aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/controllers/api
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2018-08-08 14:58:21 +0200
committerChocobozzz <me@florianbigard.com>2018-08-08 15:22:58 +0200
commite69219184b1a3262ec5e617d30337b6431c9840c (patch)
tree959b32e1ed28047052604941870563e946be9de1 /server/controllers/api
parent6b09aba90dfe4c61331b66b1a6ef1f58ddc61485 (diff)
downloadPeerTube-e69219184b1a3262ec5e617d30337b6431c9840c.tar.gz
PeerTube-e69219184b1a3262ec5e617d30337b6431c9840c.tar.zst
PeerTube-e69219184b1a3262ec5e617d30337b6431c9840c.zip
Implement user blocking on server side
Diffstat (limited to 'server/controllers/api')
-rw-r--r--server/controllers/api/users.ts48
1 files changed, 48 insertions, 0 deletions
diff --git a/server/controllers/api/users.ts b/server/controllers/api/users.ts
index 3d2586c3a..8f429d0b5 100644
--- a/server/controllers/api/users.ts
+++ b/server/controllers/api/users.ts
@@ -32,6 +32,7 @@ import {
32import { 32import {
33 deleteMeValidator, 33 deleteMeValidator,
34 usersAskResetPasswordValidator, 34 usersAskResetPasswordValidator,
35 usersBlockingValidator,
35 usersResetPasswordValidator, 36 usersResetPasswordValidator,
36 videoImportsSortValidator, 37 videoImportsSortValidator,
37 videosSortValidator 38 videosSortValidator
@@ -108,6 +109,19 @@ usersRouter.get('/',
108 asyncMiddleware(listUsers) 109 asyncMiddleware(listUsers)
109) 110)
110 111
112usersRouter.post('/:id/block',
113 authenticate,
114 ensureUserHasRight(UserRight.MANAGE_USERS),
115 asyncMiddleware(usersBlockingValidator),
116 asyncMiddleware(blockUser)
117)
118usersRouter.post('/:id/unblock',
119 authenticate,
120 ensureUserHasRight(UserRight.MANAGE_USERS),
121 asyncMiddleware(usersBlockingValidator),
122 asyncMiddleware(unblockUser)
123)
124
111usersRouter.get('/:id', 125usersRouter.get('/:id',
112 authenticate, 126 authenticate,
113 ensureUserHasRight(UserRight.MANAGE_USERS), 127 ensureUserHasRight(UserRight.MANAGE_USERS),
@@ -278,6 +292,22 @@ async function getUserVideoQuotaUsed (req: express.Request, res: express.Respons
278 return res.json(data) 292 return res.json(data)
279} 293}
280 294
295async function unblockUser (req: express.Request, res: express.Response, next: express.NextFunction) {
296 const user: UserModel = res.locals.user
297
298 await changeUserBlock(res, user, false)
299
300 return res.status(204).end()
301}
302
303async function blockUser (req: express.Request, res: express.Response, next: express.NextFunction) {
304 const user: UserModel = res.locals.user
305
306 await changeUserBlock(res, user, true)
307
308 return res.status(204).end()
309}
310
281function getUser (req: express.Request, res: express.Response, next: express.NextFunction) { 311function getUser (req: express.Request, res: express.Response, next: express.NextFunction) {
282 return res.json((res.locals.user as UserModel).toFormattedJSON()) 312 return res.json((res.locals.user as UserModel).toFormattedJSON())
283} 313}
@@ -423,3 +453,21 @@ async function resetUserPassword (req: express.Request, res: express.Response, n
423function success (req: express.Request, res: express.Response, next: express.NextFunction) { 453function success (req: express.Request, res: express.Response, next: express.NextFunction) {
424 res.end() 454 res.end()
425} 455}
456
457async function changeUserBlock (res: express.Response, user: UserModel, block: boolean) {
458 const oldUserAuditView = new UserAuditView(user.toFormattedJSON())
459
460 user.blocked = block
461
462 await sequelizeTypescript.transaction(async t => {
463 await OAuthTokenModel.deleteUserToken(user.id, t)
464
465 await user.save({ transaction: t })
466 })
467
468 auditLogger.update(
469 res.locals.oauth.token.User.Account.Actor.getIdentifier(),
470 new UserAuditView(user.toFormattedJSON()),
471 oldUserAuditView
472 )
473}