diff options
-rw-r--r-- | server/controllers/activitypub/client.ts | 4 | ||||
-rw-r--r-- | server/controllers/api/pods.ts | 5 | ||||
-rw-r--r-- | server/lib/activitypub/send-request.ts | 2 | ||||
-rw-r--r-- | server/models/account/account-interface.ts | 8 | ||||
-rw-r--r-- | server/models/account/account.ts | 20 | ||||
-rw-r--r-- | shared/models/users/user-right.enum.ts | 3 |
6 files changed, 23 insertions, 19 deletions
diff --git a/server/controllers/activitypub/client.ts b/server/controllers/activitypub/client.ts index 5cfbc2f1d..461a619dd 100644 --- a/server/controllers/activitypub/client.ts +++ b/server/controllers/activitypub/client.ts | |||
@@ -46,7 +46,7 @@ async function accountFollowersController (req: express.Request, res: express.Re | |||
46 | const page = req.params.page || 1 | 46 | const page = req.params.page || 1 |
47 | const { start, count } = pageToStartAndCount(page, ACTIVITY_PUB.COLLECTION_ITEMS_PER_PAGE) | 47 | const { start, count } = pageToStartAndCount(page, ACTIVITY_PUB.COLLECTION_ITEMS_PER_PAGE) |
48 | 48 | ||
49 | const result = await db.Account.listFollowerUrlsForApi(account.id, start, count) | 49 | const result = await db.Account.listAcceptedFollowerUrlsForApi(account.id, start, count) |
50 | const activityPubResult = activityPubCollectionPagination(req.url, page, result) | 50 | const activityPubResult = activityPubCollectionPagination(req.url, page, result) |
51 | 51 | ||
52 | return res.json(activityPubResult) | 52 | return res.json(activityPubResult) |
@@ -58,7 +58,7 @@ async function accountFollowingController (req: express.Request, res: express.Re | |||
58 | const page = req.params.page || 1 | 58 | const page = req.params.page || 1 |
59 | const { start, count } = pageToStartAndCount(page, ACTIVITY_PUB.COLLECTION_ITEMS_PER_PAGE) | 59 | const { start, count } = pageToStartAndCount(page, ACTIVITY_PUB.COLLECTION_ITEMS_PER_PAGE) |
60 | 60 | ||
61 | const result = await db.Account.listFollowingUrlsForApi(account.id, start, count) | 61 | const result = await db.Account.listAcceptedFollowingUrlsForApi(account.id, start, count) |
62 | const activityPubResult = activityPubCollectionPagination(req.url, page, result) | 62 | const activityPubResult = activityPubCollectionPagination(req.url, page, result) |
63 | 63 | ||
64 | return res.json(activityPubResult) | 64 | return res.json(activityPubResult) |
diff --git a/server/controllers/api/pods.ts b/server/controllers/api/pods.ts index f662f1c03..2231a05fa 100644 --- a/server/controllers/api/pods.ts +++ b/server/controllers/api/pods.ts | |||
@@ -11,6 +11,9 @@ import { setFollowingSort } from '../../middlewares/sort' | |||
11 | import { followValidator } from '../../middlewares/validators/pods' | 11 | import { followValidator } from '../../middlewares/validators/pods' |
12 | import { followersSortValidator, followingSortValidator } from '../../middlewares/validators/sort' | 12 | import { followersSortValidator, followingSortValidator } from '../../middlewares/validators/sort' |
13 | import { sendFollow } from '../../lib/activitypub/send-request' | 13 | import { sendFollow } from '../../lib/activitypub/send-request' |
14 | import { authenticate } from '../../middlewares/oauth' | ||
15 | import { ensureUserHasRight } from '../../middlewares/user-right' | ||
