Use 3 tables to represent abuses

author: Chocobozzz <me@florianbigard.com> 2020-07-01 16:05:30 +0200
committer: Chocobozzz <chocobozzz@cpy.re> 2020-07-10 14:02:41 +0200
commit: d95d15598847c7f020aa056e7e6e0c02d2bbf732 (patch)
tree: a8a593f1269688caf9e5f99559996f346290fec5 /server/middlewares/validators/abuse.ts
parent: 72493e44e9b455a04c4f093ed6c6ffa300b98d8b (diff)
download: PeerTube-d95d15598847c7f020aa056e7e6e0c02d2bbf732.tar.gz
PeerTube-d95d15598847c7f020aa056e7e6e0c02d2bbf732.tar.zst
PeerTube-d95d15598847c7f020aa056e7e6e0c02d2bbf732.zip
1 files changed, 253 insertions, 0 deletions
diff --git a/server/middlewares/validators/abuse.ts b/server/middlewares/validators/abuse.ts
new file mode 100644
index 000000000..f098e2ff9
--- /dev/null
+++ b/server/middlewares/validators/abuse.ts
@@ -0,0 +1,253 @@
+import * as express from 'express'
+import { body, param, query } from 'express-validator'
+import {
+  isAbuseModerationCommentValid,
+  isAbusePredefinedReasonsValid,
+  isAbusePredefinedReasonValid,
+  isAbuseReasonValid,
+  isAbuseStateValid,
+  isAbuseTimestampCoherent,
+  isAbuseTimestampValid,
+  isAbuseVideoIsValid
+} from '@server/helpers/custom-validators/abuses'
+import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '@server/helpers/custom-validators/misc'
+import { logger } from '@server/helpers/logger'
+import { doesAbuseExist, doesVideoAbuseExist, doesVideoExist } from '@server/helpers/middlewares'
+import { areValidationErrors } from './utils'
+const abuseReportValidator = [
+  param('videoId')
+    .custom(isIdOrUUIDValid)
+    .not()
+    .isEmpty()
+    .withMessage('Should have a valid videoId'),
+  body('reason')
+    .custom(isAbuseReasonValid)
+    .withMessage('Should have a valid reason'),
+  body('predefinedReasons')
+    .optional()
+    .custom(isAbusePredefinedReasonsValid)
+    .withMessage('Should have a valid list of predefined reasons'),
+  body('startAt')
+    .optional()
+    .customSanitizer(toIntOrNull)
+    .custom(isAbuseTimestampValid)
+    .withMessage('Should have valid starting time value'),
+  body('endAt')
+    .optional()
+    .customSanitizer(toIntOrNull)
+    .custom(isAbuseTimestampValid)
+    .withMessage('Should have valid ending time value')
+    .bail()
+    .custom(isAbuseTimestampCoherent)
+    .withMessage('Should have a startAt timestamp beginning before endAt'),
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking abuseReport parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
+    // TODO: check comment or video (exlusive)
+    return next()
+  }
+]
+const abuseGetValidator = [
+  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
+  param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking abuseGetValidator parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    // if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return
+    return next()
+  }
+]
+const abuseUpdateValidator = [
+  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
+  param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
+  body('state')
+    .optional()
+    .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
+  body('moderationComment')
+    .optional()
+    .custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking abuseUpdateValidator parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    // if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return
+    return next()
+  }
+]
+const abuseListValidator = [
+  query('id')
+    .optional()
+    .custom(isIdValid).withMessage('Should have a valid id'),
+  query('predefinedReason')
+    .optional()
+    .custom(isAbusePredefinedReasonValid)
+    .withMessage('Should have a valid predefinedReason'),
+  query('search')
+    .optional()
+    .custom(exists).withMessage('Should have a valid search'),
+  query('state')
+    .optional()
+    .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
+  query('videoIs')
+    .optional()
+    .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
+  query('searchReporter')
+    .optional()
+    .custom(exists).withMessage('Should have a valid reporter search'),
+  query('searchReportee')
+    .optional()
+    .custom(exists).withMessage('Should have a valid reportee search'),
+  query('searchVideo')
+    .optional()
