diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/activitypub.ts | 3 | ||||
-rw-r--r-- | server/middlewares/user-right.ts | 3 | ||||
-rw-r--r-- | server/middlewares/validators/activitypub/activity.ts | 3 | ||||
-rw-r--r-- | server/middlewares/validators/blocklist.ts | 6 | ||||
-rw-r--r-- | server/middlewares/validators/redundancy.ts | 10 | ||||
-rw-r--r-- | server/middlewares/validators/user-subscriptions.ts | 3 | ||||
-rw-r--r-- | server/middlewares/validators/users.ts | 12 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-blacklist.ts | 3 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-playlists.ts | 17 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-shares.ts | 3 | ||||
-rw-r--r-- | server/middlewares/validators/videos/video-watch.ts | 3 | ||||
-rw-r--r-- | server/middlewares/validators/videos/videos.ts | 12 |
12 files changed, 33 insertions, 45 deletions
diff --git a/server/middlewares/activitypub.ts b/server/middlewares/activitypub.ts index 5fa10cbfd..c528ee250 100644 --- a/server/middlewares/activitypub.ts +++ b/server/middlewares/activitypub.ts | |||
@@ -4,7 +4,6 @@ import { logger } from '../helpers/logger' | |||
4 | import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../helpers/peertube-crypto' | 4 | import { isHTTPSignatureVerified, isJsonLDSignatureVerified, parseHTTPSignature } from '../helpers/peertube-crypto' |
5 | import { ACCEPT_HEADERS, ACTIVITY_PUB, HTTP_SIGNATURE } from '../initializers' | 5 | import { ACCEPT_HEADERS, ACTIVITY_PUB, HTTP_SIGNATURE } from '../initializers' |
6 | import { getOrCreateActorAndServerAndModel } from '../lib/activitypub' | 6 | import { getOrCreateActorAndServerAndModel } from '../lib/activitypub' |
7 | import { ActorModel } from '../models/activitypub/actor' | ||
8 | import { loadActorUrlOrGetFromWebfinger } from '../helpers/webfinger' | 7 | import { loadActorUrlOrGetFromWebfinger } from '../helpers/webfinger' |
9 | 8 | ||
10 | async function checkSignature (req: Request, res: Response, next: NextFunction) { | 9 | async function checkSignature (req: Request, res: Response, next: NextFunction) { |
@@ -12,7 +11,7 @@ async function checkSignature (req: Request, res: Response, next: NextFunction) | |||
12 | const httpSignatureChecked = await checkHttpSignature(req, res) | 11 | const httpSignatureChecked = await checkHttpSignature(req, res) |
13 | if (httpSignatureChecked !== true) return | 12 | if (httpSignatureChecked !== true) return |
14 | 13 | ||
15 | const actor: ActorModel = res.locals.signature.actor | 14 | const actor = res.locals.signature.actor |
16 | 15 | ||
17 | // Forwarded activity | 16 | // Forwarded activity |
18 | const bodyActor = req.body.actor | 17 | const bodyActor = req.body.actor |
diff --git a/server/middlewares/user-right.ts b/server/middlewares/user-right.ts index 7cea7aa1e..498e3d677 100644 --- a/server/middlewares/user-right.ts +++ b/server/middlewares/user-right.ts | |||
@@ -2,11 +2,10 @@ import * as express from 'express' | |||
2 | import 'express-validator' | 2 | import 'express-validator' |
3 | import { UserRight } from '../../shared' | 3 | import { UserRight } from '../../shared' |
4 | import { logger } from '../helpers/logger' | 4 | import { logger } from '../helpers/logger' |
5 | import { UserModel } from '../models/account/user' | ||
6 | 5 | ||
7 | function ensureUserHasRight (userRight: UserRight) { | 6 | function ensureUserHasRight (userRight: UserRight) { |
8 | return function (req: express.Request, res: express.Response, next: express.NextFunction) { | 7 | return function (req: express.Request, res: express.Response, next: express.NextFunction) { |
9 | const user = res.locals.oauth.token.user as UserModel | 8 | const user = res.locals.oauth.token.user |
10 | if (user.hasRight(userRight) === false) { | 9 | if (user.hasRight(userRight) === false) { |
