aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators/videos
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/validators/videos')
-rw-r--r--server/middlewares/validators/videos/video-blacklist.ts3
-rw-r--r--server/middlewares/validators/videos/video-channels.ts19
-rw-r--r--server/middlewares/validators/videos/video-comments.ts13
-rw-r--r--server/middlewares/validators/videos/video-imports.ts9
-rw-r--r--server/middlewares/validators/videos/video-live.ts21
-rw-r--r--server/middlewares/validators/videos/video-playlists.ts27
-rw-r--r--server/middlewares/validators/videos/video-rates.ts3
-rw-r--r--server/middlewares/validators/videos/video-shares.ts3
-rw-r--r--server/middlewares/validators/videos/video-watch.ts3
-rw-r--r--server/middlewares/validators/videos/videos.ts23
10 files changed, 67 insertions, 57 deletions
diff --git a/server/middlewares/validators/videos/video-blacklist.ts b/server/middlewares/validators/videos/video-blacklist.ts
index 808fefc25..88c788a43 100644
--- a/server/middlewares/validators/videos/video-blacklist.ts
+++ b/server/middlewares/validators/videos/video-blacklist.ts
@@ -5,6 +5,7 @@ import { isVideoBlacklistReasonValid, isVideoBlacklistTypeValid } from '../../..
5import { logger } from '../../../helpers/logger' 5import { logger } from '../../../helpers/logger'
6import { doesVideoBlacklistExist, doesVideoExist } from '../../../helpers/middlewares' 6import { doesVideoBlacklistExist, doesVideoExist } from '../../../helpers/middlewares'
7import { areValidationErrors } from '../utils' 7import { areValidationErrors } from '../utils'
8import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
8 9
9const videosBlacklistRemoveValidator = [ 10const videosBlacklistRemoveValidator = [
10 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), 11 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
@@ -39,7 +40,7 @@ const videosBlacklistAddValidator = [
39 const video = res.locals.videoAll 40 const video = res.locals.videoAll
40 if (req.body.unfederate === true && video.remote === true) { 41 if (req.body.unfederate === true && video.remote === true) {
41 return res 42 return res
42 .status(409) 43 .status(HttpStatusCode.CONFLICT_409)
43 .send({ error: 'You cannot unfederate a remote video.' }) 44 .send({ error: 'You cannot unfederate a remote video.' })
44 .end() 45 .end()
45 } 46 }
diff --git a/server/middlewares/validators/videos/video-channels.ts b/server/middlewares/validators/videos/video-channels.ts
index 2e4e755e7..57ac548b9 100644
--- a/server/middlewares/validators/videos/video-channels.ts
+++ b/server/middlewares/validators/videos/video-channels.ts
@@ -15,6 +15,7 @@ import { doesLocalVideoChannelNameExist, doesVideoChannelNameWithHostExist } fro
15import { ActorModel } from '../../../models/activitypub/actor' 15import { ActorModel } from '../../../models/activitypub/actor'
16import { VideoChannelModel } from '../../../models/video/video-channel' 16import { VideoChannelModel } from '../../../models/video/video-channel'
17import { areValidationErrors } from '../utils' 17import { areValidationErrors } from '../utils'
18import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
18 19
19const videoChannelsAddValidator = [ 20const videoChannelsAddValidator = [
20 body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'), 21 body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'),
@@ -29,7 +30,7 @@ const videoChannelsAddValidator = [
29 30
30 const actor = await ActorModel.loadLocalByName(req.body.name) 31 const actor = await ActorModel.loadLocalByName(req.body.name)
31 if (actor) { 32 if (actor) {
32 res.status(409) 33 res.status(HttpStatusCode.CONFLICT_409)
33 .send({ error: 'Another actor (account/channel) with this name on this instance already exists or has already existed.' }) 34 .send({ error: 'Another actor (account/channel) with this name on this instance already exists or has already existed.' })
34 .end() 35 .end()
35 return false 36 return false
@@ -37,7 +38,7 @@ const videoChannelsAddValidator = [
37 38
38 const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id) 39 const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id)
39 if (count >= VIDEO_CHANNELS.MAX_PER_USER) { 40 if (count >= VIDEO_CHANNELS.MAX_PER_USER) {
40 res.status(400) 41 res.status(HttpStatusCode.BAD_REQUEST_400)
41 .send({ error: `You cannot create more than ${VIDEO_CHANNELS.MAX_PER_USER} channels` }) 42 .send({ error: `You cannot create more than ${VIDEO_CHANNELS.MAX_PER_USER} channels` })
42 .end() 43 .end()
43 return false 44 return false
