aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/helpers
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2020-07-07 10:57:04 +0200
committerChocobozzz <chocobozzz@cpy.re>2020-07-10 14:02:41 +0200
commit57f6896f67cfc570cf3605dd94b0778101b2d9b9 (patch)
treeb82d879c46868ce75ff76c3e4d4eed590a87f6c4 /server/helpers
parentd95d15598847c7f020aa056e7e6e0c02d2bbf732 (diff)
downloadPeerTube-57f6896f67cfc570cf3605dd94b0778101b2d9b9.tar.gz
PeerTube-57f6896f67cfc570cf3605dd94b0778101b2d9b9.tar.zst
PeerTube-57f6896f67cfc570cf3605dd94b0778101b2d9b9.zip
Implement abuses check params
Diffstat (limited to 'server/helpers')
-rw-r--r--server/helpers/custom-validators/abuses.ts17
-rw-r--r--server/helpers/custom-validators/video-comments.ts81
-rw-r--r--server/helpers/middlewares/abuses.ts13
-rw-r--r--server/helpers/middlewares/accounts.ts4
4 files changed, 104 insertions, 11 deletions
diff --git a/server/helpers/custom-validators/abuses.ts b/server/helpers/custom-validators/abuses.ts
index a6a895c65..c21468caa 100644
--- a/server/helpers/custom-validators/abuses.ts
+++ b/server/helpers/custom-validators/abuses.ts
@@ -1,6 +1,6 @@
1import validator from 'validator' 1import validator from 'validator'
2import { abusePredefinedReasonsMap, AbusePredefinedReasonsString, AbuseVideoIs } from '@shared/models' 2import { AbuseFilter, abusePredefinedReasonsMap, AbusePredefinedReasonsString, AbuseVideoIs, AbuseCreate } from '@shared/models'
3import { CONSTRAINTS_FIELDS, ABUSE_STATES } from '../../initializers/constants' 3import { ABUSE_STATES, CONSTRAINTS_FIELDS } from '../../initializers/constants'
4import { exists, isArray } from './misc' 4import { exists, isArray } from './misc'
5 5
6const VIDEO_ABUSES_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.ABUSES 6const VIDEO_ABUSES_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.ABUSES
@@ -13,7 +13,11 @@ function isAbusePredefinedReasonValid (value: AbusePredefinedReasonsString) {
13 return exists(value) && value in abusePredefinedReasonsMap 13 return exists(value) && value in abusePredefinedReasonsMap
14} 14}
15 15
16function isAbusePredefinedReasonsValid (value: AbusePredefinedReasonsString[]) { 16function isAbuseFilterValid (value: AbuseFilter) {
17 return value === 'video' || value === 'comment' || value === 'account'
18}
19
20function areAbusePredefinedReasonsValid (value: AbusePredefinedReasonsString[]) {
17 return exists(value) && isArray(value) && value.every(v => v in abusePredefinedReasonsMap) 21 return exists(value) && isArray(value) && value.every(v => v in abusePredefinedReasonsMap)
18} 22}
19 23
@@ -22,7 +26,9 @@ function isAbuseTimestampValid (value: number) {
22} 26}
23 27
24function isAbuseTimestampCoherent (endAt: number, { req }) { 28function isAbuseTimestampCoherent (endAt: number, { req }) {
25 return exists(req.body.startAt) && endAt > req.body.startAt 29 const startAt = (req.body as AbuseCreate).video.startAt
30
31 return exists(startAt) && endAt > startAt
26} 32}
27 33
28function isAbuseModerationCommentValid (value: string) { 34function isAbuseModerationCommentValid (value: string) {
@@ -44,8 +50,9 @@ function isAbuseVideoIsValid (value: AbuseVideoIs) {
44 50
45export { 51export {
46 isAbuseReasonValid, 52 isAbuseReasonValid,
53 isAbuseFilterValid,
47 isAbusePredefinedReasonValid, 54 isAbusePredefinedReasonValid,
48 isAbusePredefinedReasonsValid, 55 areAbusePredefinedReasonsValid as isAbusePredefinedReasonsValid,
49 isAbuseTimestampValid, 56 isAbuseTimestampValid,
50 isAbuseTimestampCoherent, 57 isAbuseTimestampCoherent,
51 isAbuseModerationCommentValid, 58 isAbuseModerationCommentValid,
diff --git a/server/helpers/custom-validators/video-comments.ts b/server/helpers/custom-validators/video-comments.ts
index 846f28b17..a01680cbe 100644
--- a/server/helpers/custom-validators/video-comments.ts
+++ b/server/helpers/custom-validators/video-comments.ts
@@ -1,6 +1,8 @@
1import 'multer' 1import * as express from 'express'
2import validator from 'validator' 2import validator from 'validator'
3import { VideoCommentModel } from '@server/models/video/video-comment'
3import { CONSTRAINTS_FIELDS } from '../../initializers/constants' 4import { CONSTRAINTS_FIELDS } from '../../initializers/constants'
5import { MVideoId } from '@server/types/models'
4 6
5const VIDEO_COMMENTS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEO_COMMENTS 7const VIDEO_COMMENTS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEO_COMMENTS
6 8
