diff options
author | Chocobozzz <florian.bigard@gmail.com> | 2017-10-26 10:40:37 +0200 |
---|---|---|
committer | Chocobozzz <florian.bigard@gmail.com> | 2017-10-26 10:40:37 +0200 |
commit | 51c443dbe0284c5ec54033be06f554ec37397bce (patch) | |
tree | 5312f85f1c8b9c62a77c05c8e440e301e5be3137 /server | |
parent | faab3a8453e2af92f95518e55e00293ac140b6e8 (diff) | |
download | PeerTube-51c443dbe0284c5ec54033be06f554ec37397bce.tar.gz PeerTube-51c443dbe0284c5ec54033be06f554ec37397bce.tar.zst PeerTube-51c443dbe0284c5ec54033be06f554ec37397bce.zip |
Be tolerant with remote requests
Just remove videos we don't want
Diffstat (limited to 'server')
-rw-r--r-- | server/helpers/custom-validators/remote/videos.ts | 86 | ||||
-rw-r--r-- | server/helpers/custom-validators/videos.ts | 20 | ||||
-rw-r--r-- | server/lib/request/abstract-request-scheduler.ts | 6 | ||||
-rw-r--r-- | server/middlewares/validators/remote/videos.ts | 31 |
4 files changed, 91 insertions, 52 deletions
diff --git a/server/helpers/custom-validators/remote/videos.ts b/server/helpers/custom-validators/remote/videos.ts index 057996f1c..a9ca36fe8 100644 --- a/server/helpers/custom-validators/remote/videos.ts +++ b/server/helpers/custom-validators/remote/videos.ts | |||
@@ -15,9 +15,9 @@ import { | |||
15 | isVideoLikesValid, | 15 | isVideoLikesValid, |
16 | isVideoDislikesValid, | 16 | isVideoDislikesValid, |
17 | isVideoEventCountValid, | 17 | isVideoEventCountValid, |
18 | isVideoCategoryValid, | 18 | isRemoteVideoCategoryValid, |
19 | isVideoLicenceValid, | 19 | isRemoteVideoLicenceValid, |
20 | isVideoLanguageValid, | 20 | isRemoteVideoLanguageValid, |
21 | isVideoNSFWValid, | 21 | isVideoNSFWValid, |
22 | isVideoDescriptionValid, | 22 | isVideoDescriptionValid, |
23 | isVideoDurationValid, | 23 | isVideoDurationValid, |
@@ -43,58 +43,64 @@ checkers[ENDPOINT_ACTIONS.REMOVE_CHANNEL] = checkRemoveVideoChannel | |||
43 | checkers[ENDPOINT_ACTIONS.ADD_AUTHOR] = checkAddAuthor | 43 | checkers[ENDPOINT_ACTIONS.ADD_AUTHOR] = checkAddAuthor |
44 | checkers[ENDPOINT_ACTIONS.REMOVE_AUTHOR] = checkRemoveAuthor | 44 | checkers[ENDPOINT_ACTIONS.REMOVE_AUTHOR] = checkRemoveAuthor |
45 | 45 | ||
46 | function isEachRemoteRequestVideosValid (requests: any[]) { | 46 | function removeBadRequestVideos (requests: any[]) { |
47 | return isArray(requests) && | 47 | for (let i = requests.length - 1; i >= 0 ; i--) { |
48 | requests.every(request => { | 48 | const request = requests[i] |
49 | const video = request.data | 49 | const video = request.data |
50 | 50 | ||
51 | if (!video) return false | 51 | if ( |
52 | 52 | !video || | |
53 | const checker = checkers[request.type] | 53 | checkers[request.type] === undefined || |
54 | // We don't know the request type | 54 | checkers[request.type](video) === false |
55 | if (checker === undefined) return false | 55 | ) { |
56 | 56 | requests.splice(i, 1) | |
57 | return checker(video) | 57 | } |
58 | }) | 58 | } |
59 | } | 59 | } |
60 | 60 | ||
61 | function isEachRemoteRequestVideosQaduValid (requests: any[]) { | 61 | function removeBadRequestVideosQadu (requests: any[]) { |
62 | return isArray(requests) && | 62 | for (let i = requests.length - 1; i >= 0 ; i--) { |
63 | requests.every(request => { | 63 | const request = requests[i] |
