14 files changed, 221 insertions, 10 deletions
diff --git a/server/lib/activitypub/actors/get.ts b/server/lib/activitypub/actors/get.ts
index 0d5bea789..e7e87a967 100644
--- a/server/lib/activitypub/actors/get.ts
+++ b/server/lib/activitypub/actors/get.ts
@@ -1,9 +1,9 @@
 import { checkUrlsSameHost, getAPId } from '@server/helpers/activitypub'
-import { ActorFetchByUrlType, fetchActorByUrl } from '@server/helpers/actor'
 import { retryTransactionWrapper } from '@server/helpers/database-utils'
 import { logger } from '@server/helpers/logger'
 import { JobQueue } from '@server/lib/job-queue'
+import { ActorFetchByUrlType, fetchActorByUrl } from '@server/lib/model-loaders'
 import { MActor, MActorAccountChannelId, MActorAccountChannelIdActor, MActorAccountId, MActorFullActor } from '@server/types/models'
 import { ActivityPubActor } from '@shared/models'
 import { refreshActorIfNeeded } from './refresh'
diff --git a/server/lib/activitypub/actors/index.ts b/server/lib/activitypub/actors/index.ts
index a54da6798..5ee2a6f1a 100644
--- a/server/lib/activitypub/actors/index.ts
+++ b/server/lib/activitypub/actors/index.ts
@@ -3,3 +3,4 @@ export * from './image'
 export * from './keys'
 export * from './refresh'
 export * from './updater'
+export * from './webfinger'
diff --git a/server/lib/activitypub/actors/refresh.ts b/server/lib/activitypub/actors/refresh.ts
index ff3b249d0..9f2289bfa 100644
--- a/server/lib/activitypub/actors/refresh.ts
+++ b/server/lib/activitypub/actors/refresh.ts
@@ -1,12 +1,12 @@
-import { ActorFetchByUrlType } from '@server/helpers/actor'
 import { logger } from '@server/helpers/logger'
 import { PeerTubeRequestError } from '@server/helpers/requests'
-import { getUrlFromWebfinger } from '@server/helpers/webfinger'
+import { ActorFetchByUrlType } from '@server/lib/model-loaders'
 import { ActorModel } from '@server/models/actor/actor'
 import { MActorAccountChannelId, MActorFull } from '@server/types/models'
 import { HttpStatusCode } from '@shared/core-utils'
 import { fetchRemoteActor } from './shared'
 import { APActorUpdater } from './updater'
+import { getUrlFromWebfinger } from './webfinger'
 async function refreshActorIfNeeded <T extends MActorFull | MActorAccountChannelId> (
  actorArg: T,
diff --git a/server/lib/activitypub/actors/shared/index.ts b/server/lib/activitypub/actors/shared/index.ts
index a2ff468cf..52af1a8e1 100644
--- a/server/lib/activitypub/actors/shared/index.ts
+++ b/server/lib/activitypub/actors/shared/index.ts
@@ -1,3 +1,3 @@
 export * from './creator'
-export * from './url-to-object'
 export * from './object-to-model-attributes'
+export * from './url-to-object'
diff --git a/server/lib/activitypub/actors/webfinger.ts b/server/lib/activitypub/actors/webfinger.ts
new file mode 100644
index 000000000..cf8eddfc7
--- /dev/null
+++ b/server/lib/activitypub/actors/webfinger.ts
@@ -0,0 +1,67 @@
+import * as WebFinger from 'webfinger.js'
+import { isTestInstance } from '@server/helpers/core-utils'
+import { isActivityPubUrlValid } from '@server/helpers/custom-validators/activitypub/misc'
+import { WEBSERVER } from '@server/initializers/constants'
+import { ActorModel } from '@server/models/actor/actor'
+import { MActorFull } from '@server/types/models'
+import { WebFingerData } from '@shared/models'
+const webfinger = new WebFinger({
+  webfist_fallback: false,
+  tls_only: isTestInstance(),
+  uri_fallback: false,
+  request_timeout: 3000
+})
+async function loadActorUrlOrGetFromWebfinger (uriArg: string) {
+  // Handle strings like @toto@example.com
+  const uri = uriArg.startsWith('@') ? uriArg.slice(1) : uriArg
+  const [ name, host ] = uri.split('@')
+  let actor: MActorFull
+  if (!host || host === WEBSERVER.HOST) {
+    actor = await ActorModel.loadLocalByName(name)
+  } else {
+    actor = await ActorModel.loadByNameAndHost(name, host)
+  }
+  if (actor) return actor.url
+  return getUrlFromWebfinger(uri)
+}
+async function getUrlFromWebfinger (uri: string) {
+  const webfingerData: WebFingerData = await webfingerLookup(uri)
+  return getLinkOrThrow(webfingerData)
+}
+// ---------------------------------------------------------------------------
+export {
+  getUrlFromWebfinger,
+  loadActorUrlOrGetFromWebfinger
+}
+// ---------------------------------------------------------------------------
+function getLinkOrThrow (webfingerData: WebFingerData) {
+  if (Array.isArray(webfingerData.links) === false) throw new Error('WebFinger links is not an array.')
+  const selfLink = webfingerData.links.find(l => l.rel === 'self')
+  if (selfLink === undefined || isActivityPubUrlValid(selfLink.href) === false) {
+    throw new Error('Cannot find self link or href is not a valid URL.')
