diff options
| -rw-r--r-- | client/package.json | 2 | ||||
| -rw-r--r-- | client/yarn.lock | 12 | ||||
| -rw-r--r-- | package.json | 2 | ||||
| -rw-r--r-- | server/controllers/api/videos/upload.ts | 5 | ||||
| -rw-r--r-- | server/lib/uploadx.ts | 8 | ||||
| -rw-r--r-- | server/middlewares/validators/videos/videos.ts | 17 | ||||
| -rw-r--r-- | yarn.lock | 8 |
7 files changed, 19 insertions, 35 deletions
diff --git a/client/package.json b/client/package.json index b8a737c5c..478558ada 100644 --- a/client/package.json +++ b/client/package.json | |||
| @@ -108,7 +108,7 @@ | |||
| 108 | "lodash-es": "^4.17.4", | 108 | "lodash-es": "^4.17.4", |
| 109 | "markdown-it": "12.3.2", | 109 | "markdown-it": "12.3.2", |
| 110 | "mini-css-extract-plugin": "^2.2.0", | 110 | "mini-css-extract-plugin": "^2.2.0", |
| 111 | "ngx-uploadx": "^4.1.0", | 111 | "ngx-uploadx": "^5.0.0", |
| 112 | "path-browserify": "^1.0.0", | 112 | "path-browserify": "^1.0.0", |
| 113 | "postcss": "^8.3.11", | 113 | "postcss": "^8.3.11", |
| 114 | "primeng": "^13.0.0-rc.1", | 114 | "primeng": "^13.0.0-rc.1", |
diff --git a/client/yarn.lock b/client/yarn.lock index 68abb6e36..c2593c376 100644 --- a/client/yarn.lock +++ b/client/yarn.lock | |||
| @@ -8237,12 +8237,12 @@ next-event@^1.0.0: | |||
| 8237 | resolved "https://registry.yarnpkg.com/next-event/-/next-event-1.0.0.tgz#e7778acde2e55802e0ad1879c39cf6f75eda61d8" | 8237 | resolved "https://registry.yarnpkg.com/next-event/-/next-event-1.0.0.tgz#e7778acde2e55802e0ad1879c39cf6f75eda61d8" |
| 8238 | integrity sha1-53eKzeLlWALgrRh5w5z2917aYdg= | 8238 | integrity sha1-53eKzeLlWALgrRh5w5z2917aYdg= |
| 8239 | 8239 | ||
| 8240 | ngx-uploadx@^4.1.0: | 8240 | ngx-uploadx@^5.0.0: |
| 8241 | version "4.1.5" | 8241 | version "5.0.0" |
| 8242 | resolved "https://registry.yarnpkg.com/ngx-uploadx/-/ngx-uploadx-4.1.5.tgz#6ea4e5db203d23185e44f41e71935906cce0d433" | 8242 | resolved "https://registry.yarnpkg.com/ngx-uploadx/-/ngx-uploadx-5.0.0.tgz#f88d13ec281ae3b418179d40cf3c8ab68305f2df" |
| 8243 | integrity sha512-59uyAKMampdOOBWQQknEbALEl8+TvD8bkQ13O7deerP8+CkLtx7z1MyqxGLmgbhBrgsTjBlmnjzAt21vTSWFGA== | 8243 | integrity sha512-6+6hndxLmfJNOgYn/NIuZAHVZEFtp2bdZ3L9c+E6ryoNviKdwHf3brmW833/qmYtqP2hioA8EEfbHko/1IIE2Q== |
| 8244 | dependencies: | 8244 | dependencies: |
| 8245 | tslib "^1.9.0" | 8245 | tslib "^2.2.0" |
| 8246 | 8246 | ||
| 8247 | nice-napi@^1.0.2: | 8247 | nice-napi@^1.0.2: |
| 8248 | version "1.0.2" | 8248 | version "1.0.2" |
| @@ -11441,7 +11441,7 @@ tsconfig-paths@^3.12.0: | |||
| 11441 | minimist "^1.2.0" | 11441 | minimist "^1.2.0" |
| 11442 | strip-bom "^3.0.0" | 11442 | strip-bom "^3.0.0" |
| 11443 | 11443 | ||
| 11444 | tslib@2.3.1, tslib@^2.0.0, tslib@^2.0.1, tslib@^2.0.3, tslib@^2.1.0, tslib@^2.3.0, tslib@^2.3.1: | 11444 | tslib@2.3.1, tslib@^2.0.0, tslib@^2.0.1, tslib@^2.0.3, tslib@^2.1.0, tslib@^2.2.0, tslib@^2.3.0, tslib@^2.3.1: |
| 11445 | version "2.3.1" | 11445 | version "2.3.1" |
| 11446 | resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.3.1.tgz#e8a335add5ceae51aa261d32a490158ef042ef01" | 11446 | resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.3.1.tgz#e8a335add5ceae51aa261d32a490158ef042ef01" |
| 11447 | integrity sha512-77EbyPPpMz+FRFRuAFlWMtmgUWGe9UOG2Z25NqCwiIjRhOf5iKGuzSe5P2w1laq+FkRy4p+PCuVkJSGkzTEKVw== | 11447 | integrity sha512-77EbyPPpMz+FRFRuAFlWMtmgUWGe9UOG2Z25NqCwiIjRhOf5iKGuzSe5P2w1laq+FkRy4p+PCuVkJSGkzTEKVw== |
