33 files changed, 798 insertions, 267 deletions

diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts
index 01e5dd24e..b1e5b5236 100644
--- a/server/middlewares/activitypub.ts
+++ b/server/middlewares/activitypub.ts
@@ -1,11 +1,9 @@
-import { eachSeries } from 'async'
-import { NextFunction, Request, RequestHandler, Response } from 'express'
+import { NextFunction, Request, Response } from 'express'
 import { ActivityPubSignature } from '../../shared'
 import { logger } from '../helpers/logger'
 import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../helpers/peertube-crypto'
-import { ACCEPT_HEADERS, ACTIVITY_PUB, HTTP_SIGNATURE } from '../initializers'
+import { ACCEPT_HEADERS, ACTIVITY_PUB, HTTP_SIGNATURE } from '../initializers/constants'
 import { getOrCreateActorAndServerAndModel } from '../lib/activitypub'
-import { ActorModel } from '../models/activitypub/actor'
 import { loadActorUrlOrGetFromWebfinger } from '../helpers/webfinger'
 
 async function checkSignature (req: Request, res: Response, next: NextFunction) {
@@ -13,7 +11,7 @@ async function checkSignature (req: Request, res: Response, next: NextFunction)
     const httpSignatureChecked = await checkHttpSignature(req, res)
     if (httpSignatureChecked !== true) return
 
-    const actor: ActorModel = res.locals.signature.actor
+    const actor = res.locals.signature.actor
 
     // Forwarded activity
     const bodyActor = req.body.actor
@@ -30,23 +28,16 @@ async function checkSignature (req: Request, res: Response, next: NextFunction)
   }
 }
 
-function executeIfActivityPub (fun: RequestHandler | RequestHandler[]) {
-  return (req: Request, res: Response, next: NextFunction) => {
-    const accepted = req.accepts(ACCEPT_HEADERS)
-    if (accepted === false || ACTIVITY_PUB.POTENTIAL_ACCEPT_HEADERS.indexOf(accepted) === -1) {
-      return next()
-    }
-
-    logger.debug('ActivityPub request for %s.', req.url)
+function executeIfActivityPub (req: Request, res: Response, next: NextFunction) {
+  const accepted = req.accepts(ACCEPT_HEADERS)
+  if (accepted === false || ACTIVITY_PUB.POTENTIAL_ACCEPT_HEADERS.indexOf(accepted) === -1) {
+    // Bypass this route
+    return next('route')
+  }
 
-    if (Array.isArray(fun) === true) {
-      return eachSeries(fun as RequestHandler[], (f, cb) => {
-        f(req, res, cb)
-      }, next)
-    }
+  logger.debug('ActivityPub request for %s.', req.url)
 
-    return (fun as RequestHandler)(req, res, next)
-  }
+  return next()
 }
 
 // ---------------------------------------------------------------------------
@@ -83,6 +74,8 @@ async function checkHttpSignature (req: Request, res: Response) {
 
   const verified = isHTTPSignatureVerified(parsed, actor)
   if (verified !== true) {
+    logger.warn('Signature from %s is invalid', actorUrl, { parsed })
+
     res.sendStatus(403)
     return false
   }
diff --git a/server/middlewares/cache.ts b/server/middlewares/cache.ts
index 8ffe75700..ef8611875 100644
--- a/server/middlewares/cache.ts
+++ b/server/middlewares/cache.ts
@@ -1,72 +1,16 @@
-import * as express from 'express'
-import * as AsyncLock from 'async-lock'
-import { parseDuration } from '../helpers/core-utils'
 import { Redis } from '../lib/redis'
-import { logger } from '../helpers/logger'
+import * as apicache from 'apicache'
 
-const lock = new AsyncLock({ timeout: 5000 })
+// Ensure Redis is initialized
+Redis.Instance.init()
 
-function cacheRoute (lifetimeArg: string | number) {
-  return async function (req: express.Request, res: express.Response, next: express.NextFunction) {
-    const redisKey = Redis.Instance.generateCachedRouteKey(req)
-
-    try {
-      await lock.acquire(redisKey, async (done) => {
-        const cached = await Redis.Instance.getCachedRoute(req)
-
-        // Not cached
-        if (!cached) {
-          logger.debug('No cached results for route %s.', req.originalUrl)
-
-          const sendSave = res.send.bind(res)
-          const redirectSave = res.redirect.bind(res)
-
-          res.send = (body) => {
-            if (res.statusCode >= 200 && res.statusCode < 400) {
-              const contentType = res.get('content-type')
-              const lifetime = parseDuration(lifetimeArg)
-
-              Redis.Instance.setCachedRoute(req, body, lifetime, contentType, res.statusCode)
-                   .then(() => done())
-                   .catch(err => {
-                     logger.error('Cannot cache route.', { err })
-                     return done(err)
-                   })
-            } else {
-              done()
-            }
-
-            return sendSave(body)
-          }
-
-          res.redirect = url => {
-            done()
-
-            return redirectSave(url)
-          }
-
-          return next()
-        }
-
-        if (cached.contentType) res.set('content-type', cached.contentType)
-
-        if (cached.statusCode) {
-          const statusCode = parseInt(cached.statusCode, 10)
-          if (!isNaN(statusCode)) res.status(statusCode)
-        }
-
-        logger.debug('Use cached result for %s.', req.originalUrl)
-        res.send(cached.body).end()
-
-        return done()
-      })
-    } catch (err) {
-      logger.error('Cannot serve cached route.', { err })
-      return next()
-    }
-  }
+const options = {
+  redisClient: Redis.Instance.getClient(),
+  appendKey: () => Redis.Instance.getPrefix()
 }
 
+const cacheRoute = apicache.options(options).middleware
+
 // ---------------------------------------------------------------------------
 
 export {
diff --git a/server/middlewares/csp.ts b/server/middlewares/csp.ts
index 8b919af0d..d484b3021 100644
--- a/server/middlewares/csp.ts
+++ b/server/middlewares/csp.ts
@@ -1,5 +1,5 @@
 import * as helmet from 'helmet'
-import { CONFIG } from '../initializers/constants'
+import { CONFIG } from '../initializers/config'
 
 const baseDirectives = Object.assign({},
   {
@@ -16,24 +16,22 @@ const baseDirectives = Object.assign({},
     baseUri: ["'self'"],
     manifestSrc: ["'self'"],
     frameSrc: ["'self'"], // instead of deprecated child-src / self because of test-embed
-    workerSrc: ["'self'"] // instead of deprecated child-src
+    workerSrc: ["'self'", 'blob:'] // instead of deprecated child-src
   },
-  CONFIG.SERVICES['CSP-LOGGER'] ? { reportUri: CONFIG.SERVICES['CSP-LOGGER'] } : {},
+  CONFIG.CSP.REPORT_URI ? { reportUri: CONFIG.CSP.REPORT_URI } : {},
   CONFIG.WEBSERVER.SCHEME === 'https' ? { upgradeInsecureRequests: true } : {}
 )
 
 const baseCSP = helmet.contentSecurityPolicy({
   directives: baseDirectives,
   browserSniff: false,
-  reportOnly: true
+  reportOnly: CONFIG.CSP.REPORT_ONLY
 })
 
 const embedCSP = helmet.contentSecurityPolicy({
-  directives: Object.assign(baseDirectives, {
-    frameAncestors: ['*']
-  }),
+  directives: Object.assign({}, baseDirectives, { frameAncestors: ['*'] }),
   browserSniff: false, // assumes a modern browser, but allows CDN in front
-  reportOnly: true
+  reportOnly: CONFIG.CSP.REPORT_ONLY
 })
 
 // ---------------------------------------------------------------------------
diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts
index 1d193d467..2b4e300e4 100644
--- a/server/middlewares/oauth.ts
+++ b/server/middlewares/oauth.ts
@@ -1,7 +1,7 @@
 import * as express from 'express'
 import * as OAuthServer from 'express-oauth-server'
 import 'express-validator'
-import { OAUTH_LIFETIME } from '../initializers'
+import { OAUTH_LIFETIME } from '../initializers/constants'
 import { logger } from '../helpers/logger'
 import { Socket } from 'socket.io'
 import { getAccessToken } from '../lib/oauth-model'
@@ -35,6 +35,8 @@ function authenticateSocket (socket: Socket, next: (err?: any) => void) {
 
   logger.debug('Checking socket access token %s.', accessToken)
 
+  if (!accessToken) return next(new Error('No access token provided'))
+
   getAccessToken(accessToken)
     .then(tokenDB => {
       const now = new Date()
diff --git a/server/middlewares/pagination.ts b/server/middlewares/pagination.ts
index 9b497b19e..83304940f 100644
--- a/server/middlewares/pagination.ts
+++ b/server/middlewares/pagination.ts
@@ -1,7 +1,7 @@
 import 'express-validator'
 import * as express from 'express'
 
-import { PAGINATION } from '../initializers'
+import { PAGINATION } from '../initializers/constants'
 
 function setDefaultPagination (req: express.Request, res: express.Response, next: express.NextFunction) {
   if (!req.query.start) req.query.start = 0
diff --git a/server/middlewares/user-right.ts b/server/middlewares/user-right.ts
index 7cea7aa1e..498e3d677 100644
--- a/server/middlewares/user-right.ts
+++ b/server/middlewares/user-right.ts
@@ -2,11 +2,10 @@ import * as express from 'express'
 import 'express-validator'
 import { UserRight } from '../../shared'
 import { logger } from '../helpers/logger'
-import { UserModel } from '../models/account/user'
 
 function ensureUserHasRight (userRight: UserRight) {
   return function (req: express.Request, res: express.Response, next: express.NextFunction) {
-    const user = res.locals.oauth.token.user as UserModel
+    const user = res.locals.oauth.token.user
     if (user.hasRight(userRight) === false) {
       const message = `User ${user.username} does not have right ${UserRight[userRight]} to access to ${req.path}.`
       logger.info(message)
diff --git a/server/middlewares/validators/account.ts b/server/middlewares/validators/account.ts
index b3a51e631..96e120a38 100644
--- a/server/middlewares/validators/account.ts
+++ b/server/middlewares/validators/account.ts
@@ -1,6 +1,6 @@
 import * as express from 'express'
 import { param } from 'express-validator/check'
-import { isAccountNameValid, isAccountNameWithHostExist, isLocalAccountNameExist } from '../../helpers/custom-validators/accounts'
+import { isAccountNameValid, doesAccountNameWithHostExist, doesLocalAccountNameExist } from '../../helpers/custom-validators/accounts'
 import { logger } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
 
@@ -11,20 +11,20 @@ const localAccountValidator = [
     logger.debug('Checking localAccountValidator parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isLocalAccountNameExist(req.params.name, res)) return
+    if (!await doesLocalAccountNameExist(req.params.name, res)) return
 
     return next()
   }
 ]
 
