aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators/videos/videos.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/validators/videos/videos.ts')
-rw-r--r--server/middlewares/validators/videos/videos.ts23
1 files changed, 12 insertions, 11 deletions
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index af0072d73..9834f714b 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -51,6 +51,7 @@ import { AccountModel } from '../../../models/account/account'
51import { VideoModel } from '../../../models/video/video' 51import { VideoModel } from '../../../models/video/video'
52import { authenticatePromiseIfNeeded } from '../../oauth' 52import { authenticatePromiseIfNeeded } from '../../oauth'
53import { areValidationErrors } from '../utils' 53import { areValidationErrors } from '../utils'
54import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
54 55
55const videosAddValidator = getCommonVideoEditAttributes().concat([ 56const videosAddValidator = getCommonVideoEditAttributes().concat([
56 body('videofile') 57 body('videofile')
@@ -75,7 +76,7 @@ const videosAddValidator = getCommonVideoEditAttributes().concat([
75 if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req) 76 if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
76 77
77 if (await isAbleToUploadVideo(user.id, videoFile.size) === false) { 78 if (await isAbleToUploadVideo(user.id, videoFile.size) === false) {
78 res.status(403) 79 res.status(HttpStatusCode.FORBIDDEN_403)
79 .json({ error: 'The user video quota is exceeded with this video.' }) 80 .json({ error: 'The user video quota is exceeded with this video.' })
80 81
81 return cleanUpReqFiles(req) 82 return cleanUpReqFiles(req)
@@ -87,7 +88,7 @@ const videosAddValidator = getCommonVideoEditAttributes().concat([
87 duration = await getDurationFromVideoFile(videoFile.path) 88 duration = await getDurationFromVideoFile(videoFile.path)
88 } catch (err) { 89 } catch (err) {
89 logger.error('Invalid input file in videosAddValidator.', { err }) 90 logger.error('Invalid input file in videosAddValidator.', { err })
90 res.status(400) 91 res.status(HttpStatusCode.BAD_REQUEST_400)
91 .json({ error: 'Invalid input file.' }) 92 .json({ error: 'Invalid input file.' })
92 93
93 return cleanUpReqFiles(req) 94 return cleanUpReqFiles(req)
@@ -147,7 +148,7 @@ async function checkVideoFollowConstraints (req: express.Request, res: express.R
147 const serverActor = await getServerActor() 148 const serverActor = await getServerActor()
148 if (await VideoModel.checkVideoHasInstanceFollow(video.id, serverActor.id) === true) return next() 149 if (await VideoModel.checkVideoHasInstanceFollow(video.id, serverActor.id) === true) return next()
149 150
150 return res.status(403) 151 return res.status(HttpStatusCode.FORBIDDEN_403)
151 .json({ 152 .json({
152 errorCode: ServerErrorCode.DOES_NOT_RESPECT_FOLLOW_CONSTRAINTS, 153 errorCode: ServerErrorCode.DOES_NOT_RESPECT_FOLLOW_CONSTRAINTS,
153 error: 'Cannot get this video regarding follow constraints.', 154 error: 'Cannot get this video regarding follow constraints.',
@@ -182,7 +183,7 @@ const videosCustomGetValidator = (
182 183
183 // Only the owner or a user that have blacklist rights can see the video 184 // Only the owner or a user that have blacklist rights can see the video
184 if (!user || !user.canGetVideo(videoAll)) { 185 if (!user || !user.canGetVideo(videoAll)) {
185 return res.status(403) 186 return res.status(HttpStatusCode.FORBIDDEN_403)
186 .json({ error: 'Cannot get this private/internal or blacklisted video.' }) 187 .json({ error: 'Cannot get this private/internal or blacklisted video.' })
187 } 188 }
188 189
@@ -197,7 +198,7 @@ const videosCustomGetValidator = (
197 if (isUUIDValid(req.params.id)) return next() 198 if (isUUIDValid(req.params.id)) return next()
198 199
199 // Don't leak this unlisted video 200 // Don't leak this unlisted video
