Add server API to abuse messages

author: Chocobozzz <me@florianbigard.com> 2020-07-24 15:05:51 +0200
committer: Chocobozzz <chocobozzz@cpy.re> 2020-07-31 11:35:19 +0200
commit: edbc9325462ddf4536775871ebc25e06f46612d1 (patch)
tree: 9671dd51303e75d48d4f4f9a1df7a1960e33780d /server/controllers
parent: 20516920d2b72c8a18bc24b9740f7176aa962da2 (diff)
download: PeerTube-edbc9325462ddf4536775871ebc25e06f46612d1.tar.gz
PeerTube-edbc9325462ddf4536775871ebc25e06f46612d1.tar.zst
PeerTube-edbc9325462ddf4536775871ebc25e06f46612d1.zip
4 files changed, 141 insertions, 22 deletions
diff --git a/server/controllers/api/abuse.ts b/server/controllers/api/abuse.ts
index 04a0c06e3..50d068157 100644
--- a/server/controllers/api/abuse.ts
+++ b/server/controllers/api/abuse.ts
@@ -1,20 +1,24 @@
 import * as express from 'express'
 import { createAccountAbuse, createVideoAbuse, createVideoCommentAbuse } from '@server/lib/moderation'
 import { AbuseModel } from '@server/models/abuse/abuse'
+import { AbuseMessageModel } from '@server/models/abuse/abuse-message'
 import { getServerActor } from '@server/models/application/application'
 import { AbuseCreate, abusePredefinedReasonsMap, AbuseState, UserRight } from '../../../shared'
 import { getFormattedObjects } from '../../helpers/utils'
 import { sequelizeTypescript } from '../../initializers/database'
 import {
  abuseGetValidator,
-  abuseListValidator,
+  abuseListForAdminsValidator,
  abuseReportValidator,
  abusesSortValidator,
  abuseUpdateValidator,
+  addAbuseMessageValidator,
  asyncMiddleware,
  asyncRetryTransactionMiddleware,
  authenticate,
+  deleteAbuseMessageValidator,
  ensureUserHasRight,
+  getAbuseValidator,
  paginationValidator,
  setDefaultPagination,
  setDefaultSort
@@ -30,8 +34,8 @@ abuseRouter.get('/',
  abusesSortValidator,
  setDefaultSort,
  setDefaultPagination,
-  abuseListValidator,
+  abuseListForAdminsValidator,
-  asyncMiddleware(listAbuses)
+  asyncMiddleware(listAbusesForAdmins)
 )
 abuseRouter.put('/:id',
  authenticate,
@@ -51,13 +55,33 @@ abuseRouter.delete('/:id',
  asyncRetryTransactionMiddleware(deleteAbuse)
 )
+abuseRouter.get('/:id/messages',
+  authenticate,
+  asyncMiddleware(getAbuseValidator),
+  asyncRetryTransactionMiddleware(listAbuseMessages)
+)
+abuseRouter.post('/:id/messages',
+  authenticate,
+  asyncMiddleware(getAbuseValidator),
+  addAbuseMessageValidator,
+  asyncRetryTransactionMiddleware(addAbuseMessage)
+)
+abuseRouter.delete('/:id/messages/:messageId',
+  authenticate,
+  asyncMiddleware(getAbuseValidator),
+  asyncMiddleware(deleteAbuseMessageValidator),
+  asyncRetryTransactionMiddleware(deleteAbuseMessage)
+)
 // ---------------------------------------------------------------------------
 export {
  abuseRouter,
  // FIXME: deprecated in 2.3. Remove these exports
-  listAbuses,
+  listAbusesForAdmins,
  updateAbuse,
  deleteAbuse,
  reportAbuse
@@ -65,11 +89,11 @@ export {
 // ---------------------------------------------------------------------------
-async function listAbuses (req: express.Request, res: express.Response) {
+async function listAbusesForAdmins (req: express.Request, res: express.Response) {
  const user = res.locals.oauth.token.user
  const serverActor = await getServerActor()
-  const resultList = await AbuseModel.listForApi({
+  const resultList = await AbuseModel.listForAdminApi({
    start: req.query.start,
    count: req.query.count,
    sort: req.query.sort,
@@ -87,7 +111,10 @@ async function listAbuses (req: express.Request, res: express.Response) {
    user
  })
-  return res.json(getFormattedObjects(resultList.data, resultList.total))
+  return res.json({
+    total: resultList.total,
+    data: resultList.data.map(d => d.toFormattedAdminJSON())
+  })
 }
 async function updateAbuse (req: express.Request, res: express.Response) {
@@ -100,6 +127,8 @@ async function updateAbuse (req: express.Request, res: express.Response) {
