aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2017-07-05 13:26:25 +0200
committerChocobozzz <florian.bigard@gmail.com>2017-07-05 14:14:16 +0200
commit6fcd19ba737f1f5614a56c6925adb882dea43b8d (patch)
tree3365a96d82bc7f00ae504a568725c8e914150cf8 /server/middlewares
parent5fe7e898316e18369c3e1aba307b55077adc7bfb (diff)
downloadPeerTube-6fcd19ba737f1f5614a56c6925adb882dea43b8d.tar.gz
PeerTube-6fcd19ba737f1f5614a56c6925adb882dea43b8d.tar.zst
PeerTube-6fcd19ba737f1f5614a56c6925adb882dea43b8d.zip
Move to promises
Closes https://github.com/Chocobozzz/PeerTube/issues/74
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/secure.ts56
-rw-r--r--server/middlewares/validators/pods.ts44
-rw-r--r--server/middlewares/validators/users.ts52
-rw-r--r--server/middlewares/validators/videos.ts75
4 files changed, 113 insertions, 114 deletions
diff --git a/server/middlewares/secure.ts b/server/middlewares/secure.ts
index fbfd08c7b..0fa9ee9d2 100644
--- a/server/middlewares/secure.ts
+++ b/server/middlewares/secure.ts
@@ -9,41 +9,41 @@ import {
9 9
10function checkSignature (req: express.Request, res: express.Response, next: express.NextFunction) { 10function checkSignature (req: express.Request, res: express.Response, next: express.NextFunction) {
11 const host = req.body.signature.host 11 const host = req.body.signature.host
12 db.Pod.loadByHost(host, function (err, pod) { 12 db.Pod.loadByHost(host)
13 if (err) { 13 .then(pod => {
14 logger.error('Cannot get signed host in body.', { error: err }) 14 if (pod === null) {
15 return res.sendStatus(500) 15 logger.error('Unknown pod %s.', host)
16 } 16 return res.sendStatus(403)
17 }
17 18
18 if (pod === null) { 19 logger.debug('Checking signature from %s.', host)
19 logger.error('Unknown pod %s.', host)
20 return res.sendStatus(403)
21 }
22 20
23 logger.debug('Checking signature from %s.', host) 21 let signatureShouldBe
22 // If there is data in the body the sender used it for its signature
23 // If there is no data we just use its host as signature
24 if (req.body.data) {
25 signatureShouldBe = req.body.data
26 } else {
27 signatureShouldBe = host
28 }
24 29
25 let signatureShouldBe 30 const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature)
26 // If there is data in the body the sender used it for its signature
27 // If there is no data we just use its host as signature
28 if (req.body.data) {
29 signatureShouldBe = req.body.data
30 } else {
31 signatureShouldBe = host
32 }
33 31
34 const signatureOk = peertubeCryptoCheckSignature(pod.publicKey, signatureShouldBe, req.body.signature.signature) 32 if (signatureOk === true) {
33 res.locals.secure = {
34 pod
35 }
35 36
36 if (signatureOk === true) { 37 return next()
37 res.locals.secure = {
38 pod
39 } 38 }
40 39
41 return next() 40 logger.error('Signature is not okay in body for %s.', req.body.signature.host)
42 } 41 return res.sendStatus(403)
43 42 })
44 logger.error('Signature is not okay in body for %s.', req.body.signature.host) 43 .catch(err => {
45 return res.sendStatus(403) 44 logger.error('Cannot get signed host in body.', { error: err })
46 }) 45 return res.sendStatus(500)
46 })
47} 47}
48 48
49// --------------------------------------------------------------------------- 49// ---------------------------------------------------------------------------
diff --git a/server/middlewares/validators/pods.ts b/server/middlewares/validators/pods.ts
index d8eb90168..da7fc2bd6 100644
--- a/server/middlewares/validators/pods.ts
+++ b/server/middlewares/validators/pods.ts
@@ -19,19 +19,19 @@ function makeFriendsValidator (req: express.Request, res: express.Response, next
19 logger.debug('Checking makeFriends parameters', { parameters: req.body }) 19 logger.debug('Checking makeFriends parameters', { parameters: req.body })
20 20
21 checkErrors(req, res, function () { 21 checkErrors(req, res, function () {
22 hasFriends(function (err, heHasFriends) { 22 hasFriends()
23 if (err) { 23 .then(heHasFriends => {
24 if (heHasFriends === true) {
25 // We need to quit our friends before make new ones
26 return res.sendStatus(409)
27 }
28
29 return next()
30 })
31 .catch(err => {
24 logger.error('Cannot know if we have friends.', { error: err }) 32 logger.error('Cannot know if we have friends.', { error: err })
25 res.sendStatus(500) 33 res.sendStatus(500)
26 } 34 })
27
28 if (heHasFriends === true) {
29 // We need to quit our friends before make new ones
30 return res.sendStatus(409)
31 }
32
33 return next()
34 })
35 }) 35 })
36} 36}
37 37
@@ -42,19 +42,19 @@ function podsAddValidator (req: express.Request, res: express.Response, next: ex
42 logger.debug('Checking podsAdd parameters', { parameters: req.body }) 42 logger.debug('Checking podsAdd parameters', { parameters: req.body })
43 43
44 checkErrors(req, res, function () { 44 checkErrors(req, res, function () {
