diff options
| author | Rigel Kent <sendmemail@rigelk.eu> | 2020-12-07 14:32:36 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-07 14:32:36 +0100 |
| commit | 2d53be0267acc49cda46707b885096193a1f4e9c (patch) | |
| tree | 887061a34bc67f40acbb96a6278f9544bf83caeb /server/middlewares/validators/videos | |
| parent | adc1f09c0dbd997f34028c1c82d1c118dc8ead80 (diff) | |
| download | PeerTube-2d53be0267acc49cda46707b885096193a1f4e9c.tar.gz PeerTube-2d53be0267acc49cda46707b885096193a1f4e9c.tar.zst PeerTube-2d53be0267acc49cda46707b885096193a1f4e9c.zip | |
replace numbers with typed http status codes (#3409)
Diffstat (limited to 'server/middlewares/validators/videos')
10 files changed, 67 insertions, 57 deletions
diff --git a/server/middlewares/validators/videos/video-blacklist.ts b/server/middlewares/validators/videos/video-blacklist.ts index 808fefc25..88c788a43 100644 --- a/server/middlewares/validators/videos/video-blacklist.ts +++ b/server/middlewares/validators/videos/video-blacklist.ts | |||
| @@ -5,6 +5,7 @@ import { isVideoBlacklistReasonValid, isVideoBlacklistTypeValid } from '../../.. | |||
| 5 | import { logger } from '../../../helpers/logger' | 5 | import { logger } from '../../../helpers/logger' |
| 6 | import { doesVideoBlacklistExist, doesVideoExist } from '../../../helpers/middlewares' | 6 | import { doesVideoBlacklistExist, doesVideoExist } from '../../../helpers/middlewares' |
| 7 | import { areValidationErrors } from '../utils' | 7 | import { areValidationErrors } from '../utils' |
| 8 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' | ||
| 8 | 9 | ||
| 9 | const videosBlacklistRemoveValidator = [ | 10 | const videosBlacklistRemoveValidator = [ |
| 10 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | 11 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), |
| @@ -39,7 +40,7 @@ const videosBlacklistAddValidator = [ | |||
| 39 | const video = res.locals.videoAll | 40 | const video = res.locals.videoAll |
| 40 | if (req.body.unfederate === true && video.remote === true) { | 41 | if (req.body.unfederate === true && video.remote === true) { |
| 41 | return res | 42 | return res |
| 42 | .status(409) | 43 | .status(HttpStatusCode.CONFLICT_409) |
| 43 | .send({ error: 'You cannot unfederate a remote video.' }) | 44 | .send({ error: 'You cannot unfederate a remote video.' }) |
| 44 | .end() | 45 | .end() |
| 45 | } | 46 | } |
diff --git a/server/middlewares/validators/videos/video-channels.ts b/server/middlewares/validators/videos/video-channels.ts index 2e4e755e7..57ac548b9 100644 --- a/server/middlewares/validators/videos/video-channels.ts +++ b/server/middlewares/validators/videos/video-channels.ts | |||
| @@ -15,6 +15,7 @@ import { doesLocalVideoChannelNameExist, doesVideoChannelNameWithHostExist } fro | |||
| 15 | import { ActorModel } from '../../../models/activitypub/actor' | 15 | import { ActorModel } from '../../../models/activitypub/actor' |
| 16 | import { VideoChannelModel } from '../../../models/video/video-channel' | 16 | import { VideoChannelModel } from '../../../models/video/video-channel' |
| 17 | import { areValidationErrors } from '../utils' | 17 | import { areValidationErrors } from '../utils' |
| 18 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' | ||
| 18 | 19 | ||
| 19 | const videoChannelsAddValidator = [ | 20 | const videoChannelsAddValidator = [ |
| 20 | body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'), | 21 | body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'), |
| @@ -29,7 +30,7 @@ const videoChannelsAddValidator = [ | |||
| 29 | 30 | ||
| 30 | const actor = await ActorModel.loadLocalByName(req.body.name) | 31 | const actor = await ActorModel.loadLocalByName(req.body.name) |
| 31 | if (actor) { | 32 | if (actor) { |
| 32 | res.status(409) | 33 | res.status(HttpStatusCode.CONFLICT_409) |
| 33 | .send({ error: 'Another actor (account/channel) with this name on this instance already exists or has already existed.' }) | 34 | .send({ error: 'Another actor (account/channel) with this name on this instance already exists or has already existed.' }) |
| 34 | .end() | 35 | .end() |
| 35 | return false | 36 | return false |
| @@ -37,7 +38,7 @@ const videoChannelsAddValidator = [ | |||
| 37 | 38 | ||
| 38 | const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id) | 39 | const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id) |
| 39 | if (count >= VIDEO_CHANNELS.MAX_PER_USER) { | 40 | if (count >= VIDEO_CHANNELS.MAX_PER_USER) { |
| 40 | res.status(400) | 41 | res.status(HttpStatusCode.BAD_REQUEST_400) |
| 41 | .send({ error: `You cannot create more than ${VIDEO_CHANNELS.MAX_PER_USER} channels` }) | 42 | .send({ error: `You cannot create more than ${VIDEO_CHANNELS.MAX_PER_USER} channels` }) |
| 42 | .end() | 43 | .end() |
| 43 | return false | 44 | return false |
| @@ -70,13 +71,13 @@ const videoChannelsUpdateValidator = [ | |||
| 70 | 71 | ||
| 71 | // We need to make additional checks | 72 | // We need to make additional checks |
| 72 | if (res.locals.videoChannel.Actor.isOwned() === false) { | 73 | if (res.locals.videoChannel.Actor.isOwned() === false) { |
| 73 | return res.status(403) | 74 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 74 | .json({ error: 'Cannot update video channel of another server' }) | 75 | .json({ error: 'Cannot update video channel of another server' }) |
| 75 | .end() | 76 | .end() |
| 76 | } | 77 | } |
| 77 | 78 | ||
| 78 | if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) { | 79 | if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) { |
