Feature/password protected videos (#5836)

* Add server endpoints * Refactoring test suites * Update server and add openapi documentation * fix compliation and tests * upload/import password protected video on client * add server error code * Add video password to update resolver * add custom message when sharing pw protected video * improve confirm component * Add new alert in component * Add ability to watch protected video on client * Cannot have password protected replay privacy * Add migration * Add tests * update after review * Update check params tests * Add live videos test * Add more filter test * Update static file privacy test * Update object storage tests * Add test on feeds * Add missing word * Fix tests * Fix tests on live videos * add embed support on password protected videos * fix style * Correcting data leaks * Unable to add password protected privacy on replay * Updated code based on review comments * fix validator and command * Updated code based on review comments
author: Wicklow <123956049+wickloww@users.noreply.github.com> 2023-06-29 07:48:55 +0000
committer: GitHub <noreply@github.com> 2023-06-29 09:48:55 +0200
commit: 40346ead2b0b7afa475aef057d3673b6c7574b7a (patch)
tree: 24ffdc23c3a9d987334842e0d400b5bd44500cf7 /server/helpers
parent: ae22c59f14d0d553f60b281948b6c232c2aca178 (diff)
download: PeerTube-40346ead2b0b7afa475aef057d3673b6c7574b7a.tar.gz
PeerTube-40346ead2b0b7afa475aef057d3673b6c7574b7a.tar.zst
PeerTube-40346ead2b0b7afa475aef057d3673b6c7574b7a.zip
1 files changed, 54 insertions, 3 deletions
diff --git a/server/helpers/custom-validators/videos.ts b/server/helpers/custom-validators/videos.ts
index 5f75ec27c..91109217c 100644
--- a/server/helpers/custom-validators/videos.ts
+++ b/server/helpers/custom-validators/videos.ts
@@ -1,7 +1,7 @@
-import { UploadFilesForCheck } from 'express'
+import { Response, Request, UploadFilesForCheck } from 'express'
 import { decode as magnetUriDecode } from 'magnet-uri'
 import validator from 'validator'
-import { VideoFilter, VideoInclude, VideoPrivacy, VideoRateType } from '@shared/models'
+import { HttpStatusCode, VideoFilter, VideoInclude, VideoPrivacy, VideoRateType } from '@shared/models'
 import {
  CONSTRAINTS_FIELDS,
  MIMETYPES,
@@ -13,6 +13,7 @@ import {
  VIDEO_STATES
 } from '../../initializers/constants'
 import { exists, isArray, isDateValid, isFileValid } from './misc'
+import { getVideoWithAttributes } from '@server/helpers/video'
 const VIDEOS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEOS
@@ -110,6 +111,10 @@ function isVideoPrivacyValid (value: number) {
  return VIDEO_PRIVACIES[value] !== undefined
 }
+function isVideoReplayPrivacyValid (value: number) {
+  return VIDEO_PRIVACIES[value] !== undefined && value !== VideoPrivacy.PASSWORD_PROTECTED
+}
 function isScheduleVideoUpdatePrivacyValid (value: number) {
  return value === VideoPrivacy.UNLISTED || value === VideoPrivacy.PUBLIC || value === VideoPrivacy.INTERNAL
 }
@@ -141,6 +146,49 @@ function isVideoMagnetUriValid (value: string) {
  return parsed && isVideoFileInfoHashValid(parsed.infoHash)
 }
+function isPasswordValid (password: string) {
+  return password.length >= CONSTRAINTS_FIELDS.VIDEO_PASSWORD.LENGTH.min &&
+    password.length < CONSTRAINTS_FIELDS.VIDEO_PASSWORD.LENGTH.max
+}
+function isValidPasswordProtectedPrivacy (req: Request, res: Response) {
+  const fail = (message: string) => {
+    res.fail({
+      status: HttpStatusCode.BAD_REQUEST_400,
+      message
+    })
+    return false
+  }
+  let privacy: VideoPrivacy
+  const video = getVideoWithAttributes(res)
+  if (exists(req.body?.privacy)) privacy = req.body.privacy
+  else if (exists(video?.privacy)) privacy = video.privacy
+  if (privacy !== VideoPrivacy.PASSWORD_PROTECTED) return true
+  if (!exists(req.body.videoPasswords) && !exists(req.body.passwords)) return fail('Video passwords are missing.')
+  const passwords = req.body.videoPasswords || req.body.passwords
+  if (passwords.length === 0) return fail('At least one video password is required.')
+  if (new Set(passwords).size !== passwords.length) return fail('Duplicate video passwords are not allowed.')
+  for (const password of passwords) {
+    if (typeof password !== 'string') {
+      return fail('Video password should be a string.')
+    }
+    if (!isPasswordValid(password)) {
+      return fail('Invalid video password. Password length should be at least 2 characters and no more than 100 characters.')
