diff options
author | Chocobozzz <me@florianbigard.com> | 2021-05-28 10:21:39 +0200 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2021-05-28 10:22:50 +0200 |
commit | 012580d98f489e599d44a9a2a0bdc892b9455a90 (patch) | |
tree | cd6d4abdbf43f4cd1c051ac49682b97c7b6dca92 /server/middlewares/validators | |
parent | d6d96bed80700830063c6055969d2d2ff46c63c6 (diff) | |
download | PeerTube-012580d98f489e599d44a9a2a0bdc892b9455a90.tar.gz PeerTube-012580d98f489e599d44a9a2a0bdc892b9455a90.tar.zst PeerTube-012580d98f489e599d44a9a2a0bdc892b9455a90.zip |
Cleanup
We must not expose private actor objects to clients
Just make 2 GET requests on channel/accounts instead
Diffstat (limited to 'server/middlewares/validators')
-rw-r--r-- | server/middlewares/validators/actor.ts | 59 | ||||
-rw-r--r-- | server/middlewares/validators/index.ts | 1 |
2 files changed, 0 insertions, 60 deletions
diff --git a/server/middlewares/validators/actor.ts b/server/middlewares/validators/actor.ts deleted file mode 100644 index 99b529dd6..000000000 --- a/server/middlewares/validators/actor.ts +++ /dev/null | |||
@@ -1,59 +0,0 @@ | |||
1 | import * as express from 'express' | ||
2 | import { param } from 'express-validator' | ||
3 | import { isActorNameValid } from '../../helpers/custom-validators/actor' | ||
4 | import { logger } from '../../helpers/logger' | ||
5 | import { areValidationErrors } from './utils' | ||
6 | import { | ||
7 | doesAccountNameWithHostExist, | ||
8 | doesLocalAccountNameExist, | ||
9 | doesVideoChannelNameWithHostExist, | ||
10 | doesLocalVideoChannelNameExist | ||
11 | } from '../../helpers/middlewares' | ||
12 | import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes' | ||
13 | |||
14 | const localActorValidator = [ | ||
15 | param('actorName').custom(isActorNameValid).withMessage('Should have a valid actor name'), | ||
16 | |||
17 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
18 | logger.debug('Checking localActorValidator parameters', { parameters: req.params }) | ||
19 | |||
20 | if (areValidationErrors(req, res)) return | ||
21 | |||
22 | const isAccount = await doesLocalAccountNameExist(req.params.actorName, res, false) | ||
23 | const isVideoChannel = await doesLocalVideoChannelNameExist(req.params.actorName, res, false) | ||
24 | |||
25 | if (!isAccount || !isVideoChannel) { | ||
26 | res.status(HttpStatusCode.NOT_FOUND_404) | ||
27 | .json({ error: 'Actor not found' }) | ||
28 | } | ||
29 | |||
30 | return next() | ||
31 | } | ||
32 | ] | ||
33 | |||
34 | const actorNameWithHostGetValidator = [ | ||
35 | param('actorName').exists().withMessage('Should have an actor name with host'), | ||
36 | |||
37 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
38 | logger.debug('Checking actorNameWithHostGetValidator parameters', { parameters: req.params }) | ||
39 | |||
40 | if (areValidationErrors(req, res)) return | ||
41 | |||
42 | const isAccount = await doesAccountNameWithHostExist(req.params.actorName, res, false) | ||
43 | const isVideoChannel = await doesVideoChannelNameWithHostExist(req.params.actorName, res, false) | ||
44 | |||
45 | if (!isAccount && !isVideoChannel) { | ||
46 | res.status(HttpStatusCode.NOT_FOUND_404) | ||
47 | .json({ error: 'Actor not found' }) | ||
48 | } | ||
49 | |||
50 | return next() | ||
51 | } | ||
52 | ] | ||
53 | |||
54 | // --------------------------------------------------------------------------- | ||
55 | |||
56 | export { | ||
57 | localActorValidator, | ||
58 | actorNameWithHostGetValidator | ||
59 | } | ||
diff --git a/server/middlewares/validators/index.ts b/server/middlewares/validators/index.ts index 3e1a1e5ce..24faeea3e 100644 --- a/server/middlewares/validators/index.ts +++ b/server/middlewares/validators/index.ts | |||
@@ -1,6 +1,5 @@ | |||
1 | export * from './abuse' | 1 | export * from './abuse' |
2 | export * from './account' | 2 | export * from './account' |
3 | export * from './actor' | ||
4 | export * from './actor-image' | 3 | export * from './actor-image' |
5 | export * from './blocklist' | 4 | export * from './blocklist' |
6 | export * from './oembed' | 5 | export * from './oembed' |