diff options
Diffstat (limited to 'server/middlewares/validators')
-rw-r--r-- | server/middlewares/validators/videos/video-imports.ts | 71 |
1 files changed, 66 insertions, 5 deletions
diff --git a/server/middlewares/validators/videos/video-imports.ts b/server/middlewares/validators/videos/video-imports.ts index e4b54283f..a3a5cc531 100644 --- a/server/middlewares/validators/videos/video-imports.ts +++ b/server/middlewares/validators/videos/video-imports.ts | |||
@@ -1,8 +1,10 @@ | |||
1 | import express from 'express' | 1 | import express from 'express' |
2 | import { body } from 'express-validator' | 2 | import { body, param } from 'express-validator' |
3 | import { isValid as isIPValid, parse as parseIP } from 'ipaddr.js' | ||
3 | import { isPreImportVideoAccepted } from '@server/lib/moderation' | 4 | import { isPreImportVideoAccepted } from '@server/lib/moderation' |
4 | import { Hooks } from '@server/lib/plugins/hooks' | 5 | import { Hooks } from '@server/lib/plugins/hooks' |
5 | import { HttpStatusCode } from '@shared/models' | 6 | import { MUserAccountId, MVideoImport } from '@server/types/models' |
7 | import { HttpStatusCode, UserRight, VideoImportState } from '@shared/models' | ||
6 | import { VideoImportCreate } from '@shared/models/videos/import/video-import-create.model' | 8 | import { VideoImportCreate } from '@shared/models/videos/import/video-import-create.model' |
7 | import { isIdValid, toIntOrNull } from '../../../helpers/custom-validators/misc' | 9 | import { isIdValid, toIntOrNull } from '../../../helpers/custom-validators/misc' |
8 | import { isVideoImportTargetUrlValid, isVideoImportTorrentFile } from '../../../helpers/custom-validators/video-imports' | 10 | import { isVideoImportTargetUrlValid, isVideoImportTorrentFile } from '../../../helpers/custom-validators/video-imports' |
@@ -11,9 +13,8 @@ import { cleanUpReqFiles } from '../../../helpers/express-utils' | |||
11 | import { logger } from '../../../helpers/logger' | 13 | import { logger } from '../../../helpers/logger' |
12 | import { CONFIG } from '../../../initializers/config' | 14 | import { CONFIG } from '../../../initializers/config' |
13 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' | 15 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' |
14 | import { areValidationErrors, doesVideoChannelOfAccountExist } from '../shared' | 16 | import { areValidationErrors, doesVideoChannelOfAccountExist, doesVideoImportExist } from '../shared' |
15 | import { getCommonVideoEditAttributes } from './videos' | 17 | import { getCommonVideoEditAttributes } from './videos' |
16 | import { isValid as isIPValid, parse as parseIP } from 'ipaddr.js' | ||
17 | 18 | ||
18 | const videoImportAddValidator = getCommonVideoEditAttributes().concat([ | 19 | const videoImportAddValidator = getCommonVideoEditAttributes().concat([ |
19 | body('channelId') | 20 | body('channelId') |
@@ -95,10 +96,58 @@ const videoImportAddValidator = getCommonVideoEditAttributes().concat([ | |||
95 | } | 96 | } |
96 | ]) | 97 | ]) |
97 | 98 | ||
99 | const videoImportDeleteValidator = [ | ||
100 | param('id') | ||
101 | .custom(isIdValid).withMessage('Should have correct import id'), | ||
102 | |||
103 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
104 | logger.debug('Checking videoImportDeleteValidator parameters', { parameters: req.params }) | ||
105 | |||
106 | if (areValidationErrors(req, res)) return | ||
107 | |||
108 | if (!await doesVideoImportExist(parseInt(req.params.id), res)) return | ||
109 | if (!checkUserCanManageImport(res.locals.oauth.token.user, res.locals.videoImport, res)) return | ||
110 | |||
111 | if (res.locals.videoImport.state === VideoImportState.PENDING) { | ||
112 | return res.fail({ | ||
113 | status: HttpStatusCode.CONFLICT_409, | ||
114 | message: 'Cannot delete a pending video import. Cancel it or wait for the end of the import first.' | ||
115 | }) | ||
116 | } | ||
117 | |||
118 | return next() | ||
119 | } | ||
120 | ] | ||
121 | |||
122 | const videoImportCancelValidator = [ | ||
123 | param('id') | ||
124 | .custom(isIdValid).withMessage('Should have correct import id'), | ||
125 | |||
126 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
127 | logger.debug('Checking videoImportCancelValidator parameters', { parameters: req.params }) | ||
128 | |||
129 | if (areValidationErrors(req, res)) return | ||
130 | |||
131 | if (!await doesVideoImportExist(parseInt(req.params.id), res)) return | ||
132 | if (!checkUserCanManageImport(res.locals.oauth.token.user, res.locals.videoImport, res)) return | ||
133 | |||
134 | if (res.locals.videoImport.state !== VideoImportState.PENDING) { | ||
135 | return res.fail({ | ||
136 | status: HttpStatusCode.CONFLICT_409, | ||
137 | message: 'Cannot cancel a non pending video import.' | ||
138 | }) | ||
139 | } | ||
140 | |||
141 | return next() | ||
142 | } | ||
143 | ] | ||
144 | |||
98 | // --------------------------------------------------------------------------- | 145 | // --------------------------------------------------------------------------- |
99 | 146 | ||
100 | export { | 147 | export { |
101 | videoImportAddValidator | 148 | videoImportAddValidator, |
149 | videoImportCancelValidator, | ||
150 | videoImportDeleteValidator | ||
102 | } | 151 | } |
103 | 152 | ||
104 | // --------------------------------------------------------------------------- | 153 | // --------------------------------------------------------------------------- |
@@ -132,3 +181,15 @@ async function isImportAccepted (req: express.Request, res: express.Response) { | |||
132 | 181 | ||
133 | return true | 182 | return true |
134 | } | 183 | } |
184 | |||
185 | function checkUserCanManageImport (user: MUserAccountId, videoImport: MVideoImport, res: express.Response) { | ||
186 | if (user.hasRight(UserRight.MANAGE_VIDEO_IMPORTS) === false && videoImport.userId !== user.id) { | ||
187 | res.fail({ | ||
188 | status: HttpStatusCode.FORBIDDEN_403, | ||
189 | message: 'Cannot manage video import of another user' | ||
190 | }) | ||
191 | return false | ||
192 | } | ||
193 | |||
194 | return true | ||
195 | } | ||