diff options
| author | Chocobozzz <me@florianbigard.com> | 2023-07-31 14:34:36 +0200 |
|---|---|---|
| committer | Chocobozzz <me@florianbigard.com> | 2023-08-11 15:02:33 +0200 |
| commit | 3a4992633ee62d5edfbb484d9c6bcb3cf158489d (patch) | |
| tree | e4510b39bdac9c318fdb4b47018d08f15368b8f0 /server/middlewares/validators/shared/video-passwords.ts | |
| parent | 04d1da5621d25d59bd5fa1543b725c497bf5d9a8 (diff) | |
| download | PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.tar.gz PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.tar.zst PeerTube-3a4992633ee62d5edfbb484d9c6bcb3cf158489d.zip | |
Migrate server to ESM
Sorry for the very big commit that may lead to git log issues and merge
conflicts, but it's a major step forward:
* Server can be faster at startup because imports() are async and we can
easily lazy import big modules
* Angular doesn't seem to support ES import (with .js extension), so we
had to correctly organize peertube into a monorepo:
* Use yarn workspace feature
* Use typescript reference projects for dependencies
* Shared projects have been moved into "packages", each one is now a
node module (with a dedicated package.json/tsconfig.json)
* server/tools have been moved into apps/ and is now a dedicated app
bundled and published on NPM so users don't have to build peertube
cli tools manually
* server/tests have been moved into packages/ so we don't compile
them every time we want to run the server
* Use isolatedModule option:
* Had to move from const enum to const
(https://www.typescriptlang.org/docs/handbook/enums.html#objects-vs-enums)
* Had to explictely specify "type" imports when used in decorators
* Prefer tsx (that uses esbuild under the hood) instead of ts-node to
load typescript files (tests with mocha or scripts):
* To reduce test complexity as esbuild doesn't support decorator
metadata, we only test server files that do not import server
models
* We still build tests files into js files for a faster CI
* Remove unmaintained peertube CLI import script
* Removed some barrels to speed up execution (less imports)
Diffstat (limited to 'server/middlewares/validators/shared/video-passwords.ts')
| -rw-r--r-- | server/middlewares/validators/shared/video-passwords.ts | 80 |
1 files changed, 0 insertions, 80 deletions
diff --git a/server/middlewares/validators/shared/video-passwords.ts b/server/middlewares/validators/shared/video-passwords.ts deleted file mode 100644 index efcc95dc4..000000000 --- a/server/middlewares/validators/shared/video-passwords.ts +++ /dev/null | |||
| @@ -1,80 +0,0 @@ | |||
| 1 | import express from 'express' | ||
| 2 | import { HttpStatusCode, UserRight, VideoPrivacy } from '@shared/models' | ||
| 3 | import { forceNumber } from '@shared/core-utils' | ||
| 4 | import { VideoPasswordModel } from '@server/models/video/video-password' | ||
| 5 | import { header } from 'express-validator' | ||
| 6 | import { getVideoWithAttributes } from '@server/helpers/video' | ||
| 7 | |||
| 8 | function isValidVideoPasswordHeader () { | ||
| 9 | return header('x-peertube-video-password') | ||
| 10 | .optional() | ||
| 11 | .isString() | ||
| 12 | } | ||
| 13 | |||
| 14 | function checkVideoIsPasswordProtected (res: express.Response) { | ||
| 15 | const video = getVideoWithAttributes(res) | ||
| 16 | if (video.privacy !== VideoPrivacy.PASSWORD_PROTECTED) { | ||
| 17 | res.fail({ | ||
| 18 | status: HttpStatusCode.BAD_REQUEST_400, | ||
| 19 | message: 'Video is not password protected' | ||
| 20 | }) | ||
| 21 | return false | ||
| 22 | } | ||
| 23 | |||
| 24 | return true | ||
| 25 | } | ||
| 26 | |||
| 27 | async function doesVideoPasswordExist (idArg: number | string, res: express.Response) { | ||
| 28 | const video = getVideoWithAttributes(res) | ||
| 29 | const id = forceNumber(idArg) | ||
| 30 | const videoPassword = await VideoPasswordModel.loadByIdAndVideo({ id, videoId: video.id }) | ||
| 31 | |||
| 32 | if (!videoPassword) { | ||
| 33 | res.fail({ | ||
| 34 | status: HttpStatusCode.NOT_FOUND_404, | ||
| 35 | message: 'Video password not found' | ||
| 36 | }) | ||
| 37 | return false | ||
| 38 | } | ||
| 39 | |||
| 40 | res.locals.videoPassword = videoPassword | ||
| 41 | |||
| 42 | return true | ||
| 43 | } | ||
| 44 | |||
| 45 | async function isVideoPasswordDeletable (res: express.Response) { | ||
| 46 | const user = res.locals.oauth.token.User | ||
| 47 | const userAccount = user.Account | ||
| 48 | const video = res.locals.videoAll | ||
| 49 | |||
| 50 | // Check if the user who did the request is able to delete the video passwords | ||
| 51 | if ( | ||
| 52 | user.hasRight(UserRight.UPDATE_ANY_VIDEO) === false && // Not a moderator | ||
| 53 | video.VideoChannel.accountId !== userAccount.id // Not the video owner | ||
| 54 | ) { | ||
| 55 | res.fail({ | ||
| 56 | status: HttpStatusCode.FORBIDDEN_403, | ||
| 57 | message: 'Cannot remove passwords of another user\'s video' | ||
| 58 | }) | ||
| 59 | return false | ||
| 60 | } | ||
| 61 | |||
| 62 | const passwordCount = await VideoPasswordModel.countByVideoId(video.id) | ||
| 63 | |||
| 64 | if (passwordCount <= 1) { | ||
| 65 | res.fail({ | ||
| 66 | status: HttpStatusCode.BAD_REQUEST_400, | ||
| 67 | message: 'Cannot delete the last password of the protected video' | ||
| 68 | }) | ||
| 69 | return false | ||
| 70 | } | ||
| 71 | |||
| 72 | return true | ||
| 73 | } | ||
| 74 | |||
| 75 | export { | ||
| 76 | isValidVideoPasswordHeader, | ||
| 77 | checkVideoIsPasswordProtected as isVideoPasswordProtected, | ||
| 78 | doesVideoPasswordExist, | ||
| 79 | isVideoPasswordDeletable | ||
| 80 | } | ||