X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fhelpers%2Fcustom-validators%2Factivitypub%2Fvideos.ts;h=a01429c83e82fe891a236f580d85383427677b46;hb=f2eb23cd87cf32b8fe545178143b5f49e06a58da;hp=8f6d50f509706e18a9892d33226028e764edcc35;hpb=e34c85e527100c0b5c44567bd951e95be41b8d7e;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/helpers/custom-validators/activitypub/videos.ts b/server/helpers/custom-validators/activitypub/videos.ts index 8f6d50f50..a01429c83 100644 --- a/server/helpers/custom-validators/activitypub/videos.ts +++ b/server/helpers/custom-validators/activitypub/videos.ts @@ -1,73 +1,129 @@ -import * as validator from 'validator' - -import { - ACTIVITY_PUB -} from '../../../initializers' -import { isDateValid, isUUIDValid } from '../misc' +import validator from 'validator' +import { ACTIVITY_PUB, CONSTRAINTS_FIELDS } from '../../../initializers/constants' +import { peertubeTruncate } from '../../core-utils' +import { exists, isArray, isBooleanValid, isDateValid, isUUIDValid } from '../misc' import { - isVideoViewsValid, - isVideoNSFWValid, - isVideoTruncatedDescriptionValid, isVideoDurationValid, isVideoNameValid, + isVideoStateValid, isVideoTagValid, - isVideoUrlValid + isVideoTruncatedDescriptionValid, + isVideoViewsValid } from '../videos' -import { isVideoChannelDescriptionValid, isVideoChannelNameValid } from '../video-channels' -import { isBaseActivityValid } from './misc' +import { isActivityPubUrlValid, isBaseActivityValid, setValidAttributedTo } from './misc' +import { VideoState } from '../../../../shared/models/videos' +import { logger } from '@server/helpers/logger' +import { ActivityVideoFileMetadataObject } from '@shared/models' -function isVideoTorrentAddActivityValid (activity: any) { - return isBaseActivityValid(activity, 'Add') && - isVideoTorrentObjectValid(activity.object) +function sanitizeAndCheckVideoTorrentUpdateActivity (activity: any) { + return isBaseActivityValid(activity, 'Update') && + sanitizeAndCheckVideoTorrentObject(activity.object) } -function isVideoTorrentUpdateActivityValid (activity: any) { - return isBaseActivityValid(activity, 'Update') && - isVideoTorrentObjectValid(activity.object) +function isActivityPubVideoDurationValid (value: string) { + // https://www.w3.org/TR/activitystreams-vocabulary/#dfn-duration + return exists(value) && + typeof value === 'string' && + value.startsWith('PT') && + value.endsWith('S') && + isVideoDurationValid(value.replace(/[^0-9]+/g, '')) } -function isVideoTorrentObjectValid (video: any) { - return video.type === 'Video' && +function sanitizeAndCheckVideoTorrentObject (video: any) { + if (!video || video.type !== 'Video') return false + + if (!setValidRemoteTags(video)) { + logger.debug('Video has invalid tags', { video }) + return false + } + if (!setValidRemoteVideoUrls(video)) { + logger.debug('Video has invalid urls', { video }) + return false + } + if (!setRemoteVideoTruncatedContent(video)) { + logger.debug('Video has invalid content', { video }) + return false + } + if (!setValidAttributedTo(video)) { + logger.debug('Video has invalid attributedTo', { video }) + return false + } + if (!setValidRemoteCaptions(video)) { + logger.debug('Video has invalid captions', { video }) + return false + } + if (!setValidRemoteIcon(video)) { + logger.debug('Video has invalid icons', { video }) + return false + } + + // Default attributes + if (!isVideoStateValid(video.state)) video.state = VideoState.PUBLISHED + if (!isBooleanValid(video.waitTranscoding)) video.waitTranscoding = false + if (!isBooleanValid(video.downloadEnabled)) video.downloadEnabled = true + if (!isBooleanValid(video.commentsEnabled)) video.commentsEnabled = false + if (!isBooleanValid(video.isLiveBroadcast)) video.isLiveBroadcast = false + if (!isBooleanValid(video.liveSaveReplay)) video.liveSaveReplay = false + if (!isBooleanValid(video.permanentLive)) video.permanentLive = false + + return isActivityPubUrlValid(video.id) && isVideoNameValid(video.name) && - isVideoDurationValid(video.duration) && + isActivityPubVideoDurationValid(video.duration) && isUUIDValid(video.uuid) && - setValidRemoteTags(video) && - isRemoteIdentifierValid(video.category) && - isRemoteIdentifierValid(video.licence) && - isRemoteIdentifierValid(video.language) && - isVideoViewsValid(video.video) && - isVideoNSFWValid(video.nsfw) && + (!video.category || isRemoteNumberIdentifierValid(video.category)) && + (!video.licence || isRemoteNumberIdentifierValid(video.licence)) && + (!video.language || isRemoteStringIdentifierValid(video.language)) && + isVideoViewsValid(video.views) && + isBooleanValid(video.sensitive) && isDateValid(video.published) && isDateValid(video.updated) && - isRemoteVideoContentValid(video.mediaType, video.content) && - isRemoteVideoIconValid(video.icon) && - setValidRemoteVideoUrls(video.url) -} - -function isVideoChannelCreateActivityValid (activity: any) { - return isBaseActivityValid(activity, 'Create') && - isVideoChannelObjectValid(activity.object) + (!video.originallyPublishedAt || isDateValid(video.originallyPublishedAt)) && + (!video.content || isRemoteVideoContentValid(video.mediaType, video.content)) && + video.attributedTo.length !