X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Fmiddlewares%2Fvalidators%2Fvideos%2Fvideo-playlists.ts;h=e4b7e5c56920c45b90d96f415001f10ac29b69f2;hb=4638cd713dcdd007cd7f49b9a95fa62ac7823e7c;hp=0d2e6e90c5fceacedddccc4c57d2c005aa0fc106;hpb=10363c74c1d869f0e0c7bc4d0367b1f34d1bb6a4;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts index 0d2e6e90c..e4b7e5c56 100644 --- a/server/middlewares/validators/videos/video-playlists.ts +++ b/server/middlewares/validators/videos/video-playlists.ts @@ -1,16 +1,22 @@ -import * as express from 'express' +import express from 'express' import { body, param, query, ValidationChain } from 'express-validator' -import { ExpressPromiseHandler } from '@server/types/express' +import { ExpressPromiseHandler } from '@server/types/express-handler' import { MUserAccountId } from '@server/types/models' -import { UserRight, VideoPlaylistCreate, VideoPlaylistUpdate } from '../../../../shared' -import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' -import { VideoPlaylistPrivacy } from '../../../../shared/models/videos/playlist/video-playlist-privacy.model' -import { VideoPlaylistType } from '../../../../shared/models/videos/playlist/video-playlist-type.model' +import { forceNumber } from '@shared/core-utils' +import { + HttpStatusCode, + UserRight, + VideoPlaylistCreate, + VideoPlaylistPrivacy, + VideoPlaylistType, + VideoPlaylistUpdate +} from '@shared/models' import { isArrayOf, isIdOrUUIDValid, isIdValid, isUUIDValid, + toCompleteUUID, toIntArray, toIntOrNull, toValueOrNull @@ -22,31 +28,38 @@ import { isVideoPlaylistTimestampValid, isVideoPlaylistTypeValid } from '../../../helpers/custom-validators/video-playlists' -import { isVideoImage } from '../../../helpers/custom-validators/videos' +import { isVideoImageValid } from '../../../helpers/custom-validators/videos' import { cleanUpReqFiles } from '../../../helpers/express-utils' -import { logger } from '../../../helpers/logger' import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' import { VideoPlaylistElementModel } from '../../../models/video/video-playlist-element' import { MVideoPlaylist } from '../../../types/models/video/video-playlist' -import { authenticatePromiseIfNeeded } from '../../auth' -import { areValidationErrors, doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist, VideoPlaylistFetchType } from '../shared' +import { authenticatePromise } from '../../auth' +import { + areValidationErrors, + doesVideoChannelIdExist, + doesVideoExist, + doesVideoPlaylistExist, + isValidPlaylistIdParam, + VideoPlaylistFetchType +} from '../shared' const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([ body('displayName') - .custom(isVideoPlaylistNameValid).withMessage('Should have a valid display name'), + .custom(isVideoPlaylistNameValid), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking videoPlaylistsAddValidator parameters', { parameters: req.body }) - if (areValidationErrors(req, res)) return cleanUpReqFiles(req) const body: VideoPlaylistCreate = req.body if (body.videoChannelId && !await doesVideoChannelIdExist(body.videoChannelId, res)) return cleanUpReqFiles(req) - if (body.privacy === VideoPlaylistPrivacy.PUBLIC && !body.videoChannelId) { + if ( + !body.videoChannelId && + (body.privacy === VideoPlaylistPrivacy.PUBLIC || body.privacy === VideoPlaylistPrivacy.UNLISTED) + ) { cleanUpReqFiles(req) - return res.fail({ message: 'Cannot set "public" a playlist that is not assigned to a channel.' }) + return res.fail({ message: 'Cannot set "public" or "unlisted" a playlist that is not assigned to a channel.' }) } return next() @@ -54,16 +67,13 @@ const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([ ]) const videoPlaylistsUpdateValidator = getCommonPlaylistEditAttributes().concat([ - param('playlistId') - .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'), + isValidPlaylistIdParam('playlistId'), body('displayName') .optional() - .custom(isVideoPlaylistNameValid).withMessage('Should have a valid display name'), + .custom(isVideoPlaylistNameValid), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking videoPlaylistsUpdateValidator parameters', { parameters: req.body }) - if (areValidationErrors(req, res)) return cleanUpReqFiles(req) if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return cleanUpReqFiles(req) @@ -101,12 +111,9 @@ const videoPlaylistsUpdateValidator = getCommonPlaylistEditAttributes().concat([ ]) const videoPlaylistsDeleteValidator = [ - param('playlistId') - .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'), + isValidPlaylistIdParam('playlistId'), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking videoPlaylistsDeleteValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return @@ -126,12 +133,9 @@ const videoPlaylistsDeleteValidator = [ const videoPlaylistsGetValidator = (fetchType: VideoPlaylistFetchType) => { return [ - param('playlistId') - .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'), + isValidPlaylistIdParam('playlistId'), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking videoPlaylistsGetValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return if (!await doesVideoPlaylistExist(req.params.playlistId, res, fetchType)) return @@ -149,7 +153,7 @@ const videoPlaylistsGetValidator = (fetchType: VideoPlaylistFetchType) => { } if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { - await authenticatePromiseIfNeeded(req, res) + await authenticatePromise(req, res) const user = res.locals.oauth ? res.locals.oauth.token.User : null @@ -172,11 +176,11 @@ const videoPlaylistsGetValidator = (fetchType: VideoPlaylistFetchType) => { } const videoPlaylistsSearchValidator = [ - query('search').optional().not().isEmpty().withMessage('Should have a valid search'), + query('search') + .optional() + .not().isEmpty(), (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking videoPlaylists search query', { parameters: req.query }) - if (areValidationErrors(req, res)) return return next() @@ -184,20 +188,19 @@ const videoPlaylistsSearchValidator = [ ] const videoPlaylistsAddVideoValidator = [ - param('playlistId') - .