aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/validators/blocklist.ts12
-rw-r--r--server/middlewares/validators/bulk.ts41
2 files changed, 45 insertions, 8 deletions
diff --git a/server/middlewares/validators/blocklist.ts b/server/middlewares/validators/blocklist.ts
index 27224ff9b..c24fa9609 100644
--- a/server/middlewares/validators/blocklist.ts
+++ b/server/middlewares/validators/blocklist.ts
@@ -24,8 +24,7 @@ const blockAccountValidator = [
24 24
25 if (user.Account.id === accountToBlock.id) { 25 if (user.Account.id === accountToBlock.id) {
26 res.status(409) 26 res.status(409)
27 .send({ error: 'You cannot block yourself.' }) 27 .json({ error: 'You cannot block yourself.' })
28 .end()
29 28
30 return 29 return
31 } 30 }
@@ -80,8 +79,7 @@ const blockServerValidator = [
80 79
81 if (host === WEBSERVER.HOST) { 80 if (host === WEBSERVER.HOST) {
82 return res.status(409) 81 return res.status(409)
83 .send({ error: 'You cannot block your own server.' }) 82 .json({ error: 'You cannot block your own server.' })
84 .end()
85 } 83 }
86 84
87 const server = await ServerModel.loadOrCreateByHost(host) 85 const server = await ServerModel.loadOrCreateByHost(host)
@@ -139,8 +137,7 @@ async function doesUnblockAccountExist (accountId: number, targetAccountId: numb
139 const accountBlock = await AccountBlocklistModel.loadByAccountAndTarget(accountId, targetAccountId) 137 const accountBlock = await AccountBlocklistModel.loadByAccountAndTarget(accountId, targetAccountId)
140 if (!accountBlock) { 138 if (!accountBlock) {
141 res.status(404) 139 res.status(404)
142 .send({ error: 'Account block entry not found.' }) 140 .json({ error: 'Account block entry not found.' })
143 .end()
144 141
145 return false 142 return false
146 } 143 }
@@ -154,8 +151,7 @@ async function doesUnblockServerExist (accountId: number, host: string, res: exp
154 const serverBlock = await ServerBlocklistModel.loadByAccountAndHost(accountId, host) 151 const serverBlock = await ServerBlocklistModel.loadByAccountAndHost(accountId, host)
155 if (!serverBlock) { 152 if (!serverBlock) {
156 res.status(404) 153 res.status(404)
157 .send({ error: 'Server block entry not found.' }) 154 .json({ error: 'Server block entry not found.' })
158 .end()
159 155
160 return false 156 return false
161 } 157 }
diff --git a/server/middlewares/validators/bulk.ts b/server/middlewares/validators/bulk.ts
new file mode 100644
index 000000000..f9b0f565a
--- /dev/null
+++ b/server/middlewares/validators/bulk.ts
@@ -0,0 +1,41 @@
1import * as express from 'express'
2import { body } from 'express-validator'
3import { isBulkRemoveCommentsOfScopeValid } from '@server/helpers/custom-validators/bulk'
4import { doesAccountNameWithHostExist } from '@server/helpers/middlewares'
5import { UserRight } from '@shared/models'
6import { BulkRemoveCommentsOfBody } from '@shared/models/bulk/bulk-remove-comments-of-body.model'
7import { logger } from '../../helpers/logger'
8import { areValidationErrors } from './utils'
9
10const bulkRemoveCommentsOfValidator = [
11 body('accountName').exists().withMessage('Should have an account name with host'),
12 body('scope')
13 .custom(isBulkRemoveCommentsOfScopeValid).withMessage('Should have a valid scope'),
14
15 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
16 logger.debug('Checking bulkRemoveCommentsOfValidator parameters', { parameters: req.body })
17
18 if (areValidationErrors(req, res)) return
19 if (!await doesAccountNameWithHostExist(req.body.accountName, res)) return
20
21 const user = res.locals.oauth.token.User
22 const body = req.body as BulkRemoveCommentsOfBody
23
24 if (body.scope === 'instance' && user.hasRight(UserRight.REMOVE_ANY_VIDEO_COMMENT) !== true) {
25 return res.status(403)
26 .json({
27 error: 'User cannot remove any comments of this instance.'
28 })
29 }
30
31 return next()
32 }
33]
34
35// ---------------------------------------------------------------------------
36
37export {
38 bulkRemoveCommentsOfValidator
39}
40
41// ---------------------------------------------------------------------------