X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Fvideos%2Fvideo-live.ts;h=3a73e12725b1b13fd5b684d712d6a04c36875f99;hb=20213fbd2a366dffc35aa7dddad71323893f8d62;hp=ab57e67bf07e895f31ac1a7c6858b89106c20b54;hpb=b5b687550d8ef8beafdf706e45d6556fb5f4c876;p=github%2FChocobozzz%2FPeerTube.git

diff --git a/server/middlewares/validators/videos/video-live.ts b/server/middlewares/validators/videos/video-live.ts
index ab57e67bf..3a73e1272 100644
--- a/server/middlewares/validators/videos/video-live.ts
+++ b/server/middlewares/validators/videos/video-live.ts
@@ -2,7 +2,7 @@ import * as express from 'express'
 import { body, param } from 'express-validator'
 import { checkUserCanManageVideo, doesVideoChannelOfAccountExist, doesVideoExist } from '@server/helpers/middlewares/videos'
 import { VideoLiveModel } from '@server/models/video/video-live'
-import { UserRight, VideoState } from '@shared/models'
+import { ServerErrorCode, UserRight, VideoState } from '@shared/models'
 import { isBooleanValid, isIdOrUUIDValid, isIdValid, toBooleanOrNull, toIntOrNull } from '../../../helpers/custom-validators/misc'
 import { isVideoNameValid } from '../../../helpers/custom-validators/videos'
 import { cleanUpReqFiles } from '../../../helpers/express-utils'
@@ -10,22 +10,26 @@ import { logger } from '../../../helpers/logger'
 import { CONFIG } from '../../../initializers/config'
 import { areValidationErrors } from '../utils'
 import { getCommonVideoEditAttributes } from './videos'
+import { VideoModel } from '@server/models/video/video'
+import { Hooks } from '@server/lib/plugins/hooks'
+import { isLocalLiveVideoAccepted } from '@server/lib/moderation'
+import { HttpStatusCode } from '@shared/core-utils/miscs/http-error-codes'
 
 const videoLiveGetValidator = [
   param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    logger.debug('Checking videoLiveGetValidator parameters', { parameters: req.body })
+    logger.debug('Checking videoLiveGetValidator parameters', { parameters: req.params, user: res.locals.oauth.token.User.username })
 
     if (areValidationErrors(req, res)) return
     if (!await doesVideoExist(req.params.videoId, res, 'all')) return
 
-    // Check if the user who did the request is able to update the video
+    // Check if the user who did the request is able to get the live info
     const user = res.locals.oauth.token.User
-    if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.UPDATE_ANY_VIDEO, res)) return
+    if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.GET_ANY_LIVE, res, false)) return
 
     const videoLive = await VideoLiveModel.loadByVideoId(res.locals.videoAll.id)
-    if (!videoLive) return res.sendStatus(404)
+    if (!videoLive) return res.sendStatus(HttpStatusCode.NOT_FOUND_404)
 
     res.locals.videoLive = videoLive
 
@@ -46,24 +50,70 @@ const videoLiveAddValidator = getCommonVideoEditAttributes().concat([
     .customSanitizer(toBooleanOrNull)
     .custom(isBooleanValid).withMessage('Should have a valid saveReplay attribute'),
 
+  body('permanentLive')
+    .optional()
+    .customSanitizer(toBooleanOrNull)
+    .custom(isBooleanValid).withMessage('Should have a valid permanentLive attribute'),
+
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking videoLiveAddValidator parameters', { parameters: req.body })
 
+    if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
+
     if (CONFIG.LIVE.ENABLED !== true) {
-      return res.status(403)
+      cleanUpReqFiles(req)
+
+      return res.status(HttpStatusCode.FORBIDDEN_403)
         .json({ error: 'Live is not enabled on this instance' })
     }
 
     if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) {
-      return res.status(403)
+      cleanUpReqFiles(req)
+
+      return res.status(HttpStatusCode.FORBIDDEN_403)
         .json({ error: 'Saving live replay is not allowed instance' })
     }
 
-    if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
+    if (req.body.permanentLive && req.body.saveReplay) {
+      cleanUpReqFiles(req)
+
+      return res.status(HttpStatusCode.BAD_REQUEST_400)
+        .json({ error: 'Cannot set this live as permanent while saving its replay' })
+    }
 
     const user = res.locals.oauth.token.User
     if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
 
+    if (CONFIG.LIVE.MAX_INSTANCE_LIVES !== -1) {
+      const totalInstanceLives = await VideoModel.countLocalLives()
+
+      if (totalInstanceLives >= CONFIG.LIVE.MAX_INSTANCE_LIVES) {
+        cleanUpReqFiles(req)
+
+        return res.status(HttpStatusCode.FORBIDDEN_403)
+          .json({
+            code: ServerErrorCode.MAX_INSTANCE_LIVES_LIMIT_REACHED,
+            error: 'Cannot create this live because the max instance lives limit is reached.'
+          })
+      }
+    }
+
+    if (CONFIG.LIVE.MAX_USER_LIVES !== -1) {
+      const totalUserLives = await VideoModel.countLivesOfAccount(user.Account.id)
+
+      if (totalUserLives >= CONFIG.LIVE.MAX_USER_LIVES) {
+        cleanUpReqFiles(req)
+
+        return res.status(HttpStatusCode.FORBIDDEN_403)
+          .json({
+            code: ServerErrorCode.MAX_USER_LIVES_LIMIT_REACHED,
+            error: 'Cannot create this live because the max user lives limit is reached.'
+          })
+      }
+    }
+
+    if (!await isLiveVideoAccepted(req, res)) return cleanUpReqFiles(req)
+
     return next()
   }
 ])
@@ -79,16 +129,25 @@ const videoLiveUpdateValidator = [
 
     if (areValidationErrors(req, res)) return
 
+    if (req.body.permanentLive && req.body.saveReplay) {
+      return res.status(HttpStatusCode.BAD_REQUEST_400)
+        .json({ error: 'Cannot set this live as permanent while saving its replay' })
+    }
+
     if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) {
-      return res.status(403)
+      return res.status(HttpStatusCode.FORBIDDEN_403)
         .json({ error: 'Saving live replay is not allowed instance' })
     }
 
     if (res.locals.videoAll.state !== VideoState.WAITING_FOR_LIVE) {
-      return res.status(400)
+      return res.status(HttpStatusCode.BAD_REQUEST_400)
         .json({ error: 'Cannot update a live that has already started' })
     }
 
+    // Check the user can manage the live
+    const user = res.locals.oauth.token.User
+    if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.GET_ANY_LIVE, res)) return
+
     return next()
   }
 ]
@@ -100,3 +159,29 @@ export {
   videoLiveUpdateValidator,
   videoLiveGetValidator
 }
+
+// ---------------------------------------------------------------------------
+
+async function isLiveVideoAccepted (req: express.Request, res: express.Response) {
+  // Check we accept this video
+  const acceptParameters = {
+    liveVideoBody: req.body,
+    user: res.locals.oauth.token.User
+  }
+  const acceptedResult = await Hooks.wrapFun(
+    isLocalLiveVideoAccepted,
+    acceptParameters,
+    'filter:api.live-video.create.accept.result'
+  )
+
+  if (!acceptedResult || acceptedResult.accepted !== true) {
+    logger.info('Refused local live video.', { acceptedResult, acceptParameters })
+
+    res.status(HttpStatusCode.FORBIDDEN_403)
+       .json({ error: acceptedResult.errorMessage || 'Refused local live video' })
+
+    return false
+  }
+
+  return true
+}