diff options
author | Chocobozzz <me@florianbigard.com> | 2019-08-15 11:53:26 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2019-08-19 17:26:35 +0200 |
commit | 453e83ea5d81d203ba34bc43cd5c2c750ba40568 (patch) | |
tree | 604e02f4343d13a4ba42e1fb7527ba6ab9111712 /server/middlewares/validators/videos/video-playlists.ts | |
parent | 13176a07a95984a53cc59aec5217f2ce9806d1bc (diff) | |
download | PeerTube-453e83ea5d81d203ba34bc43cd5c2c750ba40568.tar.gz PeerTube-453e83ea5d81d203ba34bc43cd5c2c750ba40568.tar.zst PeerTube-453e83ea5d81d203ba34bc43cd5c2c750ba40568.zip |
Stronger model typings
Diffstat (limited to 'server/middlewares/validators/videos/video-playlists.ts')
-rw-r--r-- | server/middlewares/validators/videos/video-playlists.ts | 84 |
1 files changed, 45 insertions, 39 deletions
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts index 5823795be..ca36d419a 100644 --- a/server/middlewares/validators/videos/video-playlists.ts +++ b/server/middlewares/validators/videos/video-playlists.ts | |||
@@ -2,7 +2,6 @@ import * as express from 'express' | |||
2 | import { body, param, query, ValidationChain } from 'express-validator' | 2 | import { body, param, query, ValidationChain } from 'express-validator' |
3 | import { UserRight, VideoPlaylistCreate, VideoPlaylistUpdate } from '../../../../shared' | 3 | import { UserRight, VideoPlaylistCreate, VideoPlaylistUpdate } from '../../../../shared' |
4 | import { logger } from '../../../helpers/logger' | 4 | import { logger } from '../../../helpers/logger' |
5 | import { UserModel } from '../../../models/account/user' | ||
6 | import { areValidationErrors } from '../utils' | 5 | import { areValidationErrors } from '../utils' |
7 | import { isVideoImage } from '../../../helpers/custom-validators/videos' | 6 | import { isVideoImage } from '../../../helpers/custom-validators/videos' |
8 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' | 7 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' |
@@ -22,13 +21,14 @@ import { | |||
22 | isVideoPlaylistTimestampValid, | 21 | isVideoPlaylistTimestampValid, |
23 | isVideoPlaylistTypeValid | 22 | isVideoPlaylistTypeValid |
24 | } from '../../../helpers/custom-validators/video-playlists' | 23 | } from '../../../helpers/custom-validators/video-playlists' |
25 | import { VideoPlaylistModel } from '../../../models/video/video-playlist' | ||
26 | import { cleanUpReqFiles } from '../../../helpers/express-utils' | 24 | import { cleanUpReqFiles } from '../../../helpers/express-utils' |
27 | import { VideoPlaylistElementModel } from '../../../models/video/video-playlist-element' | 25 | import { VideoPlaylistElementModel } from '../../../models/video/video-playlist-element' |
28 | import { authenticatePromiseIfNeeded } from '../../oauth' | 26 | import { authenticatePromiseIfNeeded } from '../../oauth' |
29 | import { VideoPlaylistPrivacy } from '../../../../shared/models/videos/playlist/video-playlist-privacy.model' | 27 | import { VideoPlaylistPrivacy } from '../../../../shared/models/videos/playlist/video-playlist-privacy.model' |
30 | import { VideoPlaylistType } from '../../../../shared/models/videos/playlist/video-playlist-type.model' | 28 | import { VideoPlaylistType } from '../../../../shared/models/videos/playlist/video-playlist-type.model' |
31 | import { doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist } from '../../../helpers/middlewares' | 29 | import { doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist, VideoPlaylistFetchType } from '../../../helpers/middlewares' |
30 | import { MVideoPlaylist } from '../../../typings/models/video/video-playlist' | ||
31 | import { MUserAccountId } from '@server/typings/models' | ||
32 | 32 | ||
33 | const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([ | 33 | const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([ |
34 | body('displayName') | 34 | body('displayName') |
@@ -67,9 +67,9 @@ const videoPlaylistsUpdateValidator = getCommonPlaylistEditAttributes().concat([ | |||
67 | 67 | ||
