diff options
Diffstat (limited to 'server/middlewares/validators')
-rw-r--r-- | server/middlewares/validators/index.js | 19 | ||||
-rw-r--r-- | server/middlewares/validators/pagination.js | 21 | ||||
-rw-r--r-- | server/middlewares/validators/pods.js | 41 | ||||
-rw-r--r-- | server/middlewares/validators/remote.js | 41 | ||||
-rw-r--r-- | server/middlewares/validators/sort.js | 23 | ||||
-rw-r--r-- | server/middlewares/validators/utils.js | 25 | ||||
-rw-r--r-- | server/middlewares/validators/videos.js | 97 |
7 files changed, 267 insertions, 0 deletions
diff --git a/server/middlewares/validators/index.js b/server/middlewares/validators/index.js new file mode 100644 index 000000000..0471b3f92 --- /dev/null +++ b/server/middlewares/validators/index.js | |||
@@ -0,0 +1,19 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | const paginationValidators = require('./pagination') | ||
4 | const podsValidators = require('./pods') | ||
5 | const remoteValidators = require('./remote') | ||
6 | const sortValidators = require('./sort') | ||
7 | const videosValidators = require('./videos') | ||
8 | |||
9 | const validators = { | ||
10 | pagination: paginationValidators, | ||
11 | pods: podsValidators, | ||
12 | remote: remoteValidators, | ||
13 | sort: sortValidators, | ||
14 | videos: videosValidators | ||
15 | } | ||
16 | |||
17 | // --------------------------------------------------------------------------- | ||
18 | |||
19 | module.exports = validators | ||
diff --git a/server/middlewares/validators/pagination.js b/server/middlewares/validators/pagination.js new file mode 100644 index 000000000..8e9a01053 --- /dev/null +++ b/server/middlewares/validators/pagination.js | |||
@@ -0,0 +1,21 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | const checkErrors = require('./utils').checkErrors | ||
4 | const logger = require('../../helpers/logger') | ||
5 | |||
6 | const validatorsPagination = { | ||
7 | pagination: pagination | ||
8 | } | ||
9 | |||
10 | function pagination (req, res, next) { | ||
11 | req.checkQuery('start', 'Should have a number start').optional().isInt() | ||
12 | req.checkQuery('count', 'Should have a number count').optional().isInt() | ||
13 | |||
14 | logger.debug('Checking pagination parameters', { parameters: req.query }) | ||
15 | |||
16 | checkErrors(req, res, next) | ||
17 | } | ||
18 | |||
19 | // --------------------------------------------------------------------------- | ||
20 | |||
21 | module.exports = validatorsPagination | ||
diff --git a/server/middlewares/validators/pods.js b/server/middlewares/validators/pods.js new file mode 100644 index 000000000..fda2e865f --- /dev/null +++ b/server/middlewares/validators/pods.js | |||
@@ -0,0 +1,41 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | const checkErrors = require('./utils').checkErrors | ||
4 | const friends = require('../../lib/friends') | ||
5 | const logger = require('../../helpers/logger') | ||
6 | |||
7 | const validatorsPod = { | ||
8 | makeFriends: makeFriends, | ||
9 | podsAdd: podsAdd | ||
10 | } | ||
11 | |||
12 | function makeFriends (req, res, next) { | ||
13 | friends.hasFriends(function (err, hasFriends) { | ||
14 | if (err) { | ||
15 | logger.error('Cannot know if we have friends.', { error: err }) | ||
16 | res.sendStatus(500) | ||
17 | } | ||
18 | |||
19 | if (hasFriends === true) { | ||
20 | // We need to quit our friends before make new ones | ||
21 | res.sendStatus(409) | ||
22 | } else { | ||
23 | return next() | ||
24 | } | ||
25 | }) | ||
26 | } | ||
27 | |||
28 | function podsAdd (req, res, next) { | ||
29 | req.checkBody('url', 'Should have an url').notEmpty().isURL({ require_protocol: true }) | ||
30 | req.checkBody('publicKey', 'Should have a public key').notEmpty() | ||
31 | |||
32 | // TODO: check we don't have it already | ||
33 | |||
34 | logger.debug('Checking podsAdd parameters', { parameters: req.body }) | ||
35 | |||
36 | checkErrors(req, res, next) | ||
37 | } | ||
38 | |||
39 | // --------------------------------------------------------------------------- | ||
