aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/middlewares
diff options
context:
space:
mode:
Diffstat (limited to 'server/middlewares')
-rw-r--r--server/middlewares/validators/config.ts1
-rw-r--r--server/middlewares/validators/follows.ts16
-rw-r--r--server/middlewares/validators/oembed.ts24
-rw-r--r--server/middlewares/validators/plugins.ts14
-rw-r--r--server/middlewares/validators/user-subscriptions.ts8
-rw-r--r--server/middlewares/validators/users.ts4
-rw-r--r--server/middlewares/validators/videos/video-channels.ts4
-rw-r--r--server/middlewares/validators/videos/video-imports.ts3
-rw-r--r--server/middlewares/validators/videos/videos.ts2
-rw-r--r--server/middlewares/validators/webfinger.ts6
10 files changed, 47 insertions, 35 deletions
diff --git a/server/middlewares/validators/config.ts b/server/middlewares/validators/config.ts
index a85883b19..e3e0c2058 100644
--- a/server/middlewares/validators/config.ts
+++ b/server/middlewares/validators/config.ts
@@ -30,6 +30,7 @@ const customConfigUpdateValidator = [
30 body('signup.enabled').isBoolean().withMessage('Should have a valid signup enabled boolean'), 30 body('signup.enabled').isBoolean().withMessage('Should have a valid signup enabled boolean'),
31 body('signup.limit').isInt().withMessage('Should have a valid signup limit'), 31 body('signup.limit').isInt().withMessage('Should have a valid signup limit'),
32 body('signup.requiresEmailVerification').isBoolean().withMessage('Should have a valid requiresEmailVerification boolean'), 32 body('signup.requiresEmailVerification').isBoolean().withMessage('Should have a valid requiresEmailVerification boolean'),
33 body('signup.minimumAge').isInt().withMessage("Should have a valid minimum age required"),
33 34
34 body('admin.email').isEmail().withMessage('Should have a valid administrator email'), 35 body('admin.email').isEmail().withMessage('Should have a valid administrator email'),
35 body('contactForm.enabled').isBoolean().withMessage('Should have a valid contact form enabled boolean'), 36 body('contactForm.enabled').isBoolean().withMessage('Should have a valid contact form enabled boolean'),
diff --git a/server/middlewares/validators/follows.ts b/server/middlewares/validators/follows.ts
index bb849dc72..1d18de8cd 100644
--- a/server/middlewares/validators/follows.ts
+++ b/server/middlewares/validators/follows.ts
@@ -1,18 +1,18 @@
1import * as express from 'express' 1import * as express from 'express'
2import { body, param, query } from 'express-validator' 2import { body, param, query } from 'express-validator'
3import { isFollowStateValid } from '@server/helpers/custom-validators/follows'
4import { getServerActor } from '@server/models/application/application'
5import { MActorFollowActorsDefault } from '@server/types/models'
6import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
3import { isTestInstance } from '../../helpers/core-utils' 7import { isTestInstance } from '../../helpers/core-utils'
8import { isActorTypeValid, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor'
4import { isEachUniqueHostValid, isHostValid } from '../../helpers/custom-validators/servers' 9import { isEachUniqueHostValid, isHostValid } from '../../helpers/custom-validators/servers'
5import { logger } from '../../helpers/logger' 10import { logger } from '../../helpers/logger'
11import { loadActorUrlOrGetFromWebfinger } from '../../helpers/webfinger'
6import { SERVER_ACTOR_NAME, WEBSERVER } from '../../initializers/constants' 12import { SERVER_ACTOR_NAME, WEBSERVER } from '../../initializers/constants'
7import { ActorFollowModel } from '../../models/activitypub/actor-follow' 13import { ActorModel } from '../../models/actor/actor'
14import { ActorFollowModel } from '../../models/actor/actor-follow'
8import { areValidationErrors } from './utils' 15import { areValidationErrors } from './utils'
9import { ActorModel } from '../../models/activitypub/actor'
10import { loadActorUrlOrGetFromWebfinger } from '../../helpers/webfinger'
11import { isActorTypeValid, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor'