-const accountsNameWithHostGetValidator = [
+const accountNameWithHostGetValidator = [
   param('accountName').exists().withMessage('Should have an account name with host'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking accountsNameWithHostGetValidator parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isAccountNameWithHostExist(req.params.accountName, res)) return
+    if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return
 
     return next()
   }
@@ -34,5 +34,5 @@ const accountsNameWithHostGetValidator = [
 
 export {
   localAccountValidator,
-  accountsNameWithHostGetValidator
+  accountNameWithHostGetValidator
 }
diff --git a/server/middlewares/validators/activitypub/activity.ts b/server/middlewares/validators/activitypub/activity.ts
index 3f9057c0c..7582f65e7 100644
--- a/server/middlewares/validators/activitypub/activity.ts
+++ b/server/middlewares/validators/activitypub/activity.ts
@@ -2,7 +2,6 @@ import * as express from 'express'
 import { isRootActivityValid } from '../../../helpers/custom-validators/activitypub/activity'
 import { logger } from '../../../helpers/logger'
 import { getServerActor } from '../../../helpers/utils'
-import { ActorModel } from '../../../models/activitypub/actor'
 
 async function activityPubValidator (req: express.Request, res: express.Response, next: express.NextFunction) {
   logger.debug('Checking activity pub parameters')
@@ -13,7 +12,7 @@ async function activityPubValidator (req: express.Request, res: express.Response
   }
 
   const serverActor = await getServerActor()
-  const remoteActor = res.locals.signature.actor as ActorModel
+  const remoteActor = res.locals.signature.actor
   if (serverActor.id === remoteActor.id) {
     logger.error('Receiving request in INBOX by ourselves!', req.body)
     return res.status(409).end()
diff --git a/server/middlewares/validators/avatar.ts b/server/middlewares/validators/avatar.ts
index ddc14f531..bab3ed118 100644
--- a/server/middlewares/validators/avatar.ts
+++ b/server/middlewares/validators/avatar.ts
@@ -2,7 +2,7 @@ import * as express from 'express'
 import { body } from 'express-validator/check'
 import { isAvatarFile } from '../../helpers/custom-validators/users'
 import { areValidationErrors } from './utils'
-import { CONSTRAINTS_FIELDS } from '../../initializers'
+import { CONSTRAINTS_FIELDS } from '../../initializers/constants'
 import { logger } from '../../helpers/logger'
 import { cleanUpReqFiles } from '../../helpers/express-utils'
 
diff --git a/server/middlewares/validators/blocklist.ts b/server/middlewares/validators/blocklist.ts
index 109276c63..7c494de78 100644
--- a/server/middlewares/validators/blocklist.ts
+++ b/server/middlewares/validators/blocklist.ts
@@ -2,14 +2,13 @@ import { body, param } from 'express-validator/check'
 import * as express from 'express'
 import { logger } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
-import { isAccountNameWithHostExist } from '../../helpers/custom-validators/accounts'
-import { UserModel } from '../../models/account/user'
+import { doesAccountNameWithHostExist } from '../../helpers/custom-validators/accounts'
 import { AccountBlocklistModel } from '../../models/account/account-blocklist'
 import { isHostValid } from '../../helpers/custom-validators/servers'
 import { ServerBlocklistModel } from '../../models/server/server-blocklist'
 import { ServerModel } from '../../models/server/server'
-import { CONFIG } from '../../initializers'
 import { getServerActor } from '../../helpers/utils'
+import { WEBSERVER } from '../../initializers/constants'
 
 const blockAccountValidator = [
   body('accountName').exists().withMessage('Should have an account name with host'),
@@ -18,9 +17,9 @@ const blockAccountValidator = [
     logger.debug('Checking blockAccountByAccountValidator parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await isAccountNameWithHostExist(req.body.accountName, res)) return
+    if (!await doesAccountNameWithHostExist(req.body.accountName, res)) return
 
-    const user = res.locals.oauth.token.User as UserModel
+    const user = res.locals.oauth.token.User
     const accountToBlock = res.locals.account
 
     if (user.Account.id === accountToBlock.id) {
@@ -42,11 +41,11 @@ const unblockAccountByAccountValidator = [
     logger.debug('Checking unblockAccountByAccountValidator parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isAccountNameWithHostExist(req.params.accountName, res)) return
+    if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return
 
-    const user = res.locals.oauth.token.User as UserModel
+    const user = res.locals.oauth.token.User
     const targetAccount = res.locals.account
-    if (!await isUnblockAccountExists(user.Account.id, targetAccount.id, res)) return
+    if (!await doesUnblockAccountExist(user.Account.id, targetAccount.id, res)) return
 
     return next()
   }
@@ -59,11 +58,11 @@ const unblockAccountByServerValidator = [
     logger.debug('Checking unblockAccountByServerValidator parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isAccountNameWithHostExist(req.params.accountName, res)) return
+    if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return
 
     const serverActor = await getServerActor()
     const targetAccount = res.locals.account
-    if (!await isUnblockAccountExists(serverActor.Account.id, targetAccount.id, res)) return
+    if (!await doesUnblockAccountExist(serverActor.Account.id, targetAccount.id, res)) return
 
     return next()
   }
@@ -79,7 +78,7 @@ const blockServerValidator = [
 
     const host: string = req.body.host
 
-    if (host === CONFIG.WEBSERVER.HOST) {
+    if (host === WEBSERVER.HOST) {
       return res.status(409)
         .send({ error: 'You cannot block your own server.' })
         .end()
@@ -106,8 +105,8 @@ const unblockServerByAccountValidator = [
 
     if (areValidationErrors(req, res)) return
 
-    const user = res.locals.oauth.token.User as UserModel
-    if (!await isUnblockServerExists(user.Account.id, req.params.host, res)) return
+    const user = res.locals.oauth.token.User
+    if (!await doesUnblockServerExist(user.Account.id, req.params.host, res)) return
 
     return next()
   }
@@ -122,7 +121,7 @@ const unblockServerByServerValidator = [
     if (areValidationErrors(req, res)) return
 
     const serverActor = await getServerActor()
-    if (!await isUnblockServerExists(serverActor.Account.id, req.params.host, res)) return
+    if (!await doesUnblockServerExist(serverActor.Account.id, req.params.host, res)) return
 
     return next()
   }
@@ -141,7 +140,7 @@ export {
 
 // ---------------------------------------------------------------------------
 
-async function isUnblockAccountExists (accountId: number, targetAccountId: number, res: express.Response) {
+async function doesUnblockAccountExist (accountId: number, targetAccountId: number, res: express.Response) {
   const accountBlock = await AccountBlocklistModel.loadByAccountAndTarget(accountId, targetAccountId)
   if (!accountBlock) {
     res.status(404)
@@ -156,7 +155,7 @@ async function isUnblockAccountExists (accountId: number, targetAccountId: numbe
   return true
 }
 
-async function isUnblockServerExists (accountId: number, host: string, res: express.Response) {
+async function doesUnblockServerExist (accountId: number, host: string, res: express.Response) {
   const serverBlock = await ServerBlocklistModel.loadByAccountAndHost(accountId, host)
   if (!serverBlock) {
     res.status(404)
diff --git a/server/middlewares/validators/config.ts b/server/middlewares/validators/config.ts
index 90108fa82..d015fa6fe 100644
--- a/server/middlewares/validators/config.ts
+++ b/server/middlewares/validators/config.ts
@@ -2,6 +2,8 @@ import * as express from 'express'
 import { body } from 'express-validator/check'
 import { isUserNSFWPolicyValid, isUserVideoQuotaValid, isUserVideoQuotaDailyValid } from '../../helpers/custom-validators/users'
 import { logger } from '../../helpers/logger'
+import { CustomConfig } from '../../../shared/models/server/custom-config.model'
+import { Emailer } from '../../lib/emailer'
 import { areValidationErrors } from './utils'
 
 const customConfigUpdateValidator = [
@@ -42,15 +44,34 @@ const customConfigUpdateValidator = [
   body('import.videos.http.enabled').isBoolean().withMessage('Should have a valid import video http enabled boolean'),
   body('import.videos.torrent.enabled').isBoolean().withMessage('Should have a valid import video torrent enabled boolean'),
 
+  body('followers.instance.enabled').isBoolean().withMessage('Should have a valid followers of instance boolean'),
+  body('followers.instance.manualApproval').isBoolean().withMessage('Should have a valid manual approval boolean'),
+
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking customConfigUpdateValidator parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
+    if (!checkInvalidConfigIfEmailDisabled(req.body as CustomConfig, res)) return
 
     return next()
   }
 ]
 
+// ---------------------------------------------------------------------------
+
 export {
   customConfigUpdateValidator
 }
+
+function checkInvalidConfigIfEmailDisabled (customConfig: CustomConfig, res: express.Response) {
+  if (Emailer.isEnabled()) return true
+
+  if (customConfig.signup.requiresEmailVerification === true) {
+    res.status(400)
+      .send({ error: 'Emailer is disabled but you require signup email verification.' })
+      .end()
+    return false
+  }
+
+  return true
+}
diff --git a/server/middlewares/validators/feeds.ts b/server/middlewares/validators/feeds.ts
index 969ce2526..e4f5c98fe 100644
--- a/server/middlewares/validators/feeds.ts
+++ b/server/middlewares/validators/feeds.ts
@@ -1,12 +1,12 @@
 import * as express from 'express'
 import { param, query } from 'express-validator/check'
-import { isAccountIdExist, isAccountNameValid, isAccountNameWithHostExist } from '../../helpers/custom-validators/accounts'
+import { doesAccountIdExist, isAccountNameValid, doesAccountNameWithHostExist } from '../../helpers/custom-validators/accounts'
 import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc'
 import { logger } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
 import { isValidRSSFeed } from '../../helpers/custom-validators/feeds'
-import { isVideoChannelIdExist, isVideoChannelNameWithHostExist } from '../../helpers/custom-validators/video-channels'
-import { isVideoExist } from '../../helpers/custom-validators/videos'
+import { doesVideoChannelIdExist, doesVideoChannelNameWithHostExist } from '../../helpers/custom-validators/video-channels'
+import { doesVideoExist } from '../../helpers/custom-validators/videos'
 import { isActorPreferredUsernameValid } from '../../helpers/custom-validators/activitypub/actor'
 
 const videoFeedsValidator = [
@@ -22,10 +22,10 @@ const videoFeedsValidator = [
 
     if (areValidationErrors(req, res)) return
 
-    if (req.query.accountId && !await isAccountIdExist(req.query.accountId, res)) return
-    if (req.query.videoChannelId && !await isVideoChannelIdExist(req.query.videoChannelId, res)) return
-    if (req.query.accountName && !await isAccountNameWithHostExist(req.query.accountName, res)) return
-    if (req.query.videoChannelName && !await isVideoChannelNameWithHostExist(req.query.videoChannelName, res)) return
+    if (req.query.accountId && !await doesAccountIdExist(req.query.accountId, res)) return
+    if (req.query.videoChannelId && !await doesVideoChannelIdExist(req.query.videoChannelId, res)) return
+    if (req.query.accountName && !await doesAccountNameWithHostExist(req.query.accountName, res)) return
+    if (req.query.videoChannelName && !await doesVideoChannelNameWithHostExist(req.query.videoChannelName, res)) return
 
     return next()
   }
@@ -41,7 +41,7 @@ const videoCommentsFeedsValidator = [
 
     if (areValidationErrors(req, res)) return
 
-    if (req.query.videoId && !await isVideoExist(req.query.videoId, res)) return
+    if (req.query.videoId && !await doesVideoExist(req.query.videoId, res)) return
 
     return next()
   }
diff --git a/server/middlewares/validators/follows.ts b/server/middlewares/validators/follows.ts
index 73fa28be9..2e5a02307 100644
--- a/server/middlewares/validators/follows.ts
+++ b/server/middlewares/validators/follows.ts
@@ -4,16 +4,19 @@ import { isTestInstance } from '../../helpers/core-utils'
 import { isEachUniqueHostValid, isHostValid } from '../../helpers/custom-validators/servers'
 import { logger } from '../../helpers/logger'
 import { getServerActor } from '../../helpers/utils'
-import { CONFIG, SERVER_ACTOR_NAME } from '../../initializers'
+import { SERVER_ACTOR_NAME, WEBSERVER } from '../../initializers/constants'
 import { ActorFollowModel } from '../../models/activitypub/actor-follow'
 import { areValidationErrors } from './utils'
+import { ActorModel } from '../../models/activitypub/actor'
+import { loadActorUrlOrGetFromWebfinger } from '../../helpers/webfinger'
+import { isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor'
 
 const followValidator = [
   body('hosts').custom(isEachUniqueHostValid).withMessage('Should have an array of unique hosts'),
 
