X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Ffollows.ts;h=be98a4c04bfac936cf72fdaa4febd635476c361d;hb=cea2fd90ddb3bf57c2fed77128938d12d4c2be6b;hp=dfd6e7f03e6dc9ce80174302a5559c4a0f81e3b5;hpb=7e9334c34db23e5ad1e118151b24c720dd985984;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/middlewares/validators/follows.ts b/server/middlewares/validators/follows.ts
index dfd6e7f03..be98a4c04 100644
--- a/server/middlewares/validators/follows.ts
+++ b/server/middlewares/validators/follows.ts
@@ -1,56 +1,148 @@
-import * as express from 'express'
-import { body, param } from 'express-validator/check'
-import { isTestInstance } from '../../helpers/core-utils'
-import { isEachUniqueHostValid } from '../../helpers/custom-validators/servers'
+import express from 'express'
+import { body, param, query } from 'express-validator'
+import { isProdInstance } from '@server/helpers/core-utils'
+import { isEachUniqueHandleValid, isFollowStateValid, isRemoteHandleValid } from '@server/helpers/custom-validators/follows'
+import { loadActorUrlOrGetFromWebfinger } from '@server/lib/activitypub/actors'
+import { getRemoteNameAndHost } from '@server/lib/activitypub/follow'
+import { getServerActor } from '@server/models/application/application'
+import { MActorFollowActorsDefault } from '@server/types/models'
+import { ServerFollowCreate } from '@shared/models'
+import { HttpStatusCode } from '../../../shared/models/http/http-error-codes'
+import { isActorTypeValid, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor'
+import { isEachUniqueHostValid, isHostValid } from '../../helpers/custom-validators/servers'
 import { logger } from '../../helpers/logger'
-import { CONFIG, database as db } from '../../initializers'
-import { checkErrors } from './utils'
-import { getServerAccount } from '../../helpers/utils'
-import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc'
+import { WEBSERVER } from '../../initializers/constants'
+import { ActorModel } from '../../models/actor/actor'
+import { ActorFollowModel } from '../../models/actor/actor-follow'
+import { areValidationErrors } from './shared'
+
+const listFollowsValidator = [
+  query('state')
+    .optional()
+    .custom(isFollowStateValid),
+  query('actorType')
+    .optional()
+    .custom(isActorTypeValid),
+
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    if (areValidationErrors(req, res)) return
+
+    return next()
+  }
+]
 
 const followValidator = [
-  body('hosts').custom(isEachUniqueHostValid).withMessage('Should have an array of unique hosts'),
+  body('hosts')
+    .toArray()
+    .custom(isEachUniqueHostValid).withMessage('Should have an array of unique hosts'),
+
+  body('handles')
+    .toArray()
+    .custom(isEachUniqueHandleValid).withMessage('Should have an array of handles'),
 
   (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    // Force https if the administrator wants to make friends
-    if (isTestInstance() === false && CONFIG.WEBSERVER.SCHEME === 'http') {
-      return res.status(400)
+    // Force https if the administrator wants to follow remote actors
+    if (isProdInstance() && WEBSERVER.SCHEME === 'http') {
+      return res
+        .status(HttpStatusCode.INTERNAL_SERVER_ERROR_500)
         .json({
-          error: 'Cannot follow non HTTPS web server.'
+          error: 'Cannot follow on a non HTTPS web server.'
         })
-        .end()
     }
 
-    logger.debug('Checking follow parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+
+    const body: ServerFollowCreate = req.body
+    if (body.hosts.length === 0 && body.handles.length === 0) {
 
-    checkErrors(req, res, next)
+      return res
+        .status(HttpStatusCode.BAD_REQUEST_400)
+        .json({
+          error: 'You must provide at least one handle or one host.'
+        })
+    }
+
+    return next()
   }
 ]
 
 const removeFollowingValidator = [
-  param('accountId').custom(isIdOrUUIDValid).withMessage('Should have a valid account id'),
+  param('hostOrHandle')
+    .custom(value => isHostValid(value) || isRemoteHandleValid(value)),
 
-  (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    logger.debug('Checking follow parameters', { parameters: req.body })
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    if (areValidationErrors(req, res)) return
 
-    checkErrors(req, res, async () => {
-      try {
-        const serverAccount = await getServerAccount()
-        const following = await db.AccountFollow.loadByAccountAndTarget(serverAccount.id, req.params.accountId)
+    const serverActor = await getServerActor()
 
-        if (!following) {
-          return res.status(404)
-            .end()
-        }
+    const { name, host } = getRemoteNameAndHost(req.params.hostOrHandle)
+    const follow = await ActorFollowModel.loadByActorAndTargetNameAndHostForAPI({
+      actorId: serverActor.id,
+      targetName: name,
+      targetHost: host
+    })
 
-        res.locals.following = following
+    if (!follow) {
+      return res.fail({
+        status: HttpStatusCode.NOT_FOUND_404,
+        message: `Follow ${req.params.hostOrHandle} not found.`
+      })
+    }
 
-        return next()
-      } catch (err) {
-        logger.error('Error in remove following validator.', err)
-        return res.sendStatus(500)
-      }
-    })
+    res.locals.follow = follow
+    return next()
+  }
+]
+
+const getFollowerValidator = [
+  param('nameWithHost')
+    .custom(isValidActorHandle),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    if (areValidationErrors(req, res)) return
+
+    let follow: MActorFollowActorsDefault
+    try {
+      const actorUrl = await loadActorUrlOrGetFromWebfinger(req.params.nameWithHost)
+      const actor = await ActorModel.loadByUrl(actorUrl)
+
+      const serverActor = await getServerActor()
+      follow = await ActorFollowModel.loadByActorAndTarget(actor.id, serverActor.id)
+    } catch (err) {
+      logger.warn('Cannot get actor from handle.', { handle: req.params.nameWithHost, err })
+    }
+
+    if (!follow) {
+      return res.fail({
+        status: HttpStatusCode.NOT_FOUND_404,
+        message: `Follower ${req.params.nameWithHost} not found.`
+      })
+    }
+
+    res.locals.follow = follow
+    return next()
+  }
+]
+
+const acceptFollowerValidator = [
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    const follow = res.locals.follow
+    if (follow.state !== 'pending' && follow.state !== 'rejected') {
+      return res.fail({ message: 'Follow is not in pending/rejected state.' })
+    }
+
+    return next()
+  }
+]
+
+const rejectFollowerValidator = [
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    const follow = res.locals.follow
+    if (follow.state !== 'pending' && follow.state !== 'accepted') {
+      return res.fail({ message: 'Follow is not in pending/accepted state.' })
+    }
+
+    return next()
   }
 ]
 
@@ -58,5 +150,9 @@ const removeFollowingValidator = [
 
 export {
   followValidator,
-  removeFollowingValidator
+  removeFollowingValidator,
+  getFollowerValidator,
+  acceptFollowerValidator,
+  rejectFollowerValidator,
+  listFollowsValidator
 }