X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Fplugins.ts;h=2c47ec5bbd03aef78f0a852c98cae228d2f7357a;hb=4d7ce9218a3f695bf3d013cbdce1c5c6a5221927;hp=a1634ded466ecc6258449ccdbd259291fc2875b7;hpb=8d2be0ed7bb87283a1ec98609df6b82d83db706a;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/middlewares/validators/plugins.ts b/server/middlewares/validators/plugins.ts index a1634ded4..2c47ec5bb 100644 --- a/server/middlewares/validators/plugins.ts +++ b/server/middlewares/validators/plugins.ts @@ -1,42 +1,86 @@ import * as express from 'express' -import { param, query, body } from 'express-validator/check' +import { body, param, query, ValidationChain } from 'express-validator' +import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes' +import { PluginType } from '../../../shared/models/plugins/plugin.type' +import { InstallOrUpdatePlugin } from '../../../shared/models/plugins/server/api/install-plugin.model' +import { exists, isBooleanValid, isSafePath, toBooleanOrNull, toIntOrNull } from '../../helpers/custom-validators/misc' +import { isNpmPluginNameValid, isPluginNameValid, isPluginTypeValid, isPluginVersionValid } from '../../helpers/custom-validators/plugins' import { logger } from '../../helpers/logger' -import { areValidationErrors } from './utils' -import { isPluginNameValid, isPluginTypeValid, isPluginVersionValid, isNpmPluginNameValid } from '../../helpers/custom-validators/plugins' +import { CONFIG } from '../../initializers/config' import { PluginManager } from '../../lib/plugins/plugin-manager' -import { isBooleanValid, isSafePath } from '../../helpers/custom-validators/misc' import { PluginModel } from '../../models/server/plugin' -import { InstallPlugin } from '../../../shared/models/plugins/install-plugin.model' +import { areValidationErrors } from './utils' -const servePluginStaticDirectoryValidator = [ - param('pluginName').custom(isPluginNameValid).withMessage('Should have a valid plugin name'), - param('pluginVersion').custom(isPluginVersionValid).withMessage('Should have a valid plugin version'), - param('staticEndpoint').custom(isSafePath).withMessage('Should have a valid static endpoint'), +const getPluginValidator = (pluginType: PluginType, withVersion = true) => { + const validators: (ValidationChain | express.Handler)[] = [ + param('pluginName').custom(isPluginNameValid).withMessage('Should have a valid plugin name') + ] + + if (withVersion) { + validators.push( + param('pluginVersion').custom(isPluginVersionValid).withMessage('Should have a valid plugin version') + ) + } + + return validators.concat([ + (req: express.Request, res: express.Response, next: express.NextFunction) => { + logger.debug('Checking getPluginValidator parameters', { parameters: req.params }) + + if (areValidationErrors(req, res)) return + + const npmName = PluginModel.buildNpmName(req.params.pluginName, pluginType) + const plugin = PluginManager.Instance.getRegisteredPluginOrTheme(npmName) + + if (!plugin) return res.sendStatus(HttpStatusCode.NOT_FOUND_404) + if (withVersion && plugin.version !== req.params.pluginVersion) return res.sendStatus(HttpStatusCode.NOT_FOUND_404) + + res.locals.registeredPlugin = plugin + + return next() + } + ]) +} + +const getExternalAuthValidator = [ + param('authName').custom(exists).withMessage('Should have a valid auth name'), (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking servePluginStaticDirectory parameters', { parameters: req.params }) + logger.debug('Checking getExternalAuthValidator parameters', { parameters: req.params }) if (areValidationErrors(req, res)) return - const plugin = PluginManager.Instance.getRegisteredPluginOrTheme(req.params.pluginName) + const plugin = res.locals.registeredPlugin + if (!plugin.registerHelpers) return res.sendStatus(HttpStatusCode.NOT_FOUND_404) - if (!plugin || plugin.version !