12 files changed, 526 insertions, 0 deletions
diff --git a/server/middlewares/validators/shared/abuses.ts b/server/middlewares/validators/shared/abuses.ts
new file mode 100644
index 000000000..4a20a55fa
--- /dev/null
+++ b/server/middlewares/validators/shared/abuses.ts
@@ -0,0 +1,25 @@
+import { Response } from 'express'
+import { AbuseModel } from '@server/models/abuse/abuse'
+import { HttpStatusCode } from '@shared/core-utils'
+async function doesAbuseExist (abuseId: number | string, res: Response) {
+  const abuse = await AbuseModel.loadByIdWithReporter(parseInt(abuseId + '', 10))
+  if (!abuse) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Abuse not found'
+    })
+    return false
+  }
+  res.locals.abuse = abuse
+  return true
+}
+// ---------------------------------------------------------------------------
+export {
+  doesAbuseExist
+}
diff --git a/server/middlewares/validators/shared/accounts.ts b/server/middlewares/validators/shared/accounts.ts
new file mode 100644
index 000000000..04da15441
--- /dev/null
+++ b/server/middlewares/validators/shared/accounts.ts
@@ -0,0 +1,65 @@
+import { Response } from 'express'
+import { AccountModel } from '@server/models/account/account'
+import { UserModel } from '@server/models/user/user'
+import { MAccountDefault } from '@server/types/models'
+import { HttpStatusCode } from '@shared/core-utils'
+function doesAccountIdExist (id: number | string, res: Response, sendNotFound = true) {
+  const promise = AccountModel.load(parseInt(id + '', 10))
+  return doesAccountExist(promise, res, sendNotFound)
+}
+function doesLocalAccountNameExist (name: string, res: Response, sendNotFound = true) {
+  const promise = AccountModel.loadLocalByName(name)
+  return doesAccountExist(promise, res, sendNotFound)
+}
+function doesAccountNameWithHostExist (nameWithDomain: string, res: Response, sendNotFound = true) {
+  const promise = AccountModel.loadByNameWithHost(nameWithDomain)
+  return doesAccountExist(promise, res, sendNotFound)
+}
+async function doesAccountExist (p: Promise<MAccountDefault>, res: Response, sendNotFound: boolean) {
+  const account = await p
+  if (!account) {
+    if (sendNotFound === true) {
+      res.fail({
+        status: HttpStatusCode.NOT_FOUND_404,
+        message: 'Account not found'
+      })
+    }
+    return false
+  }
+  res.locals.account = account
+  return true
+}
+async function doesUserFeedTokenCorrespond (id: number, token: string, res: Response) {
+  const user = await UserModel.loadByIdWithChannels(parseInt(id + '', 10))
+  if (token !== user.feedToken) {
+    res.fail({
+      status: HttpStatusCode.FORBIDDEN_403,
+      message: 'User and token mismatch'
+    })
+    return false
+  }
+  res.locals.user = user
+  return true
+}
+// ---------------------------------------------------------------------------
+export {
+  doesAccountIdExist,
+  doesLocalAccountNameExist,
+  doesAccountNameWithHostExist,
+  doesAccountExist,
+  doesUserFeedTokenCorrespond
+}
diff --git a/server/middlewares/validators/shared/index.ts b/server/middlewares/validators/shared/index.ts
new file mode 100644
index 000000000..fa89d05f2
--- /dev/null
+++ b/server/middlewares/validators/shared/index.ts
@@ -0,0 +1,11 @@
+export * from './abuses'
+export * from './accounts'
+export * from './utils'
+export * from './video-blacklists'
+export * from './video-captions'
+export * from './video-channels'
+export * from './video-comments'
+export * from './video-imports'
+export * from './video-ownerships'
+export * from './video-playlists'
+export * from './videos'
diff --git a/server/middlewares/validators/shared/utils.ts b/server/middlewares/validators/shared/utils.ts
new file mode 100644
index 000000000..d3e4870a9
--- /dev/null
+++ b/server/middlewares/validators/shared/utils.ts
@@ -0,0 +1,50 @@
+import * as express from 'express'
+import { query, validationResult } from 'express-validator'
+import { logger } from '../../../helpers/logger'
+function areValidationErrors (req: express.Request, res: express.Response) {
+  const errors = validationResult(req)
+  if (!errors.isEmpty()) {
+    logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors.mapped() })
+    res.fail({
+      message: 'Incorrect request parameters: ' + Object.keys(errors.mapped()).join(', '),
+      instance: req.originalUrl,
+      data: {
+        'invalid-params': errors.mapped()
+      }
+    })
+    return true
+  }
+  return false
+}
+function checkSort (sortableColumns: string[], tags: string[] = []) {
+  return [
+    query('sort').optional().isIn(sortableColumns).withMessage('Should have correct sortable column'),