11 | const message = `User ${user.username} does not have right ${UserRight[userRight]} to access to ${req.path}.` | 10 | const message = `User ${user.username} does not have right ${UserRight[userRight]} to access to ${req.path}.` |
12 | logger.info(message) | 11 | logger.info(message) |
diff --git a/server/middlewares/validators/activitypub/activity.ts b/server/middlewares/validators/activitypub/activity.ts index 3f9057c0c..7582f65e7 100644 --- a/server/middlewares/validators/activitypub/activity.ts +++ b/server/middlewares/validators/activitypub/activity.ts | |||
@@ -2,7 +2,6 @@ import * as express from 'express' | |||
2 | import { isRootActivityValid } from '../../../helpers/custom-validators/activitypub/activity' | 2 | import { isRootActivityValid } from '../../../helpers/custom-validators/activitypub/activity' |
3 | import { logger } from '../../../helpers/logger' | 3 | import { logger } from '../../../helpers/logger' |
4 | import { getServerActor } from '../../../helpers/utils' | 4 | import { getServerActor } from '../../../helpers/utils' |
5 | import { ActorModel } from '../../../models/activitypub/actor' | ||
6 | 5 | ||
7 | async function activityPubValidator (req: express.Request, res: express.Response, next: express.NextFunction) { | 6 | async function activityPubValidator (req: express.Request, res: express.Response, next: express.NextFunction) { |
8 | logger.debug('Checking activity pub parameters') | 7 | logger.debug('Checking activity pub parameters') |
@@ -13,7 +12,7 @@ async function activityPubValidator (req: express.Request, res: express.Response | |||
13 | } | 12 | } |
14 | 13 | ||
15 | const serverActor = await getServerActor() | 14 | const serverActor = await getServerActor() |
16 | const remoteActor = res.locals.signature.actor as ActorModel | 15 | const remoteActor = res.locals.signature.actor |
17 | if (serverActor.id === remoteActor.id) { | 16 | if (serverActor.id === remoteActor.id) { |
18 | logger.error('Receiving request in INBOX by ourselves!', req.body) | 17 | logger.error('Receiving request in INBOX by ourselves!', req.body) |
19 | return res.status(409).end() | 18 | return res.status(409).end() |
diff --git a/server/middlewares/validators/blocklist.ts b/server/middlewares/validators/blocklist.ts index d7ec649b6..f5b295f45 100644 --- a/server/middlewares/validators/blocklist.ts +++ b/server/middlewares/validators/blocklist.ts | |||
@@ -20,7 +20,7 @@ const blockAccountValidator = [ | |||
20 | if (areValidationErrors(req, res)) return | 20 | if (areValidationErrors(req, res)) return |
21 | if (!await doesAccountNameWithHostExist(req.body.accountName, res)) return | 21 | if (!await doesAccountNameWithHostExist(req.body.accountName, res)) return |
22 | 22 | ||
23 | const user = res.locals.oauth.token.User as UserModel | 23 | const user = res.locals.oauth.token.User |
24 | const accountToBlock = res.locals.account | 24 | const accountToBlock = res.locals.account |
25 | 25 | ||
26 | if (user.Account.id === accountToBlock.id) { | 26 | if (user.Account.id === accountToBlock.id) { |
@@ -44,7 +44,7 @@ const unblockAccountByAccountValidator = [ | |||
44 | if (areValidationErrors(req, res)) return | 44 | if (areValidationErrors(req, res)) return |
45 | if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return | 45 | if (!await doesAccountNameWithHostExist(req.params.accountName, res)) return |
46 | 46 | ||
47 | const user = res.locals.oauth.token.User as UserModel | 47 | const user = res.locals.oauth.token.User |
48 | const targetAccount = res.locals.account | 48 | const targetAccount = res.locals.account |
49 | if (!await doesUnblockAccountExist(user.Account.id, targetAccount.id, res)) return | 49 | if (!await doesUnblockAccountExist(user.Account.id, targetAccount.id, res)) return |
50 | 50 | ||
@@ -106,7 +106,7 @@ const unblockServerByAccountValidator = [ | |||
106 | 106 | ||
107 | if (areValidationErrors(req, res)) return | 107 | if (areValidationErrors(req, res)) return |
