X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Fblocklist.ts;h=8ec6cb01d5d66f27bd1150caede84121bcac57c4;hb=9972ace3a3bc65865fb3aaaa865a400386e49252;hp=7c494de78590c4be75090b5f7567dcb1ee5f0918;hpb=6dd9de95dfa39bd5c1faed00d1dbd52cd112bae0;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/middlewares/validators/blocklist.ts b/server/middlewares/validators/blocklist.ts index 7c494de78..8ec6cb01d 100644 --- a/server/middlewares/validators/blocklist.ts +++ b/server/middlewares/validators/blocklist.ts @@ -1,21 +1,21 @@ -import { body, param } from 'express-validator/check' -import * as express from 'express' -import { logger } from '../../helpers/logger' -import { areValidationErrors } from './utils' -import { doesAccountNameWithHostExist } from '../../helpers/custom-validators/accounts' +import express from 'express' +import { body, param, query } from 'express-validator' +import { areValidActorHandles } from '@server/helpers/custom-validators/activitypub/actor' +import { getServerActor } from '@server/models/application/application' +import { arrayify } from '@shared/core-utils' +import { HttpStatusCode } from '../../../shared/models/http/http-error-codes' +import { isEachUniqueHostValid, isHostValid } from '../../helpers/custom-validators/servers' +import { WEBSERVER } from '../../initializers/constants' import { AccountBlocklistModel } from '../../models/account/account-blocklist' -import { isHostValid } from '../../helpers/custom-validators/servers' -import { ServerBlocklistModel } from '../../models/server/server-blocklist' import { ServerModel } from '../../models/server/server' -import { getServerActor } from '../../helpers/utils' -import { WEBSERVER } from '../../initializers/constants' +import { ServerBlocklistModel } from '../../models/server/server-blocklist' +import { areValidationErrors, doesAccountNameWithHostExist } from './shared' const blockAccountValidator = [ - body('accountName').exists().withMessage('Should have an account name with host'), + body('accountName') + .exists(), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking blockAccountByAccountValidator parameters', { parameters: req.body }) - if (areValidationErrors(req, res)) return if (!await doesAccountNameWithHostExist(req.body.accountName, res)) return @@ -23,10 +23,10 @@ const blockAccountValidator = [ const accountToBlock = res.locals.account if (user.Account.id === accountToBlock.id) { - res.status(409) - .send({ error: 'You cannot block yourself.' }) - .end() - + res.fail({ + status: HttpStatusCode.CONFLICT_409, + message: 'You cannot block yourself.' + }) return } @@ -35,11 +35,10 @@ const blockAccountValidator = [ ] const unblockAccountByAccountValidator = [ - param('accountName').exists().withMessage('Should have an account name with host'), + param('accountName') + .exists(), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking unblockAccountByAccountValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return @@ -52,11 +51,10 @@ const unblockAccountByAccountValidator = [ ] const unblockAccountByServerValidator = [ - param('accountName').exists().withMessage('Should have an account name with host'), + param('accountName') + .exists(), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking unblockAccountByServerValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return @@ -69,27 +67,22 @@ const unblockAccountByServerValidator = [ ] const blockServerValidator = [ - body('host').custom(isHostValid).withMessage('Should have a valid host'), + body('host') + .custom(isHostValid), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking serverGetValidator parameters', { parameters: req.body }) - if (areValidationErrors(req, res)) return const host: string = req.body.host if (host === WEBSERVER.HOST) { - return res.status(409) - .send({ error: 'You cannot block your own server.' }) - .end() + return res.fail({ + status: HttpStatusCode.CONFLICT_409, + message: 'You cannot block your own server.' + }) } - const server = await ServerModel.loadByHost(host) - if (!server) { - return res.status(404) - .send({ error: 'Server host not found.' }) - .end() - } + const server = await ServerModel.loadOrCreateByHost(host) res.locals.server = server @@ -98,11 +91,10 @@ const blockServerValidator = [ ] const unblockServerByAccountValidator = [ - param('host').custom(isHostValid).withMessage('Should have an account name with host'), + param('host') + .custom(isHostValid), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking unblockServerByAccountValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return const user = res.locals.oauth.token.User @@ -113,11 +105,10 @@ const unblockServerByAccountValidator = [ ] const unblockServerByServerValidator = [ - param('host').custom(isHostValid).withMessage('Should have an account name with host'), + param('host') + .custom(isHostValid), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking unblockServerByServerValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return const serverActor = await getServerActor() @@ -127,6 +118,24 @@ const unblockServerByServerValidator = [ } ] +const blocklistStatusValidator = [ + query('hosts') + .optional() + .customSanitizer(arrayify) + .custom(isEachUniqueHostValid).withMessage('Should have a valid hosts array'), + + query('accounts') + .optional() + .customSanitizer(arrayify) + .custom(areValidActorHandles).withMessage('Should have a valid accounts array'), + + (req: express.Request, res: express.Response, next: express.NextFunction) => { + if (areValidationErrors(req, res)) return + + return next() + } +] + // --------------------------------------------------------------------------- export { @@ -135,7 +144,8 @@ export { unblockAccountByAccountValidator, unblockServerByAccountValidator, unblockAccountByServerValidator, - unblockServerByServerValidator + unblockServerByServerValidator, + blocklistStatusValidator } // --------------------------------------------------------------------------- @@ -143,29 +153,27 @@ export { async function doesUnblockAccountExist (accountId: number, targetAccountId: number, res: express.Response) { const accountBlock = await AccountBlocklistModel.loadByAccountAndTarget(accountId, targetAccountId) if (!accountBlock) { - res.status(404) - .send({ error: 'Account block entry not found.' }) - .end() - + res.fail({ + status: HttpStatusCode.NOT_FOUND_404, + message: 'Account block entry not found.' + }) return false } res.locals.accountBlock = accountBlock - return true } async function doesUnblockServerExist (accountId: number, host: string, res: express.Response) { const serverBlock = await ServerBlocklistModel.loadByAccountAndHost(accountId, host) if (!serverBlock) { - res.status(404) - .send({ error: 'Server block entry not found.' }) - .end() - + res.fail({ + status: HttpStatusCode.NOT_FOUND_404, + message: 'Server block entry not found.' + }) return false } res.locals.serverBlock = serverBlock - return true }