aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/controllers/api
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2017-01-04 20:59:23 +0100
committerChocobozzz <florian.bigard@gmail.com>2017-01-04 21:05:13 +0100
commit55fa55a9be566cca2ba95322f2ae23b434aed62a (patch)
treef51ef35c120ce8a928917a659418079538cdb8dc /server/controllers/api
parenta6fd2b30bf717eec14972a2175354781f5f43e77 (diff)
downloadPeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.tar.gz
PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.tar.zst
PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.zip
Server: add video abuse support
Diffstat (limited to 'server/controllers/api')
-rw-r--r--server/controllers/api/pods.js17
-rw-r--r--server/controllers/api/remote/videos.js68
-rw-r--r--server/controllers/api/users.js18
-rw-r--r--server/controllers/api/videos.js61
4 files changed, 105 insertions, 59 deletions
diff --git a/server/controllers/api/pods.js b/server/controllers/api/pods.js
index d9279f1d9..38702face 100644
--- a/server/controllers/api/pods.js
+++ b/server/controllers/api/pods.js
@@ -5,6 +5,7 @@ const waterfall = require('async/waterfall')
5 5
6const db = require('../../initializers/database') 6const db = require('../../initializers/database')
7const logger = require('../../helpers/logger') 7const logger = require('../../helpers/logger')
8const utils = require('../../helpers/utils')
8const friends = require('../../lib/friends') 9const friends = require('../../lib/friends')
9const middlewares = require('../../middlewares') 10const middlewares = require('../../middlewares')
10const admin = middlewares.admin 11const admin = middlewares.admin
@@ -36,7 +37,7 @@ router.get('/quitfriends',
36) 37)
37// Post because this is a secured request 38// Post because this is a secured request
38router.post('/remove', 39router.post('/remove',
39 signatureValidator, 40 signatureValidator.signature,
40 checkSignature, 41 checkSignature,
41 removePods 42 removePods
42) 43)
@@ -86,7 +87,7 @@ function listPods (req, res, next) {
86 db.Pod.list(function (err, podsList) { 87 db.Pod.list(function (err, podsList) {
87 if (err) return next(err) 88 if (err) return next(err)
88 89
89 res.json(getFormatedPods(podsList)) 90 res.json(utils.getFormatedObjects(podsList, podsList.length))
90 }) 91 })
91} 92}
92 93
@@ -130,15 +131,3 @@ function quitFriends (req, res, next) {
130 res.type('json').status(204).end() 131 res.type('json').status(204).end()
131 }) 132 })
132} 133}
133
134// ---------------------------------------------------------------------------
135
136function getFormatedPods (pods) {
137 const formatedPods = []
138
139 pods.forEach(function (pod) {
140 formatedPods.push(pod.toFormatedJSON())
141 })
142
143 return formatedPods
144}
diff --git a/server/controllers/api/remote/videos.js b/server/controllers/api/remote/videos.js
index 87c49bff9..d02da4463 100644
--- a/server/controllers/api/remote/videos.js
+++ b/server/controllers/api/remote/videos.js
@@ -7,15 +7,16 @@ const waterfall = require('async/waterfall')
7const db = require('../../../initializers/database') 7const db = require('../../../initializers/database')
8const middlewares = require('../../../middlewares') 8const middlewares = require('../../../middlewares')
9const secureMiddleware = middlewares.secure 9const secureMiddleware = middlewares.secure
10const validators = middlewares.validators.remote 10const videosValidators = middlewares.validators.remote.videos
11const signatureValidators = middlewares.validators.remote.signature
11const logger = require('../../../helpers/logger') 12const logger = require('../../../helpers/logger')
12 13
13const router = express.Router() 14const router = express.Router()
14 15
15router.post('/', 16router.post('/',
16 validators.signature, 17 signatureValidators.signature,
17 secureMiddleware.checkSignature, 18 secureMiddleware.checkSignature,
18 validators.remoteVideos, 19 videosValidators.remoteVideos,
19 remoteVideos 20 remoteVideos
20) 21)
21 22
@@ -32,19 +33,23 @@ function remoteVideos (req, res, next) {
32 // We need to process in the same order to keep consistency 33 // We need to process in the same order to keep consistency
33 // TODO: optimization 34 // TODO: optimization
34 eachSeries(requests, function (request, callbackEach) { 35 eachSeries(requests, function (request, callbackEach) {
35 const videoData = request.data 36 const data = request.data
36 37
37 switch (request.type) { 38 switch (request.type) {
38 case 'add': 39 case 'add':
