diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/validators/abuse.ts | 277 | ||||
-rw-r--r-- | server/middlewares/validators/index.ts | 1 | ||||
-rw-r--r-- | server/middlewares/validators/sort.ts | 6 | ||||
-rw-r--r-- | server/middlewares/validators/user-notifications.ts | 4 | ||||
-rw-r--r-- | server/middlewares/validators/videos/index.ts | 1 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-abuses.ts | 135 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-comments.ts | 70 |
7 files changed, 291 insertions, 203 deletions
diff --git a/server/middlewares/validators/abuse.ts b/server/middlewares/validators/abuse.ts new file mode 100644 index 000000000..966d1f7fb --- /dev/null +++ b/server/middlewares/validators/abuse.ts | |||
@@ -0,0 +1,277 @@ | |||
1 | import * as express from 'express' | ||
2 | import { body, param, query } from 'express-validator' | ||
3 | import { | ||
4 | isAbuseFilterValid, | ||
5 | isAbuseModerationCommentValid, | ||
6 | isAbusePredefinedReasonsValid, | ||
7 | isAbusePredefinedReasonValid, | ||
8 | isAbuseReasonValid, | ||
9 | isAbuseStateValid, | ||
10 | isAbuseTimestampCoherent, | ||
11 | isAbuseTimestampValid, | ||
12 | isAbuseVideoIsValid | ||
13 | } from '@server/helpers/custom-validators/abuses' | ||
14 | import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '@server/helpers/custom-validators/misc' | ||
15 | import { doesCommentIdExist } from '@server/helpers/custom-validators/video-comments' | ||
16 | import { logger } from '@server/helpers/logger' | ||
17 | import { doesAbuseExist, doesAccountIdExist, doesVideoAbuseExist, doesVideoExist } from '@server/helpers/middlewares' | ||
18 | import { AbuseCreate } from '@shared/models' | ||
19 | import { areValidationErrors } from './utils' | ||
20 | |||
21 | const abuseReportValidator = [ | ||
22 | body('account.id') | ||
23 | .optional() | ||
24 | .custom(isIdValid) | ||
25 | .withMessage('Should have a valid accountId'), | ||
26 | |||
27 | body('video.id') | ||
28 | .optional() | ||
29 | .custom(isIdOrUUIDValid) | ||
30 | .withMessage('Should have a valid videoId'), | ||
31 | body('video.startAt') | ||
32 | .optional() | ||
33 | .customSanitizer(toIntOrNull) | ||
34 | .custom(isAbuseTimestampValid) | ||
35 | .withMessage('Should have valid starting time value'), | ||
36 | body('video.endAt') | ||
37 | .optional() | ||
38 | .customSanitizer(toIntOrNull) | ||
39 | .custom(isAbuseTimestampValid) | ||
40 | .withMessage('Should have valid ending time value') | ||
41 | .bail() | ||
42 | .custom(isAbuseTimestampCoherent) | ||
43 | .withMessage('Should have a startAt timestamp beginning before endAt'), | ||
44 | |||
45 | body('comment.id') | ||
46 | .optional() | ||
47 | .custom(isIdValid) | ||
48 | .withMessage('Should have a valid commentId'), | ||
49 | |||
50 | body('reason') | ||
51 | .custom(isAbuseReasonValid) | ||
52 | .withMessage('Should have a valid reason'), | ||
53 | |||
54 | body('predefinedReasons') | ||
55 | .optional() | ||
56 | .custom(isAbusePredefinedReasonsValid) | ||
57 | .withMessage('Should have a valid list of predefined reasons'), | ||
58 | |||
59 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
60 | logger.debug('Checking abuseReport parameters', { parameters: req.body }) | ||
61 | |||
62 | if (areValidationErrors(req, res)) return | ||
63 | |||
64 | const body: AbuseCreate = req.body | ||
65 | |||
66 | if (body.video?.id && !await doesVideoExist(body.video.id, res)) return | ||
67 | if (body.account?.id && !await doesAccountIdExist(body.account.id, res)) return | ||
68 | if (body.comment?.id && !await doesCommentIdExist(body.comment.id, res)) return | ||