@@ -70,13 +71,13 @@ const videoChannelsUpdateValidator = [
70 71
71 // We need to make additional checks 72 // We need to make additional checks
72 if (res.locals.videoChannel.Actor.isOwned() === false) { 73 if (res.locals.videoChannel.Actor.isOwned() === false) {
73 return res.status(403) 74 return res.status(HttpStatusCode.FORBIDDEN_403)
74 .json({ error: 'Cannot update video channel of another server' }) 75 .json({ error: 'Cannot update video channel of another server' })
75 .end() 76 .end()
76 } 77 }
77 78
78 if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) { 79 if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) {
79 return res.status(403) 80 return res.status(HttpStatusCode.FORBIDDEN_403)
80 .json({ error: 'Cannot update video channel of another user' }) 81 .json({ error: 'Cannot update video channel of another user' })
81 .end() 82 .end()
82 } 83 }
@@ -155,7 +156,7 @@ export {
155 156
156function checkUserCanDeleteVideoChannel (user: MUser, videoChannel: MChannelAccountDefault, res: express.Response) { 157function checkUserCanDeleteVideoChannel (user: MUser, videoChannel: MChannelAccountDefault, res: express.Response) {
157 if (videoChannel.Actor.isOwned() === false) { 158 if (videoChannel.Actor.isOwned() === false) {
158 res.status(403) 159 res.status(HttpStatusCode.FORBIDDEN_403)
159 .json({ error: 'Cannot remove video channel of another server.' }) 160 .json({ error: 'Cannot remove video channel of another server.' })
160 .end() 161 .end()
161 162
@@ -166,7 +167,7 @@ function checkUserCanDeleteVideoChannel (user: MUser, videoChannel: MChannelAcco
166 // The user can delete it if s/he is an admin 167 // The user can delete it if s/he is an admin
167 // Or if s/he is the video channel's account 168 // Or if s/he is the video channel's account
168 if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && videoChannel.Account.userId !== user.id) { 169 if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && videoChannel.Account.userId !== user.id) {
169 res.status(403) 170 res.status(HttpStatusCode.FORBIDDEN_403)
170 .json({ error: 'Cannot remove video channel of another user' }) 171 .json({ error: 'Cannot remove video channel of another user' })
171 .end() 172 .end()
172 173
@@ -180,9 +181,9 @@ async function checkVideoChannelIsNotTheLastOne (res: express.Response) {
180 const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id) 181 const count = await VideoChannelModel.countByAccount(res.locals.oauth.token.User.Account.id)
181 182
182 if (count <= 1) { 183 if (count <= 1) {
183 res.status(409) 184 res.status(HttpStatusCode.CONFLICT_409)
184 .json({ error: 'Cannot remove the last channel of this user' }) 185 .json({ error: 'Cannot remove the last channel of this user' })
185 .end() 186 .end()
186 187
187 return false 188 return false
188 } 189 }
diff --git a/server/middlewares/validators/videos/video-comments.ts b/server/middlewares/validators/videos/video-comments.ts
index a3c9febc4..226c9d436 100644
--- a/server/middlewares/validators/videos/video-comments.ts
+++ b/server/middlewares/validators/videos/video-comments.ts
@@ -14,6 +14,7 @@ import { AcceptResult, isLocalVideoCommentReplyAccepted, isLocalVideoThreadAccep
14import { Hooks } from '../../../lib/plugins/hooks' 14import { Hooks } from '../../../lib/plugins/hooks'
15import { MCommentOwnerVideoReply, MVideo, MVideoFullLight } from '../../../types/models/video' 15import { MCommentOwnerVideoReply, MVideo, MVideoFullLight } from '../../../types/models/video'
16import { areValidationErrors } from '../utils' 16import { areValidationErrors } from '../utils'
17import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
17 18
18const listVideoCommentsValidator = [ 19const listVideoCommentsValidator = [
19 query('isLocal') 20 query('isLocal')
@@ -154,8 +155,8 @@ export {
154 155
155function isVideoCommentsEnabled (video: MVideo, res: express.Response) { 156function isVideoCommentsEnabled (video: MVideo, res: express.Response) {
156 if (video.commentsEnabled !== true) { 157 if (video.commentsEnabled !== true) {
157 res.status(409) 158 res.status(HttpStatusCode.CONFLICT_409)
158 .json({ error: 'Video comments are disabled for this video.' }) 159 .json({ error: 'Video comments are disabled for this video.' })
159 160
160 return false 161 return false
161 } 162 }
@@ -165,8 +166,8 @@ function isVideoCommentsEnabled (video: MVideo, res: express.Response) {
165 166
166function checkUserCanDeleteVideoComment (user: MUserAccountUrl, videoComment: MCommentOwnerVideoReply, res: express.Response) { 167function checkUserCanDeleteVideoComment (user: MUserAccountUrl, videoComment: MCommentOwnerVideoReply, res: express.Response) {