16 | import { UserRight } from '../../../shared/models/users/user-right.enum' | ||
14 | 17 | ||
15 | const podsRouter = express.Router() | 18 | const podsRouter = express.Router() |
16 | 19 | ||
@@ -23,6 +26,8 @@ podsRouter.get('/following', | |||
23 | ) | 26 | ) |
24 | 27 | ||
25 | podsRouter.post('/follow', | 28 | podsRouter.post('/follow', |
29 | authenticate, | ||
30 | ensureUserHasRight(UserRight.MANAGE_PEERTUBE_FOLLOW), | ||
26 | followValidator, | 31 | followValidator, |
27 | setBodyHostsPort, | 32 | setBodyHostsPort, |
28 | asyncMiddleware(follow) | 33 | asyncMiddleware(follow) |
diff --git a/server/lib/activitypub/send-request.ts b/server/lib/activitypub/send-request.ts index e6ef5f37a..c18a69784 100644 --- a/server/lib/activitypub/send-request.ts +++ b/server/lib/activitypub/send-request.ts | |||
@@ -85,7 +85,7 @@ export { | |||
85 | // --------------------------------------------------------------------------- | 85 | // --------------------------------------------------------------------------- |
86 | 86 | ||
87 | async function broadcastToFollowers (data: any, fromAccount: AccountInstance, t: Sequelize.Transaction) { | 87 | async function broadcastToFollowers (data: any, fromAccount: AccountInstance, t: Sequelize.Transaction) { |
88 | const result = await db.Account.listFollowerUrlsForApi(fromAccount.id, 0) | 88 | const result = await db.Account.listAcceptedFollowerUrlsForApi(fromAccount.id, 0) |
89 | 89 | ||
90 | const jobPayload = { | 90 | const jobPayload = { |
91 | uris: result.data, | 91 | uris: result.data, |
diff --git a/server/models/account/account-interface.ts b/server/models/account/account-interface.ts index 73701f233..2468dc6e1 100644 --- a/server/models/account/account-interface.ts +++ b/server/models/account/account-interface.ts | |||
@@ -14,8 +14,8 @@ export namespace AccountMethods { | |||
14 | export type LoadAccountByPodAndUUID = (uuid: string, podId: number, transaction: Sequelize.Transaction) => Bluebird<AccountInstance> | 14 | export type LoadAccountByPodAndUUID = (uuid: string, podId: number, transaction: Sequelize.Transaction) => Bluebird<AccountInstance> |
15 | export type LoadLocalAccountByNameAndPod = (name: string, host: string) => Bluebird<AccountInstance> | 15 | export type LoadLocalAccountByNameAndPod = (name: string, host: string) => Bluebird<AccountInstance> |
16 | export type ListOwned = () => Bluebird<AccountInstance[]> | 16 | export type ListOwned = () => Bluebird<AccountInstance[]> |
17 | export type ListFollowerUrlsForApi = (id: number, start: number, count?: number) => Promise< ResultList<string> > | 17 | export type ListAcceptedFollowerUrlsForApi = (id: number, start: number, count?: number) => Promise< ResultList<string> > |
18 | export type ListFollowingUrlsForApi = (id: number, start: number, count?: number) => Promise< ResultList<string> > | 18 | export type ListAcceptedFollowingUrlsForApi = (id: number, start: number, count?: number) => Promise< ResultList<string> > |
19 | export type ListFollowingForApi = (id: number, start: number, count: number, sort: string) => Bluebird< ResultList<AccountInstance> > | 19 | export type ListFollowingForApi = (id: number, start: number, count: number, sort: string) => Bluebird< ResultList<AccountInstance> > |
