aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators/users.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/validators/users.ts')
-rw-r--r--server/middlewares/validators/users.ts42
1 files changed, 8 insertions, 34 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index c3a07fccd..282034f6d 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -1,6 +1,5 @@
1import express from 'express' 1import express from 'express'
2import { body, param, query } from 'express-validator' 2import { body, param, query } from 'express-validator'
3import { omit } from 'lodash'
4import { Hooks } from '@server/lib/plugins/hooks' 3import { Hooks } from '@server/lib/plugins/hooks'
5import { MUserDefault } from '@server/types/models' 4import { MUserDefault } from '@server/types/models'
6import { HttpStatusCode, UserRegister, UserRight, UserRole } from '@shared/models' 5import { HttpStatusCode, UserRegister, UserRight, UserRole } from '@shared/models'
@@ -41,8 +40,6 @@ const usersListValidator = [
41 .isBoolean().withMessage('Should be a valid blocked boolena'), 40 .isBoolean().withMessage('Should be a valid blocked boolena'),
42 41
43 (req: express.Request, res: express.Response, next: express.NextFunction) => { 42 (req: express.Request, res: express.Response, next: express.NextFunction) => {
44 logger.debug('Checking usersList parameters', { parameters: req.query })
45
46 if (areValidationErrors(req, res)) return 43 if (areValidationErrors(req, res)) return
47 44
48 return next() 45 return next()
@@ -76,9 +73,7 @@ const usersAddValidator = [
76 .custom(isUserAdminFlagsValid), 73 .custom(isUserAdminFlagsValid),
77 74
78 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 75 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
79 logger.debug('Checking usersAdd parameters', { parameters: omit(req.body, 'password') }) 76 if (areValidationErrors(req, res, { omitBodyLog: true })) return
80
81 if (areValidationErrors(req, res)) return
82 if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return 77 if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return
83 78
84 const authUser = res.locals.oauth.token.User 79 const authUser = res.locals.oauth.token.User
@@ -126,9 +121,7 @@ const usersRegisterValidator = [
126 .custom(isVideoChannelDisplayNameValid), 121 .custom(isVideoChannelDisplayNameValid),
127 122
128 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 123 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
129 logger.debug('Checking usersRegister parameters', { parameters: omit(req.body, 'password') }) 124 if (areValidationErrors(req, res, { omitBodyLog: true })) return
130
131 if (areValidationErrors(req, res)) return
132 if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return 125 if (!await checkUserNameOrEmailDoesNotAlreadyExist(req.body.username, req.body.email, res)) return
133 126
134 const body: UserRegister = req.body 127 const body: UserRegister = req.body
@@ -159,8 +152,6 @@ const usersRemoveValidator = [
159 .custom(isIdValid), 152 .custom(isIdValid),
160 153
161 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 154 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
162 logger.debug('Checking usersRemove parameters', { parameters: req.params })
163
164 if (areValidationErrors(req, res)) return 155 if (areValidationErrors(req, res)) return
165 if (!await checkUserIdExist(req.params.id, res)) return 156 if (!await checkUserIdExist(req.params.id, res)) return
166 157
@@ -181,8 +172,6 @@ const usersBlockingValidator = [
181 .custom(isUserBlockedReasonValid), 172 .custom(isUserBlockedReasonValid),
182 173
183 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 174 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
184 logger.debug('Checking usersBlocking parameters', { parameters: req.params })
185
186 if (areValidationErrors(req, res)) return 175 if (areValidationErrors(req, res)) return
187 if (!await checkUserIdExist(req.params.id, res)) return 176 if (!await checkUserIdExist(req.params.id, res)) return
188 177
@@ -236,9 +225,7 @@ const usersUpdateValidator = [
236 .custom(isUserAdminFlagsValid), 225 .custom(isUserAdminFlagsValid),
237 226
238 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 227 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
239 logger.debug('Checking usersUpdate parameters', { parameters: req.body }) 228 if (areValidationErrors(req, res, { omitBodyLog: true })) return
240
241 if (areValidationErrors(req, res)) return
242 if (!await checkUserIdExist(req.params.id, res)) return 229 if (!await checkUserIdExist(req.params.id, res)) return
243 230
244 const user = res.locals.user 231 const user = res.locals.user
@@ -300,8 +287,6 @@ const usersUpdateMeValidator = [
300 .custom(v => isUserAutoPlayNextVideoValid(v)).withMessage('Should have a valid autoPlayNextVideo boolean'), 287 .custom(v => isUserAutoPlayNextVideoValid(v)).withMessage('Should have a valid autoPlayNextVideo boolean'),
301 288
302 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 289 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
303 logger.debug('Checking usersUpdateMe parameters', { parameters: omit(req.body, 'password') })
304
305 const user = res.locals.oauth.token.User 290 const user = res.locals.oauth.token.User