   (req: express.Request, res: express.Response, next: express.NextFunction) => {
     // Force https if the administrator wants to make friends
-    if (isTestInstance() === false && CONFIG.WEBSERVER.SCHEME === 'http') {
+    if (isTestInstance() === false && WEBSERVER.SCHEME === 'http') {
       return res.status(500)
         .json({
           error: 'Cannot follow on a non HTTPS web server.'
@@ -33,7 +36,7 @@ const removeFollowingValidator = [
   param('host').custom(isHostValid).withMessage('Should have a valid host'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    logger.debug('Checking unfollow parameters', { parameters: req.params })
+    logger.debug('Checking unfollowing parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
 
@@ -44,7 +47,7 @@ const removeFollowingValidator = [
       return res
         .status(404)
         .json({
-          error: `Follower ${req.params.host} not found.`
+          error: `Following ${req.params.host} not found.`
         })
         .end()
     }
@@ -54,9 +57,57 @@ const removeFollowingValidator = [
   }
 ]
 
+const getFollowerValidator = [
+  param('nameWithHost').custom(isValidActorHandle).withMessage('Should have a valid nameWithHost'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking get follower parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+
+    let follow: ActorFollowModel
+    try {
+      const actorUrl = await loadActorUrlOrGetFromWebfinger(req.params.nameWithHost)
+      const actor = await ActorModel.loadByUrl(actorUrl)
+
+      const serverActor = await getServerActor()
+      follow = await ActorFollowModel.loadByActorAndTarget(actor.id, serverActor.id)
+    } catch (err) {
+      logger.warn('Cannot get actor from handle.', { handle: req.params.nameWithHost, err })
+    }
+
+    if (!follow) {
+      return res
+        .status(404)
+        .json({
+          error: `Follower ${req.params.nameWithHost} not found.`
+        })
+        .end()
+    }
+
+    res.locals.follow = follow
+    return next()
+  }
+]
+
+const acceptOrRejectFollowerValidator = [
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking accept/reject follower parameters', { parameters: req.params })
+
+    const follow = res.locals.follow
+    if (follow.state !== 'pending') {
+      return res.status(400).json({ error: 'Follow is not in pending state.' }).end()
+    }
+
+    return next()
+  }
+]
+
 // ---------------------------------------------------------------------------
 
 export {
   followValidator,
-  removeFollowingValidator
+  removeFollowingValidator,
+  getFollowerValidator,
+  acceptOrRejectFollowerValidator
 }
diff --git a/server/middlewares/validators/logs.ts b/server/middlewares/validators/logs.ts
new file mode 100644
index 000000000..7380c6edd
--- /dev/null
+++ b/server/middlewares/validators/logs.ts
@@ -0,0 +1,31 @@
+import * as express from 'express'
+import { logger } from '../../helpers/logger'
+import { areValidationErrors } from './utils'
+import { isDateValid } from '../../helpers/custom-validators/misc'
+import { query } from 'express-validator/check'
+import { isValidLogLevel } from '../../helpers/custom-validators/logs'
+
+const getLogsValidator = [
+  query('startDate')
+    .custom(isDateValid).withMessage('Should have a valid start date'),
+  query('level')
+    .optional()
+    .custom(isValidLogLevel).withMessage('Should have a valid level'),
+  query('endDate')
+    .optional()
+    .custom(isDateValid).withMessage('Should have a valid end date'),
+
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking getLogsValidator parameters.', { parameters: req.query })
+
+    if (areValidationErrors(req, res)) return
+
+    return next()
+  }
+]
+
+// ---------------------------------------------------------------------------
+
+export {
+  getLogsValidator
+}
diff --git a/server/middlewares/validators/oembed.ts b/server/middlewares/validators/oembed.ts
index cd9b27b16..0bb908d0b 100644
--- a/server/middlewares/validators/oembed.ts
+++ b/server/middlewares/validators/oembed.ts
@@ -3,12 +3,12 @@ import { query } from 'express-validator/check'
 import { join } from 'path'
 import { isTestInstance } from '../../helpers/core-utils'
 import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc'
-import { isVideoExist } from '../../helpers/custom-validators/videos'
+import { doesVideoExist } from '../../helpers/custom-validators/videos'
 import { logger } from '../../helpers/logger'
-import { CONFIG } from '../../initializers'
 import { areValidationErrors } from './utils'
+import { WEBSERVER } from '../../initializers/constants'
 
-const urlShouldStartWith = CONFIG.WEBSERVER.SCHEME + '://' + join(CONFIG.WEBSERVER.HOST, 'videos', 'watch') + '/'
+const urlShouldStartWith = WEBSERVER.SCHEME + '://' + join(WEBSERVER.HOST, 'videos', 'watch') + '/'
 const videoWatchRegex = new RegExp('([^/]+)$')
 const isURLOptions = {
   require_host: true,
@@ -52,7 +52,7 @@ const oembedValidator = [
                 .end()
     }
 
-    if (!await isVideoExist(videoId, res)) return
+    if (!await doesVideoExist(videoId, res)) return
 
     return next()
   }
diff --git a/server/middlewares/validators/redundancy.ts b/server/middlewares/validators/redundancy.ts
index c72ab78b2..76cf89c40 100644
--- a/server/middlewares/validators/redundancy.ts
+++ b/server/middlewares/validators/redundancy.ts
@@ -1,19 +1,15 @@
 import * as express from 'express'
 import 'express-validator'
-import { param, body } from 'express-validator/check'
+import { body, param } from 'express-validator/check'
 import { exists, isBooleanValid, isIdOrUUIDValid, toIntOrNull } from '../../helpers/custom-validators/misc'
-import { isVideoExist } from '../../helpers/custom-validators/videos'
+import { doesVideoExist } from '../../helpers/custom-validators/videos'
 import { logger } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
-import { VideoModel } from '../../models/video/video'
 import { VideoRedundancyModel } from '../../models/redundancy/video-redundancy'
 import { isHostValid } from '../../helpers/custom-validators/servers'
-import { getServerActor } from '../../helpers/utils'
-import { ActorFollowModel } from '../../models/activitypub/actor-follow'
-import { SERVER_ACTOR_NAME } from '../../initializers'
 import { ServerModel } from '../../models/server/server'
 
-const videoRedundancyGetValidator = [
+const videoFileRedundancyGetValidator = [
   param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid video id'),
   param('resolution')
     .customSanitizer(toIntOrNull)
@@ -24,12 +20,12 @@ const videoRedundancyGetValidator = [
     .custom(exists).withMessage('Should have a valid fps'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    logger.debug('Checking videoRedundancyGetValidator parameters', { parameters: req.params })
+    logger.debug('Checking videoFileRedundancyGetValidator parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
 
-    const video: VideoModel = res.locals.video
+    const video = res.locals.video
     const videoFile = video.VideoFiles.find(f => {
       return f.resolution === req.params.resolution && (!req.params.fps || f.fps === req.params.fps)
     })
@@ -38,7 +34,31 @@ const videoRedundancyGetValidator = [
     res.locals.videoFile = videoFile
 
     const videoRedundancy = await VideoRedundancyModel.loadLocalByFileId(videoFile.id)
-    if (!videoRedundancy)return res.status(404).json({ error: 'Video redundancy not found.' })
+    if (!videoRedundancy) return res.status(404).json({ error: 'Video redundancy not found.' })
+    res.locals.videoRedundancy = videoRedundancy
+
+    return next()
+  }
+]
+
+const videoPlaylistRedundancyGetValidator = [
+  param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid video id'),
+  param('streamingPlaylistType').custom(exists).withMessage('Should have a valid streaming playlist type'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoPlaylistRedundancyGetValidator parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
+
+    const video = res.locals.video
+    const videoStreamingPlaylist = video.VideoStreamingPlaylists.find(p => p === req.params.streamingPlaylistType)
+
+    if (!videoStreamingPlaylist) return res.status(404).json({ error: 'Video playlist not found.' })
+    res.locals.videoStreamingPlaylist = videoStreamingPlaylist
+
+    const videoRedundancy = await VideoRedundancyModel.loadLocalByStreamingPlaylistId(videoStreamingPlaylist.id)
+    if (!videoRedundancy) return res.status(404).json({ error: 'Video redundancy not found.' })
     res.locals.videoRedundancy = videoRedundancy
 
     return next()
@@ -75,6 +95,7 @@ const updateServerRedundancyValidator = [
 // ---------------------------------------------------------------------------
 
 export {
-  videoRedundancyGetValidator,
+  videoFileRedundancyGetValidator,
+  videoPlaylistRedundancyGetValidator,
   updateServerRedundancyValidator
 }
diff --git a/server/middlewares/validators/search.ts b/server/middlewares/validators/search.ts
index 6a95d6095..7816d229c 100644
--- a/server/middlewares/validators/search.ts
+++ b/server/middlewares/validators/search.ts
@@ -10,6 +10,9 @@ const videosSearchValidator = [
   query('startDate').optional().custom(isDateValid).withMessage('Should have a valid start date'),
   query('endDate').optional().custom(isDateValid).withMessage('Should have a valid end date'),
 
