aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares/validators
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares/validators')
-rw-r--r--server/middlewares/validators/activitypub/activity.ts3
-rw-r--r--server/middlewares/validators/blocklist.ts6
-rw-r--r--server/middlewares/validators/redundancy.ts10
-rw-r--r--server/middlewares/validators/user-subscriptions.ts3
-rw-r--r--server/middlewares/validators/users.ts12
-rw-r--r--server/middlewares/validators/videos/video-blacklist.ts3
-rw-r--r--server/middlewares/validators/videos/video-playlists.ts17
-rw-r--r--server/middlewares/validators/videos/video-shares.ts3
-rw-r--r--server/middlewares/validators/videos/video-watch.ts3
-rw-r--r--server/middlewares/validators/videos/videos.ts12
10 files changed, 31 insertions, 41 deletions
diff --git a/server/middlewares/validators/activitypub/activity.ts b/server/middlewares/validators/activitypub/activity.ts
index 3f9057c0c..7582f65e7 100644
--- a/server/middlewares/validators/activitypub/activity.ts
+++ b/server/middlewares/validators/activitypub/activity.ts
@@ -2,7 +2,6 @@ import * as express from 'express'
2import { isRootActivityValid } from '../../../helpers/custom-validators/activitypub/activity' 2import { isRootActivityValid } from '../../../helpers/custom-validators/activitypub/activity'
3import { logger } from '../../../helpers/logger' 3import { logger } from '../../../helpers/logger'
4import { getServerActor } from '../../../helpers/utils' 4import { getServerActor } from '../../../helpers/utils'
5import { ActorModel } from '../../../models/activitypub/actor'
6 5
7async function activityPubValidator (req: express.Request, res: express.Response, next: express.NextFunction) { 6async function activityPubValidator (req: express.Request, res: express.Response, next: express.NextFunction) {
8 logger.debug('Checking activity pub parameters') 7 logger.debug('Checking activity pub parameters')
@@ -13,7 +12,7 @@ async function activityPubValidator (req: express.Request, res: express.Response
13 } 12 }
14 13
15 const serverActor = await getServerActor() 14 const serverActor = await getServerActor()
16 const remoteActor = res.locals.signature.actor as ActorModel 15 const remoteActor = res.locals.signature.actor
17 if (serverActor.id === remoteActor.id) { 16 if (serverActor.id === remoteActor.id) {
18 logger.error('Receiving request in INBOX by ourselves!', req.body) 17 logger.error('Receiving request in INBOX by ourselves!', req.body)
19 return res.status(409).end() 18 return res.status(409).end()
diff --git a/server/middlewares/validators/blocklist.ts b/server/middlewares/validators/blocklist.ts
index d7ec649b6..f5b295f45 100644
--- a/server/middlewares/validators/blocklist.ts
+++ b/server/middlewares/validators/blocklist.ts
@@ -20,7 +20,7 @@ const blockAccountValidator = [
20 if (areValidationErrors(req, res)) return 20 if (areValidationErrors(req, res)) return
21 if (!await doesAccountNameWithHostExist(req.body.accountName, res)) return 21 if (!await doesAccountNameWithHostExist(req.body.accountName, res)) return
22 22
23 const user = res.locals.oauth.token.User as UserModel 23 const user = res.locals.oauth.token.User
24 const accountToBlock = res.locals.account 24 const accountToBlock = res.locals.account
25 25
26 if (user.Account.id === accountToBlock.id) { 26 if (user.Account.id === accountToBlock.id) {
@@ -44,7 +44,7 @@ const unblockAccountByAccountValidator = [
44 if (areValidationErrors(req, res)) return 44 if (areValidationErrors(req, res)) return
45 if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return 45 if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return
46 46
47 const user = res.locals.oauth.token.User as UserModel 47 const user = res.locals.oauth.token.User
48 const targetAccount = res.locals.account 48 const targetAccount = res.locals.account
49 if (!await doesUnblockAccountExist(user.Account.id, targetAccount.id, res)) return 49 if (!await doesUnblockAccountExist(user.Account.id, targetAccount.id, res)) return
50 50
@@ -106,7 +106,7 @@ const unblockServerByAccountValidator = [
106 106
107 if (areValidationErrors(req, res)) return 107 if (areValidationErrors(req, res)) return
108 108
109 const user = res.locals.oauth.token.User as UserModel 109 const user = res.locals.oauth.token.User
