1 files changed, 0 insertions, 255 deletions
diff --git a/server/middlewares/validators/abuse.ts b/server/middlewares/validators/abuse.ts
deleted file mode 100644
index 70bae1775..000000000
--- a/server/middlewares/validators/abuse.ts
+++ /dev/null
@@ -1,255 +0,0 @@
-import express from 'express'
-import { body, param, query } from 'express-validator'
-import {
-  areAbusePredefinedReasonsValid,
-  isAbuseFilterValid,
-  isAbuseMessageValid,
-  isAbuseModerationCommentValid,
-  isAbusePredefinedReasonValid,
-  isAbuseReasonValid,
-  isAbuseStateValid,
-  isAbuseTimestampCoherent,
-  isAbuseTimestampValid,
-  isAbuseVideoIsValid
-} from '@server/helpers/custom-validators/abuses'
-import { exists, isIdOrUUIDValid, isIdValid, toCompleteUUID, toIntOrNull } from '@server/helpers/custom-validators/misc'
-import { logger } from '@server/helpers/logger'
-import { AbuseMessageModel } from '@server/models/abuse/abuse-message'
-import { AbuseCreate, UserRight } from '@shared/models'
-import { HttpStatusCode } from '../../../shared/models/http/http-error-codes'
-import { areValidationErrors, doesAbuseExist, doesAccountIdExist, doesCommentIdExist, doesVideoExist } from './shared'
-import { forceNumber } from '@shared/core-utils'
-const abuseReportValidator = [
-  body('account.id')
-    .optional()
-    .custom(isIdValid),
-  body('video.id')
-    .optional()
-    .customSanitizer(toCompleteUUID)
-    .custom(isIdOrUUIDValid),
-  body('video.startAt')
-    .optional()
-    .customSanitizer(toIntOrNull)
-    .custom(isAbuseTimestampValid),
-  body('video.endAt')
-    .optional()
-    .customSanitizer(toIntOrNull)
-    .custom(isAbuseTimestampValid)
-    .bail()
-    .custom(isAbuseTimestampCoherent)
-    .withMessage('Should have a startAt timestamp beginning before endAt'),
-  body('comment.id')
-    .optional()
-    .custom(isIdValid),
-  body('reason')
-    .custom(isAbuseReasonValid),
-  body('predefinedReasons')
-    .optional()
-    .custom(areAbusePredefinedReasonsValid),
-  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    const body: AbuseCreate = req.body
-    if (body.video?.id && !await doesVideoExist(body.video.id, res)) return
-    if (body.account?.id && !await doesAccountIdExist(body.account.id, res)) return
-    if (body.comment?.id && !await doesCommentIdExist(body.comment.id, res)) return
-    if (!body.video?.id && !body.account?.id && !body.comment?.id) {
-      res.fail({ message: 'video id or account id or comment id is required.' })
-      return
-    }
-    return next()
-  }
-]
-const abuseGetValidator = [
-  param('id')
-    .custom(isIdValid),
-  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    if (!await doesAbuseExist(req.params.id, res)) return
-    return next()
-  }
-]
-const abuseUpdateValidator = [
-  param('id')
-    .custom(isIdValid),
-  body('state')
-    .optional()
-    .custom(isAbuseStateValid),
-  body('moderationComment')
-    .optional()
-    .custom(isAbuseModerationCommentValid),
-  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    if (!await doesAbuseExist(req.params.id, res)) return
-    return next()
-  }
-]
-const abuseListForAdminsValidator = [
-  query('id')
-    .optional()
-    .custom(isIdValid),
-  query('filter')
-    .optional()
-    .custom(isAbuseFilterValid),
-  query('predefinedReason')
-    .optional()
-    .custom(isAbusePredefinedReasonValid),
-  query('search')
-    .optional()
-    .custom(exists),
-  query('state')
-    .optional()
-    .custom(isAbuseStateValid),
-  query('videoIs')
-    .optional()
-    .custom(isAbuseVideoIsValid),
-  query('searchReporter')
-    .optional()
-    .custom(exists),
-  query('searchReportee')
-    .optional()
-    .custom(exists),
-  query('searchVideo')
-    .optional()
-    .custom(exists),
-  query('searchVideoChannel')
-    .optional()
-    .custom(exists),
-  (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    return next()
-  }
-]
-const abuseListForUserValidator = [
-  query('id')
-    .optional()
-    .custom(isIdValid),
-  query('search')
-    .optional()
-    .custom(exists),
-  query('state')
-    .optional()
-    .custom(isAbuseStateValid),
-  (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    return next()
-  }
-]
-const getAbuseValidator = [
-  param('id')
-    .custom(isIdValid),
-  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    if (!await doesAbuseExist(req.params.id, res)) return
-    const user = res.locals.oauth.token.user
-    const abuse = res.locals.abuse
-    if (user.hasRight(UserRight.MANAGE_ABUSES) !== true && abuse.reporterAccountId !== user.Account.id) {
