diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/validators/video-channels.ts | 20 | ||||
-rw-r--r-- | server/middlewares/validators/videos.ts | 14 |
2 files changed, 17 insertions, 17 deletions
diff --git a/server/middlewares/validators/video-channels.ts b/server/middlewares/validators/video-channels.ts index 7d611728b..53416a857 100644 --- a/server/middlewares/validators/video-channels.ts +++ b/server/middlewares/validators/video-channels.ts | |||
@@ -9,19 +9,19 @@ import { | |||
9 | isVideoChannelDescriptionValid, | 9 | isVideoChannelDescriptionValid, |
10 | isVideoChannelNameValid, | 10 | isVideoChannelNameValid, |
11 | checkVideoChannelExists, | 11 | checkVideoChannelExists, |
12 | checkVideoAuthorExists | 12 | checkVideoAccountExists |
13 | } from '../../helpers' | 13 | } from '../../helpers' |
14 | import { UserInstance } from '../../models' | 14 | import { UserInstance } from '../../models' |
15 | import { UserRight } from '../../../shared' | 15 | import { UserRight } from '../../../shared' |
16 | 16 | ||
17 | const listVideoAuthorChannelsValidator = [ | 17 | const listVideoAccountChannelsValidator = [ |
18 | param('authorId').custom(isIdOrUUIDValid).withMessage('Should have a valid author id'), | 18 | param('accountId').custom(isIdOrUUIDValid).withMessage('Should have a valid account id'), |
19 | 19 | ||
20 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 20 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
21 | logger.debug('Checking listVideoAuthorChannelsValidator parameters', { parameters: req.body }) | 21 | logger.debug('Checking listVideoAccountChannelsValidator parameters', { parameters: req.body }) |
22 | 22 | ||
23 | checkErrors(req, res, () => { | 23 | checkErrors(req, res, () => { |
24 | checkVideoAuthorExists(req.params.authorId, res, next) | 24 | checkVideoAccountExists(req.params.accountId, res, next) |
25 | }) | 25 | }) |
26 | } | 26 | } |
27 | ] | 27 | ] |
@@ -54,7 +54,7 @@ const videoChannelsUpdateValidator = [ | |||
54 | .end() | 54 | .end() |
55 | } | 55 | } |
56 | 56 | ||
57 | if (res.locals.videoChannel.Author.userId !== res.locals.oauth.token.User.id) { | 57 | if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) { |
58 | return res.status(403) | 58 | return res.status(403) |
59 | .json({ error: 'Cannot update video channel of another user' }) | 59 | .json({ error: 'Cannot update video channel of another user' }) |
60 | .end() | 60 | .end() |
@@ -98,7 +98,7 @@ const videoChannelGetValidator = [ | |||
98 | // --------------------------------------------------------------------------- | 98 | // --------------------------------------------------------------------------- |
99 | 99 | ||
100 | export { | 100 | export { |
101 | listVideoAuthorChannelsValidator, | 101 | listVideoAccountChannelsValidator, |
102 | videoChannelsAddValidator, | 102 | videoChannelsAddValidator, |
103 | videoChannelsUpdateValidator, | 103 | videoChannelsUpdateValidator, |
104 | videoChannelsRemoveValidator, | 104 | videoChannelsRemoveValidator, |
@@ -119,8 +119,8 @@ function checkUserCanDeleteVideoChannel (res: express.Response, callback: () => | |||
119 | 119 | ||
120 | // Check if the user can delete the video channel | 120 | // Check if the user can delete the video channel |
121 | // The user can delete it if s/he is an admin | 121 | // The user can delete it if s/he is an admin |
122 | // Or if s/he is the video channel's author | 122 | // Or if s/he is the video channel's account |
123 | if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && res.locals.videoChannel.Author.userId !== user.id) { | 123 | if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && res.locals.videoChannel.Account.userId !== user.id) { |
124 | return res.status(403) | 124 | return res.status(403) |
125 | .json({ error: 'Cannot remove video channel of another user' }) | 125 | .json({ error: 'Cannot remove video channel of another user' }) |
126 | .end() | 126 | .end() |
