diff options
| author | Rigel Kent <sendmemail@rigelk.eu> | 2020-12-07 14:32:36 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-07 14:32:36 +0100 |
| commit | 2d53be0267acc49cda46707b885096193a1f4e9c (patch) | |
| tree | 887061a34bc67f40acbb96a6278f9544bf83caeb /server/middlewares/validators/users.ts | |
| parent | adc1f09c0dbd997f34028c1c82d1c118dc8ead80 (diff) | |
| download | PeerTube-2d53be0267acc49cda46707b885096193a1f4e9c.tar.gz PeerTube-2d53be0267acc49cda46707b885096193a1f4e9c.tar.zst PeerTube-2d53be0267acc49cda46707b885096193a1f4e9c.zip | |
replace numbers with typed http status codes (#3409)
Diffstat (limited to 'server/middlewares/validators/users.ts')
| -rw-r--r-- | server/middlewares/validators/users.ts | 55 |
1 files changed, 30 insertions, 25 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index c91c378b3..c93895f2f 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
| @@ -37,6 +37,7 @@ import { doesVideoExist } from '../../helpers/middlewares' | |||
| 37 | import { UserRole } from '../../../shared/models/users' | 37 | import { UserRole } from '../../../shared/models/users' |
| 38 | import { MUserDefault } from '@server/types/models' | 38 | import { MUserDefault } from '@server/types/models' |
| 39 | import { Hooks } from '@server/lib/plugins/hooks' | 39 | import { Hooks } from '@server/lib/plugins/hooks' |
| 40 | import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes' | ||
| 40 | 41 | ||
| 41 | const usersListValidator = [ | 42 | const usersListValidator = [ |
| 42 | query('blocked') | 43 | query('blocked') |
| @@ -73,19 +74,22 @@ const usersAddValidator = [ | |||
| 73 | 74 | ||
| 74 | const authUser = res.locals.oauth.token.User | 75 | const authUser = res.locals.oauth.token.User |
| 75 | if (authUser.role !== UserRole.ADMINISTRATOR && req.body.role !== UserRole.USER) { | 76 | if (authUser.role !== UserRole.ADMINISTRATOR && req.body.role !== UserRole.USER) { |
| 76 | return res.status(403) | 77 | return res |
| 78 | .status(HttpStatusCode.FORBIDDEN_403) | ||
| 77 | .json({ error: 'You can only create users (and not administrators or moderators)' }) | 79 | .json({ error: 'You can only create users (and not administrators or moderators)' }) |
| 78 | } | 80 | } |
| 79 | 81 | ||
| 80 | if (req.body.channelName) { | 82 | if (req.body.channelName) { |
| 81 | if (req.body.channelName === req.body.username) { | 83 | if (req.body.channelName === req.body.username) { |
| 82 | return res.status(400) | 84 | return res |
| 85 | .status(HttpStatusCode.BAD_REQUEST_400) | ||
| 83 | .json({ error: 'Channel name cannot be the same as user username.' }) | 86 | .json({ error: 'Channel name cannot be the same as user username.' }) |
| 84 | } | 87 | } |
| 85 | 88 | ||
| 86 | const existing = await ActorModel.loadLocalByName(req.body.channelName) | 89 | const existing = await ActorModel.loadLocalByName(req.body.channelName) |
| 87 | if (existing) { | 90 | if (existing) { |
| 88 | return res.status(409) | 91 | return res |
| 92 | .status(HttpStatusCode.CONFLICT_409) | ||
| 89 | .json({ error: `Channel with name ${req.body.channelName} already exists.` }) | 93 | .json({ error: `Channel with name ${req.body.channelName} already exists.` }) |
| 90 | } | 94 | } |
| 91 | } | 95 | } |
| @@ -118,18 +122,19 @@ const usersRegisterValidator = [ | |||
| 118 | const body: UserRegister = req.body | 122 | const body: UserRegister = req.body |
| 119 | if (body.channel) { | 123 | if (body.channel) { |
| 120 | if (!body.channel.name || !body.channel.displayName) { | 124 | if (!body.channel.name || !body.channel.displayName) { |
| 121 | return res.status(400) | 125 | return res |
