aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators/videos.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/validators/videos.ts')
-rw-r--r--server/middlewares/validators/videos.ts42
1 files changed, 32 insertions, 10 deletions
diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts
index 519e3d46c..213b4c46b 100644
--- a/server/middlewares/validators/videos.ts
+++ b/server/middlewares/validators/videos.ts
@@ -30,7 +30,9 @@ function videosAddValidator (req: express.Request, res: express.Response, next:
30 user.isAbleToUploadVideo(videoFile) 30 user.isAbleToUploadVideo(videoFile)
31 .then(isAble => { 31 .then(isAble => {
32 if (isAble === false) { 32 if (isAble === false) {
33 res.status(403).send('The user video quota is exceeded with this video.') 33 res.status(403)
34 .json({ error: 'The user video quota is exceeded with this video.' })
35 .end()
34 36
35 return undefined 37 return undefined
36 } 38 }
@@ -38,17 +40,23 @@ function videosAddValidator (req: express.Request, res: express.Response, next:
38 return db.Video.getDurationFromFile(videoFile.path) 40 return db.Video.getDurationFromFile(videoFile.path)
39 .catch(err => { 41 .catch(err => {
40 logger.error('Invalid input file in videosAddValidator.', err) 42 logger.error('Invalid input file in videosAddValidator.', err)
41 res.status(400).send('Invalid input file.') 43 res.status(400)
44 .json({ error: 'Invalid input file.' })
45 .end()
42 46
43 return undefined 47 return undefined
44 }) 48 })
45 }) 49 })
46 .then(duration => { 50 .then(duration => {
47 // Previous test failed, abort 51 // Previous test failed, abort
48 if (duration === undefined) return undefined 52 if (duration === undefined) return
49 53
50 if (!isVideoDurationValid('' + duration)) { 54 if (!isVideoDurationValid('' + duration)) {
51 return res.status(400).send('Duration of the video file is too big (max: ' + CONSTRAINTS_FIELDS.VIDEOS.DURATION.max + 's).') 55 return res.status(400)
56 .json({
57 error: 'Duration of the video file is too big (max: ' + CONSTRAINTS_FIELDS.VIDEOS.DURATION.max + 's).'
58 })
59 .end()
52 } 60 }
53 61
54 videoFile['duration'] = duration 62 videoFile['duration'] = duration
@@ -80,11 +88,15 @@ function videosUpdateValidator (req: express.Request, res: express.Response, nex
80 checkVideoExists(req.params.id, res, () => { 88 checkVideoExists(req.params.id, res, () => {
81 // We need to make additional checks 89 // We need to make additional checks
82 if (res.locals.video.isOwned() === false) { 90 if (res.locals.video.isOwned() === false) {
83 return res.status(403).send('Cannot update video of another pod') 91 return res.status(403)
92 .json({ error: 'Cannot update video of another pod' })
93 .end()
84 } 94 }
85 95
86 if (res.locals.video.Author.userId !== res.locals.oauth.token.User.id) { 96 if (res.locals.video.Author.userId !== res.locals.oauth.token.User.id) {
87 return res.status(403).send('Cannot update video of another user') 97 return res.status(403)
98 .json({ error: 'Cannot update video of another user' })
99 .end()
88 } 100 }
89 101
90 next() 102 next()
@@ -188,7 +200,11 @@ function checkVideoExists (id: string, res: express.Response, callback: () => vo
188 } 200 }
189 201
190 promise.then(video => { 202 promise.then(video => {
191 if (!video) return res.status(404).send('Video not found') 203 if (!video) {
204 return res.status(404)
205 .json({ error: 'Video not found' })
206 .end()
207 }
192 208
193 res.locals.video = video 209 res.locals.video = video
194 callback() 210 callback()
@@ -204,14 +220,18 @@ function checkUserCanDeleteVideo (userId: number, res: express.Response, callbac
204 db.User.loadById(userId) 220 db.User.loadById(userId)
205 .then(user => { 221 .then(user => {
206 if (res.locals.video.isOwned() === false) { 222 if (res.locals.video.isOwned() === false) {
207 return res.status(403).send('Cannot remove video of another pod, blacklist it') 223 return res.status(403)
224 .json({ error: 'Cannot remove video of another pod, blacklist it' })
225 .end()
208 } 226 }
209 227
210 // Check if the user can delete the video 228 // Check if the user can delete the video
211 // The user can delete it if s/he is an admin 229 // The user can delete it if s/he is an admin
212 // Or if s/he is the video's author 230 // Or if s/he is the video's author
213 if (user.isAdmin() === false && res.locals.video.Author.userId !== res.locals.oauth.token.User.id) { 231 if (user.isAdmin() === false && res.locals.video.Author.userId !== res.locals.oauth.token.User.id) {
214 return res.status(403).send('Cannot remove video of another user') 232 return res.status(403)
233 .json({ error: 'Cannot remove video of another user' })
234 .end()
215 } 235 }
216 236
217 // If we reach this comment, we can delete the video 237 // If we reach this comment, we can delete the video
@@ -225,7 +245,9 @@ function checkUserCanDeleteVideo (userId: number, res: express.Response, callbac
225 245
226function checkVideoIsBlacklistable (req: express.Request, res: express.Response, callback: () => void) { 246function checkVideoIsBlacklistable (req: express.Request, res: express.Response, callback: () => void) {
227 if (res.locals.video.isOwned() === true) { 247 if (res.locals.video.isOwned() === true) {
228 return res.status(403).send('Cannot blacklist a local video') 248 return res.status(403)
249 .json({ error: 'Cannot blacklist a local video' })
250 .end()
229 } 251 }
230 252
231 callback() 253 callback()
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-01 10:00:41 +0000