diff options
Diffstat (limited to 'server/middlewares/validators/abuse.ts')
-rw-r--r-- | server/middlewares/validators/abuse.ts | 253 |
1 files changed, 253 insertions, 0 deletions
diff --git a/server/middlewares/validators/abuse.ts b/server/middlewares/validators/abuse.ts new file mode 100644 index 000000000..f098e2ff9 --- /dev/null +++ b/server/middlewares/validators/abuse.ts | |||
@@ -0,0 +1,253 @@ | |||
1 | import * as express from 'express' | ||
2 | import { body, param, query } from 'express-validator' | ||
3 | import { | ||
4 | isAbuseModerationCommentValid, | ||
5 | isAbusePredefinedReasonsValid, | ||
6 | isAbusePredefinedReasonValid, | ||
7 | isAbuseReasonValid, | ||
8 | isAbuseStateValid, | ||
9 | isAbuseTimestampCoherent, | ||
10 | isAbuseTimestampValid, | ||
11 | isAbuseVideoIsValid | ||
12 | } from '@server/helpers/custom-validators/abuses' | ||
13 | import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '@server/helpers/custom-validators/misc' | ||
14 | import { logger } from '@server/helpers/logger' | ||
15 | import { doesAbuseExist, doesVideoAbuseExist, doesVideoExist } from '@server/helpers/middlewares' | ||
16 | import { areValidationErrors } from './utils' | ||
17 | |||
18 | const abuseReportValidator = [ | ||
19 | param('videoId') | ||
20 | .custom(isIdOrUUIDValid) | ||
21 | .not() | ||
22 | .isEmpty() | ||
23 | .withMessage('Should have a valid videoId'), | ||
24 | body('reason') | ||
25 | .custom(isAbuseReasonValid) | ||
26 | .withMessage('Should have a valid reason'), | ||
27 | body('predefinedReasons') | ||
28 | .optional() | ||
29 | .custom(isAbusePredefinedReasonsValid) | ||
30 | .withMessage('Should have a valid list of predefined reasons'), | ||
31 | body('startAt') | ||
32 | .optional() | ||
33 | .customSanitizer(toIntOrNull) | ||
34 | .custom(isAbuseTimestampValid) | ||
35 | .withMessage('Should have valid starting time value'), | ||
36 | body('endAt') | ||
37 | .optional() | ||
38 | .customSanitizer(toIntOrNull) | ||
39 | .custom(isAbuseTimestampValid) | ||
40 | .withMessage('Should have valid ending time value') | ||
41 | .bail() | ||
42 | .custom(isAbuseTimestampCoherent) | ||
43 | .withMessage('Should have a startAt timestamp beginning before endAt'), | ||
44 | |||
45 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
46 | logger.debug('Checking abuseReport parameters', { parameters: req.body }) | ||
47 | |||
48 | if (areValidationErrors(req, res)) return | ||
49 | if (!await doesVideoExist(req.params.videoId, res)) return | ||
50 | |||
51 | // TODO: check comment or video (exlusive) | ||
52 | |||
53 | return next() | ||
54 | } | ||
55 | ] | ||
56 | |||
57 | const abuseGetValidator = [ | ||
58 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | ||
59 | param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'), | ||
60 | |||
61 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
62 | logger.debug('Checking abuseGetValidator parameters', { parameters: req.body }) | ||
63 | |||
64 | if (areValidationErrors(req, res)) return | ||
65 | // if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return | ||
66 | |||
67 | return next() | ||
68 | } | ||
69 | ] | ||
70 | |||
71 | const abuseUpdateValidator = [ | ||
72 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | ||
73 | param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'), | ||
74 | body('state') | ||
75 | .optional() | ||
76 | .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'), | ||
77 | body('moderationComment') | ||
78 | .optional() | ||
79 | .custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'), | ||
80 | |||
81 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
82 | logger.debug('Checking abuseUpdateValidator parameters', { parameters: req.body }) | ||
83 | |||
84 | if (areValidationErrors(req, res)) return | ||
85 | // if (!await doesAbuseExist(req.params.id, req.params.videoId, res)) return | ||
86 | |||
87 | return next() | ||
88 | } | ||
89 | ] | ||
90 | |||
91 | const abuseListValidator = [ | ||
92 | query('id') | ||
93 | .optional() | ||
94 | .custom(isIdValid).withMessage('Should have a valid id'), | ||
95 | query('predefinedReason') | ||
96 | .optional() | ||
97 | .custom(isAbusePredefinedReasonValid) | ||
98 | .withMessage('Should have a valid predefinedReason'), | ||
99 | query('search') | ||
100 | .optional() | ||
101 | .custom(exists).withMessage('Should have a valid search'), | ||
102 | query('state') | ||
103 | .optional() | ||
104 | .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'), | ||
105 | query('videoIs') | ||
106 | .optional() | ||
107 | .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'), | ||
108 | query('searchReporter') | ||
109 | .optional() | ||
110 | .custom(exists).withMessage('Should have a valid reporter search'), | ||
111 | query('searchReportee') | ||
112 | .optional() | ||
113 | .custom(exists).withMessage('Should have a valid reportee search'), | ||
114 | query('searchVideo') | ||
115 | .optional() | ||
116 | .custom(exists).withMessage('Should have a valid video search'), | ||
117 | query('searchVideoChannel') | ||
118 | .optional() | ||
