X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fcontrollers%2Fapi%2Fvideos%2Fabuse.ts;h=9c4d008496c247ddadd92e92fc112cddc4540356;hb=403c69c5a34e6db621f30c7b2bfb2b80dc8e74c1;hp=5cf0303fbf92bee0722a9aca39fceaa858fd1d7d;hpb=0a6658fdcbd779ada8f3758048c326e997902d5a;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/controllers/api/videos/abuse.ts b/server/controllers/api/videos/abuse.ts index 5cf0303fb..9c4d00849 100644 --- a/server/controllers/api/videos/abuse.ts +++ b/server/controllers/api/videos/abuse.ts @@ -1,39 +1,53 @@ import * as express from 'express' - -import { database as db } from '../../../initializers/database' -import * as friends from '../../../lib/friends' -import { - logger, - getFormatedObjects, - retryTransactionWrapper -} from '../../../helpers' +import { AbuseModel } from '@server/models/abuse/abuse' +import { getServerActor } from '@server/models/application/application' +import { AbuseCreate, UserRight, VideoAbuseCreate } from '../../../../shared' import { + abusesSortValidator, + asyncMiddleware, + asyncRetryTransactionMiddleware, authenticate, - ensureIsAdmin, + ensureUserHasRight, paginationValidator, + setDefaultPagination, + setDefaultSort, + videoAbuseGetValidator, + videoAbuseListValidator, videoAbuseReportValidator, - videoAbusesSortValidator, - setVideoAbusesSort, - setPagination + videoAbuseUpdateValidator } from '../../../middlewares' -import { VideoInstance } from '../../../models' -import { VideoAbuseCreate } from '../../../../shared' +import { deleteAbuse, reportAbuse, updateAbuse } from '../abuse' + +// FIXME: deprecated in 2.3. Remove this controller const abuseVideoRouter = express.Router() abuseVideoRouter.get('/abuse', authenticate, - ensureIsAdmin, + ensureUserHasRight(UserRight.MANAGE_ABUSES), paginationValidator, - videoAbusesSortValidator, - setVideoAbusesSort, - setPagination, - listVideoAbuses + abusesSortValidator, + setDefaultSort, + setDefaultPagination, + videoAbuseListValidator, + asyncMiddleware(listVideoAbuses) ) -abuseVideoRouter.post('/:id/abuse', +abuseVideoRouter.put('/:videoId/abuse/:id', authenticate, - videoAbuseReportValidator, - reportVideoAbuseRetryWrapper + ensureUserHasRight(UserRight.MANAGE_ABUSES), + asyncMiddleware(videoAbuseUpdateValidator), + asyncRetryTransactionMiddleware(updateVideoAbuse) +) +abuseVideoRouter.post('/:videoId/abuse', + authenticate, + asyncMiddleware(videoAbuseReportValidator), + asyncRetryTransactionMiddleware(reportVideoAbuse) +) +abuseVideoRouter.delete('/:videoId/abuse/:id', + authenticate, + ensureUserHasRight(UserRight.MANAGE_ABUSES), + asyncMiddleware(videoAbuseGetValidator), + asyncRetryTransactionMiddleware(deleteVideoAbuse) ) // --------------------------------------------------------------------------- @@ -44,55 +58,57 @@ export { // --------------------------------------------------------------------------- -function listVideoAbuses (req: express.Request, res: express.Response, next: express.NextFunction) { - db.VideoAbuse.listForApi(req.query.start, req.query.count, req.query.sort) - .then(result => res.json(getFormatedObjects(result.data, result.total))) - .catch(err => next(err)) +async function listVideoAbuses (req: express.Request, res: express.Response) { + const user = res.locals.oauth.token.user + const serverActor = await getServerActor() + + const resultList = await AbuseModel.listForAdminApi({ + start: req.query.start, + count: req.query.count, + sort: req.query.sort, + id: req.query.id, + filter: 'video', + predefinedReason: req.query.predefinedReason, + search: req.query.search, + state: req.query.state, + videoIs: req.query.videoIs, + searchReporter: req.query.searchReporter, + searchReportee: req.query.searchReportee, + searchVideo: req.query.searchVideo, + searchVideoChannel: req.query.searchVideoChannel, + serverAccountId: serverActor.Account.id, + user + }) + + return res.json({ + total: resultList.total, + data: resultList.data.map(d => d.toFormattedAdminJSON()) + }) } -function reportVideoAbuseRetryWrapper (req: express.Request, res: express.Response, next: express.NextFunction) { - const options = { - arguments: [ req, res ], - errorMessage: 'Cannot report abuse to the video with many retries.' - } +async function updateVideoAbuse (req: express.Request, res: express.Response) { + return updateAbuse(req, res) +} - retryTransactionWrapper(reportVideoAbuse, options) - .then(() => res.type('json').status(204).end()) - .catch(err => next(err)) +async function deleteVideoAbuse (req: express.Request, res: express.Response) { + return deleteAbuse(req, res) } -function reportVideoAbuse (req: express.Request, res: express.Response) { - const videoInstance = res.locals.video as VideoInstance - const reporterUsername = res.locals.oauth.token.User.username - const body: VideoAbuseCreate = req.body - - const abuse = { - reporterUsername, - reason: body.reason, - videoId: videoInstance.id, - reporterPodId: null // This is our pod that reported this abuse - } - - return db.sequelize.transaction(t => { - return db.VideoAbuse.create(abuse, { transaction: t }) - .then(abuse => { - // We send the information to the destination pod - if (videoInstance.isOwned() === false) { - const reportData = { - reporterUsername, - reportReason: abuse.reason, - videoUUID: videoInstance.uuid - } - - return friends.reportAbuseVideoToFriend(reportData, videoInstance, t).then(() => videoInstance) - } - - return videoInstance - }) - }) - .then((videoInstance: VideoInstance) => logger.info('Abuse report for video %s created.', videoInstance.name)) - .catch(err => { - logger.debug('Cannot update the video.', err) - throw err - }) +async function reportVideoAbuse (req: express.Request, res: express.Response) { + const oldBody = req.body as VideoAbuseCreate + + req.body = { + accountId: res.locals.videoAll.VideoChannel.accountId, + + reason: oldBody.reason, + predefinedReasons: oldBody.predefinedReasons, + + video: { + id: res.locals.videoAll.id, + startAt: oldBody.startAt, + endAt: oldBody.endAt + } + } as AbuseCreate + + return reportAbuse(req, res) }