108 | 108 | ||
109 | const user = res.locals.oauth.token.User as UserModel | 109 | const user = res.locals.oauth.token.User |
110 | if (!await doesUnblockServerExist(user.Account.id, req.params.host, res)) return | 110 | if (!await doesUnblockServerExist(user.Account.id, req.params.host, res)) return |
111 | 111 | ||
112 | return next() | 112 | return next() |
diff --git a/server/middlewares/validators/redundancy.ts b/server/middlewares/validators/redundancy.ts index 419921928..76cf89c40 100644 --- a/server/middlewares/validators/redundancy.ts +++ b/server/middlewares/validators/redundancy.ts | |||
@@ -1,16 +1,12 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import 'express-validator' | 2 | import 'express-validator' |
3 | import { param, body } from 'express-validator/check' | 3 | import { body, param } from 'express-validator/check' |
4 | import { exists, isBooleanValid, isIdOrUUIDValid, toIntOrNull } from '../../helpers/custom-validators/misc' | 4 | import { exists, isBooleanValid, isIdOrUUIDValid, toIntOrNull } from '../../helpers/custom-validators/misc' |
5 | import { doesVideoExist } from '../../helpers/custom-validators/videos' | 5 | import { doesVideoExist } from '../../helpers/custom-validators/videos' |
6 | import { logger } from '../../helpers/logger' | 6 | import { logger } from '../../helpers/logger' |
7 | import { areValidationErrors } from './utils' | 7 | import { areValidationErrors } from './utils' |
8 | import { VideoModel } from '../../models/video/video' | ||
9 | import { VideoRedundancyModel } from '../../models/redundancy/video-redundancy' | 8 | import { VideoRedundancyModel } from '../../models/redundancy/video-redundancy' |
10 | import { isHostValid } from '../../helpers/custom-validators/servers' | 9 | import { isHostValid } from '../../helpers/custom-validators/servers' |
11 | import { getServerActor } from '../../helpers/utils' | ||
12 | import { ActorFollowModel } from '../../models/activitypub/actor-follow' | ||
13 | import { SERVER_ACTOR_NAME } from '../../initializers' | ||
14 | import { ServerModel } from '../../models/server/server' | 10 | import { ServerModel } from '../../models/server/server' |
15 | 11 | ||
16 | const videoFileRedundancyGetValidator = [ | 12 | const videoFileRedundancyGetValidator = [ |
@@ -29,7 +25,7 @@ const videoFileRedundancyGetValidator = [ | |||
29 | if (areValidationErrors(req, res)) return | 25 | if (areValidationErrors(req, res)) return |
30 | if (!await doesVideoExist(req.params.videoId, res)) return | 26 | if (!await doesVideoExist(req.params.videoId, res)) return |
31 | 27 | ||
32 | const video: VideoModel = res.locals.video | 28 | const video = res.locals.video |
33 | const videoFile = video.VideoFiles.find(f => { | 29 | const videoFile = video.VideoFiles.find(f => { |
34 | return f.resolution === req.params.resolution && (!req.params.fps || f.fps === req.params.fps) | 30 | return f.resolution === req.params.resolution && (!req.params.fps || f.fps === req.params.fps) |
35 | }) | 31 | }) |
@@ -55,7 +51,7 @@ const videoPlaylistRedundancyGetValidator = [ | |||
55 | if (areValidationErrors(req, res)) return | 51 | if (areValidationErrors(req, res)) return |
56 | if (!await doesVideoExist(req.params.videoId, res)) return | 52 | if (!await doesVideoExist(req.params.videoId, res)) return |
57 | 53 | ||
58 | const video: VideoModel = res.locals.video | 54 | const video = res.locals.video |
59 | const videoStreamingPlaylist = video.VideoStreamingPlaylists.find(p => p === req.params.streamingPlaylistType) | 55 | const videoStreamingPlaylist = video.VideoStreamingPlaylists.find(p => p === req.params.streamingPlaylistType) |
60 | 56 | ||
61 | if (!videoStreamingPlaylist) return res.status(404).json({ error: 'Video playlist not found.' }) | 57 | if (!videoStreamingPlaylist) return res.status(404).json({ error: 'Video playlist not found.' }) |