+    (req: express.Request, res: express.Response, next: express.NextFunction) => {
+      logger.debug('Checking sort parameters', { parameters: req.query, tags })
+      if (areValidationErrors(req, res)) return
+      return next()
+    }
+  ]
+}
+function createSortableColumns (sortableColumns: string[]) {
+  const sortableColumnDesc = sortableColumns.map(sortableColumn => '-' + sortableColumn)
+  return sortableColumns.concat(sortableColumnDesc)
+}
+// ---------------------------------------------------------------------------
+export {
+  areValidationErrors,
+  checkSort,
+  createSortableColumns
+}
diff --git a/server/middlewares/validators/shared/video-blacklists.ts b/server/middlewares/validators/shared/video-blacklists.ts
new file mode 100644
index 000000000..01491c10f
--- /dev/null
+++ b/server/middlewares/validators/shared/video-blacklists.ts
@@ -0,0 +1,24 @@
+import { Response } from 'express'
+import { VideoBlacklistModel } from '@server/models/video/video-blacklist'
+import { HttpStatusCode } from '@shared/core-utils'
+async function doesVideoBlacklistExist (videoId: number, res: Response) {
+  const videoBlacklist = await VideoBlacklistModel.loadByVideoId(videoId)
+  if (videoBlacklist === null) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Blacklisted video not found'
+    })
+    return false
+  }
+  res.locals.videoBlacklist = videoBlacklist
+  return true
+}
+// ---------------------------------------------------------------------------
+export {
+  doesVideoBlacklistExist
+}
diff --git a/server/middlewares/validators/shared/video-captions.ts b/server/middlewares/validators/shared/video-captions.ts
new file mode 100644
index 000000000..80f6c5a52
--- /dev/null
+++ b/server/middlewares/validators/shared/video-captions.ts
@@ -0,0 +1,25 @@
+import { Response } from 'express'
+import { VideoCaptionModel } from '@server/models/video/video-caption'
+import { MVideoId } from '@server/types/models'
+import { HttpStatusCode } from '@shared/core-utils'
+async function doesVideoCaptionExist (video: MVideoId, language: string, res: Response) {
+  const videoCaption = await VideoCaptionModel.loadByVideoIdAndLanguage(video.id, language)
+  if (!videoCaption) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Video caption not found'
+    })
+    return false
+  }
+  res.locals.videoCaption = videoCaption
+  return true
+}
+// ---------------------------------------------------------------------------
+export {
+  doesVideoCaptionExist
+}
diff --git a/server/middlewares/validators/shared/video-channels.ts b/server/middlewares/validators/shared/video-channels.ts
new file mode 100644
index 000000000..fe2e663b7
--- /dev/null
+++ b/server/middlewares/validators/shared/video-channels.ts
@@ -0,0 +1,43 @@
+import * as express from 'express'
+import { VideoChannelModel } from '@server/models/video/video-channel'
+import { MChannelBannerAccountDefault } from '@server/types/models'
+import { HttpStatusCode } from '@shared/core-utils'
+async function doesLocalVideoChannelNameExist (name: string, res: express.Response) {
+  const videoChannel = await VideoChannelModel.loadLocalByNameAndPopulateAccount(name)
+  return processVideoChannelExist(videoChannel, res)
+}
+async function doesVideoChannelIdExist (id: number, res: express.Response) {
+  const videoChannel = await VideoChannelModel.loadAndPopulateAccount(+id)
+  return processVideoChannelExist(videoChannel, res)
+}
+async function doesVideoChannelNameWithHostExist (nameWithDomain: string, res: express.Response) {
+  const videoChannel = await VideoChannelModel.loadByNameWithHostAndPopulateAccount(nameWithDomain)
+  return processVideoChannelExist(videoChannel, res)
+}
+// ---------------------------------------------------------------------------
+export {
+  doesLocalVideoChannelNameExist,
+  doesVideoChannelIdExist,
+  doesVideoChannelNameWithHostExist
+}
+function processVideoChannelExist (videoChannel: MChannelBannerAccountDefault, res: express.Response) {
+  if (!videoChannel) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Video channel not found'
+    })
+    return false
+  }
+  res.locals.videoChannel = videoChannel
+  return true
+}
diff --git a/server/middlewares/validators/shared/video-comments.ts b/server/middlewares/validators/shared/video-comments.ts
new file mode 100644
index 000000000..83ea15c98
--- /dev/null
+++ b/server/middlewares/validators/shared/video-comments.ts
@@ -0,0 +1,73 @@
+import * as express from 'express'
+import { VideoCommentModel } from '@server/models/video/video-comment'
+import { MVideoId } from '@server/types/models'
+import { HttpStatusCode } from '@shared/core-utils'
