diff options
Diffstat (limited to 'server/helpers/custom-validators')
-rw-r--r-- | server/helpers/custom-validators/accounts.ts (renamed from server/helpers/custom-validators/video-accounts.ts) | 14 | ||||
-rw-r--r-- | server/helpers/custom-validators/activitypub/account.ts | 31 | ||||
-rw-r--r-- | server/helpers/custom-validators/activitypub/activity.ts | 19 | ||||
-rw-r--r-- | server/helpers/custom-validators/activitypub/misc.ts | 10 | ||||
-rw-r--r-- | server/helpers/custom-validators/activitypub/videos.ts | 14 | ||||
-rw-r--r-- | server/helpers/custom-validators/index.ts | 3 | ||||
-rw-r--r-- | server/helpers/custom-validators/webfinger.ts | 25 |
7 files changed, 87 insertions, 29 deletions
diff --git a/server/helpers/custom-validators/video-accounts.ts b/server/helpers/custom-validators/accounts.ts index 31808ae1e..6d6219a95 100644 --- a/server/helpers/custom-validators/video-accounts.ts +++ b/server/helpers/custom-validators/accounts.ts | |||
@@ -10,14 +10,14 @@ import { logger } from '../logger' | |||
10 | import { isUserUsernameValid } from './users' | 10 | import { isUserUsernameValid } from './users' |
11 | import { isHostValid } from './pods' | 11 | import { isHostValid } from './pods' |
12 | 12 | ||
13 | function isVideoAccountNameValid (value: string) { | 13 | function isAccountNameValid (value: string) { |
14 | return isUserUsernameValid(value) | 14 | return isUserUsernameValid(value) |
15 | } | 15 | } |
16 | 16 | ||
17 | function isAccountNameWithHostValid (value: string) { | 17 | function isAccountNameWithHostValid (value: string) { |
18 | const [ name, host ] = value.split('@') | 18 | const [ name, host ] = value.split('@') |
19 | 19 | ||
20 | return isVideoAccountNameValid(name) && isHostValid(host) | 20 | return isAccountNameValid(name) && isHostValid(host) |
21 | } | 21 | } |
22 | 22 | ||
23 | function checkVideoAccountExists (id: string, res: express.Response, callback: () => void) { | 23 | function checkVideoAccountExists (id: string, res: express.Response, callback: () => void) { |
@@ -38,10 +38,10 @@ function checkVideoAccountExists (id: string, res: express.Response, callback: ( | |||
38 | res.locals.account = account | 38 | res.locals.account = account |
39 | callback() | 39 | callback() |
40 | }) | 40 | }) |
41 | .catch(err => { | 41 | .catch(err => { |
42 | logger.error('Error in video account request validator.', err) | 42 | logger.error('Error in video account request validator.', err) |
43 | return res.sendStatus(500) | 43 | return res.sendStatus(500) |
44 | }) | 44 | }) |
45 | } | 45 | } |
46 | 46 | ||
47 | // --------------------------------------------------------------------------- | 47 | // --------------------------------------------------------------------------- |
@@ -49,5 +49,5 @@ function checkVideoAccountExists (id: string, res: express.Response, callback: ( | |||
49 | export { | 49 | export { |
50 | checkVideoAccountExists, | 50 | checkVideoAccountExists, |
51 | isAccountNameWithHostValid, | 51 | isAccountNameWithHostValid, |
52 | isVideoAccountNameValid | 52 | isAccountNameValid |
53 | } | 53 | } |
diff --git a/server/helpers/custom-validators/activitypub/account.ts b/server/helpers/custom-validators/activitypub/account.ts index acd2b8058..645f55a5a 100644 --- a/server/helpers/custom-validators/activitypub/account.ts +++ b/server/helpers/custom-validators/activitypub/account.ts | |||
@@ -1,9 +1,8 @@ | |||
1 | import * as validator from 'validator' | 1 | import * as validator from 'validator' |
2 | |||
3 | import { exists, isUUIDValid } from '../misc' | ||
4 | import { isActivityPubUrlValid } from './misc' | ||
5 | import { isUserUsernameValid } from '../users' | ||
6 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' | 2 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' |
3 | import { isAccountNameValid } from '../accounts' | ||