200 return res.status(404).end() 201 return res.status(HttpStatusCode.NOT_FOUND_404).end()
201 } 202 }
202 } 203 }
203 ] 204 ]
@@ -250,7 +251,7 @@ const videosChangeOwnershipValidator = [
250 251
251 const nextOwner = await AccountModel.loadLocalByName(req.body.username) 252 const nextOwner = await AccountModel.loadLocalByName(req.body.username)
252 if (!nextOwner) { 253 if (!nextOwner) {
253 res.status(400) 254 res.status(HttpStatusCode.BAD_REQUEST_400)
254 .json({ error: 'Changing video ownership to a remote account is not supported yet' }) 255 .json({ error: 'Changing video ownership to a remote account is not supported yet' })
255 256
256 return 257 return
@@ -276,7 +277,7 @@ const videosTerminateChangeOwnershipValidator = [
276 const videoChangeOwnership = res.locals.videoChangeOwnership 277 const videoChangeOwnership = res.locals.videoChangeOwnership
277 278
278 if (videoChangeOwnership.status !== VideoChangeOwnershipStatus.WAITING) { 279 if (videoChangeOwnership.status !== VideoChangeOwnershipStatus.WAITING) {
279 res.status(403) 280 res.status(HttpStatusCode.FORBIDDEN_403)
280 .json({ error: 'Ownership already accepted or refused' }) 281 .json({ error: 'Ownership already accepted or refused' })
281 return 282 return
282 } 283 }
@@ -294,7 +295,7 @@ const videosAcceptChangeOwnershipValidator = [
294 const videoChangeOwnership = res.locals.videoChangeOwnership 295 const videoChangeOwnership = res.locals.videoChangeOwnership
295 const isAble = await isAbleToUploadVideo(user.id, videoChangeOwnership.Video.getMaxQualityFile().size) 296 const isAble = await isAbleToUploadVideo(user.id, videoChangeOwnership.Video.getMaxQualityFile().size)
296 if (isAble === false) { 297 if (isAble === false) {
297 res.status(403) 298 res.status(HttpStatusCode.FORBIDDEN_403)
298 .json({ error: 'The user video quota is exceeded with this video.' }) 299 .json({ error: 'The user video quota is exceeded with this video.' })
299 300
300 return 301 return
@@ -433,7 +434,7 @@ const commonVideosFiltersValidator = [
433 (req.query.filter === 'all-local' || req.query.filter === 'all') && 434 (req.query.filter === 'all-local' || req.query.filter === 'all') &&
434 (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false) 435 (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false)
435 ) { 436 ) {
436 res.status(401) 437 res.status(HttpStatusCode.UNAUTHORIZED_401)
437 .json({ error: 'You are not allowed to see all local videos.' }) 438 .json({ error: 'You are not allowed to see all local videos.' })
438 439
439 return 440 return
@@ -473,7 +474,7 @@ function areErrorsInScheduleUpdate (req: express.Request, res: express.Response)
473 if (!req.body.scheduleUpdate.updateAt) { 474 if (!req.body.scheduleUpdate.updateAt) {
474 logger.warn('Invalid parameters: scheduleUpdate.updateAt is mandatory.') 475 logger.warn('Invalid parameters: scheduleUpdate.updateAt is mandatory.')
475 476
476 res.status(400) 477 res.status(HttpStatusCode.BAD_REQUEST_400)
477 .json({ error: 'Schedule update at is mandatory.' }) 478 .json({ error: 'Schedule update at is mandatory.' })
478 479
479 return true 480 return true
@@ -498,7 +499,7 @@ async function isVideoAccepted (req: express.Request, res: express.Response, vid
498 499
499 if (!acceptedResult || acceptedResult.accepted !== true) { 500 if (!acceptedResult || acceptedResult.accepted !== true) {
500 logger.info('Refused local video.', { acceptedResult, acceptParameters }) 501 logger.info('Refused local video.', { acceptedResult, acceptParameters })
501 res.status(403) 502 res.status(HttpStatusCode.FORBIDDEN_403)
502 .json({ error: acceptedResult.errorMessage || 'Refused local video' }) 503 .json({ error: acceptedResult.errorMessage || 'Refused local video' })
503 504
504 return false 505 return false
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-18 04:04:46 +0000