40 | |||
41 | module.exports = validatorsPod | ||
diff --git a/server/middlewares/validators/remote.js b/server/middlewares/validators/remote.js new file mode 100644 index 000000000..1be119458 --- /dev/null +++ b/server/middlewares/validators/remote.js | |||
@@ -0,0 +1,41 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | const checkErrors = require('./utils').checkErrors | ||
4 | const logger = require('../../helpers/logger') | ||
5 | |||
6 | const validatorsRemote = { | ||
7 | dataToDecrypt: dataToDecrypt, | ||
8 | remoteVideos: remoteVideos, | ||
9 | signature: signature | ||
10 | } | ||
11 | |||
12 | function dataToDecrypt (req, res, next) { | ||
13 | req.checkBody('key', 'Should have a key').notEmpty() | ||
14 | req.checkBody('data', 'Should have data').notEmpty() | ||
15 | |||
16 | logger.debug('Checking dataToDecrypt parameters', { parameters: { keyLength: req.body.key.length, bodyLength: req.body.data.length } }) | ||
17 | |||
18 | checkErrors(req, res, next) | ||
19 | } | ||
20 | |||
21 | function remoteVideos (req, res, next) { | ||
22 | req.checkBody('data').isArray() | ||
23 | req.checkBody('data').isEachRemoteVideosValid() | ||
24 | |||
25 | logger.debug('Checking remoteVideos parameters', { parameters: req.body }) | ||
26 | |||
27 | checkErrors(req, res, next) | ||
28 | } | ||
29 | |||
30 | function signature (req, res, next) { | ||
31 | req.checkBody('signature.url', 'Should have a signature url').isURL() | ||
32 | req.checkBody('signature.signature', 'Should have a signature').notEmpty() | ||
33 | |||
34 | logger.debug('Checking signature parameters', { parameters: { signatureUrl: req.body.signature.url } }) | ||
35 | |||
36 | checkErrors(req, res, next) | ||
37 | } | ||
38 | |||
39 | // --------------------------------------------------------------------------- | ||
40 | |||
41 | module.exports = validatorsRemote | ||
diff --git a/server/middlewares/validators/sort.js b/server/middlewares/validators/sort.js new file mode 100644 index 000000000..56b63cc8b --- /dev/null +++ b/server/middlewares/validators/sort.js | |||
@@ -0,0 +1,23 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | const checkErrors = require('./utils').checkErrors | ||
4 | const constants = require('../../initializers/constants') | ||
5 | const logger = require('../../helpers/logger') | ||
6 | |||
7 | const validatorsSort = { | ||
8 | videosSort: videosSort | ||
9 | } | ||
10 | |||
11 | function videosSort (req, res, next) { | ||
12 | const sortableColumns = constants.SORTABLE_COLUMNS.VIDEOS | ||
13 | |||
14 | req.checkQuery('sort', 'Should have correct sortable column').optional().isIn(sortableColumns) | ||
15 | |||
16 | logger.debug('Checking sort parameters', { parameters: req.query }) | ||
17 | |||
18 | checkErrors(req, res, next) | ||
19 | } | ||
20 | |||
21 | // --------------------------------------------------------------------------- | ||
22 | |||
23 | module.exports = validatorsSort | ||
diff --git a/server/middlewares/validators/utils.js b/server/middlewares/validators/utils.js new file mode 100644 index 000000000..f6e5b2b38 --- /dev/null +++ b/server/middlewares/validators/utils.js | |||
@@ -0,0 +1,25 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | const util = require('util') | ||
4 | |||
5 | const logger = require('../../helpers/logger') | ||
6 | |||
7 | const validatorsUtils = { | ||
8 | checkErrors: checkErrors | ||
9 | } | ||
10 | |||
11 | function checkErrors (req, res, next, statusCode) { | ||
12 | if (statusCode === undefined) statusCode = 400 | ||
13 | const errors = req.validationErrors() | ||
14 | |||
15 | if (errors) { | ||
16 | logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors }) | ||
17 | return res.status(statusCode).send('There have been validation errors: ' + util.inspect(errors)) | ||
18 | } | ||
19 | |||
20 | return next() | ||
21 | } | ||
22 | |||
23 | // --------------------------------------------------------------------------- | ||
24 | |||
25 | module.exports = validatorsUtils | ||
