Implement abuses check params

1 files changed, 49 insertions, 25 deletions

diff --git a/server/middlewares/validators/abuse.ts b/server/middlewares/validators/abuse.ts
index f098e2ff9..048dbead0 100644
--- a/server/middlewares/validators/abuse.ts
+++ b/server/middlewares/validators/abuse.ts
@@ -1,6 +1,7 @@
 import * as express from 'express'
 import { body, param, query } from 'express-validator'
 import {
+  isAbuseFilterValid,
   isAbuseModerationCommentValid,
   isAbusePredefinedReasonsValid,
   isAbusePredefinedReasonValid,
@@ -11,29 +12,28 @@ import {
   isAbuseVideoIsValid
 } from '@server/helpers/custom-validators/abuses'
 import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '@server/helpers/custom-validators/misc'
+import { doesCommentIdExist } from '@server/helpers/custom-validators/video-comments'
 import { logger } from '@server/helpers/logger'
-import { doesAbuseExist, doesVideoAbuseExist, doesVideoExist } from '@server/helpers/middlewares'
+import { doesAbuseExist, doesAccountIdExist, doesVideoAbuseExist, doesVideoExist } from '@server/helpers/middlewares'
+import { AbuseCreate } from '@shared/models'
 import { areValidationErrors } from './utils'
 
 const abuseReportValidator = [
-  param('videoId')
+  body('account.id')
+    .optional()
+    .custom(isIdValid)
+    .withMessage('Should have a valid accountId'),
+
+  body('video.id')
+    .optional()
     .custom(isIdOrUUIDValid)
-    .not()
-    .isEmpty()
     .withMessage('Should have a valid videoId'),
-  body('reason')
-    .custom(isAbuseReasonValid)
-    .withMessage('Should have a valid reason'),
-  body('predefinedReasons')
-    .optional()
-    .custom(isAbusePredefinedReasonsValid)
-    .withMessage('Should have a valid list of predefined reasons'),
-  body('startAt')
+  body('video.startAt')
     .optional()
     .customSanitizer(toIntOrNull)
     .custom(isAbuseTimestampValid)
     .withMessage('Should have valid starting time value'),
-  body('endAt')
+  body('video.endAt')
     .optional()
     .customSanitizer(toIntOrNull)
     .custom(isAbuseTimestampValid)
@@ -42,47 +42,70 @@ const abuseReportValidator = [
     .custom(isAbuseTimestampCoherent)
     .withMessage('Should have a startAt timestamp beginning before endAt'),
 
+  body('comment.id')
+    .optional()
+    .custom(isIdValid)
+    .withMessage('Should have a valid commentId'),
+
+  body('reason')
+    .custom(isAbuseReasonValid)
+    .withMessage('Should have a valid reason'),
+
+  body('predefinedReasons')
+    .optional()
+    .custom(isAbusePredefinedReasonsValid)
+    .withMessage('Should have a valid list of predefined reasons'),
+
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking abuseReport parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await doesVideoExist(req.params.videoId, res)) return
 
-    // TODO: check comment or video (exlusive)
+    const body: AbuseCreate = req.body
+
+    if (body.video?.id && !await doesVideoExist(body.video.id, res)) return
+    if (body.account?.id && !await doesAccountIdExist(body.account.id, res)) return
+    if (body.comment?.id && !await doesCommentIdExist(body.comment.id, res)) return
+
+    if (!body.video?.id && !body.account?.id && !body.comment?.id) {
+      res.status(400)
+        .json({ error: 'video id or account id or comment id is required.' })
+
+      return
+    }
 
     return next()
   }
 ]
 
 const abuseGetValidator = [
-  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
   param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking abuseGetValidator parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    // if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return
+    if (!await doesAbuseExist(req.params.id, res)) return
 
     return next()
   }
 ]
 
 const abuseUpdateValidator = [
-  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
   param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
+
   body('state')
     .optional()
-    .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
+    .custom(isAbuseStateValid).withMessage('Should have a valid abuse state'),
   body('moderationComment')
     .optional()
-    .custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),
+    .custom(isAbuseModerationCommentValid).withMessage('Should have a valid moderation comment'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking abuseUpdateValidator parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    // if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return
+    if (!await doesAbuseExist(req.params.id, res)) return
 
     return next()
   }
@@ -92,6 +115,10 @@ const abuseListValidator = [
   query('id')
     .optional()
     .custom(isIdValid).withMessage('Should have a valid id'),
+  query('filter')
+    .optional()
+    .custom(isAbuseFilterValid)
+    .withMessage('Should have a valid filter'),
   query('predefinedReason')
     .optional()
     .custom(isAbusePredefinedReasonValid)
@@ -151,10 +178,7 @@ const videoAbuseReportValidator = [
     .optional()
     .customSanitizer(toIntOrNull)
     .custom(isAbuseTimestampValid)
-    .withMessage('Should have valid ending time value')
-    .bail()
-    .custom(isAbuseTimestampCoherent)
-    .withMessage('Should have a startAt timestamp beginning before endAt'),
+    .withMessage('Should have valid ending time value'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking videoAbuseReport parameters', { parameters: req.body })