    return abuse.save({ transaction: t })
  })
+  // TODO: Notification
  // Do not send the delete to other instances, we updated OUR copy of this abuse
  return res.type('json').status(204).end()
@@ -166,3 +195,41 @@ async function reportAbuse (req: express.Request, res: express.Response) {
  return res.json({ abuse: { id } })
 }
+async function listAbuseMessages (req: express.Request, res: express.Response) {
+  const abuse = res.locals.abuse
+  const resultList = await AbuseMessageModel.listForApi(abuse.id)
+  return res.json(getFormattedObjects(resultList.data, resultList.total))
+}
+async function addAbuseMessage (req: express.Request, res: express.Response) {
+  const abuse = res.locals.abuse
+  const user = res.locals.oauth.token.user
+  const abuseMessage = await AbuseMessageModel.create({
+    message: req.body.message,
+    byModerator: abuse.reporterAccountId !== user.Account.id,
+    accountId: user.Account.id,
+    abuseId: abuse.id
+  })
+  // TODO: Notification
+  return res.json({
+    abuseMessage: {
+      id: abuseMessage.id
+    }
+  })
+}
+async function deleteAbuseMessage (req: express.Request, res: express.Response) {
+  const abuseMessage = res.locals.abuseMessage
+  await sequelizeTypescript.transaction(t => {
+    return abuseMessage.destroy({ transaction: t })
+  })
+  return res.sendStatus(204)
+}
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts
index 5939f6125..d339c2a1c 100644
--- a/server/controllers/api/users/index.ts
+++ b/server/controllers/api/users/index.ts
@@ -1,10 +1,20 @@
 import * as express from 'express'
 import * as RateLimit from 'express-rate-limit'
+import { tokensRouter } from '@server/controllers/api/users/token'
+import { Hooks } from '@server/lib/plugins/hooks'
+import { MUser, MUserAccountDefault } from '@server/types/models'
 import { UserCreate, UserRight, UserRole, UserUpdate } from '../../../../shared'
+import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
+import { UserRegister } from '../../../../shared/models/users/user-register.model'
+import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger'
 import { logger } from '../../../helpers/logger'
 import { generateRandomString, getFormattedObjects } from '../../../helpers/utils'
+import { CONFIG } from '../../../initializers/config'
 import { WEBSERVER } from '../../../initializers/constants'
+import { sequelizeTypescript } from '../../../initializers/database'
 import { Emailer } from '../../../lib/emailer'
+import { Notifier } from '../../../lib/notifier'
+import { deleteUserToken } from '../../../lib/oauth-model'
 import { Redis } from '../../../lib/redis'
 import { createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user'
 import {
@@ -18,9 +28,9 @@ import {
  setDefaultPagination,
  setDefaultSort,
  userAutocompleteValidator,
-  usersListValidator,
  usersAddValidator,
  usersGetValidator,
+  usersListValidator,
  usersRegisterValidator,
  usersRemoveValidator,
  usersSortValidator,
@@ -35,22 +45,13 @@ import {
  usersVerifyEmailValidator
 } from '../../../middlewares/validators'
 import { UserModel } from '../../../models/account/user'
-import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger'
 import { meRouter } from './me'
-import { deleteUserToken } from '../../../lib/oauth-model'
+import { myAbusesRouter } from './my-abuses'
 import { myBlocklistRouter } from './my-blocklist'
-import { myVideoPlaylistsRouter } from './my-video-playlists'
 import { myVideosHistoryRouter } from './my-history'
 import { myNotificationsRouter } from './my-notifications'
-import { Notifier } from '../../../lib/notifier'
 import { mySubscriptionsRouter } from './my-subscriptions'
-import { CONFIG } from '../../../initializers/config'
+import { myVideoPlaylistsRouter } from './my-video-playlists'
-import { sequelizeTypescript } from '../../../initializers/database'
-import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