+  query('originallyPublishedStartDate').optional().custom(isDateValid).withMessage('Should have a valid published start date'),
+  query('originallyPublishedEndDate').optional().custom(isDateValid).withMessage('Should have a valid published end date'),
+
   query('durationMin').optional().isInt().withMessage('Should have a valid min duration'),
   query('durationMax').optional().isInt().withMessage('Should have a valid max duration'),
 
diff --git a/server/middlewares/validators/server.ts b/server/middlewares/validators/server.ts
index d85afc2ff..6eff8e9ee 100644
--- a/server/middlewares/validators/server.ts
+++ b/server/middlewares/validators/server.ts
@@ -7,7 +7,7 @@ import { body } from 'express-validator/check'
 import { isUserDisplayNameValid } from '../../helpers/custom-validators/users'
 import { Emailer } from '../../lib/emailer'
 import { Redis } from '../../lib/redis'
-import { CONFIG } from '../../initializers/constants'
+import { CONFIG } from '../../initializers/config'
 
 const serverGetValidator = [
   body('host').custom(isHostValid).withMessage('Should have a valid host'),
@@ -57,7 +57,7 @@ const contactAdministratorValidator = [
         .end()
     }
 
-    if (await Redis.Instance.isContactFormIpExists(req.ip)) {
+    if (await Redis.Instance.doesContactFormIpExist(req.ip)) {
       logger.info('Refusing a contact form by %s: already sent one recently.', req.ip)
 
       return res
diff --git a/server/middlewares/validators/sort.ts b/server/middlewares/validators/sort.ts
index 5ceda845f..b497798d1 100644
--- a/server/middlewares/validators/sort.ts
+++ b/server/middlewares/validators/sort.ts
@@ -1,4 +1,4 @@
-import { SORTABLE_COLUMNS } from '../../initializers'
+import { SORTABLE_COLUMNS } from '../../initializers/constants'
 import { checkSort, createSortableColumns } from './utils'
 
 // Initialize constants here for better performances
@@ -11,6 +11,7 @@ const SORTABLE_VIDEOS_SEARCH_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VI
 const SORTABLE_VIDEO_CHANNELS_SEARCH_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_CHANNELS_SEARCH)
 const SORTABLE_VIDEO_IMPORTS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_IMPORTS)
 const SORTABLE_VIDEO_COMMENT_THREADS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_COMMENT_THREADS)
+const SORTABLE_VIDEO_RATES_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_RATES)
 const SORTABLE_BLACKLISTS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.BLACKLISTS)
 const SORTABLE_VIDEO_CHANNELS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_CHANNELS)
 const SORTABLE_FOLLOWERS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.FOLLOWERS)
@@ -19,6 +20,7 @@ const SORTABLE_USER_SUBSCRIPTIONS_COLUMNS = createSortableColumns(SORTABLE_COLUM
 const SORTABLE_ACCOUNTS_BLOCKLIST_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.ACCOUNTS_BLOCKLIST)
 const SORTABLE_SERVERS_BLOCKLIST_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.SERVERS_BLOCKLIST)
 const SORTABLE_USER_NOTIFICATIONS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.USER_NOTIFICATIONS)
+const SORTABLE_VIDEO_PLAYLISTS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_PLAYLISTS)
 
 const usersSortValidator = checkSort(SORTABLE_USERS_COLUMNS)
 const accountsSortValidator = checkSort(SORTABLE_ACCOUNTS_COLUMNS)
@@ -29,6 +31,7 @@ const videoImportsSortValidator = checkSort(SORTABLE_VIDEO_IMPORTS_COLUMNS)
 const videosSearchSortValidator = checkSort(SORTABLE_VIDEOS_SEARCH_COLUMNS)
 const videoChannelsSearchSortValidator = checkSort(SORTABLE_VIDEO_CHANNELS_SEARCH_COLUMNS)
 const videoCommentThreadsSortValidator = checkSort(SORTABLE_VIDEO_COMMENT_THREADS_COLUMNS)
+const videoRatesSortValidator = checkSort(SORTABLE_VIDEO_RATES_COLUMNS)
 const blacklistSortValidator = checkSort(SORTABLE_BLACKLISTS_COLUMNS)
 const videoChannelsSortValidator = checkSort(SORTABLE_VIDEO_CHANNELS_COLUMNS)
 const followersSortValidator = checkSort(SORTABLE_FOLLOWERS_COLUMNS)
@@ -37,6 +40,7 @@ const userSubscriptionsSortValidator = checkSort(SORTABLE_USER_SUBSCRIPTIONS_COL
 const accountsBlocklistSortValidator = checkSort(SORTABLE_ACCOUNTS_BLOCKLIST_COLUMNS)
 const serversBlocklistSortValidator = checkSort(SORTABLE_SERVERS_BLOCKLIST_COLUMNS)
 const userNotificationsSortValidator = checkSort(SORTABLE_USER_NOTIFICATIONS_COLUMNS)
+const videoPlaylistsSortValidator = checkSort(SORTABLE_VIDEO_PLAYLISTS_COLUMNS)
 
 // ---------------------------------------------------------------------------
 
@@ -53,9 +57,11 @@ export {
   followingSortValidator,
   jobsSortValidator,
   videoCommentThreadsSortValidator,
+  videoRatesSortValidator,
   userSubscriptionsSortValidator,
   videoChannelsSearchSortValidator,
   accountsBlocklistSortValidator,
   serversBlocklistSortValidator,
-  userNotificationsSortValidator
+  userNotificationsSortValidator,
+  videoPlaylistsSortValidator
 }
diff --git a/server/middlewares/validators/user-notifications.ts b/server/middlewares/validators/user-notifications.ts
index 46486e081..3ded8d8cf 100644
--- a/server/middlewares/validators/user-notifications.ts
+++ b/server/middlewares/validators/user-notifications.ts
@@ -28,8 +28,22 @@ const updateNotificationSettingsValidator = [
     .custom(isUserNotificationSettingValid).withMessage('Should have a valid new comment on my video notification setting'),
   body('videoAbuseAsModerator')
     .custom(isUserNotificationSettingValid).withMessage('Should have a valid new video abuse as moderator notification setting'),
+  body('videoAutoBlacklistAsModerator')
+    .custom(isUserNotificationSettingValid).withMessage('Should have a valid video auto blacklist notification setting'),
   body('blacklistOnMyVideo')
     .custom(isUserNotificationSettingValid).withMessage('Should have a valid new blacklist on my video notification setting'),
+  body('myVideoImportFinished')
+    .custom(isUserNotificationSettingValid).withMessage('Should have a valid video import finished video notification setting'),
+  body('myVideoPublished')
+    .custom(isUserNotificationSettingValid).withMessage('Should have a valid video published notification setting'),
+  body('commentMention')
+    .custom(isUserNotificationSettingValid).withMessage('Should have a valid comment mention notification setting'),
+  body('newFollow')
+    .custom(isUserNotificationSettingValid).withMessage('Should have a valid new follow notification setting'),
+  body('newUserRegistration')
+    .custom(isUserNotificationSettingValid).withMessage('Should have a valid new user registration notification setting'),
+  body('newInstanceFollower')
+    .custom(isUserNotificationSettingValid).withMessage('Should have a valid new instance follower notification setting'),
 
   (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking updateNotificationSettingsValidator parameters', { parameters: req.body })
diff --git a/server/middlewares/validators/user-subscriptions.ts b/server/middlewares/validators/user-subscriptions.ts
index c5f8d9d4c..2356745d7 100644
--- a/server/middlewares/validators/user-subscriptions.ts
+++ b/server/middlewares/validators/user-subscriptions.ts
@@ -5,9 +5,8 @@ import { logger } from '../../helpers/logger'
 import { areValidationErrors } from './utils'
 import { ActorFollowModel } from '../../models/activitypub/actor-follow'
 import { areValidActorHandles, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor'
-import { UserModel } from '../../models/account/user'
-import { CONFIG } from '../../initializers'
 import { toArray } from '../../helpers/custom-validators/misc'
+import { WEBSERVER } from '../../initializers/constants'
 
 const userSubscriptionAddValidator = [
   body('uri').custom(isValidActorHandle).withMessage('Should have a valid URI to follow (username@domain)'),
@@ -44,9 +43,9 @@ const userSubscriptionGetValidator = [
     if (areValidationErrors(req, res)) return
 
     let [ name, host ] = req.params.uri.split('@')
-    if (host === CONFIG.WEBSERVER.HOST) host = null
+    if (host === WEBSERVER.HOST) host = null
 
-    const user: UserModel = res.locals.oauth.token.User
+    const user = res.locals.oauth.token.User
     const subscription = await ActorFollowModel.loadByActorAndTargetNameAndHostForAPI(user.Account.Actor.id, name, host)
 
     if (!subscription || !subscription.ActorFollowing.VideoChannel) {
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 1bb0bfb1b..6d8cd7894 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -5,6 +5,7 @@ import { body, param } from 'express-validator/check'
 import { omit } from 'lodash'
 import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc'
 import {
+  isUserAdminFlagsValid,
   isUserAutoPlayVideoValid,
   isUserBlockedReasonValid,
   isUserDescriptionValid,
@@ -14,9 +15,10 @@ import {
   isUserRoleValid,
   isUserUsernameValid,
   isUserVideoQuotaDailyValid,
-  isUserVideoQuotaValid, isUserVideosHistoryEnabledValid
+  isUserVideoQuotaValid,
+  isUserVideosHistoryEnabledValid
 } from '../../helpers/custom-validators/users'
-import { isVideoExist } from '../../helpers/custom-validators/videos'
+import { doesVideoExist } from '../../helpers/custom-validators/videos'
 import { logger } from '../../helpers/logger'
 import { isSignupAllowed, isSignupAllowedForCurrentIP } from '../../helpers/signup'
 import { Redis } from '../../lib/redis'
@@ -31,6 +33,7 @@ const usersAddValidator = [
   body('videoQuota').custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'),
   body('videoQuotaDaily').custom(isUserVideoQuotaDailyValid).withMessage('Should have a valid daily user quota'),
   body('role').custom(isUserRoleValid).withMessage('Should have a valid role'),
+  body('adminFlags').optional().custom(isUserAdminFlagsValid).withMessage('Should have a valid admin flags'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking usersAdd parameters', { parameters: omit(req.body, 'password') })
@@ -100,7 +103,7 @@ const usersBlockingValidator = [
 
 const deleteMeValidator = [
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    const user: UserModel = res.locals.oauth.token.User
+    const user = res.locals.oauth.token.User
     if (user.username === 'root') {
       return res.status(400)
                 .send({ error: 'You cannot delete your root account.' })
@@ -113,11 +116,13 @@ const deleteMeValidator = [
 
 const usersUpdateValidator = [
   param('id').isInt().not().isEmpty().withMessage('Should have a valid id'),
+  body('password').optional().custom(isUserPasswordValid).withMessage('Should have a valid password'),
   body('email').optional().isEmail().withMessage('Should have a valid email attribute'),
   body('emailVerified').optional().isBoolean().withMessage('Should have a valid email verified attribute'),
   body('videoQuota').optional().custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'),
   body('videoQuotaDaily').optional().custom(isUserVideoQuotaDailyValid).withMessage('Should have a valid daily user quota'),
   body('role').optional().custom(isUserRoleValid).withMessage('Should have a valid role'),
+  body('adminFlags').optional().custom(isUserAdminFlagsValid).withMessage('Should have a valid admin flags'),
 
