aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/validators/video-captions.ts70
-rw-r--r--server/middlewares/validators/videos.ts36
2 files changed, 76 insertions, 30 deletions
diff --git a/server/middlewares/validators/video-captions.ts b/server/middlewares/validators/video-captions.ts
new file mode 100644
index 000000000..b6d92d380
--- /dev/null
+++ b/server/middlewares/validators/video-captions.ts
@@ -0,0 +1,70 @@
1import * as express from 'express'
2import { areValidationErrors } from './utils'
3import { checkUserCanManageVideo, isVideoExist } from '../../helpers/custom-validators/videos'
4import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc'
5import { body, param } from 'express-validator/check'
6import { CONSTRAINTS_FIELDS } from '../../initializers'
7import { UserRight } from '../../../shared'
8import { logger } from '../../helpers/logger'
9import { isVideoCaptionExist, isVideoCaptionFile, isVideoCaptionLanguageValid } from '../../helpers/custom-validators/video-captions'
10
11const addVideoCaptionValidator = [
12 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid video id'),
13 param('captionLanguage').custom(isVideoCaptionLanguageValid).not().isEmpty().withMessage('Should have a valid caption language'),
14 body('captionfile')
15 .custom((value, { req }) => isVideoCaptionFile(req.files, 'captionfile')).withMessage(
16 'This caption file is not supported or too large. Please, make sure it is of the following type : '
17 + CONSTRAINTS_FIELDS.VIDEO_CAPTIONS.CAPTION_FILE.EXTNAME.join(', ')
18 ),
19
20 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
21 logger.debug('Checking addVideoCaption parameters', { parameters: req.body })
22
23 if (areValidationErrors(req, res)) return
24 if (!await isVideoExist(req.params.videoId, res)) return
25
26 // Check if the user who did the request is able to update the video
27 const user = res.locals.oauth.token.User
28 if (!checkUserCanManageVideo(user, res.locals.video, UserRight.UPDATE_ANY_VIDEO, res)) return
29
30 return next()
31 }
32]
33
34const deleteVideoCaptionValidator = [
35 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid video id'),
36 param('captionLanguage').custom(isVideoCaptionLanguageValid).not().isEmpty().withMessage('Should have a valid caption language'),
37
38 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
39 logger.debug('Checking deleteVideoCaption parameters', { parameters: req.params })
40
41 if (areValidationErrors(req, res)) return
42 if (!await isVideoExist(req.params.videoId, res)) return
43 if (!await isVideoCaptionExist(res.locals.video, req.params.captionLanguage, res)) return
44
45 // Check if the user who did the request is able to update the video
46 const user = res.locals.oauth.token.User
47 if (!checkUserCanManageVideo(user, res.locals.video, UserRight.UPDATE_ANY_VIDEO, res)) return
48
49 return next()
50 }
51]
52
53const listVideoCaptionsValidator = [
54 param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid video id'),
55
56 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
57 logger.debug('Checking listVideoCaptions parameters', { parameters: req.params })
58
59 if (areValidationErrors(req, res)) return
60 if (!await isVideoExist(req.params.videoId, res)) return
61
62 return next()
63 }
64]
65
66export {
67 addVideoCaptionValidator,
68 listVideoCaptionsValidator,
69 deleteVideoCaptionValidator
70}
diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts
index 59d65d5a4..899def6fc 100644
--- a/server/middlewares/validators/videos.ts
+++ b/server/middlewares/validators/videos.ts
@@ -12,6 +12,7 @@ import {
12 toValueOrNull 12 toValueOrNull
13} from '../../helpers/custom-validators/misc' 13} from '../../helpers/custom-validators/misc'
14import { 14import {
15 checkUserCanManageVideo,
15 isScheduleVideoUpdatePrivacyValid, 16 isScheduleVideoUpdatePrivacyValid,
16 isVideoAbuseReasonValid, 17 isVideoAbuseReasonValid,
17 isVideoCategoryValid, 18 isVideoCategoryValid,
@@ -31,8 +32,6 @@ import {
31import { getDurationFromVideoFile } from '../../helpers/ffmpeg-utils' 32import { getDurationFromVideoFile } from '../../helpers/ffmpeg-utils'
32import { logger } from '../../helpers/logger' 33import { logger } from '../../helpers/logger'
33import { CONSTRAINTS_FIELDS } from '../../initializers' 34import { CONSTRAINTS_FIELDS } from '../../initializers'
34import { UserModel } from '../../models/account/user'
35import { VideoModel } from '../../models/video/video'
