +function videoPlaylistElementController (req: express.Request, res: express.Response) { + const videoPlaylistElement = res.locals.videoPlaylistElementAP + + if (redirectIfNotOwned(videoPlaylistElement.url, res)) return const json = videoPlaylistElement.toActivityPubObject() return activityPubResponse(activityPubContextify(json), res) @@ -358,7 +390,7 @@ async function videoPlaylistElementController (req: express.Request, res: expres // --------------------------------------------------------------------------- -async function actorFollowing (req: express.Request, actor: ActorModel) { +async function actorFollowing (req: express.Request, actor: MActorId) { const handler = (start: number, count: number) => { return ActorFollowModel.listAcceptedFollowingUrlsForApi([ actor.id ], undefined, start, count) } @@ -366,7 +398,7 @@ async function actorFollowing (req: express.Request, actor: ActorModel) { return activityPubCollectionPagination(WEBSERVER.URL + req.path, handler, req.query.page) } -async function actorFollowers (req: express.Request, actor: ActorModel) { +async function actorFollowers (req: express.Request, actor: MActorId) { const handler = (start: number, count: number) => { return ActorFollowModel.listAcceptedFollowerUrlsForAP([ actor.id ], undefined, start, count) } @@ -374,15 +406,15 @@ async function actorFollowers (req: express.Request, actor: ActorModel) { return activityPubCollectionPagination(WEBSERVER.URL + req.path, handler, req.query.page) } -async function actorPlaylists (req: express.Request, account: AccountModel) { +async function actorPlaylists (req: express.Request, options: { account: MAccountId } | { channel: MChannelId }) { const handler = (start: number, count: number) => { - return VideoPlaylistModel.listPublicUrlsOfForAP(account.id, start, count) + return VideoPlaylistModel.listPublicUrlsOfForAP(options, start, count) } return activityPubCollectionPagination(WEBSERVER.URL + req.path, handler, req.query.page) } -function videoRates (req: express.Request, rateType: VideoRateType, video: VideoModel, url: string) { +function videoRates (req: express.Request, rateType: VideoRateType, video: MVideoId, url: string) { const handler = async (start: number, count: number) => { const result = await AccountVideoRateModel.listAndCountAccountUrlsByVideoId(rateType, video.id, start, count) return { @@ -392,3 +424,12 @@ function videoRates (req: express.Request, rateType: VideoRateType, video: Video } return activityPubCollectionPagination(url, handler, req.query.page) } + +function redirectIfNotOwned (url: string, res: express.Response) { + if (url.startsWith(WEBSERVER.URL) === false) { + res.redirect(url) + return true + } + + return false +}