-      const message = `User ${user.username} does not have right to get abuse ${abuse.id}`
-      logger.warn(message)
-      return res.fail({
-        status: HttpStatusCode.FORBIDDEN_403,
-        message
-      })
-    }
-    return next()
-  }
-]
-const checkAbuseValidForMessagesValidator = [
-  (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    const abuse = res.locals.abuse
-    if (abuse.ReporterAccount.isOwned() === false) {
-      return res.fail({ message: 'This abuse was created by a user of your instance.' })
-    }
-    return next()
-  }
-]
-const addAbuseMessageValidator = [
-  body('message')
-    .custom(isAbuseMessageValid),
-  (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    return next()
-  }
-]
-const deleteAbuseMessageValidator = [
-  param('messageId')
-    .custom(isIdValid),
-  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    if (areValidationErrors(req, res)) return
-    const user = res.locals.oauth.token.user
-    const abuse = res.locals.abuse
-    const messageId = forceNumber(req.params.messageId)
-    const abuseMessage = await AbuseMessageModel.loadByIdAndAbuseId(messageId, abuse.id)
-    if (!abuseMessage) {
-      return res.fail({
-        status: HttpStatusCode.NOT_FOUND_404,
-        message: 'Abuse message not found'
-      })
-    }
-    if (user.hasRight(UserRight.MANAGE_ABUSES) !== true && abuseMessage.accountId !== user.Account.id) {
-      return res.fail({
-        status: HttpStatusCode.FORBIDDEN_403,
-        message: 'Cannot delete this abuse message'
-      })
-    }
-    res.locals.abuseMessage = abuseMessage
-    return next()
-  }
-]
-// ---------------------------------------------------------------------------
-export {
-  abuseListForAdminsValidator,
-  abuseReportValidator,
-  abuseGetValidator,
-  addAbuseMessageValidator,
-  checkAbuseValidForMessagesValidator,
-  abuseUpdateValidator,
-  deleteAbuseMessageValidator,
-  abuseListForUserValidator,
-  getAbuseValidator
-}

diff --git a/server/middlewares/validators/abuse.ts b/server/middlewares/validators/abuse.ts deleted file mode 100644 index 70bae1775..000000000 --- a/server/middlewares/validators/abuse.ts +++ /dev/null
@@ -1,255 +0,0 @@
1	import express from 'express'
2	import { body, param, query } from 'express-validator'
3	import {
4	areAbusePredefinedReasonsValid,
5	isAbuseFilterValid,
6	isAbuseMessageValid,
7	isAbuseModerationCommentValid,
8	isAbusePredefinedReasonValid,
9	isAbuseReasonValid,
10	isAbuseStateValid,
11	isAbuseTimestampCoherent,
12	isAbuseTimestampValid,
13	isAbuseVideoIsValid
14	} from '@server/helpers/custom-validators/abuses'
15	import { exists, isIdOrUUIDValid, isIdValid, toCompleteUUID, toIntOrNull } from '@server/helpers/custom-validators/misc'
16	import { logger } from '@server/helpers/logger'
17	import { AbuseMessageModel } from '@server/models/abuse/abuse-message'
18	import { AbuseCreate, UserRight } from '@shared/models'
19	import { HttpStatusCode } from '../../../shared/models/http/http-error-codes'
20	import { areValidationErrors, doesAbuseExist, doesAccountIdExist, doesCommentIdExist, doesVideoExist } from './shared'
21	import { forceNumber } from '@shared/core-utils'
22
23	const abuseReportValidator = [
24	body('account.id')
25	.optional()
26	.custom(isIdValid),
27
28	body('video.id')
29	.optional()
30	.customSanitizer(toCompleteUUID)
31	.custom(isIdOrUUIDValid),
32	body('video.startAt')
33	.optional()
34	.customSanitizer(toIntOrNull)
35	.custom(isAbuseTimestampValid),
36	body('video.endAt')
37	.optional()
38	.customSanitizer(toIntOrNull)
39	.custom(isAbuseTimestampValid)
40	.bail()
41	.custom(isAbuseTimestampCoherent)
42	.withMessage('Should have a startAt timestamp beginning before endAt'),
43
44	body('comment.id')
45	.optional()
46	.custom(isIdValid),
47
48	body('reason')
49	.custom(isAbuseReasonValid),
50
51	body('predefinedReasons')
52	.optional()
53	.custom(areAbusePredefinedReasonsValid),
54
55	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
56	if (areValidationErrors(req, res)) return
57
58	const body: AbuseCreate = req.body
59
60	if (body.video?.id && !await doesVideoExist(body.video.id, res)) return
61	if (body.account?.id && !await doesAccountIdExist(body.account.id, res)) return
62	if (body.comment?.id && !await doesCommentIdExist(body.comment.id, res)) return
63
64	if (!body.video?.id && !body.account?.id && !body.comment?.id) {
65	res.fail({ message: 'video id or account id or comment id is required.' })
66	return
67	}
68