| 79 | return res.status(403) | 80 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 80 | .json({ error: 'Cannot update video channel of another user' }) | 81 | .json({ error: 'Cannot update video channel of another user' }) |
| 81 | .end() | 82 | .end() |
| 82 | } | 83 | } |
| @@ -155,7 +156,7 @@ export { | |||
| 155 | 156 | ||
| 156 | function checkUserCanDeleteVideoChannel (user: MUser, videoChannel: MChannelAccountDefault, res: express.Response) { | 157 | function checkUserCanDeleteVideoChannel (user: MUser, videoChannel: MChannelAccountDefault, res: express.Response) { |
| 157 | if (videoChannel.Actor.isOwned() === false) { | 158 | if (videoChannel.Actor.isOwned() === false) { |
| 158 | res.status(403) | 159 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 159 | .json({ error: 'Cannot remove video channel of another server.' }) | 160 | .json({ error: 'Cannot remove video channel of another server.' }) |
| 160 | .end() | 161 | .end() |
| 161 | 162 | ||
| @@ -166,7 +167,7 @@ function checkUserCanDeleteVideoChannel (user: MUser, videoChannel: MChannelAcco | |||
| 166 | // The user can delete it if s/he is an admin | 167 | // The user can delete it if s/he is an admin |
| 167 | // Or if s/he is the video channel's account | 168 | // Or if s/he is the video channel's account |
| 168 | if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && videoChannel.Account.userId !== user.id) { | 169 | if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && videoChannel.Account.userId !== user.id) { |
| 169 | res.status(403) | 170 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 170 | .json({ error: 'Cannot remove video channel of another user' }) | 171 | .json({ error: 'Cannot remove video channel of another user' }) |
| 171 | .end() | 172 | .end() |
| 172 | 173 | ||
| @@ -180,9 +181,9 @@ async function checkVideoChannelIsNotTheLastOne (res: express.Response) { | |||
| 180 | const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id) | 181 | const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id) |
| 181 | 182 | ||
| 182 | if (count <= 1) { | 183 | if (count <= 1) { |
| 183 | res.status(409) | 184 | res.status(HttpStatusCode.CONFLICT_409) |
| 184 | .json({ error: 'Cannot remove the last channel of this user' }) | 185 | .json({ error: 'Cannot remove the last channel of this user' }) |
| 185 | .end() | 186 | .end() |
| 186 | 187 | ||
| 187 | return false | 188 | return false |
| 188 | } | 189 | } |
diff --git a/server/middlewares/validators/videos/video-comments.ts b/server/middlewares/validators/videos/video-comments.ts index a3c9febc4..226c9d436 100644 --- a/server/middlewares/validators/videos/video-comments.ts +++ b/server/middlewares/validators/videos/video-comments.ts | |||
| @@ -14,6 +14,7 @@ import { AcceptResult, isLocalVideoCommentReplyAccepted, isLocalVideoThreadAccep | |||
| 14 | import { Hooks } from '../../../lib/plugins/hooks' | 14 | import { Hooks } from '../../../lib/plugins/hooks' |
| 15 | import { MCommentOwnerVideoReply, MVideo, MVideoFullLight } from '../../../types/models/video' | 15 | import { MCommentOwnerVideoReply, MVideo, MVideoFullLight } from '../../../types/models/video' |
| 16 | import { areValidationErrors } from '../utils' | 16 | import { areValidationErrors } from '../utils' |
| 17 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' | ||
| 17 | 18 | ||
| 18 | const listVideoCommentsValidator = [ | 19 | const listVideoCommentsValidator = [ |
| 19 | query('isLocal') | 20 | query('isLocal') |
| @@ -154,8 +155,8 @@ export { | |||
| 154 | 155 | ||
| 155 | function isVideoCommentsEnabled (video: MVideo, res: express.Response) { | 156 | function isVideoCommentsEnabled (video: MVideo, res: express.Response) { |
| 156 | if (video.commentsEnabled !== true) { | 157 | if (video.commentsEnabled !== true) { |
| 157 | res.status(409) | 158 | res.status(HttpStatusCode.CONFLICT_409) |
| 158 | .json({ error: 'Video comments are disabled for this video.' }) | 159 | .json({ error: 'Video comments are disabled for this video.' }) |
| 159 | 160 | ||
| 160 | return false | 161 | return false |
| 161 | } | 162 | } |
| @@ -165,8 +166,8 @@ function isVideoCommentsEnabled (video: MVideo, res: express.Response) { | |||
| 165 | 166 | ||
| 166 | function checkUserCanDeleteVideoComment (user: MUserAccountUrl, videoComment: MCommentOwnerVideoReply, res: express.Response) { | 167 | function checkUserCanDeleteVideoComment (user: MUserAccountUrl, videoComment: MCommentOwnerVideoReply, res: express.Response) { |
| 167 | if (videoComment.isDeleted()) { | 168 | if (videoComment.isDeleted()) { |
| 168 | res.status(409) | 169 | res.status(HttpStatusCode.CONFLICT_409) |
| 169 | .json({ error: 'This comment is already deleted' }) | 170 | .json({ error: 'This comment is already deleted' }) |
| 170 | 171 | ||
| 171 | return false | 172 | return false |
| 172 | } | 173 | } |
| @@ -178,7 +179,7 @@ function checkUserCanDeleteVideoComment (user: MUserAccountUrl, videoComment: MC | |||
| 178 | videoComment.accountId !== userAccount.id && // Not the comment owner | 179 | videoComment.accountId !== userAccount.id && // Not the comment owner |
| 179 | videoComment.Video.VideoChannel.accountId !== userAccount.id // Not the video owner | 180 | videoComment.Video.VideoChannel.accountId !== userAccount.id // Not the video owner |
| 180 | ) { | 181 | ) { |
| 181 | res.status(403) | 182 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 182 | .json({ error: 'Cannot remove video comment of another user' }) | 183 | .json({ error: 'Cannot remove video comment of another user' }) |
| 183 | 184 | ||
| 184 | return false | 185 | return false |
