diff options
| author | Lucas Declercq <lucas-dclrcq@users.noreply.github.com> | 2018-10-10 08:57:00 +0200 |
|---|---|---|
| committer | Chocobozzz <me@florianbigard.com> | 2018-10-10 08:57:00 +0200 |
| commit | 9ccff23877ec8d740fcd5a9254fcd2424b62d2c8 (patch) | |
| tree | 03a47436ce88a3169aed491439517001ab773bb6 | |
| parent | ee7c25c767c357bd12570889f8ccd79ba9ea4eb9 (diff) | |
| download | PeerTube-9ccff23877ec8d740fcd5a9254fcd2424b62d2c8.tar.gz PeerTube-9ccff23877ec8d740fcd5a9254fcd2424b62d2c8.tar.zst PeerTube-9ccff23877ec8d740fcd5a9254fcd2424b62d2c8.zip | |
Add explicit error message that changing video ownership only works with local accounts (#1214)
* Add explicit error message that changing video ownership only works with local accounts
* Remove superfluous logger
* Remove unneeded end() to error responses
* Add a message on client side to prevent transfering ownership to a remote account
| -rw-r--r-- | client/src/app/shared/forms/form-validators/video-change-ownership-validators.service.ts | 15 | ||||
| -rw-r--r-- | server/middlewares/validators/videos/videos.ts | 13 |
2 files changed, 16 insertions, 12 deletions
diff --git a/client/src/app/shared/forms/form-validators/video-change-ownership-validators.service.ts b/client/src/app/shared/forms/form-validators/video-change-ownership-validators.service.ts index 087b80b44..c6fbb7538 100644 --- a/client/src/app/shared/forms/form-validators/video-change-ownership-validators.service.ts +++ b/client/src/app/shared/forms/form-validators/video-change-ownership-validators.service.ts | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | import { I18n } from '@ngx-translate/i18n-polyfill' | 1 | import { I18n } from '@ngx-translate/i18n-polyfill' |
| 2 | import { Validators } from '@angular/forms' | 2 | import { AbstractControl, ValidationErrors, Validators } from '@angular/forms' |
| 3 | import { Injectable } from '@angular/core' | 3 | import { Injectable } from '@angular/core' |
| 4 | import { BuildFormValidator } from '@app/shared' | 4 | import { BuildFormValidator } from '@app/shared' |
| 5 | 5 | ||
| @@ -9,10 +9,19 @@ export class VideoChangeOwnershipValidatorsService { | |||
| 9 | 9 | ||
| 10 | constructor (private i18n: I18n) { | 10 | constructor (private i18n: I18n) { |
| 11 | this.USERNAME = { | 11 | this.USERNAME = { |
| 12 | VALIDATORS: [ Validators.required ], | 12 | VALIDATORS: [ Validators.required, this.localAccountValidator ], |
| 13 | MESSAGES: { | 13 | MESSAGES: { |
| 14 | 'required': this.i18n('The username is required.') | 14 | 'required': this.i18n('The username is required.'), |
| 15 | 'localAccountOnly': this.i18n('You can only transfer ownership to a local account') | ||
| 15 | } | 16 | } |
| 16 | } | 17 | } |
| 17 | } | 18 | } |
| 19 | |||
| 20 | localAccountValidator (control: AbstractControl): ValidationErrors { | ||
| 21 | if (control.value.includes('@')) { | ||
| 22 | return { 'localAccountOnly': true } | ||
| 23 | } | ||
| 24 | |||
| 25 | return null | ||
| 26 | } | ||
| 18 | } | 27 | } |
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts index d6b8aa725..1d0a64bb1 100644 --- a/server/middlewares/validators/videos/videos.ts +++ b/server/middlewares/validators/videos/videos.ts | |||
| @@ -69,7 +69,6 @@ const videosAddValidator = getCommonVideoAttributes().concat([ | |||
| 69 | if (isAble === false) { | 69 | if (isAble === false) { |
| 70 | res.status(403) | 70 | res.status(403) |
| 71 | .json({ error: 'The user video quota is exceeded with this video.' }) | 71 | .json({ error: 'The user video quota is exceeded with this video.' }) |
| 72 | .end() | ||
| 73 | 72 | ||
| 74 | return cleanUpReqFiles(req) | 73 | return cleanUpReqFiles(req) |
| 75 | } | 74 | } |