69 | |||
70 | if (!body.video?.id && !body.account?.id && !body.comment?.id) { | ||
71 | res.status(400) | ||
72 | .json({ error: 'video id or account id or comment id is required.' }) | ||
73 | |||
74 | return | ||
75 | } | ||
76 | |||
77 | return next() | ||
78 | } | ||
79 | ] | ||
80 | |||
81 | const abuseGetValidator = [ | ||
82 | param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'), | ||
83 | |||
84 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
85 | logger.debug('Checking abuseGetValidator parameters', { parameters: req.body }) | ||
86 | |||
87 | if (areValidationErrors(req, res)) return | ||
88 | if (!await doesAbuseExist(req.params.id, res)) return | ||
89 | |||
90 | return next() | ||
91 | } | ||
92 | ] | ||
93 | |||
94 | const abuseUpdateValidator = [ | ||
95 | param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'), | ||
96 | |||
97 | body('state') | ||
98 | .optional() | ||
99 | .custom(isAbuseStateValid).withMessage('Should have a valid abuse state'), | ||
100 | body('moderationComment') | ||
101 | .optional() | ||
102 | .custom(isAbuseModerationCommentValid).withMessage('Should have a valid moderation comment'), | ||
103 | |||
104 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
105 | logger.debug('Checking abuseUpdateValidator parameters', { parameters: req.body }) | ||
106 | |||
107 | if (areValidationErrors(req, res)) return | ||
108 | if (!await doesAbuseExist(req.params.id, res)) return | ||
109 | |||
110 | return next() | ||
111 | } | ||
112 | ] | ||
113 | |||
114 | const abuseListValidator = [ | ||
115 | query('id') | ||
116 | .optional() | ||
117 | .custom(isIdValid).withMessage('Should have a valid id'), | ||
118 | query('filter') | ||
119 | .optional() | ||
120 | .custom(isAbuseFilterValid) | ||
121 | .withMessage('Should have a valid filter'), | ||
122 | query('predefinedReason') | ||
123 | .optional() | ||
124 | .custom(isAbusePredefinedReasonValid) | ||
125 | .withMessage('Should have a valid predefinedReason'), | ||
126 | query('search') | ||
127 | .optional() | ||
128 | .custom(exists).withMessage('Should have a valid search'), | ||
129 | query('state') | ||
130 | .optional() | ||
131 | .custom(isAbuseStateValid).withMessage('Should have a valid abuse state'), | ||
132 | query('videoIs') | ||
133 | .optional() | ||
134 | .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'), | ||
135 | query('searchReporter') | ||
136 | .optional() | ||
137 | .custom(exists).withMessage('Should have a valid reporter search'), | ||
138 | query('searchReportee') | ||
139 | .optional() | ||
140 | .custom(exists).withMessage('Should have a valid reportee search'), | ||
141 | query('searchVideo') | ||
142 | .optional() | ||
143 | .custom(exists).withMessage('Should have a valid video search'), | ||
144 | query('searchVideoChannel') | ||
145 | .optional() | ||
146 | .custom(exists).withMessage('Should have a valid video channel search'), | ||
147 | |||
148 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
149 | logger.debug('Checking abuseListValidator parameters', { parameters: req.body }) | ||
150 | |||
151 | if (areValidationErrors(req, res)) return | ||
152 | |||
153 | return next() | ||
154 | } | ||
155 | ] | ||
156 | |||
157 | // FIXME: deprecated in 2.3. Remove these validators | ||
158 | |||
159 | const videoAbuseReportValidator = [ | ||
160 | param('videoId') | ||
161 | .custom(isIdOrUUIDValid) | ||
162 | .not() | ||
163 | .isEmpty() | ||
164 | .withMessage('Should have a valid videoId'), | ||
165 | body('reason') | ||
166 | .custom(isAbuseReasonValid) | ||
167 | .withMessage('Should have a valid reason'), | ||