diff --git a/server/middlewares/validators/user-subscriptions.ts b/server/middlewares/validators/user-subscriptions.ts index c5f8d9d4c..fd82ed017 100644 --- a/server/middlewares/validators/user-subscriptions.ts +++ b/server/middlewares/validators/user-subscriptions.ts | |||
@@ -5,7 +5,6 @@ import { logger } from '../../helpers/logger' | |||
5 | import { areValidationErrors } from './utils' | 5 | import { areValidationErrors } from './utils' |
6 | import { ActorFollowModel } from '../../models/activitypub/actor-follow' | 6 | import { ActorFollowModel } from '../../models/activitypub/actor-follow' |
7 | import { areValidActorHandles, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor' | 7 | import { areValidActorHandles, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor' |
8 | import { UserModel } from '../../models/account/user' | ||
9 | import { CONFIG } from '../../initializers' | 8 | import { CONFIG } from '../../initializers' |
10 | import { toArray } from '../../helpers/custom-validators/misc' | 9 | import { toArray } from '../../helpers/custom-validators/misc' |
11 | 10 | ||
@@ -46,7 +45,7 @@ const userSubscriptionGetValidator = [ | |||
46 | let [ name, host ] = req.params.uri.split('@') | 45 | let [ name, host ] = req.params.uri.split('@') |
47 | if (host === CONFIG.WEBSERVER.HOST) host = null | 46 | if (host === CONFIG.WEBSERVER.HOST) host = null |
48 | 47 | ||
49 | const user: UserModel = res.locals.oauth.token.User | 48 | const user = res.locals.oauth.token.User |
50 | const subscription = await ActorFollowModel.loadByActorAndTargetNameAndHostForAPI(user.Account.Actor.id, name, host) | 49 | const subscription = await ActorFollowModel.loadByActorAndTargetNameAndHostForAPI(user.Account.Actor.id, name, host) |
51 | 50 | ||
52 | if (!subscription || !subscription.ActorFollowing.VideoChannel) { | 51 | if (!subscription || !subscription.ActorFollowing.VideoChannel) { |
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 5e8c8c29b..e8ade0f97 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts | |||
@@ -14,7 +14,8 @@ import { | |||
14 | isUserRoleValid, | 14 | isUserRoleValid, |
15 | isUserUsernameValid, | 15 | isUserUsernameValid, |
16 | isUserVideoQuotaDailyValid, | 16 | isUserVideoQuotaDailyValid, |
17 | isUserVideoQuotaValid, isUserVideosHistoryEnabledValid | 17 | isUserVideoQuotaValid, |
18 | isUserVideosHistoryEnabledValid | ||
18 | } from '../../helpers/custom-validators/users' | 19 | } from '../../helpers/custom-validators/users' |
19 | import { doesVideoExist } from '../../helpers/custom-validators/videos' | 20 | import { doesVideoExist } from '../../helpers/custom-validators/videos' |
20 | import { logger } from '../../helpers/logger' | 21 | import { logger } from '../../helpers/logger' |
@@ -100,7 +101,7 @@ const usersBlockingValidator = [ | |||
100 | 101 | ||
101 | const deleteMeValidator = [ | 102 | const deleteMeValidator = [ |
102 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 103 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
103 | const user: UserModel = res.locals.oauth.token.User | 104 | const user = res.locals.oauth.token.User |
104 | if (user.username === 'root') { | 105 | if (user.username === 'root') { |
105 | return res.status(400) | 106 | return res.status(400) |
106 | .send({ error: 'You cannot delete your root account.' }) | 107 | .send({ error: 'You cannot delete your root account.' }) |
@@ -159,8 +160,7 @@ const usersUpdateMeValidator = [ | |||
159 | .end() | 160 | .end() |
160 | } | 161 | } |
161 | 162 | ||
162 | const user: UserModel = res.locals.oauth.token.User | 163 | const user= res.locals.oauth.token.User |
163 | |||
164 | if (await user.isPasswordMatch(req.body.currentPassword) !== true) { | 164 | if (await user.isPasswordMatch(req.body.currentPassword) !== true) { |
165 | return res.status(401) | 165 | return res.status(401) |
166 | .send({ error: 'currentPassword is invalid.' }) | 166 | .send({ error: 'currentPassword is invalid.' }) |