| @@ -214,7 +215,7 @@ async function isVideoCommentAccepted (req: express.Request, res: express.Respon | |||
| 214 | 215 | ||
| 215 | if (!acceptedResult || acceptedResult.accepted !== true) { | 216 | if (!acceptedResult || acceptedResult.accepted !== true) { |
| 216 | logger.info('Refused local comment.', { acceptedResult, acceptParameters }) | 217 | logger.info('Refused local comment.', { acceptedResult, acceptParameters }) |
| 217 | res.status(403) | 218 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 218 | .json({ error: acceptedResult.errorMessage || 'Refused local comment' }) | 219 | .json({ error: acceptedResult.errorMessage || 'Refused local comment' }) |
| 219 | 220 | ||
| 220 | return false | 221 | return false |
diff --git a/server/middlewares/validators/videos/video-imports.ts b/server/middlewares/validators/videos/video-imports.ts index d69aff118..0d41933a6 100644 --- a/server/middlewares/validators/videos/video-imports.ts +++ b/server/middlewares/validators/videos/video-imports.ts | |||
| @@ -13,6 +13,7 @@ import { CONFIG } from '../../../initializers/config' | |||
| 13 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' | 13 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' |
| 14 | import { areValidationErrors } from '../utils' | 14 | import { areValidationErrors } from '../utils' |
| 15 | import { getCommonVideoEditAttributes } from './videos' | 15 | import { getCommonVideoEditAttributes } from './videos' |
| 16 | import { HttpStatusCode } from '@shared/core-utils/miscs/http-error-codes' | ||
| 16 | 17 | ||
| 17 | const videoImportAddValidator = getCommonVideoEditAttributes().concat([ | 18 | const videoImportAddValidator = getCommonVideoEditAttributes().concat([ |
| 18 | body('channelId') | 19 | body('channelId') |
| @@ -44,14 +45,14 @@ const videoImportAddValidator = getCommonVideoEditAttributes().concat([ | |||
| 44 | 45 | ||
| 45 | if (req.body.targetUrl && CONFIG.IMPORT.VIDEOS.HTTP.ENABLED !== true) { | 46 | if (req.body.targetUrl && CONFIG.IMPORT.VIDEOS.HTTP.ENABLED !== true) { |
| 46 | cleanUpReqFiles(req) | 47 | cleanUpReqFiles(req) |
| 47 | return res.status(409) | 48 | return res.status(HttpStatusCode.CONFLICT_409) |
| 48 | .json({ error: 'HTTP import is not enabled on this instance.' }) | 49 | .json({ error: 'HTTP import is not enabled on this instance.' }) |
| 49 | .end() | 50 | .end() |
| 50 | } | 51 | } |
| 51 | 52 | ||
| 52 | if (CONFIG.IMPORT.VIDEOS.TORRENT.ENABLED !== true && (req.body.magnetUri || torrentFile)) { | 53 | if (CONFIG.IMPORT.VIDEOS.TORRENT.ENABLED !== true && (req.body.magnetUri || torrentFile)) { |
| 53 | cleanUpReqFiles(req) | 54 | cleanUpReqFiles(req) |
| 54 | return res.status(409) | 55 | return res.status(HttpStatusCode.CONFLICT_409) |
| 55 | .json({ error: 'Torrent/magnet URI import is not enabled on this instance.' }) | 56 | .json({ error: 'Torrent/magnet URI import is not enabled on this instance.' }) |
| 56 | .end() | 57 | .end() |
| 57 | } | 58 | } |
| @@ -62,7 +63,7 @@ const videoImportAddValidator = getCommonVideoEditAttributes().concat([ | |||
| 62 | if (!req.body.targetUrl && !req.body.magnetUri && !torrentFile) { | 63 | if (!req.body.targetUrl && !req.body.magnetUri && !torrentFile) { |
| 63 | cleanUpReqFiles(req) | 64 | cleanUpReqFiles(req) |
| 64 | 65 | ||
| 65 | return res.status(400) | 66 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 66 | .json({ error: 'Should have a magnetUri or a targetUrl or a torrent file.' }) | 67 | .json({ error: 'Should have a magnetUri or a targetUrl or a torrent file.' }) |
| 67 | .end() | 68 | .end() |
| 68 | } | 69 | } |
| @@ -100,7 +101,7 @@ async function isImportAccepted (req: express.Request, res: express.Response) { | |||
| 100 | 101 | ||
| 101 | if (!acceptedResult || acceptedResult.accepted !== true) { | 102 | if (!acceptedResult || acceptedResult.accepted !== true) { |
| 102 | logger.info('Refused to import video.', { acceptedResult, acceptParameters }) | 103 | logger.info('Refused to import video.', { acceptedResult, acceptParameters }) |
| 103 | res.status(403) | 104 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 104 | .json({ error: acceptedResult.errorMessage || 'Refused to import video' }) | 105 | .json({ error: acceptedResult.errorMessage || 'Refused to import video' }) |
| 105 | 106 | ||
| 106 | return false | 107 | return false |
diff --git a/server/middlewares/validators/videos/video-live.ts b/server/middlewares/validators/videos/video-live.ts index 69a14ccb1..3a73e1272 100644 --- a/server/middlewares/validators/videos/video-live.ts +++ b/server/middlewares/validators/videos/video-live.ts | |||
| @@ -13,6 +13,7 @@ import { getCommonVideoEditAttributes } from './videos' | |||
| 13 | import { VideoModel } from '@server/models/video/video' | 13 | import { VideoModel } from '@server/models/video/video' |
| 14 | import { Hooks } from '@server/lib/plugins/hooks' | 14 | import { Hooks } from '@server/lib/plugins/hooks' |
| 15 | import { isLocalLiveVideoAccepted } from '@server/lib/moderation' | 15 | import { isLocalLiveVideoAccepted } from '@server/lib/moderation' |
| 16 | import { HttpStatusCode } from '@shared/core-utils/miscs/http-error-codes' | ||
| 16 | 17 | ||
| 17 | const videoLiveGetValidator = [ | 18 | const videoLiveGetValidator = [ |
| 18 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | 19 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), |
| @@ -28,7 +29,7 @@ const videoLiveGetValidator = [ | |||
| 28 | if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.GET_ANY_LIVE, res, false)) return | 29 | if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.GET_ANY_LIVE, res, false)) return |
| 29 | 30 | ||
