diff options
author | Chocobozzz <florian.bigard@gmail.com> | 2015-11-07 14:16:26 +0100 |
---|---|---|
committer | Chocobozzz <florian.bigard@gmail.com> | 2015-11-07 14:16:26 +0100 |
commit | 34ca3b5225479a5da986c86ee4c42a73ae6df5ad (patch) | |
tree | 561ba5ae1adccd5729305a8cc17d13d24a0c2ddb /middlewares | |
parent | f5a60a5138135a3412dfbcfd6e564f7aa47a55c2 (diff) | |
download | PeerTube-34ca3b5225479a5da986c86ee4c42a73ae6df5ad.tar.gz PeerTube-34ca3b5225479a5da986c86ee4c42a73ae6df5ad.tar.zst PeerTube-34ca3b5225479a5da986c86ee4c42a73ae6df5ad.zip |
Add requests parameters validations
Diffstat (limited to 'middlewares')
-rw-r--r-- | middlewares/reqValidators/index.js | 11 | ||||
-rw-r--r-- | middlewares/reqValidators/pods.js | 19 | ||||
-rw-r--r-- | middlewares/reqValidators/remote.js | 40 | ||||
-rw-r--r-- | middlewares/reqValidators/utils.js | 22 | ||||
-rw-r--r-- | middlewares/reqValidators/videos.js | 67 |
5 files changed, 159 insertions, 0 deletions
diff --git a/middlewares/reqValidators/index.js b/middlewares/reqValidators/index.js new file mode 100644 index 000000000..1ea611031 --- /dev/null +++ b/middlewares/reqValidators/index.js | |||
@@ -0,0 +1,11 @@ | |||
1 | ;(function () { | ||
2 | 'use strict' | ||
3 | |||
4 | var reqValidator = { | ||
5 | videos: require('./videos'), | ||
6 | pods: require('./pods'), | ||
7 | remote: require('./remote') | ||
8 | } | ||
9 | |||
10 | module.exports = reqValidator | ||
11 | })() | ||
diff --git a/middlewares/reqValidators/pods.js b/middlewares/reqValidators/pods.js new file mode 100644 index 000000000..31eaf8449 --- /dev/null +++ b/middlewares/reqValidators/pods.js | |||
@@ -0,0 +1,19 @@ | |||
1 | ;(function () { | ||
2 | 'use strict' | ||
3 | |||
4 | var checkErrors = require('./utils').checkErrors | ||
5 | var logger = require('../../src/logger') | ||
6 | |||
7 | var pods = {} | ||
8 | |||
9 | pods.podsAdd = function (req, res, next) { | ||
10 | req.checkBody('data.url', 'Should have an url').notEmpty().isURL({ require_protocol: true }) | ||
11 | req.checkBody('data.publicKey', 'Should have a public key').notEmpty() | ||
12 | |||
13 | logger.debug('Checking podsAdd parameters', { parameters: req.body }) | ||
14 | |||
15 | checkErrors(req, res, next) | ||
16 | } | ||
17 | |||
18 | module.exports = pods | ||
19 | })() | ||
diff --git a/middlewares/reqValidators/remote.js b/middlewares/reqValidators/remote.js new file mode 100644 index 000000000..e851b49a4 --- /dev/null +++ b/middlewares/reqValidators/remote.js | |||
@@ -0,0 +1,40 @@ | |||
1 | ;(function () { | ||
2 | 'use strict' | ||
3 | |||
4 | var checkErrors = require('./utils').checkErrors | ||
5 | var logger = require('../../src/logger') | ||
6 | |||
7 | var remote = {} | ||
8 | |||
9 | remote.secureRequest = function (req, res, next) { | ||
10 | req.checkBody('signature.url', 'Should have a signature url').isURL() | ||
11 | req.checkBody('signature.signature', 'Should have a signature').notEmpty() | ||
12 | req.checkBody('key', 'Should have a key').notEmpty() | ||
13 | req.checkBody('data', 'Should have data').notEmpty() | ||
14 | |||
15 | logger.debug('Checking secureRequest parameters', { parameters: req.body }) | ||
16 | |||
17 | checkErrors(req, res, next) | ||
18 | } | ||
19 | |||
20 | remote.remoteVideosAdd = function (req, res, next) { | ||
21 | req.checkBody('data.name', 'Should have a name').isLength(1, 50) | ||
22 | req.checkBody('data.description', 'Should have a description').isLength(1, 250) | ||
23 | req.checkBody('data.magnetUri', 'Should have a magnetUri').notEmpty() | ||
24 | req.checkBody('data.podUrl', 'Should have a podUrl').isURL() | ||
25 | |||
26 | logger.debug('Checking remoteVideosAdd parameters', { parameters: req.body }) | ||
27 | |||
28 | checkErrors(req, res, next) | ||
29 | } | ||
30 | |||
31 | remote.remoteVideosRemove = function (req, res, next) { | ||
