X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Fserver.ts;h=fe67047168ea8164908211d8d41f1623f0da3070;hb=428ccb8b7a44ce60cabb7401a5464cf5fcbd4dba;hp=a491dfeb33e62e50d746467d9291a6e0afda984b;hpb=6d8c8ea73a774c3568e6d28a4cbebcf7979d5c2a;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/middlewares/validators/server.ts b/server/middlewares/validators/server.ts
index a491dfeb3..fe6704716 100644
--- a/server/middlewares/validators/server.ts
+++ b/server/middlewares/validators/server.ts
@@ -1,9 +1,13 @@
 import * as express from 'express'
 import { logger } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
-import { isHostValid } from '../../helpers/custom-validators/servers'
+import { isHostValid, isValidContactBody } from '../../helpers/custom-validators/servers'
 import { ServerModel } from '../../models/server/server'
-import { body } from 'express-validator/check'
+import { body } from 'express-validator'
+import { isUserDisplayNameValid } from '../../helpers/custom-validators/users'
+import { Redis } from '../../lib/redis'
+import { CONFIG, isEmailEnabled } from '../../initializers/config'
+import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
 
 const serverGetValidator = [
   body('host').custom(isHostValid).withMessage('Should have a valid host'),
@@ -15,9 +19,9 @@ const serverGetValidator = [
 
     const server = await ServerModel.loadByHost(req.body.host)
     if (!server) {
-      return res.status(404)
-         .send({ error: 'Server host not found.' })
-         .end()
+      return res.status(HttpStatusCode.NOT_FOUND_404)
+                .send({ error: 'Server host not found.' })
+                .end()
     }
 
     res.locals.server = server
@@ -26,8 +30,49 @@ const serverGetValidator = [
   }
 ]
 
+const contactAdministratorValidator = [
+  body('fromName')
+    .custom(isUserDisplayNameValid).withMessage('Should have a valid name'),
+  body('fromEmail')
+    .isEmail().withMessage('Should have a valid email'),
+  body('body')
+    .custom(isValidContactBody).withMessage('Should have a valid body'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking contactAdministratorValidator parameters', { parameters: req.body })
+
+    if (areValidationErrors(req, res)) return
+
+    if (CONFIG.CONTACT_FORM.ENABLED === false) {
+      return res
+        .status(HttpStatusCode.CONFLICT_409)
+        .send({ error: 'Contact form is not enabled on this instance.' })
+        .end()
+    }
+
+    if (isEmailEnabled() === false) {
+      return res
+        .status(HttpStatusCode.CONFLICT_409)
+        .send({ error: 'Emailer is not enabled on this instance.' })
+        .end()
+    }
+
+    if (await Redis.Instance.doesContactFormIpExist(req.ip)) {
+      logger.info('Refusing a contact form by %s: already sent one recently.', req.ip)
+
+      return res
+        .status(HttpStatusCode.FORBIDDEN_403)
+        .send({ error: 'You already sent a contact form recently.' })
+        .end()
+    }
+
+    return next()
+  }
+]
+
 // ---------------------------------------------------------------------------
 
 export {
-  serverGetValidator
+  serverGetValidator,
+  contactAdministratorValidator
 }