| 30 | const videoLive = await VideoLiveModel.loadByVideoId(res.locals.videoAll.id) | 31 | const videoLive = await VideoLiveModel.loadByVideoId(res.locals.videoAll.id) |
| 31 | if (!videoLive) return res.sendStatus(404) | 32 | if (!videoLive) return res.sendStatus(HttpStatusCode.NOT_FOUND_404) |
| 32 | 33 | ||
| 33 | res.locals.videoLive = videoLive | 34 | res.locals.videoLive = videoLive |
| 34 | 35 | ||
| @@ -62,21 +63,21 @@ const videoLiveAddValidator = getCommonVideoEditAttributes().concat([ | |||
| 62 | if (CONFIG.LIVE.ENABLED !== true) { | 63 | if (CONFIG.LIVE.ENABLED !== true) { |
| 63 | cleanUpReqFiles(req) | 64 | cleanUpReqFiles(req) |
| 64 | 65 | ||
| 65 | return res.status(403) | 66 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 66 | .json({ error: 'Live is not enabled on this instance' }) | 67 | .json({ error: 'Live is not enabled on this instance' }) |
| 67 | } | 68 | } |
| 68 | 69 | ||
| 69 | if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) { | 70 | if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) { |
| 70 | cleanUpReqFiles(req) | 71 | cleanUpReqFiles(req) |
| 71 | 72 | ||
| 72 | return res.status(403) | 73 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 73 | .json({ error: 'Saving live replay is not allowed instance' }) | 74 | .json({ error: 'Saving live replay is not allowed instance' }) |
| 74 | } | 75 | } |
| 75 | 76 | ||
| 76 | if (req.body.permanentLive && req.body.saveReplay) { | 77 | if (req.body.permanentLive && req.body.saveReplay) { |
| 77 | cleanUpReqFiles(req) | 78 | cleanUpReqFiles(req) |
| 78 | 79 | ||
| 79 | return res.status(400) | 80 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 80 | .json({ error: 'Cannot set this live as permanent while saving its replay' }) | 81 | .json({ error: 'Cannot set this live as permanent while saving its replay' }) |
| 81 | } | 82 | } |
| 82 | 83 | ||
| @@ -89,7 +90,7 @@ const videoLiveAddValidator = getCommonVideoEditAttributes().concat([ | |||
| 89 | if (totalInstanceLives >= CONFIG.LIVE.MAX_INSTANCE_LIVES) { | 90 | if (totalInstanceLives >= CONFIG.LIVE.MAX_INSTANCE_LIVES) { |
| 90 | cleanUpReqFiles(req) | 91 | cleanUpReqFiles(req) |
| 91 | 92 | ||
| 92 | return res.status(403) | 93 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 93 | .json({ | 94 | .json({ |
| 94 | code: ServerErrorCode.MAX_INSTANCE_LIVES_LIMIT_REACHED, | 95 | code: ServerErrorCode.MAX_INSTANCE_LIVES_LIMIT_REACHED, |
| 95 | error: 'Cannot create this live because the max instance lives limit is reached.' | 96 | error: 'Cannot create this live because the max instance lives limit is reached.' |
| @@ -103,7 +104,7 @@ const videoLiveAddValidator = getCommonVideoEditAttributes().concat([ | |||
| 103 | if (totalUserLives >= CONFIG.LIVE.MAX_USER_LIVES) { | 104 | if (totalUserLives >= CONFIG.LIVE.MAX_USER_LIVES) { |
| 104 | cleanUpReqFiles(req) | 105 | cleanUpReqFiles(req) |
| 105 | 106 | ||
| 106 | return res.status(403) | 107 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 107 | .json({ | 108 | .json({ |
| 108 | code: ServerErrorCode.MAX_USER_LIVES_LIMIT_REACHED, | 109 | code: ServerErrorCode.MAX_USER_LIVES_LIMIT_REACHED, |
| 109 | error: 'Cannot create this live because the max user lives limit is reached.' | 110 | error: 'Cannot create this live because the max user lives limit is reached.' |
| @@ -129,17 +130,17 @@ const videoLiveUpdateValidator = [ | |||
| 129 | if (areValidationErrors(req, res)) return | 130 | if (areValidationErrors(req, res)) return |
| 130 | 131 | ||
| 131 | if (req.body.permanentLive && req.body.saveReplay) { | 132 | if (req.body.permanentLive && req.body.saveReplay) { |
| 132 | return res.status(400) | 133 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 133 | .json({ error: 'Cannot set this live as permanent while saving its replay' }) | 134 | .json({ error: 'Cannot set this live as permanent while saving its replay' }) |
| 134 | } | 135 | } |
| 135 | 136 | ||
| 136 | if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) { | 137 | if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) { |
| 137 | return res.status(403) | 138 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 138 | .json({ error: 'Saving live replay is not allowed instance' }) | 139 | .json({ error: 'Saving live replay is not allowed instance' }) |
| 139 | } | 140 | } |
| 140 | 141 | ||
| 141 | if (res.locals.videoAll.state !== VideoState.WAITING_FOR_LIVE) { | 142 | if (res.locals.videoAll.state !== VideoState.WAITING_FOR_LIVE) { |
| 142 | return res.status(400) | 143 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 143 | .json({ error: 'Cannot update a live that has already started' }) | 144 | .json({ error: 'Cannot update a live that has already started' }) |
| 144 | } | 145 | } |
| 145 | 146 | ||
| @@ -176,7 +177,7 @@ async function isLiveVideoAccepted (req: express.Request, res: express.Response) | |||
| 176 | if (!acceptedResult || acceptedResult.accepted !== true) { | 177 | if (!acceptedResult || acceptedResult.accepted !== true) { |
| 177 | logger.info('Refused local live video.', { acceptedResult, acceptParameters }) | 178 | logger.info('Refused local live video.', { acceptedResult, acceptParameters }) |
| 178 | 179 | ||
| 179 | res.status(403) | 180 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 180 | .json({ error: acceptedResult.errorMessage || 'Refused local live video' }) | 181 | .json({ error: acceptedResult.errorMessage || 'Refused local live video' }) |
| 181 | 182 | ||
| 182 | return false | 183 | return false |