110 if (!await doesUnblockServerExist(user.Account.id, req.params.host, res)) return 110 if (!await doesUnblockServerExist(user.Account.id, req.params.host, res)) return
111 111
112 return next() 112 return next()
diff --git a/server/middlewares/validators/redundancy.ts b/server/middlewares/validators/redundancy.ts
index 419921928..76cf89c40 100644
--- a/server/middlewares/validators/redundancy.ts
+++ b/server/middlewares/validators/redundancy.ts
@@ -1,16 +1,12 @@
1import * as express from 'express' 1import * as express from 'express'
2import 'express-validator' 2import 'express-validator'
3import { param, body } from 'express-validator/check' 3import { body, param } from 'express-validator/check'
4import { exists, isBooleanValid, isIdOrUUIDValid, toIntOrNull } from '../../helpers/custom-validators/misc' 4import { exists, isBooleanValid, isIdOrUUIDValid, toIntOrNull } from '../../helpers/custom-validators/misc'
5import { doesVideoExist } from '../../helpers/custom-validators/videos' 5import { doesVideoExist } from '../../helpers/custom-validators/videos'
6import { logger } from '../../helpers/logger' 6import { logger } from '../../helpers/logger'
7import { areValidationErrors } from './utils' 7import { areValidationErrors } from './utils'
8import { VideoModel } from '../../models/video/video'
9import { VideoRedundancyModel } from '../../models/redundancy/video-redundancy' 8import { VideoRedundancyModel } from '../../models/redundancy/video-redundancy'
10import { isHostValid } from '../../helpers/custom-validators/servers' 9import { isHostValid } from '../../helpers/custom-validators/servers'
11import { getServerActor } from '../../helpers/utils'
12import { ActorFollowModel } from '../../models/activitypub/actor-follow'
13import { SERVER_ACTOR_NAME } from '../../initializers'
14import { ServerModel } from '../../models/server/server' 10import { ServerModel } from '../../models/server/server'
15 11
16const videoFileRedundancyGetValidator = [ 12const videoFileRedundancyGetValidator = [
@@ -29,7 +25,7 @@ const videoFileRedundancyGetValidator = [
29 if (areValidationErrors(req, res)) return 25 if (areValidationErrors(req, res)) return
30 if (!await doesVideoExist(req.params.videoId, res)) return 26 if (!await doesVideoExist(req.params.videoId, res)) return
31 27
32 const video: VideoModel = res.locals.video 28 const video = res.locals.video
33 const videoFile = video.VideoFiles.find(f => { 29 const videoFile = video.VideoFiles.find(f => {
34 return f.resolution === req.params.resolution && (!req.params.fps || f.fps === req.params.fps) 30 return f.resolution === req.params.resolution && (!req.params.fps || f.fps === req.params.fps)
35 }) 31 })
@@ -55,7 +51,7 @@ const videoPlaylistRedundancyGetValidator = [
55 if (areValidationErrors(req, res)) return 51 if (areValidationErrors(req, res)) return
56 if (!await doesVideoExist(req.params.videoId, res)) return 52 if (!await doesVideoExist(req.params.videoId, res)) return
57 53
58 const video: VideoModel = res.locals.video 54 const video = res.locals.video
59 const videoStreamingPlaylist = video.VideoStreamingPlaylists.find(p => p === req.params.streamingPlaylistType) 55 const videoStreamingPlaylist = video.VideoStreamingPlaylists.find(p => p === req.params.streamingPlaylistType)
60 56
61 if (!videoStreamingPlaylist) return res.status(404).json({ error: 'Video playlist not found.' }) 57 if (!videoStreamingPlaylist) return res.status(404).json({ error: 'Video playlist not found.' })
diff --git a/server/middlewares/validators/user-subscriptions.ts b/server/middlewares/validators/user-subscriptions.ts
index c5f8d9d4c..fd82ed017 100644
--- a/server/middlewares/validators/user-subscriptions.ts
+++ b/server/middlewares/validators/user-subscriptions.ts
@@ -5,7 +5,6 @@ import { logger } from '../../helpers/logger'
5import { areValidationErrors } from './utils' 5import { areValidationErrors } from './utils'
6import { ActorFollowModel } from '../../models/activitypub/actor-follow' 6import { ActorFollowModel } from '../../models/activitypub/actor-follow'
7import { areValidActorHandles, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor' 7import { areValidActorHandles, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor'