| 126 | .status(HttpStatusCode.BAD_REQUEST_400) | ||
| 122 | .json({ error: 'Channel is optional but if you specify it, channel.name and channel.displayName are required.' }) | 127 | .json({ error: 'Channel is optional but if you specify it, channel.name and channel.displayName are required.' }) |
| 123 | } | 128 | } |
| 124 | 129 | ||
| 125 | if (body.channel.name === body.username) { | 130 | if (body.channel.name === body.username) { |
| 126 | return res.status(400) | 131 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 127 | .json({ error: 'Channel name cannot be the same as user username.' }) | 132 | .json({ error: 'Channel name cannot be the same as user username.' }) |
| 128 | } | 133 | } |
| 129 | 134 | ||
| 130 | const existing = await ActorModel.loadLocalByName(body.channel.name) | 135 | const existing = await ActorModel.loadLocalByName(body.channel.name) |
| 131 | if (existing) { | 136 | if (existing) { |
| 132 | return res.status(409) | 137 | return res.status(HttpStatusCode.CONFLICT_409) |
| 133 | .json({ error: `Channel with name ${body.channel.name} already exists.` }) | 138 | .json({ error: `Channel with name ${body.channel.name} already exists.` }) |
| 134 | } | 139 | } |
| 135 | } | 140 | } |
| @@ -149,7 +154,7 @@ const usersRemoveValidator = [ | |||
| 149 | 154 | ||
| 150 | const user = res.locals.user | 155 | const user = res.locals.user |
| 151 | if (user.username === 'root') { | 156 | if (user.username === 'root') { |
| 152 | return res.status(400) | 157 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 153 | .json({ error: 'Cannot remove the root user' }) | 158 | .json({ error: 'Cannot remove the root user' }) |
| 154 | } | 159 | } |
| 155 | 160 | ||
| @@ -169,7 +174,7 @@ const usersBlockingValidator = [ | |||
| 169 | 174 | ||
| 170 | const user = res.locals.user | 175 | const user = res.locals.user |
| 171 | if (user.username === 'root') { | 176 | if (user.username === 'root') { |
| 172 | return res.status(400) | 177 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 173 | .json({ error: 'Cannot block the root user' }) | 178 | .json({ error: 'Cannot block the root user' }) |
| 174 | } | 179 | } |
| 175 | 180 | ||
| @@ -181,7 +186,7 @@ const deleteMeValidator = [ | |||
| 181 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 186 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
| 182 | const user = res.locals.oauth.token.User | 187 | const user = res.locals.oauth.token.User |
| 183 | if (user.username === 'root') { | 188 | if (user.username === 'root') { |
| 184 | return res.status(400) | 189 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 185 | .json({ error: 'You cannot delete your root account.' }) | 190 | .json({ error: 'You cannot delete your root account.' }) |
| 186 | .end() | 191 | .end() |
| 187 | } | 192 | } |
| @@ -211,8 +216,8 @@ const usersUpdateValidator = [ | |||
| 211 | 216 | ||
| 212 | const user = res.locals.user | 217 | const user = res.locals.user |
| 213 | if (user.username === 'root' && req.body.role !== undefined && user.role !== req.body.role) { | 218 | if (user.username === 'root' && req.body.role !== undefined && user.role !== req.body.role) { |
| 214 | return res.status(400) | 219 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 215 | .json({ error: 'Cannot change root role.' }) | 220 | .json({ error: 'Cannot change root role.' }) |
| 216 | } | 221 | } |
| 217 | 222 | ||
| 218 | return next() | 223 | return next() |
| @@ -267,17 +272,17 @@ const usersUpdateMeValidator = [ | |||
| 267 | 272 | ||
| 268 | if (req.body.password || req.body.email) { | 273 | if (req.body.password || req.body.email) { |
| 269 | if (user.pluginAuth !== null) { | 274 | if (user.pluginAuth !== null) { |
