aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2019-02-28 11:14:26 +0100
committerChocobozzz <chocobozzz@cpy.re>2019-03-18 11:17:59 +0100
commit07b1a18aa678d260009a93e36606c5c5f585723d (patch)
tree27a399fa0f7a29a7ac1d7d7cf077a24ea6ee39de /server/middlewares/validators
parent418d092afa81e2c8fe8ac6838fc4b5eb0af6a782 (diff)
downloadPeerTube-07b1a18aa678d260009a93e36606c5c5f585723d.tar.gz
PeerTube-07b1a18aa678d260009a93e36606c5c5f585723d.tar.zst
PeerTube-07b1a18aa678d260009a93e36606c5c5f585723d.zip
Add playlist check param tests
Diffstat (limited to 'server/middlewares/validators')
-rw-r--r--server/middlewares/validators/videos/video-playlists.ts44
1 files changed, 41 insertions, 3 deletions
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts
index ef8d0b851..0e97c8dc0 100644
--- a/server/middlewares/validators/videos/video-playlists.ts
+++ b/server/middlewares/validators/videos/video-playlists.ts
@@ -6,7 +6,7 @@ import { UserModel } from '../../../models/account/user'
6import { areValidationErrors } from '../utils' 6import { areValidationErrors } from '../utils'
7import { isVideoExist, isVideoImage } from '../../../helpers/custom-validators/videos' 7import { isVideoExist, isVideoImage } from '../../../helpers/custom-validators/videos'
8import { CONSTRAINTS_FIELDS } from '../../../initializers' 8import { CONSTRAINTS_FIELDS } from '../../../initializers'
9import { isIdOrUUIDValid, toValueOrNull } from '../../../helpers/custom-validators/misc' 9import { isIdOrUUIDValid, isUUIDValid, toValueOrNull } from '../../../helpers/custom-validators/misc'
10import { 10import {
11 isVideoPlaylistDescriptionValid, 11 isVideoPlaylistDescriptionValid,
12 isVideoPlaylistExist, 12 isVideoPlaylistExist,
@@ -43,10 +43,19 @@ const videoPlaylistsUpdateValidator = getCommonPlaylistEditAttributes().concat([
43 if (areValidationErrors(req, res)) return cleanUpReqFiles(req) 43 if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
44 44
45 if (!await isVideoPlaylistExist(req.params.playlistId, res)) return cleanUpReqFiles(req) 45 if (!await isVideoPlaylistExist(req.params.playlistId, res)) return cleanUpReqFiles(req)
46
47 const videoPlaylist = res.locals.videoPlaylist
48
46 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) { 49 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) {
47 return cleanUpReqFiles(req) 50 return cleanUpReqFiles(req)
48 } 51 }
49 52
53 if (videoPlaylist.privacy !== VideoPlaylistPrivacy.PRIVATE && req.body.privacy === VideoPlaylistPrivacy.PRIVATE) {
54 cleanUpReqFiles(req)
55 return res.status(409)
56 .json({ error: 'Cannot set "private" a video playlist that was not private.' })
57 }
58
50 if (req.body.videoChannelId && !await isVideoChannelIdExist(req.body.videoChannelId, res)) return cleanUpReqFiles(req) 59 if (req.body.videoChannelId && !await isVideoChannelIdExist(req.body.videoChannelId, res)) return cleanUpReqFiles(req)
51 60
52 return next() 61 return next()
@@ -83,6 +92,14 @@ const videoPlaylistsGetValidator = [
83 if (!await isVideoPlaylistExist(req.params.playlistId, res)) return 92 if (!await isVideoPlaylistExist(req.params.playlistId, res)) return
84 93
85 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 94 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist
95
96 // Video is unlisted, check we used the uuid to fetch it
97 if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) {
98 if (isUUIDValid(req.params.playlistId)) return next()
99
100 return res.status(404).end()
101 }
102
86 if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { 103 if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
87 await authenticatePromiseIfNeeded(req, res) 104 await authenticatePromiseIfNeeded(req, res)
88 105
@@ -121,7 +138,7 @@ const videoPlaylistsAddVideoValidator = [
121 if (areValidationErrors(req, res)) return 138 if (areValidationErrors(req, res)) return
122 139
123 if (!await isVideoPlaylistExist(req.params.playlistId, res)) return 140 if (!await isVideoPlaylistExist(req.params.playlistId, res)) return
124 if (!await isVideoExist(req.body.videoId, res, 'id')) return 141 if (!await isVideoExist(req.body.videoId, res, 'only-video')) return
125 142
126 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 143 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist
127 const video: VideoModel = res.locals.video 144 const video: VideoModel = res.locals.video
@@ -161,7 +178,7 @@ const videoPlaylistsUpdateOrRemoveVideoValidator = [
161 if (areValidationErrors(req, res)) return 178 if (areValidationErrors(req, res)) return
162 179
163 if (!await isVideoPlaylistExist(req.params.playlistId, res)) return 180 if (!await isVideoPlaylistExist(req.params.playlistId, res)) return
164 if (!await isVideoExist(req.params.playlistId, res, 'id')) return 181 if (!await isVideoExist(req.params.videoId, res, 'id')) return
165 182
166 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 183 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist
167 const video: VideoModel = res.locals.video 184 const video: VideoModel = res.locals.video
@@ -233,6 +250,27 @@ const videoPlaylistsReorderVideosValidator = [
233 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 250 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist
234 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return 251 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return
235 252
253 const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id)
254 const startPosition: number = req.body.startPosition
255 const insertAfterPosition: number = req.body.insertAfterPosition
256 const reorderLength: number = req.body.reorderLength
257
258 if (startPosition >= nextPosition || insertAfterPosition >= nextPosition) {
259 res.status(400)
260 .json({ error: `Start position or insert after position exceed the playlist limits (max: ${nextPosition - 1})` })
261 .end()
262
263 return
264 }
265
266 if (reorderLength && reorderLength + startPosition > nextPosition) {
267 res.status(400)
268 .json({ error: `Reorder length with this start position exceeds the playlist limits (max: ${nextPosition - startPosition})` })
269 .end()
270
271 return
272 }
273
236 return next() 274 return next()
237 } 275 }
238] 276]