167 if (videoComment.isDeleted()) { 168 if (videoComment.isDeleted()) {
168 res.status(409) 169 res.status(HttpStatusCode.CONFLICT_409)
169 .json({ error: 'This comment is already deleted' }) 170 .json({ error: 'This comment is already deleted' })
170 171
171 return false 172 return false
172 } 173 }
@@ -178,7 +179,7 @@ function checkUserCanDeleteVideoComment (user: MUserAccountUrl, videoComment: MC
178 videoComment.accountId !== userAccount.id && // Not the comment owner 179 videoComment.accountId !== userAccount.id && // Not the comment owner
179 videoComment.Video.VideoChannel.accountId !== userAccount.id // Not the video owner 180 videoComment.Video.VideoChannel.accountId !== userAccount.id // Not the video owner
180 ) { 181 ) {
181 res.status(403) 182 res.status(HttpStatusCode.FORBIDDEN_403)
182 .json({ error: 'Cannot remove video comment of another user' }) 183 .json({ error: 'Cannot remove video comment of another user' })
183 184
184 return false 185 return false
@@ -214,7 +215,7 @@ async function isVideoCommentAccepted (req: express.Request, res: express.Respon
214 215
215 if (!acceptedResult || acceptedResult.accepted !== true) { 216 if (!acceptedResult || acceptedResult.accepted !== true) {
216 logger.info('Refused local comment.', { acceptedResult, acceptParameters }) 217 logger.info('Refused local comment.', { acceptedResult, acceptParameters })
217 res.status(403) 218 res.status(HttpStatusCode.FORBIDDEN_403)
218 .json({ error: acceptedResult.errorMessage || 'Refused local comment' }) 219 .json({ error: acceptedResult.errorMessage || 'Refused local comment' })
219 220
220 return false 221 return false
diff --git a/server/middlewares/validators/videos/video-imports.ts b/server/middlewares/validators/videos/video-imports.ts
index d69aff118..0d41933a6 100644
--- a/server/middlewares/validators/videos/video-imports.ts
+++ b/server/middlewares/validators/videos/video-imports.ts
@@ -13,6 +13,7 @@ import { CONFIG } from '../../../initializers/config'
13import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' 13import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
14import { areValidationErrors } from '../utils' 14import { areValidationErrors } from '../utils'
15import { getCommonVideoEditAttributes } from './videos' 15import { getCommonVideoEditAttributes } from './videos'
16import { HttpStatusCode } from '@shared/core-utils/miscs/http-error-codes'
16 17
17const videoImportAddValidator = getCommonVideoEditAttributes().concat([ 18const videoImportAddValidator = getCommonVideoEditAttributes().concat([
18 body('channelId') 19 body('channelId')
@@ -44,14 +45,14 @@ const videoImportAddValidator = getCommonVideoEditAttributes().concat([
44 45
45 if (req.body.targetUrl && CONFIG.IMPORT.VIDEOS.HTTP.ENABLED !== true) { 46 if (req.body.targetUrl && CONFIG.IMPORT.VIDEOS.HTTP.ENABLED !== true) {
46 cleanUpReqFiles(req) 47 cleanUpReqFiles(req)
47 return res.status(409) 48 return res.status(HttpStatusCode.CONFLICT_409)
48 .json({ error: 'HTTP import is not enabled on this instance.' }) 49 .json({ error: 'HTTP import is not enabled on this instance.' })
49 .end() 50 .end()
50 } 51 }
51 52
52 if (CONFIG.IMPORT.VIDEOS.TORRENT.ENABLED !== true && (req.body.magnetUri || torrentFile)) { 53 if (CONFIG.IMPORT.VIDEOS.TORRENT.ENABLED !== true && (req.body.magnetUri || torrentFile)) {
53 cleanUpReqFiles(req) 54 cleanUpReqFiles(req)
54 return res.status(409) 55 return res.status(HttpStatusCode.CONFLICT_409)
55 .json({ error: 'Torrent/magnet URI import is not enabled on this instance.' }) 56 .json({ error: 'Torrent/magnet URI import is not enabled on this instance.' })
56 .end() 57 .end()
57 } 58 }
@@ -62,7 +63,7 @@ const videoImportAddValidator = getCommonVideoEditAttributes().concat([
62 if (!req.body.targetUrl && !req.body.magnetUri && !torrentFile) { 63 if (!req.body.targetUrl && !req.body.magnetUri && !torrentFile) {
63 cleanUpReqFiles(req) 64 cleanUpReqFiles(req)
64 65
65 return res.status(400) 66 return res.status(HttpStatusCode.BAD_REQUEST_400)
66 .json({ error: 'Should have a magnetUri or a targetUrl or a torrent file.' }) 67 .json({ error: 'Should have a magnetUri or a targetUrl or a torrent file.' })
67 .end() 68 .end()
68 } 69 }
@@ -100,7 +101,7 @@ async function isImportAccepted (req: express.Request, res: express.Response) {
100 101
101 if (!acceptedResult || acceptedResult.accepted !== true) { 102 if (!acceptedResult || acceptedResult.accepted !== true) {
