diff options
Diffstat (limited to 'server/middlewares/validators/users.ts')
-rw-r--r-- | server/middlewares/validators/users.ts | 42 |
1 files changed, 8 insertions, 34 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index c3a07fccd..282034f6d 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -1,6 +1,5 @@ | |||
1 | import express from 'express' | 1 | import express from 'express' |
2 | import { body, param, query } from 'express-validator' | 2 | import { body, param, query } from 'express-validator' |
3 | import { omit } from 'lodash' | ||
4 | import { Hooks } from '@server/lib/plugins/hooks' | 3 | import { Hooks } from '@server/lib/plugins/hooks' |
5 | import { MUserDefault } from '@server/types/models' | 4 | import { MUserDefault } from '@server/types/models' |
6 | import { HttpStatusCode, UserRegister, UserRight, UserRole } from '@shared/models' | 5 | import { HttpStatusCode, UserRegister, UserRight, UserRole } from '@shared/models' |
@@ -41,8 +40,6 @@ const usersListValidator = [ | |||
41 | .isBoolean().withMessage('Should be a valid blocked boolena'), | 40 | .isBoolean().withMessage('Should be a valid blocked boolena'), |
42 | 41 | ||
43 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 42 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
44 | logger.debug('Checking usersList parameters', { parameters: req.query }) | ||
45 | |||
46 | if (areValidationErrors(req, res)) return | 43 | if (areValidationErrors(req, res)) return |
47 | 44 | ||
48 | return next() | 45 | return next() |
@@ -76,9 +73,7 @@ const usersAddValidator = [ | |||
76 | .custom(isUserAdminFlagsValid), | 73 | .custom(isUserAdminFlagsValid), |
77 | 74 | ||
78 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 75 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
79 | logger.debug('Checking usersAdd parameters', { parameters: omit(req.body, 'password') }) | 76 | if (areValidationErrors(req, res, { omitBodyLog: true })) return |
80 | |||
81 | if (areValidationErrors(req, res)) return | ||
82 | if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return | 77 | if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return |
83 | 78 | ||
84 | const authUser = res.locals.oauth.token.User | 79 | const authUser = res.locals.oauth.token.User |
@@ -126,9 +121,7 @@ const usersRegisterValidator = [ | |||
126 | .custom(isVideoChannelDisplayNameValid), | 121 | .custom(isVideoChannelDisplayNameValid), |
127 | 122 | ||
128 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 123 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
129 | logger.debug('Checking usersRegister parameters', { parameters: omit(req.body, 'password') }) | 124 | if (areValidationErrors(req, res, { omitBodyLog: true })) return |
130 | |||
131 | if (areValidationErrors(req, res)) return | ||
132 | if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return | 125 | if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return |
133 | 126 | ||
134 | const body: UserRegister = req.body | 127 | const body: UserRegister = req.body |
@@ -159,8 +152,6 @@ const usersRemoveValidator = [ | |||
159 | .custom(isIdValid), | 152 | .custom(isIdValid), |
160 | 153 | ||
161 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 154 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
162 | logger.debug('Checking usersRemove parameters', { parameters: req.params }) | ||
163 | |||
164 | if (areValidationErrors(req, res)) return | 155 | if (areValidationErrors(req, res)) return |
165 | if (!await checkUserIdExist(req.params.id, res)) return | 156 | if (!await checkUserIdExist(req.params.id, res)) return |
166 | 157 | ||
@@ -181,8 +172,6 @@ const usersBlockingValidator = [ | |||
181 | .custom(isUserBlockedReasonValid), | 172 | .custom(isUserBlockedReasonValid), |
182 | 173 | ||
183 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 174 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
184 | logger.debug('Checking usersBlocking parameters', { parameters: req.params }) | ||
185 | |||
186 | if (areValidationErrors(req, res)) return | 175 | if (areValidationErrors(req, res)) return |
187 | if (!await checkUserIdExist(req.params.id, res)) return | 176 | if (!await checkUserIdExist(req.params.id, res)) return |
188 | 177 | ||
@@ -236,9 +225,7 @@ const usersUpdateValidator = [ | |||
236 | .custom(isUserAdminFlagsValid), | 225 | .custom(isUserAdminFlagsValid), |
237 | 226 | ||
238 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 227 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
239 | logger.debug('Checking usersUpdate parameters', { parameters: req.body }) | 228 | if (areValidationErrors(req, res, { omitBodyLog: true })) return |
240 | |||
241 | if (areValidationErrors(req, res)) return | ||
242 | if (!await checkUserIdExist(req.params.id, res)) return | 229 | if (!await checkUserIdExist(req.params.id, res)) return |
243 | 230 | ||
244 | const user = res.locals.user | 231 | const user = res.locals.user |
@@ -300,8 +287,6 @@ const usersUpdateMeValidator = [ | |||
300 | .custom(v => isUserAutoPlayNextVideoValid(v)).withMessage('Should have a valid autoPlayNextVideo boolean'), | 287 | .custom(v => isUserAutoPlayNextVideoValid(v)).withMessage('Should have a valid autoPlayNextVideo boolean'), |
301 | 288 | ||
302 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 289 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
303 | logger.debug('Checking usersUpdateMe parameters', { parameters: omit(req.body, 'password') }) | ||
304 | |||
305 | const user = res.locals.oauth.token.User | 290 | const user = res.locals.oauth.token.User |
306 | 291 | ||
307 | if (req.body.password || req.body.email) { | 292 | if (req.body.password || req.body.email) { |