36import { VideoShareModel } from '../../models/video/video-share' 35import { VideoShareModel } from '../../models/video/video-share'
37import { authenticate } from '../oauth' 36import { authenticate } from '../oauth'
38import { areValidationErrors } from './utils' 37import { areValidationErrors } from './utils'
@@ -40,17 +39,17 @@ import { areValidationErrors } from './utils'
40const videosAddValidator = [ 39const videosAddValidator = [
41 body('videofile') 40 body('videofile')
42 .custom((value, { req }) => isVideoFile(req.files)).withMessage( 41 .custom((value, { req }) => isVideoFile(req.files)).withMessage(
43 'This file is not supported or too large. Please, make sure it is of the following type : ' 42 'This file is not supported or too large. Please, make sure it is of the following type: '
44 + CONSTRAINTS_FIELDS.VIDEOS.EXTNAME.join(', ') 43 + CONSTRAINTS_FIELDS.VIDEOS.EXTNAME.join(', ')
45 ), 44 ),
46 body('thumbnailfile') 45 body('thumbnailfile')
47 .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage( 46 .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage(
48 'This thumbnail file is not supported or too large. Please, make sure it is of the following type : ' 47 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: '
49 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') 48 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ')
50 ), 49 ),
51 body('previewfile') 50 body('previewfile')
52 .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage( 51 .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage(
53 'This preview file is not supported or too large. Please, make sure it is of the following type : ' 52 'This preview file is not supported or too large. Please, make sure it is of the following type: '
54 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') 53 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ')
55 ), 54 ),
56 body('name').custom(isVideoNameValid).withMessage('Should have a valid name'), 55 body('name').custom(isVideoNameValid).withMessage('Should have a valid name'),
@@ -152,12 +151,12 @@ const videosUpdateValidator = [
152 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), 151 param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
153 body('thumbnailfile') 152 body('thumbnailfile')
154 .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage( 153 .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage(
155 'This thumbnail file is not supported or too large. Please, make sure it is of the following type : ' 154 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: '
156 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') 155 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ')
157 ), 156 ),
158 body('previewfile') 157 body('previewfile')
159 .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage( 158 .custom((value, { req }) => isVideoImage(req.files, 'previewfile')).withMessage(
160 'This preview file is not supported or too large. Please, make sure it is of the following type : ' 159 'This preview file is not supported or too large. Please, make sure it is of the following type: '
161 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ') 160 + CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME.join(', ')
162 ), 161 ),
163 body('name') 162 body('name')
@@ -373,29 +372,6 @@ export {
373 372
374// --------------------------------------------------------------------------- 373// ---------------------------------------------------------------------------
375 374
376function checkUserCanManageVideo (user: UserModel, video: VideoModel, right: UserRight, res: express.Response) {
377 // Retrieve the user who did the request
378 if (video.isOwned() === false) {
379 res.status(403)
380 .json({ error: 'Cannot manage a video of another server.' })
381 .end()
382 return false
383 }
384
385 // Check if the user can delete the video
386 // The user can delete it if he has the right
387 // Or if s/he is the video's account
388 const account = video.VideoChannel.Account
389 if (user.hasRight(right) === false && account.userId !== user.id) {
390 res.status(403)
391 .json({ error: 'Cannot manage a video of another user.' })
392 .end()
393 return false
394 }
395
396 return true
397}
398
399function areErrorsInVideoImageFiles (req: express.Request, res: express.Response) { 375function areErrorsInVideoImageFiles (req: express.Request, res: express.Response) {
400 // Files are optional 376 // Files are optional
401 if (!req.files) return false 377 if (!req.files) return false