+    .custom(exists).withMessage('Should have a valid video search'),
+  query('searchVideoChannel')
+    .optional()
+    .custom(exists).withMessage('Should have a valid video channel search'),
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking abuseListValidator parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    return next()
+  }
+]
+// FIXME: deprecated in 2.3. Remove these validators
+const videoAbuseReportValidator = [
+  param('videoId')
+    .custom(isIdOrUUIDValid)
+    .not()
+    .isEmpty()
+    .withMessage('Should have a valid videoId'),
+  body('reason')
+    .custom(isAbuseReasonValid)
+    .withMessage('Should have a valid reason'),
+  body('predefinedReasons')
+    .optional()
+    .custom(isAbusePredefinedReasonsValid)
+    .withMessage('Should have a valid list of predefined reasons'),
+  body('startAt')
+    .optional()
+    .customSanitizer(toIntOrNull)
+    .custom(isAbuseTimestampValid)
+    .withMessage('Should have valid starting time value'),
+  body('endAt')
+    .optional()
+    .customSanitizer(toIntOrNull)
+    .custom(isAbuseTimestampValid)
+    .withMessage('Should have valid ending time value')
+    .bail()
+    .custom(isAbuseTimestampCoherent)
+    .withMessage('Should have a startAt timestamp beginning before endAt'),
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoAbuseReport parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
+    return next()
+  }
+]
+const videoAbuseGetValidator = [
+  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
+  param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoAbuseGetValidator parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return
+    return next()
+  }
+]
+const videoAbuseUpdateValidator = [
+  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
+  param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
+  body('state')
+    .optional()
+    .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
+  body('moderationComment')
+    .optional()
+    .custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoAbuseUpdateValidator parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return
+    return next()
+  }
+]
+const videoAbuseListValidator = [
+  query('id')
+    .optional()
+    .custom(isIdValid).withMessage('Should have a valid id'),
+  query('predefinedReason')
+    .optional()
+    .custom(isAbusePredefinedReasonValid)
+    .withMessage('Should have a valid predefinedReason'),
+  query('search')
+    .optional()
+    .custom(exists).withMessage('Should have a valid search'),
+  query('state')
+    .optional()
+    .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
+  query('videoIs')
+    .optional()
+    .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
+  query('searchReporter')
+    .optional()
+    .custom(exists).withMessage('Should have a valid reporter search'),
+  query('searchReportee')
+    .optional()
+    .custom(exists).withMessage('Should have a valid reportee search'),
+  query('searchVideo')
+    .optional()
+    .custom(exists).withMessage('Should have a valid video search'),
+  query('searchVideoChannel')
+    .optional()
+    .custom(exists).withMessage('Should have a valid video channel search'),
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoAbuseListValidator parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    return next()
+  }
+]
+// ---------------------------------------------------------------------------
+export {
+  abuseListValidator,
+  abuseReportValidator,
+  abuseGetValidator,
+  abuseUpdateValidator,
+  videoAbuseReportValidator,
+  videoAbuseGetValidator,
+  videoAbuseUpdateValidator,
+  videoAbuseListValidator
+}
author	Chocobozzz <me@florianbigard.com>	2020-07-01 16:05:30 +0200
committer	Chocobozzz <chocobozzz@cpy.re>	2020-07-10 14:02:41 +0200
commit	d95d15598847c7f020aa056e7e6e0c02d2bbf732 (patch)
tree	a8a593f1269688caf9e5f99559996f346290fec5 /server/middlewares/validators/abuse.ts
parent	72493e44e9b455a04c4f093ed6c6ffa300b98d8b (diff)
download	PeerTube-d95d15598847c7f020aa056e7e6e0c02d2bbf732.tar.gz PeerTube-d95d15598847c7f020aa056e7e6e0c02d2bbf732.tar.zst PeerTube-d95d15598847c7f020aa056e7e6e0c02d2bbf732.zip

diff --git a/server/middlewares/validators/abuse.ts b/server/middlewares/validators/abuse.ts new file mode 100644 index 000000000..f098e2ff9 --- /dev/null +++ b/server/middlewares/validators/abuse.ts