168 | body('predefinedReasons') | ||
169 | .optional() | ||
170 | .custom(isAbusePredefinedReasonsValid) | ||
171 | .withMessage('Should have a valid list of predefined reasons'), | ||
172 | body('startAt') | ||
173 | .optional() | ||
174 | .customSanitizer(toIntOrNull) | ||
175 | .custom(isAbuseTimestampValid) | ||
176 | .withMessage('Should have valid starting time value'), | ||
177 | body('endAt') | ||
178 | .optional() | ||
179 | .customSanitizer(toIntOrNull) | ||
180 | .custom(isAbuseTimestampValid) | ||
181 | .withMessage('Should have valid ending time value'), | ||
182 | |||
183 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
184 | logger.debug('Checking videoAbuseReport parameters', { parameters: req.body }) | ||
185 | |||
186 | if (areValidationErrors(req, res)) return | ||
187 | if (!await doesVideoExist(req.params.videoId, res)) return | ||
188 | |||
189 | return next() | ||
190 | } | ||
191 | ] | ||
192 | |||
193 | const videoAbuseGetValidator = [ | ||
194 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | ||
195 | param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'), | ||
196 | |||
197 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
198 | logger.debug('Checking videoAbuseGetValidator parameters', { parameters: req.body }) | ||
199 | |||
200 | if (areValidationErrors(req, res)) return | ||
201 | if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return | ||
202 | |||
203 | return next() | ||
204 | } | ||
205 | ] | ||
206 | |||
207 | const videoAbuseUpdateValidator = [ | ||
208 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | ||
209 | param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'), | ||
210 | body('state') | ||
211 | .optional() | ||
212 | .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'), | ||
213 | body('moderationComment') | ||
214 | .optional() | ||
215 | .custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'), | ||
216 | |||
217 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
218 | logger.debug('Checking videoAbuseUpdateValidator parameters', { parameters: req.body }) | ||
219 | |||
220 | if (areValidationErrors(req, res)) return | ||
221 | if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return | ||
222 | |||
223 | return next() | ||
224 | } | ||
225 | ] | ||
226 | |||
227 | const videoAbuseListValidator = [ | ||
228 | query('id') | ||
229 | .optional() | ||
230 | .custom(isIdValid).withMessage('Should have a valid id'), | ||
231 | query('predefinedReason') | ||
232 | .optional() | ||
233 | .custom(isAbusePredefinedReasonValid) | ||
234 | .withMessage('Should have a valid predefinedReason'), | ||
235 | query('search') | ||
236 | .optional() | ||
237 | .custom(exists).withMessage('Should have a valid search'), | ||
238 | query('state') | ||
239 | .optional() | ||
240 | .custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'), | ||
241 | query('videoIs') | ||
242 | .optional() | ||
243 | .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'), | ||
244 | query('searchReporter') | ||
245 | .optional() | ||
246 | .custom(exists).withMessage('Should have a valid reporter search'), | ||
247 | query('searchReportee') | ||
248 | .optional() | ||
249 | .custom(exists).withMessage('Should have a valid reportee search'), | ||
250 | query('searchVideo') | ||
251 | .optional() | ||
252 | .custom(exists).withMessage('Should have a valid video search'), | ||
253 | query('searchVideoChannel') | ||
254 | .optional() | ||
255 | .custom(exists).withMessage('Should have a valid video channel search'), | ||
256 | |||
257 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
