diff options
-rw-r--r-- | client/package.json | 2 | ||||
-rw-r--r-- | client/src/index.html | 2 | ||||
-rw-r--r-- | client/yarn.lock | 91 | ||||
-rw-r--r-- | package.json | 2 | ||||
-rw-r--r-- | server.ts | 11 | ||||
-rw-r--r-- | server/helpers/custom-validators/misc.ts | 7 | ||||
-rw-r--r-- | server/helpers/custom-validators/pods.ts | 7 | ||||
-rw-r--r-- | server/helpers/custom-validators/remote/videos.ts | 8 | ||||
-rw-r--r-- | server/helpers/custom-validators/users.ts | 10 | ||||
-rw-r--r-- | server/helpers/custom-validators/videos.ts | 36 | ||||
-rw-r--r-- | server/middlewares/validators/pagination.ts | 16 | ||||
-rw-r--r-- | server/middlewares/validators/pods.ts | 155 | ||||
-rw-r--r-- | server/middlewares/validators/remote/signature.ts | 18 | ||||
-rw-r--r-- | server/middlewares/validators/remote/videos.ts | 45 | ||||
-rw-r--r-- | server/middlewares/validators/sort.ts | 28 | ||||
-rw-r--r-- | server/middlewares/validators/users.ts | 219 | ||||
-rw-r--r-- | server/middlewares/validators/utils.ts | 11 | ||||
-rw-r--r-- | server/middlewares/validators/videos.ts | 294 | ||||
-rw-r--r-- | yarn.lock | 20 |
19 files changed, 501 insertions, 481 deletions
diff --git a/client/package.json b/client/package.json index 8a82a294e..6fb1da425 100644 --- a/client/package.json +++ b/client/package.json | |||
@@ -62,7 +62,7 @@ | |||
62 | "json-loader": "^0.5.4", | 62 | "json-loader": "^0.5.4", |
63 | "ng-router-loader": "^2.0.0", | 63 | "ng-router-loader": "^2.0.0", |
64 | "ngc-webpack": "3.2.2", | 64 | "ngc-webpack": "3.2.2", |
65 | "ngx-bootstrap": "1.9.1", | 65 | "ngx-bootstrap": "1.9.3", |
66 | "ngx-chips": "1.5.3", | 66 | "ngx-chips": "1.5.3", |
67 | "node-sass": "^4.1.1", | 67 | "node-sass": "^4.1.1", |
68 | "normalize.css": "^7.0.0", | 68 | "normalize.css": "^7.0.0", |
diff --git a/client/src/index.html b/client/src/index.html index 4346775b1..91ed04d17 100644 --- a/client/src/index.html +++ b/client/src/index.html | |||
@@ -8,7 +8,7 @@ | |||
8 | <meta name="description" content="PeerTube, a decentralized video streaming platform using P2P (BitTorrent) directly in the web browser" /> | 8 | <meta name="description" content="PeerTube, a decentralized video streaming platform using P2P (BitTorrent) directly in the web browser" /> |
9 | 9 | ||
10 | <!-- The following comment is used by the server to prerender OpenGraph tags --> | 10 | <!-- The following comment is used by the server to prerender OpenGraph tags --> |
11 | <!-- opengraph tags --> | 11 | <!-- open graph tags --> |
12 | <!-- Do not remove it! --> | 12 | <!-- Do not remove it! --> |
13 | 13 | ||
14 | <link rel="icon" type="image/png" href="/client/assets/favicon.png" /> | 14 | <link rel="icon" type="image/png" href="/client/assets/favicon.png" /> |
diff --git a/client/yarn.lock b/client/yarn.lock index b61da8636..011ecce68 100644 --- a/client/yarn.lock +++ b/client/yarn.lock | |||
@@ -370,6 +370,13 @@ array-flatten@^2.1.0: | |||
370 | version "2.1.1" | 370 | version "2.1.1" |
371 | resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-2.1.1.tgz#426bb9da84090c1838d812c8150af20a8331e296" | 371 | resolved "https://registry.yarnpkg.com/array-flatten/-/array-flatten-2.1.1.tgz#426bb9da84090c1838d812c8150af20a8331e296" |
372 | 372 | ||
373 | array-includes@^3.0.3: | ||
374 | version "3.0.3" | ||
375 | resolved "https://registry.yarnpkg.com/array-includes/-/array-includes-3.0.3.tgz#184b48f62d92d7452bb31b323165c7f8bd02266d" | ||
376 | dependencies: | ||
377 | define-properties "^1.1.2" | ||
378 | es-abstract "^1.7.0" | ||
379 | |||
373 | array-union@^1.0.1: | 380 | array-union@^1.0.1: |
374 | version "1.0.2" | 381 | version "1.0.2" |
375 | resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" | 382 | resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" |
@@ -1560,8 +1567,8 @@ code-point-at@^1.0.0: | |||
1560 | resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" | 1567 | resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" |
1561 | 1568 | ||
1562 | codelyzer@^3.0.0-beta.4: | 1569 | codelyzer@^3.0.0-beta.4: |
1563 | version "3.1.2" | 1570 | version "3.2.0" |
1564 | resolved "https://registry.yarnpkg.com/codelyzer/-/codelyzer-3.1.2.tgz#9ff1f041fb9b5ee5dbeb45ba866dfaf04983af04" | 1571 | resolved "https://registry.yarnpkg.com/codelyzer/-/codelyzer-3.2.0.tgz#68eb0a67771ea73006b517053c3035c1838abf14" |
1565 | dependencies: | 1572 | dependencies: |
1566 | app-root-path "^2.0.1" | 1573 | app-root-path "^2.0.1" |
1567 | css-selector-tokenizer "^0.7.0" | 1574 | css-selector-tokenizer "^0.7.0" |
@@ -1735,10 +1742,14 @@ copy-webpack-plugin@^4.0.0: | |||
1735 | minimatch "^3.0.0" | 1742 | minimatch "^3.0.0" |
1736 | node-dir "^0.1.10" | 1743 | node-dir "^0.1.10" |
1737 | 1744 | ||
1738 | core-js@^2.4.0, core-js@^2.4.1, core-js@^2.5.0: | 1745 | core-js@^2.4.0, core-js@^2.5.0: |
1739 | version "2.5.0" | 1746 | version "2.5.0" |
1740 | resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.5.0.tgz#569c050918be6486b3837552028ae0466b717086" | 1747 | resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.5.0.tgz#569c050918be6486b3837552028ae0466b717086" |
1741 | 1748 | ||
1749 | core-js@^2.4.1: | ||
1750 | version "2.5.1" | ||
1751 | resolved "https://registry.yarnpkg.com/core-js/-/core-js-2.5.1.tgz#ae6874dc66937789b80754ff5428df66819ca50b" | ||
1752 | |||
1742 | core-util-is@1.0.2, core-util-is@~1.0.0: | 1753 | core-util-is@1.0.2, core-util-is@~1.0.0: |
1743 | version "1.0.2" | 1754 | version "1.0.2" |
1744 | resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" | 1755 | resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" |
@@ -1830,8 +1841,8 @@ css-color-names@0.0.4: | |||
1830 | resolved "https://registry.yarnpkg.com/css-color-names/-/css-color-names-0.0.4.tgz#808adc2e79cf84738069b646cb20ec27beb629e0" | 1841 | resolved "https://registry.yarnpkg.com/css-color-names/-/css-color-names-0.0.4.tgz#808adc2e79cf84738069b646cb20ec27beb629e0" |
1831 | 1842 | ||
1832 | css-loader@^0.28.4: | 1843 | css-loader@^0.28.4: |
1833 | version "0.28.5" | 1844 | version "0.28.7" |
1834 | resolved "https://registry.yarnpkg.com/css-loader/-/css-loader-0.28.5.tgz#dd02bb91b94545710212ef7f6aaa66663113d754" | 1845 | resolved "https://registry.yarnpkg.com/css-loader/-/css-loader-0.28.7.tgz#5f2ee989dd32edd907717f953317656160999c1b" |
1835 | dependencies: | 1846 | dependencies: |
1836 | babel-code-frame "^6.11.0" | 1847 | babel-code-frame "^6.11.0" |
1837 | css-selector-tokenizer "^0.7.0" | 1848 | css-selector-tokenizer "^0.7.0" |
@@ -1992,6 +2003,13 @@ deep-is@~0.1.3: | |||
1992 | version "0.1.3" | 2003 | version "0.1.3" |
1993 | resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" | 2004 | resolved "https://registry.yarnpkg.com/deep-is/-/deep-is-0.1.3.tgz#b369d6fb5dbc13eecf524f91b070feedc357cf34" |
1994 | 2005 | ||
2006 | default-gateway@^2.0.2: | ||
2007 | version "2.0.2" | ||
2008 | resolved "https://registry.yarnpkg.com/default-gateway/-/default-gateway-2.0.2.tgz#e365db05c50a4643cc1990c6178228c540a0b910" | ||
2009 | dependencies: | ||
2010 | execa "^0.7.0" | ||
2011 | ip-regex "^2.1.0" | ||
2012 | |||
1995 | define-properties@^1.1.2: | 2013 | define-properties@^1.1.2: |
1996 | version "1.1.2" | 2014 | version "1.1.2" |
1997 | resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.2.tgz#83a73f2fea569898fb737193c8f873caf6d45c94" | 2015 | resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.2.tgz#83a73f2fea569898fb737193c8f873caf6d45c94" |
@@ -3361,11 +3379,12 @@ inquirer@^0.12.0: | |||
3361 | strip-ansi "^3.0.0" | 3379 | strip-ansi "^3.0.0" |
3362 | through "^2.3.6" | 3380 | through "^2.3.6" |
3363 | 3381 | ||
3364 | internal-ip@^1.2.0: | 3382 | internal-ip@^2.0.2: |
3365 | version "1.2.0" | 3383 | version "2.0.2" |
3366 | resolved "https://registry.yarnpkg.com/internal-ip/-/internal-ip-1.2.0.tgz#ae9fbf93b984878785d50a8de1b356956058cf5c" | 3384 | resolved "https://registry.yarnpkg.com/internal-ip/-/internal-ip-2.0.2.tgz#bed2b35491e8b42aee087de7614e870908ee80f2" |
3367 | dependencies: | 3385 | dependencies: |
3368 | meow "^3.3.0" | 3386 | default-gateway "^2.0.2" |
3387 | ipaddr.js "^1.5.1" | ||
3369 | 3388 | ||
3370 | interpret@^1.0.0: | 3389 | interpret@^1.0.0: |
3371 | version "1.0.3" | 3390 | version "1.0.3" |
@@ -3385,6 +3404,10 @@ invert-kv@^1.0.0: | |||
3385 | version "1.0.0" | 3404 | version "1.0.0" |
3386 | resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-1.0.0.tgz#104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6" | 3405 | resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-1.0.0.tgz#104a8e4aaca6d3d8cd157a8ef8bfab2d7a3ffdb6" |
3387 | 3406 | ||
3407 | ip-regex@^2.1.0: | ||
3408 | version "2.1.0" | ||
3409 | resolved "https://registry.yarnpkg.com/ip-regex/-/ip-regex-2.1.0.tgz#fa78bf5d2e6913c911ce9f819ee5146bb6d844e9" | ||
3410 | |||
3388 | ip-set@^1.0.0: | 3411 | ip-set@^1.0.0: |
3389 | version "1.0.1" | 3412 | version "1.0.1" |
3390 | resolved "https://registry.yarnpkg.com/ip-set/-/ip-set-1.0.1.tgz#633b66d0bd6c8d0de968d053263c9120d3b6727e" | 3413 | resolved "https://registry.yarnpkg.com/ip-set/-/ip-set-1.0.1.tgz#633b66d0bd6c8d0de968d053263c9120d3b6727e" |