102 logger.info('Refused to import video.', { acceptedResult, acceptParameters }) 103 logger.info('Refused to import video.', { acceptedResult, acceptParameters })
103 res.status(403) 104 res.status(HttpStatusCode.FORBIDDEN_403)
104 .json({ error: acceptedResult.errorMessage || 'Refused to import video' }) 105 .json({ error: acceptedResult.errorMessage || 'Refused to import video' })
105 106
106 return false 107 return false
diff --git a/server/middlewares/validators/videos/video-live.ts b/server/middlewares/validators/videos/video-live.ts
index 69a14ccb1..3a73e1272 100644
--- a/server/middlewares/validators/videos/video-live.ts
+++ b/server/middlewares/validators/videos/video-live.ts
@@ -13,6 +13,7 @@ import { getCommonVideoEditAttributes } from './videos'
13import { VideoModel } from '@server/models/video/video' 13import { VideoModel } from '@server/models/video/video'
14import { Hooks } from '@server/lib/plugins/hooks' 14import { Hooks } from '@server/lib/plugins/hooks'
15import { isLocalLiveVideoAccepted } from '@server/lib/moderation' 15import { isLocalLiveVideoAccepted } from '@server/lib/moderation'
16import { HttpStatusCode } from '@shared/core-utils/miscs/http-error-codes'
16 17
17const videoLiveGetValidator = [ 18const videoLiveGetValidator = [
18 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), 19 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
@@ -28,7 +29,7 @@ const videoLiveGetValidator = [
28 if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.GET_ANY_LIVE, res, false)) return 29 if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.GET_ANY_LIVE, res, false)) return
29 30
30 const videoLive = await VideoLiveModel.loadByVideoId(res.locals.videoAll.id) 31 const videoLive = await VideoLiveModel.loadByVideoId(res.locals.videoAll.id)
31 if (!videoLive) return res.sendStatus(404) 32 if (!videoLive) return res.sendStatus(HttpStatusCode.NOT_FOUND_404)
32 33
33 res.locals.videoLive = videoLive 34 res.locals.videoLive = videoLive
34 35
@@ -62,21 +63,21 @@ const videoLiveAddValidator = getCommonVideoEditAttributes().concat([
62 if (CONFIG.LIVE.ENABLED !== true) { 63 if (CONFIG.LIVE.ENABLED !== true) {
63 cleanUpReqFiles(req) 64 cleanUpReqFiles(req)
64 65
65 return res.status(403) 66 return res.status(HttpStatusCode.FORBIDDEN_403)
66 .json({ error: 'Live is not enabled on this instance' }) 67 .json({ error: 'Live is not enabled on this instance' })
67 } 68 }
68 69
69 if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) { 70 if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) {
70 cleanUpReqFiles(req) 71 cleanUpReqFiles(req)
71 72
72 return res.status(403) 73 return res.status(HttpStatusCode.FORBIDDEN_403)
73 .json({ error: 'Saving live replay is not allowed instance' }) 74 .json({ error: 'Saving live replay is not allowed instance' })
74 } 75 }
75 76
76 if (req.body.permanentLive && req.body.saveReplay) { 77 if (req.body.permanentLive && req.body.saveReplay) {
77 cleanUpReqFiles(req) 78 cleanUpReqFiles(req)
78 79
79 return res.status(400) 80 return res.status(HttpStatusCode.BAD_REQUEST_400)
80 .json({ error: 'Cannot set this live as permanent while saving its replay' }) 81 .json({ error: 'Cannot set this live as permanent while saving its replay' })
81 } 82 }
82 83
@@ -89,7 +90,7 @@ const videoLiveAddValidator = getCommonVideoEditAttributes().concat([
89 if (totalInstanceLives >= CONFIG.LIVE.MAX_INSTANCE_LIVES) { 90 if (totalInstanceLives >= CONFIG.LIVE.MAX_INSTANCE_LIVES) {
90 cleanUpReqFiles(req) 91 cleanUpReqFiles(req)
91 92
92 return res.status(403) 93 return res.status(HttpStatusCode.FORBIDDEN_403)
93 .json({ 94 .json({
94 code: ServerErrorCode.MAX_INSTANCE_LIVES_LIMIT_REACHED, 95 code: ServerErrorCode.MAX_INSTANCE_LIVES_LIMIT_REACHED,
95 error: 'Cannot create this live because the max instance lives limit is reached.' 96 error: 'Cannot create this live because the max instance lives limit is reached.'
@@ -103,7 +104,7 @@ const videoLiveAddValidator = getCommonVideoEditAttributes().concat([
103 if (totalUserLives >= CONFIG.LIVE.MAX_USER_LIVES) { 104 if (totalUserLives >= CONFIG.LIVE.MAX_USER_LIVES) {
104 cleanUpReqFiles(req) 105 cleanUpReqFiles(req)
105 106
106 return res.status(403) 107 return res.status(HttpStatusCode.FORBIDDEN_403)
107 .json({ 108 .json({
108 code: ServerErrorCode.MAX_USER_LIVES_LIMIT_REACHED, 109 code: ServerErrorCode.MAX_USER_LIVES_LIMIT_REACHED,
109 error: 'Cannot create this live because the max user lives limit is reached.' 110 error: 'Cannot create this live because the max user lives limit is reached.'