diff --git a/package.json b/package.json index 80d60cf15..784b69aba 100644 --- a/package.json +++ b/package.json | |||
| @@ -80,7 +80,7 @@ | |||
| 80 | "@aws-sdk/client-s3": "^3.23.0", | 80 | "@aws-sdk/client-s3": "^3.23.0", |
| 81 | "@babel/parser": "7.16.8", | 81 | "@babel/parser": "7.16.8", |
| 82 | "@peertube/http-signature": "^1.4.0", | 82 | "@peertube/http-signature": "^1.4.0", |
| 83 | "@uploadx/core": "^4.4.0", | 83 | "@uploadx/core": "^5.0.0", |
| 84 | "async": "^3.0.1", | 84 | "async": "^3.0.1", |
| 85 | "async-lru": "^1.1.1", | 85 | "async-lru": "^1.1.1", |
| 86 | "bcrypt": "5.0.1", | 86 | "bcrypt": "5.0.1", |
diff --git a/server/controllers/api/videos/upload.ts b/server/controllers/api/videos/upload.ts index 89787f20b..fd90d9915 100644 --- a/server/controllers/api/videos/upload.ts +++ b/server/controllers/api/videos/upload.ts | |||
| @@ -40,8 +40,7 @@ import { | |||
| 40 | authenticate, | 40 | authenticate, |
| 41 | videosAddLegacyValidator, | 41 | videosAddLegacyValidator, |
| 42 | videosAddResumableInitValidator, | 42 | videosAddResumableInitValidator, |
| 43 | videosAddResumableValidator, | 43 | videosAddResumableValidator |
| 44 | videosResumableUploadIdValidator | ||
| 45 | } from '../../../middlewares' | 44 | } from '../../../middlewares' |
| 46 | import { ScheduleVideoUpdateModel } from '../../../models/video/schedule-video-update' | 45 | import { ScheduleVideoUpdateModel } from '../../../models/video/schedule-video-update' |
| 47 | import { VideoModel } from '../../../models/video/video' | 46 | import { VideoModel } from '../../../models/video/video' |
| @@ -88,7 +87,6 @@ uploadRouter.post('/upload-resumable', | |||
| 88 | 87 | ||
| 89 | uploadRouter.delete('/upload-resumable', | 88 | uploadRouter.delete('/upload-resumable', |
| 90 | authenticate, | 89 | authenticate, |
| 91 | videosResumableUploadIdValidator, | ||
| 92 | asyncMiddleware(deleteUploadResumableCache), | 90 | asyncMiddleware(deleteUploadResumableCache), |
| 93 | uploadx.upload | 91 | uploadx.upload |
| 94 | ) | 92 | ) |
| @@ -96,7 +94,6 @@ uploadRouter.delete('/upload-resumable', | |||
| 96 | uploadRouter.put('/upload-resumable', | 94 | uploadRouter.put('/upload-resumable', |
| 97 | openapiOperationDoc({ operationId: 'uploadResumable' }), | 95 | openapiOperationDoc({ operationId: 'uploadResumable' }), |
| 98 | authenticate, | 96 | authenticate, |
| 99 | videosResumableUploadIdValidator, | ||
| 100 | uploadx.upload, // uploadx doesn't next() before the file upload completes | 97 | uploadx.upload, // uploadx doesn't next() before the file upload completes |
| 101 | asyncMiddleware(videosAddResumableValidator), | 98 | asyncMiddleware(videosAddResumableValidator), |
| 102 | asyncMiddleware(addVideoResumable) | 99 | asyncMiddleware(addVideoResumable) |
diff --git a/server/lib/uploadx.ts b/server/lib/uploadx.ts index 36f5a556c..34a4461f0 100644 --- a/server/lib/uploadx.ts +++ b/server/lib/uploadx.ts | |||
| @@ -5,9 +5,13 @@ import { Uploadx } from '@uploadx/core' | |||
| 5 | const uploadx = new Uploadx({ | 5 | const uploadx = new Uploadx({ |
| 6 | directory: getResumableUploadPath(), | 6 | directory: getResumableUploadPath(), |
| 7 | // Could be big with thumbnails/previews | 7 | // Could be big with thumbnails/previews |
