X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Fvideos%2Fvideo-comments.ts;h=1afacfed878e508391749815cfc2237c0e43bf89;hb=eebd9838f067369031af9770b899f75f30810549;hp=77f5c6ff3c5dd5bf41c51951308dc8e8fefda410;hpb=ec903c010ecc54ec2acad0bf2cf10e7fbf6a0fa2;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/middlewares/validators/videos/video-comments.ts b/server/middlewares/validators/videos/video-comments.ts index 77f5c6ff3..1afacfed8 100644 --- a/server/middlewares/validators/videos/video-comments.ts +++ b/server/middlewares/validators/videos/video-comments.ts @@ -1,8 +1,8 @@ import * as express from 'express' -import { body, param } from 'express-validator' +import { body, param, query } from 'express-validator' import { MUserAccountUrl } from '@server/types/models' import { UserRight } from '../../../../shared' -import { isIdOrUUIDValid, isIdValid } from '../../../helpers/custom-validators/misc' +import { exists, isBooleanValid, isIdOrUUIDValid, isIdValid, toBooleanOrNull } from '../../../helpers/custom-validators/misc' import { doesVideoCommentExist, doesVideoCommentThreadExist, @@ -14,6 +14,35 @@ import { AcceptResult, isLocalVideoCommentReplyAccepted, isLocalVideoThreadAccep import { Hooks } from '../../../lib/plugins/hooks' import { MCommentOwnerVideoReply, MVideo, MVideoFullLight } from '../../../types/models/video' import { areValidationErrors } from '../utils' +import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' + +const listVideoCommentsValidator = [ + query('isLocal') + .optional() + .customSanitizer(toBooleanOrNull) + .custom(isBooleanValid) + .withMessage('Should have a valid is local boolean'), + + query('search') + .optional() + .custom(exists).withMessage('Should have a valid search'), + + query('searchAccount') + .optional() + .custom(exists).withMessage('Should have a valid account search'), + + query('searchVideo') + .optional() + .custom(exists).withMessage('Should have a valid video search'), + + (req: express.Request, res: express.Response, next: express.NextFunction) => { + logger.debug('Checking listVideoCommentsValidator parameters.', { parameters: req.query }) + + if (areValidationErrors(req, res)) return + + return next() + } +] const listVideoCommentThreadsValidator = [ param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), @@ -116,6 +145,7 @@ export { listVideoCommentThreadsValidator, listVideoThreadCommentsValidator, addVideoCommentThreadValidator, + listVideoCommentsValidator, addVideoCommentReplyValidator, videoCommentGetValidator, removeVideoCommentValidator @@ -125,8 +155,8 @@ export { function isVideoCommentsEnabled (video: MVideo, res: express.Response) { if (video.commentsEnabled !== true) { - res.status(409) - .json({ error: 'Video comments are disabled for this video.' }) + res.status(HttpStatusCode.CONFLICT_409) + .json({ error: 'Video comments are disabled for this video.' }) return false } @@ -136,8 +166,8 @@ function isVideoCommentsEnabled (video: MVideo, res: express.Response) { function checkUserCanDeleteVideoComment (user: MUserAccountUrl, videoComment: MCommentOwnerVideoReply, res: express.Response) { if (videoComment.isDeleted()) { - res.status(409) - .json({ error: 'This comment is already deleted' }) + res.status(HttpStatusCode.CONFLICT_409) + .json({ error: 'This comment is already deleted' }) return false } @@ -149,7 +179,7 @@ function checkUserCanDeleteVideoComment (user: MUserAccountUrl, videoComment: MC videoComment.accountId !== userAccount.id && // Not the comment owner videoComment.Video.VideoChannel.accountId !== userAccount.id // Not the video owner ) { - res.status(403) + res.status(HttpStatusCode.FORBIDDEN_403) .json({ error: 'Cannot remove video comment of another user' }) return false @@ -185,8 +215,8 @@ async function isVideoCommentAccepted (req: express.Request, res: express.Respon if (!acceptedResult || acceptedResult.accepted !== true) { logger.info('Refused local comment.', { acceptedResult, acceptParameters }) - res.status(403) - .json({ error: acceptedResult.errorMessage || 'Refused local comment' }) + res.status(HttpStatusCode.FORBIDDEN_403) + .json({ error: acceptedResult?.errorMessage || 'Refused local comment' }) return false }