== req.params.pluginVersion) { - return res.sendStatus(404) - } + const externalAuth = plugin.registerHelpers.getExternalAuths().find(a => a.authName === req.params.authName) + if (!externalAuth) return res.sendStatus(HttpStatusCode.NOT_FOUND_404) + + res.locals.externalAuth = externalAuth + + return next() + } +] + +const pluginStaticDirectoryValidator = [ + param('staticEndpoint').custom(isSafePath).withMessage('Should have a valid static endpoint'), + + (req: express.Request, res: express.Response, next: express.NextFunction) => { + logger.debug('Checking pluginStaticDirectoryValidator parameters', { parameters: req.params }) - res.locals.registeredPlugin = plugin + if (areValidationErrors(req, res)) return return next() } ] const listPluginsValidator = [ - query('type') + query('pluginType') .optional() + .customSanitizer(toIntOrNull) .custom(isPluginTypeValid).withMessage('Should have a valid plugin type'), query('uninstalled') .optional() - .toBoolean() + .customSanitizer(toBooleanOrNull) .custom(isBooleanValid).withMessage('Should have a valid uninstalled attribute'), (req: express.Request, res: express.Response, next: express.NextFunction) => { @@ -48,7 +92,7 @@ const listPluginsValidator = [ } ] -const installPluginValidator = [ +const installOrUpdatePluginValidator = [ body('npmName') .optional() .custom(isNpmPluginNameValid).withMessage('Should have a valid npm name'), @@ -57,15 +101,14 @@ const installPluginValidator = [ .custom(isSafePath).withMessage('Should have a valid safe path'), (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking installPluginValidator parameters', { parameters: req.body }) + logger.debug('Checking installOrUpdatePluginValidator parameters', { parameters: req.body }) if (areValidationErrors(req, res)) return - const body: InstallPlugin = req.body + const body: InstallOrUpdatePlugin = req.body if (!body.path && !body.npmName) { - return res.status(400) + return res.status(HttpStatusCode.BAD_REQUEST_400) .json({ error: 'Should have either a npmName or a path' }) - .end() } return next() @@ -85,7 +128,7 @@ const uninstallPluginValidator = [ ] const existingPluginValidator = [ - param('npmName').custom(isPluginNameValid).withMessage('Should have a valid plugin name'), + param('npmName').custom(isNpmPluginNameValid).withMessage('Should have a valid plugin name'), async (req: express.Request, res: express.Response, next: express.NextFunction) => { logger.debug('Checking enabledPluginValidator parameters', { parameters: req.params }) @@ -94,9 +137,8 @@ const existingPluginValidator = [ const plugin = await PluginModel.loadByNpmName(req.params.npmName) if (!plugin) { - return res.status(404) - .json({ error: 'Plugin not found' }) - .end() + return res.status(HttpStatusCode.NOT_FOUND_404) + .json({ error: 'Plugin not found' }) } res.locals.plugin = plugin @@ -117,13 +159,43 @@ const updatePluginSettingsValidator = [ } ] +const listAvailablePluginsValidator = [ + query('search') + .optional() + .exists().withMessage('Should have a valid search'), + query('pluginType') + .optional() + .customSanitizer(toIntOrNull) + .custom(isPluginTypeValid).withMessage('Should have a valid plugin type'), + query('currentPeerTubeEngine') + .optional() + .custom(isPluginVersionValid).withMessage('Should have a valid current peertube engine'), + + (req: express.Request, res: express.Response, next: express.NextFunction) => { + logger.debug('Checking enabledPluginValidator parameters', { parameters: req.query }) + + if (areValidationErrors(req, res)) return + + if (CONFIG.PLUGINS.INDEX.ENABLED === false) { + return res.status(HttpStatusCode.BAD_REQUEST_400) + .json({ error: 'Plugin index is not enabled' }) + .end() + } + + return next() + } +] + // --------------------------------------------------------------------------- export { - servePluginStaticDirectoryValidator, + pluginStaticDirectoryValidator, + getPluginValidator, updatePluginSettingsValidator, uninstallPluginValidator, + listAvailablePluginsValidator, existingPluginValidator, - installPluginValidator, - listPluginsValidator + installOrUpdatePluginValidator, + listPluginsValidator, + getExternalAuthValidator }