@@ -257,7 +257,7 @@ const usersResetPasswordValidator = [ | |||
257 | if (areValidationErrors(req, res)) return | 257 | if (areValidationErrors(req, res)) return |
258 | if (!await checkUserIdExist(req.params.id, res)) return | 258 | if (!await checkUserIdExist(req.params.id, res)) return |
259 | 259 | ||
260 | const user = res.locals.user as UserModel | 260 | const user = res.locals.user |
261 | const redisVerificationString = await Redis.Instance.getResetPasswordLink(user.id) | 261 | const redisVerificationString = await Redis.Instance.getResetPasswordLink(user.id) |
262 | 262 | ||
263 | if (redisVerificationString !== req.body.verificationString) { | 263 | if (redisVerificationString !== req.body.verificationString) { |
@@ -299,7 +299,7 @@ const usersVerifyEmailValidator = [ | |||
299 | if (areValidationErrors(req, res)) return | 299 | if (areValidationErrors(req, res)) return |
300 | if (!await checkUserIdExist(req.params.id, res)) return | 300 | if (!await checkUserIdExist(req.params.id, res)) return |
301 | 301 | ||
302 | const user = res.locals.user as UserModel | 302 | const user = res.locals.user |
303 | const redisVerificationString = await Redis.Instance.getVerifyEmailLink(user.id) | 303 | const redisVerificationString = await Redis.Instance.getVerifyEmailLink(user.id) |
304 | 304 | ||
305 | if (redisVerificationString !== req.body.verificationString) { | 305 | if (redisVerificationString !== req.body.verificationString) { |
diff --git a/server/middlewares/validators/videos/video-blacklist.ts b/server/middlewares/validators/videos/video-blacklist.ts index 77ad29cbb..db318dcdb 100644 --- a/server/middlewares/validators/videos/video-blacklist.ts +++ b/server/middlewares/validators/videos/video-blacklist.ts | |||
@@ -5,7 +5,6 @@ import { doesVideoExist } from '../../../helpers/custom-validators/videos' | |||
5 | import { logger } from '../../../helpers/logger' | 5 | import { logger } from '../../../helpers/logger' |
6 | import { areValidationErrors } from '../utils' | 6 | import { areValidationErrors } from '../utils' |
7 | import { doesVideoBlacklistExist, isVideoBlacklistReasonValid } from '../../../helpers/custom-validators/video-blacklist' | 7 | import { doesVideoBlacklistExist, isVideoBlacklistReasonValid } from '../../../helpers/custom-validators/video-blacklist' |
8 | import { VideoModel } from '../../../models/video/video' | ||
9 | 8 | ||
10 | const videosBlacklistRemoveValidator = [ | 9 | const videosBlacklistRemoveValidator = [ |
11 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), | 10 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'), |
@@ -37,7 +36,7 @@ const videosBlacklistAddValidator = [ | |||
37 | if (areValidationErrors(req, res)) return | 36 | if (areValidationErrors(req, res)) return |
38 | if (!await doesVideoExist(req.params.videoId, res)) return | 37 | if (!await doesVideoExist(req.params.videoId, res)) return |
39 | 38 | ||
40 | const video: VideoModel = res.locals.video | 39 | const video = res.locals.video |
41 | if (req.body.unfederate === true && video.remote === true) { | 40 | if (req.body.unfederate === true && video.remote === true) { |
42 | return res | 41 | return res |
43 | .status(409) | 42 | .status(409) |
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts index 4bc79f433..55e09e354 100644 --- a/server/middlewares/validators/videos/video-playlists.ts +++ b/server/middlewares/validators/videos/video-playlists.ts | |||
@@ -103,7 +103,7 @@ const videoPlaylistsDeleteValidator = [ | |||
103 | 103 | ||
104 | if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return | 104 | if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return |
105 | 105 | ||
106 | const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist | 106 | const videoPlaylist = res.locals.videoPlaylist |