45 db.Pod.loadByHost(req.body.host, function (err, pod) { 45 db.Pod.loadByHost(req.body.host)
46 if (err) { 46 .then(pod => {
47 // Pod with this host already exists
48 if (pod) {
49 return res.sendStatus(409)
50 }
51
52 return next()
53 })
54 .catch(err => {
47 logger.error('Cannot load pod by host.', { error: err }) 55 logger.error('Cannot load pod by host.', { error: err })
48 res.sendStatus(500) 56 res.sendStatus(500)
49 } 57 })
50
51 // Pod with this host already exists
52 if (pod) {
53 return res.sendStatus(409)
54 }
55
56 return next()
57 })
58 }) 58 })
59} 59}
60 60
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index b7b9ef370..c06735047 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -13,16 +13,16 @@ function usersAddValidator (req: express.Request, res: express.Response, next: e
13 logger.debug('Checking usersAdd parameters', { parameters: req.body }) 13 logger.debug('Checking usersAdd parameters', { parameters: req.body })
14 14
15 checkErrors(req, res, function () { 15 checkErrors(req, res, function () {
16 db.User.loadByUsernameOrEmail(req.body.username, req.body.email, function (err, user) { 16 db.User.loadByUsernameOrEmail(req.body.username, req.body.email)
17 if (err) { 17 .then(user => {
18 if (user) return res.status(409).send('User already exists.')
19
20 next()
21 })
22 .catch(err => {
18 logger.error('Error in usersAdd request validator.', { error: err }) 23 logger.error('Error in usersAdd request validator.', { error: err })
19 return res.sendStatus(500) 24 return res.sendStatus(500)
20 } 25 })
21
22 if (user) return res.status(409).send('User already exists.')
23
24 next()
25 })
26 }) 26 })
27} 27}
28 28
@@ -32,18 +32,18 @@ function usersRemoveValidator (req: express.Request, res: express.Response, next
32 logger.debug('Checking usersRemove parameters', { parameters: req.params }) 32 logger.debug('Checking usersRemove parameters', { parameters: req.params })
33 33
34 checkErrors(req, res, function () { 34 checkErrors(req, res, function () {
35 db.User.loadById(req.params.id, function (err, user) { 35 db.User.loadById(req.params.id)
36 if (err) { 36 .then(user => {
37 logger.error('Error in usersRemove request validator.', { error: err }) 37 if (!user) return res.status(404).send('User not found')
38 return res.sendStatus(500)
39 }
40
41 if (!user) return res.status(404).send('User not found')
42 38
43 if (user.username === 'root') return res.status(400).send('Cannot remove the root user') 39 if (user.username === 'root') return res.status(400).send('Cannot remove the root user')
44 40
45 next() 41 next()
46 }) 42 })
43 .catch(err => {
44 logger.error('Error in usersRemove request validator.', { error: err })
45 return res.sendStatus(500)
46 })
47 }) 47 })
48} 48}
49 49
@@ -64,16 +64,16 @@ function usersVideoRatingValidator (req: express.Request, res: express.Response,
64 logger.debug('Checking usersVideoRating parameters', { parameters: req.params }) 64 logger.debug('Checking usersVideoRating parameters', { parameters: req.params })
65 65
66 checkErrors(req, res, function () { 66 checkErrors(req, res, function () {
67 db.Video.load(req.params.videoId, function (err, video) { 67 db.Video.load(req.params.videoId)
68 if (err) { 68 .then(video => {
69 if (!video) return res.status(404).send('Video not found')
70
71 next()
72 })
73 .catch(err => {
69 logger.error('Error in user request validator.', { error: err }) 74 logger.error('Error in user request validator.', { error: err })
70 return res.sendStatus(500) 75 return res.sendStatus(500)
71 } 76 })
72
73 if (!video) return res.status(404).send('Video not found')
74
75 next()
76 })
77 }) 77 })
78} 78}
79 79
diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts
index 03742a522..ec452cade 100644
--- a/server/middlewares/validators/videos.ts
+++ b/server/middlewares/validators/videos.ts
@@ -1,5 +1,4 @@
1import 'express-validator' 1import 'express-validator'
2import * as multer from 'multer'
3import * as express from 'express' 2import * as express from 'express'
4 3
5import { database as db } from '../../initializers/database' 4import { database as db } from '../../initializers/database'
@@ -24,18 +23,19 @@ function videosAddValidator (req: express.Request, res: express.Response, next:
24 checkErrors(req, res, function () { 23 checkErrors(req, res, function () {
25 const videoFile = req.files.videofile[0] 24 const videoFile = req.files.videofile[0]
26 25
27 db.Video.getDurationFromFile(videoFile.path, function (err, duration) { 26 db.Video.getDurationFromFile(videoFile.path)
28 if (err) { 27 .then(duration => {
29 return res.status(400).send('Cannot retrieve metadata of the file.') 28 if (!isVideoDurationValid('' + duration)) {
30 } 29 return res.status(400).send('Duration of the video file is too big (max: ' + CONSTRAINTS_FIELDS.VIDEOS.DURATION.max + 's).')