+  }
+  return selfLink.href
+}
+function webfingerLookup (nameWithHost: string) {
+  return new Promise<WebFingerData>((res, rej) => {
+    webfinger.lookup(nameWithHost, (err, p) => {
+      if (err) return rej(err)
+      return res(p.object)
+    })
+  })
+}
diff --git a/server/lib/activitypub/videos/get.ts b/server/lib/activitypub/videos/get.ts
index a8c41e178..38ba4978c 100644
--- a/server/lib/activitypub/videos/get.ts
+++ b/server/lib/activitypub/videos/get.ts
@@ -1,7 +1,7 @@
 import { getAPId } from '@server/helpers/activitypub'
 import { retryTransactionWrapper } from '@server/helpers/database-utils'
-import { fetchVideoByUrl, VideoFetchByUrlType } from '@server/helpers/video'
 import { JobQueue } from '@server/lib/job-queue'
+import { fetchVideoByUrl, VideoFetchByUrlType } from '@server/lib/model-loaders'
 import { MVideoAccountLightBlacklistAllFiles, MVideoImmutable, MVideoThumbnail } from '@server/types/models'
 import { refreshVideoIfNeeded } from './refresh'
 import { APVideoCreator, fetchRemoteVideo, SyncParam, syncVideoExternalAttributes } from './shared'
diff --git a/server/lib/activitypub/videos/refresh.ts b/server/lib/activitypub/videos/refresh.ts
index 71a4e75b0..f1a3a6fac 100644
--- a/server/lib/activitypub/videos/refresh.ts
+++ b/server/lib/activitypub/videos/refresh.ts
@@ -1,7 +1,7 @@
 import { logger, loggerTagsFactory } from '@server/helpers/logger'
 import { PeerTubeRequestError } from '@server/helpers/requests'
-import { VideoFetchByUrlType } from '@server/helpers/video'
 import { ActorFollowScoreCache } from '@server/lib/files-cache'
+import { VideoFetchByUrlType } from '@server/lib/model-loaders'
 import { VideoModel } from '@server/models/video/video'
 import { MVideoAccountLightBlacklistAllFiles, MVideoThumbnail } from '@server/types/models'
 import { HttpStatusCode } from '@shared/core-utils'
diff --git a/server/lib/job-queue/handlers/activitypub-follow.ts b/server/lib/job-queue/handlers/activitypub-follow.ts
index 76b6fcaae..f896d7af4 100644
--- a/server/lib/job-queue/handlers/activitypub-follow.ts
+++ b/server/lib/job-queue/handlers/activitypub-follow.ts
@@ -4,13 +4,12 @@ import { ActivitypubFollowPayload } from '@shared/models'
 import { sanitizeHost } from '../../../helpers/core-utils'
 import { retryTransactionWrapper } from '../../../helpers/database-utils'
 import { logger } from '../../../helpers/logger'
-import { loadActorUrlOrGetFromWebfinger } from '../../../helpers/webfinger'
 import { REMOTE_SCHEME, WEBSERVER } from '../../../initializers/constants'
 import { sequelizeTypescript } from '../../../initializers/database'
 import { ActorModel } from '../../../models/actor/actor'
 import { ActorFollowModel } from '../../../models/actor/actor-follow'
 import { MActor, MActorFollowActors, MActorFull } from '../../../types/models'
-import { getOrCreateAPActor } from '../../activitypub/actors'
+import { getOrCreateAPActor, loadActorUrlOrGetFromWebfinger } from '../../activitypub/actors'
 import { sendFollow } from '../../activitypub/send'
 import { Notifier } from '../../notifier'
diff --git a/server/lib/job-queue/handlers/activitypub-refresher.ts b/server/lib/job-queue/handlers/activitypub-refresher.ts
index 29483f310..2508a4793 100644
--- a/server/lib/job-queue/handlers/activitypub-refresher.ts
+++ b/server/lib/job-queue/handlers/activitypub-refresher.ts
@@ -1,9 +1,9 @@
 import * as Bull from 'bull'
 import { refreshVideoPlaylistIfNeeded } from '@server/lib/activitypub/playlists'
 import { refreshVideoIfNeeded } from '@server/lib/activitypub/videos'
+import { fetchVideoByUrl } from '@server/lib/model-loaders'
 import { RefreshPayload } from '@shared/models'
 import { logger } from '../../../helpers/logger'
-import { fetchVideoByUrl } from '../../../helpers/video'
 import { ActorModel } from '../../../models/actor/actor'
 import { VideoPlaylistModel } from '../../../models/video/video-playlist'
 import { refreshActorIfNeeded } from '../../activitypub/actors'
diff --git a/server/lib/model-loaders/actor.ts b/server/lib/model-loaders/actor.ts
new file mode 100644
index 000000000..234cb344f
--- /dev/null
+++ b/server/lib/model-loaders/actor.ts
@@ -0,0 +1,16 @@
+import { ActorModel } from '../../models/actor/actor'
+import { MActorAccountChannelId, MActorFull } from '../../types/models'
