X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fhelpers%2Fcustom-validators%2Factivitypub%2Factivity.ts;h=e0d170d9d230d175ad01769f78e11b2c65d0887e;hb=418d092afa81e2c8fe8ac6838fc4b5eb0af6a782;hp=3a0e8197c958ce616d274dd89dfc03358342277d;hpb=0032ebe94aa83fab761c7de3ceb6210ac4532824;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/helpers/custom-validators/activitypub/activity.ts b/server/helpers/custom-validators/activitypub/activity.ts
index 3a0e8197c..e0d170d9d 100644
--- a/server/helpers/custom-validators/activitypub/activity.ts
+++ b/server/helpers/custom-validators/activitypub/activity.ts
@@ -1,21 +1,18 @@
 import * as validator from 'validator'
-import { Activity, ActivityType } from '../../../../shared/models/activitypub/activity'
-import { isAccountAcceptActivityValid, isAccountDeleteActivityValid, isAccountFollowActivityValid } from './account'
-import { isAnnounceActivityValid } from './announce'
-import { isActivityPubUrlValid } from './misc'
-import { isUndoActivityValid } from './undo'
-import { isVideoChannelCreateActivityValid, isVideoChannelDeleteActivityValid, isVideoChannelUpdateActivityValid } from './video-channels'
-import {
-  isVideoFlagValid,
-  isVideoTorrentAddActivityValid,
-  isVideoTorrentDeleteActivityValid,
-  isVideoTorrentUpdateActivityValid
-} from './videos'
+import { Activity, ActivityType } from '../../../../shared/models/activitypub'
+import { sanitizeAndCheckActorObject } from './actor'
+import { isActivityPubUrlValid, isBaseActivityValid, isObjectValid } from './misc'
+import { isDislikeActivityValid } from './rate'
+import { sanitizeAndCheckVideoCommentObject } from './video-comments'
+import { sanitizeAndCheckVideoTorrentObject } from './videos'
 import { isViewActivityValid } from './view'
-import { isDislikeActivityValid, isLikeActivityValid } from './rate'
+import { exists } from '../misc'
+import { isCacheFileObjectValid } from './cache-file'
+import { isFlagActivityValid } from './flag'
+import { isPlaylistObjectValid } from './playlist'
 
 function isRootActivityValid (activity: any) {
-  return Array.isArray(activity['@context']) &&
+  return Array.isArray(activity['@context']) && (
     (
       (activity.type === 'Collection' || activity.type === 'OrderedCollection') &&
       validator.isInt(activity.totalItems, { min: 0 }) &&
@@ -23,20 +20,25 @@ function isRootActivityValid (activity: any) {
     ) ||
     (
       isActivityPubUrlValid(activity.id) &&
-      isActivityPubUrlValid(activity.actor)
+      exists(activity.actor) &&
+      (isActivityPubUrlValid(activity.actor) || isActivityPubUrlValid(activity.actor.id))
     )
+  )
 }
 
 const activityCheckers: { [ P in ActivityType ]: (activity: Activity) => boolean } = {
   Create: checkCreateActivity,
-  Add: checkAddActivity,
   Update: checkUpdateActivity,
   Delete: checkDeleteActivity,
   Follow: checkFollowActivity,
   Accept: checkAcceptActivity,
+  Reject: checkRejectActivity,
   Announce: checkAnnounceActivity,
   Undo: checkUndoActivity,
-  Like: checkLikeActivity
+  Like: checkLikeActivity,
+  View: checkViewActivity,
+  Flag: checkFlagActivity,
+  Dislike: checkDislikeActivity
 }
 
 function isActivityValid (activity: any) {
@@ -56,44 +58,81 @@ export {
 
 // ---------------------------------------------------------------------------
 
-function checkCreateActivity (activity: any) {
-  return isViewActivityValid(activity) ||
-    isDislikeActivityValid(activity) ||
-    isVideoChannelCreateActivityValid(activity) ||
-    isVideoFlagValid(activity)
+function checkViewActivity (activity: any) {
+  return isBaseActivityValid(activity, 'View') &&
+    isViewActivityValid(activity)
+}
+
+function checkFlagActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Flag') &&
+    isFlagActivityValid(activity)
 }
 
-function checkAddActivity (activity: any) {
-  return isVideoTorrentAddActivityValid(activity)
+function checkDislikeActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Dislike') &&
+    isDislikeActivityValid(activity)
+}
+
+function checkCreateActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Create') &&
+    (
+      isViewActivityValid(activity.object) ||
+      isDislikeActivityValid(activity.object) ||
+      isFlagActivityValid(activity.object) ||
+      isPlaylistObjectValid(activity.object) ||
+
+      isCacheFileObjectValid(activity.object) ||
+      sanitizeAndCheckVideoCommentObject(activity.object) ||
+      sanitizeAndCheckVideoTorrentObject(activity.object)
+    )
 }
 
 function checkUpdateActivity (activity: any) {
-  return isVideoTorrentUpdateActivityValid(activity) ||
-    isVideoChannelUpdateActivityValid(activity)
+  return isBaseActivityValid(activity, 'Update') &&
+    (
+      isCacheFileObjectValid(activity.object) ||
+      isPlaylistObjectValid(activity.object) ||
+      sanitizeAndCheckVideoTorrentObject(activity.object) ||
+      sanitizeAndCheckActorObject(activity.object)
+    )
 }
 
 function checkDeleteActivity (activity: any) {
-  return isVideoTorrentDeleteActivityValid(activity) ||
-    isVideoChannelDeleteActivityValid(activity) ||
-    isAccountDeleteActivityValid(activity)
+  // We don't really check objects
+  return isBaseActivityValid(activity, 'Delete') &&
+    isObjectValid(activity.object)
 }
 
 function checkFollowActivity (activity: any) {
-  return isAccountFollowActivityValid(activity)
+  return isBaseActivityValid(activity, 'Follow') &&
+    isObjectValid(activity.object)
 }
 
 function checkAcceptActivity (activity: any) {
-  return isAccountAcceptActivityValid(activity)
+  return isBaseActivityValid(activity, 'Accept')
+}
+
+function checkRejectActivity (activity: any) {
+  return isBaseActivityValid(activity, 'Reject')
 }
 
 function checkAnnounceActivity (activity: any) {
-  return isAnnounceActivityValid(activity)
+  return isBaseActivityValid(activity, 'Announce') &&
+    isObjectValid(activity.object)
 }
 
 function checkUndoActivity (activity: any) {
-  return isUndoActivityValid(activity)
+  return isBaseActivityValid(activity, 'Undo') &&
+    (
+      checkFollowActivity(activity.object) ||
+      checkLikeActivity(activity.object) ||
+      checkDislikeActivity(activity.object) ||
+      checkAnnounceActivity(activity.object) ||
+      checkCreateActivity(activity.object)
+    )
 }
 
 function checkLikeActivity (activity: any) {
-  return isLikeActivityValid(activity)
+  return isBaseActivityValid(activity, 'Like') &&
+    isObjectValid(activity.object)
 }