12import { MActorFollowActorsDefault } from '@server/types/models'
13import { isFollowStateValid } from '@server/helpers/custom-validators/follows'
14import { getServerActor } from '@server/models/application/application'
15import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
16 16
17const listFollowsValidator = [ 17const listFollowsValidator = [
18 query('state') 18 query('state')
diff --git a/server/middlewares/validators/oembed.ts b/server/middlewares/validators/oembed.ts
index 2a7dc257b..165eda6d5 100644
--- a/server/middlewares/validators/oembed.ts
+++ b/server/middlewares/validators/oembed.ts
@@ -4,15 +4,29 @@ import { join } from 'path'
4import { fetchVideo } from '@server/helpers/video' 4import { fetchVideo } from '@server/helpers/video'
5import { VideoPlaylistModel } from '@server/models/video/video-playlist' 5import { VideoPlaylistModel } from '@server/models/video/video-playlist'
6import { VideoPlaylistPrivacy, VideoPrivacy } from '@shared/models' 6import { VideoPlaylistPrivacy, VideoPrivacy } from '@shared/models'
7import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
7import { isTestInstance } from '../../helpers/core-utils' 8import { isTestInstance } from '../../helpers/core-utils'
8import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc' 9import { isIdOrUUIDValid } from '../../helpers/custom-validators/misc'
9import { logger } from '../../helpers/logger' 10import { logger } from '../../helpers/logger'
10import { WEBSERVER } from '../../initializers/constants' 11import { WEBSERVER } from '../../initializers/constants'
11import { areValidationErrors } from './utils' 12import { areValidationErrors } from './utils'
12import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
13 13
14const startVideoPlaylistsURL = WEBSERVER.SCHEME + '://' + join(WEBSERVER.HOST, 'videos', 'watch', 'playlist') + '/' 14const playlistPaths = [
15const startVideosURL = WEBSERVER.SCHEME + '://' + join(WEBSERVER.HOST, 'videos', 'watch') + '/' 15 join('videos', 'watch', 'playlist'),
16 join('w', 'p')
17]
18
19const videoPaths = [
20 join('videos', 'watch'),
21 'w'
22]
23
24function buildUrls (paths: string[]) {
25 return paths.map(p => WEBSERVER.SCHEME + '://' + join(WEBSERVER.HOST, p) + '/')
26}
27
28const startPlaylistURLs = buildUrls(playlistPaths)
29const startVideoURLs = buildUrls(videoPaths)
16 30
17const watchRegex = /([^/]+)$/ 31const watchRegex = /([^/]+)$/
18const isURLOptions = { 32const isURLOptions = {
@@ -43,8 +57,8 @@ const oembedValidator = [
43 57
44 const url = req.query.url as string 58 const url = req.query.url as string
45 59
46 const isPlaylist = url.startsWith(startVideoPlaylistsURL) 60 const isPlaylist = startPlaylistURLs.some(u => url.startsWith(u))
47 const isVideo = isPlaylist ? false : url.startsWith(startVideosURL) 61 const isVideo = isPlaylist ? false : startVideoURLs.some(u => url.startsWith(u))
48 62
49 const startIsOk = isVideo || isPlaylist 63 const startIsOk = isVideo || isPlaylist
50 64
diff --git a/server/middlewares/validators/plugins.ts b/server/middlewares/validators/plugins.ts
index ab87fe720..2c47ec5bb 100644
--- a/server/middlewares/validators/plugins.ts
+++ b/server/middlewares/validators/plugins.ts
@@ -1,15 +1,15 @@
1import * as express from 'express' 1import * as express from 'express'
2import { body, param, query, ValidationChain } from 'express-validator' 2import { body, param, query, ValidationChain } from 'express-validator'
3import { logger } from '../../helpers/logger' 3import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
4import { areValidationErrors } from './utils' 4import { PluginType } from '../../../shared/models/plugins/plugin.type'
5import { InstallOrUpdatePlugin } from '../../../shared/models/plugins/server/api/install-plugin.model'
6import { exists, isBooleanValid, isSafePath, toBooleanOrNull, toIntOrNull } from '../../helpers/custom-validators/misc'
5import { isNpmPluginNameValid, isPluginNameValid, isPluginTypeValid, isPluginVersionValid } from '../../helpers/custom-validators/plugins' 7import { isNpmPluginNameValid, isPluginNameValid, isPluginTypeValid, isPluginVersionValid } from '../../helpers/custom-validators/plugins'