64 | const video = request.data | 64 | const video = request.data |
65 | 65 | ||
66 | if (!video) return false | 66 | if ( |
67 | 67 | !video || | |
68 | return ( | 68 | ( |
69 | isUUIDValid(video.uuid) && | 69 | isUUIDValid(video.uuid) && |
70 | (has(video, 'views') === false || isVideoViewsValid(video.views)) && | 70 | (has(video, 'views') === false || isVideoViewsValid(video.views)) && |
71 | (has(video, 'likes') === false || isVideoLikesValid(video.likes)) && | 71 | (has(video, 'likes') === false || isVideoLikesValid(video.likes)) && |
72 | (has(video, 'dislikes') === false || isVideoDislikesValid(video.dislikes)) | 72 | (has(video, 'dislikes') === false || isVideoDislikesValid(video.dislikes)) |
73 | ) | 73 | ) === false |
74 | }) | 74 | ) { |
75 | requests.splice(i, 1) | ||
76 | } | ||
77 | } | ||
75 | } | 78 | } |
76 | 79 | ||
77 | function isEachRemoteRequestVideosEventsValid (requests: any[]) { | 80 | function removeBadRequestVideosEvents (requests: any[]) { |
78 | return isArray(requests) && | 81 | for (let i = requests.length - 1; i >= 0 ; i--) { |
79 | requests.every(request => { | 82 | const request = requests[i] |
80 | const eventData = request.data | 83 | const eventData = request.data |
81 | |||
82 | if (!eventData) return false | ||
83 | 84 | ||
84 | return ( | 85 | if ( |
86 | !eventData || | ||
87 | ( | ||
85 | isUUIDValid(eventData.uuid) && | 88 | isUUIDValid(eventData.uuid) && |
86 | values(REQUEST_VIDEO_EVENT_TYPES).indexOf(eventData.eventType) !== -1 && | 89 | values(REQUEST_VIDEO_EVENT_TYPES).indexOf(eventData.eventType) !== -1 && |
87 | isVideoEventCountValid(eventData.count) | 90 | isVideoEventCountValid(eventData.count) |
88 | ) | 91 | ) === false |
89 | }) | 92 | ) { |
93 | requests.splice(i, 1) | ||
94 | } | ||
95 | } | ||
90 | } | 96 | } |
91 | 97 | ||
92 | // --------------------------------------------------------------------------- | 98 | // --------------------------------------------------------------------------- |
93 | 99 | ||
94 | export { | 100 | export { |
95 | isEachRemoteRequestVideosValid, | 101 | removeBadRequestVideos, |
96 | isEachRemoteRequestVideosQaduValid, | 102 | removeBadRequestVideosQadu, |
97 | isEachRemoteRequestVideosEventsValid | 103 | removeBadRequestVideosEvents |
98 | } | 104 | } |
99 | 105 | ||
100 | // --------------------------------------------------------------------------- | 106 | // --------------------------------------------------------------------------- |
@@ -102,9 +108,9 @@ export { | |||
102 | function isCommonVideoAttributesValid (video: any) { | 108 | function isCommonVideoAttributesValid (video: any) { |
103 | return isDateValid(video.createdAt) && | 109 | return isDateValid(video.createdAt) && |
104 | isDateValid(video.updatedAt) && | 110 | isDateValid(video.updatedAt) && |
105 | isVideoCategoryValid(video.category) && | 111 | isRemoteVideoCategoryValid(video.category) && |
106 | isVideoLicenceValid(video.licence) && | 112 | isRemoteVideoLicenceValid(video.licence) && |
107 | isVideoLanguageValid(video.language) && | 113 | isRemoteVideoLanguageValid(video.language) && |
108 | isVideoNSFWValid(video.nsfw) && | 114 | isVideoNSFWValid(video.nsfw) && |
109 | isVideoDescriptionValid(video.description) && | 115 | isVideoDescriptionValid(video.description) && |