31 30 }
32 if (!isVideoDurationValid(duration)) {
33 return res.status(400).send('Duration of the video file is too big (max: ' + CONSTRAINTS_FIELDS.VIDEOS.DURATION.max + 's).')
34 }
35 31
36 videoFile['duration'] = duration 32 videoFile['duration'] = duration
37 next() 33 next()
38 }) 34 })
35 .catch(err => {
36 logger.error('Error in getting duration from file.', { error: err })
37 res.status(400).send('Cannot retrieve metadata of the file.')
38 })
39 }) 39 })
40} 40}
41 41
@@ -157,43 +157,42 @@ export {
157// --------------------------------------------------------------------------- 157// ---------------------------------------------------------------------------
158 158
159function checkVideoExists (id: string, res: express.Response, callback: () => void) { 159function checkVideoExists (id: string, res: express.Response, callback: () => void) {
160 db.Video.loadAndPopulateAuthorAndPodAndTags(id, function (err, video) { 160 db.Video.loadAndPopulateAuthorAndPodAndTags(id).then(video => {
161 if (err) {
162 logger.error('Error in video request validator.', { error: err })
163 return res.sendStatus(500)
164 }
165
166 if (!video) return res.status(404).send('Video not found') 161 if (!video) return res.status(404).send('Video not found')
167 162
168 res.locals.video = video 163 res.locals.video = video
169 callback() 164 callback()
170 }) 165 })
166 .catch(err => {
167 logger.error('Error in video request validator.', { error: err })
168 return res.sendStatus(500)
169 })
171} 170}
172 171
173function checkUserCanDeleteVideo (userId: number, res: express.Response, callback: () => void) { 172function checkUserCanDeleteVideo (userId: number, res: express.Response, callback: () => void) {
174 // Retrieve the user who did the request 173 // Retrieve the user who did the request
175 db.User.loadById(userId, function (err, user) { 174 db.User.loadById(userId)
176 if (err) { 175 .then(user => {
177 logger.error('Error in video request validator.', { error: err }) 176 // Check if the user can delete the video
178 return res.sendStatus(500) 177 // The user can delete it if s/he is an admin
179 } 178 // Or if s/he is the video's author
180 179 if (user.isAdmin() === false) {
181 // Check if the user can delete the video 180 if (res.locals.video.isOwned() === false) {
182 // The user can delete it if s/he is an admin 181 return res.status(403).send('Cannot remove video of another pod')
183 // Or if s/he is the video's author 182 }
184 if (user.isAdmin() === false) { 183
185 if (res.locals.video.isOwned() === false) { 184 if (res.locals.video.Author.userId !== res.locals.oauth.token.User.id) {
186 return res.status(403).send('Cannot remove video of another pod') 185 return res.status(403).send('Cannot remove video of another user')
187 } 186 }
188
189 if (res.locals.video.Author.userId !== res.locals.oauth.token.User.id) {
190 return res.status(403).send('Cannot remove video of another user')
191 } 187 }
192 }
193 188
194 // If we reach this comment, we can delete the video 189 // If we reach this comment, we can delete the video
195 callback() 190 callback()
196 }) 191 })
192 .catch(err => {
193 logger.error('Error in video request validator.', { error: err })
194 return res.sendStatus(500)
195 })
197} 196}
198 197
199function checkVideoIsBlacklistable (req: express.Request, res: express.Response, callback: () => void) { 198function checkVideoIsBlacklistable (req: express.Request, res: express.Response, callback: () => void) {