X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fhelpers%2Fcustom-validators%2Factivitypub%2Factivity.ts;h=e0d170d9d230d175ad01769f78e11b2c65d0887e;hb=418d092afa81e2c8fe8ac6838fc4b5eb0af6a782;hp=7e4dccefbceca5d2ee4dc10af9ffd9175b65db3a;hpb=6be84cbcea99518e8eca58c76259effd0dd992fd;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/helpers/custom-validators/activitypub/activity.ts b/server/helpers/custom-validators/activitypub/activity.ts index 7e4dccefb..e0d170d9d 100644 --- a/server/helpers/custom-validators/activitypub/activity.ts +++ b/server/helpers/custom-validators/activitypub/activity.ts @@ -1,24 +1,18 @@ import * as validator from 'validator' import { Activity, ActivityType } from '../../../../shared/models/activitypub' -import { - isActorAcceptActivityValid, isActorDeleteActivityValid, isActorFollowActivityValid, isActorRejectActivityValid, - isActorUpdateActivityValid -} from './actor' -import { isAnnounceActivityValid } from './announce' -import { isActivityPubUrlValid } from './misc' -import { isDislikeActivityValid, isLikeActivityValid } from './rate' -import { isUndoActivityValid } from './undo' -import { isVideoCommentCreateActivityValid, isVideoCommentDeleteActivityValid } from './video-comments' -import { - isVideoFlagValid, - isVideoTorrentCreateActivityValid, - isVideoTorrentDeleteActivityValid, - isVideoTorrentUpdateActivityValid -} from './videos' +import { sanitizeAndCheckActorObject } from './actor' +import { isActivityPubUrlValid, isBaseActivityValid, isObjectValid } from './misc' +import { isDislikeActivityValid } from './rate' +import { sanitizeAndCheckVideoCommentObject } from './video-comments' +import { sanitizeAndCheckVideoTorrentObject } from './videos' import { isViewActivityValid } from './view' +import { exists } from '../misc' +import { isCacheFileObjectValid } from './cache-file' +import { isFlagActivityValid } from './flag' +import { isPlaylistObjectValid } from './playlist' function isRootActivityValid (activity: any) { - return Array.isArray(activity['@context']) && + return Array.isArray(activity['@context']) && ( ( (activity.type === 'Collection' || activity.type === 'OrderedCollection') && validator.isInt(activity.totalItems, { min: 0 }) && @@ -26,8 +20,10 @@ function isRootActivityValid (activity: any) { ) || ( isActivityPubUrlValid(activity.id) && + exists(activity.actor) && (isActivityPubUrlValid(activity.actor) || isActivityPubUrlValid(activity.actor.id)) ) + ) } const activityCheckers: { [ P in ActivityType ]: (activity: Activity) => boolean } = { @@ -39,7 +35,10 @@ const activityCheckers: { [ P in ActivityType ]: (activity: Activity) => boolean Reject: checkRejectActivity, Announce: checkAnnounceActivity, Undo: checkUndoActivity, - Like: checkLikeActivity + Like: checkLikeActivity, + View: checkViewActivity, + Flag: checkFlagActivity, + Dislike: checkDislikeActivity } function isActivityValid (activity: any) { @@ -59,45 +58,81 @@ export { // --------------------------------------------------------------------------- +function checkViewActivity (activity: any) { + return isBaseActivityValid(activity, 'View') && + isViewActivityValid(activity) +} + +function checkFlagActivity (activity: any) { + return isBaseActivityValid(activity, 'Flag') && + isFlagActivityValid(activity) +} + +function checkDislikeActivity (activity: any) { + return isBaseActivityValid(activity, 'Dislike') && + isDislikeActivityValid(activity) +} + function checkCreateActivity (activity: any) { - return isViewActivityValid(activity) || - isDislikeActivityValid(activity) || - isVideoTorrentCreateActivityValid(activity) || - isVideoFlagValid(activity) || - isVideoCommentCreateActivityValid(activity) + return isBaseActivityValid(activity, 'Create') && + ( + isViewActivityValid(activity.object) || + isDislikeActivityValid(activity.object) || + isFlagActivityValid(activity.object) || + isPlaylistObjectValid(activity.object) || + + isCacheFileObjectValid(activity.object) || + sanitizeAndCheckVideoCommentObject(activity.object) || + sanitizeAndCheckVideoTorrentObject(activity.object) + ) } function checkUpdateActivity (activity: any) { - return isVideoTorrentUpdateActivityValid(activity) || - isActorUpdateActivityValid(activity) + return isBaseActivityValid(activity, 'Update') && + ( + isCacheFileObjectValid(activity.object) || + isPlaylistObjectValid(activity.object) || + sanitizeAndCheckVideoTorrentObject(activity.object) || + sanitizeAndCheckActorObject(activity.object) + ) } function checkDeleteActivity (activity: any) { - return isVideoTorrentDeleteActivityValid(activity) || - isActorDeleteActivityValid(activity) || - isVideoCommentDeleteActivityValid(activity) + // We don't really check objects + return isBaseActivityValid(activity, 'Delete') && + isObjectValid(activity.object) } function checkFollowActivity (activity: any) { - return isActorFollowActivityValid(activity) + return isBaseActivityValid(activity, 'Follow') && + isObjectValid(activity.object) } function checkAcceptActivity (activity: any) { - return isActorAcceptActivityValid(activity) + return isBaseActivityValid(activity, 'Accept') } function checkRejectActivity (activity: any) { - return isActorRejectActivityValid(activity) + return isBaseActivityValid(activity, 'Reject') } function checkAnnounceActivity (activity: any) { - return isAnnounceActivityValid(activity) + return isBaseActivityValid(activity, 'Announce') && + isObjectValid(activity.object) } function checkUndoActivity (activity: any) { - return isUndoActivityValid(activity) + return isBaseActivityValid(activity, 'Undo') && + ( + checkFollowActivity(activity.object) || + checkLikeActivity(activity.object) || + checkDislikeActivity(activity.object) || + checkAnnounceActivity(activity.object) || + checkCreateActivity(activity.object) + ) } function checkLikeActivity (activity: any) { - return isLikeActivityValid(activity) + return isBaseActivityValid(activity, 'Like') && + isObjectValid(activity.object) }