@@ -0,0 +1,253 @@
	1	import * as express from 'express'
	2	import { body, param, query } from 'express-validator'
	3	import {
	4	isAbuseModerationCommentValid,
	5	isAbusePredefinedReasonsValid,
	6	isAbusePredefinedReasonValid,
	7	isAbuseReasonValid,
	8	isAbuseStateValid,
	9	isAbuseTimestampCoherent,
	10	isAbuseTimestampValid,
	11	isAbuseVideoIsValid
	12	} from '@server/helpers/custom-validators/abuses'
	13	import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '@server/helpers/custom-validators/misc'
	14	import { logger } from '@server/helpers/logger'
	15	import { doesAbuseExist, doesVideoAbuseExist, doesVideoExist } from '@server/helpers/middlewares'
	16	import { areValidationErrors } from './utils'
	17
	18	const abuseReportValidator = [
	19	param('videoId')
	20	.custom(isIdOrUUIDValid)
	21	.not()
	22	.isEmpty()
	23	.withMessage('Should have a valid videoId'),
	24	body('reason')
	25	.custom(isAbuseReasonValid)
	26	.withMessage('Should have a valid reason'),
	27	body('predefinedReasons')
	28	.optional()
	29	.custom(isAbusePredefinedReasonsValid)
	30	.withMessage('Should have a valid list of predefined reasons'),
	31	body('startAt')
	32	.optional()
	33	.customSanitizer(toIntOrNull)
	34	.custom(isAbuseTimestampValid)
	35	.withMessage('Should have valid starting time value'),
	36	body('endAt')
	37	.optional()
	38	.customSanitizer(toIntOrNull)
	39	.custom(isAbuseTimestampValid)
	40	.withMessage('Should have valid ending time value')
	41	.bail()
	42	.custom(isAbuseTimestampCoherent)
	43	.withMessage('Should have a startAt timestamp beginning before endAt'),
	44
	45	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	46	logger.debug('Checking abuseReport parameters', { parameters: req.body })
	47
	48	if (areValidationErrors(req, res)) return
	49	if (!await doesVideoExist(req.params.videoId, res)) return
	50
	51	// TODO: check comment or video (exlusive)
	52
	53	return next()
	54	}
	55	]
	56
	57	const abuseGetValidator = [
	58	param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
	59	param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
	60
	61	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	62	logger.debug('Checking abuseGetValidator parameters', { parameters: req.body })
	63
	64	if (areValidationErrors(req, res)) return
	65	// if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return
	66
	67	return next()
	68	}
	69	]
	70
	71	const abuseUpdateValidator = [
	72	param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
	73	param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
	74	body('state')
	75	.optional()
	76	.custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
	77	body('moderationComment')
	78	.optional()
	79	.custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),
	80
	81	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	82	logger.debug('Checking abuseUpdateValidator parameters', { parameters: req.body })
	83
	84	if (areValidationErrors(req, res)) return
	85	// if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return
	86
	87	return next()
	88	}
	89	]
	90
	91	const abuseListValidator = [
	92	query('id')
	93	.optional()
	94	.custom(isIdValid).withMessage('Should have a valid id'),
	95	query('predefinedReason')
	96	.optional()
	97	.custom(isAbusePredefinedReasonValid)
	98	.withMessage('Should have a valid predefinedReason'),
	99	query('search')
	100	.optional()
	101	.custom(exists).withMessage('Should have a valid search'),
	102	query('state')
	103	.optional()
	104	.custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
	105	query('videoIs')
	106	.optional()
	107	.custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
	108	query('searchReporter')
	109	.optional()
	110	.custom(exists).withMessage('Should have a valid reporter search'),
	111	query('searchReportee')
	112	.optional()
	113	.custom(exists).withMessage('Should have a valid reportee search'),
	114	query('searchVideo')
	115	.optional()
	116	.custom(exists).withMessage('Should have a valid video search'),
	117	query('searchVideoChannel')
	118	.optional()
	119	.custom(exists).withMessage('Should have a valid video channel search'),
	120
	121	(req: express.Request, res: express.Response, next: express.NextFunction) => {
