diff options
author | Chocobozzz <me@florianbigard.com> | 2020-01-31 16:56:52 +0100 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2020-02-03 08:31:02 +0100 |
commit | a15871560f80e07386c1dabb8370cd2664ecfd1f (patch) | |
tree | 44440e140c9e43b0d7f97ade777a76e649e0553d /server/middlewares | |
parent | a22046d166805222ca76060e471b6cb3d419a32d (diff) | |
download | PeerTube-contain.tar.gz PeerTube-contain.tar.zst PeerTube-contain.zip |
Move to eslintcontain
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/activitypub.ts | 3 | ||||
-rw-r--r-- | server/middlewares/csp.ts | 30 | ||||
-rw-r--r-- | server/middlewares/dnt.ts | 3 | ||||
-rw-r--r-- | server/middlewares/oauth.ts | 1 | ||||
-rw-r--r-- | server/middlewares/sort.ts | 2 | ||||
-rw-r--r-- | server/middlewares/validators/avatar.ts | 4 | ||||
-rw-r--r-- | server/middlewares/validators/config.ts | 2 | ||||
-rw-r--r-- | server/middlewares/validators/feeds.ts | 8 | ||||
-rw-r--r-- | server/middlewares/validators/redundancy.ts | 2 | ||||
-rw-r--r-- | server/middlewares/validators/users.ts | 7 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-captions.ts | 10 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-comments.ts | 2 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-imports.ts | 9 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-playlists.ts | 9 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-rates.ts | 2 | ||||
-rw-r--r-- | server/middlewares/validators/videos/videos.ts | 28 |
16 files changed, 60 insertions, 62 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts index f3feae41e..ab7d04d25 100644 --- a/server/middlewares/activitypub.ts +++ b/server/middlewares/activitypub.ts | |||
@@ -6,6 +6,7 @@ import { ACCEPT_HEADERS, ACTIVITY_PUB, HTTP_SIGNATURE } from '../initializers/co | |||
6 | import { getOrCreateActorAndServerAndModel } from '../lib/activitypub' | 6 | import { getOrCreateActorAndServerAndModel } from '../lib/activitypub' |
7 | import { loadActorUrlOrGetFromWebfinger } from '../helpers/webfinger' | 7 | import { loadActorUrlOrGetFromWebfinger } from '../helpers/webfinger' |
8 | import { isActorDeleteActivityValid } from '@server/helpers/custom-validators/activitypub/actor' | 8 | import { isActorDeleteActivityValid } from '@server/helpers/custom-validators/activitypub/actor' |
9 | import { getAPId } from '@server/helpers/activitypub' | ||
9 | 10 | ||
10 | async function checkSignature (req: Request, res: Response, next: NextFunction) { | 11 | async function checkSignature (req: Request, res: Response, next: NextFunction) { |
11 | try { | 12 | try { |
@@ -16,7 +17,7 @@ async function checkSignature (req: Request, res: Response, next: NextFunction) | |||
16 | 17 | ||
17 | // Forwarded activity | 18 | // Forwarded activity |
18 | const bodyActor = req.body.actor | 19 | const bodyActor = req.body.actor |
19 | const bodyActorId = bodyActor && bodyActor.id ? bodyActor.id : bodyActor | 20 | const bodyActorId = getAPId(bodyActor) |
20 | if (bodyActorId && bodyActorId !== actor.url) { | 21 | if (bodyActorId && bodyActorId !== actor.url) { |
21 | const jsonLDSignatureChecked = await checkJsonLDSignature(req, res) | 22 | const jsonLDSignatureChecked = await checkJsonLDSignature(req, res) |
22 | if (jsonLDSignatureChecked !== true) return | 23 | if (jsonLDSignatureChecked !== true) return |
diff --git a/server/middlewares/csp.ts b/server/middlewares/csp.ts index d11d70790..f5de69603 100644 --- a/server/middlewares/csp.ts +++ b/server/middlewares/csp.ts | |||
@@ -3,20 +3,20 @@ import { CONFIG } from '../initializers/config' | |||
3 | 3 | ||
4 | const baseDirectives = Object.assign({}, | 4 | const baseDirectives = Object.assign({}, |
