15 files changed, 73 insertions, 66 deletions
diff --git a/server/middlewares/oauth.ts b/server/middlewares/auth.ts
index 280595acc..f38373624 100644
--- a/server/middlewares/oauth.ts
+++ b/server/middlewares/auth.ts
@@ -1,15 +1,19 @@
 import * as express from 'express'
 import { Socket } from 'socket.io'
-import { oAuthServer } from '@server/lib/auth'
+import { getAccessToken } from '@server/lib/auth/oauth-model'
-import { logger } from '../helpers/logger'
-import { getAccessToken } from '../lib/oauth-model'
 import { HttpStatusCode } from '../../shared/core-utils/miscs/http-error-codes'
+import { logger } from '../helpers/logger'
+import { handleOAuthAuthenticate } from '../lib/auth/oauth'
 function authenticate (req: express.Request, res: express.Response, next: express.NextFunction, authenticateInQuery = false) {
-  const options = authenticateInQuery ? { allowBearerTokensInQueryString: true } : {}
+  handleOAuthAuthenticate(req, res, authenticateInQuery)
+    .then((token: any) => {
+      res.locals.oauth = { token }
+      res.locals.authenticated = true
-  oAuthServer.authenticate(options)(req, res, err => {
+      return next()
-    if (err) {
+    })
+    .catch(err => {
      logger.warn('Cannot authenticate.', { err })
      return res.status(err.status)
@@ -17,13 +21,7 @@ function authenticate (req: express.Request, res: express.Response, next: expres
          error: 'Token is invalid.',
          code: err.name
        })
-        .end()
+    })
-    }
-    res.locals.authenticated = true
-    return next()
-  })
 }
 function authenticateSocket (socket: Socket, next: (err?: any) => void) {
diff --git a/server/middlewares/index.ts b/server/middlewares/index.ts
index b758a8586..3e280e16f 100644
--- a/server/middlewares/index.ts
+++ b/server/middlewares/index.ts
@@ -1,7 +1,7 @@
 export * from './validators'
 export * from './activitypub'
 export * from './async'
-export * from './oauth'
+export * from './auth'
 export * from './pagination'
 export * from './servers'
 export * from './sort'
diff --git a/server/middlewares/validators/activitypub/signature.ts b/server/middlewares/validators/activitypub/signature.ts
index 02b191480..7c4e49463 100644
--- a/server/middlewares/validators/activitypub/signature.ts
+++ b/server/middlewares/validators/activitypub/signature.ts
@@ -23,7 +23,7 @@ const signatureValidator = [
    .custom(isSignatureValueValid).withMessage('Should have a valid signature value'),
  (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    logger.debug('Checking activitypub signature parameter', { parameters: { signature: req.body.signature } })
+    logger.debug('Checking Linked Data Signature parameter', { parameters: { signature: req.body.signature } })
    if (areValidationErrors(req, res)) return
diff --git a/server/middlewares/validators/actor-image.ts b/server/middlewares/validators/actor-image.ts
new file mode 100644
index 000000000..961d7a7e5
--- /dev/null
+++ b/server/middlewares/validators/actor-image.ts
@@ -0,0 +1,30 @@
+import * as express from 'express'
+import { body } from 'express-validator'
+import { isActorImageFile } from '@server/helpers/custom-validators/actor-images'
+import { cleanUpReqFiles } from '../../helpers/express-utils'
+import { logger } from '../../helpers/logger'
+import { CONSTRAINTS_FIELDS } from '../../initializers/constants'
+import { areValidationErrors } from './utils'
+const updateActorImageValidatorFactory = (fieldname: string) => ([
+  body(fieldname).custom((value, { req }) => isActorImageFile(req.files, fieldname)).withMessage(
+    'This file is not supported or too large. Please, make sure it is of the following type : ' +
+    CONSTRAINTS_FIELDS.ACTORS.IMAGE.EXTNAME.join(', ')
+  ),
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking updateActorImageValidator parameters', { files: req.files })
+    if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
+    return next()
+  }
+])
+const updateAvatarValidator = updateActorImageValidatorFactory('avatarfile')
+const updateBannerValidator = updateActorImageValidatorFactory('bannerfile')
+export {
+  updateAvatarValidator,
+  updateBannerValidator
+}
diff --git a/server/middlewares/validators/avatar.ts b/server/middlewares/validators/avatar.ts
deleted file mode 100644
index 2acb97483..000000000
--- a/server/middlewares/validators/avatar.ts
+++ /dev/null
@@ -1,26 +0,0 @@
-import * as express from 'express'
-import { body } from 'express-validator'
-import { isAvatarFile } from '../../helpers/custom-validators/users'
-import { areValidationErrors } from './utils'
-import { CONSTRAINTS_FIELDS } from '../../initializers/constants'
-import { logger } from '../../helpers/logger'
-import { cleanUpReqFiles } from '../../helpers/express-utils'
-const updateAvatarValidator = [
-  body('avatarfile').custom((value, { req }) => isAvatarFile(req.files)).withMessage(
-    'This file is not supported or too large. Please, make sure it is of the following type : ' +
-    CONSTRAINTS_FIELDS.ACTORS.AVATAR.EXTNAME.join(', ')
-  ),
-  (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    logger.debug('Checking updateAvatarValidator parameters', { files: req.files })
-    if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
-    return next()
-  }
-]
-export {
-  updateAvatarValidator
-}
diff --git a/server/middlewares/validators/follows.ts b/server/middlewares/validators/follows.ts
index a590aca99..bb849dc72 100644
--- a/server/middlewares/validators/follows.ts
+++ b/server/middlewares/validators/follows.ts
@@ -68,7 +68,6 @@ const removeFollowingValidator = [
        .json({
          error: `Following ${req.params.host} not found.`
        })
-        .end()
    }
    res.locals.follow = follow
diff --git a/server/middlewares/validators/index.ts b/server/middlewares/validators/index.ts
index 4086d77aa..24faeea3e 100644
--- a/server/middlewares/validators/index.ts
+++ b/server/middlewares/validators/index.ts
@@ -1,5 +1,6 @@
 export * from './abuse'
 export * from './account'
+export * from './actor-image'
 export * from './blocklist'
 export * from './oembed'
 export * from './activitypub'
diff --git a/server/middlewares/validators/jobs.ts b/server/middlewares/validators/jobs.ts
index 99ef25e0a..d87b28c06 100644
--- a/server/middlewares/validators/jobs.ts
+++ b/server/middlewares/validators/jobs.ts
@@ -1,9 +1,11 @@
 import * as express from 'express'
 import { param, query } from 'express-validator'
 import { isValidJobState, isValidJobType } from '../../helpers/custom-validators/jobs'
-import { logger } from '../../helpers/logger'
+import { logger, loggerTagsFactory } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
+const lTags = loggerTagsFactory('validators', 'jobs')