258 | logger.debug('Checking videoAbuseListValidator parameters', { parameters: req.body }) | ||
259 | |||
260 | if (areValidationErrors(req, res)) return | ||
261 | |||
262 | return next() | ||
263 | } | ||
264 | ] | ||
265 | |||
266 | // --------------------------------------------------------------------------- | ||
267 | |||
268 | export { | ||
269 | abuseListValidator, | ||
270 | abuseReportValidator, | ||
271 | abuseGetValidator, | ||
272 | abuseUpdateValidator, | ||
273 | videoAbuseReportValidator, | ||
274 | videoAbuseGetValidator, | ||
275 | videoAbuseUpdateValidator, | ||
276 | videoAbuseListValidator | ||
277 | } | ||
diff --git a/server/middlewares/validators/index.ts b/server/middlewares/validators/index.ts index 65dd00335..4086d77aa 100644 --- a/server/middlewares/validators/index.ts +++ b/server/middlewares/validators/index.ts | |||
@@ -1,3 +1,4 @@ | |||
1 | export * from './abuse' | ||
1 | export * from './account' | 2 | export * from './account' |
2 | export * from './blocklist' | 3 | export * from './blocklist' |
3 | export * from './oembed' | 4 | export * from './oembed' |
diff --git a/server/middlewares/validators/sort.ts b/server/middlewares/validators/sort.ts index b76dab722..29aba0436 100644 --- a/server/middlewares/validators/sort.ts +++ b/server/middlewares/validators/sort.ts | |||
@@ -5,7 +5,7 @@ import { checkSort, createSortableColumns } from './utils' | |||
5 | const SORTABLE_USERS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.USERS) | 5 | const SORTABLE_USERS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.USERS) |
6 | const SORTABLE_ACCOUNTS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.ACCOUNTS) | 6 | const SORTABLE_ACCOUNTS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.ACCOUNTS) |
7 | const SORTABLE_JOBS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.JOBS) | 7 | const SORTABLE_JOBS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.JOBS) |
8 | const SORTABLE_VIDEO_ABUSES_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_ABUSES) | 8 | const SORTABLE_ABUSES_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.ABUSES) |
9 | const SORTABLE_VIDEOS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEOS) | 9 | const SORTABLE_VIDEOS_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEOS) |
10 | const SORTABLE_VIDEOS_SEARCH_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEOS_SEARCH) | 10 | const SORTABLE_VIDEOS_SEARCH_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEOS_SEARCH) |
11 | const SORTABLE_VIDEO_CHANNELS_SEARCH_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_CHANNELS_SEARCH) | 11 | const SORTABLE_VIDEO_CHANNELS_SEARCH_COLUMNS = createSortableColumns(SORTABLE_COLUMNS.VIDEO_CHANNELS_SEARCH) |
@@ -28,7 +28,7 @@ const SORTABLE_VIDEO_REDUNDANCIES_COLUMNS = createSortableColumns(SORTABLE_COLUM | |||
28 | const usersSortValidator = checkSort(SORTABLE_USERS_COLUMNS) | 28 | const usersSortValidator = checkSort(SORTABLE_USERS_COLUMNS) |
29 | const accountsSortValidator = checkSort(SORTABLE_ACCOUNTS_COLUMNS) | 29 | const accountsSortValidator = checkSort(SORTABLE_ACCOUNTS_COLUMNS) |
30 | const jobsSortValidator = checkSort(SORTABLE_JOBS_COLUMNS) | 30 | const jobsSortValidator = checkSort(SORTABLE_JOBS_COLUMNS) |
31 | const videoAbusesSortValidator = checkSort(SORTABLE_VIDEO_ABUSES_COLUMNS) | 31 | const abusesSortValidator = checkSort(SORTABLE_ABUSES_COLUMNS) |
32 | const videosSortValidator = checkSort(SORTABLE_VIDEOS_COLUMNS) | 32 | const videosSortValidator = checkSort(SORTABLE_VIDEOS_COLUMNS) |
33 | const videoImportsSortValidator = checkSort(SORTABLE_VIDEO_IMPORTS_COLUMNS) | 33 | const videoImportsSortValidator = checkSort(SORTABLE_VIDEO_IMPORTS_COLUMNS) |
