diff options
Diffstat (limited to 'server/middlewares/validators')
-rw-r--r-- | server/middlewares/validators/videos.ts | 197 |
1 files changed, 72 insertions, 125 deletions
diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts index 899def6fc..a2f64ef8f 100644 --- a/server/middlewares/validators/videos.ts +++ b/server/middlewares/validators/videos.ts | |||
@@ -1,6 +1,6 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import 'express-validator' | 2 | import 'express-validator' |
3 | import { body, param, query } from 'express-validator/check' | 3 | import { body, param, query, ValidationChain } from 'express-validator/check' |
4 | import { UserRight, VideoPrivacy } from '../../../shared' | 4 | import { UserRight, VideoPrivacy } from '../../../shared' |
5 | import { | 5 | import { |
6 | isBooleanValid, | 6 | isBooleanValid, |
@@ -36,76 +36,16 @@ import { VideoShareModel } from '../../models/video/video-share' | |||
36 | import { authenticate } from '../oauth' | 36 | import { authenticate } from '../oauth' |
37 | import { areValidationErrors } from './utils' | 37 | import { areValidationErrors } from './utils' |
38 | 38 | ||
39 | const videosAddValidator = [ | 39 | const videosAddValidator = getCommonVideoAttributes().concat([ |
40 | body('videofile') | 40 | body('videofile') |
41 | .custom((value, { req }) => isVideoFile(req.files)).withMessage( | 41 | .custom((value, { req }) => isVideoFile(req.files)).withMessage( |
42 | 'This file is not supported or too large. Please, make sure it is of the following type: ' | 42 | 'This file is not supported or too large. Please, make sure it is of the following type: ' |
43 | + CONSTRAINTS_FIELDS.VIDEOS.EXTNAME.join(', ') | 43 | + CONSTRAINTS_FIELDS.VIDEOS.EXTNAME.join(', ') |
44 | ), | 44 | ), |
45 | body('thumbnailfile') | ||
46 | .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage( | ||
47 | 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: ' | ||
48 | + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') | ||
49 | ), | ||
50 | body('previewfile') | ||
51 | .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage( | ||
52 | 'This preview file is not supported or too large. Please, make sure it is of the following type: ' | ||
53 | + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') | ||
54 | ), | ||
55 | body('name').custom(isVideoNameValid).withMessage('Should have a valid name'), | 45 | body('name').custom(isVideoNameValid).withMessage('Should have a valid name'), |
56 | body('category') | ||
57 | .optional() | ||
58 | .customSanitizer(toIntOrNull) | ||
59 | .custom(isVideoCategoryValid).withMessage('Should have a valid category'), | ||
60 | body('licence') | ||
61 | .optional() | ||
62 | .customSanitizer(toIntOrNull) | ||
63 | .custom(isVideoLicenceValid).withMessage('Should have a valid licence'), | ||
64 | body('language') | ||
65 | .optional() | ||
66 | .customSanitizer(toValueOrNull) | ||
67 | .custom(isVideoLanguageValid).withMessage('Should have a valid language'), | ||
68 | body('nsfw') | ||
69 | .optional() | ||
70 | .toBoolean() | ||
71 | .custom(isBooleanValid).withMessage('Should have a valid NSFW attribute'), | ||
72 | body('waitTranscoding') | ||
73 | .optional() | ||
74 | .toBoolean() | ||
75 | .custom(isBooleanValid).withMessage('Should have a valid wait transcoding attribute'), | ||
76 | body('description') | ||
77 | .optional() | ||
78 | .customSanitizer(toValueOrNull) | ||
79 | .custom(isVideoDescriptionValid).withMessage('Should have a valid description'), | ||
80 | body('support') | ||
81 | .optional() | ||
82 | .customSanitizer(toValueOrNull) | ||
83 | .custom(isVideoSupportValid).withMessage('Should have a valid support text'), | ||
84 | body('tags') | ||
85 | .optional() | ||
86 | .customSanitizer(toValueOrNull) | ||
87 | .custom(isVideoTagsValid).withMessage('Should have correct tags'), | ||
88 | body('commentsEnabled') | ||
89 | .optional() | ||
90 | .toBoolean() | ||
91 | .custom(isBooleanValid).withMessage('Should have comments enabled boolean'), | ||
92 | body('privacy') | ||
93 | .optional() | ||
94 | .toInt() | ||
95 | .custom(isVideoPrivacyValid).withMessage('Should have correct video privacy'), | ||