@@ -131,7 +131,7 @@ function checkUserCanDeleteVideoChannel (res: express.Response, callback: () => | |||
131 | } | 131 | } |
132 | 132 | ||
133 | function checkVideoChannelIsNotTheLastOne (res: express.Response, callback: () => void) { | 133 | function checkVideoChannelIsNotTheLastOne (res: express.Response, callback: () => void) { |
134 | db.VideoChannel.countByAuthor(res.locals.oauth.token.User.Author.id) | 134 | db.VideoChannel.countByAccount(res.locals.oauth.token.User.Account.id) |
135 | .then(count => { | 135 | .then(count => { |
136 | if (count <= 1) { | 136 | if (count <= 1) { |
137 | return res.status(409) | 137 | return res.status(409) |
diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts index 15b4629c1..10b426df3 100644 --- a/server/middlewares/validators/videos.ts +++ b/server/middlewares/validators/videos.ts | |||
@@ -48,11 +48,11 @@ const videosAddValidator = [ | |||
48 | const videoFile: Express.Multer.File = req.files['videofile'][0] | 48 | const videoFile: Express.Multer.File = req.files['videofile'][0] |
49 | const user = res.locals.oauth.token.User | 49 | const user = res.locals.oauth.token.User |
50 | 50 | ||
51 | return db.VideoChannel.loadByIdAndAuthor(req.body.channelId, user.Author.id) | 51 | return db.VideoChannel.loadByIdAndAccount(req.body.channelId, user.Account.id) |
52 | .then(videoChannel => { | 52 | .then(videoChannel => { |
53 | if (!videoChannel) { | 53 | if (!videoChannel) { |
54 | res.status(400) | 54 | res.status(400) |
55 | .json({ error: 'Unknown video video channel for this author.' }) | 55 | .json({ error: 'Unknown video video channel for this account.' }) |
56 | .end() | 56 | .end() |
57 | 57 | ||
58 | return undefined | 58 | return undefined |
@@ -131,7 +131,7 @@ const videosUpdateValidator = [ | |||
131 | .end() | 131 | .end() |
132 | } | 132 | } |
133 | 133 | ||
134 | if (video.VideoChannel.Author.userId !== res.locals.oauth.token.User.id) { | 134 | if (video.VideoChannel.Account.userId !== res.locals.oauth.token.User.id) { |
135 | return res.status(403) | 135 | return res.status(403) |
136 | .json({ error: 'Cannot update video of another user' }) | 136 | .json({ error: 'Cannot update video of another user' }) |
137 | .end() | 137 | .end() |
@@ -163,7 +163,7 @@ const videosGetValidator = [ | |||
163 | if (video.privacy !== VideoPrivacy.PRIVATE) return next() | 163 | if (video.privacy !== VideoPrivacy.PRIVATE) return next() |
164 | 164 | ||
165 | authenticate(req, res, () => { | 165 | authenticate(req, res, () => { |
166 | if (video.VideoChannel.Author.userId !== res.locals.oauth.token.User.id) { | 166 | if (video.VideoChannel.Account.userId !== res.locals.oauth.token.User.id) { |
167 | return res.status(403) | 167 | return res.status(403) |
168 | .json({ error: 'Cannot get this private video of another user' }) | 168 | .json({ error: 'Cannot get this private video of another user' }) |
169 | .end() | 169 | .end() |
@@ -256,10 +256,10 @@ function checkUserCanDeleteVideo (userId: number, res: express.Response, callbac | |||
256 | 256 | ||
257 | // Check if the user can delete the video | 257 | // Check if the user can delete the video |
258 | // The user can delete it if s/he is an admin | 258 | // The user can delete it if s/he is an admin |
259 | // Or if s/he is the video's author | 259 | // Or if s/he is the video's account |
260 | const author = res.locals.video.VideoChannel.Author | 260 | const account = res.locals.video.VideoChannel.Account |
261 | const user = res.locals.oauth.token.User | 261 | const user = res.locals.oauth.token.User |
262 | if (user.hasRight(UserRight.REMOVE_ANY_VIDEO) === false && author.userId !== user.id) { | 262 | if (user.hasRight(UserRight.REMOVE_ANY_VIDEO) === false && account.userId !== user.id) { |
263 | return res.status(403) | 263 | return res.status(403) |
264 | .json({ error: 'Cannot remove video of another user' }) | 264 | .json({ error: 'Cannot remove video of another user' }) |
265 | .end() | 265 | .end() |