+type ActorFetchByUrlType = 'all' | 'association-ids'
+function fetchActorByUrl (url: string, fetchType: ActorFetchByUrlType): Promise<MActorFull | MActorAccountChannelId> {
+  if (fetchType === 'all') return ActorModel.loadByUrlAndPopulateAccountAndChannel(url)
+  if (fetchType === 'association-ids') return ActorModel.loadByUrl(url)
+}
+export {
+  ActorFetchByUrlType,
+  fetchActorByUrl
+}
diff --git a/server/lib/model-loaders/index.ts b/server/lib/model-loaders/index.ts
new file mode 100644
index 000000000..9e5152cb2
--- /dev/null
+++ b/server/lib/model-loaders/index.ts
@@ -0,0 +1,2 @@
+export * from './actor'
+export * from './video'
diff --git a/server/lib/model-loaders/video.ts b/server/lib/model-loaders/video.ts
new file mode 100644
index 000000000..7aaf00e89
--- /dev/null
+++ b/server/lib/model-loaders/video.ts
@@ -0,0 +1,64 @@
+import { VideoModel } from '@server/models/video/video'
+import {
+  MVideoAccountLightBlacklistAllFiles,
+  MVideoFullLight,
+  MVideoIdThumbnail,
+  MVideoImmutable,
+  MVideoThumbnail,
+  MVideoWithRights
+} from '@server/types/models'
+type VideoFetchType = 'all' | 'only-video' | 'only-video-with-rights' | 'id' | 'none' | 'only-immutable-attributes'
+function fetchVideo (id: number | string, fetchType: 'all', userId?: number): Promise<MVideoFullLight>
+function fetchVideo (id: number | string, fetchType: 'only-immutable-attributes'): Promise<MVideoImmutable>
+function fetchVideo (id: number | string, fetchType: 'only-video', userId?: number): Promise<MVideoThumbnail>
+function fetchVideo (id: number | string, fetchType: 'only-video-with-rights', userId?: number): Promise<MVideoWithRights>
+function fetchVideo (id: number | string, fetchType: 'id' | 'none', userId?: number): Promise<MVideoIdThumbnail>
+function fetchVideo (
+  id: number | string,
+  fetchType: VideoFetchType,
+  userId?: number
+): Promise<MVideoFullLight | MVideoThumbnail | MVideoWithRights | MVideoIdThumbnail | MVideoImmutable>
+function fetchVideo (
+  id: number | string,
+  fetchType: VideoFetchType,
+  userId?: number
+): Promise<MVideoFullLight | MVideoThumbnail | MVideoWithRights | MVideoIdThumbnail | MVideoImmutable> {
+  if (fetchType === 'all') return VideoModel.loadAndPopulateAccountAndServerAndTags(id, undefined, userId)
+  if (fetchType === 'only-immutable-attributes') return VideoModel.loadImmutableAttributes(id)
+  if (fetchType === 'only-video-with-rights') return VideoModel.loadWithRights(id)
+  if (fetchType === 'only-video') return VideoModel.load(id)
+  if (fetchType === 'id' || fetchType === 'none') return VideoModel.loadOnlyId(id)
+}
+type VideoFetchByUrlType = 'all' | 'only-video' | 'only-immutable-attributes'
+function fetchVideoByUrl (url: string, fetchType: 'all'): Promise<MVideoAccountLightBlacklistAllFiles>
+function fetchVideoByUrl (url: string, fetchType: 'only-immutable-attributes'): Promise<MVideoImmutable>
+function fetchVideoByUrl (url: string, fetchType: 'only-video'): Promise<MVideoThumbnail>
+function fetchVideoByUrl (
+  url: string,
+  fetchType: VideoFetchByUrlType
+): Promise<MVideoAccountLightBlacklistAllFiles | MVideoThumbnail | MVideoImmutable>
+function fetchVideoByUrl (
+  url: string,
+  fetchType: VideoFetchByUrlType
+): Promise<MVideoAccountLightBlacklistAllFiles | MVideoThumbnail | MVideoImmutable> {
+  if (fetchType === 'all') return VideoModel.loadByUrlAndPopulateAccount(url)
+  if (fetchType === 'only-immutable-attributes') return VideoModel.loadByUrlImmutableAttributes(url)
+  if (fetchType === 'only-video') return VideoModel.loadByUrl(url)
+}
+export {
+  VideoFetchType,
+  VideoFetchByUrlType,
+  fetchVideo,
+  fetchVideoByUrl
+}
diff --git a/server/lib/server-config-manager.ts b/server/lib/server-config-manager.ts
index 25a770c6b..80d87a9d3 100644
--- a/server/lib/server-config-manager.ts
+++ b/server/lib/server-config-manager.ts
@@ -1,7 +1,7 @@
-import { isSignupAllowed, isSignupAllowedForCurrentIP } from '@server/helpers/signup'
 import { getServerCommit } from '@server/helpers/utils'
 import { CONFIG, isEmailEnabled } from '@server/initializers/config'
 import { CONSTRAINTS_FIELDS, DEFAULT_THEME_NAME, PEERTUBE_VERSION } from '@server/initializers/constants'