| 270 | return res.status(400) | 275 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 271 | .json({ error: 'You cannot update your email or password that is associated with an external auth system.' }) | 276 | .json({ error: 'You cannot update your email or password that is associated with an external auth system.' }) |
| 272 | } | 277 | } |
| 273 | 278 | ||
| 274 | if (!req.body.currentPassword) { | 279 | if (!req.body.currentPassword) { |
| 275 | return res.status(400) | 280 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 276 | .json({ error: 'currentPassword parameter is missing.' }) | 281 | .json({ error: 'currentPassword parameter is missing.' }) |
| 277 | } | 282 | } |
| 278 | 283 | ||
| 279 | if (await user.isPasswordMatch(req.body.currentPassword) !== true) { | 284 | if (await user.isPasswordMatch(req.body.currentPassword) !== true) { |
| 280 | return res.status(401) | 285 | return res.status(HttpStatusCode.UNAUTHORIZED_401) |
| 281 | .json({ error: 'currentPassword is invalid.' }) | 286 | .json({ error: 'currentPassword is invalid.' }) |
| 282 | } | 287 | } |
| 283 | } | 288 | } |
| @@ -329,7 +334,7 @@ const ensureUserRegistrationAllowed = [ | |||
| 329 | ) | 334 | ) |
| 330 | 335 | ||
| 331 | if (allowedResult.allowed === false) { | 336 | if (allowedResult.allowed === false) { |
| 332 | return res.status(403) | 337 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 333 | .json({ error: allowedResult.errorMessage || 'User registration is not enabled or user limit is reached.' }) | 338 | .json({ error: allowedResult.errorMessage || 'User registration is not enabled or user limit is reached.' }) |
| 334 | } | 339 | } |
| 335 | 340 | ||
| @@ -342,7 +347,7 @@ const ensureUserRegistrationAllowedForIP = [ | |||
| 342 | const allowed = isSignupAllowedForCurrentIP(req.ip) | 347 | const allowed = isSignupAllowedForCurrentIP(req.ip) |
| 343 | 348 | ||
| 344 | if (allowed === false) { | 349 | if (allowed === false) { |
| 345 | return res.status(403) | 350 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 346 | .json({ error: 'You are not on a network authorized for registration.' }) | 351 | .json({ error: 'You are not on a network authorized for registration.' }) |
| 347 | } | 352 | } |
| 348 | 353 | ||
| @@ -362,7 +367,7 @@ const usersAskResetPasswordValidator = [ | |||
| 362 | if (!exists) { | 367 | if (!exists) { |
| 363 | logger.debug('User with email %s does not exist (asking reset password).', req.body.email) | 368 | logger.debug('User with email %s does not exist (asking reset password).', req.body.email) |
| 364 | // Do not leak our emails | 369 | // Do not leak our emails |
| 365 | return res.status(204).end() | 370 | return res.status(HttpStatusCode.NO_CONTENT_204).end() |
| 366 | } | 371 | } |
| 367 | 372 | ||
| 368 | return next() | 373 | return next() |
| @@ -385,7 +390,7 @@ const usersResetPasswordValidator = [ | |||
| 385 | 390 | ||
| 386 | if (redisVerificationString !== req.body.verificationString) { | 391 | if (redisVerificationString !== req.body.verificationString) { |
| 387 | return res | 392 | return res |
| 388 | .status(403) | 393 | .status(HttpStatusCode.FORBIDDEN_403) |
| 389 | .json({ error: 'Invalid verification string.' }) | 394 | .json({ error: 'Invalid verification string.' }) |
| 390 | } | 395 | } |
| 391 | 396 | ||
| @@ -404,7 +409,7 @@ const usersAskSendVerifyEmailValidator = [ | |||
| 404 | if (!exists) { | 409 | if (!exists) { |
| 405 | logger.debug('User with email %s does not exist (asking verify email).', req.body.email) | 410 | logger.debug('User with email %s does not exist (asking verify email).', req.body.email) |