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     logger.debug('Checking usersUpdate parameters', { parameters: req.body })
@@ -158,8 +163,7 @@ const usersUpdateMeValidator = [
                   .end()
       }
 
-      const user: UserModel = res.locals.oauth.token.User
-
+      const user = res.locals.oauth.token.User
       if (await user.isPasswordMatch(req.body.currentPassword) !== true) {
         return res.status(401)
                   .send({ error: 'currentPassword is invalid.' })
@@ -193,7 +197,7 @@ const usersVideoRatingValidator = [
     logger.debug('Checking usersVideoRating parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res, 'id')) return
+    if (!await doesVideoExist(req.params.videoId, res, 'id')) return
 
     return next()
   }
@@ -233,6 +237,7 @@ const usersAskResetPasswordValidator = [
     logger.debug('Checking usersAskResetPassword parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
+
     const exists = await checkUserEmailExist(req.body.email, res, false)
     if (!exists) {
       logger.debug('User with email %s does not exist (asking reset password).', req.body.email)
@@ -255,7 +260,7 @@ const usersResetPasswordValidator = [
     if (areValidationErrors(req, res)) return
     if (!await checkUserIdExist(req.params.id, res)) return
 
-    const user = res.locals.user as UserModel
+    const user = res.locals.user
     const redisVerificationString = await Redis.Instance.getResetPasswordLink(user.id)
 
     if (redisVerificationString !== req.body.verificationString) {
@@ -297,7 +302,7 @@ const usersVerifyEmailValidator = [
     if (areValidationErrors(req, res)) return
     if (!await checkUserIdExist(req.params.id, res)) return
 
-    const user = res.locals.user as UserModel
+    const user = res.locals.user
     const redisVerificationString = await Redis.Instance.getVerifyEmailLink(user.id)
 
     if (redisVerificationString !== req.body.verificationString) {
@@ -315,6 +320,20 @@ const userAutocompleteValidator = [
   param('search').isString().not().isEmpty().withMessage('Should have a search parameter')
 ]
 
+const ensureAuthUserOwnsAccountValidator = [
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    const user = res.locals.oauth.token.User
+
+    if (res.locals.account.id !== user.Account.id) {
+      return res.status(403)
+                .send({ error: 'Only owner can access ratings list.' })
+                .end()
+    }
+
+    return next()
+  }
+]
+
 // ---------------------------------------------------------------------------
 
 export {
@@ -333,7 +352,8 @@ export {
   usersResetPasswordValidator,
   usersAskSendVerifyEmailValidator,
   usersVerifyEmailValidator,
-  userAutocompleteValidator
+  userAutocompleteValidator,
+  ensureAuthUserOwnsAccountValidator
 }
 
 // ---------------------------------------------------------------------------
diff --git a/server/middlewares/validators/videos/video-abuses.ts b/server/middlewares/validators/videos/video-abuses.ts
index be26ca16a..d1910a992 100644
--- a/server/middlewares/validators/videos/video-abuses.ts
+++ b/server/middlewares/validators/videos/video-abuses.ts
@@ -2,11 +2,11 @@ import * as express from 'express'
 import 'express-validator'
 import { body, param } from 'express-validator/check'
 import { isIdOrUUIDValid, isIdValid } from '../../../helpers/custom-validators/misc'
-import { isVideoExist } from '../../../helpers/custom-validators/videos'
+import { doesVideoExist } from '../../../helpers/custom-validators/videos'
 import { logger } from '../../../helpers/logger'
 import { areValidationErrors } from '../utils'
 import {
-  isVideoAbuseExist,
+  doesVideoAbuseExist,
   isVideoAbuseModerationCommentValid,
   isVideoAbuseReasonValid,
   isVideoAbuseStateValid
@@ -20,7 +20,7 @@ const videoAbuseReportValidator = [
     logger.debug('Checking videoAbuseReport parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
 
     return next()
   }
@@ -34,8 +34,8 @@ const videoAbuseGetValidator = [
     logger.debug('Checking videoAbuseGetValidator parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
-    if (!await isVideoAbuseExist(req.params.id, res.locals.video.id, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoAbuseExist(req.params.id, res.locals.video.id, res)) return
 
     return next()
   }
@@ -55,8 +55,8 @@ const videoAbuseUpdateValidator = [
     logger.debug('Checking videoAbuseUpdateValidator parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
-    if (!await isVideoAbuseExist(req.params.id, res.locals.video.id, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoAbuseExist(req.params.id, res.locals.video.id, res)) return
 
     return next()
   }
diff --git a/server/middlewares/validators/videos/video-blacklist.ts b/server/middlewares/validators/videos/video-blacklist.ts
index 2688f63ae..1d7ddb2e3 100644
--- a/server/middlewares/validators/videos/video-blacklist.ts
+++ b/server/middlewares/validators/videos/video-blacklist.ts
@@ -1,11 +1,14 @@
 import * as express from 'express'
-import { body, param } from 'express-validator/check'
+import { body, param, query } from 'express-validator/check'
 import { isBooleanValid, isIdOrUUIDValid } from '../../../helpers/custom-validators/misc'
-import { isVideoExist } from '../../../helpers/custom-validators/videos'
+import { doesVideoExist } from '../../../helpers/custom-validators/videos'
 import { logger } from '../../../helpers/logger'
 import { areValidationErrors } from '../utils'
-import { isVideoBlacklistExist, isVideoBlacklistReasonValid } from '../../../helpers/custom-validators/video-blacklist'
-import { VideoModel } from '../../../models/video/video'
+import {
+  doesVideoBlacklistExist,
+  isVideoBlacklistReasonValid,
+  isVideoBlacklistTypeValid
+} from '../../../helpers/custom-validators/video-blacklist'
 
 const videosBlacklistRemoveValidator = [
   param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
@@ -14,8 +17,8 @@ const videosBlacklistRemoveValidator = [
     logger.debug('Checking blacklistRemove parameters.', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
-    if (!await isVideoBlacklistExist(res.locals.video.id, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoBlacklistExist(res.locals.video.id, res)) return
 
     return next()
   }
@@ -35,9 +38,9 @@ const videosBlacklistAddValidator = [
     logger.debug('Checking videosBlacklistAdd parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
 
-    const video: VideoModel = res.locals.video
+    const video = res.locals.video
     if (req.body.unfederate === true && video.remote === true) {
       return res
         .status(409)
@@ -59,8 +62,22 @@ const videosBlacklistUpdateValidator = [
     logger.debug('Checking videosBlacklistUpdate parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
-    if (!await isVideoBlacklistExist(res.locals.video.id, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoBlacklistExist(res.locals.video.id, res)) return
+
+    return next()
+  }
+]
+
+const videosBlacklistFiltersValidator = [
+  query('type')
+    .optional()
+    .custom(isVideoBlacklistTypeValid).withMessage('Should have a valid video blacklist type attribute'),
+
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videos blacklist filters query', { parameters: req.query })
+
+    if (areValidationErrors(req, res)) return
 
     return next()
   }
@@ -71,5 +88,6 @@ const videosBlacklistUpdateValidator = [
 export {
   videosBlacklistAddValidator,
   videosBlacklistRemoveValidator,
-  videosBlacklistUpdateValidator
+  videosBlacklistUpdateValidator,
+  videosBlacklistFiltersValidator
 }
diff --git a/server/middlewares/validators/videos/video-captions.ts b/server/middlewares/validators/videos/video-captions.ts
index 63d84fbec..d857ac3ec 100644
--- a/server/middlewares/validators/videos/video-captions.ts
+++ b/server/middlewares/validators/videos/video-captions.ts
@@ -1,12 +1,12 @@
 import * as express from 'express'
 import { areValidationErrors } from '../utils'
-import { checkUserCanManageVideo, isVideoExist } from '../../../helpers/custom-validators/videos'
+import { checkUserCanManageVideo, doesVideoExist } from '../../../helpers/custom-validators/videos'
 import { isIdOrUUIDValid } from '../../../helpers/custom-validators/misc'
 import { body, param } from 'express-validator/check'
-import { CONSTRAINTS_FIELDS } from '../../../initializers'
+import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
 import { UserRight } from '../../../../shared'
 import { logger } from '../../../helpers/logger'
-import { isVideoCaptionExist, isVideoCaptionFile, isVideoCaptionLanguageValid } from '../../../helpers/custom-validators/video-captions'
+import { doesVideoCaptionExist, isVideoCaptionFile, isVideoCaptionLanguageValid } from '../../../helpers/custom-validators/video-captions'
 import { cleanUpReqFiles } from '../../../helpers/express-utils'
 
 const addVideoCaptionValidator = [
@@ -22,7 +22,7 @@ const addVideoCaptionValidator = [
     logger.debug('Checking addVideoCaption parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
-    if (!await isVideoExist(req.params.videoId, res)) return cleanUpReqFiles(req)
+    if (!await doesVideoExist(req.params.videoId, res)) return cleanUpReqFiles(req)
 
     // Check if the user who did the request is able to update the video
     const user = res.locals.oauth.token.User
@@ -40,8 +40,8 @@ const deleteVideoCaptionValidator = [
     logger.debug('Checking deleteVideoCaption parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
-    if (!await isVideoCaptionExist(res.locals.video, req.params.captionLanguage, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoCaptionExist(res.locals.video, req.params.captionLanguage, res)) return
 
     // Check if the user who did the request is able to update the video
     const user = res.locals.oauth.token.User
@@ -58,7 +58,7 @@ const listVideoCaptionsValidator = [
     logger.debug('Checking listVideoCaptions parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res, 'id')) return
+    if (!await doesVideoExist(req.params.videoId, res, 'id')) return
 
     return next()
   }
diff --git a/server/middlewares/validators/videos/video-channels.ts b/server/middlewares/validators/videos/video-channels.ts
index f039794e0..4b26f0bc4 100644
--- a/server/middlewares/validators/videos/video-channels.ts
+++ b/server/middlewares/validators/videos/video-channels.ts
@@ -1,12 +1,11 @@
 import * as express from 'express'
 import { body, param } from 'express-validator/check'
 import { UserRight } from '../../../../shared'
-import { isAccountNameWithHostExist } from '../../../helpers/custom-validators/accounts'
 import {
-  isLocalVideoChannelNameExist,
+  doesLocalVideoChannelNameExist,
+  doesVideoChannelNameWithHostExist,
   isVideoChannelDescriptionValid,
   isVideoChannelNameValid,
-  isVideoChannelNameWithHostExist,
   isVideoChannelSupportValid
 } from '../../../helpers/custom-validators/video-channels'
 import { logger } from '../../../helpers/logger'
@@ -16,19 +15,6 @@ import { areValidationErrors } from '../utils'
 import { isActorPreferredUsernameValid } from '../../../helpers/custom-validators/activitypub/actor'
 import { ActorModel } from '../../../models/activitypub/actor'
 