96 | body('channelId') | 46 | body('channelId') |
97 | .toInt() | 47 | .toInt() |
98 | .custom(isIdValid).withMessage('Should have correct video channel id'), | 48 | .custom(isIdValid).withMessage('Should have correct video channel id'), |
99 | body('scheduleUpdate') | ||
100 | .optional() | ||
101 | .customSanitizer(toValueOrNull), | ||
102 | body('scheduleUpdate.updateAt') | ||
103 | .optional() | ||
104 | .custom(isDateValid).withMessage('Should have a valid schedule update date'), | ||
105 | body('scheduleUpdate.privacy') | ||
106 | .optional() | ||
107 | .toInt() | ||
108 | .custom(isScheduleVideoUpdatePrivacyValid).withMessage('Should have correct schedule update privacy'), | ||
109 | 49 | ||
110 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 50 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
111 | logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) | 51 | logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) |
@@ -145,77 +85,17 @@ const videosAddValidator = [ | |||
145 | 85 | ||
146 | return next() | 86 | return next() |
147 | } | 87 | } |
148 | ] | 88 | ]) |
149 | 89 | ||
150 | const videosUpdateValidator = [ | 90 | const videosUpdateValidator = getCommonVideoAttributes().concat([ |
151 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | 91 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
152 | body('thumbnailfile') | ||
153 | .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage( | ||
154 | 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: ' | ||
155 | + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') | ||
156 | ), | ||
157 | body('previewfile') | ||
158 | .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage( | ||
159 | 'This preview file is not supported or too large. Please, make sure it is of the following type: ' | ||
160 | + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') | ||
161 | ), | ||
162 | body('name') | 92 | body('name') |
163 | .optional() | 93 | .optional() |
164 | .custom(isVideoNameValid).withMessage('Should have a valid name'), | 94 | .custom(isVideoNameValid).withMessage('Should have a valid name'), |
165 | body('category') | ||
166 | .optional() | ||
167 | .customSanitizer(toIntOrNull) | ||
168 | .custom(isVideoCategoryValid).withMessage('Should have a valid category'), | ||
169 | body('licence') | ||
170 | .optional() | ||
171 | .customSanitizer(toIntOrNull) | ||
172 | .custom(isVideoLicenceValid).withMessage('Should have a valid licence'), | ||
173 | body('language') | ||
174 | .optional() | ||
175 | .customSanitizer(toValueOrNull) | ||
176 | .custom(isVideoLanguageValid).withMessage('Should have a valid language'), | ||
177 | body('nsfw') | ||
178 | .optional() | ||
179 | .toBoolean() | ||
180 | .custom(isBooleanValid).withMessage('Should have a valid NSFW attribute'), | ||
181 | body('waitTranscoding') | ||
182 | .optional() | ||
183 | .toBoolean() | ||
184 | .custom(isBooleanValid).withMessage('Should have a valid wait transcoding attribute'), | ||
185 | body('privacy') | ||
186 | .optional() | ||
187 | .toInt() | ||
188 | .custom(isVideoPrivacyValid).withMessage('Should have correct video privacy'), | ||
189 | body('description') | ||
190 | .optional() | ||
191 | .customSanitizer(toValueOrNull) | ||
192 | .custom(isVideoDescriptionValid).withMessage('Should have a valid description'), | ||
193 | body('support') | ||
194 | .optional() | ||
195 | .customSanitizer(toValueOrNull) | ||
196 | .custom(isVideoSupportValid).withMessage('Should have a valid support text'), | ||
197 | body('tags') | ||
198 | .optional() | ||
199 | .customSanitizer(toValueOrNull) | ||
200 | .custom(isVideoTagsValid).withMessage('Should have correct tags'), | ||
201 | body('commentsEnabled') | ||
202 | .optional() | ||
203 | .toBoolean() | ||
204 | .custom(isBooleanValid).withMessage('Should have comments enabled boolean'), | ||
205 | body('channelId') | 95 | body('channelId') |
206 | .optional() | 96 | .optional() |
207 | .toInt() | 97 | .toInt() |
208 | .custom(isIdValid).withMessage('Should have correct video channel id'), | 98 | .custom(isIdValid).withMessage('Should have correct video channel id'), |
209 | body('scheduleUpdate') | ||