@@ -129,17 +130,17 @@ const videoLiveUpdateValidator = [
129 if (areValidationErrors(req, res)) return 130 if (areValidationErrors(req, res)) return
130 131
131 if (req.body.permanentLive && req.body.saveReplay) { 132 if (req.body.permanentLive && req.body.saveReplay) {
132 return res.status(400) 133 return res.status(HttpStatusCode.BAD_REQUEST_400)
133 .json({ error: 'Cannot set this live as permanent while saving its replay' }) 134 .json({ error: 'Cannot set this live as permanent while saving its replay' })
134 } 135 }
135 136
136 if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) { 137 if (CONFIG.LIVE.ALLOW_REPLAY !== true && req.body.saveReplay === true) {
137 return res.status(403) 138 return res.status(HttpStatusCode.FORBIDDEN_403)
138 .json({ error: 'Saving live replay is not allowed instance' }) 139 .json({ error: 'Saving live replay is not allowed instance' })
139 } 140 }
140 141
141 if (res.locals.videoAll.state !== VideoState.WAITING_FOR_LIVE) { 142 if (res.locals.videoAll.state !== VideoState.WAITING_FOR_LIVE) {
142 return res.status(400) 143 return res.status(HttpStatusCode.BAD_REQUEST_400)
143 .json({ error: 'Cannot update a live that has already started' }) 144 .json({ error: 'Cannot update a live that has already started' })
144 } 145 }
145 146
@@ -176,7 +177,7 @@ async function isLiveVideoAccepted (req: express.Request, res: express.Response)
176 if (!acceptedResult || acceptedResult.accepted !== true) { 177 if (!acceptedResult || acceptedResult.accepted !== true) {
177 logger.info('Refused local live video.', { acceptedResult, acceptParameters }) 178 logger.info('Refused local live video.', { acceptedResult, acceptParameters })
178 179
179 res.status(403) 180 res.status(HttpStatusCode.FORBIDDEN_403)
180 .json({ error: acceptedResult.errorMessage || 'Refused local live video' }) 181 .json({ error: acceptedResult.errorMessage || 'Refused local live video' })
181 182
182 return false 183 return false
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts
index 4647eae44..c7a6f68e3 100644
--- a/server/middlewares/validators/videos/video-playlists.ts
+++ b/server/middlewares/validators/videos/video-playlists.ts
@@ -29,6 +29,7 @@ import { VideoPlaylistType } from '../../../../shared/models/videos/playlist/vid
29import { doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist, VideoPlaylistFetchType } from '../../../helpers/middlewares' 29import { doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist, VideoPlaylistFetchType } from '../../../helpers/middlewares'
30import { MVideoPlaylist } from '../../../types/models/video/video-playlist' 30import { MVideoPlaylist } from '../../../types/models/video/video-playlist'
31import { MUserAccountId } from '@server/types/models' 31import { MUserAccountId } from '@server/types/models'
32import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
32 33
33const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([ 34const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([
34 body('displayName') 35 body('displayName')
@@ -44,7 +45,7 @@ const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([
44 45
45 if (body.privacy === VideoPlaylistPrivacy.PUBLIC && !body.videoChannelId) { 46 if (body.privacy === VideoPlaylistPrivacy.PUBLIC && !body.videoChannelId) {
46 cleanUpReqFiles(req) 47 cleanUpReqFiles(req)
47 return res.status(400) 48 return res.status(HttpStatusCode.BAD_REQUEST_400)
48 .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' }) 49 .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' })
49 } 50 }
50 51
@@ -83,13 +84,13 @@ const videoPlaylistsUpdateValidator = getCommonPlaylistEditAttributes().concat([
83 ) 84 )
84 ) { 85 ) {
85 cleanUpReqFiles(req) 86 cleanUpReqFiles(req)
86 return res.status(400) 87 return res.status(HttpStatusCode.BAD_REQUEST_400)
87 .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' }) 88 .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' })
88 } 89 }
89 90
90 if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { 91 if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) {
91 cleanUpReqFiles(req) 92 cleanUpReqFiles(req)
92 return res.status(400) 93 return res.status(HttpStatusCode.BAD_REQUEST_400)
93 .json({ error: 'Cannot update a watch later playlist.' }) 94 .json({ error: 'Cannot update a watch later playlist.' })
94 } 95 }
95 96
@@ -112,7 +113,7 @@ const videoPlaylistsDeleteValidator = [
112 113
113 const videoPlaylist = getPlaylist(res) 114 const videoPlaylist = getPlaylist(res)
114 if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { 115 if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) {
115 return res.status(400) 116 return res.status(HttpStatusCode.BAD_REQUEST_400)
116 .json({ error: 'Cannot delete a watch later playlist.' }) 117 .json({ error: 'Cannot delete a watch later playlist.' })
117 } 118 }
118 119
@@ -142,7 +143,7 @@ const videoPlaylistsGetValidator = (fetchType: VideoPlaylistFetchType) => {
142 if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) { 143 if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) {
143 if (isUUIDValid(req.params.playlistId)) return next() 144 if (isUUIDValid(req.params.playlistId)) return next()
144 145
145 return res.status(404).end() 146 return res.status(HttpStatusCode.NOT_FOUND_404).end()
146 } 147 }
147 148
148 if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { 149 if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
@@ -154,7 +155,7 @@ const videoPlaylistsGetValidator = (fetchType: VideoPlaylistFetchType) => {