306 291
307 if (req.body.password || req.body.email) { 292 if (req.body.password || req.body.email) {
@@ -321,7 +306,7 @@ const usersUpdateMeValidator = [
321 } 306 }
322 } 307 }
323 308
324 if (areValidationErrors(req, res)) return 309 if (areValidationErrors(req, res, { omitBodyLog: true })) return
325 310
326 return next() 311 return next()
327 } 312 }
@@ -335,8 +320,6 @@ const usersGetValidator = [
335 .isBoolean().withMessage('Should have a valid withStats boolean'), 320 .isBoolean().withMessage('Should have a valid withStats boolean'),
336 321
337 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 322 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
338 logger.debug('Checking usersGet parameters', { parameters: req.params })
339
340 if (areValidationErrors(req, res)) return 323 if (areValidationErrors(req, res)) return
341 if (!await checkUserIdExist(req.params.id, res, req.query.withStats)) return 324 if (!await checkUserIdExist(req.params.id, res, req.query.withStats)) return
342 325
@@ -348,8 +331,6 @@ const usersVideoRatingValidator = [
348 isValidVideoIdParam('videoId'), 331 isValidVideoIdParam('videoId'),
349 332
350 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 333 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
351 logger.debug('Checking usersVideoRating parameters', { parameters: req.params })
352
353 if (areValidationErrors(req, res)) return 334 if (areValidationErrors(req, res)) return
354 if (!await doesVideoExist(req.params.videoId, res, 'id')) return 335 if (!await doesVideoExist(req.params.videoId, res, 'id')) return
355 336
@@ -369,8 +350,6 @@ const usersVideosValidator = [
369 .custom(isIdValid), 350 .custom(isIdValid),
370 351
371 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 352 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
372 logger.debug('Checking usersVideosValidator parameters', { parameters: req.query })
373
374 if (areValidationErrors(req, res)) return 353 if (areValidationErrors(req, res)) return
375 354
376 if (req.query.channelId && !await doesVideoChannelIdExist(req.query.channelId, res)) return 355 if (req.query.channelId && !await doesVideoChannelIdExist(req.query.channelId, res)) return
@@ -423,8 +402,6 @@ const usersAskResetPasswordValidator = [
423 .isEmail(), 402 .isEmail(),
424 403
425 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 404 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
426 logger.debug('Checking usersAskResetPassword parameters', { parameters: req.body })
427
428 if (areValidationErrors(req, res)) return 405 if (areValidationErrors(req, res)) return
429 406
430 const exists = await checkUserEmailExist(req.body.email, res, false) 407 const exists = await checkUserEmailExist(req.body.email, res, false)
@@ -447,8 +424,6 @@ const usersResetPasswordValidator = [
447 .custom(isUserPasswordValid), 424 .custom(isUserPasswordValid),
448 425
449 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 426 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
450 logger.debug('Checking usersResetPassword parameters', { parameters: req.params })
451
452 if (areValidationErrors(req, res)) return 427 if (areValidationErrors(req, res)) return
453 if (!await checkUserIdExist(req.params.id, res)) return 428 if (!await checkUserIdExist(req.params.id, res)) return
454 429
@@ -470,9 +445,8 @@ const usersAskSendVerifyEmailValidator = [
470 body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'), 445 body('email').isEmail().not().isEmpty().withMessage('Should have a valid email'),
471 446
472 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 447 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
473 logger.debug('Checking askUsersSendVerifyEmail parameters', { parameters: req.body })
474
475 if (areValidationErrors(req, res)) return 448 if (areValidationErrors(req, res)) return
449
476 const exists = await checkUserEmailExist(req.body.email, res, false) 450 const exists = await checkUserEmailExist(req.body.email, res, false)
477 if (!exists) { 451 if (!exists) {
478 logger.debug('User with email %s does not exist (asking verify email).', req.body.email) 452 logger.debug('User with email %s does not exist (asking verify email).', req.body.email)
@@ -495,8 +469,6 @@ const usersVerifyEmailValidator = [
495 .customSanitizer(toBooleanOrNull), 469 .customSanitizer(toBooleanOrNull),
496 470
497 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 471 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
498 logger.debug('Checking usersVerifyEmail parameters', { parameters: req.params })
499
500 if (areValidationErrors(req, res)) return 472 if (areValidationErrors(req, res)) return
501 if (!await checkUserIdExist(req.params.id, res)) return 473 if (!await checkUserIdExist(req.params.id, res)) return
502 474
@@ -515,7 +487,9 @@ const usersVerifyEmailValidator = [
515] 487]
516 488
517const userAutocompleteValidator = [ 489const userAutocompleteValidator = [
518 param('search').isString().not().isEmpty().withMessage('Should have a search parameter') 490 param('search')
491 .isString()
492 .not().isEmpty()
519] 493]
520 494
521const ensureAuthUserOwnsAccountValidator = [ 495const ensureAuthUserOwnsAccountValidator = [