+import { isSignupAllowed, isSignupAllowedForCurrentIP } from '@server/lib/signup'
 import { ActorCustomPageModel } from '@server/models/account/actor-custom-page'
 import { HTMLServerConfig, RegisteredExternalAuthConfig, RegisteredIdAndPassAuthConfig, ServerConfig } from '@shared/models'
 import { Hooks } from './plugins/hooks'
diff --git a/server/lib/signup.ts b/server/lib/signup.ts
new file mode 100644
index 000000000..8fa81e601
--- /dev/null
+++ b/server/lib/signup.ts
@@ -0,0 +1,62 @@
+import { UserModel } from '../models/user/user'
+import * as ipaddr from 'ipaddr.js'
+import { CONFIG } from '../initializers/config'
+const isCidr = require('is-cidr')
+async function isSignupAllowed (): Promise<{ allowed: boolean, errorMessage?: string }> {
+  if (CONFIG.SIGNUP.ENABLED === false) {
+    return { allowed: false }
+  }
+  // No limit and signup is enabled
+  if (CONFIG.SIGNUP.LIMIT === -1) {
+    return { allowed: true }
+  }
+  const totalUsers = await UserModel.countTotal()
+  return { allowed: totalUsers < CONFIG.SIGNUP.LIMIT }
+}
+function isSignupAllowedForCurrentIP (ip: string) {
+  if (!ip) return false
+  const addr = ipaddr.parse(ip)
+  const excludeList = [ 'blacklist' ]
+  let matched = ''
+  // if there is a valid, non-empty whitelist, we exclude all unknown adresses too
+  if (CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr(cidr)).length > 0) {
+    excludeList.push('unknown')
+  }
+  if (addr.kind() === 'ipv4') {
+    const addrV4 = ipaddr.IPv4.parse(ip)
+    const rangeList = {
+      whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr.v4(cidr))
+                       .map(cidr => ipaddr.IPv4.parseCIDR(cidr)),
+      blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isCidr.v4(cidr))
+                       .map(cidr => ipaddr.IPv4.parseCIDR(cidr))
+    }
+    matched = ipaddr.subnetMatch(addrV4, rangeList, 'unknown')
+  } else if (addr.kind() === 'ipv6') {
+    const addrV6 = ipaddr.IPv6.parse(ip)
+    const rangeList = {
+      whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr.v6(cidr))
+                       .map(cidr => ipaddr.IPv6.parseCIDR(cidr)),
+      blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isCidr.v6(cidr))
+                       .map(cidr => ipaddr.IPv6.parseCIDR(cidr))
+    }
+    matched = ipaddr.subnetMatch(addrV6, rangeList, 'unknown')
+  }
+  return !excludeList.includes(matched)
+}
+// ---------------------------------------------------------------------------
+export {
+  isSignupAllowed,
+  isSignupAllowedForCurrentIP
+}

diff --git a/server/lib/activitypub/actors/get.ts b/server/lib/activitypub/actors/get.ts index 0d5bea789..e7e87a967 100644 --- a/server/lib/activitypub/actors/get.ts +++ b/server/lib/activitypub/actors/get.ts
@@ -1,9 +1,9 @@
1		1
2	import { checkUrlsSameHost, getAPId } from '@server/helpers/activitypub'	2	import { checkUrlsSameHost, getAPId } from '@server/helpers/activitypub'
3	import { ActorFetchByUrlType, fetchActorByUrl } from '@server/helpers/actor'
4	import { retryTransactionWrapper } from '@server/helpers/database-utils'	3	import { retryTransactionWrapper } from '@server/helpers/database-utils'
5	import { logger } from '@server/helpers/logger'	4	import { logger } from '@server/helpers/logger'
6	import { JobQueue } from '@server/lib/job-queue'	5	import { JobQueue } from '@server/lib/job-queue'
		6	import { ActorFetchByUrlType, fetchActorByUrl } from '@server/lib/model-loaders'
7	import { MActor, MActorAccountChannelId, MActorAccountChannelIdActor, MActorAccountId, MActorFullActor } from '@server/types/models'	7	import { MActor, MActorAccountChannelId, MActorAccountChannelIdActor, MActorAccountId, MActorFullActor } from '@server/types/models'
8	import { ActivityPubActor } from '@shared/models'	8	import { ActivityPubActor } from '@shared/models'
9	import { refreshActorIfNeeded } from './refresh'	9	import { refreshActorIfNeeded } from './refresh'


diff --git a/server/lib/activitypub/actors/index.ts b/server/lib/activitypub/actors/index.ts index a54da6798..5ee2a6f1a 100644 --- a/server/lib/activitypub/actors/index.ts +++ b/server/lib/activitypub/actors/index.ts
@@ -3,3 +3,4 @@ export * from './image'
3	export * from './keys'	3	export * from './keys'
4	export * from './refresh'	4	export * from './refresh'
