diff options
author | Chocobozzz <florian.bigard@gmail.com> | 2017-01-04 20:59:23 +0100 |
---|---|---|
committer | Chocobozzz <florian.bigard@gmail.com> | 2017-01-04 21:05:13 +0100 |
commit | 55fa55a9be566cca2ba95322f2ae23b434aed62a (patch) | |
tree | f51ef35c120ce8a928917a659418079538cdb8dc /server/controllers/api | |
parent | a6fd2b30bf717eec14972a2175354781f5f43e77 (diff) | |
download | PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.tar.gz PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.tar.zst PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.zip |
Server: add video abuse support
Diffstat (limited to 'server/controllers/api')
-rw-r--r-- | server/controllers/api/pods.js | 17 | ||||
-rw-r--r-- | server/controllers/api/remote/videos.js | 68 | ||||
-rw-r--r-- | server/controllers/api/users.js | 18 | ||||
-rw-r--r-- | server/controllers/api/videos.js | 61 |
4 files changed, 105 insertions, 59 deletions
diff --git a/server/controllers/api/pods.js b/server/controllers/api/pods.js index d9279f1d9..38702face 100644 --- a/server/controllers/api/pods.js +++ b/server/controllers/api/pods.js | |||
@@ -5,6 +5,7 @@ const waterfall = require('async/waterfall') | |||
5 | 5 | ||
6 | const db = require('../../initializers/database') | 6 | const db = require('../../initializers/database') |
7 | const logger = require('../../helpers/logger') | 7 | const logger = require('../../helpers/logger') |
8 | const utils = require('../../helpers/utils') | ||
8 | const friends = require('../../lib/friends') | 9 | const friends = require('../../lib/friends') |
9 | const middlewares = require('../../middlewares') | 10 | const middlewares = require('../../middlewares') |
10 | const admin = middlewares.admin | 11 | const admin = middlewares.admin |
@@ -36,7 +37,7 @@ router.get('/quitfriends', | |||
36 | ) | 37 | ) |
37 | // Post because this is a secured request | 38 | // Post because this is a secured request |
38 | router.post('/remove', | 39 | router.post('/remove', |
39 | signatureValidator, | 40 | signatureValidator.signature, |
40 | checkSignature, | 41 | checkSignature, |
41 | removePods | 42 | removePods |
42 | ) | 43 | ) |
@@ -86,7 +87,7 @@ function listPods (req, res, next) { | |||
86 | db.Pod.list(function (err, podsList) { | 87 | db.Pod.list(function (err, podsList) { |
87 | if (err) return next(err) | 88 | if (err) return next(err) |
88 | 89 | ||
89 | res.json(getFormatedPods(podsList)) | 90 | res.json(utils.getFormatedObjects(podsList, podsList.length)) |
90 | }) | 91 | }) |
91 | } | 92 | } |
92 | 93 | ||
@@ -130,15 +131,3 @@ function quitFriends (req, res, next) { | |||
130 | res.type('json').status(204).end() | 131 | res.type('json').status(204).end() |
131 | }) | 132 | }) |
132 | } | 133 | } |
133 | |||
134 | // --------------------------------------------------------------------------- | ||
135 | |||
136 | function getFormatedPods (pods) { | ||
137 | const formatedPods = [] | ||
138 | |||
139 | pods.forEach(function (pod) { | ||
140 | formatedPods.push(pod.toFormatedJSON()) | ||
141 | }) | ||
142 | |||
143 | return formatedPods | ||
144 | } | ||
diff --git a/server/controllers/api/remote/videos.js b/server/controllers/api/remote/videos.js index 87c49bff9..d02da4463 100644 --- a/server/controllers/api/remote/videos.js +++ b/server/controllers/api/remote/videos.js | |||
@@ -7,15 +7,16 @@ const waterfall = require('async/waterfall') | |||
7 | const db = require('../../../initializers/database') | 7 | const db = require('../../../initializers/database') |
8 | const middlewares = require('../../../middlewares') | 8 | const middlewares = require('../../../middlewares') |
9 | const secureMiddleware = middlewares.secure | 9 | const secureMiddleware = middlewares.secure |
10 | const validators = middlewares.validators.remote | 10 | const videosValidators = middlewares.validators.remote.videos |