8import { UserModel } from '../../models/account/user'
9import { CONFIG } from '../../initializers' 8import { CONFIG } from '../../initializers'
10import { toArray } from '../../helpers/custom-validators/misc' 9import { toArray } from '../../helpers/custom-validators/misc'
11 10
@@ -46,7 +45,7 @@ const userSubscriptionGetValidator = [
46 let [ name, host ] = req.params.uri.split('@') 45 let [ name, host ] = req.params.uri.split('@')
47 if (host === CONFIG.WEBSERVER.HOST) host = null 46 if (host === CONFIG.WEBSERVER.HOST) host = null
48 47
49 const user: UserModel = res.locals.oauth.token.User 48 const user = res.locals.oauth.token.User
50 const subscription = await ActorFollowModel.loadByActorAndTargetNameAndHostForAPI(user.Account.Actor.id, name, host) 49 const subscription = await ActorFollowModel.loadByActorAndTargetNameAndHostForAPI(user.Account.Actor.id, name, host)
51 50
52 if (!subscription || !subscription.ActorFollowing.VideoChannel) { 51 if (!subscription || !subscription.ActorFollowing.VideoChannel) {
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 5e8c8c29b..e8ade0f97 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -14,7 +14,8 @@ import {
14 isUserRoleValid, 14 isUserRoleValid,
15 isUserUsernameValid, 15 isUserUsernameValid,
16 isUserVideoQuotaDailyValid, 16 isUserVideoQuotaDailyValid,
17 isUserVideoQuotaValid, isUserVideosHistoryEnabledValid 17 isUserVideoQuotaValid,
18 isUserVideosHistoryEnabledValid
18} from '../../helpers/custom-validators/users' 19} from '../../helpers/custom-validators/users'
19import { doesVideoExist } from '../../helpers/custom-validators/videos' 20import { doesVideoExist } from '../../helpers/custom-validators/videos'
20import { logger } from '../../helpers/logger' 21import { logger } from '../../helpers/logger'
@@ -100,7 +101,7 @@ const usersBlockingValidator = [
100 101
101const deleteMeValidator = [ 102const deleteMeValidator = [
102 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 103 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
103 const user: UserModel = res.locals.oauth.token.User 104 const user = res.locals.oauth.token.User
104 if (user.username === 'root') { 105 if (user.username === 'root') {
105 return res.status(400) 106 return res.status(400)
106 .send({ error: 'You cannot delete your root account.' }) 107 .send({ error: 'You cannot delete your root account.' })
@@ -159,8 +160,7 @@ const usersUpdateMeValidator = [
159 .end() 160 .end()
160 } 161 }
161 162
162 const user: UserModel = res.locals.oauth.token.User 163 const user= res.locals.oauth.token.User
163
164 if (await user.isPasswordMatch(req.body.currentPassword) !== true) { 164 if (await user.isPasswordMatch(req.body.currentPassword) !== true) {
165 return res.status(401) 165 return res.status(401)
166 .send({ error: 'currentPassword is invalid.' }) 166 .send({ error: 'currentPassword is invalid.' })
@@ -257,7 +257,7 @@ const usersResetPasswordValidator = [
257 if (areValidationErrors(req, res)) return 257 if (areValidationErrors(req, res)) return
258 if (!await checkUserIdExist(req.params.id, res)) return 258 if (!await checkUserIdExist(req.params.id, res)) return
259 259
260 const user = res.locals.user as UserModel 260 const user = res.locals.user
261 const redisVerificationString = await Redis.Instance.getResetPasswordLink(user.id) 261 const redisVerificationString = await Redis.Instance.getResetPasswordLink(user.id)
262 262
263 if (redisVerificationString !== req.body.verificationString) { 263 if (redisVerificationString !== req.body.verificationString) {
@@ -299,7 +299,7 @@ const usersVerifyEmailValidator = [
299 if (areValidationErrors(req, res)) return 299 if (areValidationErrors(req, res)) return
300 if (!await checkUserIdExist(req.params.id, res)) return 300 if (!await checkUserIdExist(req.params.id, res)) return
301 301
302 const user = res.locals.user as UserModel 302 const user = res.locals.user
303 const redisVerificationString = await Redis.Instance.getVerifyEmailLink(user.id) 303 const redisVerificationString = await Redis.Instance.getVerifyEmailLink(user.id)
304 304
305 if (redisVerificationString !== req.body.verificationString) { 305 if (redisVerificationString !== req.body.verificationString) {
