diff options
Diffstat (limited to 'server/controllers/api')
-rw-r--r-- | server/controllers/api/abuse.ts | 81 | ||||
-rw-r--r-- | server/controllers/api/users/index.ts | 26 | ||||
-rw-r--r-- | server/controllers/api/users/my-abuses.ts | 48 | ||||
-rw-r--r-- | server/controllers/api/videos/abuse.ts | 8 |
4 files changed, 141 insertions, 22 deletions
diff --git a/server/controllers/api/abuse.ts b/server/controllers/api/abuse.ts index 04a0c06e3..50d068157 100644 --- a/server/controllers/api/abuse.ts +++ b/server/controllers/api/abuse.ts | |||
@@ -1,20 +1,24 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import { createAccountAbuse, createVideoAbuse, createVideoCommentAbuse } from '@server/lib/moderation' | 2 | import { createAccountAbuse, createVideoAbuse, createVideoCommentAbuse } from '@server/lib/moderation' |
3 | import { AbuseModel } from '@server/models/abuse/abuse' | 3 | import { AbuseModel } from '@server/models/abuse/abuse' |
4 | import { AbuseMessageModel } from '@server/models/abuse/abuse-message' | ||
4 | import { getServerActor } from '@server/models/application/application' | 5 | import { getServerActor } from '@server/models/application/application' |
5 | import { AbuseCreate, abusePredefinedReasonsMap, AbuseState, UserRight } from '../../../shared' | 6 | import { AbuseCreate, abusePredefinedReasonsMap, AbuseState, UserRight } from '../../../shared' |
6 | import { getFormattedObjects } from '../../helpers/utils' | 7 | import { getFormattedObjects } from '../../helpers/utils' |
7 | import { sequelizeTypescript } from '../../initializers/database' | 8 | import { sequelizeTypescript } from '../../initializers/database' |
8 | import { | 9 | import { |
9 | abuseGetValidator, | 10 | abuseGetValidator, |
10 | abuseListValidator, | 11 | abuseListForAdminsValidator, |
11 | abuseReportValidator, | 12 | abuseReportValidator, |
12 | abusesSortValidator, | 13 | abusesSortValidator, |
13 | abuseUpdateValidator, | 14 | abuseUpdateValidator, |
15 | addAbuseMessageValidator, | ||
14 | asyncMiddleware, | 16 | asyncMiddleware, |
15 | asyncRetryTransactionMiddleware, | 17 | asyncRetryTransactionMiddleware, |
16 | authenticate, | 18 | authenticate, |
19 | deleteAbuseMessageValidator, | ||
17 | ensureUserHasRight, | 20 | ensureUserHasRight, |
21 | getAbuseValidator, | ||
18 | paginationValidator, | 22 | paginationValidator, |
19 | setDefaultPagination, | 23 | setDefaultPagination, |
20 | setDefaultSort | 24 | setDefaultSort |
@@ -30,8 +34,8 @@ abuseRouter.get('/', | |||
30 | abusesSortValidator, | 34 | abusesSortValidator, |
31 | setDefaultSort, | 35 | setDefaultSort, |
32 | setDefaultPagination, | 36 | setDefaultPagination, |
33 | abuseListValidator, | 37 | abuseListForAdminsValidator, |
34 | asyncMiddleware(listAbuses) | 38 | asyncMiddleware(listAbusesForAdmins) |
35 | ) | 39 | ) |
36 | abuseRouter.put('/:id', | 40 | abuseRouter.put('/:id', |
37 | authenticate, | 41 | authenticate, |
@@ -51,13 +55,33 @@ abuseRouter.delete('/:id', | |||
51 | asyncRetryTransactionMiddleware(deleteAbuse) | 55 | asyncRetryTransactionMiddleware(deleteAbuse) |
52 | ) | 56 | ) |
53 | 57 | ||
58 | abuseRouter.get('/:id/messages', | ||
59 | authenticate, | ||
60 | asyncMiddleware(getAbuseValidator), | ||
61 | asyncRetryTransactionMiddleware(listAbuseMessages) | ||
62 | ) | ||
63 | |||
64 | abuseRouter.post('/:id/messages', | ||
65 | authenticate, | ||
66 | asyncMiddleware(getAbuseValidator), | ||
67 | addAbuseMessageValidator, | ||
68 | asyncRetryTransactionMiddleware(addAbuseMessage) | ||
69 | ) | ||
70 | |||
71 | abuseRouter.delete('/:id/messages/:messageId', | ||
72 | authenticate, | ||
73 | asyncMiddleware(getAbuseValidator), | ||
74 | asyncMiddleware(deleteAbuseMessageValidator), | ||
75 | asyncRetryTransactionMiddleware(deleteAbuseMessage) | ||
76 | ) | ||
77 | |||
54 | // --------------------------------------------------------------------------- | 78 | // --------------------------------------------------------------------------- |
55 | 79 | ||
56 | export { | 80 | export { |
57 | abuseRouter, | 81 | abuseRouter, |
58 | 82 | ||
59 | // FIXME: deprecated in 2.3. Remove these exports | 83 | // FIXME: deprecated in 2.3. Remove these exports |
60 | listAbuses, | 84 | listAbusesForAdmins, |