119 | .custom(exists).withMessage('Should have a valid video channel search'), | ||
120 | |||
121 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
122 | logger.debug('Checking abuseListValidator parameters', { parameters: req.body }) | ||
123 | |||
124 | if (areValidationErrors(req, res)) return | ||
125 | |||
126 | return next() | ||
127 | } | ||
128 | ] | ||
129 | |||
130 | // FIXME: deprecated in 2.3. Remove these validators | ||
131 | |||
132 | const videoAbuseReportValidator = [ | ||
133 | param('videoId') | ||
134 | .custom(isIdOrUUIDValid) | ||
135 | .not() | ||
136 | .isEmpty() | ||
137 | .withMessage('Should have a valid videoId'), | ||
138 | body('reason') | ||
139 | .custom(isAbuseReasonValid) | ||
140 | .withMessage('Should have a valid reason'), | ||
141 | body('predefinedReasons') | ||
142 | .optional() | ||
143 | .custom(isAbusePredefinedReasonsValid) | ||
144 | .withMessage('Should have a valid list of predefined reasons'), | ||
145 | body('startAt') | ||
146 | .optional() | ||
147 | .customSanitizer(toIntOrNull) | ||
148 | .custom(isAbuseTimestampValid) | ||
149 | .withMessage('Should have valid starting time value'), | ||
150 | body('endAt') | ||
151 | .optional() | ||
152 | .customSanitizer(toIntOrNull) | ||
153 | .custom(isAbuseTimestampValid) | ||
154 | .withMessage('Should have valid ending time value') | ||
155 | .bail() | ||
156 | .custom(isAbuseTimestampCoherent) | ||
157 | .withMessage('Should have a startAt timestamp beginning before endAt'), | ||
158 | |||
159 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
160 | logger.debug('Checking videoAbuseReport parameters', { parameters: req.body }) | ||
161 | |||
162 | if (areValidationErrors(req, res)) return | ||
163 | if (!await doesVideoExist(req.params.videoId, res)) return | ||
164 | |||
165 | return next() | ||
166 | } | ||
167 | ] | ||
168 | |||
169 | const videoAbuseGetValidator = [ | ||
170 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | ||
171 | param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'), | ||
172 | |||
173 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
174 | logger.debug('Checking videoAbuseGetValidator parameters', { parameters: req.body }) | ||
175 | |||
176 | if (areValidationErrors(req, res)) return | ||
177 | if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return | ||
178 | |||
179 | return next() | ||
180 | } | ||
181 | ] | ||
182 | |||
183 | const videoAbuseUpdateValidator = [ | ||
184 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | ||
185 | param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'), | ||
186 | body('state') | ||
187 | .optional() | ||
188 | .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'), | ||
189 | body('moderationComment') | ||
190 | .optional() | ||
191 | .custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'), | ||
192 | |||
193 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
194 | logger.debug('Checking videoAbuseUpdateValidator parameters', { parameters: req.body }) | ||
195 | |||
196 | if (areValidationErrors(req, res)) return | ||
197 | if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return | ||
198 | |||
199 | return next() | ||
200 | } | ||
201 | ] | ||
202 | |||
203 | const videoAbuseListValidator = [ | ||
204 | query('id') | ||
205 | .optional() | ||
206 | .custom(isIdValid).withMessage('Should have a valid id'), | ||
207 | query('predefinedReason') | ||
208 | .optional() | ||
209 | .custom(isAbusePredefinedReasonValid) | ||
210 | .withMessage('Should have a valid predefinedReason'), | ||
211 | query('search') | ||
212 | .optional() | ||
213 | .custom(exists).withMessage('Should have a valid search'), | ||
214 | query('state') | ||
215 | .optional() | ||
216 | .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'), | ||
217 | query('videoIs') | ||
218 | .optional() | ||
219 | .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'), | ||
220 | query('searchReporter') | ||
221 | .optional() | ||
222 | .custom(exists).withMessage('Should have a valid reporter search'), | ||
223 | query('searchReportee') | ||
224 | .optional() | ||
225 | .custom(exists).withMessage('Should have a valid reportee search'), | ||
226 | query('searchVideo') | ||
227 | .optional() | ||
228 | .custom(exists).withMessage('Should have a valid video search'), | ||
229 | query('searchVideoChannel') | ||
230 | .optional() | ||
231 | .custom(exists).withMessage('Should have a valid video channel search'), | ||
232 | |||
233 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
234 | logger.debug('Checking videoAbuseListValidator parameters', { parameters: req.body }) | ||
235 | |||
236 | if (areValidationErrors(req, res)) return | ||
237 | |||
238 | return next() | ||
239 | } | ||
240 | ] | ||
241 | |||
242 | // --------------------------------------------------------------------------- | ||
243 | |||
244 | export { | ||
245 | abuseListValidator, | ||
246 | abuseReportValidator, | ||
247 | abuseGetValidator, | ||
248 | abuseUpdateValidator, | ||
249 | videoAbuseReportValidator, | ||
250 | videoAbuseGetValidator, | ||
251 | videoAbuseUpdateValidator, | ||
252 | videoAbuseListValidator | ||
253 | } | ||