| 406 | // Do not leak our emails | 411 | // Do not leak our emails |
| 407 | return res.status(204).end() | 412 | return res.status(HttpStatusCode.NO_CONTENT_204).end() |
| 408 | } | 413 | } |
| 409 | 414 | ||
| 410 | return next() | 415 | return next() |
| @@ -432,7 +437,7 @@ const usersVerifyEmailValidator = [ | |||
| 432 | 437 | ||
| 433 | if (redisVerificationString !== req.body.verificationString) { | 438 | if (redisVerificationString !== req.body.verificationString) { |
| 434 | return res | 439 | return res |
| 435 | .status(403) | 440 | .status(HttpStatusCode.FORBIDDEN_403) |
| 436 | .json({ error: 'Invalid verification string.' }) | 441 | .json({ error: 'Invalid verification string.' }) |
| 437 | } | 442 | } |
| 438 | 443 | ||
| @@ -449,7 +454,7 @@ const ensureAuthUserOwnsAccountValidator = [ | |||
| 449 | const user = res.locals.oauth.token.User | 454 | const user = res.locals.oauth.token.User |
| 450 | 455 | ||
| 451 | if (res.locals.account.id !== user.Account.id) { | 456 | if (res.locals.account.id !== user.Account.id) { |
| 452 | return res.status(403) | 457 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 453 | .json({ error: 'Only owner can access ratings list.' }) | 458 | .json({ error: 'Only owner can access ratings list.' }) |
| 454 | } | 459 | } |
| 455 | 460 | ||
| @@ -465,7 +470,7 @@ const ensureCanManageUser = [ | |||
| 465 | if (authUser.role === UserRole.ADMINISTRATOR) return next() | 470 | if (authUser.role === UserRole.ADMINISTRATOR) return next() |
| 466 | if (authUser.role === UserRole.MODERATOR && onUser.role === UserRole.USER) return next() | 471 | if (authUser.role === UserRole.MODERATOR && onUser.role === UserRole.USER) return next() |
| 467 | 472 | ||
| 468 | return res.status(403) | 473 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 469 | .json({ error: 'A moderator can only manager users.' }) | 474 | .json({ error: 'A moderator can only manager users.' }) |
| 470 | } | 475 | } |
| 471 | ] | 476 | ] |
| @@ -509,14 +514,14 @@ async function checkUserNameOrEmailDoesNotAlreadyExist (username: string, email: | |||
| 509 | const user = await UserModel.loadByUsernameOrEmail(username, email) | 514 | const user = await UserModel.loadByUsernameOrEmail(username, email) |
| 510 | 515 | ||
| 511 | if (user) { | 516 | if (user) { |
| 512 | res.status(409) | 517 | res.status(HttpStatusCode.CONFLICT_409) |
| 513 | .json({ error: 'User with this username or email already exists.' }) | 518 | .json({ error: 'User with this username or email already exists.' }) |
| 514 | return false | 519 | return false |
| 515 | } | 520 | } |
| 516 | 521 | ||
| 517 | const actor = await ActorModel.loadLocalByName(username) | 522 | const actor = await ActorModel.loadLocalByName(username) |
| 518 | if (actor) { | 523 | if (actor) { |
| 519 | res.status(409) | 524 | res.status(HttpStatusCode.CONFLICT_409) |
| 520 | .json({ error: 'Another actor (account/channel) with this name on this instance already exists or has already existed.' }) | 525 | .json({ error: 'Another actor (account/channel) with this name on this instance already exists or has already existed.' }) |
| 521 | return false | 526 | return false |
| 522 | } | 527 | } |
| @@ -529,7 +534,7 @@ async function checkUserExist (finder: () => Bluebird<MUserDefault>, res: expres | |||
| 529 | 534 | ||
| 530 | if (!user) { | 535 | if (!user) { |
| 531 | if (abortResponse === true) { | 536 | if (abortResponse === true) { |
| 532 | res.status(404) | 537 | res.status(HttpStatusCode.NOT_FOUND_404) |
| 533 | .json({ error: 'User not found' }) | 538 | .json({ error: 'User not found' }) |
| 534 | } | 539 | } |
| 535 | 540 | ||