210 | .optional() | ||
211 | .customSanitizer(toValueOrNull), | ||
212 | body('scheduleUpdate.updateAt') | ||
213 | .optional() | ||
214 | .custom(isDateValid).withMessage('Should have a valid schedule update date'), | ||
215 | body('scheduleUpdate.privacy') | ||
216 | .optional() | ||
217 | .toInt() | ||
218 | .custom(isScheduleVideoUpdatePrivacyValid).withMessage('Should have correct schedule update privacy'), | ||
219 | 99 | ||
220 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 100 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
221 | logger.debug('Checking videosUpdate parameters', { parameters: req.body }) | 101 | logger.debug('Checking videosUpdate parameters', { parameters: req.body }) |
@@ -241,7 +121,7 @@ const videosUpdateValidator = [ | |||
241 | 121 | ||
242 | return next() | 122 | return next() |
243 | } | 123 | } |
244 | ] | 124 | ]) |
245 | 125 | ||
246 | const videosGetValidator = [ | 126 | const videosGetValidator = [ |
247 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | 127 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
@@ -404,3 +284,70 @@ function areErrorsInScheduleUpdate (req: express.Request, res: express.Response) | |||
404 | 284 | ||
405 | return false | 285 | return false |
406 | } | 286 | } |
287 | |||
288 | function getCommonVideoAttributes () { | ||
289 | return [ | ||
290 | body('thumbnailfile') | ||
291 | .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage( | ||
292 | 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: ' | ||
293 | + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') | ||
294 | ), | ||
295 | body('previewfile') | ||
296 | .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage( | ||
297 | 'This preview file is not supported or too large. Please, make sure it is of the following type: ' | ||
298 | + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') | ||
299 | ), | ||
300 | |||
301 | body('category') | ||
302 | .optional() | ||
303 | .customSanitizer(toIntOrNull) | ||
304 | .custom(isVideoCategoryValid).withMessage('Should have a valid category'), | ||
305 | body('licence') | ||
306 | .optional() | ||
307 | .customSanitizer(toIntOrNull) | ||
308 | .custom(isVideoLicenceValid).withMessage('Should have a valid licence'), | ||
309 | body('language') | ||
310 | .optional() | ||
311 | .customSanitizer(toValueOrNull) | ||
312 | .custom(isVideoLanguageValid).withMessage('Should have a valid language'), | ||
313 | body('nsfw') | ||
314 | .optional() | ||
315 | .toBoolean() | ||
316 | .custom(isBooleanValid).withMessage('Should have a valid NSFW attribute'), | ||
317 | body('waitTranscoding') | ||
318 | .optional() | ||
319 | .toBoolean() | ||
320 | .custom(isBooleanValid).withMessage('Should have a valid wait transcoding attribute'), | ||
321 | body('privacy') | ||
322 | .optional() | ||
323 | .toInt() | ||
324 | .custom(isVideoPrivacyValid).withMessage('Should have correct video privacy'), | ||
325 | body('description') | ||
326 | .optional() | ||
327 | .customSanitizer(toValueOrNull) | ||
328 | .custom(isVideoDescriptionValid).withMessage('Should have a valid description'), | ||
329 | body('support') | ||
330 | .optional() | ||
331 | .customSanitizer(toValueOrNull) | ||
332 | .custom(isVideoSupportValid).withMessage('Should have a valid support text'), | ||
333 | body('tags') | ||
334 | .optional() | ||
335 | .customSanitizer(toValueOrNull) | ||
336 | .custom(isVideoTagsValid).withMessage('Should have correct tags'), | ||
337 | body('commentsEnabled') | ||
338 | .optional() | ||
339 | .toBoolean() | ||
340 | .custom(isBooleanValid).withMessage('Should have comments enabled boolean'), | ||
341 | |||
342 | body('scheduleUpdate') | ||
343 | .optional() | ||
344 | .customSanitizer(toValueOrNull), | ||
345 | body('scheduleUpdate.updateAt') | ||
346 | .optional() | ||
347 | .custom(isDateValid).withMessage('Should have a valid schedule update date'), | ||
348 | body('scheduleUpdate.privacy') | ||
349 | .optional() | ||
350 | .toInt() | ||
351 | .custom(isScheduleVideoUpdatePrivacyValid).withMessage('Should have correct schedule update privacy') | ||
352 | ] as (ValidationChain | express.Handler)[] | ||
353 | } | ||