 const listJobsValidator = [
  param('state')
  .optional()
@@ -14,7 +16,7 @@ const listJobsValidator = [
    .custom(isValidJobType).withMessage('Should have a valid job state'),
  (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    logger.debug('Checking listJobsValidator parameters.', { parameters: req.params })
+    logger.debug('Checking listJobsValidator parameters.', { parameters: req.params, ...lTags() })
    if (areValidationErrors(req, res)) return
diff --git a/server/middlewares/validators/pagination.ts b/server/middlewares/validators/pagination.ts
index 1cae7848c..6b0a83d80 100644
--- a/server/middlewares/validators/pagination.ts
+++ b/server/middlewares/validators/pagination.ts
@@ -4,25 +4,30 @@ import { logger } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
 import { PAGINATION } from '@server/initializers/constants'
-const paginationValidator = [
+const paginationValidator = paginationValidatorBuilder()
-  query('start')
-    .optional()
-    .isInt({ min: 0 }).withMessage('Should have a number start'),
-  query('count')
-    .optional()
-    .isInt({ min: 0, max: PAGINATION.GLOBAL.COUNT.MAX }).withMessage(`Should have a number count (max: ${PAGINATION.GLOBAL.COUNT.MAX})`),
-  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+function paginationValidatorBuilder (tags: string[] = []) {
-    logger.debug('Checking pagination parameters', { parameters: req.query })
+  return [
+    query('start')
+      .optional()
+      .isInt({ min: 0 }).withMessage('Should have a number start'),
+    query('count')
+      .optional()
+      .isInt({ min: 0, max: PAGINATION.GLOBAL.COUNT.MAX }).withMessage(`Should have a number count (max: ${PAGINATION.GLOBAL.COUNT.MAX})`),
-    if (areValidationErrors(req, res)) return
+    (req: express.Request, res: express.Response, next: express.NextFunction) => {
+      logger.debug('Checking pagination parameters', { parameters: req.query, tags })
-    return next()
+      if (areValidationErrors(req, res)) return
-  }
-]
+      return next()
+    }
+  ]
+}
 // ---------------------------------------------------------------------------
 export {
-  paginationValidator
+  paginationValidator,
+  paginationValidatorBuilder
 }
diff --git a/server/middlewares/validators/sort.ts b/server/middlewares/validators/sort.ts
index e93ceb200..beecc155b 100644
--- a/server/middlewares/validators/sort.ts
+++ b/server/middlewares/validators/sort.ts
@@ -28,7 +28,7 @@ const SORTABLE_VIDEO_REDUNDANCIES_COLUMNS = createSortableColumns(SORTABLE_COLUM
 const usersSortValidator = checkSort(SORTABLE_USERS_COLUMNS)
 const accountsSortValidator = checkSort(SORTABLE_ACCOUNTS_COLUMNS)
-const jobsSortValidator = checkSort(SORTABLE_JOBS_COLUMNS)
+const jobsSortValidator = checkSort(SORTABLE_JOBS_COLUMNS, [ 'jobs' ])
 const abusesSortValidator = checkSort(SORTABLE_ABUSES_COLUMNS)
 const videosSortValidator = checkSort(SORTABLE_VIDEOS_COLUMNS)
 const videoImportsSortValidator = checkSort(SORTABLE_VIDEO_IMPORTS_COLUMNS)
diff --git a/server/middlewares/validators/utils.ts b/server/middlewares/validators/utils.ts
index 2899bed6f..4167f6d43 100644
--- a/server/middlewares/validators/utils.ts
+++ b/server/middlewares/validators/utils.ts
@@ -17,12 +17,12 @@ function areValidationErrors (req: express.Request, res: express.Response) {
  return false
 }
-function checkSort (sortableColumns: string[]) {
+function checkSort (sortableColumns: string[], tags: string[] = []) {
  return [
    query('sort').optional().isIn(sortableColumns).withMessage('Should have correct sortable column'),
    (req: express.Request, res: express.Response, next: express.NextFunction) => {
-      logger.debug('Checking sort parameters', { parameters: req.query })
+      logger.debug('Checking sort parameters', { parameters: req.query, tags })
      if (areValidationErrors(req, res)) return
diff --git a/server/middlewares/validators/videos/video-channels.ts b/server/middlewares/validators/videos/video-channels.ts
index 57ac548b9..2463d281c 100644
--- a/server/middlewares/validators/videos/video-channels.ts
+++ b/server/middlewares/validators/videos/video-channels.ts
@@ -73,13 +73,11 @@ const videoChannelsUpdateValidator = [
    if (res.locals.videoChannel.Actor.isOwned() === false) {
      return res.status(HttpStatusCode.FORBIDDEN_403)
        .json({ error: 'Cannot update video channel of another server' })
-        .end()
    }
    if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) {
      return res.status(HttpStatusCode.FORBIDDEN_403)
        .json({ error: 'Cannot update video channel of another user' })
-        .end()
    }
    return next()
diff --git a/server/middlewares/validators/videos/video-comments.ts b/server/middlewares/validators/videos/video-comments.ts
index 226c9d436..1afacfed8 100644
--- a/server/middlewares/validators/videos/video-comments.ts
+++ b/server/middlewares/validators/videos/video-comments.ts
@@ -216,7 +216,7 @@ async function isVideoCommentAccepted (req: express.Request, res: express.Respon
  if (!acceptedResult || acceptedResult.accepted !== true) {
    logger.info('Refused local comment.', { acceptedResult, acceptParameters })
    res.status(HttpStatusCode.FORBIDDEN_403)
-       .json({ error: acceptedResult.errorMessage || 'Refused local comment' })
+       .json({ error: acceptedResult?.errorMessage || 'Refused local comment' })
    return false
  }
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts
index 0fba4f5fd..c872d045e 100644
--- a/server/middlewares/validators/videos/video-playlists.ts
+++ b/server/middlewares/validators/videos/video-playlists.ts
@@ -29,7 +29,7 @@ import { doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist, VideoP
 import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
 import { VideoPlaylistElementModel } from '../../../models/video/video-playlist-element'
 import { MVideoPlaylist } from '../../../types/models/video/video-playlist'
-import { authenticatePromiseIfNeeded } from '../../oauth'
+import { authenticatePromiseIfNeeded } from '../../auth'
 import { areValidationErrors } from '../utils'
 const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index 37cc07b94..4d31d3dcb 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -54,7 +54,7 @@ import { isLocalVideoAccepted } from '../../../lib/moderation'
 import { Hooks } from '../../../lib/plugins/hooks'
 import { AccountModel } from '../../../models/account/account'
 import { VideoModel } from '../../../models/video/video'
-import { authenticatePromiseIfNeeded } from '../../oauth'
+import { authenticatePromiseIfNeeded } from '../../auth'
 import { areValidationErrors } from '../utils'
 const videosAddValidator = getCommonVideoEditAttributes().concat([