61 | updateAbuse, | 85 | updateAbuse, |
62 | deleteAbuse, | 86 | deleteAbuse, |
63 | reportAbuse | 87 | reportAbuse |
@@ -65,11 +89,11 @@ export { | |||
65 | 89 | ||
66 | // --------------------------------------------------------------------------- | 90 | // --------------------------------------------------------------------------- |
67 | 91 | ||
68 | async function listAbuses (req: express.Request, res: express.Response) { | 92 | async function listAbusesForAdmins (req: express.Request, res: express.Response) { |
69 | const user = res.locals.oauth.token.user | 93 | const user = res.locals.oauth.token.user |
70 | const serverActor = await getServerActor() | 94 | const serverActor = await getServerActor() |
71 | 95 | ||
72 | const resultList = await AbuseModel.listForApi({ | 96 | const resultList = await AbuseModel.listForAdminApi({ |
73 | start: req.query.start, | 97 | start: req.query.start, |
74 | count: req.query.count, | 98 | count: req.query.count, |
75 | sort: req.query.sort, | 99 | sort: req.query.sort, |
@@ -87,7 +111,10 @@ async function listAbuses (req: express.Request, res: express.Response) { | |||
87 | user | 111 | user |
88 | }) | 112 | }) |
89 | 113 | ||
90 | return res.json(getFormattedObjects(resultList.data, resultList.total)) | 114 | return res.json({ |
115 | total: resultList.total, | ||
116 | data: resultList.data.map(d => d.toFormattedAdminJSON()) | ||
117 | }) | ||
91 | } | 118 | } |
92 | 119 | ||
93 | async function updateAbuse (req: express.Request, res: express.Response) { | 120 | async function updateAbuse (req: express.Request, res: express.Response) { |
@@ -100,6 +127,8 @@ async function updateAbuse (req: express.Request, res: express.Response) { | |||
100 | return abuse.save({ transaction: t }) | 127 | return abuse.save({ transaction: t }) |
101 | }) | 128 | }) |
102 | 129 | ||
130 | // TODO: Notification | ||
131 | |||
103 | // Do not send the delete to other instances, we updated OUR copy of this abuse | 132 | // Do not send the delete to other instances, we updated OUR copy of this abuse |
104 | 133 | ||
105 | return res.type('json').status(204).end() | 134 | return res.type('json').status(204).end() |
@@ -166,3 +195,41 @@ async function reportAbuse (req: express.Request, res: express.Response) { | |||
166 | 195 | ||
167 | return res.json({ abuse: { id } }) | 196 | return res.json({ abuse: { id } }) |
168 | } | 197 | } |
198 | |||
199 | async function listAbuseMessages (req: express.Request, res: express.Response) { | ||
200 | const abuse = res.locals.abuse | ||
201 | |||
202 | const resultList = await AbuseMessageModel.listForApi(abuse.id) | ||
203 | |||
204 | return res.json(getFormattedObjects(resultList.data, resultList.total)) | ||
205 | } | ||
206 | |||
207 | async function addAbuseMessage (req: express.Request, res: express.Response) { | ||
208 | const abuse = res.locals.abuse | ||
209 | const user = res.locals.oauth.token.user | ||
210 | |||
211 | const abuseMessage = await AbuseMessageModel.create({ | ||
212 | message: req.body.message, | ||
213 | byModerator: abuse.reporterAccountId !== user.Account.id, | ||
214 | accountId: user.Account.id, | ||
215 | abuseId: abuse.id | ||
216 | }) | ||
217 | |||
218 | // TODO: Notification | ||
219 | |||
220 | return res.json({ | ||
221 | abuseMessage: { | ||
222 | id: abuseMessage.id | ||
223 | } | ||
224 | }) | ||
225 | } | ||
226 | |||
227 | async function deleteAbuseMessage (req: express.Request, res: express.Response) { | ||
228 | const abuseMessage = res.locals.abuseMessage | ||
229 | |||
230 | await sequelizeTypescript.transaction(t => { | ||
231 | return abuseMessage.destroy({ transaction: t }) | ||
232 | }) | ||
233 | |||
234 | return res.sendStatus(204) | ||
235 | } | ||
diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 5939f6125..d339c2a1c 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts | |||
@@ -1,10 +1,20 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import * as RateLimit from 'express-rate-limit' | 2 | import * as RateLimit from 'express-rate-limit' |
3 | import { tokensRouter } from '@server/controllers/api/users/token' | ||
4 | import { Hooks } from '@server/lib/plugins/hooks' | ||
5 | import { MUser, MUserAccountDefault } from '@server/types/models' | ||