34 | const videosSearchSortValidator = checkSort(SORTABLE_VIDEOS_SEARCH_COLUMNS) | 34 | const videosSearchSortValidator = checkSort(SORTABLE_VIDEOS_SEARCH_COLUMNS) |
@@ -52,7 +52,7 @@ const videoRedundanciesSortValidator = checkSort(SORTABLE_VIDEO_REDUNDANCIES_COL | |||
52 | 52 | ||
53 | export { | 53 | export { |
54 | usersSortValidator, | 54 | usersSortValidator, |
55 | videoAbusesSortValidator, | 55 | abusesSortValidator, |
56 | videoChannelsSortValidator, | 56 | videoChannelsSortValidator, |
57 | videoImportsSortValidator, | 57 | videoImportsSortValidator, |
58 | videosSearchSortValidator, | 58 | videosSearchSortValidator, |
diff --git a/server/middlewares/validators/user-notifications.ts b/server/middlewares/validators/user-notifications.ts index fbfcb0a4c..21a7be08d 100644 --- a/server/middlewares/validators/user-notifications.ts +++ b/server/middlewares/validators/user-notifications.ts | |||
@@ -25,8 +25,8 @@ const updateNotificationSettingsValidator = [ | |||
25 | .custom(isUserNotificationSettingValid).withMessage('Should have a valid new video from subscription notification setting'), | 25 | .custom(isUserNotificationSettingValid).withMessage('Should have a valid new video from subscription notification setting'), |
26 | body('newCommentOnMyVideo') | 26 | body('newCommentOnMyVideo') |
27 | .custom(isUserNotificationSettingValid).withMessage('Should have a valid new comment on my video notification setting'), | 27 | .custom(isUserNotificationSettingValid).withMessage('Should have a valid new comment on my video notification setting'), |
28 | body('videoAbuseAsModerator') | 28 | body('abuseAsModerator') |
29 | .custom(isUserNotificationSettingValid).withMessage('Should have a valid new video abuse as moderator notification setting'), | 29 | .custom(isUserNotificationSettingValid).withMessage('Should have a valid abuse as moderator notification setting'), |
30 | body('videoAutoBlacklistAsModerator') | 30 | body('videoAutoBlacklistAsModerator') |
31 | .custom(isUserNotificationSettingValid).withMessage('Should have a valid video auto blacklist notification setting'), | 31 | .custom(isUserNotificationSettingValid).withMessage('Should have a valid video auto blacklist notification setting'), |
32 | body('blacklistOnMyVideo') | 32 | body('blacklistOnMyVideo') |
diff --git a/server/middlewares/validators/videos/index.ts b/server/middlewares/validators/videos/index.ts index a0d585b93..1eabada0a 100644 --- a/server/middlewares/validators/videos/index.ts +++ b/server/middlewares/validators/videos/index.ts | |||
@@ -1,4 +1,3 @@ | |||
1 | export * from './video-abuses' | ||
2 | export * from './video-blacklist' | 1 | export * from './video-blacklist' |
3 | export * from './video-captions' | 2 | export * from './video-captions' |
4 | export * from './video-channels' | 3 | export * from './video-channels' |
diff --git a/server/middlewares/validators/videos/video-abuses.ts b/server/middlewares/validators/videos/video-abuses.ts deleted file mode 100644 index 5bbd1e3c6..000000000 --- a/server/middlewares/validators/videos/video-abuses.ts +++ /dev/null | |||
@@ -1,135 +0,0 @@ | |||
1 | import * as express from 'express' | ||
2 | import { body, param, query } from 'express-validator' | ||
3 | import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '../../../helpers/custom-validators/misc' | ||
4 | import { | ||
5 | isAbuseVideoIsValid, | ||
6 | isVideoAbuseModerationCommentValid, | ||
7 | isVideoAbuseReasonValid, | ||
8 | isVideoAbuseStateValid, | ||
9 | isVideoAbusePredefinedReasonsValid, | ||
10 | isVideoAbusePredefinedReasonValid, | ||