diff --git a/server/middlewares/oauth.ts b/server/middlewares/auth.ts index 280595acc..f38373624 100644 --- a/server/middlewares/oauth.ts +++ b/server/middlewares/auth.ts
@@ -1,15 +1,19 @@
1	import * as express from 'express'	1	import * as express from 'express'
2	import { Socket } from 'socket.io'	2	import { Socket } from 'socket.io'
3	import { oAuthServer } from '@server/lib/auth'	3	import { getAccessToken } from '@server/lib/auth/oauth-model'
4	import { logger } from '../helpers/logger'
5	import { getAccessToken } from '../lib/oauth-model'
6	import { HttpStatusCode } from '../../shared/core-utils/miscs/http-error-codes'	4	import { HttpStatusCode } from '../../shared/core-utils/miscs/http-error-codes'
		5	import { logger } from '../helpers/logger'
		6	import { handleOAuthAuthenticate } from '../lib/auth/oauth'
7		7
8	function authenticate (req: express.Request, res: express.Response, next: express.NextFunction, authenticateInQuery = false) {	8	function authenticate (req: express.Request, res: express.Response, next: express.NextFunction, authenticateInQuery = false) {
9	const options = authenticateInQuery ? { allowBearerTokensInQueryString: true } : {}	9	handleOAuthAuthenticate(req, res, authenticateInQuery)
		10	.then((token: any) => {
		11	res.locals.oauth = { token }
		12	res.locals.authenticated = true
10		13
11	oAuthServer.authenticate(options)(req, res, err => {	14	return next()
12	if (err) {	15	})
		16	.catch(err => {
13	logger.warn('Cannot authenticate.', { err })	17	logger.warn('Cannot authenticate.', { err })
14		18
15	return res.status(err.status)	19	return res.status(err.status)
@@ -17,13 +21,7 @@ function authenticate (req: express.Request, res: express.Response, next: expres
17	error: 'Token is invalid.',	21	error: 'Token is invalid.',
18	code: err.name	22	code: err.name
19	})	23	})
20	.end()	24	})
21	}
22
23	res.locals.authenticated = true
24
25	return next()
26	})
27	}	25	}
28		26
29	function authenticateSocket (socket: Socket, next: (err?: any) => void) {	27	function authenticateSocket (socket: Socket, next: (err?: any) => void) {


