aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'server/controllers')
-rw-r--r--server/controllers/api/videos/abuse.ts62
1 files changed, 54 insertions, 8 deletions
diff --git a/server/controllers/api/videos/abuse.ts b/server/controllers/api/videos/abuse.ts
index 7782fc639..59bdf6257 100644
--- a/server/controllers/api/videos/abuse.ts
+++ b/server/controllers/api/videos/abuse.ts
@@ -1,5 +1,5 @@
1import * as express from 'express' 1import * as express from 'express'
2import { UserRight, VideoAbuseCreate } from '../../../../shared' 2import { UserRight, VideoAbuseCreate, VideoAbuseState } from '../../../../shared'
3import { logger } from '../../../helpers/logger' 3import { logger } from '../../../helpers/logger'
4import { getFormattedObjects } from '../../../helpers/utils' 4import { getFormattedObjects } from '../../../helpers/utils'
5import { sequelizeTypescript } from '../../../initializers' 5import { sequelizeTypescript } from '../../../initializers'
@@ -12,8 +12,10 @@ import {
12 paginationValidator, 12 paginationValidator,
13 setDefaultPagination, 13 setDefaultPagination,
14 setDefaultSort, 14 setDefaultSort,
15 videoAbuseGetValidator,
15 videoAbuseReportValidator, 16 videoAbuseReportValidator,
16 videoAbusesSortValidator 17 videoAbusesSortValidator,
18 videoAbuseUpdateValidator
17} from '../../../middlewares' 19} from '../../../middlewares'
18import { AccountModel } from '../../../models/account/account' 20import { AccountModel } from '../../../models/account/account'
19import { VideoModel } from '../../../models/video/video' 21import { VideoModel } from '../../../models/video/video'
@@ -32,11 +34,23 @@ abuseVideoRouter.get('/abuse',
32 setDefaultPagination, 34 setDefaultPagination,
33 asyncMiddleware(listVideoAbuses) 35 asyncMiddleware(listVideoAbuses)
34) 36)
35abuseVideoRouter.post('/:id/abuse', 37abuseVideoRouter.put('/:videoId/abuse/:id',
38 authenticate,
39 ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
40 asyncMiddleware(videoAbuseUpdateValidator),
41 asyncRetryTransactionMiddleware(updateVideoAbuse)
42)
43abuseVideoRouter.post('/:videoId/abuse',
36 authenticate, 44 authenticate,
37 asyncMiddleware(videoAbuseReportValidator), 45 asyncMiddleware(videoAbuseReportValidator),
38 asyncRetryTransactionMiddleware(reportVideoAbuse) 46 asyncRetryTransactionMiddleware(reportVideoAbuse)
39) 47)
48abuseVideoRouter.delete('/:videoId/abuse/:id',
49 authenticate,
50 ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
51 asyncMiddleware(videoAbuseGetValidator),
52 asyncRetryTransactionMiddleware(deleteVideoAbuse)
53)
40 54
41// --------------------------------------------------------------------------- 55// ---------------------------------------------------------------------------
42 56
@@ -46,12 +60,39 @@ export {
46 60
47// --------------------------------------------------------------------------- 61// ---------------------------------------------------------------------------
48 62
49async function listVideoAbuses (req: express.Request, res: express.Response, next: express.NextFunction) { 63async function listVideoAbuses (req: express.Request, res: express.Response) {
50 const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort) 64 const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort)
51 65
52 return res.json(getFormattedObjects(resultList.data, resultList.total)) 66 return res.json(getFormattedObjects(resultList.data, resultList.total))
53} 67}
54 68
69async function updateVideoAbuse (req: express.Request, res: express.Response) {
70 const videoAbuse: VideoAbuseModel = res.locals.videoAbuse
71
72 if (req.body.moderationComment !== undefined) videoAbuse.moderationComment = req.body.moderationComment
73 if (req.body.state !== undefined) videoAbuse.state = req.body.state
74
75 await sequelizeTypescript.transaction(t => {
76 return videoAbuse.save({ transaction: t })
77 })
78
79 // Do not send the delete to other instances, we updated OUR copy of this video abuse
80
81 return res.type('json').status(204).end()
82}
83
84async function deleteVideoAbuse (req: express.Request, res: express.Response) {
85 const videoAbuse: VideoAbuseModel = res.locals.videoAbuse
86
87 await sequelizeTypescript.transaction(t => {
88 return videoAbuse.destroy({ transaction: t })
89 })
90
91 // Do not send the delete to other instances, we delete OUR copy of this video abuse
92
93 return res.type('json').status(204).end()
94}
95
55async function reportVideoAbuse (req: express.Request, res: express.Response) { 96async function reportVideoAbuse (req: express.Request, res: express.Response) {
56 const videoInstance = res.locals.video as VideoModel 97 const videoInstance = res.locals.video as VideoModel
57 const reporterAccount = res.locals.oauth.token.User.Account as AccountModel 98 const reporterAccount = res.locals.oauth.token.User.Account as AccountModel
@@ -60,10 +101,11 @@ async function reportVideoAbuse (req: express.Request, res: express.Response) {
60 const abuseToCreate = { 101 const abuseToCreate = {
61 reporterAccountId: reporterAccount.id, 102 reporterAccountId: reporterAccount.id,
62 reason: body.reason, 103 reason: body.reason,
63 videoId: videoInstance.id 104 videoId: videoInstance.id,
105 state: VideoAbuseState.PENDING
64 } 106 }
65 107
66 await sequelizeTypescript.transaction(async t => { 108 const videoAbuse: VideoAbuseModel = await sequelizeTypescript.transaction(async t => {
67 const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t }) 109 const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t })
68 videoAbuseInstance.Video = videoInstance 110 videoAbuseInstance.Video = videoInstance
69 videoAbuseInstance.Account = reporterAccount 111 videoAbuseInstance.Account = reporterAccount
@@ -74,8 +116,12 @@ async function reportVideoAbuse (req: express.Request, res: express.Response) {
74 } 116 }
75 117
76 auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON())) 118 auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON()))
77 logger.info('Abuse report for video %s created.', videoInstance.name) 119
120 return videoAbuseInstance
78 }) 121 })
79 122
80 return res.type('json').status(204).end() 123 logger.info('Abuse report for video %s created.', videoInstance.name)
124 return res.json({
125 videoAbuse: videoAbuse.toFormattedJSON()
126 }).end()
81} 127}