@@ -321,7 +306,7 @@ const usersUpdateMeValidator = [ | |||
321 | } | 306 | } |
322 | } | 307 | } |
323 | 308 | ||
324 | if (areValidationErrors(req, res)) return | 309 | if (areValidationErrors(req, res, { omitBodyLog: true })) return |
325 | 310 | ||
326 | return next() | 311 | return next() |
327 | } | 312 | } |
@@ -335,8 +320,6 @@ const usersGetValidator = [ | |||
335 | .isBoolean().withMessage('Should have a valid withStats boolean'), | 320 | .isBoolean().withMessage('Should have a valid withStats boolean'), |
336 | 321 | ||
337 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 322 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
338 | logger.debug('Checking usersGet parameters', { parameters: req.params }) | ||
339 | |||
340 | if (areValidationErrors(req, res)) return | 323 | if (areValidationErrors(req, res)) return |
341 | if (!await checkUserIdExist(req.params.id, res, req.query.withStats)) return | 324 | if (!await checkUserIdExist(req.params.id, res, req.query.withStats)) return |
342 | 325 | ||
@@ -348,8 +331,6 @@ const usersVideoRatingValidator = [ | |||
348 | isValidVideoIdParam('videoId'), | 331 | isValidVideoIdParam('videoId'), |
349 | 332 | ||
350 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 333 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
351 | logger.debug('Checking usersVideoRating parameters', { parameters: req.params }) | ||
352 | |||
353 | if (areValidationErrors(req, res)) return | 334 | if (areValidationErrors(req, res)) return |
354 | if (!await doesVideoExist(req.params.videoId, res, 'id')) return | 335 | if (!await doesVideoExist(req.params.videoId, res, 'id')) return |
355 | 336 | ||
@@ -369,8 +350,6 @@ const usersVideosValidator = [ | |||
369 | .custom(isIdValid), | 350 | .custom(isIdValid), |
370 | 351 | ||
371 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 352 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
372 | logger.debug('Checking usersVideosValidator parameters', { parameters: req.query }) | ||
373 | |||
374 | if (areValidationErrors(req, res)) return | 353 | if (areValidationErrors(req, res)) return |
375 | 354 | ||
376 | if (req.query.channelId && !await doesVideoChannelIdExist(req.query.channelId, res)) return | 355 | if (req.query.channelId && !await doesVideoChannelIdExist(req.query.channelId, res)) return |
@@ -423,8 +402,6 @@ const usersAskResetPasswordValidator = [ | |||
423 | .isEmail(), | 402 | .isEmail(), |
424 | 403 | ||
425 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 404 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
426 | logger.debug('Checking usersAskResetPassword parameters', { parameters: req.body }) | ||
427 | |||
428 | if (areValidationErrors(req, res)) return | 405 | if (areValidationErrors(req, res)) return |
429 | 406 | ||
430 | const exists = await checkUserEmailExist(req.body.email, res, false) | 407 | const exists = await checkUserEmailExist(req.body.email, res, false) |
@@ -447,8 +424,6 @@ const usersResetPasswordValidator = [ | |||
447 | .custom(isUserPasswordValid), | 424 | .custom(isUserPasswordValid), |
448 | 425 | ||
449 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 426 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
450 | logger.debug('Checking usersResetPassword parameters', { parameters: req.params }) | ||
451 | |||
452 | if (areValidationErrors(req, res)) return | 427 | if (areValidationErrors(req, res)) return |
453 | if (!await checkUserIdExist(req.params.id, res)) return | 428 | if (!await checkUserIdExist(req.params.id, res)) return |
454 | 429 | ||
@@ -470,9 +445,8 @@ const usersAskSendVerifyEmailValidator = [ | |||
470 | body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'), | 445 | body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'), |
471 | 446 | ||
472 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 447 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
473 | logger.debug('Checking askUsersSendVerifyEmail parameters', { parameters: req.body }) | ||
474 | |||
475 | if (areValidationErrors(req, res)) return | 448 | if (areValidationErrors(req, res)) return |
449 | |||
476 | const exists = await checkUserEmailExist(req.body.email, res, false) | 450 | const exists = await checkUserEmailExist(req.body.email, res, false) |
477 | if (!exists) { | 451 | if (!exists) { |
478 | logger.debug('User with email %s does not exist (asking verify email).', req.body.email) | 452 | logger.debug('User with email %s does not exist (asking verify email).', req.body.email) |
@@ -495,8 +469,6 @@ const usersVerifyEmailValidator = [ | |||
495 | .customSanitizer(toBooleanOrNull), | 469 | .customSanitizer(toBooleanOrNull), |
496 | 470 | ||
497 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 471 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
498 | logger.debug('Checking usersVerifyEmail parameters', { parameters: req.params }) | ||
499 | |||
500 | if (areValidationErrors(req, res)) return | 472 | if (areValidationErrors(req, res)) return |
501 | if (!await checkUserIdExist(req.params.id, res)) return | 473 | if (!await checkUserIdExist(req.params.id, res)) return |
502 | 474 | ||
@@ -515,7 +487,9 @@ const usersVerifyEmailValidator = [ | |||
515 | ] | 487 | ] |
516 | 488 | ||
517 | const userAutocompleteValidator = [ | 489 | const userAutocompleteValidator = [ |
518 | param('search').isString().not().isEmpty().withMessage('Should have a search parameter') | 490 | param('search') |
491 | .isString() | ||
492 | .not().isEmpty() | ||
519 | ] | 493 | ] |
520 | 494 | ||
521 | const ensureAuthUserOwnsAccountValidator = [ | 495 | const ensureAuthUserOwnsAccountValidator = [ |