39 addRemoteVideo(videoData, fromPod, callbackEach) 40 addRemoteVideo(data, fromPod, callbackEach)
40 break 41 break
41 42
42 case 'update': 43 case 'update':
43 updateRemoteVideo(videoData, fromPod, callbackEach) 44 updateRemoteVideo(data, fromPod, callbackEach)
44 break 45 break
45 46
46 case 'remove': 47 case 'remove':
47 removeRemoteVideo(videoData, fromPod, callbackEach) 48 removeRemoteVideo(data, fromPod, callbackEach)
49 break
50
51 case 'report-abuse':
52 reportAbuseRemoteVideo(data, fromPod, callbackEach)
48 break 53 break
49 54
50 default: 55 default:
@@ -164,13 +169,8 @@ function updateRemoteVideo (videoAttributesToUpdate, fromPod, finalCallback) {
164 }, 169 },
165 170
166 function findVideo (t, callback) { 171 function findVideo (t, callback) {
167 db.Video.loadByHostAndRemoteId(fromPod.host, videoAttributesToUpdate.remoteId, function (err, videoInstance) { 172 fetchVideo(fromPod.host, videoAttributesToUpdate.remoteId, function (err, videoInstance) {
168 if (err || !videoInstance) { 173 return callback(err, t, videoInstance)
169 logger.error('Cannot load video from host and remote id.', { error: err.message })
170 return callback(err)
171 }
172
173 return callback(null, t, videoInstance)
174 }) 174 })
175 }, 175 },
176 176
@@ -225,13 +225,45 @@ function updateRemoteVideo (videoAttributesToUpdate, fromPod, finalCallback) {
225 225
226function removeRemoteVideo (videoToRemoveData, fromPod, callback) { 226function removeRemoteVideo (videoToRemoveData, fromPod, callback) {
227 // We need the instance because we have to remove some other stuffs (thumbnail etc) 227 // We need the instance because we have to remove some other stuffs (thumbnail etc)
228 db.Video.loadByHostAndRemoteId(fromPod.host, videoToRemoveData.remoteId, function (err, video) { 228 fetchVideo(fromPod.host, videoToRemoveData.remoteId, function (err, video) {
229 if (err) return callback(err)
230
231 logger.debug('Removing remote video %s.', video.remoteId)
232 video.destroy().asCallback(callback)
233 })
234}
235
236function reportAbuseRemoteVideo (reportData, fromPod, callback) {
237 db.Video.load(reportData.videoRemoteId, function (err, video) {
229 if (err || !video) { 238 if (err || !video) {
230 logger.error('Cannot load video from host and remote id.', { error: err.message }) 239 if (!err) err = new Error('video not found')
240
241 logger.error('Cannot load video from host and remote id.', { error: err })
231 return callback(err) 242 return callback(err)
232 } 243 }
233 244
234 logger.debug('Removing remote video %s.', video.remoteId) 245 logger.debug('Reporting remote abuse for video %s.', video.id)
235 video.destroy().asCallback(callback) 246
247 const videoAbuseData = {
248 reporterUsername: reportData.reporterUsername,
249 reason: reportData.reportReason,
250 reporterPodId: fromPod.id,
251 videoId: video.id
252 }
253
254 db.VideoAbuse.create(videoAbuseData).asCallback(callback)
255 })
256}
257
258function fetchVideo (podHost, remoteId, callback) {
259 db.Video.loadByHostAndRemoteId(podHost, remoteId, function (err, video) {
260 if (err || !video) {
261 if (!err) err = new Error('video not found')
262
263 logger.error('Cannot load video from host and remote id.', { error: err })
264 return callback(err)
265 }
266
267 return callback(null, video)
236 }) 268 })
237} 269}
diff --git a/server/controllers/api/users.js b/server/controllers/api/users.js
index 53bf56790..6cd0e84f7 100644
--- a/server/controllers/api/users.js
+++ b/server/controllers/api/users.js
@@ -6,6 +6,7 @@ const waterfall = require('async/waterfall')
6const constants = require('../../initializers/constants') 6const constants = require('../../initializers/constants')
7const db = require('../../initializers/database') 7const db = require('../../initializers/database')
8const logger = require('../../helpers/logger') 8const logger = require('../../helpers/logger')
9const utils = require('../../helpers/utils')
9const middlewares = require('../../middlewares') 10const middlewares = require('../../middlewares')
10const admin = middlewares.admin 11const admin = middlewares.admin
11const oAuth = middlewares.oauth 12const oAuth = middlewares.oauth
@@ -82,7 +83,7 @@ function listUsers (req, res, next) {
82 db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) { 83 db.User.listForApi(req.query.start, req.query.count, req.query.sort, function (err, usersList, usersTotal) {
83 if (err) return next(err) 84 if (err) return next(err)
84 85
85 res.json(getFormatedUsers(usersList, usersTotal)) 86 res.json(utils.getFormatedObjects(usersList, usersTotal))