diff --git a/server/middlewares/index.ts b/server/middlewares/index.ts index b758a8586..3e280e16f 100644 --- a/server/middlewares/index.ts +++ b/server/middlewares/index.ts
@@ -1,7 +1,7 @@
1	export * from './validators'	1	export * from './validators'
2	export * from './activitypub'	2	export * from './activitypub'
3	export * from './async'	3	export * from './async'
4	export * from './oauth'	4	export * from './auth'
5	export * from './pagination'	5	export * from './pagination'
6	export * from './servers'	6	export * from './servers'
7	export * from './sort'	7	export * from './sort'


diff --git a/server/middlewares/validators/activitypub/signature.ts b/server/middlewares/validators/activitypub/signature.ts index 02b191480..7c4e49463 100644 --- a/server/middlewares/validators/activitypub/signature.ts +++ b/server/middlewares/validators/activitypub/signature.ts
@@ -23,7 +23,7 @@ const signatureValidator = [
23	.custom(isSignatureValueValid).withMessage('Should have a valid signature value'),	23	.custom(isSignatureValueValid).withMessage('Should have a valid signature value'),
24		24
25	(req: express.Request, res: express.Response, next: express.NextFunction) => {	25	(req: express.Request, res: express.Response, next: express.NextFunction) => {
26	logger.debug('Checking activitypub signature parameter', { parameters: { signature: req.body.signature } })	26	logger.debug('Checking Linked Data Signature parameter', { parameters: { signature: req.body.signature } })
27		27
28	if (areValidationErrors(req, res)) return	28	if (areValidationErrors(req, res)) return
29		29