+    }
+  }
+  return true
+}
 // ---------------------------------------------------------------------------
 export {
@@ -164,9 +212,12 @@ export {
  isVideoDurationValid,
  isVideoTagValid,
  isVideoPrivacyValid,
+  isVideoReplayPrivacyValid,
  isVideoFileResolutionValid,
  isVideoFileSizeValid,
  isVideoImageValid,
  isVideoSupportValid,
-  isVideoFilterValid
+  isVideoFilterValid,
+  isPasswordValid,
+  isValidPasswordProtectedPrivacy
 }
author	Wicklow <123956049+wickloww@users.noreply.github.com>	2023-06-29 07:48:55 +0000
committer	GitHub <noreply@github.com>	2023-06-29 09:48:55 +0200
commit	40346ead2b0b7afa475aef057d3673b6c7574b7a (patch)
tree	24ffdc23c3a9d987334842e0d400b5bd44500cf7 /server/helpers
parent	ae22c59f14d0d553f60b281948b6c232c2aca178 (diff)
download	PeerTube-40346ead2b0b7afa475aef057d3673b6c7574b7a.tar.gz PeerTube-40346ead2b0b7afa475aef057d3673b6c7574b7a.tar.zst PeerTube-40346ead2b0b7afa475aef057d3673b6c7574b7a.zip

diff --git a/server/helpers/custom-validators/videos.ts b/server/helpers/custom-validators/videos.ts index 5f75ec27c..91109217c 100644 --- a/server/helpers/custom-validators/videos.ts +++ b/server/helpers/custom-validators/videos.ts
@@ -1,7 +1,7 @@
1	import { UploadFilesForCheck } from 'express'	1	import { Response, Request, UploadFilesForCheck } from 'express'
2	import { decode as magnetUriDecode } from 'magnet-uri'	2	import { decode as magnetUriDecode } from 'magnet-uri'
3	import validator from 'validator'	3	import validator from 'validator'
4	import { VideoFilter, VideoInclude, VideoPrivacy, VideoRateType } from '@shared/models'	4	import { HttpStatusCode, VideoFilter, VideoInclude, VideoPrivacy, VideoRateType } from '@shared/models'
5	import {	5	import {
6	CONSTRAINTS_FIELDS,	6	CONSTRAINTS_FIELDS,
7	MIMETYPES,	7	MIMETYPES,
@@ -13,6 +13,7 @@ import {
13	VIDEO_STATES	13	VIDEO_STATES
14	} from '../../initializers/constants'	14	} from '../../initializers/constants'
15	import { exists, isArray, isDateValid, isFileValid } from './misc'	15	import { exists, isArray, isDateValid, isFileValid } from './misc'
		16	import { getVideoWithAttributes } from '@server/helpers/video'
16		17
17	const VIDEOS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEOS	18	const VIDEOS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEOS
18		19
@@ -110,6 +111,10 @@ function isVideoPrivacyValid (value: number) {
110	return VIDEO_PRIVACIES[value] !== undefined	111	return VIDEO_PRIVACIES[value] !== undefined
111	}	112	}
112		113
		114	function isVideoReplayPrivacyValid (value: number) {
		115	return VIDEO_PRIVACIES[value] !== undefined && value !== VideoPrivacy.PASSWORD_PROTECTED
		116	}
		117
113	function isScheduleVideoUpdatePrivacyValid (value: number) {	118	function isScheduleVideoUpdatePrivacyValid (value: number) {
114	return value === VideoPrivacy.UNLISTED \|\| value === VideoPrivacy.PUBLIC \|\| value === VideoPrivacy.INTERNAL	119	return value === VideoPrivacy.UNLISTED \|\| value === VideoPrivacy.PUBLIC \|\| value === VideoPrivacy.INTERNAL
115	}	120	}
@@ -141,6 +146,49 @@ function isVideoMagnetUriValid (value: string) {
141	return parsed && isVideoFileInfoHashValid(parsed.infoHash)	146	return parsed && isVideoFileInfoHashValid(parsed.infoHash)
142	}	147	}
143		148
		149	function isPasswordValid (password: string) {
		150	return password.length >= CONSTRAINTS_FIELDS.VIDEO_PASSWORD.LENGTH.min &&
		151	password.length < CONSTRAINTS_FIELDS.VIDEO_PASSWORD.LENGTH.max
		152	}
		153
		154	function isValidPasswordProtectedPrivacy (req: Request, res: Response) {
		155	const fail = (message: string) => {
		156	res.fail({
		157	status: HttpStatusCode.BAD_REQUEST_400,
		158	message
		159	})
		160	return false
		161	}
		162
		163	let privacy: VideoPrivacy
		164	const video = getVideoWithAttributes(res)
		165
		166	if (exists(req.body?.privacy)) privacy = req.body.privacy
		167	else if (exists(video?.privacy)) privacy = video.privacy
		168
		169	if (privacy !== VideoPrivacy.PASSWORD_PROTECTED) return true
		170
		171	if (!exists(req.body.videoPasswords) && !exists(req.body.passwords)) return fail('Video passwords are missing.')
		172
		173	const passwords = req.body.videoPasswords \|\| req.body.passwords
		174
		175	if (passwords.length === 0) return fail('At least one video password is required.')
		176
		177	if (new Set(passwords).size !== passwords.length) return fail('Duplicate video passwords are not allowed.')
		178
		179	for (const password of passwords) {
		180	if (typeof password !== 'string') {
		181	return fail('Video password should be a string.')
		182	}
		183
		184	if (!isPasswordValid(password)) {
		185	return fail('Invalid video password. Password length should be at least 2 characters and no more than 100 characters.')
		186	}
		187	}
		188
		189	return true
		190	}
		191
144	// ---------------------------------------------------------------------------	192	// ---------------------------------------------------------------------------
145		193
146	export {	194	export {
@@ -164,9 +212,12 @@ export {
164	isVideoDurationValid,	212	isVideoDurationValid,
165	isVideoTagValid,	213	isVideoTagValid,
166	isVideoPrivacyValid,	214	isVideoPrivacyValid,
		215	isVideoReplayPrivacyValid,
167	isVideoFileResolutionValid,	216	isVideoFileResolutionValid,
168	isVideoFileSizeValid,	217	isVideoFileSizeValid,
169	isVideoImageValid,	218	isVideoImageValid,
170	isVideoSupportValid,	219	isVideoSupportValid,
171	isVideoFilterValid	220	isVideoFilterValid,
		221	isPasswordValid,
		222	isValidPasswordProtectedPrivacy
172	}	223	}