X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Fvideos%2Fvideo-live.ts;h=3a73e12725b1b13fd5b684d712d6a04c36875f99;hb=370240824e2fb28b314255f6c23f5ea7d6b08625;hp=a4c364976703ac364ade5da28201cd0fd8bb4218;hpb=c6c0fa6cd8fe8f752463d8982c3dbcd448739c4e;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/middlewares/validators/videos/video-live.ts b/server/middlewares/validators/videos/video-live.ts index a4c364976..3a73e1272 100644 --- a/server/middlewares/validators/videos/video-live.ts +++ b/server/middlewares/validators/videos/video-live.ts @@ -1,31 +1,35 @@ import * as express from 'express' import { body, param } from 'express-validator' import { checkUserCanManageVideo, doesVideoChannelOfAccountExist, doesVideoExist } from '@server/helpers/middlewares/videos' -import { UserRight } from '@shared/models' -import { isIdOrUUIDValid, isIdValid, toIntOrNull } from '../../../helpers/custom-validators/misc' +import { VideoLiveModel } from '@server/models/video/video-live' +import { ServerErrorCode, UserRight, VideoState } from '@shared/models' +import { isBooleanValid, isIdOrUUIDValid, isIdValid, toBooleanOrNull, toIntOrNull } from '../../../helpers/custom-validators/misc' import { isVideoNameValid } from '../../../helpers/custom-validators/videos' import { cleanUpReqFiles } from '../../../helpers/express-utils' import { logger } from '../../../helpers/logger' import { CONFIG } from '../../../initializers/config' import { areValidationErrors } from '../utils' import { getCommonVideoEditAttributes } from './videos' -import { VideoLiveModel } from '@server/models/video/video-live' +import { VideoModel } from '@server/models/video/video' +import { Hooks } from '@server/lib/plugins/hooks' +import { isLocalLiveVideoAccepted } from '@server/lib/moderation' +import { HttpStatusCode } from '@shared/core-utils/miscs/http-error-codes' const videoLiveGetValidator = [ param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking videoLiveGetValidator parameters', { parameters: req.body }) + logger.debug('Checking videoLiveGetValidator parameters', { parameters: req.params, user: res.locals.oauth.token.User.username }) if (areValidationErrors(req, res)) return if (!await doesVideoExist(req.params.videoId, res, 'all')) return - // Check if the user who did the request is able to update the video + // Check if the user who did the request is able to get the live info const user = res.locals.oauth.token.User - if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.UPDATE_ANY_VIDEO, res)) return + if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.GET_ANY_LIVE, res, false)) return const videoLive = await VideoLiveModel.loadByVideoId(res.locals.videoAll.id) - if (!videoLive) return res.sendStatus(404) + if (!videoLive) return res.sendStatus(HttpStatusCode.NOT_FOUND_404) res.locals.videoLive = videoLive @@ -41,26 +45,143 @@ const videoLiveAddValidator = getCommonVideoEditAttributes().concat([ body('name') .custom(isVideoNameValid).withMessage('Should have a valid name'), + body('saveReplay') + .optional() + .customSanitizer(toBooleanOrNull) + .custom(isBooleanValid).withMessage('Should have a valid saveReplay attribute'), + + body('permanentLive') + .optional() + .customSanitizer(toBooleanOrNull) + .custom(isBooleanValid).withMessage('Should have a valid permanentLive attribute'), + async (req: express.Request, res: express.Response, next: express.NextFunction) => { logger.debug('Checking videoLiveAddValidator parameters', { parameters: req.body }) + if (areValidationErrors(req, res)) return cleanUpReqFiles(req) + if (CONFIG.LIVE.ENABLED !== true) { - return res.status(403) + cleanUpReqFiles(req) + + return res.status(HttpStatusCode.FORBIDDEN_403) .json({ error: 'Live is not enabled on this instance' }) } - if (areValidationErrors(req, res)) return cleanUpReqFiles(req) + if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) { + cleanUpReqFiles(req) + + return res.status(HttpStatusCode.FORBIDDEN_403) + .json({ error: 'Saving live replay is not allowed instance' }) + } + + if (req.body.permanentLive && req.body.saveReplay) { + cleanUpReqFiles(req) + + return res.status(HttpStatusCode.BAD_REQUEST_400) + .json({ error: 'Cannot set this live as permanent while saving its replay' }) + } const user = res.locals.oauth.token.User if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req) + if (CONFIG.LIVE.MAX_INSTANCE_LIVES !== -1) { + const totalInstanceLives = await VideoModel.countLocalLives() + + if (totalInstanceLives >= CONFIG.LIVE.MAX_INSTANCE_LIVES) { + cleanUpReqFiles(req) + + return res.status(HttpStatusCode.FORBIDDEN_403) + .json({ + code: ServerErrorCode.MAX_INSTANCE_LIVES_LIMIT_REACHED, + error: 'Cannot create this live because the max instance lives limit is reached.' + }) + } + } + + if (CONFIG.LIVE.MAX_USER_LIVES !== -1) { + const totalUserLives = await VideoModel.countLivesOfAccount(user.Account.id) + + if (totalUserLives >= CONFIG.LIVE.MAX_USER_LIVES) { + cleanUpReqFiles(req) + + return res.status(HttpStatusCode.FORBIDDEN_403) + .json({ + code: ServerErrorCode.MAX_USER_LIVES_LIMIT_REACHED, + error: 'Cannot create this live because the max user lives limit is reached.' + }) + } + } + + if (!await isLiveVideoAccepted(req, res)) return cleanUpReqFiles(req) + return next() } ]) +const videoLiveUpdateValidator = [ + body('saveReplay') + .optional() + .customSanitizer(toBooleanOrNull) + .custom(isBooleanValid).withMessage('Should have a valid saveReplay attribute'), + + (req: express.Request, res: express.Response, next: express.NextFunction) => { + logger.debug('Checking videoLiveUpdateValidator parameters', { parameters: req.body }) + + if (areValidationErrors(req, res)) return + + if (req.body.permanentLive && req.body.saveReplay) { + return res.status(HttpStatusCode.BAD_REQUEST_400) + .json({ error: 'Cannot set this live as permanent while saving its replay' }) + } + + if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) { + return res.status(HttpStatusCode.FORBIDDEN_403) + .json({ error: 'Saving live replay is not allowed instance' }) + } + + if (res.locals.videoAll.state !== VideoState.WAITING_FOR_LIVE) { + return res.status(HttpStatusCode.BAD_REQUEST_400) + .json({ error: 'Cannot update a live that has already started' }) + } + + // Check the user can manage the live + const user = res.locals.oauth.token.User + if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.GET_ANY_LIVE, res)) return + + return next() + } +] + // --------------------------------------------------------------------------- export { videoLiveAddValidator, + videoLiveUpdateValidator, videoLiveGetValidator } + +// --------------------------------------------------------------------------- + +async function isLiveVideoAccepted (req: express.Request, res: express.Response) { + // Check we accept this video + const acceptParameters = { + liveVideoBody: req.body, + user: res.locals.oauth.token.User + } + const acceptedResult = await Hooks.wrapFun( + isLocalLiveVideoAccepted, + acceptParameters, + 'filter:api.live-video.create.accept.result' + ) + + if (!acceptedResult || acceptedResult.accepted !== true) { + logger.info('Refused local live video.', { acceptedResult, acceptParameters }) + + res.status(HttpStatusCode.FORBIDDEN_403) + .json({ error: acceptedResult.errorMessage || 'Refused local live video' }) + + return false + } + + return true +}