5 | { | 5 | { |
6 | defaultSrc: ["'none'"], // by default, not specifying default-src = '*' | 6 | defaultSrc: [ '\'none\'' ], // by default, not specifying default-src = '*' |
7 | connectSrc: ['*', 'data:'], | 7 | connectSrc: [ '*', 'data:' ], |
8 | mediaSrc: ["'self'", 'https:', 'blob:'], | 8 | mediaSrc: [ '\'self\'', 'https:', 'blob:' ], |
9 | fontSrc: ["'self'", 'data:'], | 9 | fontSrc: [ '\'self\'', 'data:' ], |
10 | imgSrc: ["'self'", 'data:', 'blob:'], | 10 | imgSrc: [ '\'self\'', 'data:', 'blob:' ], |
11 | scriptSrc: ["'self' 'unsafe-inline' 'unsafe-eval'", 'blob:'], | 11 | scriptSrc: [ '\'self\' \'unsafe-inline\' \'unsafe-eval\'', 'blob:' ], |
12 | styleSrc: ["'self' 'unsafe-inline'"], | 12 | styleSrc: [ '\'self\' \'unsafe-inline\'' ], |
13 | objectSrc: ["'none'"], // only define to allow plugins, else let defaultSrc 'none' block it | 13 | objectSrc: [ '\'none\'' ], // only define to allow plugins, else let defaultSrc 'none' block it |
14 | formAction: ["'self'"], | 14 | formAction: [ '\'self\'' ], |
15 | frameAncestors: ["'none'"], | 15 | frameAncestors: [ '\'none\'' ], |
16 | baseUri: ["'self'"], | 16 | baseUri: [ '\'self\'' ], |
17 | manifestSrc: ["'self'"], | 17 | manifestSrc: [ '\'self\'' ], |
18 | frameSrc: ["'self'"], // instead of deprecated child-src / self because of test-embed | 18 | frameSrc: [ '\'self\'' ], // instead of deprecated child-src / self because of test-embed |
19 | workerSrc: ["'self'", 'blob:'] // instead of deprecated child-src | 19 | workerSrc: [ '\'self\'', 'blob:' ] // instead of deprecated child-src |
20 | }, | 20 | }, |
21 | CONFIG.CSP.REPORT_URI ? { reportUri: CONFIG.CSP.REPORT_URI } : {}, | 21 | CONFIG.CSP.REPORT_URI ? { reportUri: CONFIG.CSP.REPORT_URI } : {}, |
22 | CONFIG.WEBSERVER.SCHEME === 'https' ? { upgradeInsecureRequests: true } : {} | 22 | CONFIG.WEBSERVER.SCHEME === 'https' ? { upgradeInsecureRequests: true } : {} |
@@ -29,7 +29,7 @@ const baseCSP = helmet.contentSecurityPolicy({ | |||
29 | }) | 29 | }) |
30 | 30 | ||
31 | const embedCSP = helmet.contentSecurityPolicy({ | 31 | const embedCSP = helmet.contentSecurityPolicy({ |
32 | directives: Object.assign({}, baseDirectives, { frameAncestors: ['*'] }), | 32 | directives: Object.assign({}, baseDirectives, { frameAncestors: [ '*' ] }), |
33 | browserSniff: false, // assumes a modern browser, but allows CDN in front | 33 | browserSniff: false, // assumes a modern browser, but allows CDN in front |
34 | reportOnly: CONFIG.CSP.REPORT_ONLY | 34 | reportOnly: CONFIG.CSP.REPORT_ONLY |
35 | }) | 35 | }) |
diff --git a/server/middlewares/dnt.ts b/server/middlewares/dnt.ts index 607def855..dd88005dd 100644 --- a/server/middlewares/dnt.ts +++ b/server/middlewares/dnt.ts | |||
@@ -1,6 +1,3 @@ | |||
1 | import * as ipaddr from 'ipaddr.js' | ||
2 | import { format } from 'util' | ||
3 | |||
4 | const advertiseDoNotTrack = (_, res, next) => { | 1 | const advertiseDoNotTrack = (_, res, next) => { |
5 | res.setHeader('Tk', 'N') | 2 | res.setHeader('Tk', 'N') |
6 | return next() | 3 | return next() |
diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts index 749f5cccd..9eef03bb4 100644 --- a/server/middlewares/oauth.ts +++ b/server/middlewares/oauth.ts | |||
@@ -51,6 +51,7 @@ function authenticateSocket (socket: Socket, next: (err?: any) => void) { | |||
51 | 51 | ||
52 | return next() | 52 | return next() |
53 | }) | 53 | }) |
54 | .catch(err => logger.error('Cannot get access token.', { err })) | ||
54 | } | 55 | } |
55 | 56 | ||
56 | function authenticatePromiseIfNeeded (req: express.Request, res: express.Response, authenticateInQuery = false) { | 57 | function authenticatePromiseIfNeeded (req: express.Request, res: express.Response, authenticateInQuery = false) { |