-const listVideoAccountChannelsValidator = [
-  param('accountName').exists().withMessage('Should have a valid account name'),
-
-  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    logger.debug('Checking listVideoAccountChannelsValidator parameters', { parameters: req.body })
-
-    if (areValidationErrors(req, res)) return
-    if (!await isAccountNameWithHostExist(req.params.accountName, res)) return
-
-    return next()
-  }
-]
-
 const videoChannelsAddValidator = [
   body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'),
   body('displayName').custom(isVideoChannelNameValid).withMessage('Should have a valid display name'),
@@ -62,7 +48,7 @@ const videoChannelsUpdateValidator = [
     logger.debug('Checking videoChannelsUpdate parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
+    if (!await doesVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
 
     // We need to make additional checks
     if (res.locals.videoChannel.Actor.isOwned() === false) {
@@ -88,7 +74,7 @@ const videoChannelsRemoveValidator = [
     logger.debug('Checking videoChannelsRemove parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
+    if (!await doesVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
 
     if (!checkUserCanDeleteVideoChannel(res.locals.oauth.token.User, res.locals.videoChannel, res)) return
     if (!await checkVideoChannelIsNotTheLastOne(res)) return
@@ -105,7 +91,7 @@ const videoChannelsNameWithHostValidator = [
 
     if (areValidationErrors(req, res)) return
 
-    if (!await isVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
+    if (!await doesVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
 
     return next()
   }
@@ -118,7 +104,7 @@ const localVideoChannelValidator = [
     logger.debug('Checking localVideoChannelValidator parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isLocalVideoChannelNameExist(req.params.name, res)) return
+    if (!await doesLocalVideoChannelNameExist(req.params.name, res)) return
 
     return next()
   }
@@ -127,7 +113,6 @@ const localVideoChannelValidator = [
 // ---------------------------------------------------------------------------
 
 export {
-  listVideoAccountChannelsValidator,
   videoChannelsAddValidator,
   videoChannelsUpdateValidator,
   videoChannelsRemoveValidator,
diff --git a/server/middlewares/validators/videos/video-comments.ts b/server/middlewares/validators/videos/video-comments.ts
index 348d33082..ffde208b7 100644
--- a/server/middlewares/validators/videos/video-comments.ts
+++ b/server/middlewares/validators/videos/video-comments.ts
@@ -3,7 +3,7 @@ import { body, param } from 'express-validator/check'
 import { UserRight } from '../../../../shared'
 import { isIdOrUUIDValid, isIdValid } from '../../../helpers/custom-validators/misc'
 import { isValidVideoCommentText } from '../../../helpers/custom-validators/video-comments'
-import { isVideoExist } from '../../../helpers/custom-validators/videos'
+import { doesVideoExist } from '../../../helpers/custom-validators/videos'
 import { logger } from '../../../helpers/logger'
 import { UserModel } from '../../../models/account/user'
 import { VideoModel } from '../../../models/video/video'
@@ -17,7 +17,7 @@ const listVideoCommentThreadsValidator = [
     logger.debug('Checking listVideoCommentThreads parameters.', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res, 'only-video')) return
+    if (!await doesVideoExist(req.params.videoId, res, 'only-video')) return
 
     return next()
   }
@@ -31,8 +31,8 @@ const listVideoThreadCommentsValidator = [
     logger.debug('Checking listVideoThreadComments parameters.', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res, 'only-video')) return
-    if (!await isVideoCommentThreadExist(req.params.threadId, res.locals.video, res)) return
+    if (!await doesVideoExist(req.params.videoId, res, 'only-video')) return
+    if (!await doesVideoCommentThreadExist(req.params.threadId, res.locals.video, res)) return
 
     return next()
   }
@@ -46,7 +46,7 @@ const addVideoCommentThreadValidator = [
     logger.debug('Checking addVideoCommentThread parameters.', { parameters: req.params, body: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
     if (!isVideoCommentsEnabled(res.locals.video, res)) return
 
     return next()
@@ -62,9 +62,9 @@ const addVideoCommentReplyValidator = [
     logger.debug('Checking addVideoCommentReply parameters.', { parameters: req.params, body: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
     if (!isVideoCommentsEnabled(res.locals.video, res)) return
-    if (!await isVideoCommentExist(req.params.commentId, res.locals.video, res)) return
+    if (!await doesVideoCommentExist(req.params.commentId, res.locals.video, res)) return
 
     return next()
   }
@@ -78,8 +78,8 @@ const videoCommentGetValidator = [
     logger.debug('Checking videoCommentGetValidator parameters.', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res, 'id')) return
-    if (!await isVideoCommentExist(req.params.commentId, res.locals.video, res)) return
+    if (!await doesVideoExist(req.params.videoId, res, 'id')) return
+    if (!await doesVideoCommentExist(req.params.commentId, res.locals.video, res)) return
 
     return next()
   }
@@ -93,8 +93,8 @@ const removeVideoCommentValidator = [
     logger.debug('Checking removeVideoCommentValidator parameters.', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
-    if (!await isVideoCommentExist(req.params.commentId, res.locals.video, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoCommentExist(req.params.commentId, res.locals.video, res)) return
 
     // Check if the user who did the request is able to delete the video
     if (!checkUserCanDeleteVideoComment(res.locals.oauth.token.User, res.locals.videoComment, res)) return
@@ -116,7 +116,7 @@ export {
 
 // ---------------------------------------------------------------------------
 
-async function isVideoCommentThreadExist (id: number, video: VideoModel, res: express.Response) {
+async function doesVideoCommentThreadExist (id: number, video: VideoModel, res: express.Response) {
   const videoComment = await VideoCommentModel.loadById(id)
 
   if (!videoComment) {
@@ -147,7 +147,7 @@ async function isVideoCommentThreadExist (id: number, video: VideoModel, res: ex
   return true
 }
 
-async function isVideoCommentExist (id: number, video: VideoModel, res: express.Response) {
+async function doesVideoCommentExist (id: number, video: VideoModel, res: express.Response) {
   const videoComment = await VideoCommentModel.loadByIdAndPopulateVideoAndAccountAndReply(id)
 
   if (!videoComment) {
diff --git a/server/middlewares/validators/videos/video-imports.ts b/server/middlewares/validators/videos/video-imports.ts
index 48d20f904..452084a7c 100644
--- a/server/middlewares/validators/videos/video-imports.ts
+++ b/server/middlewares/validators/videos/video-imports.ts
@@ -3,14 +3,14 @@ import { body } from 'express-validator/check'
 import { isIdValid } from '../../../helpers/custom-validators/misc'
 import { logger } from '../../../helpers/logger'
 import { areValidationErrors } from '../utils'
-import { getCommonVideoAttributes } from './videos'
+import { getCommonVideoEditAttributes } from './videos'
 import { isVideoImportTargetUrlValid, isVideoImportTorrentFile } from '../../../helpers/custom-validators/video-imports'
 import { cleanUpReqFiles } from '../../../helpers/express-utils'
-import { isVideoChannelOfAccountExist, isVideoMagnetUriValid, isVideoNameValid } from '../../../helpers/custom-validators/videos'
-import { CONFIG } from '../../../initializers/constants'
-import { CONSTRAINTS_FIELDS } from '../../../initializers'
+import { doesVideoChannelOfAccountExist, isVideoMagnetUriValid, isVideoNameValid } from '../../../helpers/custom-validators/videos'
+import { CONFIG } from '../../../initializers/config'
+import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
 
-const videoImportAddValidator = getCommonVideoAttributes().concat([
+const videoImportAddValidator = getCommonVideoEditAttributes().concat([
   body('channelId')
     .toInt()
     .custom(isIdValid).withMessage('Should have correct video channel id'),
@@ -51,7 +51,7 @@ const videoImportAddValidator = getCommonVideoAttributes().concat([
                 .end()
     }
 
-    if (!await isVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
+    if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
 