+async function doesVideoCommentThreadExist (idArg: number | string, video: MVideoId, res: express.Response) {
+  const id = parseInt(idArg + '', 10)
+  const videoComment = await VideoCommentModel.loadById(id)
+  if (!videoComment) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Video comment thread not found'
+    })
+    return false
+  }
+  if (videoComment.videoId !== video.id) {
+    res.fail({ message: 'Video comment is not associated to this video.' })
+    return false
+  }
+  if (videoComment.inReplyToCommentId !== null) {
+    res.fail({ message: 'Video comment is not a thread.' })
+    return false
+  }
+  res.locals.videoCommentThread = videoComment
+  return true
+}
+async function doesVideoCommentExist (idArg: number | string, video: MVideoId, res: express.Response) {
+  const id = parseInt(idArg + '', 10)
+  const videoComment = await VideoCommentModel.loadByIdAndPopulateVideoAndAccountAndReply(id)
+  if (!videoComment) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Video comment thread not found'
+    })
+    return false
+  }
+  if (videoComment.videoId !== video.id) {
+    res.fail({ message: 'Video comment is not associated to this video.' })
+    return false
+  }
+  res.locals.videoCommentFull = videoComment
+  return true
+}
+async function doesCommentIdExist (idArg: number | string, res: express.Response) {
+  const id = parseInt(idArg + '', 10)
+  const videoComment = await VideoCommentModel.loadByIdAndPopulateVideoAndAccountAndReply(id)
+  if (!videoComment) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Video comment thread not found'
+    })
+    return false
+  }
+  res.locals.videoCommentFull = videoComment
+  return true
+}
+export {
+  doesVideoCommentThreadExist,
+  doesVideoCommentExist,
+  doesCommentIdExist
+}
diff --git a/server/middlewares/validators/shared/video-imports.ts b/server/middlewares/validators/shared/video-imports.ts
new file mode 100644
index 000000000..0f984bc17
--- /dev/null
+++ b/server/middlewares/validators/shared/video-imports.ts
@@ -0,0 +1,22 @@
+import * as express from 'express'
+import { VideoImportModel } from '@server/models/video/video-import'
+import { HttpStatusCode } from '@shared/core-utils'
+async function doesVideoImportExist (id: number, res: express.Response) {
+  const videoImport = await VideoImportModel.loadAndPopulateVideo(id)
+  if (!videoImport) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Video import not found'
+    })
+    return false
+  }
+  res.locals.videoImport = videoImport
+  return true
+}
+export {
+  doesVideoImportExist
+}
diff --git a/server/middlewares/validators/shared/video-ownerships.ts b/server/middlewares/validators/shared/video-ownerships.ts
new file mode 100644
index 000000000..fc27006ce
--- /dev/null
+++ b/server/middlewares/validators/shared/video-ownerships.ts
@@ -0,0 +1,24 @@
+import * as express from 'express'
+import { VideoChangeOwnershipModel } from '@server/models/video/video-change-ownership'
+import { HttpStatusCode } from '@shared/core-utils'
+async function doesChangeVideoOwnershipExist (idArg: number | string, res: express.Response) {
+  const id = parseInt(idArg + '', 10)
+  const videoChangeOwnership = await VideoChangeOwnershipModel.load(id)
+  if (!videoChangeOwnership) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Video change ownership not found'
+    })
+    return false
+  }
+  res.locals.videoChangeOwnership = videoChangeOwnership
+  return true
+}
+export {
+  doesChangeVideoOwnershipExist
+}
diff --git a/server/middlewares/validators/shared/video-playlists.ts b/server/middlewares/validators/shared/video-playlists.ts
new file mode 100644
index 000000000..d762859a8
--- /dev/null
+++ b/server/middlewares/validators/shared/video-playlists.ts
@@ -0,0 +1,39 @@
+import * as express from 'express'
+import { VideoPlaylistModel } from '@server/models/video/video-playlist'
+import { MVideoPlaylist } from '@server/types/models'
+import { HttpStatusCode } from '@shared/core-utils'
+export type VideoPlaylistFetchType = 'summary' | 'all'
+async function doesVideoPlaylistExist (id: number | string, res: express.Response, fetchType: VideoPlaylistFetchType = 'summary') {
+  if (fetchType === 'summary') {
+    const videoPlaylist = await VideoPlaylistModel.loadWithAccountAndChannelSummary(id, undefined)
+    res.locals.videoPlaylistSummary = videoPlaylist
+    return handleVideoPlaylist(videoPlaylist, res)
+  }
+  const videoPlaylist = await VideoPlaylistModel.loadWithAccountAndChannel(id, undefined)
+  res.locals.videoPlaylistFull = videoPlaylist
+  return handleVideoPlaylist(videoPlaylist, res)
+}