diff --git a/server/middlewares/validators/videos/video-blacklist.ts b/server/middlewares/validators/videos/video-blacklist.ts
index 77ad29cbb..db318dcdb 100644
--- a/server/middlewares/validators/videos/video-blacklist.ts
+++ b/server/middlewares/validators/videos/video-blacklist.ts
@@ -5,7 +5,6 @@ import { doesVideoExist } from '../../../helpers/custom-validators/videos'
5import { logger } from '../../../helpers/logger' 5import { logger } from '../../../helpers/logger'
6import { areValidationErrors } from '../utils' 6import { areValidationErrors } from '../utils'
7import { doesVideoBlacklistExist, isVideoBlacklistReasonValid } from '../../../helpers/custom-validators/video-blacklist' 7import { doesVideoBlacklistExist, isVideoBlacklistReasonValid } from '../../../helpers/custom-validators/video-blacklist'
8import { VideoModel } from '../../../models/video/video'
9 8
10const videosBlacklistRemoveValidator = [ 9const videosBlacklistRemoveValidator = [
11 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), 10 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
@@ -37,7 +36,7 @@ const videosBlacklistAddValidator = [
37 if (areValidationErrors(req, res)) return 36 if (areValidationErrors(req, res)) return
38 if (!await doesVideoExist(req.params.videoId, res)) return 37 if (!await doesVideoExist(req.params.videoId, res)) return
39 38
40 const video: VideoModel = res.locals.video 39 const video = res.locals.video
41 if (req.body.unfederate === true && video.remote === true) { 40 if (req.body.unfederate === true && video.remote === true) {
42 return res 41 return res
43 .status(409) 42 .status(409)
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts
index 4bc79f433..55e09e354 100644
--- a/server/middlewares/validators/videos/video-playlists.ts
+++ b/server/middlewares/validators/videos/video-playlists.ts
@@ -103,7 +103,7 @@ const videoPlaylistsDeleteValidator = [
103 103
104 if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return 104 if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return
105 105
106 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 106 const videoPlaylist = res.locals.videoPlaylist
107 if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { 107 if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) {
108 return res.status(400) 108 return res.status(400)
109 .json({ error: 'Cannot delete a watch later playlist.' }) 109 .json({ error: 'Cannot delete a watch later playlist.' })
@@ -128,7 +128,7 @@ const videoPlaylistsGetValidator = [
128 128
129 if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return 129 if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return
130 130
131 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 131 const videoPlaylist = res.locals.videoPlaylist
132 132
133 // Video is unlisted, check we used the uuid to fetch it 133 // Video is unlisted, check we used the uuid to fetch it
134 if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) { 134 if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) {
@@ -140,8 +140,7 @@ const videoPlaylistsGetValidator = [
140 if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { 140 if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
141 await authenticatePromiseIfNeeded(req, res) 141 await authenticatePromiseIfNeeded(req, res)
142 142
143 const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : null 143 const user = res.locals.oauth ? res.locals.oauth.token.User : null
144
145 if ( 144 if (
146 !user || 145 !user ||
147 (videoPlaylist.OwnerAccount.userId !== user.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) 146 (videoPlaylist.OwnerAccount.userId !== user.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST))
@@ -177,8 +176,8 @@ const videoPlaylistsAddVideoValidator = [
177 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return 176 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
178 if (!await doesVideoExist(req.body.videoId, res, 'only-video')) return 177 if (!await doesVideoExist(req.body.videoId, res, 'only-video')) return
179 178
180 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 179 const videoPlaylist = res.locals.videoPlaylist
181 const video: VideoModel = res.locals.video 180 const video = res.locals.video
182 181