154 !user || 155 !user ||
155 (videoPlaylist.OwnerAccount.id !== user.Account.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) 156 (videoPlaylist.OwnerAccount.id !== user.Account.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST))
156 ) { 157 ) {
157 return res.status(403) 158 return res.status(HttpStatusCode.FORBIDDEN_403)
158 .json({ error: 'Cannot get this private video playlist.' }) 159 .json({ error: 'Cannot get this private video playlist.' })
159 } 160 }
160 161
@@ -231,7 +232,7 @@ const videoPlaylistsUpdateOrRemoveVideoValidator = [
231 232
232 const videoPlaylistElement = await VideoPlaylistElementModel.loadById(req.params.playlistElementId) 233 const videoPlaylistElement = await VideoPlaylistElementModel.loadById(req.params.playlistElementId)
233 if (!videoPlaylistElement) { 234 if (!videoPlaylistElement) {
234 res.status(404) 235 res.status(HttpStatusCode.NOT_FOUND_404)
235 .json({ error: 'Video playlist element not found' }) 236 .json({ error: 'Video playlist element not found' })
236 .end() 237 .end()
237 238
@@ -261,7 +262,7 @@ const videoPlaylistElementAPGetValidator = [
261 262
262 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndElementIdForAP(playlistId, playlistElementId) 263 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndElementIdForAP(playlistId, playlistElementId)
263 if (!videoPlaylistElement) { 264 if (!videoPlaylistElement) {
264 res.status(404) 265 res.status(HttpStatusCode.NOT_FOUND_404)
265 .json({ error: 'Video playlist element not found' }) 266 .json({ error: 'Video playlist element not found' })
266 .end() 267 .end()
267 268
@@ -269,7 +270,7 @@ const videoPlaylistElementAPGetValidator = [
269 } 270 }
270 271
271 if (videoPlaylistElement.VideoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { 272 if (videoPlaylistElement.VideoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
272 return res.status(403).end() 273 return res.status(HttpStatusCode.FORBIDDEN_403).end()
273 } 274 }
274 275
275 res.locals.videoPlaylistElementAP = videoPlaylistElement 276 res.locals.videoPlaylistElementAP = videoPlaylistElement
@@ -305,7 +306,7 @@ const videoPlaylistsReorderVideosValidator = [
305 const reorderLength: number = req.body.reorderLength 306 const reorderLength: number = req.body.reorderLength
306 307
307 if (startPosition >= nextPosition || insertAfterPosition >= nextPosition) { 308 if (startPosition >= nextPosition || insertAfterPosition >= nextPosition) {
308 res.status(400) 309 res.status(HttpStatusCode.BAD_REQUEST_400)
309 .json({ error: `Start position or insert after position exceed the playlist limits (max: ${nextPosition - 1})` }) 310 .json({ error: `Start position or insert after position exceed the playlist limits (max: ${nextPosition - 1})` })
310 .end() 311 .end()
311 312
@@ -313,7 +314,7 @@ const videoPlaylistsReorderVideosValidator = [
313 } 314 }
314 315
315 if (reorderLength && reorderLength + startPosition > nextPosition) { 316 if (reorderLength && reorderLength + startPosition > nextPosition) {
316 res.status(400) 317 res.status(HttpStatusCode.BAD_REQUEST_400)
317 .json({ error: `Reorder length with this start position exceeds the playlist limits (max: ${nextPosition - startPosition})` }) 318 .json({ error: `Reorder length with this start position exceeds the playlist limits (max: ${nextPosition - startPosition})` })
318 .end() 319 .end()
319 320
@@ -399,7 +400,7 @@ function getCommonPlaylistEditAttributes () {
399 400
400function checkUserCanManageVideoPlaylist (user: MUserAccountId, videoPlaylist: MVideoPlaylist, right: UserRight, res: express.Response) { 401function checkUserCanManageVideoPlaylist (user: MUserAccountId, videoPlaylist: MVideoPlaylist, right: UserRight, res: express.Response) {
401 if (videoPlaylist.isOwned() === false) { 402 if (videoPlaylist.isOwned() === false) {
402 res.status(403) 403 res.status(HttpStatusCode.FORBIDDEN_403)
403 .json({ error: 'Cannot manage video playlist of another server.' }) 404 .json({ error: 'Cannot manage video playlist of another server.' })
404 .end() 405 .end()
405 406
@@ -410,7 +411,7 @@ function checkUserCanManageVideoPlaylist (user: MUserAccountId, videoPlaylist: M
410 // The user can delete it if s/he is an admin 411 // The user can delete it if s/he is an admin
411 // Or if s/he is the video playlist's owner 412 // Or if s/he is the video playlist's owner
412 if (user.hasRight(right) === false && videoPlaylist.ownerAccountId !== user.Account.id) { 413 if (user.hasRight(right) === false && videoPlaylist.ownerAccountId !== user.Account.id) {
413 res.status(403) 414 res.status(HttpStatusCode.FORBIDDEN_403)
414 .json({ error: 'Cannot manage video playlist of another user' }) 415 .json({ error: 'Cannot manage video playlist of another user' })
415 .end() 416 .end()
416 417
diff --git a/server/middlewares/validators/videos/video-rates.ts b/server/middlewares/validators/videos/video-rates.ts
index 15a8c7983..7dcba15f1 100644
--- a/server/middlewares/validators/videos/video-rates.ts
+++ b/server/middlewares/validators/videos/video-rates.ts
@@ -9,6 +9,7 @@ import { AccountVideoRateModel } from '../../../models/account/account-video-rat
9import { VideoRateType } from '../../../../shared/models/videos' 9import { VideoRateType } from '../../../../shared/models/videos'
10import { isAccountNameValid } from '../../../helpers/custom-validators/accounts' 10import { isAccountNameValid } from '../../../helpers/custom-validators/accounts'
