aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators/videos
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2022-06-22 09:44:08 +0200
committerChocobozzz <me@florianbigard.com>2022-06-22 10:25:31 +0200
commitff9d43f62a4f4737c5bfe955883b48c5440f323a (patch)
tree60593f4b57ec5cd712986a3db370f39b0b7a4cef /server/middlewares/validators/videos
parent2e401e8575decb1d491d0db48ca1ab1eba5b2a66 (diff)
downloadPeerTube-ff9d43f62a4f4737c5bfe955883b48c5440f323a.tar.gz
PeerTube-ff9d43f62a4f4737c5bfe955883b48c5440f323a.tar.zst
PeerTube-ff9d43f62a4f4737c5bfe955883b48c5440f323a.zip
Refactor video rights checker
Diffstat (limited to 'server/middlewares/validators/videos')
-rw-r--r--server/middlewares/validators/videos/video-captions.ts4
-rw-r--r--server/middlewares/validators/videos/video-comments.ts10
-rw-r--r--server/middlewares/validators/videos/video-rates.ts4
-rw-r--r--server/middlewares/validators/videos/videos.ts28
4 files changed, 13 insertions, 33 deletions
diff --git a/server/middlewares/validators/videos/video-captions.ts b/server/middlewares/validators/videos/video-captions.ts
index 441c6b4be..dfb8fefc5 100644
--- a/server/middlewares/validators/videos/video-captions.ts
+++ b/server/middlewares/validators/videos/video-captions.ts
@@ -7,7 +7,7 @@ import { logger } from '../../../helpers/logger'
7import { CONSTRAINTS_FIELDS, MIMETYPES } from '../../../initializers/constants' 7import { CONSTRAINTS_FIELDS, MIMETYPES } from '../../../initializers/constants'
8import { 8import {
9 areValidationErrors, 9 areValidationErrors,
10 checkCanSeeVideoIfPrivate, 10 checkCanSeeVideo,
11 checkUserCanManageVideo, 11 checkUserCanManageVideo,
12 doesVideoCaptionExist, 12 doesVideoCaptionExist,
13 doesVideoExist, 13 doesVideoExist,
@@ -74,7 +74,7 @@ const listVideoCaptionsValidator = [
74 if (!await doesVideoExist(req.params.videoId, res, 'only-video')) return 74 if (!await doesVideoExist(req.params.videoId, res, 'only-video')) return
75 75
76 const video = res.locals.onlyVideo 76 const video = res.locals.onlyVideo
77 if (!await checkCanSeeVideoIfPrivate(req, res, video)) return 77 if (!await checkCanSeeVideo({ req, res, video, paramId: req.params.videoId })) return
78 78
79 return next() 79 return next()
80 } 80 }
diff --git a/server/middlewares/validators/videos/video-comments.ts b/server/middlewares/validators/videos/video-comments.ts
index 698afdbd1..b22a4e3b7 100644
--- a/server/middlewares/validators/videos/video-comments.ts
+++ b/server/middlewares/validators/videos/video-comments.ts
@@ -10,7 +10,7 @@ import { Hooks } from '../../../lib/plugins/hooks'
10import { MCommentOwnerVideoReply, MVideo, MVideoFullLight } from '../../../types/models/video' 10import { MCommentOwnerVideoReply, MVideo, MVideoFullLight } from '../../../types/models/video'
11import { 11import {
12 areValidationErrors, 12 areValidationErrors,
13 checkCanSeeVideoIfPrivate, 13 checkCanSeeVideo,
14 doesVideoCommentExist, 14 doesVideoCommentExist,
15 doesVideoCommentThreadExist, 15 doesVideoCommentThreadExist,
16 doesVideoExist, 16 doesVideoExist,
@@ -54,7 +54,7 @@ const listVideoCommentThreadsValidator = [
54 if (areValidationErrors(req, res)) return 54 if (areValidationErrors(req, res)) return
55 if (!await doesVideoExist(req.params.videoId, res, 'only-video')) return 55 if (!await doesVideoExist(req.params.videoId, res, 'only-video')) return