5	export * from './updater'	5	export * from './updater'
		6	export * from './webfinger'


diff --git a/server/lib/activitypub/actors/refresh.ts b/server/lib/activitypub/actors/refresh.ts index ff3b249d0..9f2289bfa 100644 --- a/server/lib/activitypub/actors/refresh.ts +++ b/server/lib/activitypub/actors/refresh.ts
@@ -1,12 +1,12 @@
1	import { ActorFetchByUrlType } from '@server/helpers/actor'
2	import { logger } from '@server/helpers/logger'	1	import { logger } from '@server/helpers/logger'
3	import { PeerTubeRequestError } from '@server/helpers/requests'	2	import { PeerTubeRequestError } from '@server/helpers/requests'
4	import { getUrlFromWebfinger } from '@server/helpers/webfinger'	3	import { ActorFetchByUrlType } from '@server/lib/model-loaders'
5	import { ActorModel } from '@server/models/actor/actor'	4	import { ActorModel } from '@server/models/actor/actor'
6	import { MActorAccountChannelId, MActorFull } from '@server/types/models'	5	import { MActorAccountChannelId, MActorFull } from '@server/types/models'
7	import { HttpStatusCode } from '@shared/core-utils'	6	import { HttpStatusCode } from '@shared/core-utils'
8	import { fetchRemoteActor } from './shared'	7	import { fetchRemoteActor } from './shared'
9	import { APActorUpdater } from './updater'	8	import { APActorUpdater } from './updater'
		9	import { getUrlFromWebfinger } from './webfinger'
10		10
11	async function refreshActorIfNeeded <T extends MActorFull \| MActorAccountChannelId> (	11	async function refreshActorIfNeeded <T extends MActorFull \| MActorAccountChannelId> (
12	actorArg: T,	12	actorArg: T,


diff --git a/server/lib/activitypub/actors/shared/index.ts b/server/lib/activitypub/actors/shared/index.ts index a2ff468cf..52af1a8e1 100644 --- a/server/lib/activitypub/actors/shared/index.ts +++ b/server/lib/activitypub/actors/shared/index.ts
@@ -1,3 +1,3 @@
1	export * from './creator'	1	export * from './creator'
2	export * from './url-to-object'
3	export * from './object-to-model-attributes'	2	export * from './object-to-model-attributes'
		3	export * from './url-to-object'


diff --git a/server/lib/activitypub/actors/webfinger.ts b/server/lib/activitypub/actors/webfinger.ts new file mode 100644 index 000000000..cf8eddfc7 --- /dev/null +++ b/server/lib/activitypub/actors/webfinger.ts
@@ -0,0 +1,67 @@
		1	import * as WebFinger from 'webfinger.js'
		2	import { isTestInstance } from '@server/helpers/core-utils'
		3	import { isActivityPubUrlValid } from '@server/helpers/custom-validators/activitypub/misc'
		4	import { WEBSERVER } from '@server/initializers/constants'
		5	import { ActorModel } from '@server/models/actor/actor'
		6	import { MActorFull } from '@server/types/models'
		7	import { WebFingerData } from '@shared/models'
		8
		9	const webfinger = new WebFinger({
		10	webfist_fallback: false,
		11	tls_only: isTestInstance(),
		12	uri_fallback: false,
		13	request_timeout: 3000
		14	})
		15
		16	async function loadActorUrlOrGetFromWebfinger (uriArg: string) {
		17	// Handle strings like @toto@example.com
		18	const uri = uriArg.startsWith('@') ? uriArg.slice(1) : uriArg
		19
		20	const [ name, host ] = uri.split('@')
		21	let actor: MActorFull
		22
		23	if (!host \|\| host === WEBSERVER.HOST) {
		24	actor = await ActorModel.loadLocalByName(name)
		25	} else {
		26	actor = await ActorModel.loadByNameAndHost(name, host)
		27	}
		28
		29	if (actor) return actor.url
		30
		31	return getUrlFromWebfinger(uri)
		32	}
		33
		34	async function getUrlFromWebfinger (uri: string) {
		35	const webfingerData: WebFingerData = await webfingerLookup(uri)
		36	return getLinkOrThrow(webfingerData)
		37	}
		38
		39	// ---------------------------------------------------------------------------
		40
		41	export {
		42	getUrlFromWebfinger,
		43	loadActorUrlOrGetFromWebfinger
		44	}
		45
		46	// ---------------------------------------------------------------------------
		47
		48	function getLinkOrThrow (webfingerData: WebFingerData) {
		49	if (Array.isArray(webfingerData.links) === false) throw new Error('WebFinger links is not an array.')
		50
		51	const selfLink = webfingerData.links.find(l => l.rel === 'self')
		52	if (selfLink === undefined \|\| isActivityPubUrlValid(selfLink.href) === false) {
		53	throw new Error('Cannot find self link or href is not a valid URL.')