11 | isVideoAbuseTimestampValid, | ||
12 | isVideoAbuseTimestampCoherent | ||
13 | } from '../../../helpers/custom-validators/video-abuses' | ||
14 | import { logger } from '../../../helpers/logger' | ||
15 | import { doesVideoAbuseExist, doesVideoExist } from '../../../helpers/middlewares' | ||
16 | import { areValidationErrors } from '../utils' | ||
17 | |||
18 | const videoAbuseReportValidator = [ | ||
19 | param('videoId') | ||
20 | .custom(isIdOrUUIDValid) | ||
21 | .not() | ||
22 | .isEmpty() | ||
23 | .withMessage('Should have a valid videoId'), | ||
24 | body('reason') | ||
25 | .custom(isVideoAbuseReasonValid) | ||
26 | .withMessage('Should have a valid reason'), | ||
27 | body('predefinedReasons') | ||
28 | .optional() | ||
29 | .custom(isVideoAbusePredefinedReasonsValid) | ||
30 | .withMessage('Should have a valid list of predefined reasons'), | ||
31 | body('startAt') | ||
32 | .optional() | ||
33 | .customSanitizer(toIntOrNull) | ||
34 | .custom(isVideoAbuseTimestampValid) | ||
35 | .withMessage('Should have valid starting time value'), | ||
36 | body('endAt') | ||
37 | .optional() | ||
38 | .customSanitizer(toIntOrNull) | ||
39 | .custom(isVideoAbuseTimestampValid) | ||
40 | .withMessage('Should have valid ending time value') | ||
41 | .bail() | ||
42 | .custom(isVideoAbuseTimestampCoherent) | ||
43 | .withMessage('Should have a startAt timestamp beginning before endAt'), | ||
44 | |||
45 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
46 | logger.debug('Checking videoAbuseReport parameters', { parameters: req.body }) | ||
47 | |||
48 | if (areValidationErrors(req, res)) return | ||
49 | if (!await doesVideoExist(req.params.videoId, res)) return | ||
50 | |||
51 | return next() | ||
52 | } | ||
53 | ] | ||
54 | |||
55 | const videoAbuseGetValidator = [ | ||
56 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | ||
57 | param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'), | ||
58 | |||
59 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
60 | logger.debug('Checking videoAbuseGetValidator parameters', { parameters: req.body }) | ||
61 | |||
62 | if (areValidationErrors(req, res)) return | ||
63 | if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return | ||
64 | |||
65 | return next() | ||
66 | } | ||
67 | ] | ||
68 | |||
69 | const videoAbuseUpdateValidator = [ | ||
70 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | ||
71 | param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'), | ||
72 | body('state') | ||
73 | .optional() | ||
74 | .custom(isVideoAbuseStateValid).withMessage('Should have a valid video abuse state'), | ||
75 | body('moderationComment') | ||
76 | .optional() | ||
77 | .custom(isVideoAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'), | ||
78 | |||
79 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
80 | logger.debug('Checking videoAbuseUpdateValidator parameters', { parameters: req.body }) | ||
81 | |||
82 | if (areValidationErrors(req, res)) return | ||
83 | if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return | ||
84 | |||
85 | return next() | ||
86 | } | ||
87 | ] | ||
88 | |||
89 | const videoAbuseListValidator = [ | ||
90 | query('id') | ||
91 | .optional() | ||
92 | .custom(isIdValid).withMessage('Should have a valid id'), | ||
93 | query('predefinedReason') | ||
94 | .optional() | ||
95 | .custom(isVideoAbusePredefinedReasonValid) | ||
96 | .withMessage('Should have a valid predefinedReason'), | ||
97 | query('search') | ||
98 | .optional() | ||
99 | .custom(exists).withMessage('Should have a valid search'), | ||
100 | query('state') | ||
101 | .optional() | ||
