diff options
Diffstat (limited to 'server/controllers/api/abuse.ts')
-rw-r--r-- | server/controllers/api/abuse.ts | 81 |
1 files changed, 74 insertions, 7 deletions
diff --git a/server/controllers/api/abuse.ts b/server/controllers/api/abuse.ts index 04a0c06e3..50d068157 100644 --- a/server/controllers/api/abuse.ts +++ b/server/controllers/api/abuse.ts | |||
@@ -1,20 +1,24 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import { createAccountAbuse, createVideoAbuse, createVideoCommentAbuse } from '@server/lib/moderation' | 2 | import { createAccountAbuse, createVideoAbuse, createVideoCommentAbuse } from '@server/lib/moderation' |
3 | import { AbuseModel } from '@server/models/abuse/abuse' | 3 | import { AbuseModel } from '@server/models/abuse/abuse' |
4 | import { AbuseMessageModel } from '@server/models/abuse/abuse-message' | ||
4 | import { getServerActor } from '@server/models/application/application' | 5 | import { getServerActor } from '@server/models/application/application' |
5 | import { AbuseCreate, abusePredefinedReasonsMap, AbuseState, UserRight } from '../../../shared' | 6 | import { AbuseCreate, abusePredefinedReasonsMap, AbuseState, UserRight } from '../../../shared' |
6 | import { getFormattedObjects } from '../../helpers/utils' | 7 | import { getFormattedObjects } from '../../helpers/utils' |
7 | import { sequelizeTypescript } from '../../initializers/database' | 8 | import { sequelizeTypescript } from '../../initializers/database' |
8 | import { | 9 | import { |
9 | abuseGetValidator, | 10 | abuseGetValidator, |
10 | abuseListValidator, | 11 | abuseListForAdminsValidator, |
11 | abuseReportValidator, | 12 | abuseReportValidator, |
12 | abusesSortValidator, | 13 | abusesSortValidator, |
13 | abuseUpdateValidator, | 14 | abuseUpdateValidator, |
15 | addAbuseMessageValidator, | ||
14 | asyncMiddleware, | 16 | asyncMiddleware, |
15 | asyncRetryTransactionMiddleware, | 17 | asyncRetryTransactionMiddleware, |
16 | authenticate, | 18 | authenticate, |
19 | deleteAbuseMessageValidator, | ||
17 | ensureUserHasRight, | 20 | ensureUserHasRight, |
21 | getAbuseValidator, | ||
18 | paginationValidator, | 22 | paginationValidator, |
19 | setDefaultPagination, | 23 | setDefaultPagination, |
20 | setDefaultSort | 24 | setDefaultSort |
@@ -30,8 +34,8 @@ abuseRouter.get('/', | |||
30 | abusesSortValidator, | 34 | abusesSortValidator, |
31 | setDefaultSort, | 35 | setDefaultSort, |
32 | setDefaultPagination, | 36 | setDefaultPagination, |
33 | abuseListValidator, | 37 | abuseListForAdminsValidator, |
34 | asyncMiddleware(listAbuses) | 38 | asyncMiddleware(listAbusesForAdmins) |
35 | ) | 39 | ) |
36 | abuseRouter.put('/:id', | 40 | abuseRouter.put('/:id', |
37 | authenticate, | 41 | authenticate, |
@@ -51,13 +55,33 @@ abuseRouter.delete('/:id', | |||
51 | asyncRetryTransactionMiddleware(deleteAbuse) | 55 | asyncRetryTransactionMiddleware(deleteAbuse) |
52 | ) | 56 | ) |
53 | 57 | ||
58 | abuseRouter.get('/:id/messages', | ||
59 | authenticate, | ||
60 | asyncMiddleware(getAbuseValidator), | ||
61 | asyncRetryTransactionMiddleware(listAbuseMessages) | ||
62 | ) | ||
63 | |||
64 | abuseRouter.post('/:id/messages', | ||
65 | authenticate, | ||
66 | asyncMiddleware(getAbuseValidator), | ||
67 | addAbuseMessageValidator, | ||
68 | asyncRetryTransactionMiddleware(addAbuseMessage) | ||
69 | ) | ||
70 | |||
71 | abuseRouter.delete('/:id/messages/:messageId', | ||
72 | authenticate, | ||
73 | asyncMiddleware(getAbuseValidator), | ||
74 | asyncMiddleware(deleteAbuseMessageValidator), | ||
75 | asyncRetryTransactionMiddleware(deleteAbuseMessage) | ||
76 | ) | ||
77 | |||
54 | // --------------------------------------------------------------------------- | 78 | // --------------------------------------------------------------------------- |
55 | 79 | ||
56 | export { | 80 | export { |
57 | abuseRouter, | 81 | abuseRouter, |
58 | 82 | ||