68 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return cleanUpReqFiles(req) | 68 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return cleanUpReqFiles(req) |
69 | 69 | ||
70 | const videoPlaylist = res.locals.videoPlaylist | 70 | const videoPlaylist = getPlaylist(res) |
71 | 71 | ||
72 | if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) { | 72 | if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) { |
73 | return cleanUpReqFiles(req) | 73 | return cleanUpReqFiles(req) |
74 | } | 74 | } |
75 | 75 | ||
@@ -110,13 +110,13 @@ const videoPlaylistsDeleteValidator = [ | |||
110 | 110 | ||
111 | if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return | 111 | if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return |
112 | 112 | ||
113 | const videoPlaylist = res.locals.videoPlaylist | 113 | const videoPlaylist = getPlaylist(res) |
114 | if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { | 114 | if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { |
115 | return res.status(400) | 115 | return res.status(400) |
116 | .json({ error: 'Cannot delete a watch later playlist.' }) | 116 | .json({ error: 'Cannot delete a watch later playlist.' }) |
117 | } | 117 | } |
118 | 118 | ||
119 | if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) { | 119 | if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) { |
120 | return | 120 | return |
121 | } | 121 | } |
122 | 122 | ||
@@ -124,45 +124,47 @@ const videoPlaylistsDeleteValidator = [ | |||
124 | } | 124 | } |
125 | ] | 125 | ] |
126 | 126 | ||
127 | const videoPlaylistsGetValidator = [ | 127 | const videoPlaylistsGetValidator = (fetchType: VideoPlaylistFetchType) => { |
128 | param('playlistId') | 128 | return [ |
129 | .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'), | 129 | param('playlistId') |
130 | .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'), | ||
130 | 131 | ||
131 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 132 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
132 | logger.debug('Checking videoPlaylistsGetValidator parameters', { parameters: req.params }) | 133 | logger.debug('Checking videoPlaylistsGetValidator parameters', { parameters: req.params }) |
133 | 134 | ||
134 | if (areValidationErrors(req, res)) return | 135 | if (areValidationErrors(req, res)) return |
135 | 136 | ||
136 | if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return | 137 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, fetchType)) return |
137 | 138 | ||
138 | const videoPlaylist = res.locals.videoPlaylist | 139 | const videoPlaylist = res.locals.videoPlaylistFull || res.locals.videoPlaylistSummary |
139 | 140 | ||
140 | // Video is unlisted, check we used the uuid to fetch it | 141 | // Video is unlisted, check we used the uuid to fetch it |
141 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) { | 142 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) { |
142 | if (isUUIDValid(req.params.playlistId)) return next() | 143 | if (isUUIDValid(req.params.playlistId)) return next() |
143 | 144 | ||
144 | return res.status(404).end() | 145 | return res.status(404).end() |
145 | } | 146 | } |
146 | 147 | ||
147 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { | 148 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { |
148 | await authenticatePromiseIfNeeded(req, res) | 149 | await authenticatePromiseIfNeeded(req, res) |
149 | 150 | ||
150 | const user = res.locals.oauth ? res.locals.oauth.token.User : null | 151 | const user = res.locals.oauth ? res.locals.oauth.token.User : null |
151 | 152 | ||
152 | if ( | 153 | if ( |
153 | !user || | 154 | !user || |
154 | (videoPlaylist.OwnerAccount.id !== user.Account.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) | 155 | (videoPlaylist.OwnerAccount.id !== user.Account.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) |
155 | ) { | 156 | ) { |
156 | return res.status(403) | 157 | return res.status(403) |