11 | const signatureValidators = middlewares.validators.remote.signature | ||
11 | const logger = require('../../../helpers/logger') | 12 | const logger = require('../../../helpers/logger') |
12 | 13 | ||
13 | const router = express.Router() | 14 | const router = express.Router() |
14 | 15 | ||
15 | router.post('/', | 16 | router.post('/', |
16 | validators.signature, | 17 | signatureValidators.signature, |
17 | secureMiddleware.checkSignature, | 18 | secureMiddleware.checkSignature, |
18 | validators.remoteVideos, | 19 | videosValidators.remoteVideos, |
19 | remoteVideos | 20 | remoteVideos |
20 | ) | 21 | ) |
21 | 22 | ||
@@ -32,19 +33,23 @@ function remoteVideos (req, res, next) { | |||
32 | // We need to process in the same order to keep consistency | 33 | // We need to process in the same order to keep consistency |
33 | // TODO: optimization | 34 | // TODO: optimization |
34 | eachSeries(requests, function (request, callbackEach) { | 35 | eachSeries(requests, function (request, callbackEach) { |
35 | const videoData = request.data | 36 | const data = request.data |
36 | 37 | ||
37 | switch (request.type) { | 38 | switch (request.type) { |
38 | case 'add': | 39 | case 'add': |
39 | addRemoteVideo(videoData, fromPod, callbackEach) | 40 | addRemoteVideo(data, fromPod, callbackEach) |
40 | break | 41 | break |
41 | 42 | ||
42 | case 'update': | 43 | case 'update': |
43 | updateRemoteVideo(videoData, fromPod, callbackEach) | 44 | updateRemoteVideo(data, fromPod, callbackEach) |
44 | break | 45 | break |
45 | 46 | ||
46 | case 'remove': | 47 | case 'remove': |
47 | removeRemoteVideo(videoData, fromPod, callbackEach) | 48 | removeRemoteVideo(data, fromPod, callbackEach) |
49 | break | ||
50 | |||
51 | case 'report-abuse': | ||
52 | reportAbuseRemoteVideo(data, fromPod, callbackEach) | ||
48 | break | 53 | break |
49 | 54 | ||
50 | default: | 55 | default: |
@@ -164,13 +169,8 @@ function updateRemoteVideo (videoAttributesToUpdate, fromPod, finalCallback) { | |||
164 | }, | 169 | }, |
165 | 170 | ||
166 | function findVideo (t, callback) { | 171 | function findVideo (t, callback) { |
167 | db.Video.loadByHostAndRemoteId(fromPod.host, videoAttributesToUpdate.remoteId, function (err, videoInstance) { | 172 | fetchVideo(fromPod.host, videoAttributesToUpdate.remoteId, function (err, videoInstance) { |
168 | if (err || !videoInstance) { | 173 | return callback(err, t, videoInstance) |
169 | logger.error('Cannot load video from host and remote id.', { error: err.message }) | ||
170 | return callback(err) | ||
171 | } | ||
172 | |||
173 | return callback(null, t, videoInstance) | ||
174 | }) | 174 | }) |
175 | }, | 175 | }, |
176 | 176 | ||
@@ -225,13 +225,45 @@ function updateRemoteVideo (videoAttributesToUpdate, fromPod, finalCallback) { | |||
225 | 225 | ||
226 | function removeRemoteVideo (videoToRemoveData, fromPod, callback) { | 226 | function removeRemoteVideo (videoToRemoveData, fromPod, callback) { |
227 | // We need the instance because we have to remove some other stuffs (thumbnail etc) | 227 | // We need the instance because we have to remove some other stuffs (thumbnail etc) |
228 | db.Video.loadByHostAndRemoteId(fromPod.host, videoToRemoveData.remoteId, function (err, video) { | 228 | fetchVideo(fromPod.host, videoToRemoveData.remoteId, function (err, video) { |
229 | if (err) return callback(err) | ||
230 | |||
231 | logger.debug('Removing remote video %s.', video.remoteId) | ||
232 | video.destroy().asCallback(callback) | ||
233 | }) | ||
234 | } | ||
235 | |||
236 | function reportAbuseRemoteVideo (reportData, fromPod, callback) { | ||
237 | db.Video.load(reportData.videoRemoteId, function (err, video) { | ||
229 | if (err || !video) { | 238 | if (err || !video) { |
230 | logger.error('Cannot load video from host and remote id.', { error: err.message }) | 239 | if (!err) err = new Error('video not found') |
240 | |||