diff --git a/server/middlewares/validators/videos.js b/server/middlewares/validators/videos.js new file mode 100644 index 000000000..24e2299dc --- /dev/null +++ b/server/middlewares/validators/videos.js | |||
@@ -0,0 +1,97 @@ | |||
1 | 'use strict' | ||
2 | |||
3 | const mongoose = require('mongoose') | ||
4 | |||
5 | const checkErrors = require('./utils').checkErrors | ||
6 | const constants = require('../../initializers/constants') | ||
7 | const customValidators = require('../../helpers/customValidators') | ||
8 | const logger = require('../../helpers/logger') | ||
9 | |||
10 | const Video = mongoose.model('Video') | ||
11 | |||
12 | const validatorsVideos = { | ||
13 | videosAdd: videosAdd, | ||
14 | videosGet: videosGet, | ||
15 | videosRemove: videosRemove, | ||
16 | videosSearch: videosSearch | ||
17 | } | ||
18 | |||
19 | function videosAdd (req, res, next) { | ||
20 | req.checkFiles('videofile[0].originalname', 'Should have an input video').notEmpty() | ||
21 | req.checkFiles('videofile[0].mimetype', 'Should have a correct mime type').matches(/video\/(webm)|(mp4)|(ogg)/i) | ||
22 | req.checkBody('name', 'Should have a valid name').isVideoNameValid() | ||
23 | req.checkBody('description', 'Should have a valid description').isVideoDescriptionValid() | ||
24 | req.checkBody('tags', 'Should have correct tags').isVideoTagsValid() | ||
25 | |||
26 | logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) | ||
27 | |||
28 | checkErrors(req, res, function () { | ||
29 | const videoFile = req.files.videofile[0] | ||
30 | |||
31 | Video.getDurationFromFile(videoFile.path, function (err, duration) { | ||
32 | if (err) { | ||
33 | return res.status(400).send('Cannot retrieve metadata of the file.') | ||
34 | } | ||
35 | |||
36 | if (!customValidators.isVideoDurationValid(duration)) { | ||
37 | return res.status(400).send('Duration of the video file is too big (max: ' + constants.VIDEOS_CONSTRAINTS_FIELDS.DURATION.max + 's).') | ||
38 | } | ||
39 | |||
40 | videoFile.duration = duration | ||
41 | next() | ||
42 | }) | ||
43 | }) | ||
44 | } | ||
45 | |||
46 | function videosGet (req, res, next) { | ||
47 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() | ||
48 | |||
49 | logger.debug('Checking videosGet parameters', { parameters: req.params }) | ||
50 | |||
51 | checkErrors(req, res, function () { | ||
52 | Video.load(req.params.id, function (err, video) { | ||
53 | if (err) { | ||
54 | logger.error('Error in videosGet request validator.', { error: err }) | ||
55 | return res.sendStatus(500) | ||
56 | } | ||
57 | |||
58 | if (!video) return res.status(404).send('Video not found') | ||
59 | |||
60 | next() | ||
61 | }) | ||
62 | }) | ||
63 | } | ||
64 | |||
65 | function videosRemove (req, res, next) { | ||
66 | req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() | ||
67 | |||
68 | logger.debug('Checking videosRemove parameters', { parameters: req.params }) | ||
69 | |||
70 | checkErrors(req, res, function () { | ||
71 | Video.load(req.params.id, function (err, video) { | ||
72 | if (err) { | ||
73 | logger.error('Error in videosRemove request validator.', { error: err }) | ||
74 | return res.sendStatus(500) | ||
75 | } | ||
76 | |||
77 | if (!video) return res.status(404).send('Video not found') | ||
78 | else if (video.isOwned() === false) return res.status(403).send('Cannot remove video of another pod') | ||
79 | |||
80 | next() | ||
81 | }) | ||
82 | }) | ||
83 | } | ||
84 | |||
85 | function videosSearch (req, res, next) { | ||
86 | const searchableColumns = constants.SEARCHABLE_COLUMNS.VIDEOS | ||
87 | req.checkParams('value', 'Should have a valid search').notEmpty() | ||
88 | req.checkQuery('field', 'Should have correct searchable column').optional().isIn(searchableColumns) | ||
89 | |||
90 | logger.debug('Checking videosSearch parameters', { parameters: req.params }) | ||
91 | |||
92 | checkErrors(req, res, next) | ||
93 | } | ||
94 | |||
95 | // --------------------------------------------------------------------------- | ||
96 | |||
97 | module.exports = validatorsVideos | ||