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts index 4647eae44..c7a6f68e3 100644 --- a/server/middlewares/validators/videos/video-playlists.ts +++ b/server/middlewares/validators/videos/video-playlists.ts | |||
| @@ -29,6 +29,7 @@ import { VideoPlaylistType } from '../../../../shared/models/videos/playlist/vid | |||
| 29 | import { doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist, VideoPlaylistFetchType } from '../../../helpers/middlewares' | 29 | import { doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist, VideoPlaylistFetchType } from '../../../helpers/middlewares' |
| 30 | import { MVideoPlaylist } from '../../../types/models/video/video-playlist' | 30 | import { MVideoPlaylist } from '../../../types/models/video/video-playlist' |
| 31 | import { MUserAccountId } from '@server/types/models' | 31 | import { MUserAccountId } from '@server/types/models' |
| 32 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' | ||
| 32 | 33 | ||
| 33 | const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([ | 34 | const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([ |
| 34 | body('displayName') | 35 | body('displayName') |
| @@ -44,7 +45,7 @@ const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([ | |||
| 44 | 45 | ||
| 45 | if (body.privacy === VideoPlaylistPrivacy.PUBLIC && !body.videoChannelId) { | 46 | if (body.privacy === VideoPlaylistPrivacy.PUBLIC && !body.videoChannelId) { |
| 46 | cleanUpReqFiles(req) | 47 | cleanUpReqFiles(req) |
| 47 | return res.status(400) | 48 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 48 | .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' }) | 49 | .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' }) |
| 49 | } | 50 | } |
| 50 | 51 | ||
| @@ -83,13 +84,13 @@ const videoPlaylistsUpdateValidator = getCommonPlaylistEditAttributes().concat([ | |||
| 83 | ) | 84 | ) |
| 84 | ) { | 85 | ) { |
| 85 | cleanUpReqFiles(req) | 86 | cleanUpReqFiles(req) |
| 86 | return res.status(400) | 87 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 87 | .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' }) | 88 | .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' }) |
| 88 | } | 89 | } |
| 89 | 90 | ||
| 90 | if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { | 91 | if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { |
| 91 | cleanUpReqFiles(req) | 92 | cleanUpReqFiles(req) |
| 92 | return res.status(400) | 93 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 93 | .json({ error: 'Cannot update a watch later playlist.' }) | 94 | .json({ error: 'Cannot update a watch later playlist.' }) |
| 94 | } | 95 | } |
| 95 | 96 | ||
| @@ -112,7 +113,7 @@ const videoPlaylistsDeleteValidator = [ | |||
| 112 | 113 | ||
| 113 | const videoPlaylist = getPlaylist(res) | 114 | const videoPlaylist = getPlaylist(res) |
| 114 | if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { | 115 | if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { |
| 115 | return res.status(400) | 116 | return res.status(HttpStatusCode.BAD_REQUEST_400) |
| 116 | .json({ error: 'Cannot delete a watch later playlist.' }) | 117 | .json({ error: 'Cannot delete a watch later playlist.' }) |
| 117 | } | 118 | } |
| 118 | 119 | ||
| @@ -142,7 +143,7 @@ const videoPlaylistsGetValidator = (fetchType: VideoPlaylistFetchType) => { | |||
| 142 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) { | 143 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) { |
| 143 | if (isUUIDValid(req.params.playlistId)) return next() | 144 | if (isUUIDValid(req.params.playlistId)) return next() |
| 144 | 145 | ||
| 145 | return res.status(404).end() | 146 | return res.status(HttpStatusCode.NOT_FOUND_404).end() |
| 146 | } | 147 | } |
| 147 | 148 | ||
| 148 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { | 149 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { |
| @@ -154,7 +155,7 @@ const videoPlaylistsGetValidator = (fetchType: VideoPlaylistFetchType) => { | |||
| 154 | !user || | 155 | !user || |
| 155 | (videoPlaylist.OwnerAccount.id !== user.Account.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) | 156 | (videoPlaylist.OwnerAccount.id !== user.Account.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) |
| 156 | ) { | 157 | ) { |
| 157 | return res.status(403) | 158 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 158 | .json({ error: 'Cannot get this private video playlist.' }) | 159 | .json({ error: 'Cannot get this private video playlist.' }) |
| 159 | } | 160 | } |
| 160 | 161 | ||
| @@ -231,7 +232,7 @@ const videoPlaylistsUpdateOrRemoveVideoValidator = [ | |||
| 231 | 232 | ||
| 232 | const videoPlaylistElement = await VideoPlaylistElementModel.loadById(req.params.playlistElementId) | 233 | const videoPlaylistElement = await VideoPlaylistElementModel.loadById(req.params.playlistElementId) |
| 233 | if (!videoPlaylistElement) { | 234 | if (!videoPlaylistElement) { |
| 234 | res.status(404) | 235 | res.status(HttpStatusCode.NOT_FOUND_404) |
| 235 | .json({ error: 'Video playlist element not found' }) | 236 | .json({ error: 'Video playlist element not found' }) |
| 236 | .end() | 237 | .end() |
| 237 | 238 | ||
| @@ -261,7 +262,7 @@ const videoPlaylistElementAPGetValidator = [ | |||
| 261 | 262 | ||
| 262 | const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndElementIdForAP(playlistId, playlistElementId) | 263 | const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndElementIdForAP(playlistId, playlistElementId) |
| 263 | if (!videoPlaylistElement) { | 264 | if (!videoPlaylistElement) { |
| 264 | res.status(404) | 265 | res.status(HttpStatusCode.NOT_FOUND_404) |
| 265 | .json({ error: 'Video playlist element not found' }) | 266 | .json({ error: 'Video playlist element not found' }) |