     // Check we have at least 1 required param
     if (!req.body.targetUrl && !req.body.magnetUri && !torrentFile) {
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts
new file mode 100644
index 000000000..2c3f7e542
--- /dev/null
+++ b/server/middlewares/validators/videos/video-playlists.ts
@@ -0,0 +1,408 @@
+import * as express from 'express'
+import { body, param, query, ValidationChain } from 'express-validator/check'
+import { UserRight, VideoPlaylistCreate, VideoPlaylistUpdate } from '../../../../shared'
+import { logger } from '../../../helpers/logger'
+import { UserModel } from '../../../models/account/user'
+import { areValidationErrors } from '../utils'
+import { doesVideoExist, isVideoImage } from '../../../helpers/custom-validators/videos'
+import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
+import { isArrayOf, isIdOrUUIDValid, isIdValid, isUUIDValid, toIntArray, toValueOrNull } from '../../../helpers/custom-validators/misc'
+import {
+  doesVideoPlaylistExist,
+  isVideoPlaylistDescriptionValid,
+  isVideoPlaylistNameValid,
+  isVideoPlaylistPrivacyValid,
+  isVideoPlaylistTimestampValid,
+  isVideoPlaylistTypeValid
+} from '../../../helpers/custom-validators/video-playlists'
+import { VideoPlaylistModel } from '../../../models/video/video-playlist'
+import { cleanUpReqFiles } from '../../../helpers/express-utils'
+import { doesVideoChannelIdExist } from '../../../helpers/custom-validators/video-channels'
+import { VideoPlaylistElementModel } from '../../../models/video/video-playlist-element'
+import { authenticatePromiseIfNeeded } from '../../oauth'
+import { VideoPlaylistPrivacy } from '../../../../shared/models/videos/playlist/video-playlist-privacy.model'
+import { VideoPlaylistType } from '../../../../shared/models/videos/playlist/video-playlist-type.model'
+
+const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoPlaylistsAddValidator parameters', { parameters: req.body })
+
+    if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
+
+    const body: VideoPlaylistCreate = req.body
+    if (body.videoChannelId && !await doesVideoChannelIdExist(body.videoChannelId, res)) return cleanUpReqFiles(req)
+
+    if (body.privacy === VideoPlaylistPrivacy.PUBLIC && !body.videoChannelId) {
+      cleanUpReqFiles(req)
+      return res.status(400)
+                .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' })
+    }
+
+    return next()
+  }
+])
+
+const videoPlaylistsUpdateValidator = getCommonPlaylistEditAttributes().concat([
+  param('playlistId')
+    .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoPlaylistsUpdateValidator parameters', { parameters: req.body })
+
+    if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
+
+    if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return cleanUpReqFiles(req)
+
+    const videoPlaylist = res.locals.videoPlaylist
+
+    if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) {
+      return cleanUpReqFiles(req)
+    }
+
+    const body: VideoPlaylistUpdate = req.body
+
+    if (videoPlaylist.privacy !== VideoPlaylistPrivacy.PRIVATE && body.privacy === VideoPlaylistPrivacy.PRIVATE) {
+      cleanUpReqFiles(req)
+      return res.status(400)
+                .json({ error: 'Cannot set "private" a video playlist that was not private.' })
+    }
+
+    const newPrivacy = body.privacy || videoPlaylist.privacy
+    if (newPrivacy === VideoPlaylistPrivacy.PUBLIC &&
+      (
+        (!videoPlaylist.videoChannelId && !body.videoChannelId) ||
+        body.videoChannelId === null
+      )
+    ) {
+      cleanUpReqFiles(req)
+      return res.status(400)
+                .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' })
+    }
+
+    if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) {
+      cleanUpReqFiles(req)
+      return res.status(400)
+                .json({ error: 'Cannot update a watch later playlist.' })
+    }
+
+    if (body.videoChannelId && !await doesVideoChannelIdExist(body.videoChannelId, res)) return cleanUpReqFiles(req)
+
+    return next()
+  }
+])
+
+const videoPlaylistsDeleteValidator = [
+  param('playlistId')
+    .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoPlaylistsDeleteValidator parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+
+    if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return
+
+    const videoPlaylist = res.locals.videoPlaylist
+    if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) {
+      return res.status(400)
+                .json({ error: 'Cannot delete a watch later playlist.' })
+    }
+
+    if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) {
+      return
+    }
+
+    return next()
+  }
+]
+
+const videoPlaylistsGetValidator = [
+  param('playlistId')
+    .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoPlaylistsGetValidator parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+
+    if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return
+
+    const videoPlaylist = res.locals.videoPlaylist
+
+    // Video is unlisted, check we used the uuid to fetch it
+    if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) {
+      if (isUUIDValid(req.params.playlistId)) return next()
+
+      return res.status(404).end()
+    }
+
+    if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
+      await authenticatePromiseIfNeeded(req, res)
+
+      const user = res.locals.oauth ? res.locals.oauth.token.User : null
+      if (
+        !user ||
+        (videoPlaylist.OwnerAccount.userId !== user.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST))
+      ) {
+        return res.status(403)
+                  .json({ error: 'Cannot get this private video playlist.' })
+      }
+
+      return next()
+    }
+
+    return next()
+  }
+]
+
+const videoPlaylistsAddVideoValidator = [
+  param('playlistId')
+    .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+  body('videoId')
+    .custom(isIdOrUUIDValid).withMessage('Should have a valid video id/uuid'),
+  body('startTimestamp')
+    .optional()
+    .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid start timestamp'),
+  body('stopTimestamp')
+    .optional()
+    .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid stop timestamp'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoPlaylistsAddVideoValidator parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+
+    if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
+    if (!await doesVideoExist(req.body.videoId, res, 'only-video')) return
+
+    const videoPlaylist = res.locals.videoPlaylist
+    const video = res.locals.video
+
+    const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id)
+    if (videoPlaylistElement) {
+      res.status(409)
+         .json({ error: 'This video in this playlist already exists' })
+         .end()
+
+      return
+    }
+
+    if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) {
+      return
+    }
+
+    return next()
+  }
+]
+
+const videoPlaylistsUpdateOrRemoveVideoValidator = [
+  param('playlistId')
+    .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+  param('videoId')
+    .custom(isIdOrUUIDValid).withMessage('Should have an video id/uuid'),
+  body('startTimestamp')
+    .optional()
+    .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid start timestamp'),
+  body('stopTimestamp')
+    .optional()
+    .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid stop timestamp'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoPlaylistsRemoveVideoValidator parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+
+    if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
+    if (!await doesVideoExist(req.params.videoId, res, 'id')) return
+
+    const videoPlaylist = res.locals.videoPlaylist
+    const video = res.locals.video
+
+    const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id)
+    if (!videoPlaylistElement) {
+      res.status(404)
+         .json({ error: 'Video playlist element not found' })
+         .end()
+
+      return
+    }
+    res.locals.videoPlaylistElement = videoPlaylistElement
+
+    if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return
+
+    return next()
+  }
+]
+
+const videoPlaylistElementAPGetValidator = [
+  param('playlistId')
+    .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+  param('videoId')
+    .custom(isIdOrUUIDValid).withMessage('Should have an video id/uuid'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoPlaylistElementAPGetValidator parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+
+    const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideoForAP(req.params.playlistId, req.params.videoId)
+    if (!videoPlaylistElement) {
+      res.status(404)
+         .json({ error: 'Video playlist element not found' })
+         .end()
+
+      return
+    }
+
+    if (videoPlaylistElement.VideoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
+      return res.status(403).end()
+    }
+
+    res.locals.videoPlaylistElement = videoPlaylistElement
+
+    return next()
+  }
+]
+
+const videoPlaylistsReorderVideosValidator = [
+  param('playlistId')
+    .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
+  body('startPosition')
+    .isInt({ min: 1 }).withMessage('Should have a valid start position'),
+  body('insertAfterPosition')
+    .isInt({ min: 0 }).withMessage('Should have a valid insert after position'),
+  body('reorderLength')
+    .optional()
+    .isInt({ min: 1 }).withMessage('Should have a valid range length'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking videoPlaylistsReorderVideosValidator parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+
+    if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
+
+    const videoPlaylist = res.locals.videoPlaylist
+    if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return
+
+    const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id)
+    const startPosition: number = req.body.startPosition
+    const insertAfterPosition: number = req.body.insertAfterPosition
+    const reorderLength: number = req.body.reorderLength
+
+    if (startPosition >= nextPosition || insertAfterPosition >= nextPosition) {
+      res.status(400)
+         .json({ error: `Start position or insert after position exceed the playlist limits (max: ${nextPosition - 1})` })
+         .end()
+
+      return
+    }
+
+    if (reorderLength && reorderLength + startPosition > nextPosition) {
+      res.status(400)
+         .json({ error: `Reorder length with this start position exceeds the playlist limits (max: ${nextPosition - startPosition})` })
+         .end()
+
+      return
+    }
+
+    return next()
+  }
+]
+
+const commonVideoPlaylistFiltersValidator = [
+  query('playlistType')
+    .optional()
+    .custom(isVideoPlaylistTypeValid).withMessage('Should have a valid playlist type'),
+
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking commonVideoPlaylistFiltersValidator parameters', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+
+    return next()
+  }
+]
+
+const doVideosInPlaylistExistValidator = [
+  query('videoIds')
+    .customSanitizer(toIntArray)
+    .custom(v => isArrayOf(v, isIdValid)).withMessage('Should have a valid video ids array'),
+
+  (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking areVideosInPlaylistExistValidator parameters', { parameters: req.query })
+
+    if (areValidationErrors(req, res)) return
+
+    return next()
+  }
+]
+
+// ---------------------------------------------------------------------------
+
+export {
+  videoPlaylistsAddValidator,
+  videoPlaylistsUpdateValidator,
+  videoPlaylistsDeleteValidator,
+  videoPlaylistsGetValidator,
+
+  videoPlaylistsAddVideoValidator,
+  videoPlaylistsUpdateOrRemoveVideoValidator,
+  videoPlaylistsReorderVideosValidator,
+
+  videoPlaylistElementAPGetValidator,
+
+  commonVideoPlaylistFiltersValidator,
+
+  doVideosInPlaylistExistValidator
+}
+
+// ---------------------------------------------------------------------------
+
+function getCommonPlaylistEditAttributes () {
+  return [
+    body('thumbnailfile')
+      .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage(
+      'This thumbnail file is not supported or too large. Please, make sure it is of the following type: '
+      + CONSTRAINTS_FIELDS.VIDEO_PLAYLISTS.IMAGE.EXTNAME.join(', ')
+    ),
+
+    body('displayName')
+      .custom(isVideoPlaylistNameValid).withMessage('Should have a valid display name'),
+    body('description')
+      .optional()
+      .customSanitizer(toValueOrNull)
+      .custom(isVideoPlaylistDescriptionValid).withMessage('Should have a valid description'),
+    body('privacy')
+      .optional()
+      .toInt()
+      .custom(isVideoPlaylistPrivacyValid).withMessage('Should have correct playlist privacy'),
+    body('videoChannelId')
+      .optional()
+      .customSanitizer(toValueOrNull)
+      .toInt()
+  ] as (ValidationChain | express.Handler)[]
+}
+
+function checkUserCanManageVideoPlaylist (user: UserModel, videoPlaylist: VideoPlaylistModel, right: UserRight, res: express.Response) {
+  if (videoPlaylist.isOwned() === false) {
+    res.status(403)
+       .json({ error: 'Cannot manage video playlist of another server.' })
+       .end()
+
+    return false
+  }
+
+  // Check if the user can manage the video playlist
+  // The user can delete it if s/he is an admin
+  // Or if s/he is the video playlist's owner
+  if (user.hasRight(right) === false && videoPlaylist.ownerAccountId !== user.Account.id) {
+    res.status(403)
+       .json({ error: 'Cannot manage video playlist of another user' })
+       .end()
+
+    return false
+  }
+
+  return true
+}
diff --git a/server/middlewares/validators/videos/video-rates.ts b/server/middlewares/validators/videos/video-rates.ts
index 793354520..204b4a78d 100644
--- a/server/middlewares/validators/videos/video-rates.ts
+++ b/server/middlewares/validators/videos/video-rates.ts
@@ -1,8 +1,9 @@
 import * as express from 'express'
 import 'express-validator'
-import { body, param } from 'express-validator/check'
-import { isIdOrUUIDValid, isIdValid } from '../../../helpers/custom-validators/misc'
-import { isVideoExist, isVideoRatingTypeValid } from '../../../helpers/custom-validators/videos'
+import { body, param, query } from 'express-validator/check'
+import { isIdOrUUIDValid } from '../../../helpers/custom-validators/misc'
+import { isRatingValid } from '../../../helpers/custom-validators/video-rates'
+import { doesVideoExist, isVideoRatingTypeValid } from '../../../helpers/custom-validators/videos'
 import { logger } from '../../../helpers/logger'
 import { areValidationErrors } from '../utils'
 import { AccountVideoRateModel } from '../../../models/account/account-video-rate'
@@ -17,7 +18,7 @@ const videoUpdateRateValidator = [
     logger.debug('Checking videoRate parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.id, res)) return
+    if (!await doesVideoExist(req.params.id, res)) return
 
     return next()
   }
@@ -47,9 +48,22 @@ const getAccountVideoRateValidator = function (rateType: VideoRateType) {
   ]
 }
 
