1 files changed, 78 insertions, 0 deletions
diff --git a/server/middlewares/validators/server.ts b/server/middlewares/validators/server.ts
new file mode 100644
index 000000000..d85afc2ff
--- /dev/null
+++ b/server/middlewares/validators/server.ts
@@ -0,0 +1,78 @@
+import * as express from 'express'
+import { logger } from '../../helpers/logger'
+import { areValidationErrors } from './utils'
+import { isHostValid, isValidContactBody } from '../../helpers/custom-validators/servers'
+import { ServerModel } from '../../models/server/server'
+import { body } from 'express-validator/check'
+import { isUserDisplayNameValid } from '../../helpers/custom-validators/users'
+import { Emailer } from '../../lib/emailer'
+import { Redis } from '../../lib/redis'
+import { CONFIG } from '../../initializers/constants'
+const serverGetValidator = [
+  body('host').custom(isHostValid).withMessage('Should have a valid host'),
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking serverGetValidator parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    const server = await ServerModel.loadByHost(req.body.host)
+    if (!server) {
+      return res.status(404)
+         .send({ error: 'Server host not found.' })
+         .end()
+    }
+    res.locals.server = server
+    return next()
+  }
+]
+const contactAdministratorValidator = [
+  body('fromName')
+    .custom(isUserDisplayNameValid).withMessage('Should have a valid name'),
+  body('fromEmail')
+    .isEmail().withMessage('Should have a valid email'),
+  body('body')
+    .custom(isValidContactBody).withMessage('Should have a valid body'),
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking contactAdministratorValidator parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    if (CONFIG.CONTACT_FORM.ENABLED === false) {
+      return res
+        .status(409)
+        .send({ error: 'Contact form is not enabled on this instance.' })
+        .end()
+    }
+    if (Emailer.isEnabled() === false) {
+      return res
+        .status(409)
+        .send({ error: 'Emailer is not enabled on this instance.' })
+        .end()
+    }
+    if (await Redis.Instance.isContactFormIpExists(req.ip)) {
+      logger.info('Refusing a contact form by %s: already sent one recently.', req.ip)
+      return res
+        .status(403)
+        .send({ error: 'You already sent a contact form recently.' })
+        .end()
+    }
+    return next()
+  }
+]
+// ---------------------------------------------------------------------------
+export {
+  serverGetValidator,
+  contactAdministratorValidator
+}

diff --git a/server/middlewares/validators/server.ts b/server/middlewares/validators/server.ts new file mode 100644 index 000000000..d85afc2ff --- /dev/null +++ b/server/middlewares/validators/server.ts
@@ -0,0 +1,78 @@
	1	import * as express from 'express'
	2	import { logger } from '../../helpers/logger'
	3	import { areValidationErrors } from './utils'
	4	import { isHostValid, isValidContactBody } from '../../helpers/custom-validators/servers'
	5	import { ServerModel } from '../../models/server/server'
	6	import { body } from 'express-validator/check'
	7	import { isUserDisplayNameValid } from '../../helpers/custom-validators/users'
	8	import { Emailer } from '../../lib/emailer'
	9	import { Redis } from '../../lib/redis'
	10	import { CONFIG } from '../../initializers/constants'
	11
	12	const serverGetValidator = [
	13	body('host').custom(isHostValid).withMessage('Should have a valid host'),
	14
	15	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	16	logger.debug('Checking serverGetValidator parameters', { parameters: req.body })
	17
	18	if (areValidationErrors(req, res)) return
	19
	20	const server = await ServerModel.loadByHost(req.body.host)
	21	if (!server) {
	22	return res.status(404)
	23	.send({ error: 'Server host not found.' })
	24	.end()
	25	}
	26
	27	res.locals.server = server
	28
	29	return next()
	30	}
	31	]
	32
	33	const contactAdministratorValidator = [
	34	body('fromName')
	35	.custom(isUserDisplayNameValid).withMessage('Should have a valid name'),
	36	body('fromEmail')
	37	.isEmail().withMessage('Should have a valid email'),
	38	body('body')
	39	.custom(isValidContactBody).withMessage('Should have a valid body'),
	40
	41	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
	42	logger.debug('Checking contactAdministratorValidator parameters', { parameters: req.body })
	43
	44	if (areValidationErrors(req, res)) return
	45
	46	if (CONFIG.CONTACT_FORM.ENABLED === false) {
	47	return res
	48	.status(409)
	49	.send({ error: 'Contact form is not enabled on this instance.' })
	50	.end()
	51	}
	52
	53	if (Emailer.isEnabled() === false) {
	54	return res
	55	.status(409)
	56	.send({ error: 'Emailer is not enabled on this instance.' })
	57	.end()
	58	}
	59
	60	if (await Redis.Instance.isContactFormIpExists(req.ip)) {
	61	logger.info('Refusing a contact form by %s: already sent one recently.', req.ip)
	62
	63	return res
	64	.status(403)
	65	.send({ error: 'You already sent a contact form recently.' })
	66	.end()
	67	}
	68
	69	return next()
	70	}
	71	]
	72
	73	// ---------------------------------------------------------------------------
	74
	75	export {
	76	serverGetValidator,
	77	contactAdministratorValidator
	78	}