+// ---------------------------------------------------------------------------
+export {
+  doesVideoPlaylistExist
+}
+// ---------------------------------------------------------------------------
+function handleVideoPlaylist (videoPlaylist: MVideoPlaylist, res: express.Response) {
+  if (!videoPlaylist) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Video playlist not found'
+    })
+    return false
+  }
+  return true
+}
diff --git a/server/middlewares/validators/shared/videos.ts b/server/middlewares/validators/shared/videos.ts
new file mode 100644
index 000000000..a6dad4374
--- /dev/null
+++ b/server/middlewares/validators/shared/videos.ts
@@ -0,0 +1,125 @@
+import { Response } from 'express'
+import { fetchVideo, VideoFetchType } from '@server/lib/model-loaders'
+import { VideoChannelModel } from '@server/models/video/video-channel'
+import { VideoFileModel } from '@server/models/video/video-file'
+import {
+  MUser,
+  MUserAccountId,
+  MVideoAccountLight,
+  MVideoFullLight,
+  MVideoIdThumbnail,
+  MVideoImmutable,
+  MVideoThumbnail,
+  MVideoWithRights
+} from '@server/types/models'
+import { HttpStatusCode } from '@shared/core-utils'
+import { UserRight } from '@shared/models'
+async function doesVideoExist (id: number | string, res: Response, fetchType: VideoFetchType = 'all') {
+  const userId = res.locals.oauth ? res.locals.oauth.token.User.id : undefined
+  const video = await fetchVideo(id, fetchType, userId)
+  if (video === null) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'Video not found'
+    })
+    return false
+  }
+  switch (fetchType) {
+    case 'all':
+      res.locals.videoAll = video as MVideoFullLight
+      break
+    case 'only-immutable-attributes':
+      res.locals.onlyImmutableVideo = video as MVideoImmutable
+      break
+    case 'id':
+      res.locals.videoId = video as MVideoIdThumbnail
+      break
+    case 'only-video':
+      res.locals.onlyVideo = video as MVideoThumbnail
+      break
+    case 'only-video-with-rights':
+      res.locals.onlyVideoWithRights = video as MVideoWithRights
+      break
+  }
+  return true
+}
+async function doesVideoFileOfVideoExist (id: number, videoIdOrUUID: number | string, res: Response) {
+  if (!await VideoFileModel.doesVideoExistForVideoFile(id, videoIdOrUUID)) {
+    res.fail({
+      status: HttpStatusCode.NOT_FOUND_404,
+      message: 'VideoFile matching Video not found'
+    })
+    return false
+  }
+  return true
+}
+async function doesVideoChannelOfAccountExist (channelId: number, user: MUserAccountId, res: Response) {
+  const videoChannel = await VideoChannelModel.loadAndPopulateAccount(channelId)
+  if (videoChannel === null) {
+    res.fail({ message: 'Unknown video "video channel" for this instance.' })
+    return false
+  }
+  // Don't check account id if the user can update any video
+  if (user.hasRight(UserRight.UPDATE_ANY_VIDEO) === true) {
+    res.locals.videoChannel = videoChannel
+    return true
+  }
+  if (videoChannel.Account.id !== user.Account.id) {
+    res.fail({
+      message: 'Unknown video "video channel" for this account.'
+    })
+    return false
+  }
+  res.locals.videoChannel = videoChannel
+  return true
+}
+function checkUserCanManageVideo (user: MUser, video: MVideoAccountLight, right: UserRight, res: Response, onlyOwned = true) {
+  // Retrieve the user who did the request
+  if (onlyOwned && video.isOwned() === false) {
+    res.fail({
+      status: HttpStatusCode.FORBIDDEN_403,
+      message: 'Cannot manage a video of another server.'
+    })
+    return false
+  }
+  // Check if the user can delete the video
+  // The user can delete it if he has the right
+  // Or if s/he is the video's account
+  const account = video.VideoChannel.Account
+  if (user.hasRight(right) === false && account.userId !== user.id) {
+    res.fail({
+      status: HttpStatusCode.FORBIDDEN_403,
+      message: 'Cannot manage a video of another user.'
+    })
+    return false
+  }
+  return true
+}
+// ---------------------------------------------------------------------------
+export {
+  doesVideoChannelOfAccountExist,
+  doesVideoExist,
+  doesVideoFileOfVideoExist,
+  checkUserCanManageVideo
+}

diff --git a/server/middlewares/validators/shared/abuses.ts b/server/middlewares/validators/shared/abuses.ts new file mode 100644 index 000000000..4a20a55fa --- /dev/null +++ b/server/middlewares/validators/shared/abuses.ts
@@ -0,0 +1,25 @@
	1	import { Response } from 'express'
	2	import { AbuseModel } from '@server/models/abuse/abuse'
	3	import { HttpStatusCode } from '@shared/core-utils'
	4
	5	async function doesAbuseExist (abuseId: number \| string, res: Response) {
