aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/helpers
diff options
context:
space:
mode:
Diffstat (limited to 'server/helpers')
-rw-r--r--server/helpers/custom-validators/activitypub/actor.ts18
1 files changed, 8 insertions, 10 deletions
diff --git a/server/helpers/custom-validators/activitypub/actor.ts b/server/helpers/custom-validators/activitypub/actor.ts
index 5930bd5da..ec8da3350 100644
--- a/server/helpers/custom-validators/activitypub/actor.ts
+++ b/server/helpers/custom-validators/activitypub/actor.ts
@@ -1,8 +1,8 @@
1import * as validator from 'validator' 1import * as validator from 'validator'
2import { CONSTRAINTS_FIELDS } from '../../../initializers' 2import { CONSTRAINTS_FIELDS } from '../../../initializers'
3import { isAccountNameValid } from '../accounts' 3import { isAccountNameValid } from '../accounts'
4import { exists, isUUIDValid } from '../misc' 4import { exists } from '../misc'
5import { isVideoChannelDescriptionValid, isVideoChannelNameValid } from '../video-channels' 5import { isVideoChannelNameValid } from '../video-channels'
6import { isActivityPubUrlValid, isBaseActivityValid, setValidAttributedTo } from './misc' 6import { isActivityPubUrlValid, isBaseActivityValid, setValidAttributedTo } from './misc'
7 7
8function isActorEndpointsObjectValid (endpointObject: any) { 8function isActorEndpointsObjectValid (endpointObject: any) {
@@ -23,41 +23,39 @@ function isActorPublicKeyValid (publicKey: string) {
23 return exists(publicKey) && 23 return exists(publicKey) &&
24 typeof publicKey === 'string' && 24 typeof publicKey === 'string' &&
25 publicKey.startsWith('-----BEGIN PUBLIC KEY-----') && 25 publicKey.startsWith('-----BEGIN PUBLIC KEY-----') &&
26 publicKey.endsWith('-----END PUBLIC KEY-----') && 26 publicKey.indexOf('-----END PUBLIC KEY-----') !== -1 &&
27 validator.isLength(publicKey, CONSTRAINTS_FIELDS.ACTOR.PUBLIC_KEY) 27 validator.isLength(publicKey, CONSTRAINTS_FIELDS.ACTOR.PUBLIC_KEY)
28} 28}
29 29
30const actorNameRegExp = new RegExp('[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_]+')
30function isActorPreferredUsernameValid (preferredUsername: string) { 31function isActorPreferredUsernameValid (preferredUsername: string) {
31 return isAccountNameValid(preferredUsername) || isVideoChannelNameValid(preferredUsername) 32 return exists(preferredUsername) && validator.matches(preferredUsername, actorNameRegExp)
32} 33}
33 34
34const actorNameRegExp = new RegExp('[ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_]+')
35function isActorNameValid (name: string) { 35function isActorNameValid (name: string) {
36 return exists(name) && validator.matches(name, actorNameRegExp) 36 return isAccountNameValid(name) || isVideoChannelNameValid(name)
37} 37}
38 38
39function isActorPrivateKeyValid (privateKey: string) { 39function isActorPrivateKeyValid (privateKey: string) {
40 return exists(privateKey) && 40 return exists(privateKey) &&
41 typeof privateKey === 'string' && 41 typeof privateKey === 'string' &&
42 privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') && 42 privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') &&
43 privateKey.endsWith('-----END RSA PRIVATE KEY-----') && 43 // Sometimes there is a \n at the end, so just assert the string contains the end mark
44 privateKey.indexOf('-----END RSA PRIVATE KEY-----') !== -1 &&
44 validator.isLength(privateKey, CONSTRAINTS_FIELDS.ACTOR.PRIVATE_KEY) 45 validator.isLength(privateKey, CONSTRAINTS_FIELDS.ACTOR.PRIVATE_KEY)
45} 46}
46 47
47function isRemoteActorValid (remoteActor: any) { 48function isRemoteActorValid (remoteActor: any) {
48 return isActivityPubUrlValid(remoteActor.id) && 49 return isActivityPubUrlValid(remoteActor.id) &&
49 isUUIDValid(remoteActor.uuid) &&
50 isActorTypeValid(remoteActor.type) && 50 isActorTypeValid(remoteActor.type) &&
51 isActivityPubUrlValid(remoteActor.following) && 51 isActivityPubUrlValid(remoteActor.following) &&
52 isActivityPubUrlValid(remoteActor.followers) && 52 isActivityPubUrlValid(remoteActor.followers) &&
53 isActivityPubUrlValid(remoteActor.inbox) && 53 isActivityPubUrlValid(remoteActor.inbox) &&
54 isActivityPubUrlValid(remoteActor.outbox) && 54 isActivityPubUrlValid(remoteActor.outbox) &&
55 isActorNameValid(remoteActor.name) &&
56 isActorPreferredUsernameValid(remoteActor.preferredUsername) && 55 isActorPreferredUsernameValid(remoteActor.preferredUsername) &&
57 isActivityPubUrlValid(remoteActor.url) && 56 isActivityPubUrlValid(remoteActor.url) &&
58 isActorPublicKeyObjectValid(remoteActor.publicKey) && 57 isActorPublicKeyObjectValid(remoteActor.publicKey) &&
59 isActorEndpointsObjectValid(remoteActor.endpoints) && 58 isActorEndpointsObjectValid(remoteActor.endpoints) &&
60 (!remoteActor.summary || isVideoChannelDescriptionValid(remoteActor.summary)) &&
61 setValidAttributedTo(remoteActor) && 59 setValidAttributedTo(remoteActor) &&
62 // If this is not an account, it should be attributed to an account 60 // If this is not an account, it should be attributed to an account
63 // In PeerTube we use this to attach a video channel to a specific account 61 // In PeerTube we use this to attach a video channel to a specific account