20 | export type ListFollowersForApi = (id: number, start: number, count: number, sort: string) => Bluebird< ResultList<AccountInstance> > | 20 | export type ListFollowersForApi = (id: number, start: number, count: number, sort: string) => Bluebird< ResultList<AccountInstance> > |
21 | 21 | ||
@@ -36,8 +36,8 @@ export interface AccountClass { | |||
36 | loadByUrl: AccountMethods.LoadByUrl | 36 | loadByUrl: AccountMethods.LoadByUrl |
37 | loadLocalAccountByNameAndPod: AccountMethods.LoadLocalAccountByNameAndPod | 37 | loadLocalAccountByNameAndPod: AccountMethods.LoadLocalAccountByNameAndPod |
38 | listOwned: AccountMethods.ListOwned | 38 | listOwned: AccountMethods.ListOwned |
39 | listFollowerUrlsForApi: AccountMethods.ListFollowerUrlsForApi | 39 | listAcceptedFollowerUrlsForApi: AccountMethods.ListAcceptedFollowerUrlsForApi |
40 | listFollowingUrlsForApi: AccountMethods.ListFollowingUrlsForApi | 40 | listAcceptedFollowingUrlsForApi: AccountMethods.ListAcceptedFollowingUrlsForApi |
41 | listFollowingForApi: AccountMethods.ListFollowingForApi | 41 | listFollowingForApi: AccountMethods.ListFollowingForApi |
42 | listFollowersForApi: AccountMethods.ListFollowersForApi | 42 | listFollowersForApi: AccountMethods.ListFollowersForApi |
43 | } | 43 | } |
diff --git a/server/models/account/account.ts b/server/models/account/account.ts index 7ce97b2fd..6ef29c8b7 100644 --- a/server/models/account/account.ts +++ b/server/models/account/account.ts | |||
@@ -33,8 +33,8 @@ let loadByUUID: AccountMethods.LoadByUUID | |||
33 | let loadByUrl: AccountMethods.LoadByUrl | 33 | let loadByUrl: AccountMethods.LoadByUrl |
34 | let loadLocalAccountByNameAndPod: AccountMethods.LoadLocalAccountByNameAndPod | 34 | let loadLocalAccountByNameAndPod: AccountMethods.LoadLocalAccountByNameAndPod |
35 | let listOwned: AccountMethods.ListOwned | 35 | let listOwned: AccountMethods.ListOwned |
36 | let listFollowerUrlsForApi: AccountMethods.ListFollowerUrlsForApi | 36 | let listAcceptedFollowerUrlsForApi: AccountMethods.ListAcceptedFollowerUrlsForApi |
37 | let listFollowingUrlsForApi: AccountMethods.ListFollowingUrlsForApi | 37 | let listAcceptedFollowingUrlsForApi: AccountMethods.ListAcceptedFollowingUrlsForApi |
38 | let listFollowingForApi: AccountMethods.ListFollowingForApi | 38 | let listFollowingForApi: AccountMethods.ListFollowingForApi |
39 | let listFollowersForApi: AccountMethods.ListFollowersForApi | 39 | let listFollowersForApi: AccountMethods.ListFollowersForApi |
40 | let isOwned: AccountMethods.IsOwned | 40 | let isOwned: AccountMethods.IsOwned |
@@ -201,8 +201,8 @@ export default function defineAccount (sequelize: Sequelize.Sequelize, DataTypes | |||
201 | loadByUrl, | 201 | loadByUrl, |
202 | loadLocalAccountByNameAndPod, | 202 | loadLocalAccountByNameAndPod, |
203 | listOwned, | 203 | listOwned, |
204 | listFollowerUrlsForApi, | 204 | listAcceptedFollowerUrlsForApi, |
205 | listFollowingUrlsForApi, | 205 | listAcceptedFollowingUrlsForApi, |
206 | listFollowingForApi, | 206 | listFollowingForApi, |
207 | listFollowersForApi | 207 | listFollowersForApi |
208 | ] | 208 | ] |
@@ -365,12 +365,12 @@ listOwned = function () { | |||
365 | return Account.findAll(query) | 365 | return Account.findAll(query) |
366 | } | 366 | } |