	6	const abuse = await AbuseModel.loadByIdWithReporter(parseInt(abuseId + '', 10))
	7
	8	if (!abuse) {
	9	res.fail({
	10	status: HttpStatusCode.NOT_FOUND_404,
	11	message: 'Abuse not found'
	12	})
	13
	14	return false
	15	}
	16
	17	res.locals.abuse = abuse
	18	return true
	19	}
	20
	21	// ---------------------------------------------------------------------------
	22
	23	export {
	24	doesAbuseExist
	25	}


diff --git a/server/middlewares/validators/shared/accounts.ts b/server/middlewares/validators/shared/accounts.ts new file mode 100644 index 000000000..04da15441 --- /dev/null +++ b/server/middlewares/validators/shared/accounts.ts
@@ -0,0 +1,65 @@
	1	import { Response } from 'express'
	2	import { AccountModel } from '@server/models/account/account'
	3	import { UserModel } from '@server/models/user/user'
	4	import { MAccountDefault } from '@server/types/models'
	5	import { HttpStatusCode } from '@shared/core-utils'
	6
	7	function doesAccountIdExist (id: number \| string, res: Response, sendNotFound = true) {
	8	const promise = AccountModel.load(parseInt(id + '', 10))
	9
	10	return doesAccountExist(promise, res, sendNotFound)
	11	}
	12
	13	function doesLocalAccountNameExist (name: string, res: Response, sendNotFound = true) {
	14	const promise = AccountModel.loadLocalByName(name)
	15
	16	return doesAccountExist(promise, res, sendNotFound)
	17	}
	18
	19	function doesAccountNameWithHostExist (nameWithDomain: string, res: Response, sendNotFound = true) {
	20	const promise = AccountModel.loadByNameWithHost(nameWithDomain)
	21
	22	return doesAccountExist(promise, res, sendNotFound)
	23	}
	24
	25	async function doesAccountExist (p: Promise<MAccountDefault>, res: Response, sendNotFound: boolean) {
	26	const account = await p
	27
	28	if (!account) {
	29	if (sendNotFound === true) {
	30	res.fail({
	31	status: HttpStatusCode.NOT_FOUND_404,
	32	message: 'Account not found'
	33	})
	34	}
	35	return false
	36	}
	37
	38	res.locals.account = account
	39	return true
	40	}
	41
	42	async function doesUserFeedTokenCorrespond (id: number, token: string, res: Response) {
	43	const user = await UserModel.loadByIdWithChannels(parseInt(id + '', 10))
	44
	45	if (token !== user.feedToken) {
	46	res.fail({
	47	status: HttpStatusCode.FORBIDDEN_403,
	48	message: 'User and token mismatch'
	49	})
	50	return false
	51	}
	52
	53	res.locals.user = user
	54	return true
	55	}
	56
	57	// ---------------------------------------------------------------------------
	58
	59	export {
	60	doesAccountIdExist,
	61	doesLocalAccountNameExist,
	62	doesAccountNameWithHostExist,
	63	doesAccountExist,
	64	doesUserFeedTokenCorrespond
	65	}


diff --git a/server/middlewares/validators/shared/index.ts b/server/middlewares/validators/shared/index.ts new file mode 100644 index 000000000..fa89d05f2 --- /dev/null +++ b/server/middlewares/validators/shared/index.ts
@@ -0,0 +1,11 @@
	1	export * from './abuses'
	2	export * from './accounts'
	3	export * from './utils'
	4	export * from './video-blacklists'
	5	export * from './video-captions'
	6	export * from './video-channels'
	7	export * from './video-comments'
	8	export * from './video-imports'
	9	export * from './video-ownerships'
	10	export * from './video-playlists'
	11	export * from './videos'


diff --git a/server/middlewares/validators/shared/utils.ts b/server/middlewares/validators/shared/utils.ts new file mode 100644 index 000000000..d3e4870a9 --- /dev/null +++ b/server/middlewares/validators/shared/utils.ts
@@ -0,0 +1,50 @@
	1	import * as express from 'express'
	2	import { query, validationResult } from 'express-validator'
	3	import { logger } from '../../../helpers/logger'
	4
	5	function areValidationErrors (req: express.Request, res: express.Response) {
	6	const errors = validationResult(req)
	7
	8	if (!errors.isEmpty()) {
	9	logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors.mapped() })
	10	res.fail({
	11	message: 'Incorrect request parameters: ' + Object.keys(errors.mapped()).join(', '),
	12	instance: req.originalUrl,
	13	data: {
	14	'invalid-params': errors.mapped()
	15	}
	16	})
	17
	18	return true
	19	}
	20
	21	return false
	22	}
	23
	24	function checkSort (sortableColumns: string[], tags: string[] = []) {
	25	return [
	26	query('sort').optional().isIn(sortableColumns).withMessage('Should have correct sortable column'),
	27
	28	(req: express.Request, res: express.Response, next: express.NextFunction) => {
	29	logger.debug('Checking sort parameters', { parameters: req.query, tags })
	30
	31	if (areValidationErrors(req, res)) return
	32
	33	return next()
	34	}
	35	]
	36	}
	37
	38	function createSortableColumns (sortableColumns: string[]) {