11import { doesVideoExist } from '../../../helpers/middlewares' 11import { doesVideoExist } from '../../../helpers/middlewares'
12import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
12 13
13const videoUpdateRateValidator = [ 14const videoUpdateRateValidator = [
14 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), 15 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
@@ -36,7 +37,7 @@ const getAccountVideoRateValidatorFactory = function (rateType: VideoRateType) {
36 37
37 const rate = await AccountVideoRateModel.loadLocalAndPopulateVideo(rateType, req.params.name, req.params.videoId) 38 const rate = await AccountVideoRateModel.loadLocalAndPopulateVideo(rateType, req.params.name, req.params.videoId)
38 if (!rate) { 39 if (!rate) {
39 return res.status(404) 40 return res.status(HttpStatusCode.NOT_FOUND_404)
40 .json({ error: 'Video rate not found' }) 41 .json({ error: 'Video rate not found' })
41 } 42 }
42 43
diff --git a/server/middlewares/validators/videos/video-shares.ts b/server/middlewares/validators/videos/video-shares.ts
index 20fc96243..f0d8e0c36 100644
--- a/server/middlewares/validators/videos/video-shares.ts
+++ b/server/middlewares/validators/videos/video-shares.ts
@@ -5,6 +5,7 @@ import { logger } from '../../../helpers/logger'
5import { VideoShareModel } from '../../../models/video/video-share' 5import { VideoShareModel } from '../../../models/video/video-share'
6import { areValidationErrors } from '../utils' 6import { areValidationErrors } from '../utils'
7import { doesVideoExist } from '../../../helpers/middlewares' 7import { doesVideoExist } from '../../../helpers/middlewares'
8import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
8 9
9const videosShareValidator = [ 10const videosShareValidator = [
10 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), 11 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
@@ -20,7 +21,7 @@ const videosShareValidator = [
20 21
21 const share = await VideoShareModel.load(req.params.actorId, video.id) 22 const share = await VideoShareModel.load(req.params.actorId, video.id)
22 if (!share) { 23 if (!share) {
23 return res.status(404) 24 return res.status(HttpStatusCode.NOT_FOUND_404)
24 .end() 25 .end()
25 } 26 }
26 27
diff --git a/server/middlewares/validators/videos/video-watch.ts b/server/middlewares/validators/videos/video-watch.ts
index d6ca1d341..29ce0dab6 100644
--- a/server/middlewares/validators/videos/video-watch.ts
+++ b/server/middlewares/validators/videos/video-watch.ts
@@ -4,6 +4,7 @@ import { isIdOrUUIDValid, toIntOrNull } from '../../../helpers/custom-validators
4import { areValidationErrors } from '../utils' 4import { areValidationErrors } from '../utils'
5import { logger } from '../../../helpers/logger' 5import { logger } from '../../../helpers/logger'
6import { doesVideoExist } from '../../../helpers/middlewares' 6import { doesVideoExist } from '../../../helpers/middlewares'
7import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
7 8
8const videoWatchingValidator = [ 9const videoWatchingValidator = [
9 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), 10 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
@@ -20,7 +21,7 @@ const videoWatchingValidator = [
20 const user = res.locals.oauth.token.User 21 const user = res.locals.oauth.token.User
21 if (user.videosHistoryEnabled === false) { 22 if (user.videosHistoryEnabled === false) {
22 logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id) 23 logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id)
23 return res.status(409).end() 24 return res.status(HttpStatusCode.CONFLICT_409).end()
24 } 25 }
25 26
26 return next() 27 return next()
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index af0072d73..9834f714b 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -51,6 +51,7 @@ import { AccountModel } from '../../../models/account/account'
51import { VideoModel } from '../../../models/video/video' 51import { VideoModel } from '../../../models/video/video'
52import { authenticatePromiseIfNeeded } from '../../oauth' 52import { authenticatePromiseIfNeeded } from '../../oauth'
53import { areValidationErrors } from '../utils' 53import { areValidationErrors } from '../utils'
54import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
54 55
55const videosAddValidator = getCommonVideoEditAttributes().concat([ 56const videosAddValidator = getCommonVideoEditAttributes().concat([
56 body('videofile') 57 body('videofile')
@@ -75,7 +76,7 @@ const videosAddValidator = getCommonVideoEditAttributes().concat([
75 if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req) 76 if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
76 77
77 if (await isAbleToUploadVideo(user.id, videoFile.size) === false) { 78 if (await isAbleToUploadVideo(user.id, videoFile.size) === false) {
78 res.status(403) 79 res.status(HttpStatusCode.FORBIDDEN_403)
79 .json({ error: 'The user video quota is exceeded with this video.' }) 80 .json({ error: 'The user video quota is exceeded with this video.' })
80 81
81 return cleanUpReqFiles(req) 82 return cleanUpReqFiles(req)
@@ -87,7 +88,7 @@ const videosAddValidator = getCommonVideoEditAttributes().concat([
87 duration = await getDurationFromVideoFile(videoFile.path) 88 duration = await getDurationFromVideoFile(videoFile.path)
88 } catch (err) { 89 } catch (err) {
89 logger.error('Invalid input file in videosAddValidator.', { err }) 90 logger.error('Invalid input file in videosAddValidator.', { err })
90 res.status(400) 91 res.status(HttpStatusCode.BAD_REQUEST_400)