diff --git a/server/middlewares/sort.ts b/server/middlewares/sort.ts index 75238228f..fcbb2902c 100644 --- a/server/middlewares/sort.ts +++ b/server/middlewares/sort.ts | |||
@@ -8,7 +8,7 @@ const setDefaultVideoRedundanciesSort = setDefaultSortFactory('name') | |||
8 | const setDefaultSearchSort = setDefaultSortFactory('-match') | 8 | const setDefaultSearchSort = setDefaultSortFactory('-match') |
9 | 9 | ||
10 | function setBlacklistSort (req: express.Request, res: express.Response, next: express.NextFunction) { | 10 | function setBlacklistSort (req: express.Request, res: express.Response, next: express.NextFunction) { |
11 | let newSort: SortType = { sortModel: undefined, sortValue: '' } | 11 | const newSort: SortType = { sortModel: undefined, sortValue: '' } |
12 | 12 | ||
13 | if (!req.query.sort) req.query.sort = '-createdAt' | 13 | if (!req.query.sort) req.query.sort = '-createdAt' |
14 | 14 | ||
diff --git a/server/middlewares/validators/avatar.ts b/server/middlewares/validators/avatar.ts index 8623d07e8..2acb97483 100644 --- a/server/middlewares/validators/avatar.ts +++ b/server/middlewares/validators/avatar.ts | |||
@@ -8,8 +8,8 @@ import { cleanUpReqFiles } from '../../helpers/express-utils' | |||
8 | 8 | ||
9 | const updateAvatarValidator = [ | 9 | const updateAvatarValidator = [ |
10 | body('avatarfile').custom((value, { req }) => isAvatarFile(req.files)).withMessage( | 10 | body('avatarfile').custom((value, { req }) => isAvatarFile(req.files)).withMessage( |
11 | 'This file is not supported or too large. Please, make sure it is of the following type : ' | 11 | 'This file is not supported or too large. Please, make sure it is of the following type : ' + |
12 | + CONSTRAINTS_FIELDS.ACTORS.AVATAR.EXTNAME.join(', ') | 12 | CONSTRAINTS_FIELDS.ACTORS.AVATAR.EXTNAME.join(', ') |
13 | ), | 13 | ), |
14 | 14 | ||
15 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 15 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
diff --git a/server/middlewares/validators/config.ts b/server/middlewares/validators/config.ts index 2d1f61947..ceab646c0 100644 --- a/server/middlewares/validators/config.ts +++ b/server/middlewares/validators/config.ts | |||
@@ -55,7 +55,7 @@ const customConfigUpdateValidator = [ | |||
55 | 55 | ||
56 | body('theme.default').custom(v => isThemeNameValid(v) && isThemeRegistered(v)).withMessage('Should have a valid theme'), | 56 | body('theme.default').custom(v => isThemeNameValid(v) && isThemeRegistered(v)).withMessage('Should have a valid theme'), |
57 | 57 | ||
58 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 58 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
59 | logger.debug('Checking customConfigUpdateValidator parameters', { parameters: req.body }) | 59 | logger.debug('Checking customConfigUpdateValidator parameters', { parameters: req.body }) |
60 | 60 | ||
61 | if (areValidationErrors(req, res)) return | 61 | if (areValidationErrors(req, res)) return |
diff --git a/server/middlewares/validators/feeds.ts b/server/middlewares/validators/feeds.ts index 29f6c87be..f34c2b174 100644 --- a/server/middlewares/validators/feeds.ts +++ b/server/middlewares/validators/feeds.ts | |||
@@ -22,13 +22,13 @@ function setFeedFormatContentType (req: express.Request, res: express.Response, | |||
22 | 22 | ||
23 | let acceptableContentTypes: string[] | 23 | let acceptableContentTypes: string[] |
24 | if (format === 'atom' || format === 'atom1') { | 24 | if (format === 'atom' || format === 'atom1') { |