		54	}
		55
		56	return selfLink.href
		57	}
		58
		59	function webfingerLookup (nameWithHost: string) {
		60	return new Promise<WebFingerData>((res, rej) => {
		61	webfinger.lookup(nameWithHost, (err, p) => {
		62	if (err) return rej(err)
		63
		64	return res(p.object)
		65	})
		66	})
		67	}


diff --git a/server/lib/activitypub/videos/get.ts b/server/lib/activitypub/videos/get.ts index a8c41e178..38ba4978c 100644 --- a/server/lib/activitypub/videos/get.ts +++ b/server/lib/activitypub/videos/get.ts
@@ -1,7 +1,7 @@
1	import { getAPId } from '@server/helpers/activitypub'	1	import { getAPId } from '@server/helpers/activitypub'
2	import { retryTransactionWrapper } from '@server/helpers/database-utils'	2	import { retryTransactionWrapper } from '@server/helpers/database-utils'
3	import { fetchVideoByUrl, VideoFetchByUrlType } from '@server/helpers/video'
4	import { JobQueue } from '@server/lib/job-queue'	3	import { JobQueue } from '@server/lib/job-queue'
		4	import { fetchVideoByUrl, VideoFetchByUrlType } from '@server/lib/model-loaders'
5	import { MVideoAccountLightBlacklistAllFiles, MVideoImmutable, MVideoThumbnail } from '@server/types/models'	5	import { MVideoAccountLightBlacklistAllFiles, MVideoImmutable, MVideoThumbnail } from '@server/types/models'
6	import { refreshVideoIfNeeded } from './refresh'	6	import { refreshVideoIfNeeded } from './refresh'
7	import { APVideoCreator, fetchRemoteVideo, SyncParam, syncVideoExternalAttributes } from './shared'	7	import { APVideoCreator, fetchRemoteVideo, SyncParam, syncVideoExternalAttributes } from './shared'


diff --git a/server/lib/activitypub/videos/refresh.ts b/server/lib/activitypub/videos/refresh.ts index 71a4e75b0..f1a3a6fac 100644 --- a/server/lib/activitypub/videos/refresh.ts +++ b/server/lib/activitypub/videos/refresh.ts
@@ -1,7 +1,7 @@
1	import { logger, loggerTagsFactory } from '@server/helpers/logger'	1	import { logger, loggerTagsFactory } from '@server/helpers/logger'
2	import { PeerTubeRequestError } from '@server/helpers/requests'	2	import { PeerTubeRequestError } from '@server/helpers/requests'
3	import { VideoFetchByUrlType } from '@server/helpers/video'
4	import { ActorFollowScoreCache } from '@server/lib/files-cache'	3	import { ActorFollowScoreCache } from '@server/lib/files-cache'
		4	import { VideoFetchByUrlType } from '@server/lib/model-loaders'
5	import { VideoModel } from '@server/models/video/video'	5	import { VideoModel } from '@server/models/video/video'
6	import { MVideoAccountLightBlacklistAllFiles, MVideoThumbnail } from '@server/types/models'	6	import { MVideoAccountLightBlacklistAllFiles, MVideoThumbnail } from '@server/types/models'
7	import { HttpStatusCode } from '@shared/core-utils'	7	import { HttpStatusCode } from '@shared/core-utils'


diff --git a/server/lib/job-queue/handlers/activitypub-follow.ts b/server/lib/job-queue/handlers/activitypub-follow.ts index 76b6fcaae..f896d7af4 100644 --- a/server/lib/job-queue/handlers/activitypub-follow.ts +++ b/server/lib/job-queue/handlers/activitypub-follow.ts
@@ -4,13 +4,12 @@ import { ActivitypubFollowPayload } from '@shared/models'
4	import { sanitizeHost } from '../../../helpers/core-utils'	4	import { sanitizeHost } from '../../../helpers/core-utils'
5	import { retryTransactionWrapper } from '../../../helpers/database-utils'	5	import { retryTransactionWrapper } from '../../../helpers/database-utils'
6	import { logger } from '../../../helpers/logger'	6	import { logger } from '../../../helpers/logger'
7	import { loadActorUrlOrGetFromWebfinger } from '../../../helpers/webfinger'
8	import { REMOTE_SCHEME, WEBSERVER } from '../../../initializers/constants'	7	import { REMOTE_SCHEME, WEBSERVER } from '../../../initializers/constants'
9	import { sequelizeTypescript } from '../../../initializers/database'	8	import { sequelizeTypescript } from '../../../initializers/database'
10	import { ActorModel } from '../../../models/actor/actor'	9	import { ActorModel } from '../../../models/actor/actor'
11	import { ActorFollowModel } from '../../../models/actor/actor-follow'	10	import { ActorFollowModel } from '../../../models/actor/actor-follow'
12	import { MActor, MActorFollowActors, MActorFull } from '../../../types/models'	11	import { MActor, MActorFollowActors, MActorFull } from '../../../types/models'
13	import { getOrCreateAPActor } from '../../activitypub/actors'	12	import { getOrCreateAPActor, loadActorUrlOrGetFromWebfinger } from '../../activitypub/actors'
14	import { sendFollow } from '../../activitypub/send'	13	import { sendFollow } from '../../activitypub/send'
15	import { Notifier } from '../../notifier'	14	import { Notifier } from '../../notifier'
16		15