diff --git a/server/middlewares/validators/actor-image.ts b/server/middlewares/validators/actor-image.ts new file mode 100644 index 000000000..961d7a7e5 --- /dev/null +++ b/server/middlewares/validators/actor-image.ts
@@ -0,0 +1,30 @@
		1	import * as express from 'express'
		2	import { body } from 'express-validator'
		3	import { isActorImageFile } from '@server/helpers/custom-validators/actor-images'
		4	import { cleanUpReqFiles } from '../../helpers/express-utils'
		5	import { logger } from '../../helpers/logger'
		6	import { CONSTRAINTS_FIELDS } from '../../initializers/constants'
		7	import { areValidationErrors } from './utils'
		8
		9	const updateActorImageValidatorFactory = (fieldname: string) => ([
		10	body(fieldname).custom((value, { req }) => isActorImageFile(req.files, fieldname)).withMessage(
		11	'This file is not supported or too large. Please, make sure it is of the following type : ' +
		12	CONSTRAINTS_FIELDS.ACTORS.IMAGE.EXTNAME.join(', ')
		13	),
		14
		15	(req: express.Request, res: express.Response, next: express.NextFunction) => {
		16	logger.debug('Checking updateActorImageValidator parameters', { files: req.files })
		17
		18	if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
		19
		20	return next()
		21	}
		22	])
		23
		24	const updateAvatarValidator = updateActorImageValidatorFactory('avatarfile')
		25	const updateBannerValidator = updateActorImageValidatorFactory('bannerfile')
		26
		27	export {
		28	updateAvatarValidator,
		29	updateBannerValidator
		30	}


diff --git a/server/middlewares/validators/avatar.ts b/server/middlewares/validators/avatar.ts deleted file mode 100644 index 2acb97483..000000000 --- a/server/middlewares/validators/avatar.ts +++ /dev/null
@@ -1,26 +0,0 @@
1	import * as express from 'express'
2	import { body } from 'express-validator'
3	import { isAvatarFile } from '../../helpers/custom-validators/users'
4	import { areValidationErrors } from './utils'
5	import { CONSTRAINTS_FIELDS } from '../../initializers/constants'
6	import { logger } from '../../helpers/logger'
7	import { cleanUpReqFiles } from '../../helpers/express-utils'
8
9	const updateAvatarValidator = [
10	body('avatarfile').custom((value, { req }) => isAvatarFile(req.files)).withMessage(
11	'This file is not supported or too large. Please, make sure it is of the following type : ' +
12	CONSTRAINTS_FIELDS.ACTORS.AVATAR.EXTNAME.join(', ')
13	),
14
15	(req: express.Request, res: express.Response, next: express.NextFunction) => {
16	logger.debug('Checking updateAvatarValidator parameters', { files: req.files })
17
18	if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
19
20	return next()
21	}
22	]
23
24	export {
25	updateAvatarValidator
26	}