| 8 | maxMetadataSize: '10MB' | 8 | maxMetadataSize: '10MB', |
| 9 | userIdentifier: (_, res: express.Response) => { | ||
| 10 | if (!res.locals.oauth) return undefined | ||
| 11 | |||
| 12 | return res.locals.oauth.token.user.id + '' | ||
| 13 | } | ||
| 9 | }) | 14 | }) |
| 10 | uploadx.getUserId = (_, res: express.Response) => res.locals.oauth?.token.user.id | ||
| 11 | 15 | ||
| 12 | export { | 16 | export { |
| 13 | uploadx | 17 | uploadx |
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts index 3a1a905f3..b3ffb7007 100644 --- a/server/middlewares/validators/videos/videos.ts +++ b/server/middlewares/validators/videos/videos.ts | |||
| @@ -102,22 +102,6 @@ const videosAddLegacyValidator = getCommonVideoEditAttributes().concat([ | |||
| 102 | } | 102 | } |
| 103 | ]) | 103 | ]) |
| 104 | 104 | ||
| 105 | const videosResumableUploadIdValidator = [ | ||
| 106 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
| 107 | const user = res.locals.oauth.token.User | ||
| 108 | const uploadId = req.query.upload_id | ||
| 109 | |||
| 110 | if (uploadId.startsWith(user.id + '-') !== true) { | ||
| 111 | return res.fail({ | ||
| 112 | status: HttpStatusCode.FORBIDDEN_403, | ||
| 113 | message: 'You cannot send chunks in another user upload' | ||
| 114 | }) | ||
| 115 | } | ||
| 116 | |||
| 117 | return next() | ||
| 118 | } | ||
| 119 | ] | ||
| 120 | |||
| 121 | /** | 105 | /** |
| 122 | * Gets called after the last PUT request | 106 | * Gets called after the last PUT request |
| 123 | */ | 107 | */ |
| @@ -566,7 +550,6 @@ export { | |||
| 566 | videosAddLegacyValidator, | 550 | videosAddLegacyValidator, |
| 567 | videosAddResumableValidator, | 551 | videosAddResumableValidator, |
| 568 | videosAddResumableInitValidator, | 552 | videosAddResumableInitValidator, |
| 569 | videosResumableUploadIdValidator, | ||
| 570 | 553 | ||
| 571 | videosUpdateValidator, | 554 | videosUpdateValidator, |
| 572 | videosGetValidator, | 555 | videosGetValidator, |
| @@ -2040,10 +2040,10 @@ | |||
| 2040 | resolved "https://registry.yarnpkg.com/@ungap/promise-all-settled/-/promise-all-settled-1.1.2.tgz#aa58042711d6e3275dd37dc597e5d31e8c290a44" | 2040 | resolved "https://registry.yarnpkg.com/@ungap/promise-all-settled/-/promise-all-settled-1.1.2.tgz#aa58042711d6e3275dd37dc597e5d31e8c290a44" |
| 2041 | integrity sha512-sL/cEvJWAnClXw0wHk85/2L0G6Sj8UB0Ctc1TEMbKSsmpRosqhwj9gWgFRZSrBr2f9tiXISwNhCPmlfqUqyb9Q== | 2041 | integrity sha512-sL/cEvJWAnClXw0wHk85/2L0G6Sj8UB0Ctc1TEMbKSsmpRosqhwj9gWgFRZSrBr2f9tiXISwNhCPmlfqUqyb9Q== |
| 2042 | 2042 | ||
| 2043 | "@uploadx/core@^4.4.0": | 2043 | "@uploadx/core@^5.0.0": |
| 2044 | version "4.5.0" | 2044 | version "5.0.0" |
| 2045 | resolved "https://registry.yarnpkg.com/@uploadx/core/-/core-4.5.0.tgz#4575858a692c482becb579f283158eca8db4a32a" | 2045 | resolved "https://registry.yarnpkg.com/@uploadx/core/-/core-5.0.0.tgz#6d71683f67064a9223b9c1d0707991b618145375" |
| 2046 | integrity sha512-PQjEqU1zC4h9yjLt25dj9t+pixxaSiO0RG4hP4FS5P2tFA1oXGaDt23H4q1JJRHavgOTff6PJVR5aH1Bhc9wpQ== | 2046 | integrity sha512-7tHQt2TLzU1CfhOk3Nw5A+D+0nqrRuJPzJcCVrpbdvjwwmUvs5Wf623rwEqtLOBznDMevHxO/kXFw/jYXt3Vmg== |
| 2047 | dependencies: | 2047 | dependencies: |
| 2048 | bytes "^3.1.0" | 2048 | bytes "^3.1.0" |
| 2049 | debug "^4.3.1" | 2049 | debug "^4.3.1" |