aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators/videos
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/validators/videos')
-rw-r--r--server/middlewares/validators/videos/video-blacklist.ts3
-rw-r--r--server/middlewares/validators/videos/video-playlists.ts17
-rw-r--r--server/middlewares/validators/videos/video-shares.ts3
-rw-r--r--server/middlewares/validators/videos/video-watch.ts3
-rw-r--r--server/middlewares/validators/videos/videos.ts12
5 files changed, 17 insertions, 21 deletions
diff --git a/server/middlewares/validators/videos/video-blacklist.ts b/server/middlewares/validators/videos/video-blacklist.ts
index 77ad29cbb..db318dcdb 100644
--- a/server/middlewares/validators/videos/video-blacklist.ts
+++ b/server/middlewares/validators/videos/video-blacklist.ts
@@ -5,7 +5,6 @@ import { doesVideoExist } from '../../../helpers/custom-validators/videos'
5import { logger } from '../../../helpers/logger' 5import { logger } from '../../../helpers/logger'
6import { areValidationErrors } from '../utils' 6import { areValidationErrors } from '../utils'
7import { doesVideoBlacklistExist, isVideoBlacklistReasonValid } from '../../../helpers/custom-validators/video-blacklist' 7import { doesVideoBlacklistExist, isVideoBlacklistReasonValid } from '../../../helpers/custom-validators/video-blacklist'
8import { VideoModel } from '../../../models/video/video'
9 8
10const videosBlacklistRemoveValidator = [ 9const videosBlacklistRemoveValidator = [
11 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), 10 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
@@ -37,7 +36,7 @@ const videosBlacklistAddValidator = [
37 if (areValidationErrors(req, res)) return 36 if (areValidationErrors(req, res)) return
38 if (!await doesVideoExist(req.params.videoId, res)) return 37 if (!await doesVideoExist(req.params.videoId, res)) return
39 38
40 const video: VideoModel = res.locals.video 39 const video = res.locals.video
41 if (req.body.unfederate === true && video.remote === true) { 40 if (req.body.unfederate === true && video.remote === true) {
42 return res 41 return res
43 .status(409) 42 .status(409)
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts
index 4bc79f433..55e09e354 100644
--- a/server/middlewares/validators/videos/video-playlists.ts
+++ b/server/middlewares/validators/videos/video-playlists.ts
@@ -103,7 +103,7 @@ const videoPlaylistsDeleteValidator = [
103 103
104 if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return 104 if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return
105 105
106 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 106 const videoPlaylist = res.locals.videoPlaylist
107 if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { 107 if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) {
108 return res.status(400) 108 return res.status(400)
109 .json({ error: 'Cannot delete a watch later playlist.' }) 109 .json({ error: 'Cannot delete a watch later playlist.' })
@@ -128,7 +128,7 @@ const videoPlaylistsGetValidator = [
128 128
129 if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return 129 if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return
130 130
131 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 131 const videoPlaylist = res.locals.videoPlaylist
132 132
133 // Video is unlisted, check we used the uuid to fetch it 133 // Video is unlisted, check we used the uuid to fetch it
134 if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) { 134 if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) {
@@ -140,8 +140,7 @@ const videoPlaylistsGetValidator = [
140 if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { 140 if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
141 await authenticatePromiseIfNeeded(req, res) 141 await authenticatePromiseIfNeeded(req, res)
142 142
143 const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : null 143 const user = res.locals.oauth ? res.locals.oauth.token.User : null
144
145 if ( 144 if (
146 !user || 145 !user ||
147 (videoPlaylist.OwnerAccount.userId !== user.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) 146 (videoPlaylist.OwnerAccount.userId !== user.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST))
@@ -177,8 +176,8 @@ const videoPlaylistsAddVideoValidator = [
177 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return 176 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