-import { UserRegister } from '../../../../shared/models/users/user-register.model'
-import { MUser, MUserAccountDefault } from '@server/types/models'
-import { Hooks } from '@server/lib/plugins/hooks'
-import { tokensRouter } from '@server/controllers/api/users/token'
 const auditLogger = auditLoggerFactory('users')
@@ -72,6 +73,7 @@ usersRouter.use('/', mySubscriptionsRouter)
 usersRouter.use('/', myBlocklistRouter)
 usersRouter.use('/', myVideosHistoryRouter)
 usersRouter.use('/', myVideoPlaylistsRouter)
+usersRouter.use('/', myAbusesRouter)
 usersRouter.use('/', meRouter)
 usersRouter.get('/autocomplete',
diff --git a/server/controllers/api/users/my-abuses.ts b/server/controllers/api/users/my-abuses.ts
new file mode 100644
index 000000000..e43fc483e
--- /dev/null
+++ b/server/controllers/api/users/my-abuses.ts
@@ -0,0 +1,48 @@
+import * as express from 'express'
+import { AbuseModel } from '@server/models/abuse/abuse'
+import {
+  abuseListForUserValidator,
+  abusesSortValidator,
+  asyncMiddleware,
+  authenticate,
+  paginationValidator,
+  setDefaultPagination,
+  setDefaultSort
+} from '../../../middlewares'
+const myAbusesRouter = express.Router()
+myAbusesRouter.get('/me/abuses',
+  authenticate,
+  paginationValidator,
+  abusesSortValidator,
+  setDefaultSort,
+  setDefaultPagination,
+  abuseListForUserValidator,
+  asyncMiddleware(listMyAbuses)
+)
+// ---------------------------------------------------------------------------
+export {
+  myAbusesRouter
+}
+// ---------------------------------------------------------------------------
+async function listMyAbuses (req: express.Request, res: express.Response) {
+  const resultList = await AbuseModel.listForUserApi({
+    start: req.query.start,
+    count: req.query.count,
+    sort: req.query.sort,
+    id: req.query.id,
+    search: req.query.search,
+    state: req.query.state,
+    user: res.locals.oauth.token.User
+  })
+  return res.json({
+    total: resultList.total,
+    data: resultList.data.map(d => d.toFormattedAdminJSON())
+  })
+}
diff --git a/server/controllers/api/videos/abuse.ts b/server/controllers/api/videos/abuse.ts
index b92a66360..9c4d00849 100644
--- a/server/controllers/api/videos/abuse.ts
+++ b/server/controllers/api/videos/abuse.ts
@@ -2,7 +2,6 @@ import * as express from 'express'
 import { AbuseModel } from '@server/models/abuse/abuse'
 import { getServerActor } from '@server/models/application/application'
 import { AbuseCreate, UserRight, VideoAbuseCreate } from '../../../../shared'
-import { getFormattedObjects } from '../../../helpers/utils'
 import {
  abusesSortValidator,
  asyncMiddleware,
@@ -63,7 +62,7 @@ async function listVideoAbuses (req: express.Request, res: express.Response) {
  const user = res.locals.oauth.token.user
  const serverActor = await getServerActor()
-  const resultList = await AbuseModel.listForApi({
+  const resultList = await AbuseModel.listForAdminApi({
    start: req.query.start,
    count: req.query.count,
    sort: req.query.sort,
@@ -81,7 +80,10 @@ async function listVideoAbuses (req: express.Request, res: express.Response) {
    user
  })
-  return res.json(getFormattedObjects(resultList.data, resultList.total))
+  return res.json({
+    total: resultList.total,
+    data: resultList.data.map(d => d.toFormattedAdminJSON())
+  })
 }
 async function updateVideoAbuse (req: express.Request, res: express.Response) {
author	Chocobozzz <me@florianbigard.com>	2020-07-24 15:05:51 +0200
committer	Chocobozzz <chocobozzz@cpy.re>	2020-07-31 11:35:19 +0200
commit	edbc9325462ddf4536775871ebc25e06f46612d1 (patch)
tree	9671dd51303e75d48d4f4f9a1df7a1960e33780d /server/controllers
parent	20516920d2b72c8a18bc24b9740f7176aa962da2 (diff)
download	PeerTube-edbc9325462ddf4536775871ebc25e06f46612d1.tar.gz PeerTube-edbc9325462ddf4536775871ebc25e06f46612d1.tar.zst PeerTube-edbc9325462ddf4536775871ebc25e06f46612d1.zip