| @@ -82,7 +81,6 @@ const videosAddValidator = getCommonVideoAttributes().concat([ | |||
| 82 | logger.error('Invalid input file in videosAddValidator.', { err }) | 81 | logger.error('Invalid input file in videosAddValidator.', { err }) |
| 83 | res.status(400) | 82 | res.status(400) |
| 84 | .json({ error: 'Invalid input file.' }) | 83 | .json({ error: 'Invalid input file.' }) |
| 85 | .end() | ||
| 86 | 84 | ||
| 87 | return cleanUpReqFiles(req) | 85 | return cleanUpReqFiles(req) |
| 88 | } | 86 | } |
| @@ -120,7 +118,6 @@ const videosUpdateValidator = getCommonVideoAttributes().concat([ | |||
| 120 | cleanUpReqFiles(req) | 118 | cleanUpReqFiles(req) |
| 121 | return res.status(409) | 119 | return res.status(409) |
| 122 | .json({ error: 'Cannot set "private" a video that was not private.' }) | 120 | .json({ error: 'Cannot set "private" a video that was not private.' }) |
| 123 | .end() | ||
| 124 | } | 121 | } |
| 125 | 122 | ||
| 126 | if (req.body.channelId && !await isVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req) | 123 | if (req.body.channelId && !await isVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req) |
| @@ -150,7 +147,6 @@ const videosCustomGetValidator = (fetchType: VideoFetchType) => { | |||
| 150 | if (video.VideoChannel.Account.userId !== user.id && !user.hasRight(UserRight.MANAGE_VIDEO_BLACKLIST)) { | 147 | if (video.VideoChannel.Account.userId !== user.id && !user.hasRight(UserRight.MANAGE_VIDEO_BLACKLIST)) { |
| 151 | return res.status(403) | 148 | return res.status(403) |
| 152 | .json({ error: 'Cannot get this private or blacklisted video.' }) | 149 | .json({ error: 'Cannot get this private or blacklisted video.' }) |
| 153 | .end() | ||
| 154 | } | 150 | } |
| 155 | 151 | ||
| 156 | return next() | 152 | return next() |
| @@ -239,8 +235,8 @@ const videosChangeOwnershipValidator = [ | |||
| 239 | const nextOwner = await AccountModel.loadLocalByName(req.body.username) | 235 | const nextOwner = await AccountModel.loadLocalByName(req.body.username) |
| 240 | if (!nextOwner) { | 236 | if (!nextOwner) { |
| 241 | res.status(400) | 237 | res.status(400) |
| 242 | .type('json') | 238 | .json({ error: 'Changing video ownership to a remote account is not supported yet' }) |
| 243 | .end() | 239 | |
| 244 | return | 240 | return |
| 245 | } | 241 | } |
| 246 | res.locals.nextOwner = nextOwner | 242 | res.locals.nextOwner = nextOwner |
| @@ -271,7 +267,7 @@ const videosTerminateChangeOwnershipValidator = [ | |||
| 271 | } else { | 267 | } else { |
| 272 | res.status(403) | 268 | res.status(403) |
| 273 | .json({ error: 'Ownership already accepted or refused' }) | 269 | .json({ error: 'Ownership already accepted or refused' }) |
| 274 | .end() | 270 | |
| 275 | return | 271 | return |
| 276 | } | 272 | } |
| 277 | } | 273 | } |
| @@ -288,7 +284,7 @@ const videosAcceptChangeOwnershipValidator = [ | |||
| 288 | if (isAble === false) { | 284 | if (isAble === false) { |
| 289 | res.status(403) | 285 | res.status(403) |
| 290 | .json({ error: 'The user video quota is exceeded with this video.' }) | 286 | .json({ error: 'The user video quota is exceeded with this video.' }) |
| 291 | .end() | 287 | |
| 292 | return | 288 | return |
| 293 | } | 289 | } |
| 294 | 290 | ||
| @@ -389,7 +385,6 @@ function areErrorsInScheduleUpdate (req: express.Request, res: express.Response) | |||
| 389 | if (!req.body.scheduleUpdate.updateAt) { | 385 | if (!req.body.scheduleUpdate.updateAt) { |
| 390 | res.status(400) | 386 | res.status(400) |
| 391 | .json({ error: 'Schedule update at is mandatory.' }) | 387 | .json({ error: 'Schedule update at is mandatory.' }) |
| 392 | .end() | ||
| 393 | 388 | ||
| 394 | return true | 389 | return true |
| 395 | } | 390 | } |