== 0 } -function isVideoChannelUpdateActivityValid (activity: any) { - return isBaseActivityValid(activity, 'Update') && - isVideoChannelObjectValid(activity.object) +function isRemoteVideoUrlValid (url: any) { + return url.type === 'Link' && + ( + ACTIVITY_PUB.URL_MIME_TYPES.VIDEO.includes(url.mediaType) && + isActivityPubUrlValid(url.href) && + validator.isInt(url.height + '', { min: 0 }) && + validator.isInt(url.size + '', { min: 0 }) && + (!url.fps || validator.isInt(url.fps + '', { min: -1 })) + ) || + ( + ACTIVITY_PUB.URL_MIME_TYPES.TORRENT.includes(url.mediaType) && + isActivityPubUrlValid(url.href) && + validator.isInt(url.height + '', { min: 0 }) + ) || + ( + ACTIVITY_PUB.URL_MIME_TYPES.MAGNET.includes(url.mediaType) && + validator.isLength(url.href, { min: 5 }) && + validator.isInt(url.height + '', { min: 0 }) + ) || + ( + (url.mediaType || url.mimeType) === 'application/x-mpegURL' && + isActivityPubUrlValid(url.href) && + isArray(url.tag) + ) || + isAPVideoFileMetadataObject(url) } -function isVideoChannelObjectValid (videoChannel: any) { - return videoChannel.type === 'VideoChannel' && - isVideoChannelNameValid(videoChannel.name) && - isVideoChannelDescriptionValid(videoChannel.description) && - isUUIDValid(videoChannel.uuid) +function isAPVideoFileMetadataObject (url: any): url is ActivityVideoFileMetadataObject { + return url && + url.type === 'Link' && + url.mediaType === 'application/json' && + isArray(url.rel) && url.rel.includes('metadata') } // --------------------------------------------------------------------------- export { - isVideoTorrentAddActivityValid, - isVideoChannelCreateActivityValid, - isVideoTorrentUpdateActivityValid, - isVideoChannelUpdateActivityValid + sanitizeAndCheckVideoTorrentUpdateActivity, + isRemoteStringIdentifierValid, + sanitizeAndCheckVideoTorrentObject, + isRemoteVideoUrlValid, + isAPVideoFileMetadataObject } // --------------------------------------------------------------------------- @@ -75,44 +131,67 @@ export { function setValidRemoteTags (video: any) { if (Array.isArray(video.tag) === false) return false - const newTag = video.tag.filter(t => { + video.tag = video.tag.filter(t => { return t.type === 'Hashtag' && isVideoTagValid(t.name) }) - video.tag = newTag return true } -function isRemoteIdentifierValid (data: any) { +function setValidRemoteCaptions (video: any) { + if (!video.subtitleLanguage) video.subtitleLanguage = [] + + if (Array.isArray(video.subtitleLanguage) === false) return false + + video.subtitleLanguage = video.subtitleLanguage.filter(caption => { + if (!isActivityPubUrlValid(caption.url)) caption.url = null + + return isRemoteStringIdentifierValid(caption) + }) + + return true +} + +function isRemoteNumberIdentifierValid (data: any) { return validator.isInt(data.identifier, { min: 0 }) } +function isRemoteStringIdentifierValid (data: any) { + return typeof data.identifier === 'string' +} + function isRemoteVideoContentValid (mediaType: string, content: string) { return mediaType === 'text/markdown' && isVideoTruncatedDescriptionValid(content) } -function isRemoteVideoIconValid (icon: any) { - return icon.type === 'Image' && - isVideoUrlValid(icon.url) && - icon.mediaType === 'image/jpeg' && - validator.isInt(icon.width, { min: 0 }) && - validator.isInt(icon.height, { min: 0 }) +function setValidRemoteIcon (video: any) { + if (video.icon && !isArray(video.icon)) video.icon = [ video.icon ] + if (!video.icon) video.icon = [] + + video.icon = video.icon.filter(icon => { + return icon.type === 'Image' && + isActivityPubUrlValid(icon.url) && + icon.mediaType === 'image/jpeg' && + validator.isInt(icon.width + '', { min: 0 }) && + validator.isInt(icon.height + '', { min: 0 }) + }) + + return video.icon.length !== 0 } function setValidRemoteVideoUrls (video: any) { if (Array.isArray(video.url) === false) return false - const newUrl = video.url.filter(u => isRemoteVideoUrlValid(u)) - video.url = newUrl + video.url = video.url.filter(u => isRemoteVideoUrlValid(u)) return true } -function isRemoteVideoUrlValid (url: any) { - return url.type === 'Link' && - ACTIVITY_PUB.VIDEO_URL_MIME_TYPES.indexOf(url.mimeType) !== -1 && - isVideoUrlValid(url.url) && - validator.isInt(url.width, { min: 0 }) && - validator.isInt(url.size, { min: 0 }) +function setRemoteVideoTruncatedContent (video: any) { + if (video.content) { + video.content = peertubeTruncate(video.content, { length: CONSTRAINTS_FIELDS.VIDEOS.TRUNCATED_DESCRIPTION.max }) + } + + return true }