diff --git a/server/lib/job-queue/handlers/activitypub-refresher.ts b/server/lib/job-queue/handlers/activitypub-refresher.ts index 29483f310..2508a4793 100644 --- a/server/lib/job-queue/handlers/activitypub-refresher.ts +++ b/server/lib/job-queue/handlers/activitypub-refresher.ts
@@ -1,9 +1,9 @@
1	import * as Bull from 'bull'	1	import * as Bull from 'bull'
2	import { refreshVideoPlaylistIfNeeded } from '@server/lib/activitypub/playlists'	2	import { refreshVideoPlaylistIfNeeded } from '@server/lib/activitypub/playlists'
3	import { refreshVideoIfNeeded } from '@server/lib/activitypub/videos'	3	import { refreshVideoIfNeeded } from '@server/lib/activitypub/videos'
		4	import { fetchVideoByUrl } from '@server/lib/model-loaders'
4	import { RefreshPayload } from '@shared/models'	5	import { RefreshPayload } from '@shared/models'
5	import { logger } from '../../../helpers/logger'	6	import { logger } from '../../../helpers/logger'
6	import { fetchVideoByUrl } from '../../../helpers/video'
7	import { ActorModel } from '../../../models/actor/actor'	7	import { ActorModel } from '../../../models/actor/actor'
8	import { VideoPlaylistModel } from '../../../models/video/video-playlist'	8	import { VideoPlaylistModel } from '../../../models/video/video-playlist'
9	import { refreshActorIfNeeded } from '../../activitypub/actors'	9	import { refreshActorIfNeeded } from '../../activitypub/actors'


diff --git a/server/lib/model-loaders/actor.ts b/server/lib/model-loaders/actor.ts new file mode 100644 index 000000000..234cb344f --- /dev/null +++ b/server/lib/model-loaders/actor.ts
@@ -0,0 +1,16 @@
		1
		2	import { ActorModel } from '../../models/actor/actor'
		3	import { MActorAccountChannelId, MActorFull } from '../../types/models'
		4
		5	type ActorFetchByUrlType = 'all' \| 'association-ids'
		6
		7	function fetchActorByUrl (url: string, fetchType: ActorFetchByUrlType): Promise<MActorFull \| MActorAccountChannelId> {
		8	if (fetchType === 'all') return ActorModel.loadByUrlAndPopulateAccountAndChannel(url)
		9
		10	if (fetchType === 'association-ids') return ActorModel.loadByUrl(url)
		11	}
		12
		13	export {
		14	ActorFetchByUrlType,
		15	fetchActorByUrl
		16	}


diff --git a/server/lib/model-loaders/index.ts b/server/lib/model-loaders/index.ts new file mode 100644 index 000000000..9e5152cb2 --- /dev/null +++ b/server/lib/model-loaders/index.ts
@@ -0,0 +1,2 @@
		1	export * from './actor'
		2	export * from './video'


diff --git a/server/lib/model-loaders/video.ts b/server/lib/model-loaders/video.ts new file mode 100644 index 000000000..7aaf00e89 --- /dev/null +++ b/server/lib/model-loaders/video.ts
@@ -0,0 +1,64 @@
		1	import { VideoModel } from '@server/models/video/video'
		2	import {
		3	MVideoAccountLightBlacklistAllFiles,
		4	MVideoFullLight,
		5	MVideoIdThumbnail,
		6	MVideoImmutable,
		7	MVideoThumbnail,
		8	MVideoWithRights
		9	} from '@server/types/models'
		10
		11	type VideoFetchType = 'all' \| 'only-video' \| 'only-video-with-rights' \| 'id' \| 'none' \| 'only-immutable-attributes'
		12
		13	function fetchVideo (id: number \| string, fetchType: 'all', userId?: number): Promise<MVideoFullLight>
		14	function fetchVideo (id: number \| string, fetchType: 'only-immutable-attributes'): Promise<MVideoImmutable>
		15	function fetchVideo (id: number \| string, fetchType: 'only-video', userId?: number): Promise<MVideoThumbnail>
		16	function fetchVideo (id: number \| string, fetchType: 'only-video-with-rights', userId?: number): Promise<MVideoWithRights>
		17	function fetchVideo (id: number \| string, fetchType: 'id' \| 'none', userId?: number): Promise<MVideoIdThumbnail>
		18	function fetchVideo (
		19	id: number \| string,
		20	fetchType: VideoFetchType,
		21	userId?: number
		22	): Promise<MVideoFullLight \| MVideoThumbnail \| MVideoWithRights \| MVideoIdThumbnail \| MVideoImmutable>
		23	function fetchVideo (
		24	id: number \| string,
		25	fetchType: VideoFetchType,
		26	userId?: number
		27	): Promise<MVideoFullLight \| MVideoThumbnail \| MVideoWithRights \| MVideoIdThumbnail \| MVideoImmutable> {
		28	if (fetchType === 'all') return VideoModel.loadAndPopulateAccountAndServerAndTags(id, undefined, userId)
		29
		30	if (fetchType === 'only-immutable-attributes') return VideoModel.loadImmutableAttributes(id)
		31
		32	if (fetchType === 'only-video-with-rights') return VideoModel.loadWithRights(id)
		33
		34	if (fetchType === 'only-video') return VideoModel.load(id)
		35
		36	if (fetchType === 'id' \|\| fetchType === 'none') return VideoModel.loadOnlyId(id)
		37	}
		38
		39	type VideoFetchByUrlType = 'all' \| 'only-video' \| 'only-immutable-attributes'
		40