183 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id) 182 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id)
184 if (videoPlaylistElement) { 183 if (videoPlaylistElement) {
@@ -217,8 +216,8 @@ const videoPlaylistsUpdateOrRemoveVideoValidator = [
217 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return 216 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
218 if (!await doesVideoExist(req.params.videoId, res, 'id')) return 217 if (!await doesVideoExist(req.params.videoId, res, 'id')) return
219 218
220 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 219 const videoPlaylist = res.locals.videoPlaylist
221 const video: VideoModel = res.locals.video 220 const video = res.locals.video
222 221
223 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id) 222 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id)
224 if (!videoPlaylistElement) { 223 if (!videoPlaylistElement) {
@@ -284,7 +283,7 @@ const videoPlaylistsReorderVideosValidator = [
284 283
285 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return 284 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
286 285
287 const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist 286 const videoPlaylist = res.locals.videoPlaylist
288 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return 287 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return
289 288
290 const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id) 289 const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id)
diff --git a/server/middlewares/validators/videos/video-shares.ts b/server/middlewares/validators/videos/video-shares.ts
index f4514f85c..d5cbdb03e 100644
--- a/server/middlewares/validators/videos/video-shares.ts
+++ b/server/middlewares/validators/videos/video-shares.ts
@@ -6,7 +6,6 @@ import { doesVideoExist } from '../../../helpers/custom-validators/videos'
6import { logger } from '../../../helpers/logger' 6import { logger } from '../../../helpers/logger'
7import { VideoShareModel } from '../../../models/video/video-share' 7import { VideoShareModel } from '../../../models/video/video-share'
8import { areValidationErrors } from '../utils' 8import { areValidationErrors } from '../utils'
9import { VideoModel } from '../../../models/video/video'
10 9
11const videosShareValidator = [ 10const videosShareValidator = [
12 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), 11 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
@@ -18,7 +17,7 @@ const videosShareValidator = [
18 if (areValidationErrors(req, res)) return 17 if (areValidationErrors(req, res)) return
19 if (!await doesVideoExist(req.params.id, res)) return 18 if (!await doesVideoExist(req.params.id, res)) return
20 19
21 const video: VideoModel = res.locals.video 20 const video = res.locals.video
22 21
23 const share = await VideoShareModel.load(req.params.actorId, video.id) 22 const share = await VideoShareModel.load(req.params.actorId, video.id)
24 if (!share) { 23 if (!share) {
diff --git a/server/middlewares/validators/videos/video-watch.ts b/server/middlewares/validators/videos/video-watch.ts
index a3b70c0cc..a3a800d14 100644
--- a/server/middlewares/validators/videos/video-watch.ts
+++ b/server/middlewares/validators/videos/video-watch.ts
@@ -4,7 +4,6 @@ import { isIdOrUUIDValid } from '../../../helpers/custom-validators/misc'
4import { doesVideoExist } from '../../../helpers/custom-validators/videos' 4import { doesVideoExist } from '../../../helpers/custom-validators/videos'
5import { areValidationErrors } from '../utils' 5import { areValidationErrors } from '../utils'
6import { logger } from '../../../helpers/logger' 6import { logger } from '../../../helpers/logger'
7import { UserModel } from '../../../models/account/user'
8 7
9const videoWatchingValidator = [ 8const videoWatchingValidator = [
10 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), 9 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
@@ -18,7 +17,7 @@ const videoWatchingValidator = [
18 if (areValidationErrors(req, res)) return 17 if (areValidationErrors(req, res)) return
19 if (!await doesVideoExist(req.params.videoId, res, 'id')) return 18 if (!await doesVideoExist(req.params.videoId, res, 'id')) return
20 19
21 const user = res.locals.oauth.token.User as UserModel 20 const user = res.locals.oauth.token.User