@@ -3399,7 +3422,7 @@ ipaddr.js@1.4.0: | |||
3399 | version "1.4.0" | 3422 | version "1.4.0" |
3400 | resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.4.0.tgz#296aca878a821816e5b85d0a285a99bcff4582f0" | 3423 | resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.4.0.tgz#296aca878a821816e5b85d0a285a99bcff4582f0" |
3401 | 3424 | ||
3402 | "ipaddr.js@>= 0.1.5", ipaddr.js@^1.0.1: | 3425 | "ipaddr.js@>= 0.1.5", ipaddr.js@^1.0.1, ipaddr.js@^1.5.1: |
3403 | version "1.5.2" | 3426 | version "1.5.2" |
3404 | resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.5.2.tgz#d4b505bde9946987ccf0fc58d9010ff9607e3fa0" | 3427 | resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.5.2.tgz#d4b505bde9946987ccf0fc58d9010ff9607e3fa0" |
3405 | 3428 | ||
@@ -3624,6 +3647,10 @@ is-utf8@^0.2.0: | |||
3624 | version "0.2.1" | 3647 | version "0.2.1" |
3625 | resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" | 3648 | resolved "https://registry.yarnpkg.com/is-utf8/-/is-utf8-0.2.1.tgz#4b0da1442104d1b336340e80797e865cf39f7d72" |
3626 | 3649 | ||
3650 | is-wsl@^1.1.0: | ||
3651 | version "1.1.0" | ||
3652 | resolved "https://registry.yarnpkg.com/is-wsl/-/is-wsl-1.1.0.tgz#1f16e4aa22b04d1336b66188a66af3c600c3a66d" | ||
3653 | |||
3627 | isarray@0.0.1: | 3654 | isarray@0.0.1: |
3628 | version "0.0.1" | 3655 | version "0.0.1" |
3629 | resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf" | 3656 | resolved "https://registry.yarnpkg.com/isarray/-/isarray-0.0.1.tgz#8a18acfca9a8f4177e09abfc6038939b05d1eedf" |
@@ -4205,7 +4232,7 @@ memory-fs@^0.4.0, memory-fs@~0.4.1: | |||
4205 | errno "^0.1.3" | 4232 | errno "^0.1.3" |
4206 | readable-stream "^2.0.1" | 4233 | readable-stream "^2.0.1" |
4207 | 4234 | ||
4208 | meow@^3.3.0, meow@^3.7.0: | 4235 | meow@^3.7.0: |
4209 | version "3.7.0" | 4236 | version "3.7.0" |
4210 | resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb" | 4237 | resolved "https://registry.yarnpkg.com/meow/-/meow-3.7.0.tgz#72cb668b425228290abbfa856892587308a801fb" |
4211 | dependencies: | 4238 | dependencies: |
@@ -4452,9 +4479,9 @@ ngc-webpack@3.2.2: | |||
4452 | source-map "^0.5.6" | 4479 | source-map "^0.5.6" |
4453 | ts-node "^3.2.0" | 4480 | ts-node "^3.2.0" |
4454 | 4481 | ||
4455 | ngx-bootstrap@1.9.1: | 4482 | ngx-bootstrap@1.9.3: |
4456 | version "1.9.1" | 4483 | version "1.9.3" |
4457 | resolved "https://registry.yarnpkg.com/ngx-bootstrap/-/ngx-bootstrap-1.9.1.tgz#09ed06d908f5f3bb23f821a0fb452e9a17d7665b" | 4484 | resolved "https://registry.yarnpkg.com/ngx-bootstrap/-/ngx-bootstrap-1.9.3.tgz#28e75d14fb1beaee609383d7694de4eb3ba03b26" |
4458 | 4485 | ||
4459 | ngx-chips@1.5.3: | 4486 | ngx-chips@1.5.3: |
4460 | version "1.5.3" | 4487 | version "1.5.3" |
@@ -4740,12 +4767,11 @@ opener@^1.4.3: | |||
4740 | version "1.4.3" | 4767 | version "1.4.3" |
4741 | resolved "https://registry.yarnpkg.com/opener/-/opener-1.4.3.tgz#5c6da2c5d7e5831e8ffa3964950f8d6674ac90b8" | 4768 | resolved "https://registry.yarnpkg.com/opener/-/opener-1.4.3.tgz#5c6da2c5d7e5831e8ffa3964950f8d6674ac90b8" |
4742 | 4769 | ||
4743 | opn@4.0.2: | 4770 | opn@^5.1.0: |
4744 | version "4.0.2" | 4771 | version "5.1.0" |
4745 | resolved "https://registry.yarnpkg.com/opn/-/opn-4.0.2.tgz#7abc22e644dff63b0a96d5ab7f2790c0f01abc95" | 4772 | resolved "https://registry.yarnpkg.com/opn/-/opn-5.1.0.tgz#72ce2306a17dbea58ff1041853352b4a8fc77519" |
4746 | dependencies: | 4773 | dependencies: |
4747 | object-assign "^4.0.1" | 4774 | is-wsl "^1.1.0" |
4748 | pinkie-promise "^2.0.0" | ||
4749 | 4775 | ||
4750 | optimize-js-plugin@0.0.4: | 4776 | optimize-js-plugin@0.0.4: |
4751 | version "0.0.4" | 4777 | version "0.0.4" |
@@ -6480,7 +6506,7 @@ supports-color@^2.0.0: | |||
6480 | version "2.0.0" | 6506 | version "2.0.0" |
6481 | resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" | 6507 | resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-2.0.0.tgz#535d045ce6b6363fa40117084629995e9df324c7" |
6482 | 6508 | ||
6483 | supports-color@^3.1.1, supports-color@^3.2.3: | 6509 | supports-color@^3.2.3: |
6484 | version "3.2.3" | 6510 | version "3.2.3" |
6485 | resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.2.3.tgz#65ac0504b3954171d8a64946b2ae3cbb8a5f54f6" | 6511 | resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-3.2.3.tgz#65ac0504b3954171d8a64946b2ae3cbb8a5f54f6" |
6486 | dependencies: | 6512 | dependencies: |
@@ -7029,8 +7055,8 @@ video.js@^5.19.2: | |||
7029 | xhr "2.2.2" | 7055 | xhr "2.2.2" |
7030 | 7056 | ||
7031 | video.js@^6.2.0: | 7057 | video.js@^6.2.0: |
7032 | version "6.2.7" | 7058 | version "6.2.8" |
7033 | resolved "https://registry.yarnpkg.com/video.js/-/video.js-6.2.7.tgz#3baa4bdffd58b4c4ab723dbcde5b10349f59957d" | 7059 | resolved "https://registry.yarnpkg.com/video.js/-/video.js-6.2.8.tgz#e449710bf8513f607456293ae1da97559a94fb97" |
7034 | dependencies: | 7060 | dependencies: |
7035 | babel-runtime "^6.9.2" | 7061 | babel-runtime "^6.9.2" |
7036 | global "4.3.2" | 7062 | global "4.3.2" |
@@ -7132,10 +7158,11 @@ webpack-dev-middleware@^1.11.0: | |||
7132 | time-stamp "^2.0.0" | 7158 | time-stamp "^2.0.0" |
7133 | 7159 | ||
7134 | webpack-dev-server@^2.4.5: | 7160 | webpack-dev-server@^2.4.5: |
7135 | version "2.7.1" | 7161 | version "2.8.2" |
7136 | resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-2.7.1.tgz#21580f5a08cd065c71144cf6f61c345bca59a8b8" | 7162 | resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-2.8.2.tgz#abd61f410778cc4c843d7cebbf41465b1ab7734c" |
7137 | dependencies: | 7163 | dependencies: |
7138 | ansi-html "0.0.7" | 7164 | ansi-html "0.0.7" |
7165 | array-includes "^3.0.3" | ||
7139 | bonjour "^3.5.0" | 7166 | bonjour "^3.5.0" |
7140 | chokidar "^1.6.0" | 7167 | chokidar "^1.6.0" |
7141 | compression "^1.5.2" | 7168 | compression "^1.5.2" |
@@ -7144,20 +7171,20 @@ webpack-dev-server@^2.4.5: | |||
7144 | express "^4.13.3" | 7171 | express "^4.13.3" |
7145 | html-entities "^1.2.0" | 7172 | html-entities "^1.2.0" |
7146 | http-proxy-middleware "~0.17.4" | 7173 | http-proxy-middleware "~0.17.4" |
7147 | internal-ip "^1.2.0" | 7174 | internal-ip "^2.0.2" |
7148 | ip "^1.1.5" | 7175 | ip "^1.1.5" |
7149 | loglevel "^1.4.1" | 7176 | loglevel "^1.4.1" |
7150 | opn "4.0.2" | 7177 | opn "^5.1.0" |
7151 | portfinder "^1.0.9" | 7178 | portfinder "^1.0.9" |
7152 | selfsigned "^1.9.1" | 7179 | selfsigned "^1.9.1" |
7153 | serve-index "^1.7.2" | 7180 | serve-index "^1.7.2" |
7154 | sockjs "0.3.18" | 7181 | sockjs "0.3.18" |
7155 | sockjs-client "1.1.4" | 7182 | sockjs-client "1.1.4" |
7156 | spdy "^3.4.1" | 7183 | spdy "^3.4.1" |
7157 | strip-ansi "^3.0.0" | 7184 | strip-ansi "^3.0.1" |
7158 | supports-color "^3.1.1" | 7185 | supports-color "^4.2.1" |
7159 | webpack-dev-middleware "^1.11.0" | 7186 | webpack-dev-middleware "^1.11.0" |
7160 | yargs "^6.0.0" | 7187 | yargs "^6.6.0" |
7161 | 7188 | ||
7162 | webpack-dll-bundles-plugin@^1.0.0-beta.5: | 7189 | webpack-dll-bundles-plugin@^1.0.0-beta.5: |
7163 | version "1.0.0-beta.5" | 7190 | version "1.0.0-beta.5" |
@@ -7195,8 +7222,8 @@ webpack-sources@^1.0.1: | |||
7195 | source-map "~0.5.3" | 7222 | source-map "~0.5.3" |
7196 | 7223 | ||
7197 | webpack@^3.3.0: | 7224 | webpack@^3.3.0: |
7198 | version "3.5.5" | 7225 | version "3.5.6" |
7199 | resolved "https://registry.yarnpkg.com/webpack/-/webpack-3.5.5.tgz#3226f09fc8b3e435ff781e7af34f82b68b26996c" | 7226 | resolved "https://registry.yarnpkg.com/webpack/-/webpack-3.5.6.tgz#a492fb6c1ed7f573816f90e00c8fbb5a20cc5c36" |
7200 | dependencies: | 7227 | dependencies: |
7201 | acorn "^5.0.0" | 7228 | acorn "^5.0.0" |
7202 | acorn-dynamic-import "^2.0.0" | 7229 | acorn-dynamic-import "^2.0.0" |
@@ -7427,7 +7454,7 @@ yargs@^4.8.1: | |||
7427 | y18n "^3.2.1" | 7454 | y18n "^3.2.1" |
7428 | yargs-parser "^2.4.1" | 7455 | yargs-parser "^2.4.1" |
7429 | 7456 | ||
7430 | yargs@^6.0.0: | 7457 | yargs@^6.6.0: |
7431 | version "6.6.0" | 7458 | version "6.6.0" |
7432 | resolved "https://registry.yarnpkg.com/yargs/-/yargs-6.6.0.tgz#782ec21ef403345f830a808ca3d513af56065208" | 7459 | resolved "https://registry.yarnpkg.com/yargs/-/yargs-6.6.0.tgz#782ec21ef403345f830a808ca3d513af56065208" |
7433 | dependencies: | 7460 | dependencies: |
diff --git a/package.json b/package.json index 9b38838e4..8ef05f1f9 100644 --- a/package.json +++ b/package.json | |||
@@ -59,7 +59,7 @@ | |||
59 | "create-torrent": "^3.24.5", | 59 | "create-torrent": "^3.24.5", |
60 | "express": "^4.12.4", | 60 | "express": "^4.12.4", |
61 | "express-oauth-server": "^2.0.0", | 61 | "express-oauth-server": "^2.0.0", |
62 | "express-validator": "^3.1.0", | 62 | "express-validator": "^4.1.1", |
63 | "fluent-ffmpeg": "^2.1.0", | 63 | "fluent-ffmpeg": "^2.1.0", |
64 | "js-yaml": "^3.5.4", | 64 | "js-yaml": "^3.5.4", |
65 | "lodash": "^4.11.1", | 65 | "lodash": "^4.11.1", |
@@ -7,16 +7,14 @@ if (isTestInstance()) { | |||
7 | // ----------- Node modules ----------- | 7 | // ----------- Node modules ----------- |
8 | import * as bodyParser from 'body-parser' | 8 | import * as bodyParser from 'body-parser' |