| 266 | .end() | 267 | .end() |
| 267 | 268 | ||
| @@ -269,7 +270,7 @@ const videoPlaylistElementAPGetValidator = [ | |||
| 269 | } | 270 | } |
| 270 | 271 | ||
| 271 | if (videoPlaylistElement.VideoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { | 272 | if (videoPlaylistElement.VideoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { |
| 272 | return res.status(403).end() | 273 | return res.status(HttpStatusCode.FORBIDDEN_403).end() |
| 273 | } | 274 | } |
| 274 | 275 | ||
| 275 | res.locals.videoPlaylistElementAP = videoPlaylistElement | 276 | res.locals.videoPlaylistElementAP = videoPlaylistElement |
| @@ -305,7 +306,7 @@ const videoPlaylistsReorderVideosValidator = [ | |||
| 305 | const reorderLength: number = req.body.reorderLength | 306 | const reorderLength: number = req.body.reorderLength |
| 306 | 307 | ||
| 307 | if (startPosition >= nextPosition || insertAfterPosition >= nextPosition) { | 308 | if (startPosition >= nextPosition || insertAfterPosition >= nextPosition) { |
| 308 | res.status(400) | 309 | res.status(HttpStatusCode.BAD_REQUEST_400) |
| 309 | .json({ error: `Start position or insert after position exceed the playlist limits (max: ${nextPosition - 1})` }) | 310 | .json({ error: `Start position or insert after position exceed the playlist limits (max: ${nextPosition - 1})` }) |
| 310 | .end() | 311 | .end() |
| 311 | 312 | ||
| @@ -313,7 +314,7 @@ const videoPlaylistsReorderVideosValidator = [ | |||
| 313 | } | 314 | } |
| 314 | 315 | ||
| 315 | if (reorderLength && reorderLength + startPosition > nextPosition) { | 316 | if (reorderLength && reorderLength + startPosition > nextPosition) { |
| 316 | res.status(400) | 317 | res.status(HttpStatusCode.BAD_REQUEST_400) |
| 317 | .json({ error: `Reorder length with this start position exceeds the playlist limits (max: ${nextPosition - startPosition})` }) | 318 | .json({ error: `Reorder length with this start position exceeds the playlist limits (max: ${nextPosition - startPosition})` }) |
| 318 | .end() | 319 | .end() |
| 319 | 320 | ||
| @@ -399,7 +400,7 @@ function getCommonPlaylistEditAttributes () { | |||
| 399 | 400 | ||
| 400 | function checkUserCanManageVideoPlaylist (user: MUserAccountId, videoPlaylist: MVideoPlaylist, right: UserRight, res: express.Response) { | 401 | function checkUserCanManageVideoPlaylist (user: MUserAccountId, videoPlaylist: MVideoPlaylist, right: UserRight, res: express.Response) { |
| 401 | if (videoPlaylist.isOwned() === false) { | 402 | if (videoPlaylist.isOwned() === false) { |
| 402 | res.status(403) | 403 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 403 | .json({ error: 'Cannot manage video playlist of another server.' }) | 404 | .json({ error: 'Cannot manage video playlist of another server.' }) |
| 404 | .end() | 405 | .end() |
| 405 | 406 | ||
| @@ -410,7 +411,7 @@ function checkUserCanManageVideoPlaylist (user: MUserAccountId, videoPlaylist: M | |||
| 410 | // The user can delete it if s/he is an admin | 411 | // The user can delete it if s/he is an admin |
| 411 | // Or if s/he is the video playlist's owner | 412 | // Or if s/he is the video playlist's owner |
| 412 | if (user.hasRight(right) === false && videoPlaylist.ownerAccountId !== user.Account.id) { | 413 | if (user.hasRight(right) === false && videoPlaylist.ownerAccountId !== user.Account.id) { |
| 413 | res.status(403) | 414 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 414 | .json({ error: 'Cannot manage video playlist of another user' }) | 415 | .json({ error: 'Cannot manage video playlist of another user' }) |
| 415 | .end() | 416 | .end() |
| 416 | 417 | ||
diff --git a/server/middlewares/validators/videos/video-rates.ts b/server/middlewares/validators/videos/video-rates.ts index 15a8c7983..7dcba15f1 100644 --- a/server/middlewares/validators/videos/video-rates.ts +++ b/server/middlewares/validators/videos/video-rates.ts | |||
| @@ -9,6 +9,7 @@ import { AccountVideoRateModel } from '../../../models/account/account-video-rat | |||
| 9 | import { VideoRateType } from '../../../../shared/models/videos' | 9 | import { VideoRateType } from '../../../../shared/models/videos' |
| 10 | import { isAccountNameValid } from '../../../helpers/custom-validators/accounts' | 10 | import { isAccountNameValid } from '../../../helpers/custom-validators/accounts' |
| 11 | import { doesVideoExist } from '../../../helpers/middlewares' | 11 | import { doesVideoExist } from '../../../helpers/middlewares' |
| 12 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' | ||
| 12 | 13 | ||
| 13 | const videoUpdateRateValidator = [ | 14 | const videoUpdateRateValidator = [ |
| 14 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | 15 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
| @@ -36,7 +37,7 @@ const getAccountVideoRateValidatorFactory = function (rateType: VideoRateType) { | |||
| 36 | 37 | ||
| 37 | const rate = await AccountVideoRateModel.loadLocalAndPopulateVideo(rateType, req.params.name, req.params.videoId) | 38 | const rate = await AccountVideoRateModel.loadLocalAndPopulateVideo(rateType, req.params.name, req.params.videoId) |
| 38 | if (!rate) { | 39 | if (!rate) { |
| 39 | return res.status(404) | 40 | return res.status(HttpStatusCode.NOT_FOUND_404) |
| 40 | .json({ error: 'Video rate not found' }) | 41 | .json({ error: 'Video rate not found' }) |
| 41 | } | 42 | } |
| 42 | 43 | ||
diff --git a/server/middlewares/validators/videos/video-shares.ts b/server/middlewares/validators/videos/video-shares.ts index 20fc96243..f0d8e0c36 100644 --- a/server/middlewares/validators/videos/video-shares.ts +++ b/server/middlewares/validators/videos/video-shares.ts | |||
