1 files changed, 44 insertions, 1 deletions
diff --git a/server/middlewares/validators/blocklist.ts b/server/middlewares/validators/blocklist.ts
index 9dbd5e512..25c054d6b 100644
--- a/server/middlewares/validators/blocklist.ts
+++ b/server/middlewares/validators/blocklist.ts
@@ -1,4 +1,4 @@
-import { param, body } from 'express-validator/check'
+import { body, param } from 'express-validator/check'
 import * as express from 'express'
 import { logger } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
@@ -7,6 +7,8 @@ import { UserModel } from '../../models/account/user'
 import { AccountBlocklistModel } from '../../models/account/account-blocklist'
 import { isHostValid } from '../../helpers/custom-validators/servers'
 import { ServerBlocklistModel } from '../../models/server/server-blocklist'
+import { ServerModel } from '../../models/server/server'
+import { CONFIG } from '../../initializers'
 const blockAccountByAccountValidator = [
  body('accountName').exists().withMessage('Should have an account name with host'),
@@ -17,6 +19,17 @@ const blockAccountByAccountValidator = [
    if (areValidationErrors(req, res)) return
    if (!await isAccountNameWithHostExist(req.body.accountName, res)) return
+    const user = res.locals.oauth.token.User as UserModel
+    const accountToBlock = res.locals.account
+    if (user.Account.id === accountToBlock.id) {
+      res.status(409)
+         .send({ error: 'You cannot block yourself.' })
+         .end()
+      return
+    }
    return next()
  }
 ]
@@ -38,6 +51,35 @@ const unblockAccountByAccountValidator = [
  }
 ]
+const blockServerByAccountValidator = [
+  body('host').custom(isHostValid).withMessage('Should have a valid host'),
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking serverGetValidator parameters', { parameters: req.body })
+    if (areValidationErrors(req, res)) return
+    const host: string = req.body.host
+    if (host === CONFIG.WEBSERVER.HOST) {
+      return res.status(409)
+        .send({ error: 'You cannot block your own server.' })
+        .end()
+    }
+    const server = await ServerModel.loadByHost(host)
+    if (!server) {
+      return res.status(404)
+                .send({ error: 'Server host not found.' })
+                .end()
+    }
+    res.locals.server = server
+    return next()
+  }
+]
 const unblockServerByAccountValidator = [
  param('host').custom(isHostValid).withMessage('Should have an account name with host'),
@@ -56,6 +98,7 @@ const unblockServerByAccountValidator = [
 // ---------------------------------------------------------------------------
 export {
+  blockServerByAccountValidator,
  blockAccountByAccountValidator,
  unblockAccountByAccountValidator,
  unblockServerByAccountValidator

diff --git a/server/middlewares/validators/blocklist.ts b/server/middlewares/validators/blocklist.ts index 9dbd5e512..25c054d6b 100644 --- a/server/middlewares/validators/blocklist.ts +++ b/server/middlewares/validators/blocklist.ts
@@ -1,4 +1,4 @@
1	import { param, body } from 'express-validator/check'	1	import { body, param } from 'express-validator/check'
2	import * as express from 'express'	2	import * as express from 'express'
3	import { logger } from '../../helpers/logger'	3	import { logger } from '../../helpers/logger'
4	import { areValidationErrors } from './utils'	4	import { areValidationErrors } from './utils'
@@ -7,6 +7,8 @@ import { UserModel } from '../../models/account/user'
7	import { AccountBlocklistModel } from '../../models/account/account-blocklist'	7	import { AccountBlocklistModel } from '../../models/account/account-blocklist'
8	import { isHostValid } from '../../helpers/custom-validators/servers'	8	import { isHostValid } from '../../helpers/custom-validators/servers'
9	import { ServerBlocklistModel } from '../../models/server/server-blocklist'	9	import { ServerBlocklistModel } from '../../models/server/server-blocklist'
		10	import { ServerModel } from '../../models/server/server'
		11	import { CONFIG } from '../../initializers'
10		12
11	const blockAccountByAccountValidator = [	13	const blockAccountByAccountValidator = [
12	body('accountName').exists().withMessage('Should have an account name with host'),	14	body('accountName').exists().withMessage('Should have an account name with host'),
@@ -17,6 +19,17 @@ const blockAccountByAccountValidator = [
17	if (areValidationErrors(req, res)) return	19	if (areValidationErrors(req, res)) return
18	if (!await isAccountNameWithHostExist(req.body.accountName, res)) return	20	if (!await isAccountNameWithHostExist(req.body.accountName, res)) return
19		21
		22	const user = res.locals.oauth.token.User as UserModel
		23	const accountToBlock = res.locals.account
		24
		25	if (user.Account.id === accountToBlock.id) {
		26	res.status(409)
		27	.send({ error: 'You cannot block yourself.' })
		28	.end()
		29
		30	return
		31	}
		32
20	return next()	33	return next()
21	}	34	}
22	]	35	]
@@ -38,6 +51,35 @@ const unblockAccountByAccountValidator = [
38	}	51	}
39	]	52	]
40		53
		54	const blockServerByAccountValidator = [
		55	body('host').custom(isHostValid).withMessage('Should have a valid host'),
		56
		57	async (req: express.Request, res: express.Response, next: express.NextFunction) => {
		58	logger.debug('Checking serverGetValidator parameters', { parameters: req.body })
		59
		60	if (areValidationErrors(req, res)) return
		61
		62	const host: string = req.body.host
		63
		64	if (host === CONFIG.WEBSERVER.HOST) {
		65	return res.status(409)
		66	.send({ error: 'You cannot block your own server.' })
		67	.end()
		68	}
		69
		70	const server = await ServerModel.loadByHost(host)
		71	if (!server) {
		72	return res.status(404)
		73	.send({ error: 'Server host not found.' })
		74	.end()
		75	}
		76
		77	res.locals.server = server
		78
		79	return next()
		80	}
		81	]
		82
41	const unblockServerByAccountValidator = [	83	const unblockServerByAccountValidator = [
42	param('host').custom(isHostValid).withMessage('Should have an account name with host'),	84	param('host').custom(isHostValid).withMessage('Should have an account name with host'),
43		85
@@ -56,6 +98,7 @@ const unblockServerByAccountValidator = [
56	// ---------------------------------------------------------------------------	98	// ---------------------------------------------------------------------------
57		99
58	export {	100	export {
		101	blockServerByAccountValidator,
59	blockAccountByAccountValidator,	102	blockAccountByAccountValidator,
60	unblockAccountByAccountValidator,	103	unblockAccountByAccountValidator,
61	unblockServerByAccountValidator	104	unblockServerByAccountValidator