	122	logger.debug('Checking abuseListValidator parameters', { parameters: req.body })
	123
	124	if (areValidationErrors(req, res)) return
	125
	126	return next()
	127	}
	128	]
	129
	130	// FIXME: deprecated in 2.3. Remove these validators
	131
	132	const videoAbuseReportValidator = [
	133	param('videoId')
	134	.custom(isIdOrUUIDValid)
	135	.not()
	136	.isEmpty()
	137	.withMessage('Should have a valid videoId'),
	138	body('reason')
	139	.custom(isAbuseReasonValid)
	140	.withMessage('Should have a valid reason'),
	141	body('predefinedReasons')
	142	.optional()
	143	.custom(isAbusePredefinedReasonsValid)
	144	.withMessage('Should have a valid list of predefined reasons'),
	145	body('startAt')
	146	.optional()
	147	.customSanitizer(toIntOrNull)
	148	.custom(isAbuseTimestampValid)
	149	.withMessage('Should have valid starting time value'),
	150	body('endAt')
	151	.optional()
	152	.customSanitizer(toIntOrNull)
	153	.custom(isAbuseTimestampValid)
	154	.withMessage('Should have valid ending time value')
	155	.bail()
	156	.custom(isAbuseTimestampCoherent)
	157	.withMessage('Should have a startAt timestamp beginning before endAt'),
	158
	159	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	160	logger.debug('Checking videoAbuseReport parameters', { parameters: req.body })
	161
	162	if (areValidationErrors(req, res)) return
	163	if (!await doesVideoExist(req.params.videoId, res)) return
	164
	165	return next()
	166	}
	167	]
	168
	169	const videoAbuseGetValidator = [
	170	param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
	171	param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
	172
	173	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	174	logger.debug('Checking videoAbuseGetValidator parameters', { parameters: req.body })
	175
	176	if (areValidationErrors(req, res)) return
	177	if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return
	178
	179	return next()
	180	}
	181	]
	182
	183	const videoAbuseUpdateValidator = [
	184	param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
	185	param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
	186	body('state')
	187	.optional()
	188	.custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
	189	body('moderationComment')
	190	.optional()
	191	.custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),
	192
	193	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	194	logger.debug('Checking videoAbuseUpdateValidator parameters', { parameters: req.body })
	195
	196	if (areValidationErrors(req, res)) return
	197	if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return
	198
	199	return next()
	200	}
	201	]
	202
	203	const videoAbuseListValidator = [
	204	query('id')
	205	.optional()
	206	.custom(isIdValid).withMessage('Should have a valid id'),
	207	query('predefinedReason')
	208	.optional()
	209	.custom(isAbusePredefinedReasonValid)
	210	.withMessage('Should have a valid predefinedReason'),
	211	query('search')
	212	.optional()
	213	.custom(exists).withMessage('Should have a valid search'),
	214	query('state')
	215	.optional()
	216	.custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
	217	query('videoIs')
	218	.optional()
	219	.custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
	220	query('searchReporter')
	221	.optional()
	222	.custom(exists).withMessage('Should have a valid reporter search'),
	223	query('searchReportee')
	224	.optional()
	225	.custom(exists).withMessage('Should have a valid reportee search'),
	226	query('searchVideo')
	227	.optional()
	228	.custom(exists).withMessage('Should have a valid video search'),
	229	query('searchVideoChannel')
	230	.optional()
	231	.custom(exists).withMessage('Should have a valid video channel search'),
	232
	233	(req: express.Request, res: express.Response, next: express.NextFunction) => {
	234	logger.debug('Checking videoAbuseListValidator parameters', { parameters: req.body })
	235
	236	if (areValidationErrors(req, res)) return
	237
	238	return next()
	239	}
	240	]
	241
	242	// ---------------------------------------------------------------------------
	243
	244	export {
	245	abuseListValidator,
	246	abuseReportValidator,
	247	abuseGetValidator,
	248	abuseUpdateValidator,
	249	videoAbuseReportValidator,
	250	videoAbuseGetValidator,
	251	videoAbuseUpdateValidator,
	252	videoAbuseListValidator
	253	}