aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2019-11-29 16:35:27 +0100
committerChocobozzz <me@florianbigard.com>2019-11-29 16:35:27 +0100
commita3ce4ae847b749d4cb2ebebb4134264b7c58dcc5 (patch)
tree9c3ba1efaa65d6abc8525d38e1c0862b5fa67648 /server
parent1689176a7bff6edd90d162994cccec2e4bfe9a45 (diff)
downloadPeerTube-a3ce4ae847b749d4cb2ebebb4134264b7c58dcc5.tar.gz
PeerTube-a3ce4ae847b749d4cb2ebebb4134264b7c58dcc5.tar.zst
PeerTube-a3ce4ae847b749d4cb2ebebb4134264b7c58dcc5.zip
Limit channel numbers
We can't load too much channels in selects and it helps to prevent actor name squatting
Diffstat (limited to 'server')
-rw-r--r--server/initializers/constants.ts5
-rw-r--r--server/middlewares/validators/videos/video-channels.ts9
2 files changed, 14 insertions, 0 deletions
diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts
index a1538f3ca..0473b48c0 100644
--- a/server/initializers/constants.ts
+++ b/server/initializers/constants.ts
@@ -431,6 +431,10 @@ const OVERVIEWS = {
431 } 431 }
432} 432}
433 433
434const VIDEO_CHANNELS = {
435 MAX_PER_USER: 20
436}
437
434// --------------------------------------------------------------------------- 438// ---------------------------------------------------------------------------
435 439
436const SERVER_ACTOR_NAME = 'peertube' 440const SERVER_ACTOR_NAME = 'peertube'
@@ -725,6 +729,7 @@ export {
725 VIDEO_TRANSCODING_FPS, 729 VIDEO_TRANSCODING_FPS,
726 FFMPEG_NICE, 730 FFMPEG_NICE,
727 VIDEO_ABUSE_STATES, 731 VIDEO_ABUSE_STATES,
732 VIDEO_CHANNELS,
728 LRU_CACHE, 733 LRU_CACHE,
729 JOB_REQUEST_TIMEOUT, 734 JOB_REQUEST_TIMEOUT,
730 USER_PASSWORD_RESET_LIFETIME, 735 USER_PASSWORD_RESET_LIFETIME,
diff --git a/server/middlewares/validators/videos/video-channels.ts b/server/middlewares/validators/videos/video-channels.ts
index d21274527..ce2d61d49 100644
--- a/server/middlewares/validators/videos/video-channels.ts
+++ b/server/middlewares/validators/videos/video-channels.ts
@@ -14,6 +14,7 @@ import { ActorModel } from '../../../models/activitypub/actor'
14import { isBooleanValid } from '../../../helpers/custom-validators/misc' 14import { isBooleanValid } from '../../../helpers/custom-validators/misc'
15import { doesLocalVideoChannelNameExist, doesVideoChannelNameWithHostExist } from '../../../helpers/middlewares' 15import { doesLocalVideoChannelNameExist, doesVideoChannelNameWithHostExist } from '../../../helpers/middlewares'
16import { MChannelAccountDefault, MUser } from '@server/typings/models' 16import { MChannelAccountDefault, MUser } from '@server/typings/models'
17import { VIDEO_CHANNELS } from '@server/initializers/constants'
17 18
18const videoChannelsAddValidator = [ 19const videoChannelsAddValidator = [
19 body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'), 20 body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'),
@@ -34,6 +35,14 @@ const videoChannelsAddValidator = [
34 return false 35 return false
35 } 36 }
36 37
38 const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id)
39 if (count > VIDEO_CHANNELS.MAX_PER_USER) {
40 res.status(400)
41 .send({ error: `You cannot create more than ${VIDEO_CHANNELS.MAX_PER_USER} channels` })
42 .end()
43 return false
44 }
45
37 return next() 46 return next()
38 } 47 }
39] 48]