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'), + isValidPlaylistIdParam('playlistId'), + body('videoId') - .custom(isIdOrUUIDValid).withMessage('Should have a valid video id/uuid'), + .customSanitizer(toCompleteUUID) + .custom(isIdOrUUIDValid).withMessage('Should have a valid video id/uuid/short uuid'), body('startTimestamp') .optional() - .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid start timestamp'), + .custom(isVideoPlaylistTimestampValid), body('stopTimestamp') .optional() - .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid stop timestamp'), + .custom(isVideoPlaylistTimestampValid), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking videoPlaylistsAddVideoValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return @@ -214,20 +217,18 @@ const videoPlaylistsAddVideoValidator = [ ] const videoPlaylistsUpdateOrRemoveVideoValidator = [ - param('playlistId') - .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'), + isValidPlaylistIdParam('playlistId'), param('playlistElementId') - .custom(isIdValid).withMessage('Should have an element id/uuid'), + .customSanitizer(toCompleteUUID) + .custom(isIdValid).withMessage('Should have an element id/uuid/short uuid'), body('startTimestamp') .optional() - .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid start timestamp'), + .custom(isVideoPlaylistTimestampValid), body('stopTimestamp') .optional() - .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid stop timestamp'), + .custom(isVideoPlaylistTimestampValid), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking videoPlaylistsRemoveVideoValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return @@ -251,17 +252,14 @@ const videoPlaylistsUpdateOrRemoveVideoValidator = [ ] const videoPlaylistElementAPGetValidator = [ - param('playlistId') - .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'), + isValidPlaylistIdParam('playlistId'), param('playlistElementId') - .custom(isIdValid).withMessage('Should have an playlist element id'), + .custom(isIdValid), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking videoPlaylistElementAPGetValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return - const playlistElementId = parseInt(req.params.playlistElementId + '', 10) + const playlistElementId = forceNumber(req.params.playlistElementId) const playlistId = req.params.playlistId const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndElementIdForAP(playlistId, playlistElementId) @@ -287,19 +285,17 @@ const videoPlaylistElementAPGetValidator = [ ] const videoPlaylistsReorderVideosValidator = [ - param('playlistId') - .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'), + isValidPlaylistIdParam('playlistId'), + body('startPosition') - .isInt({ min: 1 }).withMessage('Should have a valid start position'), + .isInt({ min: 1 }), body('insertAfterPosition') - .isInt({ min: 0 }).withMessage('Should have a valid insert after position'), + .isInt({ min: 0 }), body('reorderLength') .optional() - .isInt({ min: 1 }).withMessage('Should have a valid range length'), + .isInt({ min: 1 }), async (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking videoPlaylistsReorderVideosValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return @@ -329,11 +325,9 @@ const videoPlaylistsReorderVideosValidator = [ const commonVideoPlaylistFiltersValidator = [ query('playlistType') .optional() - .custom(isVideoPlaylistTypeValid).withMessage('Should have a valid playlist type'), + .custom(isVideoPlaylistTypeValid), (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking commonVideoPlaylistFiltersValidator parameters', { parameters: req.params }) - if (areValidationErrors(req, res)) return return next() @@ -346,8 +340,6 @@ const doVideosInPlaylistExistValidator = [ .custom(v => isArrayOf(v, isIdValid)).withMessage('Should have a valid video ids array'), (req: express.Request, res: express.Response, next: express.NextFunction) => { - logger.debug('Checking areVideosInPlaylistExistValidator parameters', { parameters: req.query }) - if (areValidationErrors(req, res)) return return next() @@ -379,7 +371,7 @@ export { function getCommonPlaylistEditAttributes () { return [ body('thumbnailfile') - .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')) + .custom((value, { req }) => isVideoImageValid(req.files, 'thumbnailfile')) .withMessage( 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: ' + CONSTRAINTS_FIELDS.VIDEO_PLAYLISTS.IMAGE.EXTNAME.join(', ') @@ -388,11 +380,11 @@ function getCommonPlaylistEditAttributes () { body('description') .optional() .customSanitizer(toValueOrNull) - .custom(isVideoPlaylistDescriptionValid).withMessage('Should have a valid description'), + .custom(isVideoPlaylistDescriptionValid), body('privacy') .optional() .customSanitizer(toIntOrNull) - .custom(isVideoPlaylistPrivacyValid).withMessage('Should have correct playlist privacy'), + .custom(isVideoPlaylistPrivacyValid), body('videoChannelId') .optional() .customSanitizer(toIntOrNull)