25 | acceptableContentTypes = ['application/atom+xml', 'application/xml', 'text/xml'] | 25 | acceptableContentTypes = [ 'application/atom+xml', 'application/xml', 'text/xml' ] |
26 | } else if (format === 'json' || format === 'json1') { | 26 | } else if (format === 'json' || format === 'json1') { |
27 | acceptableContentTypes = ['application/json'] | 27 | acceptableContentTypes = [ 'application/json' ] |
28 | } else if (format === 'rss' || format === 'rss2') { | 28 | } else if (format === 'rss' || format === 'rss2') { |
29 | acceptableContentTypes = ['application/rss+xml', 'application/xml', 'text/xml'] | 29 | acceptableContentTypes = [ 'application/rss+xml', 'application/xml', 'text/xml' ] |
30 | } else { | 30 | } else { |
31 | acceptableContentTypes = ['application/xml', 'text/xml'] | 31 | acceptableContentTypes = [ 'application/xml', 'text/xml' ] |
32 | } | 32 | } |
33 | 33 | ||
34 | if (req.accepts(acceptableContentTypes)) { | 34 | if (req.accepts(acceptableContentTypes)) { |
diff --git a/server/middlewares/validators/redundancy.ts b/server/middlewares/validators/redundancy.ts index 16b42fc0d..8cd3bc33d 100644 --- a/server/middlewares/validators/redundancy.ts +++ b/server/middlewares/validators/redundancy.ts | |||
@@ -106,7 +106,7 @@ const listVideoRedundanciesValidator = [ | |||
106 | query('target') | 106 | query('target') |
107 | .custom(isVideoRedundancyTarget).withMessage('Should have a valid video redundancies target'), | 107 | .custom(isVideoRedundancyTarget).withMessage('Should have a valid video redundancies target'), |
108 | 108 | ||
109 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 109 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
110 | logger.debug('Checking listVideoRedundanciesValidator parameters', { parameters: req.query }) | 110 | logger.debug('Checking listVideoRedundanciesValidator parameters', { parameters: req.query }) |
111 | 111 | ||
112 | if (areValidationErrors(req, res)) return | 112 | if (areValidationErrors(req, res)) return |
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index c78c67a8c..5d52b5804 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -36,7 +36,6 @@ import { doesVideoExist } from '../../helpers/middlewares' | |||
36 | import { UserRole } from '../../../shared/models/users' | 36 | import { UserRole } from '../../../shared/models/users' |
37 | import { MUserDefault } from '@server/typings/models' | 37 | import { MUserDefault } from '@server/typings/models' |
38 | import { Hooks } from '@server/lib/plugins/hooks' | 38 | import { Hooks } from '@server/lib/plugins/hooks' |
39 | import { isLocalVideoAccepted } from '@server/lib/moderation' | ||
40 | 39 | ||
41 | const usersAddValidator = [ | 40 | const usersAddValidator = [ |
42 | body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'), | 41 | body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'), |
@@ -149,7 +148,7 @@ const usersBlockingValidator = [ | |||
149 | ] | 148 | ] |
150 | 149 | ||
151 | const deleteMeValidator = [ | 150 | const deleteMeValidator = [ |
152 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 151 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
153 | const user = res.locals.oauth.token.User | 152 | const user = res.locals.oauth.token.User |
154 | if (user.username === 'root') { | 153 | if (user.username === 'root') { |
155 | return res.status(400) | 154 | return res.status(400) |
@@ -303,7 +302,7 @@ const ensureUserRegistrationAllowed = [ | |||
303 | ] | 302 | ] |
304 | 303 | ||
305 | const ensureUserRegistrationAllowedForIP = [ | 304 | const ensureUserRegistrationAllowedForIP = [ |
306 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 305 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