9 | import * as express from 'express' | 9 | import * as express from 'express' |
10 | // FIXME: cannot import express-validator | ||
11 | const expressValidator = require('express-validator') | ||
12 | import * as http from 'http' | 10 | import * as http from 'http' |
13 | import * as morgan from 'morgan' | 11 | import * as morgan from 'morgan' |
14 | import * as path from 'path' | 12 | import * as path from 'path' |
15 | import * as bittorrentTracker from 'bittorrent-tracker' | 13 | import * as bitTorrentTracker from 'bittorrent-tracker' |
16 | import * as cors from 'cors' | 14 | import * as cors from 'cors' |
17 | import { Server as WebSocketServer } from 'ws' | 15 | import { Server as WebSocketServer } from 'ws' |
18 | 16 | ||
19 | const TrackerServer = bittorrentTracker.Server | 17 | const TrackerServer = bitTorrentTracker.Server |
20 | 18 | ||
21 | process.title = 'peertube' | 19 | process.title = 'peertube' |
22 | 20 | ||
@@ -49,7 +47,6 @@ db.init(false).then(() => onDatabaseInitDone()) | |||
49 | // ----------- PeerTube modules ----------- | 47 | // ----------- PeerTube modules ----------- |
50 | import { migrate, installApplication } from './server/initializers' | 48 | import { migrate, installApplication } from './server/initializers' |
51 | import { JobScheduler, activateSchedulers, VideosPreviewCache } from './server/lib' | 49 | import { JobScheduler, activateSchedulers, VideosPreviewCache } from './server/lib' |
52 | import * as customValidators from './server/helpers/custom-validators' | ||
53 | import { apiRouter, clientsRouter, staticRouter } from './server/controllers' | 50 | import { apiRouter, clientsRouter, staticRouter } from './server/controllers' |
54 | 51 | ||
55 | // ----------- Command line ----------- | 52 | // ----------- Command line ----------- |
@@ -81,10 +78,6 @@ app.use(morgan('combined', { | |||
81 | // For body requests | 78 | // For body requests |
82 | app.use(bodyParser.json({ limit: '500kb' })) | 79 | app.use(bodyParser.json({ limit: '500kb' })) |
83 | app.use(bodyParser.urlencoded({ extended: false })) | 80 | app.use(bodyParser.urlencoded({ extended: false })) |
84 | // Validate some params for the API | ||
85 | app.use(expressValidator({ | ||
86 | customValidators: customValidators | ||
87 | })) | ||
88 | 81 | ||
89 | // ----------- Views, routes and static files ----------- | 82 | // ----------- Views, routes and static files ----------- |
90 | 83 | ||
diff --git a/server/helpers/custom-validators/misc.ts b/server/helpers/custom-validators/misc.ts index 8d215a416..60fcdd5bb 100644 --- a/server/helpers/custom-validators/misc.ts +++ b/server/helpers/custom-validators/misc.ts | |||
@@ -14,10 +14,3 @@ export { | |||
14 | exists, | 14 | exists, |
15 | isArray | 15 | isArray |
16 | } | 16 | } |
17 | |||
18 | declare module 'express-validator' { | ||
19 | export interface Validator { | ||
20 | exists, | ||
21 | isArray | ||
22 | } | ||
23 | } | ||
diff --git a/server/helpers/custom-validators/pods.ts b/server/helpers/custom-validators/pods.ts index 844bfdf78..d5021bf38 100644 --- a/server/helpers/custom-validators/pods.ts +++ b/server/helpers/custom-validators/pods.ts | |||
@@ -32,10 +32,3 @@ export { | |||
32 | isEachUniqueHostValid, | 32 | isEachUniqueHostValid, |
33 | isHostValid | 33 | isHostValid |
34 | } | 34 | } |
35 | |||
36 | declare module 'express-validator' { | ||
37 | export interface Validator { | ||
38 | isEachUniqueHostValid | ||
39 | isHostValid | ||
40 | } | ||
41 | } | ||
diff --git a/server/helpers/custom-validators/remote/videos.ts b/server/helpers/custom-validators/remote/videos.ts index e5c76f3ca..e261e05a8 100644 --- a/server/helpers/custom-validators/remote/videos.ts +++ b/server/helpers/custom-validators/remote/videos.ts | |||
@@ -102,14 +102,6 @@ export { | |||
102 | isEachRemoteRequestVideosEventsValid | 102 | isEachRemoteRequestVideosEventsValid |
103 | } | 103 | } |
104 | 104 | ||
105 | declare module 'express-validator' { | ||
106 | export interface Validator { | ||
107 | isEachRemoteRequestVideosValid, | ||
108 | isEachRemoteRequestVideosQaduValid, | ||
109 | isEachRemoteRequestVideosEventsValid | ||
110 | } | ||
111 | } | ||
112 | |||
113 | // --------------------------------------------------------------------------- | 105 | // --------------------------------------------------------------------------- |
114 | 106 | ||
115 | function isCommonVideoAttributesValid (video: any) { | 107 | function isCommonVideoAttributesValid (video: any) { |
diff --git a/server/helpers/custom-validators/users.ts b/server/helpers/custom-validators/users.ts index 805437efa..c180eccda 100644 --- a/server/helpers/custom-validators/users.ts +++ b/server/helpers/custom-validators/users.ts | |||
@@ -39,13 +39,3 @@ export { | |||
39 | isUserUsernameValid, | 39 | isUserUsernameValid, |
40 | isUserDisplayNSFWValid | 40 | isUserDisplayNSFWValid |
41 | } | 41 | } |
42 | |||
43 | declare module 'express-validator' { | ||
44 | export interface Validator { | ||
45 | isUserPasswordValid, | ||
46 | isUserRoleValid, | ||
47 | isUserUsernameValid, | ||
48 | isUserDisplayNSFWValid, | ||
49 | isUserVideoQuotaValid | ||
50 | } | ||
51 | } | ||
diff --git a/server/helpers/custom-validators/videos.ts b/server/helpers/custom-validators/videos.ts index 1d27e47fc..2eb021ae7 100644 --- a/server/helpers/custom-validators/videos.ts +++ b/server/helpers/custom-validators/videos.ts | |||
@@ -107,12 +107,13 @@ function isVideoRatingTypeValid (value: string) { | |||
107 | return values(VIDEO_RATE_TYPES).indexOf(value as VideoRateType) !== -1 | 107 | return values(VIDEO_RATE_TYPES).indexOf(value as VideoRateType) !== -1 |
108 | } | 108 | } |
109 | 109 | ||
110 | function isVideoFile (value: string, files: { [ fieldname: string ]: Express.Multer.File[] }) { | 110 | function isVideoFile (files: { [ fieldname: string ]: Express.Multer.File[] } | Express.Multer.File[]) { |
111 | // Should have files | 111 | // Should have files |
112 | if (!files) return false | 112 | if (!files) return false |
113 | if (isArray(files)) return false | ||
113 | 114 | ||
114 | // Should have videofile file | 115 | // Should have videofile file |
115 | const videofile = files.videofile | 116 | const videofile = files['videofile'] |
116 | if (!videofile || videofile.length === 0) return false | 117 | if (!videofile || videofile.length === 0) return false |
117 | 118 | ||
118 | // The file should exist | 119 | // The file should exist |
@@ -168,34 +169,3 @@ export { | |||
168 | isVideoFileSizeValid, | 169 | isVideoFileSizeValid, |
169 | isVideoFileResolutionValid | 170 | isVideoFileResolutionValid |
170 | } | 171 | } |
171 | |||
172 | declare module 'express-validator' { | ||
173 | export interface Validator { | ||
174 | isVideoIdOrUUIDValid, | ||
175 | isVideoAuthorValid, | ||
176 | isVideoDateValid, | ||
177 | isVideoCategoryValid, | ||
178 | isVideoLicenceValid, | ||
179 | isVideoLanguageValid, | ||
180 | isVideoNSFWValid, | ||
181 | isVideoDescriptionValid, | ||
182 | isVideoDurationValid, | ||
183 | isVideoInfoHashValid, | ||
184 | isVideoNameValid, | ||
185 | isVideoTagsValid, | ||
186 | isVideoThumbnailValid, | ||
187 | isVideoThumbnailDataValid, | ||
188 | isVideoExtnameValid, | ||
189 | isVideoUUIDValid, | ||
190 | isVideoAbuseReasonValid, | ||
191 | isVideoAbuseReporterUsernameValid, | ||
192 | isVideoFile, | ||
193 | isVideoViewsValid, | ||
194 | isVideoLikesValid, | ||
195 | isVideoRatingTypeValid, | ||
196 | isVideoDislikesValid, | ||
197 | isVideoEventCountValid, | ||
198 | isVideoFileSizeValid, | ||
199 | isVideoFileResolutionValid | ||
200 | } | ||
201 | } | ||
diff --git a/server/middlewares/validators/pagination.ts b/server/middlewares/validators/pagination.ts index cca8295ff..a5a542cdf 100644 --- a/server/middlewares/validators/pagination.ts +++ b/server/middlewares/validators/pagination.ts | |||
@@ -1,17 +1,19 @@ | |||
1 | import 'express-validator' | 1 | import { query } from 'express-validator/check' |
2 | import * as express from 'express' | 2 | import * as express from 'express' |
3 | 3 | ||
4 | import { checkErrors } from './utils' | 4 | import { checkErrors } from './utils' |
5 | import { logger } from '../../helpers' | 5 | import { logger } from '../../helpers' |
6 | 6 | ||
7 | function paginationValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 7 | const paginationValidator = [ |
8 | req.checkQuery('start', 'Should have a number start').optional().isInt() | 8 | query('start').optional().isInt().withMessage('Should have a number start'), |
9 | req.checkQuery('count', 'Should have a number count').optional().isInt() | 9 | query('count').optional().isInt().withMessage('Should have a number count'), |
10 | 10 | ||
11 | logger.debug('Checking pagination parameters', { parameters: req.query }) | 11 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
12 | logger.debug('Checking pagination parameters', { parameters: req.query }) | ||
12 | 13 | ||
13 | checkErrors(req, res, next) | 14 | checkErrors(req, res, next) |
14 | } | 15 | } |
16 | ] | ||
15 | 17 | ||
