diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/activitypub.ts | 5 | ||||
-rw-r--r-- | server/middlewares/validators/videos/index.ts | 2 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-rates.ts | 55 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-shares.ts | 38 | ||||
-rw-r--r-- | server/middlewares/validators/videos/videos.ts | 40 |
5 files changed, 98 insertions, 42 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts index 1ec888477..01e5dd24e 100644 --- a/server/middlewares/activitypub.ts +++ b/server/middlewares/activitypub.ts | |||
@@ -53,7 +53,8 @@ function executeIfActivityPub (fun: RequestHandler | RequestHandler[]) { | |||
53 | 53 | ||
54 | export { | 54 | export { |
55 | checkSignature, | 55 | checkSignature, |
56 | executeIfActivityPub | 56 | executeIfActivityPub, |
57 | checkHttpSignature | ||
57 | } | 58 | } |
58 | 59 | ||
59 | // --------------------------------------------------------------------------- | 60 | // --------------------------------------------------------------------------- |
@@ -94,7 +95,7 @@ async function checkHttpSignature (req: Request, res: Response) { | |||
94 | async function checkJsonLDSignature (req: Request, res: Response) { | 95 | async function checkJsonLDSignature (req: Request, res: Response) { |
95 | const signatureObject: ActivityPubSignature = req.body.signature | 96 | const signatureObject: ActivityPubSignature = req.body.signature |
96 | 97 | ||
97 | if (!signatureObject.creator) { | 98 | if (!signatureObject || !signatureObject.creator) { |
98 | res.sendStatus(403) | 99 | res.sendStatus(403) |
99 | return false | 100 | return false |
100 | } | 101 | } |
diff --git a/server/middlewares/validators/videos/index.ts b/server/middlewares/validators/videos/index.ts index 294783d85..a0d585b93 100644 --- a/server/middlewares/validators/videos/index.ts +++ b/server/middlewares/validators/videos/index.ts | |||
@@ -5,4 +5,6 @@ export * from './video-channels' | |||
5 | export * from './video-comments' | 5 | export * from './video-comments' |
6 | export * from './video-imports' | 6 | export * from './video-imports' |
7 | export * from './video-watch' | 7 | export * from './video-watch' |
8 | export * from './video-rates' | ||
9 | export * from './video-shares' | ||
8 | export * from './videos' | 10 | export * from './videos' |
diff --git a/server/middlewares/validators/videos/video-rates.ts b/server/middlewares/validators/videos/video-rates.ts new file mode 100644 index 000000000..793354520 --- /dev/null +++ b/server/middlewares/validators/videos/video-rates.ts | |||
@@ -0,0 +1,55 @@ | |||
1 | import * as express from 'express' | ||
2 | import 'express-validator' | ||
3 | import { body, param } from 'express-validator/check' | ||
4 | import { isIdOrUUIDValid, isIdValid } from '../../../helpers/custom-validators/misc' | ||
5 | import { isVideoExist, isVideoRatingTypeValid } from '../../../helpers/custom-validators/videos' | ||
6 | import { logger } from '../../../helpers/logger' | ||
7 | import { areValidationErrors } from '../utils' | ||
8 | import { AccountVideoRateModel } from '../../../models/account/account-video-rate' | ||
9 | import { VideoRateType } from '../../../../shared/models/videos' | ||
10 | import { isAccountNameValid } from '../../../helpers/custom-validators/accounts' | ||
11 | |||
12 | const videoUpdateRateValidator = [ | ||
13 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | ||
14 | body('rating').custom(isVideoRatingTypeValid).withMessage('Should have a valid rate type'), | ||
15 | |||
16 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
17 | logger.debug('Checking videoRate parameters', { parameters: req.body }) | ||
18 | |||
19 | if (areValidationErrors(req, res)) return | ||
20 | if (!await isVideoExist(req.params.id, res)) return | ||
21 | |||
22 | return next() | ||
23 | } | ||
24 | ] | ||
25 | |||
26 | const getAccountVideoRateValidator = function (rateType: VideoRateType) { | ||
27 | return [ | ||
28 | param('name').custom(isAccountNameValid).withMessage('Should have a valid account name'), | ||
29 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | ||
30 | |||
31 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
32 | logger.debug('Checking videoCommentGetValidator parameters.', { parameters: req.params }) | ||
33 | |||
34 | if (areValidationErrors(req, res)) return | ||
35 | |||
36 | const rate = await AccountVideoRateModel.loadLocalAndPopulateVideo(rateType, req.params.name, req.params.videoId) | ||
37 | if (!rate) { | ||
38 | return res.status(404) | ||
39 | .json({ error: 'Video rate not found' }) | ||
40 | .end() | ||
41 | } | ||
42 | |||
43 | res.locals.accountVideoRate = rate | ||
44 | |||
45 | return next() | ||
46 | } | ||
47 | ] | ||
48 | } | ||
49 | |||
50 | // --------------------------------------------------------------------------- | ||
51 | |||
52 | export { | ||
53 | videoUpdateRateValidator, | ||
54 | getAccountVideoRateValidator | ||
55 | } | ||
diff --git a/server/middlewares/validators/videos/video-shares.ts b/server/middlewares/validators/videos/video-shares.ts new file mode 100644 index 000000000..646d7acb1 --- /dev/null +++ b/server/middlewares/validators/videos/video-shares.ts | |||
@@ -0,0 +1,38 @@ | |||