diff --git a/server/middlewares/validators/follows.ts b/server/middlewares/validators/follows.ts index a590aca99..bb849dc72 100644 --- a/server/middlewares/validators/follows.ts +++ b/server/middlewares/validators/follows.ts
@@ -68,7 +68,6 @@ const removeFollowingValidator = [
68	.json({	68	.json({
69	error: `Following ${req.params.host} not found.`	69	error: `Following ${req.params.host} not found.`
70	})	70	})
71	.end()
72	}	71	}
73		72
74	res.locals.follow = follow	73	res.locals.follow = follow


diff --git a/server/middlewares/validators/index.ts b/server/middlewares/validators/index.ts index 4086d77aa..24faeea3e 100644 --- a/server/middlewares/validators/index.ts +++ b/server/middlewares/validators/index.ts
@@ -1,5 +1,6 @@
1	export * from './abuse'	1	export * from './abuse'
2	export * from './account'	2	export * from './account'
		3	export * from './actor-image'
3	export * from './blocklist'	4	export * from './blocklist'
4	export * from './oembed'	5	export * from './oembed'
5	export * from './activitypub'	6	export * from './activitypub'


diff --git a/server/middlewares/validators/jobs.ts b/server/middlewares/validators/jobs.ts index 99ef25e0a..d87b28c06 100644 --- a/server/middlewares/validators/jobs.ts +++ b/server/middlewares/validators/jobs.ts
@@ -1,9 +1,11 @@
1	import * as express from 'express'	1	import * as express from 'express'
2	import { param, query } from 'express-validator'	2	import { param, query } from 'express-validator'
3	import { isValidJobState, isValidJobType } from '../../helpers/custom-validators/jobs'	3	import { isValidJobState, isValidJobType } from '../../helpers/custom-validators/jobs'
4	import { logger } from '../../helpers/logger'	4	import { logger, loggerTagsFactory } from '../../helpers/logger'
5	import { areValidationErrors } from './utils'	5	import { areValidationErrors } from './utils'
6		6
		7	const lTags = loggerTagsFactory('validators', 'jobs')
		8
7	const listJobsValidator = [	9	const listJobsValidator = [
8	param('state')	10	param('state')
9	.optional()	11	.optional()
@@ -14,7 +16,7 @@ const listJobsValidator = [
14	.custom(isValidJobType).withMessage('Should have a valid job state'),	16	.custom(isValidJobType).withMessage('Should have a valid job state'),
15		17
16	(req: express.Request, res: express.Response, next: express.NextFunction) => {	18	(req: express.Request, res: express.Response, next: express.NextFunction) => {
17	logger.debug('Checking listJobsValidator parameters.', { parameters: req.params })	19	logger.debug('Checking listJobsValidator parameters.', { parameters: req.params, ...lTags() })
18		20
19	if (areValidationErrors(req, res)) return	21	if (areValidationErrors(req, res)) return
20		22