	39	const sortableColumnDesc = sortableColumns.map(sortableColumn => '-' + sortableColumn)
	40
	41	return sortableColumns.concat(sortableColumnDesc)
	42	}
	43
	44	// ---------------------------------------------------------------------------
	45
	46	export {
	47	areValidationErrors,
	48	checkSort,
	49	createSortableColumns
	50	}


diff --git a/server/middlewares/validators/shared/video-blacklists.ts b/server/middlewares/validators/shared/video-blacklists.ts new file mode 100644 index 000000000..01491c10f --- /dev/null +++ b/server/middlewares/validators/shared/video-blacklists.ts
@@ -0,0 +1,24 @@
	1	import { Response } from 'express'
	2	import { VideoBlacklistModel } from '@server/models/video/video-blacklist'
	3	import { HttpStatusCode } from '@shared/core-utils'
	4
	5	async function doesVideoBlacklistExist (videoId: number, res: Response) {
	6	const videoBlacklist = await VideoBlacklistModel.loadByVideoId(videoId)
	7
	8	if (videoBlacklist === null) {
	9	res.fail({
	10	status: HttpStatusCode.NOT_FOUND_404,
	11	message: 'Blacklisted video not found'
	12	})
	13	return false
	14	}
	15
	16	res.locals.videoBlacklist = videoBlacklist
	17	return true
	18	}
	19
	20	// ---------------------------------------------------------------------------
	21
	22	export {
	23	doesVideoBlacklistExist
	24	}


diff --git a/server/middlewares/validators/shared/video-captions.ts b/server/middlewares/validators/shared/video-captions.ts new file mode 100644 index 000000000..80f6c5a52 --- /dev/null +++ b/server/middlewares/validators/shared/video-captions.ts
@@ -0,0 +1,25 @@
	1	import { Response } from 'express'
	2	import { VideoCaptionModel } from '@server/models/video/video-caption'
	3	import { MVideoId } from '@server/types/models'
	4	import { HttpStatusCode } from '@shared/core-utils'
	5
	6	async function doesVideoCaptionExist (video: MVideoId, language: string, res: Response) {
	7	const videoCaption = await VideoCaptionModel.loadByVideoIdAndLanguage(video.id, language)
	8
	9	if (!videoCaption) {
	10	res.fail({
	11	status: HttpStatusCode.NOT_FOUND_404,
	12	message: 'Video caption not found'
	13	})
	14	return false
	15	}
	16
	17	res.locals.videoCaption = videoCaption
	18	return true
	19	}
	20
	21	// ---------------------------------------------------------------------------
	22
	23	export {
	24	doesVideoCaptionExist
	25	}


diff --git a/server/middlewares/validators/shared/video-channels.ts b/server/middlewares/validators/shared/video-channels.ts new file mode 100644 index 000000000..fe2e663b7 --- /dev/null +++ b/server/middlewares/validators/shared/video-channels.ts
@@ -0,0 +1,43 @@
	1	import * as express from 'express'
	2	import { VideoChannelModel } from '@server/models/video/video-channel'
	3	import { MChannelBannerAccountDefault } from '@server/types/models'
	4	import { HttpStatusCode } from '@shared/core-utils'
	5
	6	async function doesLocalVideoChannelNameExist (name: string, res: express.Response) {
	7	const videoChannel = await VideoChannelModel.loadLocalByNameAndPopulateAccount(name)
	8
	9	return processVideoChannelExist(videoChannel, res)
	10	}
	11
	12	async function doesVideoChannelIdExist (id: number, res: express.Response) {
	13	const videoChannel = await VideoChannelModel.loadAndPopulateAccount(+id)
	14
	15	return processVideoChannelExist(videoChannel, res)
	16	}
	17
	18	async function doesVideoChannelNameWithHostExist (nameWithDomain: string, res: express.Response) {
	19	const videoChannel = await VideoChannelModel.loadByNameWithHostAndPopulateAccount(nameWithDomain)
	20
	21	return processVideoChannelExist(videoChannel, res)
	22	}
	23
	24	// ---------------------------------------------------------------------------
	25
	26	export {
	27	doesLocalVideoChannelNameExist,
	28	doesVideoChannelIdExist,
	29	doesVideoChannelNameWithHostExist
	30	}
	31
	32	function processVideoChannelExist (videoChannel: MChannelBannerAccountDefault, res: express.Response) {
	33	if (!videoChannel) {
	34	res.fail({
	35	status: HttpStatusCode.NOT_FOUND_404,
	36	message: 'Video channel not found'
	37	})
	38	return false
	39	}
	40
	41	res.locals.videoChannel = videoChannel
	42	return true
	43	}


diff --git a/server/middlewares/validators/shared/video-comments.ts b/server/middlewares/validators/shared/video-comments.ts new file mode 100644 index 000000000..83ea15c98 --- /dev/null +++ b/server/middlewares/validators/shared/video-comments.ts
@@ -0,0 +1,73 @@
	1	import * as express from 'express'
	2	import { VideoCommentModel } from '@server/models/video/video-comment'
	3	import { MVideoId } from '@server/types/models'
	4	import { HttpStatusCode } from '@shared/core-utils'
	5