+const videoRatingValidator = [
+  query('rating').optional().custom(isRatingValid).withMessage('Value must be one of "like" or "dislike"'),
+
+  async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    logger.debug('Checking rating parameter', { parameters: req.params })
+
+    if (areValidationErrors(req, res)) return
+
+    return next()
+  }
+]
+
 // ---------------------------------------------------------------------------
 
 export {
   videoUpdateRateValidator,
-  getAccountVideoRateValidator
+  getAccountVideoRateValidator,
+  videoRatingValidator
 }
diff --git a/server/middlewares/validators/videos/video-shares.ts b/server/middlewares/validators/videos/video-shares.ts
index 646d7acb1..d5cbdb03e 100644
--- a/server/middlewares/validators/videos/video-shares.ts
+++ b/server/middlewares/validators/videos/video-shares.ts
@@ -2,11 +2,10 @@ import * as express from 'express'
 import 'express-validator'
 import { param } from 'express-validator/check'
 import { isIdOrUUIDValid, isIdValid } from '../../../helpers/custom-validators/misc'
-import { isVideoExist } from '../../../helpers/custom-validators/videos'
+import { doesVideoExist } from '../../../helpers/custom-validators/videos'
 import { logger } from '../../../helpers/logger'
 import { VideoShareModel } from '../../../models/video/video-share'
 import { areValidationErrors } from '../utils'
-import { VideoModel } from '../../../models/video/video'
 
 const videosShareValidator = [
   param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
@@ -16,9 +15,9 @@ const videosShareValidator = [
     logger.debug('Checking videoShare parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.id, res)) return
+    if (!await doesVideoExist(req.params.id, res)) return
 
-    const video: VideoModel = res.locals.video
+    const video = res.locals.video
 
     const share = await VideoShareModel.load(req.params.actorId, video.id)
     if (!share) {
diff --git a/server/middlewares/validators/videos/video-watch.ts b/server/middlewares/validators/videos/video-watch.ts
index c38ad8a10..a3a800d14 100644
--- a/server/middlewares/validators/videos/video-watch.ts
+++ b/server/middlewares/validators/videos/video-watch.ts
@@ -1,10 +1,9 @@
 import { body, param } from 'express-validator/check'
 import * as express from 'express'
 import { isIdOrUUIDValid } from '../../../helpers/custom-validators/misc'
-import { isVideoExist } from '../../../helpers/custom-validators/videos'
+import { doesVideoExist } from '../../../helpers/custom-validators/videos'
 import { areValidationErrors } from '../utils'
 import { logger } from '../../../helpers/logger'
-import { UserModel } from '../../../models/account/user'
 
 const videoWatchingValidator = [
   param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
@@ -16,9 +15,9 @@ const videoWatchingValidator = [
     logger.debug('Checking videoWatching parameters', { parameters: req.body })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res, 'id')) return
+    if (!await doesVideoExist(req.params.videoId, res, 'id')) return
 
-    const user = res.locals.oauth.token.User as UserModel
+    const user = res.locals.oauth.token.User
     if (user.videosHistoryEnabled === false) {
       logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id)
       return res.status(409).end()
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index 051a19e16..2b01f108d 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -14,38 +14,38 @@ import {
 } from '../../../helpers/custom-validators/misc'
 import {
   checkUserCanManageVideo,
+  doesVideoChannelOfAccountExist,
+  doesVideoExist,
   isScheduleVideoUpdatePrivacyValid,
   isVideoCategoryValid,
-  isVideoChannelOfAccountExist,
   isVideoDescriptionValid,
-  isVideoExist,
   isVideoFile,
   isVideoFilterValid,
   isVideoImage,
   isVideoLanguageValid,
   isVideoLicenceValid,
   isVideoNameValid,
+  isVideoOriginallyPublishedAtValid,
   isVideoPrivacyValid,
   isVideoSupportValid,
   isVideoTagsValid
 } from '../../../helpers/custom-validators/videos'
 import { getDurationFromVideoFile } from '../../../helpers/ffmpeg-utils'
 import { logger } from '../../../helpers/logger'
-import { CONFIG, CONSTRAINTS_FIELDS } from '../../../initializers'
+import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
 import { authenticatePromiseIfNeeded } from '../../oauth'
 import { areValidationErrors } from '../utils'
 import { cleanUpReqFiles } from '../../../helpers/express-utils'
 import { VideoModel } from '../../../models/video/video'
-import { UserModel } from '../../../models/account/user'
 import { checkUserCanTerminateOwnershipChange, doesChangeVideoOwnershipExist } from '../../../helpers/custom-validators/video-ownership'
 import { VideoChangeOwnershipAccept } from '../../../../shared/models/videos/video-change-ownership-accept.model'
-import { VideoChangeOwnershipModel } from '../../../models/video/video-change-ownership'
 import { AccountModel } from '../../../models/account/account'
 import { VideoFetchType } from '../../../helpers/video'
 import { isNSFWQueryValid, isNumberArray, isStringArray } from '../../../helpers/custom-validators/search'
 import { getServerActor } from '../../../helpers/utils'
+import { CONFIG } from '../../../initializers/config'
 
-const videosAddValidator = getCommonVideoAttributes().concat([
+const videosAddValidator = getCommonVideoEditAttributes().concat([
   body('videofile')
     .custom((value, { req }) => isVideoFile(req.files)).withMessage(
       'This file is not supported or too large. Please, make sure it is of the following type: '
@@ -65,9 +65,10 @@ const videosAddValidator = getCommonVideoAttributes().concat([
     const videoFile: Express.Multer.File = req.files['videofile'][0]
     const user = res.locals.oauth.token.User
 
-    if (!await isVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
+    if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
 
     const isAble = await user.isAbleToUploadVideo(videoFile)
+
     if (isAble === false) {
       res.status(403)
          .json({ error: 'The user video quota is exceeded with this video.' })
@@ -93,7 +94,7 @@ const videosAddValidator = getCommonVideoAttributes().concat([
   }
 ])
 
-const videosUpdateValidator = getCommonVideoAttributes().concat([
+const videosUpdateValidator = getCommonVideoEditAttributes().concat([
   param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'),
   body('name')
     .optional()
@@ -108,7 +109,7 @@ const videosUpdateValidator = getCommonVideoAttributes().concat([
 
     if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
     if (areErrorsInScheduleUpdate(req, res)) return cleanUpReqFiles(req)
-    if (!await isVideoExist(req.params.id, res)) return cleanUpReqFiles(req)
+    if (!await doesVideoExist(req.params.id, res)) return cleanUpReqFiles(req)
 
     const video = res.locals.video
 
@@ -122,14 +123,14 @@ const videosUpdateValidator = getCommonVideoAttributes().concat([
         .json({ error: 'Cannot set "private" a video that was not private.' })
     }
 
-    if (req.body.channelId && !await isVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
+    if (req.body.channelId && !await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
 
     return next()
   }
 ])
 
 async function checkVideoFollowConstraints (req: express.Request, res: express.Response, next: express.NextFunction) {
-  const video: VideoModel = res.locals.video
+  const video = res.locals.video
 
   // Anybody can watch local videos
   if (video.isOwned() === true) return next()
@@ -161,15 +162,15 @@ const videosCustomGetValidator = (fetchType: VideoFetchType) => {
       logger.debug('Checking videosGet parameters', { parameters: req.params })
 
       if (areValidationErrors(req, res)) return
-      if (!await isVideoExist(req.params.id, res, fetchType)) return
+      if (!await doesVideoExist(req.params.id, res, fetchType)) return
 
-      const video: VideoModel = res.locals.video
+      const video = res.locals.video
 
       // Video private or blacklisted
       if (video.privacy === VideoPrivacy.PRIVATE || video.VideoBlacklist) {
         await authenticatePromiseIfNeeded(req, res)
 
-        const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : null
+        const user = res.locals.oauth ? res.locals.oauth.token.User : null
 
         // Only the owner or a user that have blacklist rights can see the video
         if (
@@ -206,7 +207,7 @@ const videosRemoveValidator = [
     logger.debug('Checking videosRemove parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.id, res)) return
+    if (!await doesVideoExist(req.params.id, res)) return
 
     // Check if the user who did the request is able to delete the video
     if (!checkUserCanManageVideo(res.locals.oauth.token.User, res.locals.video, UserRight.REMOVE_ANY_VIDEO, res)) return
@@ -222,7 +223,7 @@ const videosChangeOwnershipValidator = [
     logger.debug('Checking changeOwnership parameters', { parameters: req.params })
 
     if (areValidationErrors(req, res)) return
-    if (!await isVideoExist(req.params.videoId, res)) return
+    if (!await doesVideoExist(req.params.videoId, res)) return
 
     // Check if the user who did the request is able to change the ownership of the video
     if (!checkUserCanManageVideo(res.locals.oauth.token.User, res.locals.video, UserRight.CHANGE_VIDEO_OWNERSHIP, res)) return
@@ -255,7 +256,7 @@ const videosTerminateChangeOwnershipValidator = [
     return next()
   },
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
-    const videoChangeOwnership = res.locals.videoChangeOwnership as VideoChangeOwnershipModel
+    const videoChangeOwnership = res.locals.videoChangeOwnership
 
     if (videoChangeOwnership.status === VideoChangeOwnershipStatus.WAITING) {
       return next()
@@ -271,10 +272,10 @@ const videosTerminateChangeOwnershipValidator = [
 const videosAcceptChangeOwnershipValidator = [
   async (req: express.Request, res: express.Response, next: express.NextFunction) => {
     const body = req.body as VideoChangeOwnershipAccept
-    if (!await isVideoChannelOfAccountExist(body.channelId, res.locals.oauth.token.User, res)) return
+    if (!await doesVideoChannelOfAccountExist(body.channelId, res.locals.oauth.token.User, res)) return
 
     const user = res.locals.oauth.token.User
-    const videoChangeOwnership = res.locals.videoChangeOwnership as VideoChangeOwnershipModel
+    const videoChangeOwnership = res.locals.videoChangeOwnership
     const isAble = await user.isAbleToUploadVideo(videoChangeOwnership.Video.getOriginalFile())
     if (isAble === false) {
       res.status(403)
@@ -287,7 +288,7 @@ const videosAcceptChangeOwnershipValidator = [
   }
 ]
 
-function getCommonVideoAttributes () {
+function getCommonVideoEditAttributes () {
   return [
     body('thumbnailfile')
       .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage(
@@ -340,7 +341,14 @@ function getCommonVideoAttributes () {
       .optional()
       .toBoolean()
       .custom(isBooleanValid).withMessage('Should have comments enabled boolean'),
-
+    body('downloadEnabled')
+      .optional()
+      .toBoolean()
+      .custom(isBooleanValid).withMessage('Should have downloading enabled boolean'),
+    body('originallyPublishedAt')
+        .optional()
+        .customSanitizer(toValueOrNull)
+        .custom(isVideoOriginallyPublishedAtValid).withMessage('Should have a valid original publication date'),
     body('scheduleUpdate')
       .optional()
       .customSanitizer(toValueOrNull),
@@ -387,7 +395,7 @@ const commonVideosFiltersValidator = [
 
     if (areValidationErrors(req, res)) return
 
-    const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : undefined
+    const user = res.locals.oauth ? res.locals.oauth.token.User : undefined
     if (req.query.filter === 'all-local' && (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false)) {
       res.status(401)
          .json({ error: 'You are not allowed to see all local videos.' })
@@ -413,7 +421,7 @@ export {
   videosTerminateChangeOwnershipValidator,
   videosAcceptChangeOwnershipValidator,
 
-  getCommonVideoAttributes,
+  getCommonVideoEditAttributes,
 
   commonVideosFiltersValidator
 }