4 | import { exists, isUUIDValid } from '../misc' | ||
5 | import { isActivityPubUrlValid, isBaseActivityValid } from './misc' | ||
7 | 6 | ||
8 | function isAccountEndpointsObjectValid (endpointObject: any) { | 7 | function isAccountEndpointsObjectValid (endpointObject: any) { |
9 | return isAccountSharedInboxValid(endpointObject.sharedInbox) | 8 | return isAccountSharedInboxValid(endpointObject.sharedInbox) |
@@ -59,10 +58,6 @@ function isAccountOutboxValid (outbox: string) { | |||
59 | return isActivityPubUrlValid(outbox) | 58 | return isActivityPubUrlValid(outbox) |
60 | } | 59 | } |
61 | 60 | ||
62 | function isAccountNameValid (name: string) { | ||
63 | return isUserUsernameValid(name) | ||
64 | } | ||
65 | |||
66 | function isAccountPreferredUsernameValid (preferredUsername: string) { | 61 | function isAccountPreferredUsernameValid (preferredUsername: string) { |
67 | return isAccountNameValid(preferredUsername) | 62 | return isAccountNameValid(preferredUsername) |
68 | } | 63 | } |
@@ -90,7 +85,7 @@ function isRemoteAccountValid (remoteAccount: any) { | |||
90 | isAccountPreferredUsernameValid(remoteAccount.preferredUsername) && | 85 | isAccountPreferredUsernameValid(remoteAccount.preferredUsername) && |
91 | isAccountUrlValid(remoteAccount.url) && | 86 | isAccountUrlValid(remoteAccount.url) && |
92 | isAccountPublicKeyObjectValid(remoteAccount.publicKey) && | 87 | isAccountPublicKeyObjectValid(remoteAccount.publicKey) && |
93 | isAccountEndpointsObjectValid(remoteAccount.endpoint) | 88 | isAccountEndpointsObjectValid(remoteAccount.endpoints) |
94 | } | 89 | } |
95 | 90 | ||
96 | function isAccountFollowingCountValid (value: string) { | 91 | function isAccountFollowingCountValid (value: string) { |
@@ -101,6 +96,19 @@ function isAccountFollowersCountValid (value: string) { | |||
101 | return exists(value) && validator.isInt('' + value, { min: 0 }) | 96 | return exists(value) && validator.isInt('' + value, { min: 0 }) |
102 | } | 97 | } |
103 | 98 | ||
99 | function isAccountDeleteActivityValid (activity: any) { | ||
100 | return isBaseActivityValid(activity, 'Delete') | ||
101 | } | ||
102 | |||
103 | function isAccountFollowActivityValid (activity: any) { | ||
104 | return isBaseActivityValid(activity, 'Follow') && | ||
105 | isActivityPubUrlValid(activity.object) | ||
106 | } | ||
107 | |||
108 | function isAccountAcceptActivityValid (activity: any) { | ||
109 | return isBaseActivityValid(activity, 'Accept') | ||
110 | } | ||
111 | |||
104 | // --------------------------------------------------------------------------- | 112 | // --------------------------------------------------------------------------- |
105 | 113 | ||
106 | export { | 114 | export { |
@@ -122,5 +130,8 @@ export { | |||
122 | isRemoteAccountValid, | 130 | isRemoteAccountValid, |
123 | isAccountFollowingCountValid, | 131 | isAccountFollowingCountValid, |
124 | isAccountFollowersCountValid, | 132 | isAccountFollowersCountValid, |
125 | isAccountNameValid | 133 | isAccountNameValid, |
134 | isAccountFollowActivityValid, | ||
135 | isAccountAcceptActivityValid, | ||
136 | isAccountDeleteActivityValid | ||
126 | } | 137 | } |
diff --git a/server/helpers/custom-validators/activitypub/activity.ts b/server/helpers/custom-validators/activitypub/activity.ts index dd671c4cf..b5ba0f7af 100644 --- a/server/helpers/custom-validators/activitypub/activity.ts +++ b/server/helpers/custom-validators/activitypub/activity.ts | |||
@@ -1,9 +1,13 @@ | |||
1 | import * as validator from 'validator' | 1 | import * as validator from 'validator' |
2 | import { isAccountAcceptActivityValid, isAccountDeleteActivityValid, isAccountFollowActivityValid } from './account' | ||
3 | import { isActivityPubUrlValid } from './misc' | ||
2 | import { | 4 | import { |
3 | isVideoChannelCreateActivityValid, | 5 | isVideoChannelCreateActivityValid, |
6 | isVideoChannelDeleteActivityValid, | ||