3 | import { UserCreate, UserRight, UserRole, UserUpdate } from '../../../../shared' | 6 | import { UserCreate, UserRight, UserRole, UserUpdate } from '../../../../shared' |
7 | import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' | ||
8 | import { UserRegister } from '../../../../shared/models/users/user-register.model' | ||
9 | import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger' | ||
4 | import { logger } from '../../../helpers/logger' | 10 | import { logger } from '../../../helpers/logger' |
5 | import { generateRandomString, getFormattedObjects } from '../../../helpers/utils' | 11 | import { generateRandomString, getFormattedObjects } from '../../../helpers/utils' |
12 | import { CONFIG } from '../../../initializers/config' | ||
6 | import { WEBSERVER } from '../../../initializers/constants' | 13 | import { WEBSERVER } from '../../../initializers/constants' |
14 | import { sequelizeTypescript } from '../../../initializers/database' | ||
7 | import { Emailer } from '../../../lib/emailer' | 15 | import { Emailer } from '../../../lib/emailer' |
16 | import { Notifier } from '../../../lib/notifier' | ||
17 | import { deleteUserToken } from '../../../lib/oauth-model' | ||
8 | import { Redis } from '../../../lib/redis' | 18 | import { Redis } from '../../../lib/redis' |
9 | import { createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user' | 19 | import { createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user' |
10 | import { | 20 | import { |
@@ -18,9 +28,9 @@ import { | |||
18 | setDefaultPagination, | 28 | setDefaultPagination, |
19 | setDefaultSort, | 29 | setDefaultSort, |
20 | userAutocompleteValidator, | 30 | userAutocompleteValidator, |
21 | usersListValidator, | ||
22 | usersAddValidator, | 31 | usersAddValidator, |
23 | usersGetValidator, | 32 | usersGetValidator, |
33 | usersListValidator, | ||
24 | usersRegisterValidator, | 34 | usersRegisterValidator, |
25 | usersRemoveValidator, | 35 | usersRemoveValidator, |
26 | usersSortValidator, | 36 | usersSortValidator, |
@@ -35,22 +45,13 @@ import { | |||
35 | usersVerifyEmailValidator | 45 | usersVerifyEmailValidator |
36 | } from '../../../middlewares/validators' | 46 | } from '../../../middlewares/validators' |
37 | import { UserModel } from '../../../models/account/user' | 47 | import { UserModel } from '../../../models/account/user' |
38 | import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger' | ||
39 | import { meRouter } from './me' | 48 | import { meRouter } from './me' |
40 | import { deleteUserToken } from '../../../lib/oauth-model' | 49 | import { myAbusesRouter } from './my-abuses' |
41 | import { myBlocklistRouter } from './my-blocklist' | 50 | import { myBlocklistRouter } from './my-blocklist' |
42 | import { myVideoPlaylistsRouter } from './my-video-playlists' | ||
43 | import { myVideosHistoryRouter } from './my-history' | 51 | import { myVideosHistoryRouter } from './my-history' |
44 | import { myNotificationsRouter } from './my-notifications' | 52 | import { myNotificationsRouter } from './my-notifications' |
45 | import { Notifier } from '../../../lib/notifier' | ||
46 | import { mySubscriptionsRouter } from './my-subscriptions' | 53 | import { mySubscriptionsRouter } from './my-subscriptions' |
47 | import { CONFIG } from '../../../initializers/config' | 54 | import { myVideoPlaylistsRouter } from './my-video-playlists' |
48 | import { sequelizeTypescript } from '../../../initializers/database' | ||
49 | import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' | ||
50 | import { UserRegister } from '../../../../shared/models/users/user-register.model' | ||
51 | import { MUser, MUserAccountDefault } from '@server/types/models' | ||
52 | import { Hooks } from '@server/lib/plugins/hooks' | ||
53 | import { tokensRouter } from '@server/controllers/api/users/token' | ||
54 | 55 | ||
55 | const auditLogger = auditLoggerFactory('users') | 56 | const auditLogger = auditLoggerFactory('users') |
56 | 57 | ||
@@ -72,6 +73,7 @@ usersRouter.use('/', mySubscriptionsRouter) | |||
72 | usersRouter.use('/', myBlocklistRouter) | 73 | usersRouter.use('/', myBlocklistRouter) |
73 | usersRouter.use('/', myVideosHistoryRouter) | 74 | usersRouter.use('/', myVideosHistoryRouter) |