16 | // --------------------------------------------------------------------------- | 18 | // --------------------------------------------------------------------------- |
17 | 19 | ||
diff --git a/server/middlewares/validators/pods.ts b/server/middlewares/validators/pods.ts index 3a0f56f6a..ab7702e78 100644 --- a/server/middlewares/validators/pods.ts +++ b/server/middlewares/validators/pods.ts | |||
@@ -1,89 +1,96 @@ | |||
1 | import 'express-validator' | 1 | import { body, param } from 'express-validator/check' |
2 | import * as express from 'express' | 2 | import * as express from 'express' |
3 | 3 | ||
4 | import { database as db } from '../../initializers/database' | 4 | import { database as db } from '../../initializers/database' |
5 | import { checkErrors } from './utils' | 5 | import { checkErrors } from './utils' |
6 | import { logger } from '../../helpers' | 6 | import { logger, isEachUniqueHostValid, isHostValid } from '../../helpers' |
7 | import { CONFIG } from '../../initializers' | 7 | import { CONFIG } from '../../initializers' |
8 | import { hasFriends } from '../../lib' | 8 | import { hasFriends } from '../../lib' |
9 | import { isTestInstance } from '../../helpers' | 9 | import { isTestInstance } from '../../helpers' |
10 | 10 | ||
11 | function makeFriendsValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 11 | const makeFriendsValidator = [ |
12 | // Force https if the administrator wants to make friends | 12 | body('hosts').custom(isEachUniqueHostValid).withMessage('Should have an array of unique hosts'), |
13 | if (isTestInstance() === false && CONFIG.WEBSERVER.SCHEME === 'http') { | 13 | |
14 | return res.status(400) | 14 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
15 | .json({ | 15 | // Force https if the administrator wants to make friends |
16 | error: 'Cannot make friends with a non HTTPS web server.' | 16 | if (isTestInstance() === false && CONFIG.WEBSERVER.SCHEME === 'http') { |
17 | }) | 17 | return res.status(400) |
18 | .end() | 18 | .json({ |
19 | error: 'Cannot make friends with a non HTTPS web server.' | ||
20 | }) | ||
21 | .end() | ||
22 | } | ||
23 | |||
24 | logger.debug('Checking makeFriends parameters', { parameters: req.body }) | ||
25 | |||
26 | checkErrors(req, res, () => { | ||
27 | hasFriends() | ||
28 | .then(heHasFriends => { | ||
29 | if (heHasFriends === true) { | ||
30 | // We need to quit our friends before make new ones | ||
31 | return res.sendStatus(409) | ||
32 | } | ||
33 | |||
34 | return next() | ||
35 | }) | ||
36 | .catch(err => { | ||
37 | logger.error('Cannot know if we have friends.', err) | ||
38 | res.sendStatus(500) | ||
39 | }) | ||
40 | }) | ||
19 | } | 41 | } |
42 | ] | ||
20 | 43 | ||
21 | req.checkBody('hosts', 'Should have an array of unique hosts').isEachUniqueHostValid() | 44 | const podsAddValidator = [ |
22 | 45 | body('host').custom(isHostValid).withMessage('Should have a host'), | |
23 | logger.debug('Checking makeFriends parameters', { parameters: req.body }) | 46 | body('email').isEmail().withMessage('Should have an email'), |
24 | 47 | body('publicKey').not().isEmpty().withMessage('Should have a public key'), | |
25 | checkErrors(req, res, () => { | ||
26 | hasFriends() | ||
27 | .then(heHasFriends => { | ||
28 | if (heHasFriends === true) { | ||
29 | // We need to quit our friends before make new ones | ||
30 | return res.sendStatus(409) | ||
31 | } | ||
32 | |||
33 | return next() | ||
34 | }) | ||
35 | .catch(err => { | ||
36 | logger.error('Cannot know if we have friends.', err) | ||
37 | res.sendStatus(500) | ||
38 | }) | ||
39 | }) | ||
40 | } | ||
41 | 48 | ||
42 | function podsAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 49 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
43 | req.checkBody('host', 'Should have a host').isHostValid() | 50 | logger.debug('Checking podsAdd parameters', { parameters: req.body }) |
44 | req.checkBody('email', 'Should have an email').isEmail() | ||
45 | req.checkBody('publicKey', 'Should have a public key').notEmpty() | ||
46 | logger.debug('Checking podsAdd parameters', { parameters: req.body }) | ||
47 | |||
48 | checkErrors(req, res, () => { | ||
49 | db.Pod.loadByHost(req.body.host) | ||
50 | .then(pod => { | ||
51 | // Pod with this host already exists | ||
52 | if (pod) { | ||
53 | return res.sendStatus(409) | ||
54 | } | ||
55 | |||
56 | return next() | ||
57 | }) | ||
58 | .catch(err => { | ||
59 | logger.error('Cannot load pod by host.', err) | ||
60 | res.sendStatus(500) | ||
61 | }) | ||
62 | }) | ||
63 | } | ||
64 | 51 | ||
65 | function podRemoveValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 52 | checkErrors(req, res, () => { |
66 | req.checkParams('id', 'Should have a valid id').notEmpty().isNumeric() | 53 | db.Pod.loadByHost(req.body.host) |
67 | 54 | .then(pod => { | |
68 | logger.debug('Checking podRemoveValidator parameters', { parameters: req.params }) | 55 | // Pod with this host already exists |
69 | 56 | if (pod) { | |
70 | checkErrors(req, res, function () { | 57 | return res.sendStatus(409) |
71 | db.Pod.load(req.params.id) | 58 | } |
72 | .then(pod => { | 59 | |
73 | if (!pod) { | 60 | return next() |
74 | logger.error('Cannot find pod %d.', req.params.id) | 61 | }) |
75 | return res.sendStatus(404) | 62 | .catch(err => { |
76 | } | 63 | logger.error('Cannot load pod by host.', err) |
77 | 64 | res.sendStatus(500) | |
78 | res.locals.pod = pod | 65 | }) |
79 | return next() | 66 | }) |
80 | }) | 67 | } |
81 | .catch(err => { | 68 | ] |
82 | logger.error('Cannot load pod %d.', req.params.id, err) | 69 | |
83 | res.sendStatus(500) | 70 | const podRemoveValidator = [ |
84 | }) | 71 | param('id').isNumeric().not().isEmpty().withMessage('Should have a valid id'), |
85 | }) | 72 | |
86 | } | 73 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
74 | logger.debug('Checking podRemoveValidator parameters', { parameters: req.params }) | ||
75 | |||
76 | checkErrors(req, res, () => { | ||
77 | db.Pod.load(req.params.id) | ||
78 | .then(pod => { | ||
79 | if (!pod) { | ||
80 | logger.error('Cannot find pod %d.', req.params.id) | ||
81 | return res.sendStatus(404) | ||
82 | } | ||
83 | |||
84 | res.locals.pod = pod | ||
85 | return next() | ||
86 | }) | ||
87 | .catch(err => { | ||
88 | logger.error('Cannot load pod %d.', req.params.id, err) | ||
89 | res.sendStatus(500) | ||
90 | }) | ||
91 | }) | ||
92 | } | ||
93 | ] | ||
87 | 94 | ||
88 | // --------------------------------------------------------------------------- | 95 | // --------------------------------------------------------------------------- |
89 | 96 | ||
diff --git a/server/middlewares/validators/remote/signature.ts b/server/middlewares/validators/remote/signature.ts index eb5c196eb..d3937b515 100644 --- a/server/middlewares/validators/remote/signature.ts +++ b/server/middlewares/validators/remote/signature.ts | |||
@@ -1,17 +1,19 @@ | |||
1 | import 'express-validator' | 1 | import { body } from 'express-validator/check' |
2 | import * as express from 'express' | 2 | import * as express from 'express' |
3 | 3 | ||
4 | import { logger } from '../../../helpers' | 4 | import { logger, isHostValid } from '../../../helpers' |
5 | import { checkErrors } from '../utils' | 5 | import { checkErrors } from '../utils' |
6 | 6 | ||
7 | function signatureValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 7 | const signatureValidator = [ |
8 | req.checkBody('signature.host', 'Should have a signature host').isURL() | 8 | body('signature.host').custom(isHostValid).withMessage('Should have a signature host'), |
9 | req.checkBody('signature.signature', 'Should have a signature').notEmpty() | 9 | body('signature.signature').not().isEmpty().withMessage('Should have a signature'), |
10 | 10 | ||
11 | logger.debug('Checking signature parameters', { parameters: { signature: req.body.signature } }) | 11 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
12 | logger.debug('Checking signature parameters', { parameters: { signature: req.body.signature } }) | ||
12 | 13 | ||
13 | checkErrors(req, res, next) | 14 | checkErrors(req, res, next) |
14 | } | 15 | } |
16 | ] | ||
15 | 17 | ||
16 | // --------------------------------------------------------------------------- | 18 | // --------------------------------------------------------------------------- |
17 | 19 | ||
diff --git a/server/middlewares/validators/remote/videos.ts b/server/middlewares/validators/remote/videos.ts index 2037c0085..e4682a60b 100644 --- a/server/middlewares/validators/remote/videos.ts +++ b/server/middlewares/validators/remote/videos.ts | |||
@@ -1,32 +1,43 @@ | |||
1 | import 'express-validator' | 1 | import { body } from 'express-validator/check' |
2 | import * as express from 'express' | 2 | import * as express from 'express' |
3 | 3 | ||
4 | import { logger } from '../../../helpers' | 4 | import { |
5 | logger, | ||
6 | isEachRemoteRequestVideosValid, | ||
7 | isEachRemoteRequestVideosQaduValid, | ||
8 | isEachRemoteRequestVideosEventsValid | ||
9 | } from '../../../helpers' | ||
5 | import { checkErrors } from '../utils' | 10 | import { checkErrors } from '../utils' |
6 | 11 | ||
