aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators/videos.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/validators/videos.ts')
-rw-r--r--server/middlewares/validators/videos.ts36
1 files changed, 6 insertions, 30 deletions
diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts
index 59d65d5a4..899def6fc 100644
--- a/server/middlewares/validators/videos.ts
+++ b/server/middlewares/validators/videos.ts
@@ -12,6 +12,7 @@ import {
12 toValueOrNull 12 toValueOrNull
13} from '../../helpers/custom-validators/misc' 13} from '../../helpers/custom-validators/misc'
14import { 14import {
15 checkUserCanManageVideo,
15 isScheduleVideoUpdatePrivacyValid, 16 isScheduleVideoUpdatePrivacyValid,
16 isVideoAbuseReasonValid, 17 isVideoAbuseReasonValid,
17 isVideoCategoryValid, 18 isVideoCategoryValid,
@@ -31,8 +32,6 @@ import {
31import { getDurationFromVideoFile } from '../../helpers/ffmpeg-utils' 32import { getDurationFromVideoFile } from '../../helpers/ffmpeg-utils'
32import { logger } from '../../helpers/logger' 33import { logger } from '../../helpers/logger'
33import { CONSTRAINTS_FIELDS } from '../../initializers' 34import { CONSTRAINTS_FIELDS } from '../../initializers'
34import { UserModel } from '../../models/account/user'
35import { VideoModel } from '../../models/video/video'
36import { VideoShareModel } from '../../models/video/video-share' 35import { VideoShareModel } from '../../models/video/video-share'
37import { authenticate } from '../oauth' 36import { authenticate } from '../oauth'
38import { areValidationErrors } from './utils' 37import { areValidationErrors } from './utils'
@@ -40,17 +39,17 @@ import { areValidationErrors } from './utils'
40const videosAddValidator = [ 39const videosAddValidator = [
41 body('videofile') 40 body('videofile')
42 .custom((value, { req }) => isVideoFile(req.files)).withMessage( 41 .custom((value, { req }) => isVideoFile(req.files)).withMessage(
43 'This file is not supported or too large. Please, make sure it is of the following type : ' 42 'This file is not supported or too large. Please, make sure it is of the following type: '
44 + CONSTRAINTS_FIELDS.VIDEOS.EXTNAME.join(', ') 43 + CONSTRAINTS_FIELDS.VIDEOS.EXTNAME.join(', ')
45 ), 44 ),
46 body('thumbnailfile') 45 body('thumbnailfile')
47 .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage( 46 .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage(
48 'This thumbnail file is not supported or too large. Please, make sure it is of the following type : ' 47 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: '
49 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') 48 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ')
50 ), 49 ),
51 body('previewfile') 50 body('previewfile')
52 .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage( 51 .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage(
53 'This preview file is not supported or too large. Please, make sure it is of the following type : ' 52 'This preview file is not supported or too large. Please, make sure it is of the following type: '
54 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') 53 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ')
55 ), 54 ),
56 body('name').custom(isVideoNameValid).withMessage('Should have a valid name'), 55 body('name').custom(isVideoNameValid).withMessage('Should have a valid name'),
@@ -152,12 +151,12 @@ const videosUpdateValidator = [
152 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), 151 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
153 body('thumbnailfile') 152 body('thumbnailfile')
154 .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage( 153 .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage(
155 'This thumbnail file is not supported or too large. Please, make sure it is of the following type : ' 154 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: '
156 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') 155 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ')
157 ), 156 ),
158 body('previewfile') 157 body('previewfile')
159 .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage( 158 .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage(
160 'This preview file is not supported or too large. Please, make sure it is of the following type : ' 159 'This preview file is not supported or too large. Please, make sure it is of the following type: '
161 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') 160 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ')
162 ), 161 ),
163 body('name') 162 body('name')
@@ -373,29 +372,6 @@ export {
373 372
374// --------------------------------------------------------------------------- 373// ---------------------------------------------------------------------------
375 374
376function checkUserCanManageVideo (user: UserModel, video: VideoModel, right: UserRight, res: express.Response) {
377 // Retrieve the user who did the request
378 if (video.isOwned() === false) {
379 res.status(403)
380 .json({ error: 'Cannot manage a video of another server.' })
381 .end()
382 return false
383 }
384
385 // Check if the user can delete the video
386 // The user can delete it if he has the right
387 // Or if s/he is the video's account
388 const account = video.VideoChannel.Account
389 if (user.hasRight(right) === false && account.userId !== user.id) {
390 res.status(403)
391 .json({ error: 'Cannot manage a video of another user.' })
392 .end()
393 return false
394 }
395
396 return true
397}
398
399function areErrorsInVideoImageFiles (req: express.Request, res: express.Response) { 375function areErrorsInVideoImageFiles (req: express.Request, res: express.Response) {
400 // Files are optional 376 // Files are optional
401 if (!req.files) return false 377 if (!req.files) return false