86 }) 87 })
87} 88}
88 89
@@ -121,18 +122,3 @@ function updateUser (req, res, next) {
121function success (req, res, next) { 122function success (req, res, next) {
122 res.end() 123 res.end()
123} 124}
124
125// ---------------------------------------------------------------------------
126
127function getFormatedUsers (users, usersTotal) {
128 const formatedUsers = []
129
130 users.forEach(function (user) {
131 formatedUsers.push(user.toFormatedJSON())
132 })
133
134 return {
135 total: usersTotal,
136 data: formatedUsers
137 }
138}
diff --git a/server/controllers/api/videos.js b/server/controllers/api/videos.js
index 35d6979e5..6829804ec 100644
--- a/server/controllers/api/videos.js
+++ b/server/controllers/api/videos.js
@@ -11,6 +11,7 @@ const db = require('../../initializers/database')
11const logger = require('../../helpers/logger') 11const logger = require('../../helpers/logger')
12const friends = require('../../lib/friends') 12const friends = require('../../lib/friends')
13const middlewares = require('../../middlewares') 13const middlewares = require('../../middlewares')
14const admin = middlewares.admin
14const oAuth = middlewares.oauth 15const oAuth = middlewares.oauth
15const pagination = middlewares.pagination 16const pagination = middlewares.pagination
16const validators = middlewares.validators 17const validators = middlewares.validators
@@ -43,6 +44,21 @@ const storage = multer.diskStorage({
43 44
44const reqFiles = multer({ storage: storage }).fields([{ name: 'videofile', maxCount: 1 }]) 45const reqFiles = multer({ storage: storage }).fields([{ name: 'videofile', maxCount: 1 }])
45 46
47router.get('/abuse',
48 oAuth.authenticate,
49 admin.ensureIsAdmin,
50 validatorsPagination.pagination,
51 validatorsSort.videoAbusesSort,
52 sort.setVideoAbusesSort,
53 pagination.setPagination,
54 listVideoAbuses
55)
56router.post('/:id/abuse',
57 oAuth.authenticate,
58 validatorsVideos.videoAbuseReport,
59 reportVideoAbuse
60)
61
46router.get('/', 62router.get('/',
47 validatorsPagination.pagination, 63 validatorsPagination.pagination,
48 validatorsSort.videosSort, 64 validatorsSort.videosSort,
@@ -283,7 +299,7 @@ function listVideos (req, res, next) {
283 db.Video.listForApi(req.query.start, req.query.count, req.query.sort, function (err, videosList, videosTotal) { 299 db.Video.listForApi(req.query.start, req.query.count, req.query.sort, function (err, videosList, videosTotal) {
284 if (err) return next(err) 300 if (err) return next(err)
285 301
286 res.json(getFormatedVideos(videosList, videosTotal)) 302 res.json(utils.getFormatedObjects(videosList, videosTotal))
287 }) 303 })
288} 304}
289 305
@@ -306,22 +322,45 @@ function searchVideos (req, res, next) {
306 function (err, videosList, videosTotal) { 322 function (err, videosList, videosTotal) {
307 if (err) return next(err) 323 if (err) return next(err)
308 324
309 res.json(getFormatedVideos(videosList, videosTotal)) 325 res.json(utils.getFormatedObjects(videosList, videosTotal))
310 } 326 }
311 ) 327 )
312} 328}
313 329
314// --------------------------------------------------------------------------- 330function listVideoAbuses (req, res, next) {
315 331 db.VideoAbuse.listForApi(req.query.start, req.query.count, req.query.sort, function (err, abusesList, abusesTotal) {
316function getFormatedVideos (videos, videosTotal) { 332 if (err) return next(err)
317 const formatedVideos = []
318 333
319 videos.forEach(function (video) { 334 res.json(utils.getFormatedObjects(abusesList, abusesTotal))
320 formatedVideos.push(video.toFormatedJSON())
321 }) 335 })
336}
322 337
323 return { 338function reportVideoAbuse (req, res, next) {
324 total: videosTotal, 339 const videoInstance = res.locals.video
325 data: formatedVideos 340 const reporterUsername = res.locals.oauth.token.User.username
341
342 const abuse = {
343 reporterUsername,
344 reason: req.body.reason,
345 videoId: videoInstance.id,
346 reporterPodId: null // This is our pod that reported this abuse
326 } 347 }
348
349 db.VideoAbuse.create(abuse).asCallback(function (err) {
350 if (err) return next(err)
351
352 // We send the information to the destination pod
353 if (videoInstance.isOwned() === false) {
354 const reportData = {
355 reporterUsername,
356 reportReason: abuse.reason,
357 videoRemoteId: videoInstance.remoteId
358 }
359
360 friends.reportAbuseVideoToFriend(reportData, videoInstance)
361 }
362
363 return res.type('json').status(204).end()
364 })
327} 365}
366