7 | function remoteVideosValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 12 | const remoteVideosValidator = [ |
8 | req.checkBody('data').isEachRemoteRequestVideosValid() | 13 | body('data').custom(isEachRemoteRequestVideosValid), |
9 | 14 | ||
10 | logger.debug('Checking remoteVideos parameters', { parameters: req.body }) | 15 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
16 | logger.debug('Checking remoteVideos parameters', { parameters: req.body }) | ||
11 | 17 | ||
12 | checkErrors(req, res, next) | 18 | checkErrors(req, res, next) |
13 | } | 19 | } |
20 | ] | ||
14 | 21 | ||
15 | function remoteQaduVideosValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 22 | const remoteQaduVideosValidator = [ |
16 | req.checkBody('data').isEachRemoteRequestVideosQaduValid() | 23 | body('data').custom(isEachRemoteRequestVideosQaduValid), |
17 | 24 | ||
18 | logger.debug('Checking remoteQaduVideos parameters', { parameters: req.body }) | 25 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
26 | logger.debug('Checking remoteQaduVideos parameters', { parameters: req.body }) | ||
19 | 27 | ||
20 | checkErrors(req, res, next) | 28 | checkErrors(req, res, next) |
21 | } | 29 | } |
30 | ] | ||
22 | 31 | ||
23 | function remoteEventsVideosValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 32 | const remoteEventsVideosValidator = [ |
24 | req.checkBody('data').isEachRemoteRequestVideosEventsValid() | 33 | body('data').custom(isEachRemoteRequestVideosEventsValid), |
25 | 34 | ||
26 | logger.debug('Checking remoteEventsVideos parameters', { parameters: req.body }) | 35 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
36 | logger.debug('Checking remoteEventsVideos parameters', { parameters: req.body }) | ||
27 | 37 | ||
28 | checkErrors(req, res, next) | 38 | checkErrors(req, res, next) |
29 | } | 39 | } |
40 | ] | ||
30 | 41 | ||
31 | // --------------------------------------------------------------------------- | 42 | // --------------------------------------------------------------------------- |
32 | 43 | ||
diff --git a/server/middlewares/validators/sort.ts b/server/middlewares/validators/sort.ts index 3baee9fb3..71b18acb0 100644 --- a/server/middlewares/validators/sort.ts +++ b/server/middlewares/validators/sort.ts | |||
@@ -1,4 +1,4 @@ | |||
1 | import 'express-validator' | 1 | import { query } from 'express-validator/check' |
2 | import * as express from 'express' | 2 | import * as express from 'express' |
3 | 3 | ||
4 | import { checkErrors } from './utils' | 4 | import { checkErrors } from './utils' |
@@ -10,17 +10,9 @@ const SORTABLE_USERS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.USERS) | |||
10 | const SORTABLE_VIDEO_ABUSES_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_ABUSES) | 10 | const SORTABLE_VIDEO_ABUSES_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_ABUSES) |
11 | const SORTABLE_VIDEOS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEOS) | 11 | const SORTABLE_VIDEOS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEOS) |
12 | 12 | ||
13 | function usersSortValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 13 | const usersSortValidator = checkSort(SORTABLE_USERS_COLUMNS) |
14 | checkSort(req, res, next, SORTABLE_USERS_COLUMNS) | 14 | const videoAbusesSortValidator = checkSort(SORTABLE_VIDEO_ABUSES_COLUMNS) |
15 | } | 15 | const videosSortValidator = checkSort(SORTABLE_VIDEOS_COLUMNS) |
16 | |||
17 | function videoAbusesSortValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | ||
18 | checkSort(req, res, next, SORTABLE_VIDEO_ABUSES_COLUMNS) | ||
19 | } | ||
20 | |||
21 | function videosSortValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | ||
22 | checkSort(req, res, next, SORTABLE_VIDEOS_COLUMNS) | ||
23 | } | ||
24 | 16 | ||
25 | // --------------------------------------------------------------------------- | 17 | // --------------------------------------------------------------------------- |
26 | 18 | ||
@@ -32,12 +24,16 @@ export { | |||
32 | 24 | ||
33 | // --------------------------------------------------------------------------- | 25 | // --------------------------------------------------------------------------- |
34 | 26 | ||
35 | function checkSort (req: express.Request, res: express.Response, next: express.NextFunction, sortableColumns: string[]) { | 27 | function checkSort (sortableColumns: string[]) { |
36 | req.checkQuery('sort', 'Should have correct sortable column').optional().isIn(sortableColumns) | 28 | return [ |
29 | query('sort').optional().isIn(sortableColumns).withMessage('Should have correct sortable column'), | ||
37 | 30 | ||
38 | logger.debug('Checking sort parameters', { parameters: req.query }) | 31 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
32 | logger.debug('Checking sort parameters', { parameters: req.query }) | ||
39 | 33 | ||
40 | checkErrors(req, res, next) | 34 | checkErrors(req, res, next) |
35 | } | ||
36 | ] | ||
41 | } | 37 | } |
42 | 38 | ||
43 | function createSortableColumns (sortableColumns: string[]) { | 39 | function createSortableColumns (sortableColumns: string[]) { |
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 15c07c693..ab9d0938c 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -1,3 +1,4 @@ | |||
1 | import { body, param } from 'express-validator/check' | ||
1 | import 'express-validator' | 2 | import 'express-validator' |
2 | import * as express from 'express' | 3 | import * as express from 'express' |
3 | import * as Promise from 'bluebird' | 4 | import * as Promise from 'bluebird' |
@@ -5,130 +6,154 @@ import * as validator from 'validator' | |||
5 | 6 | ||
6 | import { database as db } from '../../initializers/database' | 7 | import { database as db } from '../../initializers/database' |
7 | import { checkErrors } from './utils' | 8 | import { checkErrors } from './utils' |
8 | import { isSignupAllowed, logger } from '../../helpers' | 9 | import { |
10 | isSignupAllowed, | ||
11 | logger, | ||
12 | isUserUsernameValid, | ||
13 | isUserPasswordValid, | ||
14 | isUserVideoQuotaValid, | ||
15 | isUserDisplayNSFWValid, | ||
16 | isVideoIdOrUUIDValid | ||
17 | } from '../../helpers' | ||
9 | import { UserInstance, VideoInstance } from '../../models' | 18 | import { UserInstance, VideoInstance } from '../../models' |
10 | 19 | ||
11 | function usersAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 20 | const usersAddValidator = [ |
12 | req.checkBody('username', 'Should have a valid username').isUserUsernameValid() | 21 | body('username').custom(isUserUsernameValid).withMessage('Should have a valid username'), |
13 | req.checkBody('password', 'Should have a valid password').isUserPasswordValid() | 22 | body('password').custom(isUserPasswordValid).withMessage('Should have a valid password'), |
14 | req.checkBody('email', 'Should have a valid email').isEmail() | 23 | body('email').isEmail().withMessage('Should have a valid email'), |
15 | req.checkBody('videoQuota', 'Should have a valid user quota').isUserVideoQuotaValid() | 24 | body('videoQuota').custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'), |
16 | 25 | ||
17 | logger.debug('Checking usersAdd parameters', { parameters: req.body }) | 26 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
27 | logger.debug('Checking usersAdd parameters', { parameters: req.body }) | ||
18 | 28 | ||
19 | checkErrors(req, res, () => { | 29 | checkErrors(req, res, () => { |
20 | checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next) | 30 | checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next) |
21 | }) | 31 | }) |
22 | } | 32 | } |
33 | ] | ||
23 | 34 | ||
24 | function usersRegisterValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 35 | const usersRegisterValidator = [ |
25 | req.checkBody('username', 'Should have a valid username').isUserUsernameValid() | 36 | body('username').custom(isUserUsernameValid).withMessage('Should have a valid username'), |
26 | req.checkBody('password', 'Should have a valid password').isUserPasswordValid() | 37 | body('password').custom(isUserPasswordValid).withMessage('Should have a valid password'), |
27 | req.checkBody('email', 'Should have a valid email').isEmail() | 38 | body('email').isEmail().withMessage('Should have a valid email'), |
28 | 39 | ||
29 | logger.debug('Checking usersRegister parameters', { parameters: req.body }) | 40 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
41 | logger.debug('Checking usersRegister parameters', { parameters: req.body }) | ||
30 | 42 | ||
31 | checkErrors(req, res, () => { | 43 | checkErrors(req, res, () => { |
32 | checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next) | 44 | checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next) |
33 | }) | 45 | }) |
34 | } | 46 | } |
47 | ] | ||
35 | 48 | ||
36 | function usersRemoveValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 49 | const usersRemoveValidator = [ |
37 | req.checkParams('id', 'Should have a valid id').notEmpty().isInt() | 50 | param('id').isInt().not().isEmpty().withMessage('Should have a valid id'), |
38 | 51 | ||