110 | isVideoDurationValid(video.duration) && | 116 | isVideoDurationValid(video.duration) && |
diff --git a/server/helpers/custom-validators/videos.ts b/server/helpers/custom-validators/videos.ts index 4e441fe5f..11b085b78 100644 --- a/server/helpers/custom-validators/videos.ts +++ b/server/helpers/custom-validators/videos.ts | |||
@@ -27,14 +27,29 @@ function isVideoCategoryValid (value: number) { | |||
27 | return VIDEO_CATEGORIES[value] !== undefined | 27 | return VIDEO_CATEGORIES[value] !== undefined |
28 | } | 28 | } |
29 | 29 | ||
30 | // Maybe we don't know the remote category, but that doesn't matter | ||
31 | function isRemoteVideoCategoryValid (value: string) { | ||
32 | return validator.isInt('' + value) | ||
33 | } | ||
34 | |||
30 | function isVideoLicenceValid (value: number) { | 35 | function isVideoLicenceValid (value: number) { |
31 | return VIDEO_LICENCES[value] !== undefined | 36 | return VIDEO_LICENCES[value] !== undefined |
32 | } | 37 | } |
33 | 38 | ||
39 | // Maybe we don't know the remote licence, but that doesn't matter | ||
40 | function isRemoteVideoLicenceValid (value: string) { | ||
41 | return validator.isInt('' + value) | ||
42 | } | ||
43 | |||
34 | function isVideoLanguageValid (value: number) { | 44 | function isVideoLanguageValid (value: number) { |
35 | return value === null || VIDEO_LANGUAGES[value] !== undefined | 45 | return value === null || VIDEO_LANGUAGES[value] !== undefined |
36 | } | 46 | } |
37 | 47 | ||
48 | // Maybe we don't know the remote language, but that doesn't matter | ||
49 | function isRemoteVideoLanguageValid (value: string) { | ||
50 | return validator.isInt('' + value) | ||
51 | } | ||
52 | |||
38 | function isVideoNSFWValid (value: any) { | 53 | function isVideoNSFWValid (value: any) { |
39 | return typeof value === 'boolean' || (typeof value === 'string' && validator.isBoolean(value)) | 54 | return typeof value === 'boolean' || (typeof value === 'string' && validator.isBoolean(value)) |
40 | } | 55 | } |
@@ -176,5 +191,8 @@ export { | |||
176 | isVideoEventCountValid, | 191 | isVideoEventCountValid, |
177 | isVideoFileSizeValid, | 192 | isVideoFileSizeValid, |
178 | isVideoFileResolutionValid, | 193 | isVideoFileResolutionValid, |
179 | checkVideoExists | 194 | checkVideoExists, |
195 | isRemoteVideoCategoryValid, | ||
196 | isRemoteVideoLicenceValid, | ||
197 | isRemoteVideoLanguageValid | ||
180 | } | 198 | } |
diff --git a/server/lib/request/abstract-request-scheduler.ts b/server/lib/request/abstract-request-scheduler.ts index 08e371a02..f838c47f2 100644 --- a/server/lib/request/abstract-request-scheduler.ts +++ b/server/lib/request/abstract-request-scheduler.ts | |||
@@ -88,8 +88,10 @@ abstract class AbstractRequestScheduler <T> { | |||
88 | // The function fire some useful callbacks | 88 | // The function fire some useful callbacks |
89 | try { | 89 | try { |
90 | const { response } = await makeSecureRequest(params) | 90 | const { response } = await makeSecureRequest(params) |
91 | if (response.statusCode !== 200 && response.statusCode !== 201 && response.statusCode !== 204) { | 91 | |
92 | throw new Error('Status code not 20x : ' + response.statusCode) | 92 | // 400 because if the other pod is not up to date, it may not understand our request |
