diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/validators/feeds.ts | 66 |
1 files changed, 41 insertions, 25 deletions
diff --git a/server/middlewares/validators/feeds.ts b/server/middlewares/validators/feeds.ts index 35080ffca..18469bad3 100644 --- a/server/middlewares/validators/feeds.ts +++ b/server/middlewares/validators/feeds.ts | |||
@@ -1,17 +1,17 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import { param, query } from 'express-validator' | 2 | import { param, query } from 'express-validator' |
3 | import { isIdOrUUIDValid, isIdValid } from '../../helpers/custom-validators/misc' | ||
4 | import { logger } from '../../helpers/logger' | ||
5 | import { areValidationErrors } from './utils' | ||
6 | import { isValidRSSFeed } from '../../helpers/custom-validators/feeds' | 3 | import { isValidRSSFeed } from '../../helpers/custom-validators/feeds' |
7 | import { doesVideoExist } from '../../helpers/middlewares/videos' | 4 | import { exists, isIdOrUUIDValid, isIdValid } from '../../helpers/custom-validators/misc' |
5 | import { logger } from '../../helpers/logger' | ||
8 | import { | 6 | import { |
9 | doesAccountIdExist, | 7 | doesAccountIdExist, |
10 | doesAccountNameWithHostExist, | 8 | doesAccountNameWithHostExist, |
9 | doesUserFeedTokenCorrespond, | ||
11 | doesVideoChannelIdExist, | 10 | doesVideoChannelIdExist, |
12 | doesVideoChannelNameWithHostExist, | 11 | doesVideoChannelNameWithHostExist |
13 | doesUserFeedTokenCorrespond | ||
14 | } from '../../helpers/middlewares' | 12 | } from '../../helpers/middlewares' |
13 | import { doesVideoExist } from '../../helpers/middlewares/videos' | ||
14 | import { areValidationErrors } from './utils' | ||
15 | 15 | ||
16 | const feedsFormatValidator = [ | 16 | const feedsFormatValidator = [ |
17 | param('format').optional().custom(isValidRSSFeed).withMessage('Should have a valid format (rss, atom, json)'), | 17 | param('format').optional().custom(isValidRSSFeed).withMessage('Should have a valid format (rss, atom, json)'), |
@@ -35,19 +35,31 @@ function setFeedFormatContentType (req: express.Request, res: express.Response, | |||
35 | if (req.accepts(acceptableContentTypes)) { | 35 | if (req.accepts(acceptableContentTypes)) { |
36 | res.set('Content-Type', req.accepts(acceptableContentTypes) as string) | 36 | res.set('Content-Type', req.accepts(acceptableContentTypes) as string) |
37 | } else { | 37 | } else { |
38 | return res.status(406).send({ | 38 | return res.status(406) |
39 | message: `You should accept at least one of the following content-types: ${acceptableContentTypes.join(', ')}` | 39 | .json({ |
40 | }).end() | 40 | message: `You should accept at least one of the following content-types: ${acceptableContentTypes.join(', ')}` |
41 | }) | ||
41 | } | 42 | } |
42 | 43 | ||
43 | return next() | 44 | return next() |
44 | } | 45 | } |
45 | 46 | ||
46 | const videoFeedsValidator = [ | 47 | const videoFeedsValidator = [ |
47 | query('accountId').optional().custom(isIdValid), | 48 | query('accountId') |
48 | query('accountName').optional(), | 49 | .optional() |
49 | query('videoChannelId').optional().custom(isIdValid), | 50 | .custom(isIdValid) |
50 | query('videoChannelName').optional(), | 51 | .withMessage('Should have a valid account id'), |
52 | |||
53 | query('accountName') | ||
54 | .optional(), | ||
55 | |||
56 | query('videoChannelId') | ||
57 | .optional() | ||
58 | .custom(isIdValid) | ||
59 | .withMessage('Should have a valid channel id'), | ||
60 | |||
61 | query('videoChannelName') | ||
62 | .optional(), | ||
51 | 63 | ||
52 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 64 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
53 | logger.debug('Checking feeds parameters', { parameters: req.query }) | 65 | logger.debug('Checking feeds parameters', { parameters: req.query }) |
@@ -63,19 +75,22 @@ const videoFeedsValidator = [ | |||
63 | } | 75 | } |
64 | ] | 76 | ] |
65 | 77 | ||
66 | const videoSubscriptonFeedsValidator = [ | 78 | const videoSubscriptionFeedsValidator = [ |
67 | query('accountId').custom(isIdValid), | 79 | query('accountId') |
68 | query('token'), | 80 | .custom(isIdValid) |
81 | .withMessage('Should have a valid account id'), | ||
82 | |||
83 | query('token') | ||
84 | .custom(exists) | ||
85 | .withMessage('Should have a token'), | ||
69 | 86 | ||
70 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 87 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
71 | logger.debug('Checking feeds parameters', { parameters: req.query }) | 88 | logger.debug('Checking subscription feeds parameters', { parameters: req.query }) |
72 | 89 | ||
73 | if (areValidationErrors(req, res)) return | 90 | if (areValidationErrors(req, res)) return |
74 | 91 | ||
75 | // a token alone is erroneous | 92 | if (!await doesAccountIdExist(req.query.accountId, res)) return |
76 | if (req.query.token && !req.query.accountId) return | 93 | if (!await doesUserFeedTokenCorrespond(res.locals.account.userId, req.query.token, res)) return |
77 | if (req.query.accountId && !await doesAccountIdExist(req.query.accountId, res)) return | ||
78 | if (req.query.token && !await doesUserFeedTokenCorrespond(res.locals.account.userId, req.query.token, res)) return | ||
79 | 94 | ||
80 | return next() | 95 | return next() |
81 | } | 96 | } |
@@ -90,9 +105,10 @@ const videoCommentsFeedsValidator = [ | |||
90 | if (areValidationErrors(req, res)) return | 105 | if (areValidationErrors(req, res)) return |
91 | 106 | ||
92 | if (req.query.videoId && (req.query.videoChannelId || req.query.videoChannelName)) { | 107 | if (req.query.videoId && (req.query.videoChannelId || req.query.videoChannelName)) { |
93 | return res.status(400).send({ | 108 | return res.status(400) |
94 | message: 'videoId cannot be mixed with a channel filter' | 109 | .json({ |
95 | }).end() | 110 | message: 'videoId cannot be mixed with a channel filter' |
111 | }) | ||
96 | } | 112 | } |
97 | 113 | ||
98 | if (req.query.videoId && !await doesVideoExist(req.query.videoId, res)) return | 114 | if (req.query.videoId && !await doesVideoExist(req.query.videoId, res)) return |
@@ -107,6 +123,6 @@ export { | |||
107 | feedsFormatValidator, | 123 | feedsFormatValidator, |
108 | setFeedFormatContentType, | 124 | setFeedFormatContentType, |
109 | videoFeedsValidator, | 125 | videoFeedsValidator, |
110 | videoSubscriptonFeedsValidator, | 126 | videoSubscriptionFeedsValidator, |
111 | videoCommentsFeedsValidator | 127 | videoCommentsFeedsValidator |
112 | } | 128 | } |