X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Ffollows.ts;h=7887356630a54191824bdf3d039247f4ddd7fe19;hb=5c5e587307a27e173333789b5b5167d35f468b01;hp=e22349726e581dd40fb7eaa235949b4573bcadf1;hpb=54141398354e6e7b94aa3065a705a1251390111c;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/middlewares/validators/follows.ts b/server/middlewares/validators/follows.ts index e22349726..788735663 100644 --- a/server/middlewares/validators/follows.ts +++ b/server/middlewares/validators/follows.ts @@ -1,56 +1,106 @@ import * as express from 'express' -import { body } from 'express-validator/check' +import { body, param } from 'express-validator' import { isTestInstance } from '../../helpers/core-utils' -import { isAccountIdValid } from '../../helpers/custom-validators/activitypub/account' -import { isEachUniqueHostValid } from '../../helpers/custom-validators/servers' +import { isEachUniqueHostValid, isHostValid } from '../../helpers/custom-validators/servers' import { logger } from '../../helpers/logger' -import { CONFIG, database as db } from '../../initializers' -import { checkErrors } from './utils' -import { getServerAccount } from '../../helpers/utils' +import { getServerActor } from '../../helpers/utils' +import { SERVER_ACTOR_NAME, WEBSERVER } from '../../initializers/constants' +import { ActorFollowModel } from '../../models/activitypub/actor-follow' +import { areValidationErrors } from './utils' +import { ActorModel } from '../../models/activitypub/actor' +import { loadActorUrlOrGetFromWebfinger } from '../../helpers/webfinger' +import { isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor' +import { MActorFollowActorsDefault } from '@server/typings/models' const followValidator = [ body('hosts').custom(isEachUniqueHostValid).withMessage('Should have an array of unique hosts'), (req: express.Request, res: express.Response, next: express.NextFunction) => { // Force https if the administrator wants to make friends - if (isTestInstance() === false && CONFIG.WEBSERVER.SCHEME === 'http') { - return res.status(400) + if (isTestInstance() === false && WEBSERVER.SCHEME === 'http') { + return res.status(500) .json({ - error: 'Cannot follow non HTTPS web server.' + error: 'Cannot follow on a non HTTPS web server.' }) .end() } logger.debug('Checking follow parameters', { parameters: req.body }) - checkErrors(req, res, next) + if (areValidationErrors(req, res)) return + + return next() } ] const removeFollowingValidator = [ - body('accountId').custom(isAccountIdValid).withMessage('Should have a valid account id'), + param('host').custom(isHostValid).withMessage('Should have a valid host'), - (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking follow parameters', { parameters: req.body }) + async (req: express.Request, res: express.Response, next: express.NextFunction) => { + logger.debug('Checking unfollowing parameters', { parameters: req.params }) + + if (areValidationErrors(req, res)) return + + const serverActor = await getServerActor() + const follow = await ActorFollowModel.loadByActorAndTargetNameAndHostForAPI(serverActor.id, SERVER_ACTOR_NAME, req.params.host) + + if (!follow) { + return res + .status(404) + .json({ + error: `Following ${req.params.host} not found.` + }) + .end() + } + + res.locals.follow = follow + return next() + } +] + +const getFollowerValidator = [ + param('nameWithHost').custom(isValidActorHandle).withMessage('Should have a valid nameWithHost'), - checkErrors(req, res, async () => { - try { - const serverAccount = await getServerAccount() - const following = await db.AccountFollow.loadByAccountAndTarget(serverAccount.id, req.params.accountId) + async (req: express.Request, res: express.Response, next: express.NextFunction) => { + logger.debug('Checking get follower parameters', { parameters: req.params }) - if (!following) { - return res.status(404) - .end() - } + if (areValidationErrors(req, res)) return - res.locals.following = following + let follow: MActorFollowActorsDefault + try { + const actorUrl = await loadActorUrlOrGetFromWebfinger(req.params.nameWithHost) + const actor = await ActorModel.loadByUrl(actorUrl) + + const serverActor = await getServerActor() + follow = await ActorFollowModel.loadByActorAndTarget(actor.id, serverActor.id) + } catch (err) { + logger.warn('Cannot get actor from handle.', { handle: req.params.nameWithHost, err }) + } + + if (!follow) { + return res + .status(404) + .json({ + error: `Follower ${req.params.nameWithHost} not found.` + }) + .end() + } + + res.locals.follow = follow + return next() + } +] + +const acceptOrRejectFollowerValidator = [ + (req: express.Request, res: express.Response, next: express.NextFunction) => { + logger.debug('Checking accept/reject follower parameters', { parameters: req.params }) + + const follow = res.locals.follow + if (follow.state !== 'pending') { + return res.status(400).json({ error: 'Follow is not in pending state.' }).end() + } - return next() - } catch (err) { - logger.error('Error in remove following validator.', err) - return res.sendStatus(500) - } - }) + return next() } ] @@ -58,5 +108,7 @@ const removeFollowingValidator = [ export { followValidator, - removeFollowingValidator + removeFollowingValidator, + getFollowerValidator, + acceptOrRejectFollowerValidator }