102 | .custom(isVideoAbuseStateValid).withMessage('Should have a valid video abuse state'), | ||
103 | query('videoIs') | ||
104 | .optional() | ||
105 | .custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'), | ||
106 | query('searchReporter') | ||
107 | .optional() | ||
108 | .custom(exists).withMessage('Should have a valid reporter search'), | ||
109 | query('searchReportee') | ||
110 | .optional() | ||
111 | .custom(exists).withMessage('Should have a valid reportee search'), | ||
112 | query('searchVideo') | ||
113 | .optional() | ||
114 | .custom(exists).withMessage('Should have a valid video search'), | ||
115 | query('searchVideoChannel') | ||
116 | .optional() | ||
117 | .custom(exists).withMessage('Should have a valid video channel search'), | ||
118 | |||
119 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | ||
120 | logger.debug('Checking videoAbuseListValidator parameters', { parameters: req.body }) | ||
121 | |||
122 | if (areValidationErrors(req, res)) return | ||
123 | |||
124 | return next() | ||
125 | } | ||
126 | ] | ||
127 | |||
128 | // --------------------------------------------------------------------------- | ||
129 | |||
130 | export { | ||
131 | videoAbuseListValidator, | ||
132 | videoAbuseReportValidator, | ||
133 | videoAbuseGetValidator, | ||
134 | videoAbuseUpdateValidator | ||
135 | } | ||
diff --git a/server/middlewares/validators/videos/video-comments.ts b/server/middlewares/validators/videos/video-comments.ts index ef019fcf9..77f5c6ff3 100644 --- a/server/middlewares/validators/videos/video-comments.ts +++ b/server/middlewares/validators/videos/video-comments.ts | |||
@@ -3,13 +3,16 @@ import { body, param } from 'express-validator' | |||
3 | import { MUserAccountUrl } from '@server/types/models' | 3 | import { MUserAccountUrl } from '@server/types/models' |
4 | import { UserRight } from '../../../../shared' | 4 | import { UserRight } from '../../../../shared' |
5 | import { isIdOrUUIDValid, isIdValid } from '../../../helpers/custom-validators/misc' | 5 | import { isIdOrUUIDValid, isIdValid } from '../../../helpers/custom-validators/misc' |
6 | import { isValidVideoCommentText } from '../../../helpers/custom-validators/video-comments' | 6 | import { |
7 | doesVideoCommentExist, | ||
8 | doesVideoCommentThreadExist, | ||
9 | isValidVideoCommentText | ||
10 | } from '../../../helpers/custom-validators/video-comments' | ||
7 | import { logger } from '../../../helpers/logger' | 11 | import { logger } from '../../../helpers/logger' |
8 | import { doesVideoExist } from '../../../helpers/middlewares' | 12 | import { doesVideoExist } from '../../../helpers/middlewares' |
9 | import { AcceptResult, isLocalVideoCommentReplyAccepted, isLocalVideoThreadAccepted } from '../../../lib/moderation' | 13 | import { AcceptResult, isLocalVideoCommentReplyAccepted, isLocalVideoThreadAccepted } from '../../../lib/moderation' |
10 | import { Hooks } from '../../../lib/plugins/hooks' | 14 | import { Hooks } from '../../../lib/plugins/hooks' |
11 | import { VideoCommentModel } from '../../../models/video/video-comment' | 15 | import { MCommentOwnerVideoReply, MVideo, MVideoFullLight } from '../../../types/models/video' |
12 | import { MCommentOwnerVideoReply, MVideo, MVideoFullLight, MVideoId } from '../../../types/models/video' | ||
13 | import { areValidationErrors } from '../utils' | 16 | import { areValidationErrors } from '../utils' |
14 | 17 | ||
15 | const listVideoCommentThreadsValidator = [ | 18 | const listVideoCommentThreadsValidator = [ |
@@ -120,67 +123,10 @@ export { | |||
120 | 123 | ||