178 if (!await doesVideoExist(req.body.videoId, res, 'only-video')) return 177 if (!await doesVideoExist(req.body.videoId, res, 'only-video')) return
179 178
180 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 179 const videoPlaylist = res.locals.videoPlaylist
181 const video: VideoModel = res.locals.video 180 const video = res.locals.video
182 181
183 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id) 182 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id)
184 if (videoPlaylistElement) { 183 if (videoPlaylistElement) {
@@ -217,8 +216,8 @@ const videoPlaylistsUpdateOrRemoveVideoValidator = [
217 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return 216 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
218 if (!await doesVideoExist(req.params.videoId, res, 'id')) return 217 if (!await doesVideoExist(req.params.videoId, res, 'id')) return
219 218
220 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 219 const videoPlaylist = res.locals.videoPlaylist
221 const video: VideoModel = res.locals.video 220 const video = res.locals.video
222 221
223 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id) 222 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id)
224 if (!videoPlaylistElement) { 223 if (!videoPlaylistElement) {
@@ -284,7 +283,7 @@ const videoPlaylistsReorderVideosValidator = [
284 283
285 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return 284 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
286 285
287 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 286 const videoPlaylist = res.locals.videoPlaylist
288 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return 287 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return
289 288
290 const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id) 289 const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id)
diff --git a/server/middlewares/validators/videos/video-shares.ts b/server/middlewares/validators/videos/video-shares.ts
index f4514f85c..d5cbdb03e 100644
--- a/server/middlewares/validators/videos/video-shares.ts
+++ b/server/middlewares/validators/videos/video-shares.ts
@@ -6,7 +6,6 @@ import { doesVideoExist } from '../../../helpers/custom-validators/videos'
6import { logger } from '../../../helpers/logger' 6import { logger } from '../../../helpers/logger'
7import { VideoShareModel } from '../../../models/video/video-share' 7import { VideoShareModel } from '../../../models/video/video-share'
8import { areValidationErrors } from '../utils' 8import { areValidationErrors } from '../utils'
9import { VideoModel } from '../../../models/video/video'
10 9
11const videosShareValidator = [ 10const videosShareValidator = [
12 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), 11 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
@@ -18,7 +17,7 @@ const videosShareValidator = [
18 if (areValidationErrors(req, res)) return 17 if (areValidationErrors(req, res)) return
19 if (!await doesVideoExist(req.params.id, res)) return 18 if (!await doesVideoExist(req.params.id, res)) return
20 19
21 const video: VideoModel = res.locals.video 20 const video = res.locals.video
22 21
23 const share = await VideoShareModel.load(req.params.actorId, video.id) 22 const share = await VideoShareModel.load(req.params.actorId, video.id)
24 if (!share) { 23 if (!share) {
diff --git a/server/middlewares/validators/videos/video-watch.ts b/server/middlewares/validators/videos/video-watch.ts
index a3b70c0cc..a3a800d14 100644
--- a/server/middlewares/validators/videos/video-watch.ts
+++ b/server/middlewares/validators/videos/video-watch.ts
@@ -4,7 +4,6 @@ import { isIdOrUUIDValid } from '../../../helpers/custom-validators/misc'
4import { doesVideoExist } from '../../../helpers/custom-validators/videos' 4import { doesVideoExist } from '../../../helpers/custom-validators/videos'
5import { areValidationErrors } from '../utils' 5import { areValidationErrors } from '../utils'
6import { logger } from '../../../helpers/logger' 6import { logger } from '../../../helpers/logger'
7import { UserModel } from '../../../models/account/user'
8 7
9const videoWatchingValidator = [ 8const videoWatchingValidator = [
10 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), 9 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
@@ -18,7 +17,7 @@ const videoWatchingValidator = [
18 if (areValidationErrors(req, res)) return 17 if (areValidationErrors(req, res)) return