diff --git a/server/middlewares/validators/pagination.ts b/server/middlewares/validators/pagination.ts index 1cae7848c..6b0a83d80 100644 --- a/server/middlewares/validators/pagination.ts +++ b/server/middlewares/validators/pagination.ts
@@ -4,25 +4,30 @@ import { logger } from '../../helpers/logger'
4	import { areValidationErrors } from './utils'	4	import { areValidationErrors } from './utils'
5	import { PAGINATION } from '@server/initializers/constants'	5	import { PAGINATION } from '@server/initializers/constants'
6		6
7	const paginationValidator = [	7	const paginationValidator = paginationValidatorBuilder()
8	query('start')
9	.optional()
10	.isInt({ min: 0 }).withMessage('Should have a number start'),
11	query('count')
12	.optional()
13	.isInt({ min: 0, max: PAGINATION.GLOBAL.COUNT.MAX }).withMessage(`Should have a number count (max: ${PAGINATION.GLOBAL.COUNT.MAX})`),
14		8
15	(req: express.Request, res: express.Response, next: express.NextFunction) => {	9	function paginationValidatorBuilder (tags: string[] = []) {
16	logger.debug('Checking pagination parameters', { parameters: req.query })	10	return [
		11	query('start')
		12	.optional()
		13	.isInt({ min: 0 }).withMessage('Should have a number start'),
		14	query('count')
		15	.optional()
		16	.isInt({ min: 0, max: PAGINATION.GLOBAL.COUNT.MAX }).withMessage(`Should have a number count (max: ${PAGINATION.GLOBAL.COUNT.MAX})`),
17		17
18	if (areValidationErrors(req, res)) return	18	(req: express.Request, res: express.Response, next: express.NextFunction) => {
		19	logger.debug('Checking pagination parameters', { parameters: req.query, tags })
19		20
20	return next()	21	if (areValidationErrors(req, res)) return
21	}	22
22	]	23	return next()
		24	}
		25	]
		26	}
23		27
24	// ---------------------------------------------------------------------------	28	// ---------------------------------------------------------------------------
25		29
26	export {	30	export {
27	paginationValidator	31	paginationValidator,
		32	paginationValidatorBuilder
28	}	33	}


diff --git a/server/middlewares/validators/sort.ts b/server/middlewares/validators/sort.ts index e93ceb200..beecc155b 100644 --- a/server/middlewares/validators/sort.ts +++ b/server/middlewares/validators/sort.ts
@@ -28,7 +28,7 @@ const SORTABLE_VIDEO_REDUNDANCIES_COLUMNS = createSortableColumns(SORTABLE_COLUM
28		28
29	const usersSortValidator = checkSort(SORTABLE_USERS_COLUMNS)	29	const usersSortValidator = checkSort(SORTABLE_USERS_COLUMNS)
30	const accountsSortValidator = checkSort(SORTABLE_ACCOUNTS_COLUMNS)	30	const accountsSortValidator = checkSort(SORTABLE_ACCOUNTS_COLUMNS)
31	const jobsSortValidator = checkSort(SORTABLE_JOBS_COLUMNS)	31	const jobsSortValidator = checkSort(SORTABLE_JOBS_COLUMNS, [ 'jobs' ])
32	const abusesSortValidator = checkSort(SORTABLE_ABUSES_COLUMNS)	32	const abusesSortValidator = checkSort(SORTABLE_ABUSES_COLUMNS)
33	const videosSortValidator = checkSort(SORTABLE_VIDEOS_COLUMNS)	33	const videosSortValidator = checkSort(SORTABLE_VIDEOS_COLUMNS)
34	const videoImportsSortValidator = checkSort(SORTABLE_VIDEO_IMPORTS_COLUMNS)	34	const videoImportsSortValidator = checkSort(SORTABLE_VIDEO_IMPORTS_COLUMNS)


diff --git a/server/middlewares/validators/utils.ts b/server/middlewares/validators/utils.ts index 2899bed6f..4167f6d43 100644 --- a/server/middlewares/validators/utils.ts +++ b/server/middlewares/validators/utils.ts
@@ -17,12 +17,12 @@ function areValidationErrors (req: express.Request, res: express.Response) {
17	return false	17	return false
18	}	18	}
19		19
20	function checkSort (sortableColumns: string[]) {	20	function checkSort (sortableColumns: string[], tags: string[] = []) {
21	return [	21	return [
22	query('sort').optional().isIn(sortableColumns).withMessage('Should have correct sortable column'),	22	query('sort').optional().isIn(sortableColumns).withMessage('Should have correct sortable column'),
23		23
24	(req: express.Request, res: express.Response, next: express.NextFunction) => {	24	(req: express.Request, res: express.Response, next: express.NextFunction) => {
25	logger.debug('Checking sort parameters', { parameters: req.query })	25	logger.debug('Checking sort parameters', { parameters: req.query, tags })
26		26
27	if (areValidationErrors(req, res)) return	27	if (areValidationErrors(req, res)) return
28		28