1 | import * as express from 'express' | ||
2 | import 'express-validator' | ||
3 | import { param } from 'express-validator/check' | ||
4 | import { isIdOrUUIDValid, isIdValid } from '../../../helpers/custom-validators/misc' | ||
5 | import { isVideoExist } from '../../../helpers/custom-validators/videos' | ||
6 | import { logger } from '../../../helpers/logger' | ||
7 | import { VideoShareModel } from '../../../models/video/video-share' | ||
8 | import { areValidationErrors } from '../utils' | ||
9 | import { VideoModel } from '../../../models/video/video' | ||
10 | |||
11 | const videosShareValidator = [ | ||
12 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | ||
13 | param('actorId').custom(isIdValid).not().isEmpty().withMessage('Should have a valid actor id'), | ||
14 | |||
15 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
16 | logger.debug('Checking videoShare parameters', { parameters: req.params }) | ||
17 | |||
18 | if (areValidationErrors(req, res)) return | ||
19 | if (!await isVideoExist(req.params.id, res)) return | ||
20 | |||
21 | const video: VideoModel = res.locals.video | ||
22 | |||
23 | const share = await VideoShareModel.load(req.params.actorId, video.id) | ||
24 | if (!share) { | ||
25 | return res.status(404) | ||
26 | .end() | ||
27 | } | ||
28 | |||
29 | res.locals.videoShare = share | ||
30 | return next() | ||
31 | } | ||
32 | ] | ||
33 | |||
34 | // --------------------------------------------------------------------------- | ||
35 | |||
36 | export { | ||
37 | videosShareValidator | ||
38 | } | ||
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts index 9dc52a134..656d161d8 100644 --- a/server/middlewares/validators/videos/videos.ts +++ b/server/middlewares/validators/videos/videos.ts | |||
@@ -26,14 +26,12 @@ import { | |||
26 | isVideoLicenceValid, | 26 | isVideoLicenceValid, |
27 | isVideoNameValid, | 27 | isVideoNameValid, |
28 | isVideoPrivacyValid, | 28 | isVideoPrivacyValid, |
29 | isVideoRatingTypeValid, | ||
30 | isVideoSupportValid, | 29 | isVideoSupportValid, |
31 | isVideoTagsValid | 30 | isVideoTagsValid |
32 | } from '../../../helpers/custom-validators/videos' | 31 | } from '../../../helpers/custom-validators/videos' |
33 | import { getDurationFromVideoFile } from '../../../helpers/ffmpeg-utils' | 32 | import { getDurationFromVideoFile } from '../../../helpers/ffmpeg-utils' |
34 | import { logger } from '../../../helpers/logger' | 33 | import { logger } from '../../../helpers/logger' |
35 | import { CONSTRAINTS_FIELDS } from '../../../initializers' | 34 | import { CONSTRAINTS_FIELDS } from '../../../initializers' |
36 | import { VideoShareModel } from '../../../models/video/video-share' | ||
37 | import { authenticate } from '../../oauth' | 35 | import { authenticate } from '../../oauth' |
38 | import { areValidationErrors } from '../utils' | 36 | import { areValidationErrors } from '../utils' |
39 | import { cleanUpReqFiles } from '../../../helpers/express-utils' | 37 | import { cleanUpReqFiles } from '../../../helpers/express-utils' |
@@ -188,41 +186,6 @@ const videosRemoveValidator = [ | |||
188 | } | 186 | } |
189 | ] | 187 | ] |
190 | 188 | ||
191 | const videoRateValidator = [ | ||
192 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | ||
193 | body('rating').custom(isVideoRatingTypeValid).withMessage('Should have a valid rate type'), | ||
194 | |||
195 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
196 | logger.debug('Checking videoRate parameters', { parameters: req.body }) | ||
197 | |||
198 | if (areValidationErrors(req, res)) return | ||
199 | if (!await isVideoExist(req.params.id, res)) return | ||
200 | |||
201 | return next() | ||
202 | } | ||
203 | ] | ||
204 | |||
205 | const videosShareValidator = [ | ||
206 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | ||
207 | param('accountId').custom(isIdValid).not().isEmpty().withMessage('Should have a valid account id'), | ||
208 | |||
209 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
210 | logger.debug('Checking videoShare parameters', { parameters: req.params }) | ||
211 | |||
212 | if (areValidationErrors(req, res)) return | ||
213 | if (!await isVideoExist(req.params.id, res)) return | ||
214 | |||
215 | const share = await VideoShareModel.load(req.params.accountId, res.locals.video.id, undefined) | ||
216 | if (!share) { | ||
217 | return res.status(404) | ||
218 | .end() | ||
219 | } | ||
220 | |||
221 | res.locals.videoShare = share | ||
222 | return next() | ||
223 | } | ||
224 | ] | ||
225 | |||
226 | const videosChangeOwnershipValidator = [ | 189 | const videosChangeOwnershipValidator = [ |
227 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | 190 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
228 | 191 | ||
@@ -415,9 +378,6 @@ export { | |||
415 | videosGetValidator, | 378 | videosGetValidator, |
416 | videosCustomGetValidator, | 379 | videosCustomGetValidator, |
417 | videosRemoveValidator, | 380 | videosRemoveValidator, |
418 | videosShareValidator, | ||
419 | |||
420 | videoRateValidator, | ||
421 | 381 | ||
422 | videosChangeOwnershipValidator, | 382 | videosChangeOwnershipValidator, |
423 | videosTerminateChangeOwnershipValidator, | 383 | videosTerminateChangeOwnershipValidator, |