91 .json({ error: 'Invalid input file.' }) 92 .json({ error: 'Invalid input file.' })
92 93
93 return cleanUpReqFiles(req) 94 return cleanUpReqFiles(req)
@@ -147,7 +148,7 @@ async function checkVideoFollowConstraints (req: express.Request, res: express.R
147 const serverActor = await getServerActor() 148 const serverActor = await getServerActor()
148 if (await VideoModel.checkVideoHasInstanceFollow(video.id, serverActor.id) === true) return next() 149 if (await VideoModel.checkVideoHasInstanceFollow(video.id, serverActor.id) === true) return next()
149 150
150 return res.status(403) 151 return res.status(HttpStatusCode.FORBIDDEN_403)
151 .json({ 152 .json({
152 errorCode: ServerErrorCode.DOES_NOT_RESPECT_FOLLOW_CONSTRAINTS, 153 errorCode: ServerErrorCode.DOES_NOT_RESPECT_FOLLOW_CONSTRAINTS,
153 error: 'Cannot get this video regarding follow constraints.', 154 error: 'Cannot get this video regarding follow constraints.',
@@ -182,7 +183,7 @@ const videosCustomGetValidator = (
182 183
183 // Only the owner or a user that have blacklist rights can see the video 184 // Only the owner or a user that have blacklist rights can see the video
184 if (!user || !user.canGetVideo(videoAll)) { 185 if (!user || !user.canGetVideo(videoAll)) {
185 return res.status(403) 186 return res.status(HttpStatusCode.FORBIDDEN_403)
186 .json({ error: 'Cannot get this private/internal or blacklisted video.' }) 187 .json({ error: 'Cannot get this private/internal or blacklisted video.' })
187 } 188 }
188 189
@@ -197,7 +198,7 @@ const videosCustomGetValidator = (
197 if (isUUIDValid(req.params.id)) return next() 198 if (isUUIDValid(req.params.id)) return next()
198 199
199 // Don't leak this unlisted video 200 // Don't leak this unlisted video
200 return res.status(404).end() 201 return res.status(HttpStatusCode.NOT_FOUND_404).end()
201 } 202 }
202 } 203 }
203 ] 204 ]
@@ -250,7 +251,7 @@ const videosChangeOwnershipValidator = [
250 251
251 const nextOwner = await AccountModel.loadLocalByName(req.body.username) 252 const nextOwner = await AccountModel.loadLocalByName(req.body.username)
252 if (!nextOwner) { 253 if (!nextOwner) {
253 res.status(400) 254 res.status(HttpStatusCode.BAD_REQUEST_400)
254 .json({ error: 'Changing video ownership to a remote account is not supported yet' }) 255 .json({ error: 'Changing video ownership to a remote account is not supported yet' })
255 256
256 return 257 return
@@ -276,7 +277,7 @@ const videosTerminateChangeOwnershipValidator = [
276 const videoChangeOwnership = res.locals.videoChangeOwnership 277 const videoChangeOwnership = res.locals.videoChangeOwnership
277 278
278 if (videoChangeOwnership.status !== VideoChangeOwnershipStatus.WAITING) { 279 if (videoChangeOwnership.status !== VideoChangeOwnershipStatus.WAITING) {
279 res.status(403) 280 res.status(HttpStatusCode.FORBIDDEN_403)
280 .json({ error: 'Ownership already accepted or refused' }) 281 .json({ error: 'Ownership already accepted or refused' })
281 return 282 return
282 } 283 }
@@ -294,7 +295,7 @@ const videosAcceptChangeOwnershipValidator = [
294 const videoChangeOwnership = res.locals.videoChangeOwnership 295 const videoChangeOwnership = res.locals.videoChangeOwnership
295 const isAble = await isAbleToUploadVideo(user.id, videoChangeOwnership.Video.getMaxQualityFile().size) 296 const isAble = await isAbleToUploadVideo(user.id, videoChangeOwnership.Video.getMaxQualityFile().size)
296 if (isAble === false) { 297 if (isAble === false) {
297 res.status(403) 298 res.status(HttpStatusCode.FORBIDDEN_403)
298 .json({ error: 'The user video quota is exceeded with this video.' }) 299 .json({ error: 'The user video quota is exceeded with this video.' })
299 300
300 return 301 return
@@ -433,7 +434,7 @@ const commonVideosFiltersValidator = [
433 (req.query.filter === 'all-local' || req.query.filter === 'all') && 434 (req.query.filter === 'all-local' || req.query.filter === 'all') &&
434 (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false) 435 (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false)
435 ) { 436 ) {
436 res.status(401) 437 res.status(HttpStatusCode.UNAUTHORIZED_401)
437 .json({ error: 'You are not allowed to see all local videos.' }) 438 .json({ error: 'You are not allowed to see all local videos.' })
438 439
439 return 440 return
@@ -473,7 +474,7 @@ function areErrorsInScheduleUpdate (req: express.Request, res: express.Response)
473 if (!req.body.scheduleUpdate.updateAt) { 474 if (!req.body.scheduleUpdate.updateAt) {
474 logger.warn('Invalid parameters: scheduleUpdate.updateAt is mandatory.') 475 logger.warn('Invalid parameters: scheduleUpdate.updateAt is mandatory.')
475 476
476 res.status(400) 477 res.status(HttpStatusCode.BAD_REQUEST_400)
477 .json({ error: 'Schedule update at is mandatory.' }) 478 .json({ error: 'Schedule update at is mandatory.' })
478 479
479 return true 480 return true
@@ -498,7 +499,7 @@ async function isVideoAccepted (req: express.Request, res: express.Response, vid
498 499
499 if (!acceptedResult || acceptedResult.accepted !== true) { 500 if (!acceptedResult || acceptedResult.accepted !== true) {
500 logger.info('Refused local video.', { acceptedResult, acceptParameters }) 501 logger.info('Refused local video.', { acceptedResult, acceptParameters })
501 res.status(403) 502 res.status(HttpStatusCode.FORBIDDEN_403)
502 .json({ error: acceptedResult.errorMessage || 'Refused local video' }) 503 .json({ error: acceptedResult.errorMessage || 'Refused local video' })
503 504
504 return false 505 return false