241 | logger.error('Cannot load video from host and remote id.', { error: err }) | ||
231 | return callback(err) | 242 | return callback(err) |
232 | } | 243 | } |
233 | 244 | ||
234 | logger.debug('Removing remote video %s.', video.remoteId) | 245 | logger.debug('Reporting remote abuse for video %s.', video.id) |
235 | video.destroy().asCallback(callback) | 246 | |
247 | const videoAbuseData = { | ||
248 | reporterUsername: reportData.reporterUsername, | ||
249 | reason: reportData.reportReason, | ||
250 | reporterPodId: fromPod.id, | ||
251 | videoId: video.id | ||
252 | } | ||
253 | |||
254 | db.VideoAbuse.create(videoAbuseData).asCallback(callback) | ||
255 | }) | ||
256 | } | ||
257 | |||
258 | function fetchVideo (podHost, remoteId, callback) { | ||
259 | db.Video.loadByHostAndRemoteId(podHost, remoteId, function (err, video) { | ||
260 | if (err || !video) { | ||
261 | if (!err) err = new Error('video not found') | ||
262 | |||
263 | logger.error('Cannot load video from host and remote id.', { error: err }) | ||
264 | return callback(err) | ||
265 | } | ||
266 | |||
267 | return callback(null, video) | ||
236 | }) | 268 | }) |
237 | } | 269 | } |
diff --git a/server/controllers/api/users.js b/server/controllers/api/users.js index 53bf56790..6cd0e84f7 100644 --- a/server/controllers/api/users.js +++ b/server/controllers/api/users.js | |||
@@ -6,6 +6,7 @@ const waterfall = require('async/waterfall') | |||
6 | const constants = require('../../initializers/constants') | 6 | const constants = require('../../initializers/constants') |
7 | const db = require('../../initializers/database') | 7 | const db = require('../../initializers/database') |
8 | const logger = require('../../helpers/logger') | 8 | const logger = require('../../helpers/logger') |
9 | const utils = require('../../helpers/utils') | ||
9 | const middlewares = require('../../middlewares') | 10 | const middlewares = require('../../middlewares') |
10 | const admin = middlewares.admin | 11 | const admin = middlewares.admin |
11 | const oAuth = middlewares.oauth | 12 | const oAuth = middlewares.oauth |
@@ -82,7 +83,7 @@ function listUsers (req, res, next) { | |||
82 | db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) { | 83 | db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) { |
83 | if (err) return next(err) | 84 | if (err) return next(err) |
84 | 85 | ||
85 | res.json(getFormatedUsers(usersList, usersTotal)) | 86 | res.json(utils.getFormatedObjects(usersList, usersTotal)) |
86 | }) | 87 | }) |
87 | } | 88 | } |
88 | 89 | ||
@@ -121,18 +122,3 @@ function updateUser (req, res, next) { | |||
121 | function success (req, res, next) { | 122 | function success (req, res, next) { |
122 | res.end() | 123 | res.end() |
123 | } | 124 | } |
124 | |||
125 | // --------------------------------------------------------------------------- | ||
126 | |||
127 | function getFormatedUsers (users, usersTotal) { | ||
128 | const formatedUsers = [] | ||
129 | |||
130 | users.forEach(function (user) { | ||
131 | formatedUsers.push(user.toFormatedJSON()) | ||
132 | }) | ||
133 | |||
134 | return { | ||
135 | total: usersTotal, | ||
136 | data: formatedUsers | ||
137 | } | ||
138 | } | ||
diff --git a/server/controllers/api/videos.js b/server/controllers/api/videos.js index 35d6979e5..6829804ec 100644 --- a/server/controllers/api/videos.js +++ b/server/controllers/api/videos.js | |||
@@ -11,6 +11,7 @@ const db = require('../../initializers/database') | |||
11 | const logger = require('../../helpers/logger') | 11 | const logger = require('../../helpers/logger') |
12 | const friends = require('../../lib/friends') | 12 | const friends = require('../../lib/friends') |
13 | const middlewares = require('../../middlewares') | 13 | const middlewares = require('../../middlewares') |
14 | const admin = middlewares.admin | ||
14 | const oAuth = middlewares.oauth | 15 | const oAuth = middlewares.oauth |