19 if (!await doesVideoExist(req.params.videoId, res, 'id')) return 18 if (!await doesVideoExist(req.params.videoId, res, 'id')) return
20 19
21 const user = res.locals.oauth.token.User as UserModel 20 const user = res.locals.oauth.token.User
22 if (user.videosHistoryEnabled === false) { 21 if (user.videosHistoryEnabled === false) {
23 logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id) 22 logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id)
24 return res.status(409).end() 23 return res.status(409).end()
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index 92218d4b1..b70abf429 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -130,7 +130,7 @@ const videosUpdateValidator = getCommonVideoEditAttributes().concat([
130]) 130])
131 131
132async function checkVideoFollowConstraints (req: express.Request, res: express.Response, next: express.NextFunction) { 132async function checkVideoFollowConstraints (req: express.Request, res: express.Response, next: express.NextFunction) {
133 const video: VideoModel = res.locals.video 133 const video = res.locals.video
134 134
135 // Anybody can watch local videos 135 // Anybody can watch local videos
136 if (video.isOwned() === true) return next() 136 if (video.isOwned() === true) return next()
@@ -164,13 +164,13 @@ const videosCustomGetValidator = (fetchType: VideoFetchType) => {
164 if (areValidationErrors(req, res)) return 164 if (areValidationErrors(req, res)) return
165 if (!await doesVideoExist(req.params.id, res, fetchType)) return 165 if (!await doesVideoExist(req.params.id, res, fetchType)) return
166 166
167 const video: VideoModel = res.locals.video 167 const video = res.locals.video
168 168
169 // Video private or blacklisted 169 // Video private or blacklisted
170 if (video.privacy === VideoPrivacy.PRIVATE || video.VideoBlacklist) { 170 if (video.privacy === VideoPrivacy.PRIVATE || video.VideoBlacklist) {
171 await authenticatePromiseIfNeeded(req, res) 171 await authenticatePromiseIfNeeded(req, res)
172 172
173 const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : null 173 const user = res.locals.oauth ? res.locals.oauth.token.User : null
174 174
175 // Only the owner or a user that have blacklist rights can see the video 175 // Only the owner or a user that have blacklist rights can see the video
176 if ( 176 if (
@@ -256,7 +256,7 @@ const videosTerminateChangeOwnershipValidator = [
256 return next() 256 return next()
257 }, 257 },
258 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 258 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
259 const videoChangeOwnership = res.locals.videoChangeOwnership as VideoChangeOwnershipModel 259 const videoChangeOwnership = res.locals.videoChangeOwnership
260 260
261 if (videoChangeOwnership.status === VideoChangeOwnershipStatus.WAITING) { 261 if (videoChangeOwnership.status === VideoChangeOwnershipStatus.WAITING) {
262 return next() 262 return next()
@@ -275,7 +275,7 @@ const videosAcceptChangeOwnershipValidator = [
275 if (!await doesVideoChannelOfAccountExist(body.channelId, res.locals.oauth.token.User, res)) return 275 if (!await doesVideoChannelOfAccountExist(body.channelId, res.locals.oauth.token.User, res)) return
276 276
277 const user = res.locals.oauth.token.User 277 const user = res.locals.oauth.token.User
278 const videoChangeOwnership = res.locals.videoChangeOwnership as VideoChangeOwnershipModel 278 const videoChangeOwnership = res.locals.videoChangeOwnership
279 const isAble = await user.isAbleToUploadVideo(videoChangeOwnership.Video.getOriginalFile()) 279 const isAble = await user.isAbleToUploadVideo(videoChangeOwnership.Video.getOriginalFile())
280 if (isAble === false) { 280 if (isAble === false) {
281 res.status(403) 281 res.status(403)
@@ -395,7 +395,7 @@ const commonVideosFiltersValidator = [
395 395
396 if (areValidationErrors(req, res)) return 396 if (areValidationErrors(req, res)) return
397 397
398 const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : undefined 398 const user = res.locals.oauth ? res.locals.oauth.token.User : undefined
399 if (req.query.filter === 'all-local' && (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false)) { 399 if (req.query.filter === 'all-local' && (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false)) {
400 res.status(401) 400 res.status(401)
401 .json({ error: 'You are not allowed to see all local videos.' }) 401 .json({ error: 'You are not allowed to see all local videos.' })