39 | logger.debug('Checking usersRemove parameters', { parameters: req.params }) | 52 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
53 | logger.debug('Checking usersRemove parameters', { parameters: req.params }) | ||
40 | 54 | ||
41 | checkErrors(req, res, () => { | 55 | checkErrors(req, res, () => { |
42 | checkUserExists(req.params.id, res, (err, user) => { | 56 | checkUserExists(req.params.id, res, (err, user) => { |
43 | if (err) { | 57 | if (err) { |
44 | logger.error('Error in usersRemoveValidator.', err) | 58 | logger.error('Error in usersRemoveValidator.', err) |
45 | return res.sendStatus(500) | 59 | return res.sendStatus(500) |
46 | } | 60 | } |
47 | 61 | ||
48 | if (user.username === 'root') { | 62 | if (user.username === 'root') { |
49 | return res.status(400) | 63 | return res.status(400) |
50 | .send({ error: 'Cannot remove the root user' }) | 64 | .send({ error: 'Cannot remove the root user' }) |
51 | .end() | 65 | .end() |
52 | } | 66 | } |
53 | 67 | ||
54 | return next() | 68 | return next() |
69 | }) | ||
55 | }) | 70 | }) |
56 | }) | 71 | } |
57 | } | 72 | ] |
58 | 73 | ||
59 | function usersUpdateValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 74 | const usersUpdateValidator = [ |
60 | req.checkParams('id', 'Should have a valid id').notEmpty().isInt() | 75 | param('id').isInt().not().isEmpty().withMessage('Should have a valid id'), |
61 | req.checkBody('email', 'Should have a valid email attribute').optional().isEmail() | 76 | body('email').optional().isEmail().withMessage('Should have a valid email attribute'), |
62 | req.checkBody('videoQuota', 'Should have a valid user quota').optional().isUserVideoQuotaValid() | 77 | body('videoQuota').optional().custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'), |
63 | 78 | ||
64 | logger.debug('Checking usersUpdate parameters', { parameters: req.body }) | 79 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
80 | logger.debug('Checking usersUpdate parameters', { parameters: req.body }) | ||
65 | 81 | ||
66 | checkErrors(req, res, () => { | 82 | checkErrors(req, res, () => { |
67 | checkUserExists(req.params.id, res, next) | 83 | checkUserExists(req.params.id, res, next) |
68 | }) | 84 | }) |
69 | } | 85 | } |
86 | ] | ||
70 | 87 | ||
71 | function usersUpdateMeValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 88 | const usersUpdateMeValidator = [ |
72 | // Add old password verification | 89 | body('password').optional().custom(isUserPasswordValid).withMessage('Should have a valid password'), |
73 | req.checkBody('password', 'Should have a valid password').optional().isUserPasswordValid() | 90 | body('email').optional().isEmail().withMessage('Should have a valid email attribute'), |
74 | req.checkBody('email', 'Should have a valid email attribute').optional().isEmail() | 91 | body('displayNSFW').optional().custom(isUserDisplayNSFWValid).withMessage('Should have a valid display Not Safe For Work attribute'), |
75 | req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid() | ||
76 | 92 | ||
77 | logger.debug('Checking usersUpdateMe parameters', { parameters: req.body }) | 93 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
94 | // TODO: Add old password verification | ||
95 | logger.debug('Checking usersUpdateMe parameters', { parameters: req.body }) | ||
78 | 96 | ||
79 | checkErrors(req, res, next) | 97 | checkErrors(req, res, next) |
80 | } | 98 | } |
99 | ] | ||
81 | 100 | ||
82 | function usersGetValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 101 | const usersGetValidator = [ |
83 | req.checkParams('id', 'Should have a valid id').notEmpty().isInt() | 102 | param('id').isInt().not().isEmpty().withMessage('Should have a valid id'), |
84 | 103 | ||
85 | checkErrors(req, res, () => { | 104 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
86 | checkUserExists(req.params.id, res, next) | 105 | checkErrors(req, res, () => { |
87 | }) | 106 | checkUserExists(req.params.id, res, next) |
88 | } | 107 | }) |
89 | 108 | } | |
90 | function usersVideoRatingValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 109 | ] |
91 | req.checkParams('videoId', 'Should have a valid video id').notEmpty().isVideoIdOrUUIDValid() | ||
92 | |||
93 | logger.debug('Checking usersVideoRating parameters', { parameters: req.params }) | ||
94 | 110 | ||
95 | checkErrors(req, res, () => { | 111 | const usersVideoRatingValidator = [ |
96 | let videoPromise: Promise<VideoInstance> | 112 | param('videoId').custom(isVideoIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid video id'), |
97 | 113 | ||
98 | if (validator.isUUID(req.params.videoId)) { | 114 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
99 | videoPromise = db.Video.loadByUUID(req.params.videoId) | 115 | logger.debug('Checking usersVideoRating parameters', { parameters: req.params }) |
100 | } else { | ||
101 | videoPromise = db.Video.load(req.params.videoId) | ||
102 | } | ||
103 | 116 | ||
104 | videoPromise | 117 | checkErrors(req, res, () => { |
105 | .then(video => { | 118 | let videoPromise: Promise<VideoInstance> |
106 | if (!video) { | ||
107 | return res.status(404) | ||
108 | .json({ error: 'Video not found' }) | ||
109 | .end() | ||
110 | } | ||
111 | 119 | ||
112 | return next() | 120 | if (validator.isUUID(req.params.videoId)) { |
113 | }) | 121 | videoPromise = db.Video.loadByUUID(req.params.videoId) |
114 | .catch(err => { | 122 | } else { |
115 | logger.error('Error in user request validator.', err) | 123 | videoPromise = db.Video.load(req.params.videoId) |
116 | return res.sendStatus(500) | 124 | } |
117 | }) | ||
118 | }) | ||
119 | } | ||
120 | 125 | ||
121 | function ensureUserRegistrationAllowed (req: express.Request, res: express.Response, next: express.NextFunction) { | 126 | videoPromise |
122 | isSignupAllowed().then(allowed => { | 127 | .then(video => { |
123 | if (allowed === false) { | 128 | if (!video) { |
124 | return res.status(403) | 129 | return res.status(404) |
125 | .send({ error: 'User registration is not enabled or user limit is reached.' }) | 130 | .json({ error: 'Video not found' }) |
126 | .end() | 131 | .end() |
127 | } | 132 | } |
133 | |||
134 | return next() | ||
135 | }) | ||
136 | .catch(err => { | ||
137 | logger.error('Error in user request validator.', err) | ||
138 | return res.sendStatus(500) | ||
139 | }) | ||
140 | }) | ||
141 | } | ||
142 | ] | ||
143 | |||
144 | const ensureUserRegistrationAllowed = [ | ||
145 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
146 | isSignupAllowed().then(allowed => { | ||
147 | if (allowed === false) { | ||
148 | return res.status(403) | ||
149 | .send({ error: 'User registration is not enabled or user limit is reached.' }) | ||
150 | .end() | ||
151 | } | ||
128 | 152 | ||
129 | return next() | 153 | return next() |
130 | }) | 154 | }) |
131 | } | 155 | } |
156 | ] | ||
132 | 157 | ||
133 | // --------------------------------------------------------------------------- | 158 | // --------------------------------------------------------------------------- |
134 | 159 | ||
diff --git a/server/middlewares/validators/utils.ts b/server/middlewares/validators/utils.ts index 0424d5942..8845f8399 100644 --- a/server/middlewares/validators/utils.ts +++ b/server/middlewares/validators/utils.ts | |||
@@ -1,15 +1,14 @@ | |||
1 | import 'express-validator' | 1 | import { validationResult } from 'express-validator/check' |
2 | import * as express from 'express' | 2 | import * as express from 'express' |
3 | import { inspect } from 'util' | ||
4 | 3 | ||
5 | import { logger } from '../../helpers' | 4 | import { logger } from '../../helpers' |
6 | 5 | ||
7 | function checkErrors (req: express.Request, res: express.Response, next: express.NextFunction, statusCode = 400) { | 6 | function checkErrors (req: express.Request, res: express.Response, next: express.NextFunction, statusCode = 400) { |
8 | const errors = req.validationErrors() | 7 | const errors = validationResult(req) |
9 | 8 | ||
10 | if (errors) { | 9 | if (!errors.isEmpty()) { |
11 | logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors }) | 10 | logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors.mapped() }) |
12 | return res.status(statusCode).send('There have been validation errors: ' + inspect(errors)) | 11 | return res.status(statusCode).json({ errors: errors.mapped() }) |
13 | } | 12 | } |
14 | 13 | ||
15 | return next() | 14 | return next() |
diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts index 213b4c46b..bc8b7e541 100644 --- a/server/middlewares/validators/videos.ts +++ b/server/middlewares/validators/videos.ts | |||
@@ -1,4 +1,4 @@ | |||
1 | import 'express-validator' | 1 | import { body, param, query } from 'express-validator/check' |
2 | import * as express from 'express' | 2 | import * as express from 'express' |
3 | import * as Promise from 'bluebird' | 3 | import * as Promise from 'bluebird' |
4 | import * as validator from 'validator' | 4 | import * as validator from 'validator' |
@@ -6,172 +6,198 @@ import * as validator from 'validator' | |||