107 | if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { | 107 | if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) { |
108 | return res.status(400) | 108 | return res.status(400) |
109 | .json({ error: 'Cannot delete a watch later playlist.' }) | 109 | .json({ error: 'Cannot delete a watch later playlist.' }) |
@@ -128,7 +128,7 @@ const videoPlaylistsGetValidator = [ | |||
128 | 128 | ||
129 | if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return | 129 | if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return |
130 | 130 | ||
131 | const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist | 131 | const videoPlaylist = res.locals.videoPlaylist |
132 | 132 | ||
133 | // Video is unlisted, check we used the uuid to fetch it | 133 | // Video is unlisted, check we used the uuid to fetch it |
134 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) { | 134 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) { |
@@ -140,8 +140,7 @@ const videoPlaylistsGetValidator = [ | |||
140 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { | 140 | if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) { |
141 | await authenticatePromiseIfNeeded(req, res) | 141 | await authenticatePromiseIfNeeded(req, res) |
142 | 142 | ||
143 | const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : null | 143 | const user = res.locals.oauth ? res.locals.oauth.token.User : null |
144 | |||
145 | if ( | 144 | if ( |
146 | !user || | 145 | !user || |
147 | (videoPlaylist.OwnerAccount.userId !== user.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) | 146 | (videoPlaylist.OwnerAccount.userId !== user.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST)) |
@@ -177,8 +176,8 @@ const videoPlaylistsAddVideoValidator = [ | |||
177 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return | 176 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return |
178 | if (!await doesVideoExist(req.body.videoId, res, 'only-video')) return | 177 | if (!await doesVideoExist(req.body.videoId, res, 'only-video')) return |
179 | 178 | ||
180 | const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist | 179 | const videoPlaylist = res.locals.videoPlaylist |
181 | const video: VideoModel = res.locals.video | 180 | const video = res.locals.video |
182 | 181 | ||
183 | const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id) | 182 | const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id) |
184 | if (videoPlaylistElement) { | 183 | if (videoPlaylistElement) { |
@@ -217,8 +216,8 @@ const videoPlaylistsUpdateOrRemoveVideoValidator = [ | |||
217 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return | 216 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return |
218 | if (!await doesVideoExist(req.params.videoId, res, 'id')) return | 217 | if (!await doesVideoExist(req.params.videoId, res, 'id')) return |
219 | 218 | ||
220 | const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist | 219 | const videoPlaylist = res.locals.videoPlaylist |
221 | const video: VideoModel = res.locals.video | 220 | const video = res.locals.video |
222 | 221 | ||
223 | const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id) | 222 | const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id) |
224 | if (!videoPlaylistElement) { | 223 | if (!videoPlaylistElement) { |
@@ -284,7 +283,7 @@ const videoPlaylistsReorderVideosValidator = [ | |||
284 | 283 | ||
285 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return | 284 | if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return |
286 | 285 | ||
287 | const videoPlaylist: VideoPlaylistModel = res.locals.videoPlaylist | 286 | const videoPlaylist = res.locals.videoPlaylist |
288 | if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return | 287 | if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return |
289 | 288 | ||
290 | const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id) | 289 | const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id) |