307 | const allowed = isSignupAllowedForCurrentIP(req.ip) | 306 | const allowed = isSignupAllowedForCurrentIP(req.ip) |
308 | 307 | ||
309 | if (allowed === false) { | 308 | if (allowed === false) { |
@@ -410,7 +409,7 @@ const userAutocompleteValidator = [ | |||
410 | ] | 409 | ] |
411 | 410 | ||
412 | const ensureAuthUserOwnsAccountValidator = [ | 411 | const ensureAuthUserOwnsAccountValidator = [ |
413 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 412 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
414 | const user = res.locals.oauth.token.User | 413 | const user = res.locals.oauth.token.User |
415 | 414 | ||
416 | if (res.locals.account.id !== user.Account.id) { | 415 | if (res.locals.account.id !== user.Account.id) { |
diff --git a/server/middlewares/validators/videos/video-captions.ts b/server/middlewares/validators/videos/video-captions.ts index 7b0cd6f66..872d9c2ab 100644 --- a/server/middlewares/validators/videos/video-captions.ts +++ b/server/middlewares/validators/videos/video-captions.ts | |||
@@ -13,10 +13,12 @@ const addVideoCaptionValidator = [ | |||
13 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid video id'), | 13 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid video id'), |
14 | param('captionLanguage').custom(isVideoCaptionLanguageValid).not().isEmpty().withMessage('Should have a valid caption language'), | 14 | param('captionLanguage').custom(isVideoCaptionLanguageValid).not().isEmpty().withMessage('Should have a valid caption language'), |
15 | body('captionfile') | 15 | body('captionfile') |
16 | .custom((_, { req }) => isVideoCaptionFile(req.files, 'captionfile')).withMessage( | 16 | .custom((_, { req }) => isVideoCaptionFile(req.files, 'captionfile')) |
17 | `This caption file is not supported or too large. Please, make sure it is under ${CONSTRAINTS_FIELDS.VIDEO_CAPTIONS.CAPTION_FILE.FILE_SIZE} and one of the following mimetypes: ` | 17 | .withMessage( |
18 | + Object.keys(MIMETYPES.VIDEO_CAPTIONS.MIMETYPE_EXT).map(key => `${key} (${MIMETYPES.VIDEO_CAPTIONS.MIMETYPE_EXT[key]})`).join(', ') | 18 | 'This caption file is not supported or too large. ' + |
19 | ), | 19 | `Please, make sure it is under ${CONSTRAINTS_FIELDS.VIDEO_CAPTIONS.CAPTION_FILE.FILE_SIZE} and one of the following mimetypes: ` + |
20 | Object.keys(MIMETYPES.VIDEO_CAPTIONS.MIMETYPE_EXT).map(key => `${key} (${MIMETYPES.VIDEO_CAPTIONS.MIMETYPE_EXT[key]})`).join(', ') | ||
21 | ), | ||
20 | 22 | ||
21 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 23 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
22 | logger.debug('Checking addVideoCaption parameters', { parameters: req.body }) | 24 | logger.debug('Checking addVideoCaption parameters', { parameters: req.body }) |
diff --git a/server/middlewares/validators/videos/video-comments.ts b/server/middlewares/validators/videos/video-comments.ts index 77c5f940d..da2fafb10 100644 --- a/server/middlewares/validators/videos/video-comments.ts +++ b/server/middlewares/validators/videos/video-comments.ts | |||
@@ -50,7 +50,7 @@ const addVideoCommentThreadValidator = [ | |||
50 | if (areValidationErrors(req, res)) return | 50 | if (areValidationErrors(req, res)) return |
51 | if (!await doesVideoExist(req.params.videoId, res)) return | 51 | if (!await doesVideoExist(req.params.videoId, res)) return |
52 | if (!isVideoCommentsEnabled(res.locals.videoAll, res)) return | 52 | if (!isVideoCommentsEnabled(res.locals.videoAll, res)) return |
53 | if (!await isVideoCommentAccepted(req, res, res.locals.videoAll,false)) return | 53 | if (!await isVideoCommentAccepted(req, res, res.locals.videoAll, false)) return |
54 | 54 | ||
55 | return next() | 55 | return next() |
