aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators/users.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/validators/users.ts')
-rw-r--r--server/middlewares/validators/users.ts61
1 files changed, 38 insertions, 23 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index ebb343535..aec6324bf 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -6,7 +6,7 @@ import * as validator from 'validator'
6import { database as db } from '../../initializers/database' 6import { database as db } from '../../initializers/database'
7import { checkErrors } from './utils' 7import { checkErrors } from './utils'
8import { isSignupAllowed, logger } from '../../helpers' 8import { isSignupAllowed, logger } from '../../helpers'
9import { VideoInstance } from '../../models' 9import { UserInstance, VideoInstance } from '../../models'
10 10
11function usersAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { 11function usersAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) {
12 req.checkBody('username', 'Should have a valid username').isUserUsernameValid() 12 req.checkBody('username', 'Should have a valid username').isUserUsernameValid()
@@ -17,16 +17,19 @@ function usersAddValidator (req: express.Request, res: express.Response, next: e
17 logger.debug('Checking usersAdd parameters', { parameters: req.body }) 17 logger.debug('Checking usersAdd parameters', { parameters: req.body })
18 18
19 checkErrors(req, res, () => { 19 checkErrors(req, res, () => {
20 db.User.loadByUsernameOrEmail(req.body.username, req.body.email) 20 checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next)
21 .then(user => { 21 })
22 if (user) return res.status(409).send('User already exists.') 22}
23 23
24 next() 24function usersRegisterValidator (req: express.Request, res: express.Response, next: express.NextFunction) {
25 }) 25 req.checkBody('username', 'Should have a valid username').isUserUsernameValid()
26 .catch(err => { 26 req.checkBody('password', 'Should have a valid password').isUserPasswordValid()
27 logger.error('Error in usersAdd request validator.', err) 27 req.checkBody('email', 'Should have a valid email').isEmail()
28 return res.sendStatus(500) 28
29 }) 29 logger.debug('Checking usersRegister parameters', { parameters: req.body })
30
31 checkErrors(req, res, () => {
32 checkUserDoesNotAlreadyExist(req.body.username, req.body.email, res, next)
30 }) 33 })
31} 34}
32 35
@@ -36,18 +39,16 @@ function usersRemoveValidator (req: express.Request, res: express.Response, next
36 logger.debug('Checking usersRemove parameters', { parameters: req.params }) 39 logger.debug('Checking usersRemove parameters', { parameters: req.params })
37 40
38 checkErrors(req, res, () => { 41 checkErrors(req, res, () => {
39 db.User.loadById(req.params.id) 42 checkUserExists(req.params.id, res, (err, user) => {
40 .then(user => { 43 if (err) {
41 if (!user) return res.status(404).send('User not found') 44 logger.error('Error in usersRemoveValidator.', err)
45 return res.sendStatus(500)
46 }
42 47
43 if (user.username === 'root') return res.status(400).send('Cannot remove the root user') 48 if (user.username === 'root') return res.status(400).send('Cannot remove the root user')
44 49
45 next() 50 next()
46 }) 51 })
47 .catch(err => {
48 logger.error('Error in usersRemove request validator.', err)
49 return res.sendStatus(500)
50 })
51 }) 52 })
52} 53}
53 54
@@ -69,7 +70,7 @@ function usersUpdateMeValidator (req: express.Request, res: express.Response, ne
69 req.checkBody('email', 'Should have a valid email attribute').optional().isEmail() 70 req.checkBody('email', 'Should have a valid email attribute').optional().isEmail()
70 req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid() 71 req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid()
71 72
72 logger.debug('Checking usersUpdate parameters', { parameters: req.body }) 73 logger.debug('Checking usersUpdateMe parameters', { parameters: req.body })
73 74
74 checkErrors(req, res, next) 75 checkErrors(req, res, next)
75} 76}
@@ -123,6 +124,7 @@ function ensureUserRegistrationAllowed (req: express.Request, res: express.Respo
123 124
124export { 125export {
125 usersAddValidator, 126 usersAddValidator,
127 usersRegisterValidator,
126 usersRemoveValidator, 128 usersRemoveValidator,
127 usersUpdateValidator, 129 usersUpdateValidator,
128 usersUpdateMeValidator, 130 usersUpdateMeValidator,
@@ -133,16 +135,29 @@ export {
133 135
134// --------------------------------------------------------------------------- 136// ---------------------------------------------------------------------------
135 137
136function checkUserExists (id: number, res: express.Response, callback: () => void) { 138function checkUserExists (id: number, res: express.Response, callback: (err: Error, user: UserInstance) => void) {
137 db.User.loadById(id) 139 db.User.loadById(id)
138 .then(user => { 140 .then(user => {
139 if (!user) return res.status(404).send('User not found') 141 if (!user) return res.status(404).send('User not found')
140 142
141 res.locals.user = user 143 res.locals.user = user
142 callback() 144 callback(null, user)
143 }) 145 })
144 .catch(err => { 146 .catch(err => {
145 logger.error('Error in user request validator.', err) 147 logger.error('Error in user request validator.', err)
146 return res.sendStatus(500) 148 return res.sendStatus(500)
147 }) 149 })
148} 150}
151
152function checkUserDoesNotAlreadyExist (username: string, email: string, res: express.Response, callback: () => void) {
153 db.User.loadByUsernameOrEmail(username, email)
154 .then(user => {
155 if (user) return res.status(409).send('User already exists.')
156
157 callback()
158 })
159 .catch(err => {
160 logger.error('Error in usersAdd request validator.', err)
161 return res.sendStatus(500)
162 })
163}