7 | isVideoChannelUpdateActivityValid, | ||
4 | isVideoTorrentAddActivityValid, | 8 | isVideoTorrentAddActivityValid, |
5 | isVideoTorrentUpdateActivityValid, | 9 | isVideoTorrentDeleteActivityValid, |
6 | isVideoChannelUpdateActivityValid | 10 | isVideoTorrentUpdateActivityValid |
7 | } from './videos' | 11 | } from './videos' |
8 | 12 | ||
9 | function isRootActivityValid (activity: any) { | 13 | function isRootActivityValid (activity: any) { |
@@ -14,8 +18,8 @@ function isRootActivityValid (activity: any) { | |||
14 | Array.isArray(activity.items) | 18 | Array.isArray(activity.items) |
15 | ) || | 19 | ) || |
16 | ( | 20 | ( |
17 | validator.isURL(activity.id) && | 21 | isActivityPubUrlValid(activity.id) && |
18 | validator.isURL(activity.actor) | 22 | isActivityPubUrlValid(activity.actor) |
19 | ) | 23 | ) |
20 | } | 24 | } |
21 | 25 | ||
@@ -23,7 +27,12 @@ function isActivityValid (activity: any) { | |||
23 | return isVideoTorrentAddActivityValid(activity) || | 27 | return isVideoTorrentAddActivityValid(activity) || |
24 | isVideoChannelCreateActivityValid(activity) || | 28 | isVideoChannelCreateActivityValid(activity) || |
25 | isVideoTorrentUpdateActivityValid(activity) || | 29 | isVideoTorrentUpdateActivityValid(activity) || |
26 | isVideoChannelUpdateActivityValid(activity) | 30 | isVideoChannelUpdateActivityValid(activity) || |
31 | isVideoTorrentDeleteActivityValid(activity) || | ||
32 | isVideoChannelDeleteActivityValid(activity) || | ||
33 | isAccountDeleteActivityValid(activity) || | ||
34 | isAccountFollowActivityValid(activity) || | ||
35 | isAccountAcceptActivityValid(activity) | ||
27 | } | 36 | } |
28 | 37 | ||
29 | // --------------------------------------------------------------------------- | 38 | // --------------------------------------------------------------------------- |
diff --git a/server/helpers/custom-validators/activitypub/misc.ts b/server/helpers/custom-validators/activitypub/misc.ts index a94c36b51..665a63a73 100644 --- a/server/helpers/custom-validators/activitypub/misc.ts +++ b/server/helpers/custom-validators/activitypub/misc.ts | |||
@@ -23,10 +23,12 @@ function isActivityPubUrlValid (url: string) { | |||
23 | function isBaseActivityValid (activity: any, type: string) { | 23 | function isBaseActivityValid (activity: any, type: string) { |
24 | return Array.isArray(activity['@context']) && | 24 | return Array.isArray(activity['@context']) && |
25 | activity.type === type && | 25 | activity.type === type && |
26 | validator.isURL(activity.id) && | 26 | isActivityPubUrlValid(activity.id) && |
27 | validator.isURL(activity.actor) && | 27 | isActivityPubUrlValid(activity.actor) && |
28 | Array.isArray(activity.to) && | 28 | ( |
29 | activity.to.every(t => validator.isURL(t)) | 29 | activity.to === undefined || |
30 | (Array.isArray(activity.to) && activity.to.every(t => isActivityPubUrlValid(t))) | ||
31 | ) | ||
30 | } | 32 | } |
31 | 33 | ||
32 | export { | 34 | export { |
diff --git a/server/helpers/custom-validators/activitypub/videos.ts b/server/helpers/custom-validators/activitypub/videos.ts index 8f6d50f50..c9ecf1f3d 100644 --- a/server/helpers/custom-validators/activitypub/videos.ts +++ b/server/helpers/custom-validators/activitypub/videos.ts | |||
@@ -14,7 +14,7 @@ import { | |||
14 | isVideoUrlValid | 14 | isVideoUrlValid |
15 | } from '../videos' | 15 | } from '../videos' |
16 | import { isVideoChannelDescriptionValid, isVideoChannelNameValid } from '../video-channels' | 16 | import { isVideoChannelDescriptionValid, isVideoChannelNameValid } from '../video-channels' |
17 | import { isBaseActivityValid } from './misc' | 17 | import { isActivityPubUrlValid, isBaseActivityValid } from './misc' |
18 | 18 | ||
19 | function isVideoTorrentAddActivityValid (activity: any) { | 19 | function isVideoTorrentAddActivityValid (activity: any) { |
