diff options
author | Chocobozzz <me@florianbigard.com> | 2021-06-28 11:54:40 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2021-06-28 11:54:40 +0200 |
commit | 21b5c2982ff93bc67d5dd4c04db352a3f96608b0 (patch) | |
tree | 7d07f1dc83782b8eb06ff960456a154a1a2d92d0 /server/middlewares/validators/videos/video-ownership-changes.ts | |
parent | 50cb778ee6c55e318331ff80a91e891751ab5c73 (diff) | |
download | PeerTube-21b5c2982ff93bc67d5dd4c04db352a3f96608b0.tar.gz PeerTube-21b5c2982ff93bc67d5dd4c04db352a3f96608b0.tar.zst PeerTube-21b5c2982ff93bc67d5dd4c04db352a3f96608b0.zip |
Fix ownership change with a live video
Diffstat (limited to 'server/middlewares/validators/videos/video-ownership-changes.ts')
-rw-r--r-- | server/middlewares/validators/videos/video-ownership-changes.ts | 119 |
1 files changed, 119 insertions, 0 deletions
diff --git a/server/middlewares/validators/videos/video-ownership-changes.ts b/server/middlewares/validators/videos/video-ownership-changes.ts new file mode 100644 index 000000000..120b0469c --- /dev/null +++ b/server/middlewares/validators/videos/video-ownership-changes.ts | |||
@@ -0,0 +1,119 @@ | |||
1 | import * as express from 'express' | ||
2 | import { param } from 'express-validator' | ||
3 | import { isIdOrUUIDValid } from '@server/helpers/custom-validators/misc' | ||
4 | import { checkUserCanTerminateOwnershipChange } from '@server/helpers/custom-validators/video-ownership' | ||
5 | import { logger } from '@server/helpers/logger' | ||
6 | import { isAbleToUploadVideo } from '@server/lib/user' | ||
7 | import { AccountModel } from '@server/models/account/account' | ||
8 | import { MVideoWithAllFiles } from '@server/types/models' | ||
9 | import { HttpStatusCode } from '@shared/core-utils' | ||
10 | import { ServerErrorCode, UserRight, VideoChangeOwnershipAccept, VideoChangeOwnershipStatus, VideoState } from '@shared/models' | ||
11 | import { | ||
12 | areValidationErrors, | ||
13 | checkUserCanManageVideo, | ||
14 | doesChangeVideoOwnershipExist, | ||
15 | doesVideoChannelOfAccountExist, | ||
16 | doesVideoExist | ||
17 | } from '../shared' | ||
18 | |||
19 | const videosChangeOwnershipValidator = [ | ||
20 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | ||
21 | |||
22 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
23 | logger.debug('Checking changeOwnership parameters', { parameters: req.params }) | ||
24 | |||
25 | if (areValidationErrors(req, res)) return | ||
26 | if (!await doesVideoExist(req.params.videoId, res)) return | ||
27 | |||
28 | // Check if the user who did the request is able to change the ownership of the video | ||
29 | if (!checkUserCanManageVideo(res.locals.oauth.token.User, res.locals.videoAll, UserRight.CHANGE_VIDEO_OWNERSHIP, res)) return | ||
30 | |||
31 | const nextOwner = await AccountModel.loadLocalByName(req.body.username) | ||
32 | if (!nextOwner) { | ||
33 | res.fail({ message: 'Changing video ownership to a remote account is not supported yet' }) | ||
34 | return | ||
35 | } | ||
36 | |||
37 | res.locals.nextOwner = nextOwner | ||
38 | return next() | ||
39 | } | ||
40 | ] | ||
41 | |||
42 | const videosTerminateChangeOwnershipValidator = [ | ||
43 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | ||
44 | |||
45 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
46 | logger.debug('Checking changeOwnership parameters', { parameters: req.params }) | ||
47 | |||
48 | if (areValidationErrors(req, res)) return | ||
49 | if (!await doesChangeVideoOwnershipExist(req.params.id, res)) return | ||
50 | |||
51 | // Check if the user who did the request is able to change the ownership of the video | ||
52 | if (!checkUserCanTerminateOwnershipChange(res.locals.oauth.token.User, res.locals.videoChangeOwnership, res)) return | ||
53 | |||
54 | const videoChangeOwnership = res.locals.videoChangeOwnership | ||
55 | |||
56 | if (videoChangeOwnership.status !== VideoChangeOwnershipStatus.WAITING) { | ||
57 | res.fail({ | ||
58 | status: HttpStatusCode.FORBIDDEN_403, | ||
59 | message: 'Ownership already accepted or refused' | ||
60 | }) | ||
61 | return | ||
62 | } | ||
63 | |||
64 | return next() | ||
65 | } | ||
66 | ] | ||
67 | |||
68 | const videosAcceptChangeOwnershipValidator = [ | ||
69 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
70 | const body = req.body as VideoChangeOwnershipAccept | ||
71 | if (!await doesVideoChannelOfAccountExist(body.channelId, res.locals.oauth.token.User, res)) return | ||
72 | |||
73 | const videoChangeOwnership = res.locals.videoChangeOwnership | ||
74 | |||
75 | const video = videoChangeOwnership.Video | ||
76 | |||
77 | if (!await checkCanAccept(video, res)) return | ||
78 | |||
79 | return next() | ||
80 | } | ||
81 | ] | ||
82 | |||
83 | export { | ||
84 | videosChangeOwnershipValidator, | ||
85 | videosTerminateChangeOwnershipValidator, | ||
86 | videosAcceptChangeOwnershipValidator | ||
87 | } | ||
88 | |||
89 | // --------------------------------------------------------------------------- | ||
90 | |||
91 | async function checkCanAccept (video: MVideoWithAllFiles, res: express.Response): Promise<boolean> { | ||
92 | if (video.isLive) { | ||
93 | |||
94 | if (video.state !== VideoState.WAITING_FOR_LIVE) { | ||
95 | res.fail({ | ||
96 | status: HttpStatusCode.BAD_REQUEST_400, | ||
97 | message: 'You can accept an ownership change of a published live.' | ||
98 | }) | ||
99 | |||
100 | return false | ||
101 | } | ||
102 | |||
103 | return true | ||
104 | } | ||
105 | |||
106 | const user = res.locals.oauth.token.User | ||
107 | |||
108 | if (!await isAbleToUploadVideo(user.id, video.getMaxQualityFile().size)) { | ||
109 | res.fail({ | ||
110 | status: HttpStatusCode.PAYLOAD_TOO_LARGE_413, | ||
111 | message: 'The user video quota is exceeded with this video.', | ||
112 | type: ServerErrorCode.QUOTA_REACHED | ||
113 | }) | ||
114 | |||
115 | return false | ||
116 | } | ||
117 | |||
118 | return true | ||
119 | } | ||