32 | req.checkBody('data.magnetUri', 'Should have a magnetUri').notEmpty() | ||
33 | |||
34 | logger.debug('Checking remoteVideosRemove parameters', { parameters: req.body }) | ||
35 | |||
36 | checkErrors(req, res, next) | ||
37 | } | ||
38 | |||
39 | module.exports = remote | ||
40 | })() | ||
diff --git a/middlewares/reqValidators/utils.js b/middlewares/reqValidators/utils.js new file mode 100644 index 000000000..91ead27a5 --- /dev/null +++ b/middlewares/reqValidators/utils.js | |||
@@ -0,0 +1,22 @@ | |||
1 | ;(function () { | ||
2 | 'use strict' | ||
3 | |||
4 | var util = require('util') | ||
5 | var logger = require('../../src/logger') | ||
6 | |||
7 | var utils = {} | ||
8 | |||
9 | utils.checkErrors = function (req, res, next, status_code) { | ||
10 | if (status_code === undefined) status_code = 400 | ||
11 | var errors = req.validationErrors() | ||
12 | |||
13 | if (errors) { | ||
14 | logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors }) | ||
15 | return res.status(status_code).send('There have been validation errors: ' + util.inspect(errors)) | ||
16 | } | ||
17 | |||
18 | return next() | ||
19 | } | ||
20 | |||
21 | module.exports = utils | ||
22 | })() | ||
diff --git a/middlewares/reqValidators/videos.js b/middlewares/reqValidators/videos.js new file mode 100644 index 000000000..3763a657c --- /dev/null +++ b/middlewares/reqValidators/videos.js | |||
@@ -0,0 +1,67 @@ | |||
1 | ;(function () { | ||
2 | 'use strict' | ||
3 | |||
4 | var checkErrors = require('./utils').checkErrors | ||
5 | var VideosDB = require('../../src/database').VideosDB | ||
6 | var logger = require('../../src/logger') | ||
7 | |||
8 | var videos = {} | ||
9 | |||
10 | function findVideoById (id, callback) { | ||
11 | VideosDB.findById(id, { _id: 1, namePath: 1 }).limit(1).exec(function (err, video) { | ||
12 | if (err) throw err | ||
13 | |||
14 | callback(video) | ||
15 | }) | ||
16 | } | ||
17 | |||
18 | videos.videosSearch = function (req, res, next) { | ||
19 | req.checkParams('name', 'Should have a name').notEmpty() | ||
20 | |||
21 | logger.debug('Checking videosSearch parameters', { parameters: req.params }) | ||
22 | |||
23 | checkErrors(req, res, next) | ||
24 | } | ||
25 | |||
26 | videos.videosAdd = function (req, res, next) { | ||
27 | req.checkFiles('input_video.originalname', 'Should have an input video').notEmpty() | ||
28 | req.checkFiles('input_video.mimetype', 'Should have a correct mime type').matches(/video\/(webm)|(mp4)|(ogg)/i) | ||
29 | req.checkBody('name', 'Should have a name').isLength(1, 50) | ||
30 | req.checkBody('description', 'Should have a description').isLength(1, 250) | ||
31 | |||
32 | logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) | ||
33 | |||
34 | checkErrors(req, res, next) | ||
35 | } | ||
36 | |||
37 | videos.videosGet = function (req, res, next) { | ||
38 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() | ||
39 | |||
40 | logger.debug('Checking videosGet parameters', { parameters: req.params }) | ||
41 | |||
42 | checkErrors(req, res, function () { | ||
43 | findVideoById(req.params.id, function (video) { | ||
44 | if (!video) return res.status(404).send('Video not found') | ||
45 | |||
46 | next() | ||
47 | }) | ||
48 | }) | ||
49 | } | ||
50 | |||
51 | videos.videosRemove = function (req, res, next) { | ||
52 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() | ||
53 | |||
54 | logger.debug('Checking videosRemove parameters', { parameters: req.params }) | ||
55 | |||
56 | checkErrors(req, res, function () { | ||
57 | findVideoById(req.params.id, function (video) { | ||
58 | if (!video) return res.status(404).send('Video not found') | ||
59 | else if (video.namePath === null) return res.status(403).send('Cannot remove video of another pod') | ||
60 | |||
61 | next() | ||
62 | }) | ||
63 | }) | ||
64 | } | ||
65 | |||
66 | module.exports = videos | ||
67 | })() | ||