56 | } | 56 | } |
diff --git a/server/middlewares/validators/videos/video-imports.ts b/server/middlewares/validators/videos/video-imports.ts index 318dad100..5dc5db533 100644 --- a/server/middlewares/validators/videos/video-imports.ts +++ b/server/middlewares/validators/videos/video-imports.ts | |||
@@ -22,10 +22,11 @@ const videoImportAddValidator = getCommonVideoEditAttributes().concat([ | |||
22 | .optional() | 22 | .optional() |
23 | .custom(isVideoMagnetUriValid).withMessage('Should have a valid video magnet URI'), | 23 | .custom(isVideoMagnetUriValid).withMessage('Should have a valid video magnet URI'), |
24 | body('torrentfile') | 24 | body('torrentfile') |
25 | .custom((value, { req }) => isVideoImportTorrentFile(req.files)).withMessage( | 25 | .custom((value, { req }) => isVideoImportTorrentFile(req.files)) |
26 | 'This torrent file is not supported or too large. Please, make sure it is of the following type: ' | 26 | .withMessage( |
27 | + CONSTRAINTS_FIELDS.VIDEO_IMPORTS.TORRENT_FILE.EXTNAME.join(', ') | 27 | 'This torrent file is not supported or too large. Please, make sure it is of the following type: ' + |
28 | ), | 28 | CONSTRAINTS_FIELDS.VIDEO_IMPORTS.TORRENT_FILE.EXTNAME.join(', ') |
29 | ), | ||
29 | body('name') | 30 | body('name') |
30 | .optional() | 31 | .optional() |
31 | .custom(isVideoNameValid).withMessage('Should have a valid name'), | 32 | .custom(isVideoNameValid).withMessage('Should have a valid name'), |
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts index 1d67e8666..6b15c5464 100644 --- a/server/middlewares/validators/videos/video-playlists.ts +++ b/server/middlewares/validators/videos/video-playlists.ts | |||
@@ -384,10 +384,11 @@ export { | |||
384 | function getCommonPlaylistEditAttributes () { | 384 | function getCommonPlaylistEditAttributes () { |
385 | return [ | 385 | return [ |
386 | body('thumbnailfile') | 386 | body('thumbnailfile') |
387 | .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage( | 387 | .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')) |
388 | 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: ' | 388 | .withMessage( |
389 | + CONSTRAINTS_FIELDS.VIDEO_PLAYLISTS.IMAGE.EXTNAME.join(', ') | 389 | 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: ' + |
390 | ), | 390 | CONSTRAINTS_FIELDS.VIDEO_PLAYLISTS.IMAGE.EXTNAME.join(', ') |
391 | ), | ||
391 | 392 | ||
392 | body('description') | 393 | body('description') |
393 | .optional() | 394 | .optional() |
diff --git a/server/middlewares/validators/videos/video-rates.ts b/server/middlewares/validators/videos/video-rates.ts index 5d5fae8aa..cbc144f69 100644 --- a/server/middlewares/validators/videos/video-rates.ts +++ b/server/middlewares/validators/videos/video-rates.ts | |||
@@ -51,7 +51,7 @@ const getAccountVideoRateValidatorFactory = function (rateType: VideoRateType) { | |||
51 | const videoRatingValidator = [ | 51 | const videoRatingValidator = [ |
52 | query('rating').optional().custom(isRatingValid).withMessage('Value must be one of "like" or "dislike"'), | 52 | query('rating').optional().custom(isRatingValid).withMessage('Value must be one of "like" or "dislike"'), |
53 | 53 | ||
54 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 54 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
55 | logger.debug('Checking rating parameter', { parameters: req.params }) | 55 | logger.debug('Checking rating parameter', { parameters: req.params }) |
56 | 56 | ||
57 | if (areValidationErrors(req, res)) return | 57 | if (areValidationErrors(req, res)) return |