6 | import { database as db } from '../../initializers/database' | 6 | import { database as db } from '../../initializers/database' |
7 | import { checkErrors } from './utils' | 7 | import { checkErrors } from './utils' |
8 | import { CONSTRAINTS_FIELDS, SEARCHABLE_COLUMNS } from '../../initializers' | 8 | import { CONSTRAINTS_FIELDS, SEARCHABLE_COLUMNS } from '../../initializers' |
9 | import { logger, isVideoDurationValid } from '../../helpers' | 9 | import { |
10 | logger, | ||
11 | isVideoDurationValid, | ||
12 | isVideoFile, | ||
13 | isVideoNameValid, | ||
14 | isVideoCategoryValid, | ||
15 | isVideoLicenceValid, | ||
16 | isVideoDescriptionValid, | ||
17 | isVideoLanguageValid, | ||
18 | isVideoTagsValid, | ||
19 | isVideoNSFWValid, | ||
20 | isVideoIdOrUUIDValid, | ||
21 | isVideoAbuseReasonValid, | ||
22 | isVideoRatingTypeValid | ||
23 | } from '../../helpers' | ||
10 | import { VideoInstance } from '../../models' | 24 | import { VideoInstance } from '../../models' |
11 | 25 | ||
12 | function videosAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 26 | const videosAddValidator = [ |
13 | // FIXME: Don't write an error message, it seems there is a bug with express-validator | 27 | body('videofile').custom((value, { req }) => isVideoFile(req.files)).withMessage('Should have a valid file'), |
14 | // 'Should have a valid file' | 28 | body('name').custom(isVideoNameValid).withMessage('Should have a valid name'), |
15 | req.checkBody('videofile').isVideoFile(req.files) | 29 | body('category').custom(isVideoCategoryValid).withMessage('Should have a valid category'), |
16 | req.checkBody('name', 'Should have a valid name').isVideoNameValid() | 30 | body('licence').custom(isVideoLicenceValid).withMessage('Should have a valid licence'), |
17 | req.checkBody('category', 'Should have a valid category').isVideoCategoryValid() | 31 | body('language').optional().custom(isVideoLanguageValid).withMessage('Should have a valid language'), |
18 | req.checkBody('licence', 'Should have a valid licence').isVideoLicenceValid() | 32 | body('nsfw').custom(isVideoNSFWValid).withMessage('Should have a valid NSFW attribute'), |
19 | req.checkBody('language', 'Should have a valid language').optional().isVideoLanguageValid() | 33 | body('description').custom(isVideoDescriptionValid).withMessage('Should have a valid description'), |
20 | req.checkBody('nsfw', 'Should have a valid NSFW attribute').isVideoNSFWValid() | 34 | body('tags').optional().custom(isVideoTagsValid).withMessage('Should have correct tags'), |
21 | req.checkBody('description', 'Should have a valid description').isVideoDescriptionValid() | 35 | |
22 | req.checkBody('tags', 'Should have correct tags').optional().isVideoTagsValid() | 36 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
23 | 37 | logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) | |
24 | logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) | 38 | |
25 | 39 | checkErrors(req, res, () => { | |
26 | checkErrors(req, res, () => { | 40 | const videoFile: Express.Multer.File = req.files['videofile'][0] |
27 | const videoFile: Express.Multer.File = req.files['videofile'][0] | 41 | const user = res.locals.oauth.token.User |
28 | const user = res.locals.oauth.token.User | 42 | |
29 | 43 | user.isAbleToUploadVideo(videoFile) | |
30 | user.isAbleToUploadVideo(videoFile) | 44 | .then(isAble => { |
31 | .then(isAble => { | 45 | if (isAble === false) { |
32 | if (isAble === false) { | 46 | res.status(403) |
33 | res.status(403) | 47 | .json({ error: 'The user video quota is exceeded with this video.' }) |
34 | .json({ error: 'The user video quota is exceeded with this video.' }) | 48 | .end() |
35 | .end() | 49 | |
50 | return undefined | ||
51 | } | ||
52 | |||
53 | return db.Video.getDurationFromFile(videoFile.path) | ||
54 | .catch(err => { | ||
55 | logger.error('Invalid input file in videosAddValidator.', err) | ||
56 | res.status(400) | ||
57 | .json({ error: 'Invalid input file.' }) | ||
58 | .end() | ||
59 | |||
60 | return undefined | ||
61 | }) | ||
62 | }) | ||
63 | .then(duration => { | ||
64 | // Previous test failed, abort | ||
65 | if (duration === undefined) return | ||
66 | |||
67 | if (!isVideoDurationValid('' + duration)) { | ||
68 | return res.status(400) | ||
69 | .json({ | ||
70 | error: 'Duration of the video file is too big (max: ' + CONSTRAINTS_FIELDS.VIDEOS.DURATION.max + 's).' | ||
71 | }) | ||
72 | .end() | ||
73 | } | ||
74 | |||
75 | videoFile['duration'] = duration | ||
76 | next() | ||
77 | }) | ||
78 | .catch(err => { | ||
79 | logger.error('Error in video add validator', err) | ||
80 | res.sendStatus(500) | ||
36 | 81 | ||
37 | return undefined | 82 | return undefined |
83 | }) | ||
84 | }) | ||
85 | } | ||
86 | ] | ||
87 | |||
88 | const videosUpdateValidator = [ | ||
89 | param('id').custom(isVideoIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | ||
90 | body('name').optional().custom(isVideoNameValid).withMessage('Should have a valid name'), | ||
91 | body('category').optional().custom(isVideoCategoryValid).withMessage('Should have a valid category'), | ||
92 | body('licence').optional().custom(isVideoLicenceValid).withMessage('Should have a valid licence'), | ||
93 | body('language').optional().custom(isVideoLanguageValid).withMessage('Should have a valid language'), | ||
94 | body('nsfw').optional().custom(isVideoNSFWValid).withMessage('Should have a valid NSFW attribute'), | ||
95 | body('description').optional().custom(isVideoDescriptionValid).withMessage('Should have a valid description'), | ||
96 | body('tags').optional().custom(isVideoTagsValid).withMessage('Should have correct tags'), | ||
97 | |||
98 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
99 | logger.debug('Checking videosUpdate parameters', { parameters: req.body }) | ||
100 | |||
101 | checkErrors(req, res, () => { | ||
102 | checkVideoExists(req.params.id, res, () => { | ||
103 | // We need to make additional checks | ||
104 | if (res.locals.video.isOwned() === false) { | ||
105 | return res.status(403) | ||
106 | .json({ error: 'Cannot update video of another pod' }) | ||
107 | .end() | ||
38 | } | 108 | } |
39 | 109 | ||
40 | return db.Video.getDurationFromFile(videoFile.path) | 110 | if (res.locals.video.Author.userId !== res.locals.oauth.token.User.id) { |
41 | .catch(err => { | 111 | return res.status(403) |
42 | logger.error('Invalid input file in videosAddValidator.', err) | 112 | .json({ error: 'Cannot update video of another user' }) |
43 | res.status(400) | ||
44 | .json({ error: 'Invalid input file.' }) | ||
45 | .end() | ||
46 | |||
47 | return undefined | ||
48 | }) | ||
49 | }) | ||
50 | .then(duration => { | ||
51 | // Previous test failed, abort | ||
52 | if (duration === undefined) return | ||
53 | |||
54 | if (!isVideoDurationValid('' + duration)) { | ||
55 | return res.status(400) | ||
56 | .json({ | ||
57 | error: 'Duration of the video file is too big (max: ' + CONSTRAINTS_FIELDS.VIDEOS.DURATION.max + 's).' | ||
58 | }) | ||
59 | .end() | 113 | .end() |
60 | } | 114 | } |
61 | 115 | ||
62 | videoFile['duration'] = duration | ||
63 | next() | 116 | next() |
64 | }) | 117 | }) |
65 | .catch(err => { | ||
66 | logger.error('Error in video add validator', err) | ||
67 | res.sendStatus(500) | ||
68 | |||
69 | return undefined | ||
70 | }) | ||
71 | |||
72 | }) | ||
73 | } | ||
74 | |||
75 | function videosUpdateValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | ||
76 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() | ||
77 | req.checkBody('name', 'Should have a valid name').optional().isVideoNameValid() | ||
78 | req.checkBody('category', 'Should have a valid category').optional().isVideoCategoryValid() | ||
79 | req.checkBody('licence', 'Should have a valid licence').optional().isVideoLicenceValid() | ||
80 | req.checkBody('language', 'Should have a valid language').optional().isVideoLanguageValid() | ||
81 | req.checkBody('nsfw', 'Should have a valid NSFW attribute').optional().isVideoNSFWValid() | ||
82 | req.checkBody('description', 'Should have a valid description').optional().isVideoDescriptionValid() | ||
83 | req.checkBody('tags', 'Should have correct tags').optional().isVideoTagsValid() | ||
84 | |||
85 | logger.debug('Checking videosUpdate parameters', { parameters: req.body }) | ||
86 | |||
87 | checkErrors(req, res, () => { | ||
88 | checkVideoExists(req.params.id, res, () => { | ||
89 | // We need to make additional checks | ||
90 | if (res.locals.video.isOwned() === false) { | ||
91 | return res.status(403) | ||
92 | .json({ error: 'Cannot update video of another pod' }) | ||
93 | .end() | ||
94 | } | ||
95 | |||
96 | if (res.locals.video.Author.userId !== res.locals.oauth.token.User.id) { | ||
97 | return res.status(403) | ||
98 | .json({ error: 'Cannot update video of another user' }) | ||
99 | .end() | ||
100 | } | ||
101 | |||
102 | next() | ||
103 | }) | 118 | }) |
104 | }) | 119 | } |
105 | } | 120 | ] |
106 | 121 | ||
107 | function videosGetValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 122 | const videosGetValidator = [ |