69	return next()
70	}
71	]
72
73	const abuseGetValidator = [
74	param('id')
75	.custom(isIdValid),
76
77	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
78	if (areValidationErrors(req, res)) return
79	if (!await doesAbuseExist(req.params.id, res)) return
80
81	return next()
82	}
83	]
84
85	const abuseUpdateValidator = [
86	param('id')
87	.custom(isIdValid),
88
89	body('state')
90	.optional()
91	.custom(isAbuseStateValid),
92	body('moderationComment')
93	.optional()
94	.custom(isAbuseModerationCommentValid),
95
96	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
97	if (areValidationErrors(req, res)) return
98	if (!await doesAbuseExist(req.params.id, res)) return
99
100	return next()
101	}
102	]
103
104	const abuseListForAdminsValidator = [
105	query('id')
106	.optional()
107	.custom(isIdValid),
108	query('filter')
109	.optional()
110	.custom(isAbuseFilterValid),
111	query('predefinedReason')
112	.optional()
113	.custom(isAbusePredefinedReasonValid),
114	query('search')
115	.optional()
116	.custom(exists),
117	query('state')
118	.optional()
119	.custom(isAbuseStateValid),
120	query('videoIs')
121	.optional()
122	.custom(isAbuseVideoIsValid),
123	query('searchReporter')
124	.optional()
125	.custom(exists),
126	query('searchReportee')
127	.optional()
128	.custom(exists),
129	query('searchVideo')
130	.optional()
131	.custom(exists),
132	query('searchVideoChannel')
133	.optional()
134	.custom(exists),
135
136	(req: express.Request, res: express.Response, next: express.NextFunction) => {
137	if (areValidationErrors(req, res)) return
138
139	return next()
140	}
141	]
142
143	const abuseListForUserValidator = [
144	query('id')
145	.optional()
146	.custom(isIdValid),
147
148	query('search')
149	.optional()
150	.custom(exists),
151
152	query('state')
153	.optional()
154	.custom(isAbuseStateValid),
155
156	(req: express.Request, res: express.Response, next: express.NextFunction) => {
157	if (areValidationErrors(req, res)) return
158
159	return next()
160	}
161	]
162
163	const getAbuseValidator = [
164	param('id')
165	.custom(isIdValid),
166
167	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
168	if (areValidationErrors(req, res)) return
169	if (!await doesAbuseExist(req.params.id, res)) return
170
171	const user = res.locals.oauth.token.user
172	const abuse = res.locals.abuse
173
174	if (user.hasRight(UserRight.MANAGE_ABUSES) !== true && abuse.reporterAccountId !== user.Account.id) {
175	const message = `User ${user.username} does not have right to get abuse ${abuse.id}`
176	logger.warn(message)
177
178	return res.fail({
179	status: HttpStatusCode.FORBIDDEN_403,
180	message
181	})
182	}
183
184	return next()
185	}
186	]
187
188	const checkAbuseValidForMessagesValidator = [
189	(req: express.Request, res: express.Response, next: express.NextFunction) => {
190	const abuse = res.locals.abuse
191	if (abuse.ReporterAccount.isOwned() === false) {
192	return res.fail({ message: 'This abuse was created by a user of your instance.' })
193	}
194
195	return next()
196	}
197	]
198
199	const addAbuseMessageValidator = [
200	body('message')
201	.custom(isAbuseMessageValid),
202
203	(req: express.Request, res: express.Response, next: express.NextFunction) => {
204	if (areValidationErrors(req, res)) return
205
206	return next()
207	}
208	]
209
210	const deleteAbuseMessageValidator = [
211	param('messageId')
212	.custom(isIdValid),
213
214	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
215	if (areValidationErrors(req, res)) return
216
217	const user = res.locals.oauth.token.user
218	const abuse = res.locals.abuse
219
220	const messageId = forceNumber(req.params.messageId)
221	const abuseMessage = await AbuseMessageModel.loadByIdAndAbuseId(messageId, abuse.id)
222
223	if (!abuseMessage) {
224	return res.fail({
225	status: HttpStatusCode.NOT_FOUND_404,
226	message: 'Abuse message not found'
227	})
228	}
229
230	if (user.hasRight(UserRight.MANAGE_ABUSES) !== true && abuseMessage.accountId !== user.Account.id) {
231	return res.fail({
232	status: HttpStatusCode.FORBIDDEN_403,
233	message: 'Cannot delete this abuse message'
234	})
235	}
236
237	res.locals.abuseMessage = abuseMessage
238
239	return next()
240	}
241	]
242
243	// ---------------------------------------------------------------------------
244
245	export {
246	abuseListForAdminsValidator,
247	abuseReportValidator,
248	abuseGetValidator,
249	addAbuseMessageValidator,
250	checkAbuseValidForMessagesValidator,
251	abuseUpdateValidator,
252	deleteAbuseMessageValidator,
253	abuseListForUserValidator,
254	getAbuseValidator
255	}