| @@ -5,6 +5,7 @@ import { logger } from '../../../helpers/logger' | |||
| 5 | import { VideoShareModel } from '../../../models/video/video-share' | 5 | import { VideoShareModel } from '../../../models/video/video-share' |
| 6 | import { areValidationErrors } from '../utils' | 6 | import { areValidationErrors } from '../utils' |
| 7 | import { doesVideoExist } from '../../../helpers/middlewares' | 7 | import { doesVideoExist } from '../../../helpers/middlewares' |
| 8 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' | ||
| 8 | 9 | ||
| 9 | const videosShareValidator = [ | 10 | const videosShareValidator = [ |
| 10 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | 11 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
| @@ -20,7 +21,7 @@ const videosShareValidator = [ | |||
| 20 | 21 | ||
| 21 | const share = await VideoShareModel.load(req.params.actorId, video.id) | 22 | const share = await VideoShareModel.load(req.params.actorId, video.id) |
| 22 | if (!share) { | 23 | if (!share) { |
| 23 | return res.status(404) | 24 | return res.status(HttpStatusCode.NOT_FOUND_404) |
| 24 | .end() | 25 | .end() |
| 25 | } | 26 | } |
| 26 | 27 | ||
diff --git a/server/middlewares/validators/videos/video-watch.ts b/server/middlewares/validators/videos/video-watch.ts index d6ca1d341..29ce0dab6 100644 --- a/server/middlewares/validators/videos/video-watch.ts +++ b/server/middlewares/validators/videos/video-watch.ts | |||
| @@ -4,6 +4,7 @@ import { isIdOrUUIDValid, toIntOrNull } from '../../../helpers/custom-validators | |||
| 4 | import { areValidationErrors } from '../utils' | 4 | import { areValidationErrors } from '../utils' |
| 5 | import { logger } from '../../../helpers/logger' | 5 | import { logger } from '../../../helpers/logger' |
| 6 | import { doesVideoExist } from '../../../helpers/middlewares' | 6 | import { doesVideoExist } from '../../../helpers/middlewares' |
| 7 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' | ||
| 7 | 8 | ||
| 8 | const videoWatchingValidator = [ | 9 | const videoWatchingValidator = [ |
| 9 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | 10 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
| @@ -20,7 +21,7 @@ const videoWatchingValidator = [ | |||
| 20 | const user = res.locals.oauth.token.User | 21 | const user = res.locals.oauth.token.User |
| 21 | if (user.videosHistoryEnabled === false) { | 22 | if (user.videosHistoryEnabled === false) { |
| 22 | logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id) | 23 | logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id) |
| 23 | return res.status(409).end() | 24 | return res.status(HttpStatusCode.CONFLICT_409).end() |
| 24 | } | 25 | } |
| 25 | 26 | ||
| 26 | return next() | 27 | return next() |
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts index af0072d73..9834f714b 100644 --- a/server/middlewares/validators/videos/videos.ts +++ b/server/middlewares/validators/videos/videos.ts | |||
| @@ -51,6 +51,7 @@ import { AccountModel } from '../../../models/account/account' | |||
| 51 | import { VideoModel } from '../../../models/video/video' | 51 | import { VideoModel } from '../../../models/video/video' |
| 52 | import { authenticatePromiseIfNeeded } from '../../oauth' | 52 | import { authenticatePromiseIfNeeded } from '../../oauth' |
| 53 | import { areValidationErrors } from '../utils' | 53 | import { areValidationErrors } from '../utils' |
| 54 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' | ||
| 54 | 55 | ||
| 55 | const videosAddValidator = getCommonVideoEditAttributes().concat([ | 56 | const videosAddValidator = getCommonVideoEditAttributes().concat([ |
| 56 | body('videofile') | 57 | body('videofile') |
| @@ -75,7 +76,7 @@ const videosAddValidator = getCommonVideoEditAttributes().concat([ | |||
| 75 | if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req) | 76 | if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req) |
| 76 | 77 | ||
| 77 | if (await isAbleToUploadVideo(user.id, videoFile.size) === false) { | 78 | if (await isAbleToUploadVideo(user.id, videoFile.size) === false) { |
| 78 | res.status(403) | 79 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 79 | .json({ error: 'The user video quota is exceeded with this video.' }) | 80 | .json({ error: 'The user video quota is exceeded with this video.' }) |
| 80 | 81 | ||
| 81 | return cleanUpReqFiles(req) | 82 | return cleanUpReqFiles(req) |
| @@ -87,7 +88,7 @@ const videosAddValidator = getCommonVideoEditAttributes().concat([ | |||
| 87 | duration = await getDurationFromVideoFile(videoFile.path) | 88 | duration = await getDurationFromVideoFile(videoFile.path) |
| 88 | } catch (err) { | 89 | } catch (err) { |
| 89 | logger.error('Invalid input file in videosAddValidator.', { err }) | 90 | logger.error('Invalid input file in videosAddValidator.', { err }) |
| 90 | res.status(400) | 91 | res.status(HttpStatusCode.BAD_REQUEST_400) |
| 91 | .json({ error: 'Invalid input file.' }) | 92 | .json({ error: 'Invalid input file.' }) |
| 92 | 93 | ||
| 93 | return cleanUpReqFiles(req) | 94 | return cleanUpReqFiles(req) |
| @@ -147,7 +148,7 @@ async function checkVideoFollowConstraints (req: express.Request, res: express.R | |||
| 147 | const serverActor = await getServerActor() | 148 | const serverActor = await getServerActor() |
| 148 | if (await VideoModel.checkVideoHasInstanceFollow(video.id, serverActor.id) === true) return next() | 149 | if (await VideoModel.checkVideoHasInstanceFollow(video.id, serverActor.id) === true) return next() |
| 149 | 150 | ||