8import { logger } from '../../helpers/logger'
9import { CONFIG } from '../../initializers/config'
6import { PluginManager } from '../../lib/plugins/plugin-manager' 10import { PluginManager } from '../../lib/plugins/plugin-manager'
7import { isBooleanValid, isSafePath, toBooleanOrNull, exists, toIntOrNull } from '../../helpers/custom-validators/misc'
8import { PluginModel } from '../../models/server/plugin' 11import { PluginModel } from '../../models/server/plugin'
9import { InstallOrUpdatePlugin } from '../../../shared/models/plugins/install-plugin.model' 12import { areValidationErrors } from './utils'
10import { PluginType } from '../../../shared/models/plugins/plugin.type'
11import { CONFIG } from '../../initializers/config'
12import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
13 13
14const getPluginValidator = (pluginType: PluginType, withVersion = true) => { 14const getPluginValidator = (pluginType: PluginType, withVersion = true) => {
15 const validators: (ValidationChain | express.Handler)[] = [ 15 const validators: (ValidationChain | express.Handler)[] = [
diff --git a/server/middlewares/validators/user-subscriptions.ts b/server/middlewares/validators/user-subscriptions.ts
index 0d0c8ccbf..1823892b6 100644
--- a/server/middlewares/validators/user-subscriptions.ts
+++ b/server/middlewares/validators/user-subscriptions.ts
@@ -1,12 +1,12 @@
1import * as express from 'express' 1import * as express from 'express'
2import { body, param, query } from 'express-validator' 2import { body, param, query } from 'express-validator'
3import { logger } from '../../helpers/logger' 3import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
4import { areValidationErrors } from './utils'
5import { ActorFollowModel } from '../../models/activitypub/actor-follow'
6import { areValidActorHandles, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor' 4import { areValidActorHandles, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor'
7import { toArray } from '../../helpers/custom-validators/misc' 5import { toArray } from '../../helpers/custom-validators/misc'
6import { logger } from '../../helpers/logger'
8import { WEBSERVER } from '../../initializers/constants' 7import { WEBSERVER } from '../../initializers/constants'
9import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes' 8import { ActorFollowModel } from '../../models/actor/actor-follow'
9import { areValidationErrors } from './utils'
10 10
11const userSubscriptionListValidator = [ 11const userSubscriptionListValidator = [
12 query('search').optional().not().isEmpty().withMessage('Should have a valid search'), 12 query('search').optional().not().isEmpty().withMessage('Should have a valid search'),
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 37119e279..548d5df4d 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -34,8 +34,8 @@ import { doesVideoExist } from '../../helpers/middlewares'
34import { isSignupAllowed, isSignupAllowedForCurrentIP } from '../../helpers/signup' 34import { isSignupAllowed, isSignupAllowedForCurrentIP } from '../../helpers/signup'
35import { isThemeRegistered } from '../../lib/plugins/theme-utils' 35import { isThemeRegistered } from '../../lib/plugins/theme-utils'
36import { Redis } from '../../lib/redis' 36import { Redis } from '../../lib/redis'
37import { UserModel } from '../../models/account/user' 37import { UserModel } from '../../models/user/user'
38import { ActorModel } from '../../models/activitypub/actor' 38import { ActorModel } from '../../models/actor/actor'
39import { areValidationErrors } from './utils' 39import { areValidationErrors } from './utils'
40 40
41const usersListValidator = [ 41const usersListValidator = [
diff --git a/server/middlewares/validators/videos/video-channels.ts b/server/middlewares/validators/videos/video-channels.ts
index 2463d281c..e881f0d3e 100644
--- a/server/middlewares/validators/videos/video-channels.ts
+++ b/server/middlewares/validators/videos/video-channels.ts
