aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators/users.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/validators/users.ts')
-rw-r--r--server/middlewares/validators/users.ts84
1 files changed, 84 insertions, 0 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
new file mode 100644
index 000000000..a9149fe1b
--- /dev/null
+++ b/server/middlewares/validators/users.ts
@@ -0,0 +1,84 @@
1const db = require('../../initializers/database')
2import { checkErrors } from './utils'
3import { logger } from '../../helpers'
4
5function usersAddValidator (req, res, next) {
6 req.checkBody('username', 'Should have a valid username').isUserUsernameValid()
7 req.checkBody('password', 'Should have a valid password').isUserPasswordValid()
8 req.checkBody('email', 'Should have a valid email').isEmail()
9
10 logger.debug('Checking usersAdd parameters', { parameters: req.body })
11
12 checkErrors(req, res, function () {
13 db.User.loadByUsernameOrEmail(req.body.username, req.body.email, function (err, user) {
14 if (err) {
15 logger.error('Error in usersAdd request validator.', { error: err })
16 return res.sendStatus(500)
17 }
18
19 if (user) return res.status(409).send('User already exists.')
20
21 next()
22 })
23 })
24}
25
26function usersRemoveValidator (req, res, next) {
27 req.checkParams('id', 'Should have a valid id').notEmpty().isInt()
28
29 logger.debug('Checking usersRemove parameters', { parameters: req.params })
30
31 checkErrors(req, res, function () {
32 db.User.loadById(req.params.id, function (err, user) {
33 if (err) {
34 logger.error('Error in usersRemove request validator.', { error: err })
35 return res.sendStatus(500)
36 }
37
38 if (!user) return res.status(404).send('User not found')
39
40 if (user.username === 'root') return res.status(400).send('Cannot remove the root user')
41
42 next()
43 })
44 })
45}
46
47function usersUpdateValidator (req, res, next) {
48 req.checkParams('id', 'Should have a valid id').notEmpty().isInt()
49 // Add old password verification
50 req.checkBody('password', 'Should have a valid password').optional().isUserPasswordValid()
51 req.checkBody('displayNSFW', 'Should have a valid display Not Safe For Work attribute').optional().isUserDisplayNSFWValid()
52
53 logger.debug('Checking usersUpdate parameters', { parameters: req.body })
54
55 checkErrors(req, res, next)
56}
57
58function usersVideoRatingValidator (req, res, next) {
59 req.checkParams('videoId', 'Should have a valid video id').notEmpty().isUUID(4)
60
61 logger.debug('Checking usersVideoRating parameters', { parameters: req.params })
62
63 checkErrors(req, res, function () {
64 db.Video.load(req.params.videoId, function (err, video) {
65 if (err) {
66 logger.error('Error in user request validator.', { error: err })
67 return res.sendStatus(500)
68 }
69
70 if (!video) return res.status(404).send('Video not found')
71
72 next()
73 })
74 })
75}
76
77// ---------------------------------------------------------------------------
78
79export {
80 usersAddValidator,
81 usersRemoveValidator,
82 usersUpdateValidator,
83 usersVideoRatingValidator
84}