59 | // FIXME: deprecated in 2.3. Remove these exports | 83 | // FIXME: deprecated in 2.3. Remove these exports |
60 | listAbuses, | 84 | listAbusesForAdmins, |
61 | updateAbuse, | 85 | updateAbuse, |
62 | deleteAbuse, | 86 | deleteAbuse, |
63 | reportAbuse | 87 | reportAbuse |
@@ -65,11 +89,11 @@ export { | |||
65 | 89 | ||
66 | // --------------------------------------------------------------------------- | 90 | // --------------------------------------------------------------------------- |
67 | 91 | ||
68 | async function listAbuses (req: express.Request, res: express.Response) { | 92 | async function listAbusesForAdmins (req: express.Request, res: express.Response) { |
69 | const user = res.locals.oauth.token.user | 93 | const user = res.locals.oauth.token.user |
70 | const serverActor = await getServerActor() | 94 | const serverActor = await getServerActor() |
71 | 95 | ||
72 | const resultList = await AbuseModel.listForApi({ | 96 | const resultList = await AbuseModel.listForAdminApi({ |
73 | start: req.query.start, | 97 | start: req.query.start, |
74 | count: req.query.count, | 98 | count: req.query.count, |
75 | sort: req.query.sort, | 99 | sort: req.query.sort, |
@@ -87,7 +111,10 @@ async function listAbuses (req: express.Request, res: express.Response) { | |||
87 | user | 111 | user |
88 | }) | 112 | }) |
89 | 113 | ||
90 | return res.json(getFormattedObjects(resultList.data, resultList.total)) | 114 | return res.json({ |
115 | total: resultList.total, | ||
116 | data: resultList.data.map(d => d.toFormattedAdminJSON()) | ||
117 | }) | ||
91 | } | 118 | } |
92 | 119 | ||
93 | async function updateAbuse (req: express.Request, res: express.Response) { | 120 | async function updateAbuse (req: express.Request, res: express.Response) { |
@@ -100,6 +127,8 @@ async function updateAbuse (req: express.Request, res: express.Response) { | |||
100 | return abuse.save({ transaction: t }) | 127 | return abuse.save({ transaction: t }) |
101 | }) | 128 | }) |
102 | 129 | ||
130 | // TODO: Notification | ||
131 | |||
103 | // Do not send the delete to other instances, we updated OUR copy of this abuse | 132 | // Do not send the delete to other instances, we updated OUR copy of this abuse |
104 | 133 | ||
105 | return res.type('json').status(204).end() | 134 | return res.type('json').status(204).end() |
@@ -166,3 +195,41 @@ async function reportAbuse (req: express.Request, res: express.Response) { | |||
166 | 195 | ||
167 | return res.json({ abuse: { id } }) | 196 | return res.json({ abuse: { id } }) |
168 | } | 197 | } |
198 | |||
199 | async function listAbuseMessages (req: express.Request, res: express.Response) { | ||
200 | const abuse = res.locals.abuse | ||
201 | |||
202 | const resultList = await AbuseMessageModel.listForApi(abuse.id) | ||
203 | |||
204 | return res.json(getFormattedObjects(resultList.data, resultList.total)) | ||
205 | } | ||
206 | |||
207 | async function addAbuseMessage (req: express.Request, res: express.Response) { | ||
208 | const abuse = res.locals.abuse | ||
209 | const user = res.locals.oauth.token.user | ||
210 | |||
211 | const abuseMessage = await AbuseMessageModel.create({ | ||
212 | message: req.body.message, | ||
213 | byModerator: abuse.reporterAccountId !== user.Account.id, | ||
214 | accountId: user.Account.id, | ||
215 | abuseId: abuse.id | ||
216 | }) | ||
217 | |||
218 | // TODO: Notification | ||
219 | |||
220 | return res.json({ | ||
221 | abuseMessage: { | ||
222 | id: abuseMessage.id | ||
223 | } | ||
224 | }) | ||
225 | } | ||
226 | |||
227 | async function deleteAbuseMessage (req: express.Request, res: express.Response) { | ||
228 | const abuseMessage = res.locals.abuseMessage | ||
229 | |||
230 | await sequelizeTypescript.transaction(t => { | ||
231 | return abuseMessage.destroy({ transaction: t }) | ||
232 | }) | ||
233 | |||
234 | return res.sendStatus(204) | ||
235 | } | ||