		41	function fetchVideoByUrl (url: string, fetchType: 'all'): Promise<MVideoAccountLightBlacklistAllFiles>
		42	function fetchVideoByUrl (url: string, fetchType: 'only-immutable-attributes'): Promise<MVideoImmutable>
		43	function fetchVideoByUrl (url: string, fetchType: 'only-video'): Promise<MVideoThumbnail>
		44	function fetchVideoByUrl (
		45	url: string,
		46	fetchType: VideoFetchByUrlType
		47	): Promise<MVideoAccountLightBlacklistAllFiles \| MVideoThumbnail \| MVideoImmutable>
		48	function fetchVideoByUrl (
		49	url: string,
		50	fetchType: VideoFetchByUrlType
		51	): Promise<MVideoAccountLightBlacklistAllFiles \| MVideoThumbnail \| MVideoImmutable> {
		52	if (fetchType === 'all') return VideoModel.loadByUrlAndPopulateAccount(url)
		53
		54	if (fetchType === 'only-immutable-attributes') return VideoModel.loadByUrlImmutableAttributes(url)
		55
		56	if (fetchType === 'only-video') return VideoModel.loadByUrl(url)
		57	}
		58
		59	export {
		60	VideoFetchType,
		61	VideoFetchByUrlType,
		62	fetchVideo,
		63	fetchVideoByUrl
		64	}


diff --git a/server/lib/server-config-manager.ts b/server/lib/server-config-manager.ts index 25a770c6b..80d87a9d3 100644 --- a/server/lib/server-config-manager.ts +++ b/server/lib/server-config-manager.ts
@@ -1,7 +1,7 @@
1	import { isSignupAllowed, isSignupAllowedForCurrentIP } from '@server/helpers/signup'
2	import { getServerCommit } from '@server/helpers/utils'	1	import { getServerCommit } from '@server/helpers/utils'
3	import { CONFIG, isEmailEnabled } from '@server/initializers/config'	2	import { CONFIG, isEmailEnabled } from '@server/initializers/config'
4	import { CONSTRAINTS_FIELDS, DEFAULT_THEME_NAME, PEERTUBE_VERSION } from '@server/initializers/constants'	3	import { CONSTRAINTS_FIELDS, DEFAULT_THEME_NAME, PEERTUBE_VERSION } from '@server/initializers/constants'
		4	import { isSignupAllowed, isSignupAllowedForCurrentIP } from '@server/lib/signup'
5	import { ActorCustomPageModel } from '@server/models/account/actor-custom-page'	5	import { ActorCustomPageModel } from '@server/models/account/actor-custom-page'
6	import { HTMLServerConfig, RegisteredExternalAuthConfig, RegisteredIdAndPassAuthConfig, ServerConfig } from '@shared/models'	6	import { HTMLServerConfig, RegisteredExternalAuthConfig, RegisteredIdAndPassAuthConfig, ServerConfig } from '@shared/models'
7	import { Hooks } from './plugins/hooks'	7	import { Hooks } from './plugins/hooks'


diff --git a/server/lib/signup.ts b/server/lib/signup.ts new file mode 100644 index 000000000..8fa81e601 --- /dev/null +++ b/server/lib/signup.ts
@@ -0,0 +1,62 @@
		1	import { UserModel } from '../models/user/user'
		2	import * as ipaddr from 'ipaddr.js'
		3	import { CONFIG } from '../initializers/config'
		4
		5	const isCidr = require('is-cidr')
		6
		7	async function isSignupAllowed (): Promise<{ allowed: boolean, errorMessage?: string }> {
		8	if (CONFIG.SIGNUP.ENABLED === false) {
		9	return { allowed: false }
		10	}
		11
		12	// No limit and signup is enabled
		13	if (CONFIG.SIGNUP.LIMIT === -1) {
		14	return { allowed: true }
		15	}
		16
		17	const totalUsers = await UserModel.countTotal()
		18
		19	return { allowed: totalUsers < CONFIG.SIGNUP.LIMIT }
		20	}
		21
		22	function isSignupAllowedForCurrentIP (ip: string) {
		23	if (!ip) return false
		24
		25	const addr = ipaddr.parse(ip)
		26	const excludeList = [ 'blacklist' ]
		27	let matched = ''
		28
		29	// if there is a valid, non-empty whitelist, we exclude all unknown adresses too
		30	if (CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr(cidr)).length > 0) {
		31	excludeList.push('unknown')
		32	}
		33
		34	if (addr.kind() === 'ipv4') {
		35	const addrV4 = ipaddr.IPv4.parse(ip)
		36	const rangeList = {
		37	whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr.v4(cidr))
		38	.map(cidr => ipaddr.IPv4.parseCIDR(cidr)),
		39	blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isCidr.v4(cidr))
		40	.map(cidr => ipaddr.IPv4.parseCIDR(cidr))
		41	}
		42	matched = ipaddr.subnetMatch(addrV4, rangeList, 'unknown')
		43	} else if (addr.kind() === 'ipv6') {
		44	const addrV6 = ipaddr.IPv6.parse(ip)
		45	const rangeList = {
		46	whitelist: CONFIG.SIGNUP.FILTERS.CIDR.WHITELIST.filter(cidr => isCidr.v6(cidr))
		47	.map(cidr => ipaddr.IPv6.parseCIDR(cidr)),
		48	blacklist: CONFIG.SIGNUP.FILTERS.CIDR.BLACKLIST.filter(cidr => isCidr.v6(cidr))
		49	.map(cidr => ipaddr.IPv6.parseCIDR(cidr))
		50	}
		51	matched = ipaddr.subnetMatch(addrV6, rangeList, 'unknown')
		52	}
		53
		54	return !excludeList.includes(matched)
		55	}
		56
		57	// ---------------------------------------------------------------------------
		58
		59	export {
		60	isSignupAllowed,
		61	isSignupAllowedForCurrentIP
		62	}