diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/validators/users.ts | 15 | ||||
-rw-r--r-- | server/middlewares/validators/videos.ts | 24 |
2 files changed, 30 insertions, 9 deletions
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 9db4fff77..90a46752c 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -1,9 +1,12 @@ | |||
1 | import 'express-validator' | 1 | import 'express-validator' |
2 | import * as express from 'express' | 2 | import * as express from 'express' |
3 | import * as Promise from 'bluebird' | ||
4 | import * as validator from 'validator' | ||
3 | 5 | ||
4 | import { database as db } from '../../initializers/database' | 6 | import { database as db } from '../../initializers/database' |
5 | import { checkErrors } from './utils' | 7 | import { checkErrors } from './utils' |
6 | import { logger } from '../../helpers' | 8 | import { logger } from '../../helpers' |
9 | import { VideoInstance } from '../../models' | ||
7 | 10 | ||
8 | function usersAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 11 | function usersAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
9 | req.checkBody('username', 'Should have a valid username').isUserUsernameValid() | 12 | req.checkBody('username', 'Should have a valid username').isUserUsernameValid() |
@@ -59,12 +62,20 @@ function usersUpdateValidator (req: express.Request, res: express.Response, next | |||
59 | } | 62 | } |
60 | 63 | ||
61 | function usersVideoRatingValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 64 | function usersVideoRatingValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
62 | req.checkParams('videoId', 'Should have a valid video id').notEmpty().isUUID(4) | 65 | req.checkParams('videoId', 'Should have a valid video id').notEmpty().isVideoIdOrUUIDValid() |
63 | 66 | ||
64 | logger.debug('Checking usersVideoRating parameters', { parameters: req.params }) | 67 | logger.debug('Checking usersVideoRating parameters', { parameters: req.params }) |
65 | 68 | ||
66 | checkErrors(req, res, function () { | 69 | checkErrors(req, res, function () { |
67 | db.Video.load(req.params.videoId) | 70 | let videoPromise: Promise<VideoInstance> |
71 | |||
72 | if (validator.isUUID(req.params.videoId)) { | ||
73 | videoPromise = db.Video.loadByUUID(req.params.videoId) | ||
74 | } else { | ||
75 | videoPromise = db.Video.load(req.params.videoId) | ||
76 | } | ||
77 | |||
78 | videoPromise | ||
68 | .then(video => { | 79 | .then(video => { |
69 | if (!video) return res.status(404).send('Video not found') | 80 | if (!video) return res.status(404).send('Video not found') |
70 | 81 | ||
diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts index 013466487..0a88e064e 100644 --- a/server/middlewares/validators/videos.ts +++ b/server/middlewares/validators/videos.ts | |||
@@ -1,10 +1,13 @@ | |||
1 | import 'express-validator' | 1 | import 'express-validator' |
2 | import * as express from 'express' | 2 | import * as express from 'express' |
3 | import * as Promise from 'bluebird' | ||
4 | import * as validator from 'validator' | ||
3 | 5 | ||
4 | import { database as db } from '../../initializers/database' | 6 | import { database as db } from '../../initializers/database' |
5 | import { checkErrors } from './utils' | 7 | import { checkErrors } from './utils' |
6 | import { CONSTRAINTS_FIELDS, SEARCHABLE_COLUMNS } from '../../initializers' | 8 | import { CONSTRAINTS_FIELDS, SEARCHABLE_COLUMNS } from '../../initializers' |
7 | import { logger, isVideoDurationValid } from '../../helpers' | 9 | import { logger, isVideoDurationValid } from '../../helpers' |
10 | import { VideoInstance } from '../../models' | ||
8 | 11 | ||
9 | function videosAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 12 | function videosAddValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
10 | // FIXME: Don't write an error message, it seems there is a bug with express-validator | 13 | // FIXME: Don't write an error message, it seems there is a bug with express-validator |
@@ -40,7 +43,7 @@ function videosAddValidator (req: express.Request, res: express.Response, next: | |||
40 | } | 43 | } |
41 | 44 | ||
42 | function videosUpdateValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 45 | function videosUpdateValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
43 | req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4) | 46 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() |
44 | req.checkBody('name', 'Should have a valid name').optional().isVideoNameValid() | 47 | req.checkBody('name', 'Should have a valid name').optional().isVideoNameValid() |
45 | req.checkBody('category', 'Should have a valid category').optional().isVideoCategoryValid() | 48 | req.checkBody('category', 'Should have a valid category').optional().isVideoCategoryValid() |