diff --git a/server/middlewares/validators/videos/video-shares.ts b/server/middlewares/validators/videos/video-shares.ts index f4514f85c..d5cbdb03e 100644 --- a/server/middlewares/validators/videos/video-shares.ts +++ b/server/middlewares/validators/videos/video-shares.ts | |||
@@ -6,7 +6,6 @@ import { doesVideoExist } from '../../../helpers/custom-validators/videos' | |||
6 | import { logger } from '../../../helpers/logger' | 6 | import { logger } from '../../../helpers/logger' |
7 | import { VideoShareModel } from '../../../models/video/video-share' | 7 | import { VideoShareModel } from '../../../models/video/video-share' |
8 | import { areValidationErrors } from '../utils' | 8 | import { areValidationErrors } from '../utils' |
9 | import { VideoModel } from '../../../models/video/video' | ||
10 | 9 | ||
11 | const videosShareValidator = [ | 10 | const videosShareValidator = [ |
12 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | 11 | param('id').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
@@ -18,7 +17,7 @@ const videosShareValidator = [ | |||
18 | if (areValidationErrors(req, res)) return | 17 | if (areValidationErrors(req, res)) return |
19 | if (!await doesVideoExist(req.params.id, res)) return | 18 | if (!await doesVideoExist(req.params.id, res)) return |
20 | 19 | ||
21 | const video: VideoModel = res.locals.video | 20 | const video = res.locals.video |
22 | 21 | ||
23 | const share = await VideoShareModel.load(req.params.actorId, video.id) | 22 | const share = await VideoShareModel.load(req.params.actorId, video.id) |
24 | if (!share) { | 23 | if (!share) { |
diff --git a/server/middlewares/validators/videos/video-watch.ts b/server/middlewares/validators/videos/video-watch.ts index a3b70c0cc..a3a800d14 100644 --- a/server/middlewares/validators/videos/video-watch.ts +++ b/server/middlewares/validators/videos/video-watch.ts | |||
@@ -4,7 +4,6 @@ import { isIdOrUUIDValid } from '../../../helpers/custom-validators/misc' | |||
4 | import { doesVideoExist } from '../../../helpers/custom-validators/videos' | 4 | import { doesVideoExist } from '../../../helpers/custom-validators/videos' |
5 | import { areValidationErrors } from '../utils' | 5 | import { areValidationErrors } from '../utils' |
6 | import { logger } from '../../../helpers/logger' | 6 | import { logger } from '../../../helpers/logger' |
7 | import { UserModel } from '../../../models/account/user' | ||
8 | 7 | ||
9 | const videoWatchingValidator = [ | 8 | const videoWatchingValidator = [ |
10 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), | 9 | param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid id'), |
@@ -18,7 +17,7 @@ const videoWatchingValidator = [ | |||
18 | if (areValidationErrors(req, res)) return | 17 | if (areValidationErrors(req, res)) return |
19 | if (!await doesVideoExist(req.params.videoId, res, 'id')) return | 18 | if (!await doesVideoExist(req.params.videoId, res, 'id')) return |
20 | 19 | ||
21 | const user = res.locals.oauth.token.User as UserModel | 20 | const user = res.locals.oauth.token.User |
22 | if (user.videosHistoryEnabled === false) { | 21 | if (user.videosHistoryEnabled === false) { |
23 | logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id) | 22 | logger.warn('Cannot set videos to watch by user %d: videos history is disabled.', user.id) |
24 | return res.status(409).end() | 23 | return res.status(409).end() |
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts index 92218d4b1..b70abf429 100644 --- a/server/middlewares/validators/videos/videos.ts +++ b/server/middlewares/validators/videos/videos.ts | |||
@@ -130,7 +130,7 @@ const videosUpdateValidator = getCommonVideoEditAttributes().concat([ | |||
130 | ]) | 130 | ]) |
131 | 131 | ||