	6	async function doesVideoCommentThreadExist (idArg: number \| string, video: MVideoId, res: express.Response) {
	7	const id = parseInt(idArg + '', 10)
	8	const videoComment = await VideoCommentModel.loadById(id)
	9
	10	if (!videoComment) {
	11	res.fail({
	12	status: HttpStatusCode.NOT_FOUND_404,
	13	message: 'Video comment thread not found'
	14	})
	15	return false
	16	}
	17
	18	if (videoComment.videoId !== video.id) {
	19	res.fail({ message: 'Video comment is not associated to this video.' })
	20	return false
	21	}
	22
	23	if (videoComment.inReplyToCommentId !== null) {
	24	res.fail({ message: 'Video comment is not a thread.' })
	25	return false
	26	}
	27
	28	res.locals.videoCommentThread = videoComment
	29	return true
	30	}
	31
	32	async function doesVideoCommentExist (idArg: number \| string, video: MVideoId, res: express.Response) {
	33	const id = parseInt(idArg + '', 10)
	34	const videoComment = await VideoCommentModel.loadByIdAndPopulateVideoAndAccountAndReply(id)
	35
	36	if (!videoComment) {
	37	res.fail({
	38	status: HttpStatusCode.NOT_FOUND_404,
	39	message: 'Video comment thread not found'
	40	})
	41	return false
	42	}
	43
	44	if (videoComment.videoId !== video.id) {
	45	res.fail({ message: 'Video comment is not associated to this video.' })
	46	return false
	47	}
	48
	49	res.locals.videoCommentFull = videoComment
	50	return true
	51	}
	52
	53	async function doesCommentIdExist (idArg: number \| string, res: express.Response) {
	54	const id = parseInt(idArg + '', 10)
	55	const videoComment = await VideoCommentModel.loadByIdAndPopulateVideoAndAccountAndReply(id)
	56
	57	if (!videoComment) {
	58	res.fail({
	59	status: HttpStatusCode.NOT_FOUND_404,
	60	message: 'Video comment thread not found'
	61	})
	62	return false
	63	}
	64
	65	res.locals.videoCommentFull = videoComment
	66	return true
	67	}
	68
	69	export {
	70	doesVideoCommentThreadExist,
	71	doesVideoCommentExist,
	72	doesCommentIdExist
	73	}


diff --git a/server/middlewares/validators/shared/video-imports.ts b/server/middlewares/validators/shared/video-imports.ts new file mode 100644 index 000000000..0f984bc17 --- /dev/null +++ b/server/middlewares/validators/shared/video-imports.ts
@@ -0,0 +1,22 @@
	1	import * as express from 'express'
	2	import { VideoImportModel } from '@server/models/video/video-import'
	3	import { HttpStatusCode } from '@shared/core-utils'
	4
	5	async function doesVideoImportExist (id: number, res: express.Response) {
	6	const videoImport = await VideoImportModel.loadAndPopulateVideo(id)
	7
	8	if (!videoImport) {
	9	res.fail({
	10	status: HttpStatusCode.NOT_FOUND_404,
	11	message: 'Video import not found'
	12	})
	13	return false
	14	}
	15
	16	res.locals.videoImport = videoImport
	17	return true
	18	}
	19
	20	export {
	21	doesVideoImportExist
	22	}


diff --git a/server/middlewares/validators/shared/video-ownerships.ts b/server/middlewares/validators/shared/video-ownerships.ts new file mode 100644 index 000000000..fc27006ce --- /dev/null +++ b/server/middlewares/validators/shared/video-ownerships.ts
@@ -0,0 +1,24 @@
	1	import * as express from 'express'
	2	import { VideoChangeOwnershipModel } from '@server/models/video/video-change-ownership'
	3	import { HttpStatusCode } from '@shared/core-utils'
	4
	5	async function doesChangeVideoOwnershipExist (idArg: number \| string, res: express.Response) {
	6	const id = parseInt(idArg + '', 10)
	7	const videoChangeOwnership = await VideoChangeOwnershipModel.load(id)
	8
	9	if (!videoChangeOwnership) {
	10	res.fail({
	11	status: HttpStatusCode.NOT_FOUND_404,
	12	message: 'Video change ownership not found'
	13	})
	14	return false
	15	}
	16
	17	res.locals.videoChangeOwnership = videoChangeOwnership
	18
	19	return true
	20	}
	21
	22	export {
	23	doesChangeVideoOwnershipExist
	24	}


diff --git a/server/middlewares/validators/shared/video-playlists.ts b/server/middlewares/validators/shared/video-playlists.ts new file mode 100644 index 000000000..d762859a8 --- /dev/null +++ b/server/middlewares/validators/shared/video-playlists.ts
@@ -0,0 +1,39 @@
	1	import * as express from 'express'
	2	import { VideoPlaylistModel } from '@server/models/video/video-playlist'
	3	import { MVideoPlaylist } from '@server/types/models'
	4	import { HttpStatusCode } from '@shared/core-utils'
	5
	6	export type VideoPlaylistFetchType = 'summary' \| 'all'
	7	async function doesVideoPlaylistExist (id: number \| string, res: express.Response, fetchType: VideoPlaylistFetchType = 'summary') {
	8	if (fetchType === 'summary') {
	9	const videoPlaylist = await VideoPlaylistModel.loadWithAccountAndChannelSummary(id, undefined)
	10	res.locals.videoPlaylistSummary = videoPlaylist
	11
	12	return handleVideoPlaylist(videoPlaylist, res)
