X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Fblocklist.ts;h=c00a7e4df5e22c204f7d958e106bd8c7992bf0e4;hb=e1c5503114deef954731904695cd40dccfcef555;hp=25c054d6b2504eb3216b9daa45107785f42151a2;hpb=af5767ffae41b2d5604e41ba9a7225c623dd6735;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/middlewares/validators/blocklist.ts b/server/middlewares/validators/blocklist.ts
index 25c054d6b..c00a7e4df 100644
--- a/server/middlewares/validators/blocklist.ts
+++ b/server/middlewares/validators/blocklist.ts
@@ -1,25 +1,25 @@
-import { body, param } from 'express-validator/check'
+import { body, param } from 'express-validator'
 import * as express from 'express'
 import { logger } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
-import { isAccountNameWithHostExist } from '../../helpers/custom-validators/accounts'
-import { UserModel } from '../../models/account/user'
 import { AccountBlocklistModel } from '../../models/account/account-blocklist'
 import { isHostValid } from '../../helpers/custom-validators/servers'
 import { ServerBlocklistModel } from '../../models/server/server-blocklist'
 import { ServerModel } from '../../models/server/server'
-import { CONFIG } from '../../initializers'
+import { WEBSERVER } from '../../initializers/constants'
+import { doesAccountNameWithHostExist } from '../../helpers/middlewares'
+import { getServerActor } from '@server/models/application/application'
 
-const blockAccountByAccountValidator = [
+const blockAccountValidator = [
   body('accountName').exists().withMessage('Should have an account name with host'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking blockAccountByAccountValidator parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await isAccountNameWithHostExist(req.body.accountName, res)) return
+    if (!await doesAccountNameWithHostExist(req.body.accountName, res)) return
 
-    const user = res.locals.oauth.token.User as UserModel
+    const user = res.locals.oauth.token.User
     const accountToBlock = res.locals.account
 
     if (user.Account.id === accountToBlock.id) {
@@ -41,17 +41,34 @@ const unblockAccountByAccountValidator = [
     logger.debug('Checking unblockAccountByAccountValidator parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isAccountNameWithHostExist(req.params.accountName, res)) return
+    if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return
 
-    const user = res.locals.oauth.token.User as UserModel
+    const user = res.locals.oauth.token.User
     const targetAccount = res.locals.account
-    if (!await isUnblockAccountExists(user.Account.id, targetAccount.id, res)) return
+    if (!await doesUnblockAccountExist(user.Account.id, targetAccount.id, res)) return
 
     return next()
   }
 ]
 
-const blockServerByAccountValidator = [
+const unblockAccountByServerValidator = [
+  param('accountName').exists().withMessage('Should have an account name with host'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking unblockAccountByServerValidator parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+    if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return
+
+    const serverActor = await getServerActor()
+    const targetAccount = res.locals.account
+    if (!await doesUnblockAccountExist(serverActor.Account.id, targetAccount.id, res)) return
+
+    return next()
+  }
+]
+
+const blockServerValidator = [
   body('host').custom(isHostValid).withMessage('Should have a valid host'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
@@ -61,17 +78,15 @@ const blockServerByAccountValidator = [
 
     const host: string = req.body.host
 
-    if (host === CONFIG.WEBSERVER.HOST) {
+    if (host === WEBSERVER.HOST) {
       return res.status(409)
         .send({ error: 'You cannot block your own server.' })
         .end()
     }
 
-    const server = await ServerModel.loadByHost(host)
+    let server = await ServerModel.loadByHost(host)
     if (!server) {
-      return res.status(404)
-                .send({ error: 'Server host not found.' })
-                .end()
+      server = await ServerModel.create({ host })
     }
 
     res.locals.server = server
@@ -88,8 +103,23 @@ const unblockServerByAccountValidator = [
 
     if (areValidationErrors(req, res)) return
 
-    const user = res.locals.oauth.token.User as UserModel
-    if (!await isUnblockServerExists(user.Account.id, req.params.host, res)) return
+    const user = res.locals.oauth.token.User
+    if (!await doesUnblockServerExist(user.Account.id, req.params.host, res)) return
+
+    return next()
+  }
+]
+
+const unblockServerByServerValidator = [
+  param('host').custom(isHostValid).withMessage('Should have an account name with host'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking unblockServerByServerValidator parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+
+    const serverActor = await getServerActor()
+    if (!await doesUnblockServerExist(serverActor.Account.id, req.params.host, res)) return
 
     return next()
   }
@@ -98,15 +128,17 @@ const unblockServerByAccountValidator = [
 // ---------------------------------------------------------------------------
 
 export {
-  blockServerByAccountValidator,
-  blockAccountByAccountValidator,
+  blockServerValidator,
+  blockAccountValidator,
   unblockAccountByAccountValidator,
-  unblockServerByAccountValidator
+  unblockServerByAccountValidator,
+  unblockAccountByServerValidator,
+  unblockServerByServerValidator
 }
 
 // ---------------------------------------------------------------------------
 
-async function isUnblockAccountExists (accountId: number, targetAccountId: number, res: express.Response) {
+async function doesUnblockAccountExist (accountId: number, targetAccountId: number, res: express.Response) {
   const accountBlock = await AccountBlocklistModel.loadByAccountAndTarget(accountId, targetAccountId)
   if (!accountBlock) {
     res.status(404)
@@ -121,7 +153,7 @@ async function isUnblockAccountExists (accountId: number, targetAccountId: numbe
   return true
 }
 
-async function isUnblockServerExists (accountId: number, host: string, res: express.Response) {
+async function doesUnblockServerExist (accountId: number, host: string, res: express.Response) {
   const serverBlock = await ServerBlocklistModel.loadByAccountAndHost(accountId, host)
   if (!serverBlock) {
     res.status(404)