20 | return isBaseActivityValid(activity, 'Add') && | 20 | return isBaseActivityValid(activity, 'Add') && |
@@ -26,6 +26,10 @@ function isVideoTorrentUpdateActivityValid (activity: any) { | |||
26 | isVideoTorrentObjectValid(activity.object) | 26 | isVideoTorrentObjectValid(activity.object) |
27 | } | 27 | } |
28 | 28 | ||
29 | function isVideoTorrentDeleteActivityValid (activity: any) { | ||
30 | return isBaseActivityValid(activity, 'Delete') | ||
31 | } | ||
32 | |||
29 | function isVideoTorrentObjectValid (video: any) { | 33 | function isVideoTorrentObjectValid (video: any) { |
30 | return video.type === 'Video' && | 34 | return video.type === 'Video' && |
31 | isVideoNameValid(video.name) && | 35 | isVideoNameValid(video.name) && |
@@ -54,6 +58,10 @@ function isVideoChannelUpdateActivityValid (activity: any) { | |||
54 | isVideoChannelObjectValid(activity.object) | 58 | isVideoChannelObjectValid(activity.object) |
55 | } | 59 | } |
56 | 60 | ||
61 | function isVideoChannelDeleteActivityValid (activity: any) { | ||
62 | return isBaseActivityValid(activity, 'Delete') | ||
63 | } | ||
64 | |||
57 | function isVideoChannelObjectValid (videoChannel: any) { | 65 | function isVideoChannelObjectValid (videoChannel: any) { |
58 | return videoChannel.type === 'VideoChannel' && | 66 | return videoChannel.type === 'VideoChannel' && |
59 | isVideoChannelNameValid(videoChannel.name) && | 67 | isVideoChannelNameValid(videoChannel.name) && |
@@ -67,7 +75,9 @@ export { | |||
67 | isVideoTorrentAddActivityValid, | 75 | isVideoTorrentAddActivityValid, |
68 | isVideoChannelCreateActivityValid, | 76 | isVideoChannelCreateActivityValid, |
69 | isVideoTorrentUpdateActivityValid, | 77 | isVideoTorrentUpdateActivityValid, |
70 | isVideoChannelUpdateActivityValid | 78 | isVideoChannelUpdateActivityValid, |
79 | isVideoChannelDeleteActivityValid, | ||
80 | isVideoTorrentDeleteActivityValid | ||
71 | } | 81 | } |
72 | 82 | ||
73 | // --------------------------------------------------------------------------- | 83 | // --------------------------------------------------------------------------- |
diff --git a/server/helpers/custom-validators/index.ts b/server/helpers/custom-validators/index.ts index 33922b8fe..1c475e301 100644 --- a/server/helpers/custom-validators/index.ts +++ b/server/helpers/custom-validators/index.ts | |||
@@ -3,6 +3,7 @@ export * from './misc' | |||
3 | export * from './pods' | 3 | export * from './pods' |
4 | export * from './pods' | 4 | export * from './pods' |
5 | export * from './users' | 5 | export * from './users' |
6 | export * from './video-accounts' | 6 | export * from './accounts' |
7 | export * from './video-channels' | 7 | export * from './video-channels' |
8 | export * from './videos' | 8 | export * from './videos' |
9 | export * from './webfinger' | ||
diff --git a/server/helpers/custom-validators/webfinger.ts b/server/helpers/custom-validators/webfinger.ts new file mode 100644 index 000000000..e93115d81 --- /dev/null +++ b/server/helpers/custom-validators/webfinger.ts | |||
@@ -0,0 +1,25 @@ | |||
1 | import 'express-validator' | ||
2 | import 'multer' | ||
3 | import { CONFIG } from '../../initializers/constants' | ||
4 | import { exists } from './misc' | ||
5 | |||
6 | function isWebfingerResourceValid (value: string) { | ||
7 | if (!exists(value)) return false | ||
8 | if (value.startsWith('acct:') === false) return false | ||
9 | |||
10 | const accountWithHost = value.substr(5) | ||
11 | const accountParts = accountWithHost.split('@') | ||
12 | if (accountParts.length !== 2) return false | ||
13 | |||
14 | const host = accountParts[1] | ||
15 | |||
16 | if (host !== CONFIG.WEBSERVER.HOST) return false | ||
17 | |||
18 | return true | ||
19 | } | ||
20 | |||
21 | // --------------------------------------------------------------------------- | ||
22 | |||
23 | export { | ||
24 | isWebfingerResourceValid | ||
25 | } | ||