46 | req.checkBody('licence', 'Should have a valid licence').optional().isVideoLicenceValid() | 49 | req.checkBody('licence', 'Should have a valid licence').optional().isVideoLicenceValid() |
@@ -68,7 +71,7 @@ function videosUpdateValidator (req: express.Request, res: express.Response, nex | |||
68 | } | 71 | } |
69 | 72 | ||
70 | function videosGetValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 73 | function videosGetValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
71 | req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4) | 74 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() |
72 | 75 | ||
73 | logger.debug('Checking videosGet parameters', { parameters: req.params }) | 76 | logger.debug('Checking videosGet parameters', { parameters: req.params }) |
74 | 77 | ||
@@ -78,7 +81,7 @@ function videosGetValidator (req: express.Request, res: express.Response, next: | |||
78 | } | 81 | } |
79 | 82 | ||
80 | function videosRemoveValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 83 | function videosRemoveValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
81 | req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4) | 84 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() |
82 | 85 | ||
83 | logger.debug('Checking videosRemove parameters', { parameters: req.params }) | 86 | logger.debug('Checking videosRemove parameters', { parameters: req.params }) |
84 | 87 | ||
@@ -105,7 +108,7 @@ function videosSearchValidator (req: express.Request, res: express.Response, nex | |||
105 | } | 108 | } |
106 | 109 | ||
107 | function videoAbuseReportValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 110 | function videoAbuseReportValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
108 | req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4) | 111 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() |
109 | req.checkBody('reason', 'Should have a valid reason').isVideoAbuseReasonValid() | 112 | req.checkBody('reason', 'Should have a valid reason').isVideoAbuseReasonValid() |
110 | 113 | ||
111 | logger.debug('Checking videoAbuseReport parameters', { parameters: req.body }) | 114 | logger.debug('Checking videoAbuseReport parameters', { parameters: req.body }) |
@@ -116,7 +119,7 @@ function videoAbuseReportValidator (req: express.Request, res: express.Response, | |||
116 | } | 119 | } |
117 | 120 | ||
118 | function videoRateValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 121 | function videoRateValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
119 | req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4) | 122 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() |
120 | req.checkBody('rating', 'Should have a valid rate type').isVideoRatingTypeValid() | 123 | req.checkBody('rating', 'Should have a valid rate type').isVideoRatingTypeValid() |
121 | 124 | ||
122 | logger.debug('Checking videoRate parameters', { parameters: req.body }) | 125 | logger.debug('Checking videoRate parameters', { parameters: req.body }) |
@@ -127,7 +130,7 @@ function videoRateValidator (req: express.Request, res: express.Response, next: | |||
127 | } | 130 | } |
128 | 131 | ||
129 | function videosBlacklistValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 132 | function videosBlacklistValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
130 | req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4) | 133 | req.checkParams('id', 'Should have a valid id').notEmpty().isVideoIdOrUUIDValid() |
131 | 134 | ||
132 | logger.debug('Checking videosBlacklist parameters', { parameters: req.params }) | 135 | logger.debug('Checking videosBlacklist parameters', { parameters: req.params }) |
133 | 136 | ||
@@ -157,7 +160,14 @@ export { | |||
157 | // --------------------------------------------------------------------------- | 160 | // --------------------------------------------------------------------------- |
158 | 161 | ||
159 | function checkVideoExists (id: string, res: express.Response, callback: () => void) { | 162 | function checkVideoExists (id: string, res: express.Response, callback: () => void) { |
160 | db.Video.loadAndPopulateAuthorAndPodAndTags(id).then(video => { | 163 | let promise: Promise<VideoInstance> |
164 | if (validator.isInt(id)) { | ||
165 | promise = db.Video.loadAndPopulateAuthorAndPodAndTags(+id) | ||
166 | } else { // UUID | ||
167 | promise = db.Video.loadByUUIDAndPopulateAuthorAndPodAndTags(id) | ||
168 | } | ||
169 | |||
170 | promise.then(video => { | ||
161 | if (!video) return res.status(404).send('Video not found') | 171 | if (!video) return res.status(404).send('Video not found') |
162 | 172 | ||
163 | res.locals.video = video | 173 | res.locals.video = video |