diff --git a/server/middlewares/validators/videos/video-channels.ts b/server/middlewares/validators/videos/video-channels.ts index 57ac548b9..2463d281c 100644 --- a/server/middlewares/validators/videos/video-channels.ts +++ b/server/middlewares/validators/videos/video-channels.ts
@@ -73,13 +73,11 @@ const videoChannelsUpdateValidator = [
73	if (res.locals.videoChannel.Actor.isOwned() === false) {	73	if (res.locals.videoChannel.Actor.isOwned() === false) {
74	return res.status(HttpStatusCode.FORBIDDEN_403)	74	return res.status(HttpStatusCode.FORBIDDEN_403)
75	.json({ error: 'Cannot update video channel of another server' })	75	.json({ error: 'Cannot update video channel of another server' })
76	.end()
77	}	76	}
78		77
79	if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) {	78	if (res.locals.videoChannel.Account.userId !== res.locals.oauth.token.User.id) {
80	return res.status(HttpStatusCode.FORBIDDEN_403)	79	return res.status(HttpStatusCode.FORBIDDEN_403)
81	.json({ error: 'Cannot update video channel of another user' })	80	.json({ error: 'Cannot update video channel of another user' })
82	.end()
83	}	81	}
84		82
85	return next()	83	return next()


diff --git a/server/middlewares/validators/videos/video-comments.ts b/server/middlewares/validators/videos/video-comments.ts index 226c9d436..1afacfed8 100644 --- a/server/middlewares/validators/videos/video-comments.ts +++ b/server/middlewares/validators/videos/video-comments.ts
@@ -216,7 +216,7 @@ async function isVideoCommentAccepted (req: express.Request, res: express.Respon
216	if (!acceptedResult \|\| acceptedResult.accepted !== true) {	216	if (!acceptedResult \|\| acceptedResult.accepted !== true) {
217	logger.info('Refused local comment.', { acceptedResult, acceptParameters })	217	logger.info('Refused local comment.', { acceptedResult, acceptParameters })
218	res.status(HttpStatusCode.FORBIDDEN_403)	218	res.status(HttpStatusCode.FORBIDDEN_403)
219	.json({ error: acceptedResult.errorMessage \|\| 'Refused local comment' })	219	.json({ error: acceptedResult?.errorMessage \|\| 'Refused local comment' })
220		220
221	return false	221	return false
222	}	222	}


diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts index 0fba4f5fd..c872d045e 100644 --- a/server/middlewares/validators/videos/video-playlists.ts +++ b/server/middlewares/validators/videos/video-playlists.ts
@@ -29,7 +29,7 @@ import { doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist, VideoP
29	import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'	29	import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
30	import { VideoPlaylistElementModel } from '../../../models/video/video-playlist-element'	30	import { VideoPlaylistElementModel } from '../../../models/video/video-playlist-element'
31	import { MVideoPlaylist } from '../../../types/models/video/video-playlist'	31	import { MVideoPlaylist } from '../../../types/models/video/video-playlist'
32	import { authenticatePromiseIfNeeded } from '../../oauth'	32	import { authenticatePromiseIfNeeded } from '../../auth'
33	import { areValidationErrors } from '../utils'	33	import { areValidationErrors } from '../utils'
34		34
35	const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([	35	const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([


diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts index 37cc07b94..4d31d3dcb 100644 --- a/server/middlewares/validators/videos/videos.ts +++ b/server/middlewares/validators/videos/videos.ts
@@ -54,7 +54,7 @@ import { isLocalVideoAccepted } from '../../../lib/moderation'
54	import { Hooks } from '../../../lib/plugins/hooks'	54	import { Hooks } from '../../../lib/plugins/hooks'
55	import { AccountModel } from '../../../models/account/account'	55	import { AccountModel } from '../../../models/account/account'
56	import { VideoModel } from '../../../models/video/video'	56	import { VideoModel } from '../../../models/video/video'
57	import { authenticatePromiseIfNeeded } from '../../oauth'	57	import { authenticatePromiseIfNeeded } from '../../auth'
58	import { areValidationErrors } from '../utils'	58	import { areValidationErrors } from '../utils'
59		59
60	const videosAddValidator = getCommonVideoEditAttributes().concat([	60	const videosAddValidator = getCommonVideoEditAttributes().concat([