157 | .json({ error: 'Cannot get this private video playlist.' }) | 158 | .json({ error: 'Cannot get this private video playlist.' }) |
159 | } | ||
160 | |||
161 | return next() | ||
158 | } | 162 | } |
159 | 163 | ||
160 | return next() | 164 | return next() |
161 | } | 165 | } |
162 | 166 | ] | |
163 | return next() | 167 | } |
164 | } | ||
165 | ] | ||
166 | 168 | ||
167 | const videoPlaylistsAddVideoValidator = [ | 169 | const videoPlaylistsAddVideoValidator = [ |
168 | param('playlistId') | 170 | param('playlistId') |
@@ -184,8 +186,8 @@ const videoPlaylistsAddVideoValidator = [ | |||
184 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return | 186 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return |
185 | if (!await doesVideoExist(req.body.videoId, res, 'only-video')) return | 187 | if (!await doesVideoExist(req.body.videoId, res, 'only-video')) return |
186 | 188 | ||
187 | const videoPlaylist = res.locals.videoPlaylist | 189 | const videoPlaylist = getPlaylist(res) |
188 | const video = res.locals.video | 190 | const video = res.locals.onlyVideo |
189 | 191 | ||
190 | const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id) | 192 | const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id) |
191 | if (videoPlaylistElement) { | 193 | if (videoPlaylistElement) { |
@@ -196,7 +198,7 @@ const videoPlaylistsAddVideoValidator = [ | |||
196 | return | 198 | return |
197 | } | 199 | } |
198 | 200 | ||
199 | if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) { | 201 | if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) { |
200 | return | 202 | return |
201 | } | 203 | } |
202 | 204 | ||
@@ -223,7 +225,7 @@ const videoPlaylistsUpdateOrRemoveVideoValidator = [ | |||
223 | 225 | ||
224 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return | 226 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return |
225 | 227 | ||
226 | const videoPlaylist = res.locals.videoPlaylist | 228 | const videoPlaylist = getPlaylist(res) |
227 | 229 | ||
228 | const videoPlaylistElement = await VideoPlaylistElementModel.loadById(req.params.playlistElementId) | 230 | const videoPlaylistElement = await VideoPlaylistElementModel.loadById(req.params.playlistElementId) |
229 | if (!videoPlaylistElement) { | 231 | if (!videoPlaylistElement) { |
@@ -289,7 +291,7 @@ const videoPlaylistsReorderVideosValidator = [ | |||
289 | 291 | ||
290 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return | 292 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return |
291 | 293 | ||
292 | const videoPlaylist = res.locals.videoPlaylist | 294 | const videoPlaylist = getPlaylist(res) |
293 | if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return | 295 | if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return |
294 | 296 | ||
295 | const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id) | 297 | const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id) |
@@ -388,7 +390,7 @@ function getCommonPlaylistEditAttributes () { | |||
388 | ] as (ValidationChain | express.Handler)[] | 390 | ] as (ValidationChain | express.Handler)[] |
389 | } | 391 | } |
390 | 392 | ||
391 | function checkUserCanManageVideoPlaylist (user: UserModel, videoPlaylist: VideoPlaylistModel, right: UserRight, res: express.Response) { | 393 | function checkUserCanManageVideoPlaylist (user: MUserAccountId, videoPlaylist: MVideoPlaylist, right: UserRight, res: express.Response) { |
392 | if (videoPlaylist.isOwned() === false) { | 394 | if (videoPlaylist.isOwned() === false) { |
393 | res.status(403) | 395 | res.status(403) |
394 | .json({ error: 'Cannot manage video playlist of another server.' }) | 396 | .json({ error: 'Cannot manage video playlist of another server.' }) |
@@ -410,3 +412,7 @@ function checkUserCanManageVideoPlaylist (user: UserModel, videoPlaylist: VideoP | |||
410 | 412 | ||
411 | return true | 413 | return true |
412 | } | 414 | } |
415 | |||
416 | function getPlaylist (res: express.Response) { | ||
417 | return res.locals.videoPlaylistFull || res.locals.videoPlaylistSummary | ||
418 | } | ||