aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/validators/feeds.ts66
1 files changed, 41 insertions, 25 deletions
diff --git a/server/middlewares/validators/feeds.ts b/server/middlewares/validators/feeds.ts
index 35080ffca..18469bad3 100644
--- a/server/middlewares/validators/feeds.ts
+++ b/server/middlewares/validators/feeds.ts
@@ -1,17 +1,17 @@
1import * as express from 'express' 1import * as express from 'express'
2import { param, query } from 'express-validator' 2import { param, query } from 'express-validator'
3import { isIdOrUUIDValid, isIdValid } from '../../helpers/custom-validators/misc'
4import { logger } from '../../helpers/logger'
5import { areValidationErrors } from './utils'
6import { isValidRSSFeed } from '../../helpers/custom-validators/feeds' 3import { isValidRSSFeed } from '../../helpers/custom-validators/feeds'
7import { doesVideoExist } from '../../helpers/middlewares/videos' 4import { exists, isIdOrUUIDValid, isIdValid } from '../../helpers/custom-validators/misc'
5import { logger } from '../../helpers/logger'
8import { 6import {
9 doesAccountIdExist, 7 doesAccountIdExist,
10 doesAccountNameWithHostExist, 8 doesAccountNameWithHostExist,
9 doesUserFeedTokenCorrespond,
11 doesVideoChannelIdExist, 10 doesVideoChannelIdExist,
12 doesVideoChannelNameWithHostExist, 11 doesVideoChannelNameWithHostExist
13 doesUserFeedTokenCorrespond
14} from '../../helpers/middlewares' 12} from '../../helpers/middlewares'
13import { doesVideoExist } from '../../helpers/middlewares/videos'
14import { areValidationErrors } from './utils'
15 15
16const feedsFormatValidator = [ 16const feedsFormatValidator = [
17 param('format').optional().custom(isValidRSSFeed).withMessage('Should have a valid format (rss, atom, json)'), 17 param('format').optional().custom(isValidRSSFeed).withMessage('Should have a valid format (rss, atom, json)'),
@@ -35,19 +35,31 @@ function setFeedFormatContentType (req: express.Request, res: express.Response,
35 if (req.accepts(acceptableContentTypes)) { 35 if (req.accepts(acceptableContentTypes)) {
36 res.set('Content-Type', req.accepts(acceptableContentTypes) as string) 36 res.set('Content-Type', req.accepts(acceptableContentTypes) as string)
37 } else { 37 } else {
38 return res.status(406).send({ 38 return res.status(406)
39 message: `You should accept at least one of the following content-types: ${acceptableContentTypes.join(', ')}` 39 .json({
40 }).end() 40 message: `You should accept at least one of the following content-types: ${acceptableContentTypes.join(', ')}`
41 })
41 } 42 }
42 43
43 return next() 44 return next()
44} 45}
45 46
46const videoFeedsValidator = [ 47const videoFeedsValidator = [
47 query('accountId').optional().custom(isIdValid), 48 query('accountId')
48 query('accountName').optional(), 49 .optional()
49 query('videoChannelId').optional().custom(isIdValid), 50 .custom(isIdValid)
50 query('videoChannelName').optional(), 51 .withMessage('Should have a valid account id'),
52
53 query('accountName')
54 .optional(),
55
56 query('videoChannelId')
57 .optional()
58 .custom(isIdValid)
59 .withMessage('Should have a valid channel id'),
60
61 query('videoChannelName')
62 .optional(),
51 63
52 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 64 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
53 logger.debug('Checking feeds parameters', { parameters: req.query }) 65 logger.debug('Checking feeds parameters', { parameters: req.query })
@@ -63,19 +75,22 @@ const videoFeedsValidator = [
63 } 75 }
64] 76]
65 77
66const videoSubscriptonFeedsValidator = [ 78const videoSubscriptionFeedsValidator = [
67 query('accountId').custom(isIdValid), 79 query('accountId')
68 query('token'), 80 .custom(isIdValid)
81 .withMessage('Should have a valid account id'),
82
83 query('token')
84 .custom(exists)
85 .withMessage('Should have a token'),
69 86
70 async (req: express.Request, res: express.Response, next: express.NextFunction) => { 87 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
71 logger.debug('Checking feeds parameters', { parameters: req.query }) 88 logger.debug('Checking subscription feeds parameters', { parameters: req.query })
72 89
73 if (areValidationErrors(req, res)) return 90 if (areValidationErrors(req, res)) return
74 91
75 // a token alone is erroneous 92 if (!await doesAccountIdExist(req.query.accountId, res)) return
76 if (req.query.token && !req.query.accountId) return 93 if (!await doesUserFeedTokenCorrespond(res.locals.account.userId, req.query.token, res)) return
77 if (req.query.accountId && !await doesAccountIdExist(req.query.accountId, res)) return
78 if (req.query.token && !await doesUserFeedTokenCorrespond(res.locals.account.userId, req.query.token, res)) return
79 94
80 return next() 95 return next()
81 } 96 }
@@ -90,9 +105,10 @@ const videoCommentsFeedsValidator = [
90 if (areValidationErrors(req, res)) return 105 if (areValidationErrors(req, res)) return
91 106
92 if (req.query.videoId && (req.query.videoChannelId || req.query.videoChannelName)) { 107 if (req.query.videoId && (req.query.videoChannelId || req.query.videoChannelName)) {
93 return res.status(400).send({ 108 return res.status(400)
94 message: 'videoId cannot be mixed with a channel filter' 109 .json({
95 }).end() 110 message: 'videoId cannot be mixed with a channel filter'
111 })
96 } 112 }
97 113
98 if (req.query.videoId && !await doesVideoExist(req.query.videoId, res)) return 114 if (req.query.videoId && !await doesVideoExist(req.query.videoId, res)) return
@@ -107,6 +123,6 @@ export {
107 feedsFormatValidator, 123 feedsFormatValidator,
108 setFeedFormatContentType, 124 setFeedFormatContentType,
109 videoFeedsValidator, 125 videoFeedsValidator,
110 videoSubscriptonFeedsValidator, 126 videoSubscriptionFeedsValidator,
111 videoCommentsFeedsValidator 127 videoCommentsFeedsValidator
112} 128}