367 | 367 | ||
368 | listFollowerUrlsForApi = function (id: number, start: number, count?: number) { | 368 | listAcceptedFollowerUrlsForApi = function (id: number, start: number, count?: number) { |
369 | return createListFollowForApiQuery('followers', id, start, count) | 369 | return createListAcceptedFollowForApiQuery('followers', id, start, count) |
370 | } | 370 | } |
371 | 371 | ||
372 | listFollowingUrlsForApi = function (id: number, start: number, count?: number) { | 372 | listAcceptedFollowingUrlsForApi = function (id: number, start: number, count?: number) { |
373 | return createListFollowForApiQuery('following', id, start, count) | 373 | return createListAcceptedFollowForApiQuery('following', id, start, count) |
374 | } | 374 | } |
375 | 375 | ||
376 | listFollowingForApi = function (id: number, start: number, count: number, sort: string) { | 376 | listFollowingForApi = function (id: number, start: number, count: number, sort: string) { |
@@ -506,7 +506,7 @@ loadAccountByPodAndUUID = function (uuid: string, podId: number, transaction: Se | |||
506 | 506 | ||
507 | // ------------------------------ UTILS ------------------------------ | 507 | // ------------------------------ UTILS ------------------------------ |
508 | 508 | ||
509 | async function createListFollowForApiQuery (type: 'followers' | 'following', id: number, start: number, count?: number) { | 509 | async function createListAcceptedFollowForApiQuery (type: 'followers' | 'following', id: number, start: number, count?: number) { |
510 | let firstJoin: string | 510 | let firstJoin: string |
511 | let secondJoin: string | 511 | let secondJoin: string |
512 | 512 | ||
@@ -525,7 +525,7 @@ async function createListFollowForApiQuery (type: 'followers' | 'following', id: | |||
525 | let query = 'SELECT ' + selection + ' FROM "Account" ' + | 525 | let query = 'SELECT ' + selection + ' FROM "Account" ' + |
526 | 'INNER JOIN "AccountFollower" ON "AccountFollower"."' + firstJoin + '" = "Account"."id" ' + | 526 | 'INNER JOIN "AccountFollower" ON "AccountFollower"."' + firstJoin + '" = "Account"."id" ' + |
527 | 'INNER JOIN "Account" AS "Follows" ON "Followers"."id" = "Follows"."' + secondJoin + '" ' + | 527 | 'INNER JOIN "Account" AS "Follows" ON "Followers"."id" = "Follows"."' + secondJoin + '" ' + |
528 | 'WHERE "Account"."id" = $id ' + | 528 | 'WHERE "Account"."id" = $id AND "AccountFollower"."state" = \'accepted\' ' + |
529 | 'LIMIT ' + start | 529 | 'LIMIT ' + start |
530 | 530 | ||
531 | if (count !== undefined) query += ', ' + count | 531 | if (count !== undefined) query += ', ' + count |
diff --git a/shared/models/users/user-right.enum.ts b/shared/models/users/user-right.enum.ts index c8c710450..9d5ebbb16 100644 --- a/shared/models/users/user-right.enum.ts +++ b/shared/models/users/user-right.enum.ts | |||
@@ -1,9 +1,8 @@ | |||
1 | export enum UserRight { | 1 | export enum UserRight { |
2 | ALL, | 2 | ALL, |
3 | MANAGE_USERS, | 3 | MANAGE_USERS, |
4 | MANAGE_PODS, | 4 | MANAGE_PEERTUBE_FOLLOW, |
5 | MANAGE_VIDEO_ABUSES, | 5 | MANAGE_VIDEO_ABUSES, |
6 | MANAGE_REQUEST_SCHEDULERS, | ||
7 | MANAGE_VIDEO_BLACKLIST, | 6 | MANAGE_VIDEO_BLACKLIST, |
8 | REMOVE_ANY_VIDEO, | 7 | REMOVE_ANY_VIDEO, |
9 | REMOVE_ANY_VIDEO_CHANNEL, | 8 | REMOVE_ANY_VIDEO_CHANNEL, |