@@ -8,8 +10,83 @@ function isValidVideoCommentText (value: string) {
8 return value === null || validator.isLength(value, VIDEO_COMMENTS_CONSTRAINTS_FIELDS.TEXT) 10 return value === null || validator.isLength(value, VIDEO_COMMENTS_CONSTRAINTS_FIELDS.TEXT)
9} 11}
10 12
13async function doesVideoCommentThreadExist (idArg: number | string, video: MVideoId, res: express.Response) {
14 const id = parseInt(idArg + '', 10)
15 const videoComment = await VideoCommentModel.loadById(id)
16
17 if (!videoComment) {
18 res.status(404)
19 .json({ error: 'Video comment thread not found' })
20 .end()
21
22 return false
23 }
24
25 if (videoComment.videoId !== video.id) {
26 res.status(400)
27 .json({ error: 'Video comment is not associated to this video.' })
28 .end()
29
30 return false
31 }
32
33 if (videoComment.inReplyToCommentId !== null) {
34 res.status(400)
35 .json({ error: 'Video comment is not a thread.' })
36 .end()
37
38 return false
39 }
40
41 res.locals.videoCommentThread = videoComment
42 return true
43}
44
45async function doesVideoCommentExist (idArg: number | string, video: MVideoId, res: express.Response) {
46 const id = parseInt(idArg + '', 10)
47 const videoComment = await VideoCommentModel.loadByIdAndPopulateVideoAndAccountAndReply(id)
48
49 if (!videoComment) {
50 res.status(404)
51 .json({ error: 'Video comment thread not found' })
52 .end()
53
54 return false
55 }
56
57 if (videoComment.videoId !== video.id) {
58 res.status(400)
59 .json({ error: 'Video comment is not associated to this video.' })
60 .end()
61
62 return false
63 }
64
65 res.locals.videoCommentFull = videoComment
66 return true
67}
68
69async function doesCommentIdExist (idArg: number | string, res: express.Response) {
70 const id = parseInt(idArg + '', 10)
71 const videoComment = await VideoCommentModel.loadById(id)
72
73 if (!videoComment) {
74 res.status(404)
75 .json({ error: 'Video comment thread not found' })
76
77 return false
78 }
79
80 res.locals.videoComment = videoComment
81
82 return true
83}
84
11// --------------------------------------------------------------------------- 85// ---------------------------------------------------------------------------
12 86
13export { 87export {
14 isValidVideoCommentText 88 isValidVideoCommentText,
89 doesVideoCommentThreadExist,
90 doesVideoCommentExist,
91 doesCommentIdExist
15} 92}
diff --git a/server/helpers/middlewares/abuses.ts b/server/helpers/middlewares/abuses.ts
index 3906f6760..b102273a2 100644
--- a/server/helpers/middlewares/abuses.ts
+++ b/server/helpers/middlewares/abuses.ts
@@ -17,7 +17,6 @@ async function doesVideoAbuseExist (abuseIdArg: number | string, videoUUID: stri
17 if (abuse === null) { 17 if (abuse === null) {
18 res.status(404) 18 res.status(404)
19 .json({ error: 'Video abuse not found' }) 19 .json({ error: 'Video abuse not found' })
20 .end()
21 20
22 return false 21 return false
23 } 22 }
@@ -26,8 +25,18 @@ async function doesVideoAbuseExist (abuseIdArg: number | string, videoUUID: stri
26 return true 25 return true
27} 26}
28 27
29async function doesAbuseExist (abuseIdArg: number | string, videoUUID: string, res: Response) { 28async function doesAbuseExist (abuseId: number | string, res: Response) {
29 const abuse = await AbuseModel.loadById(parseInt(abuseId + '', 10))
30 30
31 if (!abuse) {
32 res.status(404)
33 .json({ error: 'Video abuse not found' })
34
35 return false
36 }
37
38 res.locals.abuse = abuse
39 return true
31} 40}
32 41
33// --------------------------------------------------------------------------- 42// ---------------------------------------------------------------------------
diff --git a/server/helpers/middlewares/accounts.ts b/server/helpers/middlewares/accounts.ts
index bddea7eaa..29b4ed1a6 100644
--- a/server/helpers/middlewares/accounts.ts
+++ b/server/helpers/middlewares/accounts.ts
@@ -3,8 +3,8 @@ import { AccountModel } from '../../models/account/account'
3import * as Bluebird from 'bluebird' 3import * as Bluebird from 'bluebird'
4import { MAccountDefault } from '../../types/models' 4import { MAccountDefault } from '../../types/models'
5 5
6function doesAccountIdExist (id: number, res: Response, sendNotFound = true) { 6function doesAccountIdExist (id: number | string, res: Response, sendNotFound = true) {
7 const promise = AccountModel.load(id) 7 const promise = AccountModel.load(parseInt(id + '', 10))
8 8
9 return doesAccountExist(promise, res, sendNotFound) 9 return doesAccountExist(promise, res, sendNotFound)
10} 10}