74 | usersRouter.use('/', myVideoPlaylistsRouter) | 75 | usersRouter.use('/', myVideoPlaylistsRouter) |
76 | usersRouter.use('/', myAbusesRouter) | ||
75 | usersRouter.use('/', meRouter) | 77 | usersRouter.use('/', meRouter) |
76 | 78 | ||
77 | usersRouter.get('/autocomplete', | 79 | usersRouter.get('/autocomplete', |
diff --git a/server/controllers/api/users/my-abuses.ts b/server/controllers/api/users/my-abuses.ts new file mode 100644 index 000000000..e43fc483e --- /dev/null +++ b/server/controllers/api/users/my-abuses.ts | |||
@@ -0,0 +1,48 @@ | |||
1 | import * as express from 'express' | ||
2 | import { AbuseModel } from '@server/models/abuse/abuse' | ||
3 | import { | ||
4 | abuseListForUserValidator, | ||
5 | abusesSortValidator, | ||
6 | asyncMiddleware, | ||
7 | authenticate, | ||
8 | paginationValidator, | ||
9 | setDefaultPagination, | ||
10 | setDefaultSort | ||
11 | } from '../../../middlewares' | ||
12 | |||
13 | const myAbusesRouter = express.Router() | ||
14 | |||
15 | myAbusesRouter.get('/me/abuses', | ||
16 | authenticate, | ||
17 | paginationValidator, | ||
18 | abusesSortValidator, | ||
19 | setDefaultSort, | ||
20 | setDefaultPagination, | ||
21 | abuseListForUserValidator, | ||
22 | asyncMiddleware(listMyAbuses) | ||
23 | ) | ||
24 | |||
25 | // --------------------------------------------------------------------------- | ||
26 | |||
27 | export { | ||
28 | myAbusesRouter | ||
29 | } | ||
30 | |||
31 | // --------------------------------------------------------------------------- | ||
32 | |||
33 | async function listMyAbuses (req: express.Request, res: express.Response) { | ||
34 | const resultList = await AbuseModel.listForUserApi({ | ||
35 | start: req.query.start, | ||
36 | count: req.query.count, | ||
37 | sort: req.query.sort, | ||
38 | id: req.query.id, | ||
39 | search: req.query.search, | ||
40 | state: req.query.state, | ||
41 | user: res.locals.oauth.token.User | ||
42 | }) | ||
43 | |||
44 | return res.json({ | ||
45 | total: resultList.total, | ||
46 | data: resultList.data.map(d => d.toFormattedAdminJSON()) | ||
47 | }) | ||
48 | } | ||
diff --git a/server/controllers/api/videos/abuse.ts b/server/controllers/api/videos/abuse.ts index b92a66360..9c4d00849 100644 --- a/server/controllers/api/videos/abuse.ts +++ b/server/controllers/api/videos/abuse.ts | |||
@@ -2,7 +2,6 @@ import * as express from 'express' | |||
2 | import { AbuseModel } from '@server/models/abuse/abuse' | 2 | import { AbuseModel } from '@server/models/abuse/abuse' |
3 | import { getServerActor } from '@server/models/application/application' | 3 | import { getServerActor } from '@server/models/application/application' |
4 | import { AbuseCreate, UserRight, VideoAbuseCreate } from '../../../../shared' | 4 | import { AbuseCreate, UserRight, VideoAbuseCreate } from '../../../../shared' |
5 | import { getFormattedObjects } from '../../../helpers/utils' | ||
6 | import { | 5 | import { |
7 | abusesSortValidator, | 6 | abusesSortValidator, |
8 | asyncMiddleware, | 7 | asyncMiddleware, |
@@ -63,7 +62,7 @@ async function listVideoAbuses (req: express.Request, res: express.Response) { | |||
63 | const user = res.locals.oauth.token.user | 62 | const user = res.locals.oauth.token.user |
64 | const serverActor = await getServerActor() | 63 | const serverActor = await getServerActor() |
65 | 64 | ||
66 | const resultList = await AbuseModel.listForApi({ | 65 | const resultList = await AbuseModel.listForAdminApi({ |
67 | start: req.query.start, | 66 | start: req.query.start, |
68 | count: req.query.count, | 67 | count: req.query.count, |
69 | sort: req.query.sort, | 68 | sort: req.query.sort, |
@@ -81,7 +80,10 @@ async function listVideoAbuses (req: express.Request, res: express.Response) { | |||
81 | user | 80 | user |
82 | }) | 81 | }) |
83 | 82 | ||
84 | return res.json(getFormattedObjects(resultList.data, resultList.total)) | 83 | return res.json({ |
84 | total: resultList.total, | ||
85 | data: resultList.data.map(d => d.toFormattedAdminJSON()) | ||
86 | }) | ||
85 | } | 87 | } |
86 | 88 | ||
87 | async function updateVideoAbuse (req: express.Request, res: express.Response) { | 89 | async function updateVideoAbuse (req: express.Request, res: express.Response) { |