X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fhelpers%2Fcustom-validators%2Factivitypub%2Fmisc.ts;h=279ad83dc694d96c4e5b33eca5ca6269742e96b7;hb=HEAD;hp=806d33483d16d4129239ec45e6116825e72bcc01;hpb=e4f97babf701481b55cc10fb3448feab5f97c867;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/helpers/custom-validators/activitypub/misc.ts b/server/helpers/custom-validators/activitypub/misc.ts
index 806d33483..279ad83dc 100644
--- a/server/helpers/custom-validators/activitypub/misc.ts
+++ b/server/helpers/custom-validators/activitypub/misc.ts
@@ -1,6 +1,9 @@
+import validator from 'validator'
+import { CONFIG } from '@server/initializers/config'
+import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
 import { exists } from '../misc'
 
-function isActivityPubUrlValid (url: string) {
+function isUrlValid (url: string) {
   const isURLOptions = {
     require_host: true,
     require_tld: true,
@@ -9,9 +12,64 @@ function isActivityPubUrlValid (url: string) {
     protocols: [ 'http', 'https' ]
   }
 
-  return exists(url) && validator.isURL(url, isURLOptions)
+  // We validate 'localhost', so we don't have the top level domain
+  if (CONFIG.WEBSERVER.HOSTNAME === 'localhost' || CONFIG.WEBSERVER.HOSTNAME === '127.0.0.1') {
+    isURLOptions.require_tld = false
+  }
+
+  return exists(url) && validator.isURL('' + url, isURLOptions)
+}
+
+function isActivityPubUrlValid (url: string) {
+  return isUrlValid(url) && validator.isLength('' + url, CONSTRAINTS_FIELDS.ACTORS.URL)
+}
+
+function isBaseActivityValid (activity: any, type: string) {
+  return activity.type === type &&
+    isActivityPubUrlValid(activity.id) &&
+    isObjectValid(activity.actor) &&
+    isUrlCollectionValid(activity.to) &&
+    isUrlCollectionValid(activity.cc)
+}
+
+function isUrlCollectionValid (collection: any) {
+  return collection === undefined ||
+    (Array.isArray(collection) && collection.every(t => isActivityPubUrlValid(t)))
+}
+
+function isObjectValid (object: any) {
+  return exists(object) &&
+    (
+      isActivityPubUrlValid(object) || isActivityPubUrlValid(object.id)
+    )
+}
+
+function setValidAttributedTo (obj: any) {
+  if (Array.isArray(obj.attributedTo) === false) {
+    obj.attributedTo = []
+    return true
+  }
+
+  obj.attributedTo = obj.attributedTo.filter(a => {
+    return (a.type === 'Group' || a.type === 'Person') && isActivityPubUrlValid(a.id)
+  })
+
+  return true
+}
+
+function isActivityPubVideoDurationValid (value: string) {
+  // https://www.w3.org/TR/activitystreams-vocabulary/#dfn-duration
+  return exists(value) &&
+    typeof value === 'string' &&
+    value.startsWith('PT') &&
+    value.endsWith('S')
 }
 
 export {
-  isActivityPubUrlValid
+  isUrlValid,
+  isActivityPubUrlValid,
+  isBaseActivityValid,
+  setValidAttributedTo,
+  isObjectValid,
+  isActivityPubVideoDurationValid
 }