| 150 | return res.status(403) | 151 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 151 | .json({ | 152 | .json({ |
| 152 | errorCode: ServerErrorCode.DOES_NOT_RESPECT_FOLLOW_CONSTRAINTS, | 153 | errorCode: ServerErrorCode.DOES_NOT_RESPECT_FOLLOW_CONSTRAINTS, |
| 153 | error: 'Cannot get this video regarding follow constraints.', | 154 | error: 'Cannot get this video regarding follow constraints.', |
| @@ -182,7 +183,7 @@ const videosCustomGetValidator = ( | |||
| 182 | 183 | ||
| 183 | // Only the owner or a user that have blacklist rights can see the video | 184 | // Only the owner or a user that have blacklist rights can see the video |
| 184 | if (!user || !user.canGetVideo(videoAll)) { | 185 | if (!user || !user.canGetVideo(videoAll)) { |
| 185 | return res.status(403) | 186 | return res.status(HttpStatusCode.FORBIDDEN_403) |
| 186 | .json({ error: 'Cannot get this private/internal or blacklisted video.' }) | 187 | .json({ error: 'Cannot get this private/internal or blacklisted video.' }) |
| 187 | } | 188 | } |
| 188 | 189 | ||
| @@ -197,7 +198,7 @@ const videosCustomGetValidator = ( | |||
| 197 | if (isUUIDValid(req.params.id)) return next() | 198 | if (isUUIDValid(req.params.id)) return next() |
| 198 | 199 | ||
| 199 | // Don't leak this unlisted video | 200 | // Don't leak this unlisted video |
| 200 | return res.status(404).end() | 201 | return res.status(HttpStatusCode.NOT_FOUND_404).end() |
| 201 | } | 202 | } |
| 202 | } | 203 | } |
| 203 | ] | 204 | ] |
| @@ -250,7 +251,7 @@ const videosChangeOwnershipValidator = [ | |||
| 250 | 251 | ||
| 251 | const nextOwner = await AccountModel.loadLocalByName(req.body.username) | 252 | const nextOwner = await AccountModel.loadLocalByName(req.body.username) |
| 252 | if (!nextOwner) { | 253 | if (!nextOwner) { |
| 253 | res.status(400) | 254 | res.status(HttpStatusCode.BAD_REQUEST_400) |
| 254 | .json({ error: 'Changing video ownership to a remote account is not supported yet' }) | 255 | .json({ error: 'Changing video ownership to a remote account is not supported yet' }) |
| 255 | 256 | ||
| 256 | return | 257 | return |
| @@ -276,7 +277,7 @@ const videosTerminateChangeOwnershipValidator = [ | |||
| 276 | const videoChangeOwnership = res.locals.videoChangeOwnership | 277 | const videoChangeOwnership = res.locals.videoChangeOwnership |
| 277 | 278 | ||
| 278 | if (videoChangeOwnership.status !== VideoChangeOwnershipStatus.WAITING) { | 279 | if (videoChangeOwnership.status !== VideoChangeOwnershipStatus.WAITING) { |
| 279 | res.status(403) | 280 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 280 | .json({ error: 'Ownership already accepted or refused' }) | 281 | .json({ error: 'Ownership already accepted or refused' }) |
| 281 | return | 282 | return |
| 282 | } | 283 | } |
| @@ -294,7 +295,7 @@ const videosAcceptChangeOwnershipValidator = [ | |||
| 294 | const videoChangeOwnership = res.locals.videoChangeOwnership | 295 | const videoChangeOwnership = res.locals.videoChangeOwnership |
| 295 | const isAble = await isAbleToUploadVideo(user.id, videoChangeOwnership.Video.getMaxQualityFile().size) | 296 | const isAble = await isAbleToUploadVideo(user.id, videoChangeOwnership.Video.getMaxQualityFile().size) |
| 296 | if (isAble === false) { | 297 | if (isAble === false) { |
| 297 | res.status(403) | 298 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 298 | .json({ error: 'The user video quota is exceeded with this video.' }) | 299 | .json({ error: 'The user video quota is exceeded with this video.' }) |
| 299 | 300 | ||
| 300 | return | 301 | return |
| @@ -433,7 +434,7 @@ const commonVideosFiltersValidator = [ | |||
| 433 | (req.query.filter === 'all-local' || req.query.filter === 'all') && | 434 | (req.query.filter === 'all-local' || req.query.filter === 'all') && |
| 434 | (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false) | 435 | (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false) |
| 435 | ) { | 436 | ) { |
| 436 | res.status(401) | 437 | res.status(HttpStatusCode.UNAUTHORIZED_401) |
| 437 | .json({ error: 'You are not allowed to see all local videos.' }) | 438 | .json({ error: 'You are not allowed to see all local videos.' }) |
| 438 | 439 | ||
| 439 | return | 440 | return |
| @@ -473,7 +474,7 @@ function areErrorsInScheduleUpdate (req: express.Request, res: express.Response) | |||
| 473 | if (!req.body.scheduleUpdate.updateAt) { | 474 | if (!req.body.scheduleUpdate.updateAt) { |
| 474 | logger.warn('Invalid parameters: scheduleUpdate.updateAt is mandatory.') | 475 | logger.warn('Invalid parameters: scheduleUpdate.updateAt is mandatory.') |
| 475 | 476 | ||
| 476 | res.status(400) | 477 | res.status(HttpStatusCode.BAD_REQUEST_400) |
| 477 | .json({ error: 'Schedule update at is mandatory.' }) | 478 | .json({ error: 'Schedule update at is mandatory.' }) |
| 478 | 479 | ||
| 479 | return true | 480 | return true |
| @@ -498,7 +499,7 @@ async function isVideoAccepted (req: express.Request, res: express.Response, vid | |||
| 498 | 499 | ||
| 499 | if (!acceptedResult || acceptedResult.accepted !== true) { | 500 | if (!acceptedResult || acceptedResult.accepted !== true) { |
| 500 | logger.info('Refused local video.', { acceptedResult, acceptParameters }) | 501 | logger.info('Refused local video.', { acceptedResult, acceptParameters }) |
| 501 | res.status(403) | 502 | res.status(HttpStatusCode.FORBIDDEN_403) |
| 502 | .json({ error: acceptedResult.errorMessage || 'Refused local video' }) | 503 | .json({ error: acceptedResult.errorMessage || 'Refused local video' }) |
| 503 | 504 | ||
| 504 | return false | 505 | return false |