132 | async function checkVideoFollowConstraints (req: express.Request, res: express.Response, next: express.NextFunction) { | 132 | async function checkVideoFollowConstraints (req: express.Request, res: express.Response, next: express.NextFunction) { |
133 | const video: VideoModel = res.locals.video | 133 | const video = res.locals.video |
134 | 134 | ||
135 | // Anybody can watch local videos | 135 | // Anybody can watch local videos |
136 | if (video.isOwned() === true) return next() | 136 | if (video.isOwned() === true) return next() |
@@ -164,13 +164,13 @@ const videosCustomGetValidator = (fetchType: VideoFetchType) => { | |||
164 | if (areValidationErrors(req, res)) return | 164 | if (areValidationErrors(req, res)) return |
165 | if (!await doesVideoExist(req.params.id, res, fetchType)) return | 165 | if (!await doesVideoExist(req.params.id, res, fetchType)) return |
166 | 166 | ||
167 | const video: VideoModel = res.locals.video | 167 | const video = res.locals.video |
168 | 168 | ||
169 | // Video private or blacklisted | 169 | // Video private or blacklisted |
170 | if (video.privacy === VideoPrivacy.PRIVATE || video.VideoBlacklist) { | 170 | if (video.privacy === VideoPrivacy.PRIVATE || video.VideoBlacklist) { |
171 | await authenticatePromiseIfNeeded(req, res) | 171 | await authenticatePromiseIfNeeded(req, res) |
172 | 172 | ||
173 | const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : null | 173 | const user = res.locals.oauth ? res.locals.oauth.token.User : null |
174 | 174 | ||
175 | // Only the owner or a user that have blacklist rights can see the video | 175 | // Only the owner or a user that have blacklist rights can see the video |
176 | if ( | 176 | if ( |
@@ -256,7 +256,7 @@ const videosTerminateChangeOwnershipValidator = [ | |||
256 | return next() | 256 | return next() |
257 | }, | 257 | }, |
258 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 258 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
259 | const videoChangeOwnership = res.locals.videoChangeOwnership as VideoChangeOwnershipModel | 259 | const videoChangeOwnership = res.locals.videoChangeOwnership |
260 | 260 | ||
261 | if (videoChangeOwnership.status === VideoChangeOwnershipStatus.WAITING) { | 261 | if (videoChangeOwnership.status === VideoChangeOwnershipStatus.WAITING) { |
262 | return next() | 262 | return next() |
@@ -275,7 +275,7 @@ const videosAcceptChangeOwnershipValidator = [ | |||
275 | if (!await doesVideoChannelOfAccountExist(body.channelId, res.locals.oauth.token.User, res)) return | 275 | if (!await doesVideoChannelOfAccountExist(body.channelId, res.locals.oauth.token.User, res)) return |
276 | 276 | ||
277 | const user = res.locals.oauth.token.User | 277 | const user = res.locals.oauth.token.User |
278 | const videoChangeOwnership = res.locals.videoChangeOwnership as VideoChangeOwnershipModel | 278 | const videoChangeOwnership = res.locals.videoChangeOwnership |
279 | const isAble = await user.isAbleToUploadVideo(videoChangeOwnership.Video.getOriginalFile()) | 279 | const isAble = await user.isAbleToUploadVideo(videoChangeOwnership.Video.getOriginalFile()) |
280 | if (isAble === false) { | 280 | if (isAble === false) { |
281 | res.status(403) | 281 | res.status(403) |
@@ -395,7 +395,7 @@ const commonVideosFiltersValidator = [ | |||
395 | 395 | ||
396 | if (areValidationErrors(req, res)) return | 396 | if (areValidationErrors(req, res)) return |
397 | 397 | ||
398 | const user: UserModel = res.locals.oauth ? res.locals.oauth.token.User : undefined | 398 | const user = res.locals.oauth ? res.locals.oauth.token.User : undefined |
399 | if (req.query.filter === 'all-local' && (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false)) { | 399 | if (req.query.filter === 'all-local' && (!user || user.hasRight(UserRight.SEE_ALL_VIDEOS) === false)) { |
400 | res.status(401) | 400 | res.status(401) |
401 | .json({ error: 'You are not allowed to see all local videos.' }) | 401 | .json({ error: 'You are not allowed to see all local videos.' }) |