121 | // --------------------------------------------------------------------------- | 124 | // --------------------------------------------------------------------------- |
122 | 125 | ||
123 | async function doesVideoCommentThreadExist (idArg: number | string, video: MVideoId, res: express.Response) { | ||
124 | const id = parseInt(idArg + '', 10) | ||
125 | const videoComment = await VideoCommentModel.loadById(id) | ||
126 | |||
127 | if (!videoComment) { | ||
128 | res.status(404) | ||
129 | .json({ error: 'Video comment thread not found' }) | ||
130 | .end() | ||
131 | |||
132 | return false | ||
133 | } | ||
134 | |||
135 | if (videoComment.videoId !== video.id) { | ||
136 | res.status(400) | ||
137 | .json({ error: 'Video comment is not associated to this video.' }) | ||
138 | .end() | ||
139 | |||
140 | return false | ||
141 | } | ||
142 | |||
143 | if (videoComment.inReplyToCommentId !== null) { | ||
144 | res.status(400) | ||
145 | .json({ error: 'Video comment is not a thread.' }) | ||
146 | .end() | ||
147 | |||
148 | return false | ||
149 | } | ||
150 | |||
151 | res.locals.videoCommentThread = videoComment | ||
152 | return true | ||
153 | } | ||
154 | |||
155 | async function doesVideoCommentExist (idArg: number | string, video: MVideoId, res: express.Response) { | ||
156 | const id = parseInt(idArg + '', 10) | ||
157 | const videoComment = await VideoCommentModel.loadByIdAndPopulateVideoAndAccountAndReply(id) | ||
158 | |||
159 | if (!videoComment) { | ||
160 | res.status(404) | ||
161 | .json({ error: 'Video comment thread not found' }) | ||
162 | .end() | ||
163 | |||
164 | return false | ||
165 | } | ||
166 | |||
167 | if (videoComment.videoId !== video.id) { | ||
168 | res.status(400) | ||
169 | .json({ error: 'Video comment is not associated to this video.' }) | ||
170 | .end() | ||
171 | |||
172 | return false | ||
173 | } | ||
174 | |||
175 | res.locals.videoCommentFull = videoComment | ||
176 | return true | ||
177 | } | ||
178 | |||
179 | function isVideoCommentsEnabled (video: MVideo, res: express.Response) { | 126 | function isVideoCommentsEnabled (video: MVideo, res: express.Response) { |
180 | if (video.commentsEnabled !== true) { | 127 | if (video.commentsEnabled !== true) { |
181 | res.status(409) | 128 | res.status(409) |
182 | .json({ error: 'Video comments are disabled for this video.' }) | 129 | .json({ error: 'Video comments are disabled for this video.' }) |
183 | .end() | ||
184 | 130 | ||
185 | return false | 131 | return false |
186 | } | 132 | } |
@@ -192,7 +138,7 @@ function checkUserCanDeleteVideoComment (user: MUserAccountUrl, videoComment: MC | |||
192 | if (videoComment.isDeleted()) { | 138 | if (videoComment.isDeleted()) { |
193 | res.status(409) | 139 | res.status(409) |
194 | .json({ error: 'This comment is already deleted' }) | 140 | .json({ error: 'This comment is already deleted' }) |
195 | .end() | 141 | |
196 | return false | 142 | return false |
197 | } | 143 | } |
198 | 144 | ||
@@ -240,7 +186,7 @@ async function isVideoCommentAccepted (req: express.Request, res: express.Respon | |||
240 | if (!acceptedResult || acceptedResult.accepted !== true) { | 186 | if (!acceptedResult || acceptedResult.accepted !== true) { |
241 | logger.info('Refused local comment.', { acceptedResult, acceptParameters }) | 187 | logger.info('Refused local comment.', { acceptedResult, acceptParameters }) |
242 | res.status(403) | 188 | res.status(403) |
243 | .json({ error: acceptedResult.errorMessage || 'Refused local comment' }) | 189 | .json({ error: acceptedResult.errorMessage || 'Refused local comment' }) |
244 | 190 | ||
245 | return false | 191 | return false |
246 | } | 192 | } |