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts index 6733d9dec..11dd02706 100644 --- a/server/middlewares/validators/videos/videos.ts +++ b/server/middlewares/validators/videos/videos.ts | |||
@@ -49,8 +49,8 @@ import { getVideoWithAttributes } from '../../../helpers/video' | |||
49 | const videosAddValidator = getCommonVideoEditAttributes().concat([ | 49 | const videosAddValidator = getCommonVideoEditAttributes().concat([ |
50 | body('videofile') | 50 | body('videofile') |
51 | .custom((value, { req }) => isVideoFile(req.files)).withMessage( | 51 | .custom((value, { req }) => isVideoFile(req.files)).withMessage( |
52 | 'This file is not supported or too large. Please, make sure it is of the following type: ' | 52 | 'This file is not supported or too large. Please, make sure it is of the following type: ' + |
53 | + CONSTRAINTS_FIELDS.VIDEOS.EXTNAME.join(', ') | 53 | CONSTRAINTS_FIELDS.VIDEOS.EXTNAME.join(', ') |
54 | ), | 54 | ), |
55 | body('name').custom(isVideoNameValid).withMessage('Should have a valid name'), | 55 | body('name').custom(isVideoNameValid).withMessage('Should have a valid name'), |
56 | body('channelId') | 56 | body('channelId') |
@@ -245,19 +245,15 @@ const videosTerminateChangeOwnershipValidator = [ | |||
245 | // Check if the user who did the request is able to change the ownership of the video | 245 | // Check if the user who did the request is able to change the ownership of the video |
246 | if (!checkUserCanTerminateOwnershipChange(res.locals.oauth.token.User, res.locals.videoChangeOwnership, res)) return | 246 | if (!checkUserCanTerminateOwnershipChange(res.locals.oauth.token.User, res.locals.videoChangeOwnership, res)) return |
247 | 247 | ||
248 | return next() | ||
249 | }, | ||
250 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
251 | const videoChangeOwnership = res.locals.videoChangeOwnership | 248 | const videoChangeOwnership = res.locals.videoChangeOwnership |
252 | 249 | ||
253 | if (videoChangeOwnership.status === VideoChangeOwnershipStatus.WAITING) { | 250 | if (videoChangeOwnership.status !== VideoChangeOwnershipStatus.WAITING) { |
254 | return next() | ||
255 | } else { | ||
256 | res.status(403) | 251 | res.status(403) |
257 | .json({ error: 'Ownership already accepted or refused' }) | 252 | .json({ error: 'Ownership already accepted or refused' }) |
258 | |||
259 | return | 253 | return |
260 | } | 254 | } |
255 | |||
256 | return next() | ||
261 | } | 257 | } |
262 | ] | 258 | ] |
263 | 259 | ||
@@ -284,14 +280,14 @@ function getCommonVideoEditAttributes () { | |||
284 | return [ | 280 | return [ |
285 | body('thumbnailfile') | 281 | body('thumbnailfile') |
286 | .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage( | 282 | .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage( |
287 | 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: ' | 283 | 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: ' + |
288 | + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') | 284 | CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') |
289 | ), | 285 | ), |
290 | body('previewfile') | 286 | body('previewfile') |
291 | .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage( | 287 | .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage( |
292 | 'This preview file is not supported or too large. Please, make sure it is of the following type: ' | 288 | 'This preview file is not supported or too large. Please, make sure it is of the following type: ' + |
293 | + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') | 289 | CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') |
294 | ), | 290 | ), |
295 | 291 | ||
296 | body('category') | 292 | body('category') |
297 | .optional() | 293 | .optional() |