56 56
57 if (!await checkCanSeeVideoIfPrivate(req, res, res.locals.onlyVideo)) return 57 if (!await checkCanSeeVideo({ req, res, paramId: req.params.videoId, video: res.locals.onlyVideo })) return
58 58
59 return next() 59 return next()
60 } 60 }
@@ -73,7 +73,7 @@ const listVideoThreadCommentsValidator = [
73 if (!await doesVideoExist(req.params.videoId, res, 'only-video')) return 73 if (!await doesVideoExist(req.params.videoId, res, 'only-video')) return
74 if (!await doesVideoCommentThreadExist(req.params.threadId, res.locals.onlyVideo, res)) return 74 if (!await doesVideoCommentThreadExist(req.params.threadId, res.locals.onlyVideo, res)) return
75 75
76 if (!await checkCanSeeVideoIfPrivate(req, res, res.locals.onlyVideo)) return 76 if (!await checkCanSeeVideo({ req, res, paramId: req.params.videoId, video: res.locals.onlyVideo })) return
77 77
78 return next() 78 return next()
79 } 79 }
@@ -91,7 +91,7 @@ const addVideoCommentThreadValidator = [
91 if (areValidationErrors(req, res)) return 91 if (areValidationErrors(req, res)) return
92 if (!await doesVideoExist(req.params.videoId, res)) return 92 if (!await doesVideoExist(req.params.videoId, res)) return
93 93
94 if (!await checkCanSeeVideoIfPrivate(req, res, res.locals.videoAll)) return 94 if (!await checkCanSeeVideo({ req, res, paramId: req.params.videoId, video: res.locals.videoAll })) return
95 95
96 if (!isVideoCommentsEnabled(res.locals.videoAll, res)) return 96 if (!isVideoCommentsEnabled(res.locals.videoAll, res)) return
97 if (!await isVideoCommentAccepted(req, res, res.locals.videoAll, false)) return 97 if (!await isVideoCommentAccepted(req, res, res.locals.videoAll, false)) return
@@ -113,7 +113,7 @@ const addVideoCommentReplyValidator = [
113 if (areValidationErrors(req, res)) return 113 if (areValidationErrors(req, res)) return
114 if (!await doesVideoExist(req.params.videoId, res)) return 114 if (!await doesVideoExist(req.params.videoId, res)) return
115 115
116 if (!await checkCanSeeVideoIfPrivate(req, res, res.locals.videoAll)) return 116 if (!await checkCanSeeVideo({ req, res, paramId: req.params.videoId, video: res.locals.videoAll })) return
117 117
118 if (!isVideoCommentsEnabled(res.locals.videoAll, res)) return 118 if (!isVideoCommentsEnabled(res.locals.videoAll, res)) return
119 if (!await doesVideoCommentExist(req.params.commentId, res.locals.videoAll, res)) return 119 if (!await doesVideoCommentExist(req.params.commentId, res.locals.videoAll, res)) return
diff --git a/server/middlewares/validators/videos/video-rates.ts b/server/middlewares/validators/videos/video-rates.ts
index 1a9736034..8b8eeedb6 100644
--- a/server/middlewares/validators/videos/video-rates.ts
+++ b/server/middlewares/validators/videos/video-rates.ts
@@ -8,7 +8,7 @@ import { isRatingValid } from '../../../helpers/custom-validators/video-rates'
8import { isVideoRatingTypeValid } from '../../../helpers/custom-validators/videos' 8import { isVideoRatingTypeValid } from '../../../helpers/custom-validators/videos'
9import { logger } from '../../../helpers/logger' 9import { logger } from '../../../helpers/logger'
10import { AccountVideoRateModel } from '../../../models/account/account-video-rate' 10import { AccountVideoRateModel } from '../../../models/account/account-video-rate'
