X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Ffeeds.ts;h=617661813fa0cb7fb1e574c215d466dc50a2c02a;hb=4d7ce9218a3f695bf3d013cbdce1c5c6a5221927;hp=e4f5c98fe32a8189377fd5f742d3eae79a3d4b78;hpb=97567dd81f508dd6295ac4d73d849aa2ce0a6549;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/middlewares/validators/feeds.ts b/server/middlewares/validators/feeds.ts index e4f5c98fe..617661813 100644 --- a/server/middlewares/validators/feeds.ts +++ b/server/middlewares/validators/feeds.ts @@ -1,21 +1,66 @@ import * as express from 'express' -import { param, query } from 'express-validator/check' -import { doesAccountIdExist, isAccountNameValid, doesAccountNameWithHostExist } from '../../helpers/custom-validators/accounts' -import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc' +import { param, query } from 'express-validator' +import { isValidRSSFeed } from '../../helpers/custom-validators/feeds' +import { exists, isIdOrUUIDValid, isIdValid } from '../../helpers/custom-validators/misc' import { logger } from '../../helpers/logger' +import { + doesAccountIdExist, + doesAccountNameWithHostExist, + doesUserFeedTokenCorrespond, + doesVideoChannelIdExist, + doesVideoChannelNameWithHostExist +} from '../../helpers/middlewares' +import { doesVideoExist } from '../../helpers/middlewares/videos' import { areValidationErrors } from './utils' -import { isValidRSSFeed } from '../../helpers/custom-validators/feeds' -import { doesVideoChannelIdExist, doesVideoChannelNameWithHostExist } from '../../helpers/custom-validators/video-channels' -import { doesVideoExist } from '../../helpers/custom-validators/videos' -import { isActorPreferredUsernameValid } from '../../helpers/custom-validators/activitypub/actor' +import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes' -const videoFeedsValidator = [ +const feedsFormatValidator = [ param('format').optional().custom(isValidRSSFeed).withMessage('Should have a valid format (rss, atom, json)'), - query('format').optional().custom(isValidRSSFeed).withMessage('Should have a valid format (rss, atom, json)'), - query('accountId').optional().custom(isIdOrUUIDValid), - query('accountName').optional().custom(isAccountNameValid), - query('videoChannelId').optional().custom(isIdOrUUIDValid), - query('videoChannelName').optional().custom(isActorPreferredUsernameValid), + query('format').optional().custom(isValidRSSFeed).withMessage('Should have a valid format (rss, atom, json)') +] + +function setFeedFormatContentType (req: express.Request, res: express.Response, next: express.NextFunction) { + const format = req.query.format || req.params.format || 'rss' + + let acceptableContentTypes: string[] + if (format === 'atom' || format === 'atom1') { + acceptableContentTypes = [ 'application/atom+xml', 'application/xml', 'text/xml' ] + } else if (format === 'json' || format === 'json1') { + acceptableContentTypes = [ 'application/json' ] + } else if (format === 'rss' || format === 'rss2') { + acceptableContentTypes = [ 'application/rss+xml', 'application/xml', 'text/xml' ] + } else { + acceptableContentTypes = [ 'application/xml', 'text/xml' ] + } + + if (req.accepts(acceptableContentTypes)) { + res.set('Content-Type', req.accepts(acceptableContentTypes) as string) + } else { + return res.status(HttpStatusCode.NOT_ACCEPTABLE_406) + .json({ + message: `You should accept at least one of the following content-types: ${acceptableContentTypes.join(', ')}` + }) + } + + return next() +} + +const videoFeedsValidator = [ + query('accountId') + .optional() + .custom(isIdValid) + .withMessage('Should have a valid account id'), + + query('accountName') + .optional(), + + query('videoChannelId') + .optional() + .custom(isIdValid) + .withMessage('Should have a valid channel id'), + + query('videoChannelName') + .optional(), async (req: express.Request, res: express.Response, next: express.NextFunction) => { logger.debug('Checking feeds parameters', { parameters: req.query }) @@ -31,9 +76,28 @@ const videoFeedsValidator = [ } ] +const videoSubscriptionFeedsValidator = [ + query('accountId') + .custom(isIdValid) + .withMessage('Should have a valid account id'), + + query('token') + .custom(exists) + .withMessage('Should have a token'), + + async (req: express.Request, res: express.Response, next: express.NextFunction) => { + logger.debug('Checking subscription feeds parameters', { parameters: req.query }) + + if (areValidationErrors(req, res)) return + + if (!await doesAccountIdExist(req.query.accountId, res)) return + if (!await doesUserFeedTokenCorrespond(res.locals.account.userId, req.query.token, res)) return + + return next() + } +] + const videoCommentsFeedsValidator = [ - param('format').optional().custom(isValidRSSFeed).withMessage('Should have a valid format (rss, atom, json)'), - query('format').optional().custom(isValidRSSFeed).withMessage('Should have a valid format (rss, atom, json)'), query('videoId').optional().custom(isIdOrUUIDValid), async (req: express.Request, res: express.Response, next: express.NextFunction) => { @@ -41,6 +105,13 @@ const videoCommentsFeedsValidator = [ if (areValidationErrors(req, res)) return + if (req.query.videoId && (req.query.videoChannelId || req.query.videoChannelName)) { + return res.status(HttpStatusCode.BAD_REQUEST_400) + .json({ + message: 'videoId cannot be mixed with a channel filter' + }) + } + if (req.query.videoId && !await doesVideoExist(req.query.videoId, res)) return return next() @@ -50,6 +121,9 @@ const videoCommentsFeedsValidator = [ // --------------------------------------------------------------------------- export { + feedsFormatValidator, + setFeedFormatContentType, videoFeedsValidator, + videoSubscriptionFeedsValidator, videoCommentsFeedsValidator }