22 if (user.videosHistoryEnabled === false) { 21 if (user.videosHistoryEnabled === false) {
23 logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id) 22 logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id)
24 return res.status(409).end() 23 return res.status(409).end()
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index 92218d4b1..b70abf429 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -130,7 +130,7 @@ const videosUpdateValidator = getCommonVideoEditAttributes().concat([
130]) 130])
131 131
132async function checkVideoFollowConstraints (req: express.Request, res: express.Response, next: express.NextFunction) { 132async function checkVideoFollowConstraints (req: express.Request, res: express.Response, next: express.NextFunction) {
133 const video: VideoModel = res.locals.video 133 const video = res.locals.video
134 134
135 // Anybody can watch local videos 135 // Anybody can watch local videos
136 if (video.isOwned() === true) return next() 136 if (video.isOwned() === true) return next()
@@ -164,13 +164,13 @@ const videosCustomGetValidator = (fetchType: VideoFetchType) => {
164 if (areValidationErrors(req, res)) return 164 if (areValidationErrors(req, res)) return
165 if (!await doesVideoExist(req.params.id, res, fetchType)) return 165 if (!await doesVideoExist(req.params.id, res, fetchType)) return
166 166
167 const video: VideoModel = res.locals.video 167 const video = res.locals.video
168 168
169 // Video private or blacklisted 169 // Video private or blacklisted
170 if (video.privacy === VideoPrivacy.PRIVATE || video.VideoBlacklist) { 170 if (video.privacy === VideoPrivacy.PRIVATE || video.VideoBlacklist) {
171 await authenticatePromiseIfNeeded(req, res) 171 await authenticatePromiseIfNeeded(req, res)
172 172
173 const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : null 173 const user = res.locals.oauth ? res.locals.oauth.token.User : null
174 174
175 // Only the owner or a user that have blacklist rights can see the video 175 // Only the owner or a user that have blacklist rights can see the video
176 if ( 176 if (
@@ -256,7 +256,7 @@ const videosTerminateChangeOwnershipValidator = [
256 return next() 256 return next()
257 }, 257 },
258 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 258 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
259 const videoChangeOwnership = res.locals.videoChangeOwnership as VideoChangeOwnershipModel 259 const videoChangeOwnership = res.locals.videoChangeOwnership
260 260
261 if (videoChangeOwnership.status === VideoChangeOwnershipStatus.WAITING) { 261 if (videoChangeOwnership.status === VideoChangeOwnershipStatus.WAITING) {
262 return next() 262 return next()
@@ -275,7 +275,7 @@ const videosAcceptChangeOwnershipValidator = [
275 if (!await doesVideoChannelOfAccountExist(body.channelId, res.locals.oauth.token.User, res)) return 275 if (!await doesVideoChannelOfAccountExist(body.channelId, res.locals.oauth.token.User, res)) return
276 276
277 const user = res.locals.oauth.token.User 277 const user = res.locals.oauth.token.User
278 const videoChangeOwnership = res.locals.videoChangeOwnership as VideoChangeOwnershipModel 278 const videoChangeOwnership = res.locals.videoChangeOwnership
279 const isAble = await user.isAbleToUploadVideo(videoChangeOwnership.Video.getOriginalFile()) 279 const isAble = await user.isAbleToUploadVideo(videoChangeOwnership.Video.getOriginalFile())
280 if (isAble === false) { 280 if (isAble === false) {
281 res.status(403) 281 res.status(403)
@@ -395,7 +395,7 @@ const commonVideosFiltersValidator = [
395 395
396 if (areValidationErrors(req, res)) return 396 if (areValidationErrors(req, res)) return
397 397
398 const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : undefined 398 const user = res.locals.oauth ? res.locals.oauth.token.User : undefined
399 if (req.query.filter === 'all-local' && (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false)) { 399 if (req.query.filter === 'all-local' && (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false)) {
400 res.status(401) 400 res.status(401)
401 .json({ error: 'You are not allowed to see all local videos.' }) 401 .json({ error: 'You are not allowed to see all local videos.' })