11import { areValidationErrors, checkCanSeeVideoIfPrivate, doesVideoExist, isValidVideoIdParam } from '../shared' 11import { areValidationErrors, checkCanSeeVideo, doesVideoExist, isValidVideoIdParam } from '../shared'
12 12
13const videoUpdateRateValidator = [ 13const videoUpdateRateValidator = [
14 isValidVideoIdParam('id'), 14 isValidVideoIdParam('id'),
@@ -21,7 +21,7 @@ const videoUpdateRateValidator = [
21 if (areValidationErrors(req, res)) return 21 if (areValidationErrors(req, res)) return
22 if (!await doesVideoExist(req.params.id, res)) return 22 if (!await doesVideoExist(req.params.id, res)) return
23 23
24 if (!await checkCanSeeVideoIfPrivate(req, res, res.locals.videoAll)) return 24 if (!await checkCanSeeVideo({ req, res, paramId: req.params.id, video: res.locals.videoAll })) return
25 25
26 return next() 26 return next()
27 } 27 }
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index c75c3640b..c6d31f8f0 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -7,14 +7,13 @@ import { getServerActor } from '@server/models/application/application'
7import { ExpressPromiseHandler } from '@server/types/express-handler' 7import { ExpressPromiseHandler } from '@server/types/express-handler'
8import { MUserAccountId, MVideoFullLight } from '@server/types/models' 8import { MUserAccountId, MVideoFullLight } from '@server/types/models'
9import { getAllPrivacies } from '@shared/core-utils' 9import { getAllPrivacies } from '@shared/core-utils'
10import { HttpStatusCode, ServerErrorCode, UserRight, VideoInclude, VideoPrivacy } from '@shared/models' 10import { HttpStatusCode, ServerErrorCode, UserRight, VideoInclude } from '@shared/models'
11import { 11import {
12 exists, 12 exists,
13 isBooleanValid, 13 isBooleanValid,
14 isDateValid, 14 isDateValid,
15 isFileValid, 15 isFileValid,
16 isIdValid, 16 isIdValid,
17 isUUIDValid,
18 toArray, 17 toArray,
19 toBooleanOrNull, 18 toBooleanOrNull,
20 toIntOrNull, 19 toIntOrNull,
@@ -50,7 +49,7 @@ import { Hooks } from '../../../lib/plugins/hooks'
50import { VideoModel } from '../../../models/video/video' 49import { VideoModel } from '../../../models/video/video'
51import { 50import {
52 areValidationErrors, 51 areValidationErrors,
53 checkCanSeePrivateVideo, 52 checkCanSeeVideo,
54 checkUserCanManageVideo, 53 checkUserCanManageVideo,
55 checkUserQuota, 54 checkUserQuota,
56 doesVideoChannelOfAccountExist, 55 doesVideoChannelOfAccountExist,
@@ -297,28 +296,9 @@ const videosCustomGetValidator = (
297 296
298 const video = getVideoWithAttributes(res) as MVideoFullLight 297 const video = getVideoWithAttributes(res) as MVideoFullLight
299 298
300 // Video private or blacklisted 299 if (!await checkCanSeeVideo({ req, res, video, paramId: req.params.id, authenticateInQuery })) return
301 if (video.requiresAuth()) {
302 if (await checkCanSeePrivateVideo(req, res, video, authenticateInQuery)) {
303 return next()
304 }
305 300
306 return 301 return next()
307 }
308
309 // Video is public, anyone can access it
310 if (video.privacy === VideoPrivacy.PUBLIC) return next()
311
312 // Video is unlisted, check we used the uuid to fetch it
313 if (video.privacy === VideoPrivacy.UNLISTED) {
314 if (isUUIDValid(req.params.id)) return next()
315
316 // Don't leak this unlisted video
317 return res.fail({
318 status: HttpStatusCode.NOT_FOUND_404,
319 message: 'Video not found'
320 })
321 }
322 } 302 }
323 ] 303 ]
324} 304}