108 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() | 123 | param('id').custom(isVideoIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
109 | 124 | ||
110 | logger.debug('Checking videosGet parameters', { parameters: req.params }) | 125 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
126 | logger.debug('Checking videosGet parameters', { parameters: req.params }) | ||
111 | 127 | ||
112 | checkErrors(req, res, () => { | 128 | checkErrors(req, res, () => { |
113 | checkVideoExists(req.params.id, res, next) | 129 | checkVideoExists(req.params.id, res, next) |
114 | }) | 130 | }) |
115 | } | 131 | } |
132 | ] | ||
116 | 133 | ||
117 | function videosRemoveValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 134 | const videosRemoveValidator = [ |
118 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() | 135 | param('id').custom(isVideoIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
119 | 136 | ||
120 | logger.debug('Checking videosRemove parameters', { parameters: req.params }) | 137 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
138 | logger.debug('Checking videosRemove parameters', { parameters: req.params }) | ||
121 | 139 | ||
122 | checkErrors(req, res, () => { | 140 | checkErrors(req, res, () => { |
123 | checkVideoExists(req.params.id, res, () => { | 141 | checkVideoExists(req.params.id, res, () => { |
124 | // Check if the user who did the request is able to delete the video | 142 | // Check if the user who did the request is able to delete the video |
125 | checkUserCanDeleteVideo(res.locals.oauth.token.User.id, res, () => { | 143 | checkUserCanDeleteVideo(res.locals.oauth.token.User.id, res, () => { |
126 | next() | 144 | next() |
145 | }) | ||
127 | }) | 146 | }) |
128 | }) | 147 | }) |
129 | }) | 148 | } |
130 | } | 149 | ] |
131 | 150 | ||
132 | function videosSearchValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 151 | const videosSearchValidator = [ |
133 | const searchableColumns = SEARCHABLE_COLUMNS.VIDEOS | 152 | param('value').not().isEmpty().withMessage('Should have a valid search'), |
134 | req.checkParams('value', 'Should have a valid search').notEmpty() | 153 | query('field').optional().isIn(SEARCHABLE_COLUMNS.VIDEOS).withMessage('Should have correct searchable column'), |
135 | req.checkQuery('field', 'Should have correct searchable column').optional().isIn(searchableColumns) | ||
136 | 154 | ||
137 | logger.debug('Checking videosSearch parameters', { parameters: req.params }) | 155 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
156 | logger.debug('Checking videosSearch parameters', { parameters: req.params }) | ||
138 | 157 | ||
139 | checkErrors(req, res, next) | 158 | checkErrors(req, res, next) |
140 | } | 159 | } |
160 | ] | ||
141 | 161 | ||
142 | function videoAbuseReportValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 162 | const videoAbuseReportValidator = [ |
143 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() | 163 | param('id').custom(isVideoIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
144 | req.checkBody('reason', 'Should have a valid reason').isVideoAbuseReasonValid() | 164 | body('reason').custom(isVideoAbuseReasonValid).withMessage('Should have a valid reason'), |
145 | 165 | ||
146 | logger.debug('Checking videoAbuseReport parameters', { parameters: req.body }) | 166 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
167 | logger.debug('Checking videoAbuseReport parameters', { parameters: req.body }) | ||
147 | 168 | ||
148 | checkErrors(req, res, () => { | 169 | checkErrors(req, res, () => { |
149 | checkVideoExists(req.params.id, res, next) | 170 | checkVideoExists(req.params.id, res, next) |
150 | }) | 171 | }) |
151 | } | 172 | } |
173 | ] | ||
152 | 174 | ||
153 | function videoRateValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 175 | const videoRateValidator = [ |
154 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() | 176 | param('id').custom(isVideoIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
155 | req.checkBody('rating', 'Should have a valid rate type').isVideoRatingTypeValid() | 177 | body('rating').custom(isVideoRatingTypeValid).withMessage('Should have a valid rate type'), |
156 | 178 | ||
157 | logger.debug('Checking videoRate parameters', { parameters: req.body }) | 179 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
180 | logger.debug('Checking videoRate parameters', { parameters: req.body }) | ||
158 | 181 | ||
159 | checkErrors(req, res, () => { | 182 | checkErrors(req, res, () => { |
160 | checkVideoExists(req.params.id, res, next) | 183 | checkVideoExists(req.params.id, res, next) |
161 | }) | 184 | }) |
162 | } | 185 | } |
186 | ] | ||
163 | 187 | ||
164 | function videosBlacklistValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 188 | const videosBlacklistValidator = [ |
165 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() | 189 | param('id').custom(isVideoIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
166 | 190 | ||
167 | logger.debug('Checking videosBlacklist parameters', { parameters: req.params }) | 191 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
192 | logger.debug('Checking videosBlacklist parameters', { parameters: req.params }) | ||
168 | 193 | ||
169 | checkErrors(req, res, () => { | 194 | checkErrors(req, res, () => { |
170 | checkVideoExists(req.params.id, res, () => { | 195 | checkVideoExists(req.params.id, res, () => { |
171 | checkVideoIsBlacklistable(req, res, next) | 196 | checkVideoIsBlacklistable(req, res, next) |
197 | }) | ||
172 | }) | 198 | }) |
173 | }) | 199 | } |
174 | } | 200 | ] |
175 | 201 | ||
176 | // --------------------------------------------------------------------------- | 202 | // --------------------------------------------------------------------------- |
177 | 203 | ||
@@ -16,7 +16,7 @@ | |||
16 | dependencies: | 16 | dependencies: |
17 | "@types/node" "*" | 17 | "@types/node" "*" |
18 | 18 | ||
19 | "@types/bluebird@*", "@types/bluebird@^3.4.0": | 19 | "@types/bluebird@*": |
20 | version "3.5.8" | 20 | version "3.5.8" |
21 | resolved "https://registry.yarnpkg.com/@types/bluebird/-/bluebird-3.5.8.tgz#242a83379f06c90f96acf6d1aeab3af6faebdb98" | 21 | resolved "https://registry.yarnpkg.com/@types/bluebird/-/bluebird-3.5.8.tgz#242a83379f06c90f96acf6d1aeab3af6faebdb98" |
22 | 22 | ||
@@ -513,7 +513,7 @@ block-stream@*: | |||
513 | dependencies: | 513 | dependencies: |
514 | inherits "~2.0.0" | 514 | inherits "~2.0.0" |
515 | 515 | ||
516 | bluebird@3.5.0, bluebird@^3.0.5, bluebird@^3.4.0, bluebird@^3.4.6, bluebird@^3.5.0: | 516 | bluebird@3.5.0, bluebird@^3.0.5, bluebird@^3.4.6, bluebird@^3.5.0: |
517 | version "3.5.0" | 517 | version "3.5.0" |
518 | resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.5.0.tgz#791420d7f551eea2897453a8a77653f96606d67c" | 518 | resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.5.0.tgz#791420d7f551eea2897453a8a77653f96606d67c" |
519 | 519 | ||
@@ -1364,15 +1364,13 @@ express-oauth-server@^2.0.0: | |||
1364 | express "^4.13.3" | 1364 | express "^4.13.3" |
1365 | oauth2-server "3.0.0" | 1365 | oauth2-server "3.0.0" |
1366 | 1366 | ||
1367 | express-validator@^3.1.0: | 1367 | express-validator@^4.1.1: |
1368 | version "3.2.1" | 1368 | version "4.1.1" |
1369 | resolved "https://registry.yarnpkg.com/express-validator/-/express-validator-3.2.1.tgz#45603e7eee693185c2198fbdebd414925ffd3524" | 1369 | resolved "https://registry.yarnpkg.com/express-validator/-/express-validator-4.1.1.tgz#539d49262778eaac170fcd55ef6a3245196cb9d9" |
1370 | dependencies: | 1370 | dependencies: |
1371 | "@types/bluebird" "^3.4.0" | ||
1372 | "@types/express" "~4.0.34" | 1371 | "@types/express" "~4.0.34" |
1373 | bluebird "^3.4.0" | ||
1374 | lodash "^4.16.0" | 1372 | lodash "^4.16.0" |
1375 | validator "~6.2.0" | 1373 | validator "~8.1.0" |
1376 | 1374 | ||
1377 | express@^4.12.4, express@^4.13.3: | 1375 | express@^4.12.4, express@^4.13.3: |
1378 | version "4.15.4" | 1376 | version "4.15.4" |
@@ -3979,14 +3977,10 @@ v8flags@^3.0.0: | |||
3979 | dependencies: | 3977 | dependencies: |
3980 | user-home "^1.1.1" | 3978 | user-home "^1.1.1" |
3981 | 3979 | ||
3982 | validator@^8.0.0, validator@^8.1.0: | 3980 | validator@^8.0.0, validator@^8.1.0, validator@~8.1.0: |
3983 | version "8.1.0" | 3981 | version "8.1.0" |
3984 | resolved "https://registry.yarnpkg.com/validator/-/validator-8.1.0.tgz#89cf6b512ff71eba886afd8d10d47f8dc800eac0" | 3982 | resolved "https://registry.yarnpkg.com/validator/-/validator-8.1.0.tgz#89cf6b512ff71eba886afd8d10d47f8dc800eac0" |
3985 | 3983 | ||
3986 | validator@~6.2.0: | ||
3987 | version "6.2.1" | ||
3988 | resolved "https://registry.yarnpkg.com/validator/-/validator-6.2.1.tgz#bc575b78d15beb2e338a665ba9530c7f409ef667" | ||
3989 | |||
3990 | vary@^1, vary@~1.1.1: | 3984 | vary@^1, vary@~1.1.1: |
3991 | version "1.1.1" | 3985 | version "1.1.1" |
3992 | resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.1.tgz#67535ebb694c1d52257457984665323f587e8d37" | 3986 | resolved "https://registry.yarnpkg.com/vary/-/vary-1.1.1.tgz#67535ebb694c1d52257457984665323f587e8d37" |