15 | const pagination = middlewares.pagination | 16 | const pagination = middlewares.pagination |
16 | const validators = middlewares.validators | 17 | const validators = middlewares.validators |
@@ -43,6 +44,21 @@ const storage = multer.diskStorage({ | |||
43 | 44 | ||
44 | const reqFiles = multer({ storage: storage }).fields([{ name: 'videofile', maxCount: 1 }]) | 45 | const reqFiles = multer({ storage: storage }).fields([{ name: 'videofile', maxCount: 1 }]) |
45 | 46 | ||
47 | router.get('/abuse', | ||
48 | oAuth.authenticate, | ||
49 | admin.ensureIsAdmin, | ||
50 | validatorsPagination.pagination, | ||
51 | validatorsSort.videoAbusesSort, | ||
52 | sort.setVideoAbusesSort, | ||
53 | pagination.setPagination, | ||
54 | listVideoAbuses | ||
55 | ) | ||
56 | router.post('/:id/abuse', | ||
57 | oAuth.authenticate, | ||
58 | validatorsVideos.videoAbuseReport, | ||
59 | reportVideoAbuse | ||
60 | ) | ||
61 | |||
46 | router.get('/', | 62 | router.get('/', |
47 | validatorsPagination.pagination, | 63 | validatorsPagination.pagination, |
48 | validatorsSort.videosSort, | 64 | validatorsSort.videosSort, |
@@ -283,7 +299,7 @@ function listVideos (req, res, next) { | |||
283 | db.Video.listForApi(req.query.start, req.query.count, req.query.sort, function (err, videosList, videosTotal) { | 299 | db.Video.listForApi(req.query.start, req.query.count, req.query.sort, function (err, videosList, videosTotal) { |
284 | if (err) return next(err) | 300 | if (err) return next(err) |
285 | 301 | ||
286 | res.json(getFormatedVideos(videosList, videosTotal)) | 302 | res.json(utils.getFormatedObjects(videosList, videosTotal)) |
287 | }) | 303 | }) |
288 | } | 304 | } |
289 | 305 | ||
@@ -306,22 +322,45 @@ function searchVideos (req, res, next) { | |||
306 | function (err, videosList, videosTotal) { | 322 | function (err, videosList, videosTotal) { |
307 | if (err) return next(err) | 323 | if (err) return next(err) |
308 | 324 | ||
309 | res.json(getFormatedVideos(videosList, videosTotal)) | 325 | res.json(utils.getFormatedObjects(videosList, videosTotal)) |
310 | } | 326 | } |
311 | ) | 327 | ) |
312 | } | 328 | } |
313 | 329 | ||
314 | // --------------------------------------------------------------------------- | 330 | function listVideoAbuses (req, res, next) { |
315 | 331 | db.VideoAbuse.listForApi(req.query.start, req.query.count, req.query.sort, function (err, abusesList, abusesTotal) { | |
316 | function getFormatedVideos (videos, videosTotal) { | 332 | if (err) return next(err) |
317 | const formatedVideos = [] | ||
318 | 333 | ||
319 | videos.forEach(function (video) { | 334 | res.json(utils.getFormatedObjects(abusesList, abusesTotal)) |
320 | formatedVideos.push(video.toFormatedJSON()) | ||
321 | }) | 335 | }) |
336 | } | ||
322 | 337 | ||
323 | return { | 338 | function reportVideoAbuse (req, res, next) { |
324 | total: videosTotal, | 339 | const videoInstance = res.locals.video |
325 | data: formatedVideos | 340 | const reporterUsername = res.locals.oauth.token.User.username |
341 | |||
342 | const abuse = { | ||
343 | reporterUsername, | ||
344 | reason: req.body.reason, | ||
345 | videoId: videoInstance.id, | ||
346 | reporterPodId: null // This is our pod that reported this abuse | ||
326 | } | 347 | } |
348 | |||
349 | db.VideoAbuse.create(abuse).asCallback(function (err) { | ||
350 | if (err) return next(err) | ||
351 | |||
352 | // We send the information to the destination pod | ||
353 | if (videoInstance.isOwned() === false) { | ||
354 | const reportData = { | ||
355 | reporterUsername, | ||
356 | reportReason: abuse.reason, | ||
357 | videoRemoteId: videoInstance.remoteId | ||
358 | } | ||
359 | |||
360 | friends.reportAbuseVideoToFriend(reportData, videoInstance) | ||
361 | } | ||
362 | |||
363 | return res.type('json').status(204).end() | ||
364 | }) | ||
327 | } | 365 | } |
366 | |||