93 | if ([ 200, 201, 204, 400 ].indexOf(response.statusCode) === -1) { | ||
94 | throw new Error('Status code not 20x or 400 : ' + response.statusCode) | ||
93 | } | 95 | } |
94 | } catch (err) { | 96 | } catch (err) { |
95 | logger.error('Error sending secure request to %s pod.', toPod.host, err) | 97 | logger.error('Error sending secure request to %s pod.', toPod.host, err) |
diff --git a/server/middlewares/validators/remote/videos.ts b/server/middlewares/validators/remote/videos.ts index e4682a60b..497320cc1 100644 --- a/server/middlewares/validators/remote/videos.ts +++ b/server/middlewares/validators/remote/videos.ts | |||
@@ -3,39 +3,52 @@ import * as express from 'express' | |||
3 | 3 | ||
4 | import { | 4 | import { |
5 | logger, | 5 | logger, |
6 | isEachRemoteRequestVideosValid, | 6 | isArray, |
7 | isEachRemoteRequestVideosQaduValid, | 7 | removeBadRequestVideos, |
8 | isEachRemoteRequestVideosEventsValid | 8 | removeBadRequestVideosQadu, |
9 | removeBadRequestVideosEvents | ||
9 | } from '../../../helpers' | 10 | } from '../../../helpers' |
10 | import { checkErrors } from '../utils' | 11 | import { checkErrors } from '../utils' |
11 | 12 | ||
12 | const remoteVideosValidator = [ | 13 | const remoteVideosValidator = [ |
13 | body('data').custom(isEachRemoteRequestVideosValid), | 14 | body('data').custom(isArray), |
14 | 15 | ||
15 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 16 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
16 | logger.debug('Checking remoteVideos parameters', { parameters: req.body }) | 17 | logger.debug('Checking remoteVideos parameters', { parameters: req.body }) |
17 | 18 | ||
18 | checkErrors(req, res, next) | 19 | checkErrors(req, res, () => { |
20 | removeBadRequestVideos(req.body.data) | ||
21 | |||
22 | return next() | ||
23 | }) | ||
19 | } | 24 | } |
20 | ] | 25 | ] |
21 | 26 | ||
22 | const remoteQaduVideosValidator = [ | 27 | const remoteQaduVideosValidator = [ |
23 | body('data').custom(isEachRemoteRequestVideosQaduValid), | 28 | body('data').custom(isArray), |
24 | 29 | ||
25 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 30 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
26 | logger.debug('Checking remoteQaduVideos parameters', { parameters: req.body }) | 31 | logger.debug('Checking remoteQaduVideos parameters', { parameters: req.body }) |
27 | 32 | ||
28 | checkErrors(req, res, next) | 33 | checkErrors(req, res, () => { |
34 | removeBadRequestVideosQadu(req.body.data) | ||
35 | |||
36 | return next() | ||
37 | }) | ||
29 | } | 38 | } |
30 | ] | 39 | ] |
31 | 40 | ||
32 | const remoteEventsVideosValidator = [ | 41 | const remoteEventsVideosValidator = [ |
33 | body('data').custom(isEachRemoteRequestVideosEventsValid), | 42 | body('data').custom(isArray), |
34 | 43 | ||
35 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 44 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
36 | logger.debug('Checking remoteEventsVideos parameters', { parameters: req.body }) | 45 | logger.debug('Checking remoteEventsVideos parameters', { parameters: req.body }) |
37 | 46 | ||
38 | checkErrors(req, res, next) | 47 | checkErrors(req, res, () => { |
48 | removeBadRequestVideosEvents(req.body.data) | ||
49 | |||
50 | return next() | ||
51 | }) | ||
39 | } | 52 | } |
40 | ] | 53 | ] |
41 | 54 | ||