diff options
Diffstat (limited to 'server/controllers')
-rw-r--r-- | server/controllers/api/videos/abuse.ts | 62 |
1 files changed, 54 insertions, 8 deletions
diff --git a/server/controllers/api/videos/abuse.ts b/server/controllers/api/videos/abuse.ts index 7782fc639..59bdf6257 100644 --- a/server/controllers/api/videos/abuse.ts +++ b/server/controllers/api/videos/abuse.ts | |||
@@ -1,5 +1,5 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import { UserRight, VideoAbuseCreate } from '../../../../shared' | 2 | import { UserRight, VideoAbuseCreate, VideoAbuseState } from '../../../../shared' |
3 | import { logger } from '../../../helpers/logger' | 3 | import { logger } from '../../../helpers/logger' |
4 | import { getFormattedObjects } from '../../../helpers/utils' | 4 | import { getFormattedObjects } from '../../../helpers/utils' |
5 | import { sequelizeTypescript } from '../../../initializers' | 5 | import { sequelizeTypescript } from '../../../initializers' |
@@ -12,8 +12,10 @@ import { | |||
12 | paginationValidator, | 12 | paginationValidator, |
13 | setDefaultPagination, | 13 | setDefaultPagination, |
14 | setDefaultSort, | 14 | setDefaultSort, |
15 | videoAbuseGetValidator, | ||
15 | videoAbuseReportValidator, | 16 | videoAbuseReportValidator, |
16 | videoAbusesSortValidator | 17 | videoAbusesSortValidator, |
18 | videoAbuseUpdateValidator | ||
17 | } from '../../../middlewares' | 19 | } from '../../../middlewares' |
18 | import { AccountModel } from '../../../models/account/account' | 20 | import { AccountModel } from '../../../models/account/account' |
19 | import { VideoModel } from '../../../models/video/video' | 21 | import { VideoModel } from '../../../models/video/video' |
@@ -32,11 +34,23 @@ abuseVideoRouter.get('/abuse', | |||
32 | setDefaultPagination, | 34 | setDefaultPagination, |
33 | asyncMiddleware(listVideoAbuses) | 35 | asyncMiddleware(listVideoAbuses) |
34 | ) | 36 | ) |
35 | abuseVideoRouter.post('/:id/abuse', | 37 | abuseVideoRouter.put('/:videoId/abuse/:id', |
38 | authenticate, | ||
39 | ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES), | ||
40 | asyncMiddleware(videoAbuseUpdateValidator), | ||
41 | asyncRetryTransactionMiddleware(updateVideoAbuse) | ||
42 | ) | ||
43 | abuseVideoRouter.post('/:videoId/abuse', | ||
36 | authenticate, | 44 | authenticate, |
37 | asyncMiddleware(videoAbuseReportValidator), | 45 | asyncMiddleware(videoAbuseReportValidator), |
38 | asyncRetryTransactionMiddleware(reportVideoAbuse) | 46 | asyncRetryTransactionMiddleware(reportVideoAbuse) |
39 | ) | 47 | ) |
48 | abuseVideoRouter.delete('/:videoId/abuse/:id', | ||
49 | authenticate, | ||
50 | ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES), | ||
51 | asyncMiddleware(videoAbuseGetValidator), | ||
52 | asyncRetryTransactionMiddleware(deleteVideoAbuse) | ||
53 | ) | ||
40 | 54 | ||
41 | // --------------------------------------------------------------------------- | 55 | // --------------------------------------------------------------------------- |
42 | 56 | ||
@@ -46,12 +60,39 @@ export { | |||
46 | 60 | ||
47 | // --------------------------------------------------------------------------- | 61 | // --------------------------------------------------------------------------- |
48 | 62 | ||
49 | async function listVideoAbuses (req: express.Request, res: express.Response, next: express.NextFunction) { | 63 | async function listVideoAbuses (req: express.Request, res: express.Response) { |
50 | const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort) | 64 | const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort) |
51 | 65 | ||
52 | return res.json(getFormattedObjects(resultList.data, resultList.total)) | 66 | return res.json(getFormattedObjects(resultList.data, resultList.total)) |
53 | } | 67 | } |
54 | 68 | ||
69 | async function updateVideoAbuse (req: express.Request, res: express.Response) { | ||
70 | const videoAbuse: VideoAbuseModel = res.locals.videoAbuse | ||
71 | |||
72 | if (req.body.moderationComment !== undefined) videoAbuse.moderationComment = req.body.moderationComment | ||
73 | if (req.body.state !== undefined) videoAbuse.state = req.body.state | ||
74 | |||
75 | await sequelizeTypescript.transaction(t => { | ||
76 | return videoAbuse.save({ transaction: t }) | ||
77 | }) | ||
78 | |||
79 | // Do not send the delete to other instances, we updated OUR copy of this video abuse | ||
80 | |||
81 | return res.type('json').status(204).end() | ||
82 | } | ||
83 | |||
84 | async function deleteVideoAbuse (req: express.Request, res: express.Response) { | ||
85 | const videoAbuse: VideoAbuseModel = res.locals.videoAbuse | ||
86 | |||
87 | await sequelizeTypescript.transaction(t => { | ||
88 | return videoAbuse.destroy({ transaction: t }) | ||
89 | }) | ||
90 | |||
91 | // Do not send the delete to other instances, we delete OUR copy of this video abuse | ||
92 | |||
93 | return res.type('json').status(204).end() | ||
94 | } | ||
95 | |||
55 | async function reportVideoAbuse (req: express.Request, res: express.Response) { | 96 | async function reportVideoAbuse (req: express.Request, res: express.Response) { |
56 | const videoInstance = res.locals.video as VideoModel | 97 | const videoInstance = res.locals.video as VideoModel |
57 | const reporterAccount = res.locals.oauth.token.User.Account as AccountModel | 98 | const reporterAccount = res.locals.oauth.token.User.Account as AccountModel |
@@ -60,10 +101,11 @@ async function reportVideoAbuse (req: express.Request, res: express.Response) { | |||
60 | const abuseToCreate = { | 101 | const abuseToCreate = { |
61 | reporterAccountId: reporterAccount.id, | 102 | reporterAccountId: reporterAccount.id, |
62 | reason: body.reason, | 103 | reason: body.reason, |
63 | videoId: videoInstance.id | 104 | videoId: videoInstance.id, |
105 | state: VideoAbuseState.PENDING | ||
64 | } | 106 | } |
65 | 107 | ||
66 | await sequelizeTypescript.transaction(async t => { | 108 | const videoAbuse: VideoAbuseModel = await sequelizeTypescript.transaction(async t => { |
67 | const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t }) | 109 | const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t }) |
68 | videoAbuseInstance.Video = videoInstance | 110 | videoAbuseInstance.Video = videoInstance |
69 | videoAbuseInstance.Account = reporterAccount | 111 | videoAbuseInstance.Account = reporterAccount |
@@ -74,8 +116,12 @@ async function reportVideoAbuse (req: express.Request, res: express.Response) { | |||
74 | } | 116 | } |
75 | 117 | ||
76 | auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON())) | 118 | auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON())) |
77 | logger.info('Abuse report for video %s created.', videoInstance.name) | 119 | |
120 | return videoAbuseInstance | ||
78 | }) | 121 | }) |
79 | 122 | ||
80 | return res.type('json').status(204).end() | 123 | logger.info('Abuse report for video %s created.', videoInstance.name) |
124 | return res.json({ | ||
125 | videoAbuse: videoAbuse.toFormattedJSON() | ||
126 | }).end() | ||
81 | } | 127 | } |