	13	}
	14
	15	const videoPlaylist = await VideoPlaylistModel.loadWithAccountAndChannel(id, undefined)
	16	res.locals.videoPlaylistFull = videoPlaylist
	17
	18	return handleVideoPlaylist(videoPlaylist, res)
	19	}
	20
	21	// ---------------------------------------------------------------------------
	22
	23	export {
	24	doesVideoPlaylistExist
	25	}
	26
	27	// ---------------------------------------------------------------------------
	28
	29	function handleVideoPlaylist (videoPlaylist: MVideoPlaylist, res: express.Response) {
	30	if (!videoPlaylist) {
	31	res.fail({
	32	status: HttpStatusCode.NOT_FOUND_404,
	33	message: 'Video playlist not found'
	34	})
	35	return false
	36	}
	37
	38	return true
	39	}


diff --git a/server/middlewares/validators/shared/videos.ts b/server/middlewares/validators/shared/videos.ts new file mode 100644 index 000000000..a6dad4374 --- /dev/null +++ b/server/middlewares/validators/shared/videos.ts
@@ -0,0 +1,125 @@
	1	import { Response } from 'express'
	2	import { fetchVideo, VideoFetchType } from '@server/lib/model-loaders'
	3	import { VideoChannelModel } from '@server/models/video/video-channel'
	4	import { VideoFileModel } from '@server/models/video/video-file'
	5	import {
	6	MUser,
	7	MUserAccountId,
	8	MVideoAccountLight,
	9	MVideoFullLight,
	10	MVideoIdThumbnail,
	11	MVideoImmutable,
	12	MVideoThumbnail,
	13	MVideoWithRights
	14	} from '@server/types/models'
	15	import { HttpStatusCode } from '@shared/core-utils'
	16	import { UserRight } from '@shared/models'
	17
	18	async function doesVideoExist (id: number \| string, res: Response, fetchType: VideoFetchType = 'all') {
	19	const userId = res.locals.oauth ? res.locals.oauth.token.User.id : undefined
	20
	21	const video = await fetchVideo(id, fetchType, userId)
	22
	23	if (video === null) {
	24	res.fail({
	25	status: HttpStatusCode.NOT_FOUND_404,
	26	message: 'Video not found'
	27	})
	28	return false
	29	}
	30
	31	switch (fetchType) {
	32	case 'all':
	33	res.locals.videoAll = video as MVideoFullLight
	34	break
	35
	36	case 'only-immutable-attributes':
	37	res.locals.onlyImmutableVideo = video as MVideoImmutable
	38	break
	39
	40	case 'id':
	41	res.locals.videoId = video as MVideoIdThumbnail
	42	break
	43
	44	case 'only-video':
	45	res.locals.onlyVideo = video as MVideoThumbnail
	46	break
	47
	48	case 'only-video-with-rights':
	49	res.locals.onlyVideoWithRights = video as MVideoWithRights
	50	break
	51	}
	52
	53	return true
	54	}
	55
	56	async function doesVideoFileOfVideoExist (id: number, videoIdOrUUID: number \| string, res: Response) {
	57	if (!await VideoFileModel.doesVideoExistForVideoFile(id, videoIdOrUUID)) {
	58	res.fail({
	59	status: HttpStatusCode.NOT_FOUND_404,
	60	message: 'VideoFile matching Video not found'
	61	})
	62	return false
	63	}
	64
	65	return true
	66	}
	67
	68	async function doesVideoChannelOfAccountExist (channelId: number, user: MUserAccountId, res: Response) {
	69	const videoChannel = await VideoChannelModel.loadAndPopulateAccount(channelId)
	70
	71	if (videoChannel === null) {
	72	res.fail({ message: 'Unknown video "video channel" for this instance.' })
	73	return false
	74	}
	75
	76	// Don't check account id if the user can update any video
	77	if (user.hasRight(UserRight.UPDATE_ANY_VIDEO) === true) {
	78	res.locals.videoChannel = videoChannel
	79	return true
	80	}
	81
	82	if (videoChannel.Account.id !== user.Account.id) {
	83	res.fail({
	84	message: 'Unknown video "video channel" for this account.'
	85	})
	86	return false
	87	}
	88
	89	res.locals.videoChannel = videoChannel
	90	return true
	91	}
	92
	93	function checkUserCanManageVideo (user: MUser, video: MVideoAccountLight, right: UserRight, res: Response, onlyOwned = true) {
	94	// Retrieve the user who did the request
	95	if (onlyOwned && video.isOwned() === false) {
	96	res.fail({
	97	status: HttpStatusCode.FORBIDDEN_403,
	98	message: 'Cannot manage a video of another server.'
	99	})
	100	return false
	101	}
	102
	103	// Check if the user can delete the video
	104	// The user can delete it if he has the right
	105	// Or if s/he is the video's account
	106	const account = video.VideoChannel.Account
	107	if (user.hasRight(right) === false && account.userId !== user.id) {
	108	res.fail({
	109	status: HttpStatusCode.FORBIDDEN_403,
	110	message: 'Cannot manage a video of another user.'
	111	})
	112	return false
	113	}
	114
	115	return true
	116	}
	117
	118	// ---------------------------------------------------------------------------
	119
	120	export {
	121	doesVideoChannelOfAccountExist,
	122	doesVideoExist,
	123	doesVideoFileOfVideoExist,
	124	checkUserCanManageVideo
	125	}