@@ -3,6 +3,7 @@ import { body, param, query } from 'express-validator'
3import { VIDEO_CHANNELS } from '@server/initializers/constants' 3import { VIDEO_CHANNELS } from '@server/initializers/constants'
4import { MChannelAccountDefault, MUser } from '@server/types/models' 4import { MChannelAccountDefault, MUser } from '@server/types/models'
5import { UserRight } from '../../../../shared' 5import { UserRight } from '../../../../shared'
6import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
6import { isActorPreferredUsernameValid } from '../../../helpers/custom-validators/activitypub/actor' 7import { isActorPreferredUsernameValid } from '../../../helpers/custom-validators/activitypub/actor'
7import { isBooleanValid, toBooleanOrNull } from '../../../helpers/custom-validators/misc' 8import { isBooleanValid, toBooleanOrNull } from '../../../helpers/custom-validators/misc'
8import { 9import {
@@ -12,10 +13,9 @@ import {
12} from '../../../helpers/custom-validators/video-channels' 13} from '../../../helpers/custom-validators/video-channels'
13import { logger } from '../../../helpers/logger' 14import { logger } from '../../../helpers/logger'
14import { doesLocalVideoChannelNameExist, doesVideoChannelNameWithHostExist } from '../../../helpers/middlewares' 15import { doesLocalVideoChannelNameExist, doesVideoChannelNameWithHostExist } from '../../../helpers/middlewares'
15import { ActorModel } from '../../../models/activitypub/actor' 16import { ActorModel } from '../../../models/actor/actor'
16import { VideoChannelModel } from '../../../models/video/video-channel' 17import { VideoChannelModel } from '../../../models/video/video-channel'
17import { areValidationErrors } from '../utils' 18import { areValidationErrors } from '../utils'
18import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
19 19
20const videoChannelsAddValidator = [ 20const videoChannelsAddValidator = [
21 body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'), 21 body('name').custom(isActorPreferredUsernameValid).withMessage('Should have a valid channel name'),
diff --git a/server/middlewares/validators/videos/video-imports.ts b/server/middlewares/validators/videos/video-imports.ts
index c53af3861..d0643ff26 100644
--- a/server/middlewares/validators/videos/video-imports.ts
+++ b/server/middlewares/validators/videos/video-imports.ts
@@ -47,14 +47,12 @@ const videoImportAddValidator = getCommonVideoEditAttributes().concat([
47 cleanUpReqFiles(req) 47 cleanUpReqFiles(req)
48 return res.status(HttpStatusCode.CONFLICT_409) 48 return res.status(HttpStatusCode.CONFLICT_409)
49 .json({ error: 'HTTP import is not enabled on this instance.' }) 49 .json({ error: 'HTTP import is not enabled on this instance.' })
50 .end()
51 } 50 }
52 51
53 if (CONFIG.IMPORT.VIDEOS.TORRENT.ENABLED !== true && (req.body.magnetUri || torrentFile)) { 52 if (CONFIG.IMPORT.VIDEOS.TORRENT.ENABLED !== true && (req.body.magnetUri || torrentFile)) {
54 cleanUpReqFiles(req) 53 cleanUpReqFiles(req)
55 return res.status(HttpStatusCode.CONFLICT_409) 54 return res.status(HttpStatusCode.CONFLICT_409)
56 .json({ error: 'Torrent/magnet URI import is not enabled on this instance.' }) 55 .json({ error: 'Torrent/magnet URI import is not enabled on this instance.' })
57 .end()
58 } 56 }
59 57
60 if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req) 58 if (!await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
@@ -65,7 +63,6 @@ const videoImportAddValidator = getCommonVideoEditAttributes().concat([
65 63
66 return res.status(HttpStatusCode.BAD_REQUEST_400) 64 return res.status(HttpStatusCode.BAD_REQUEST_400)
67 .json({ error: 'Should have a magnetUri or a targetUrl or a torrent file.' }) 65 .json({ error: 'Should have a magnetUri or a targetUrl or a torrent file.' })
68 .end()
69 } 66 }
70 67
71 if (!await isImportAccepted(req, res)) return cleanUpReqFiles(req) 68 if (!await isImportAccepted(req, res)) return cleanUpReqFiles(req)
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index d26bcd4a6..3219e10d4 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -7,7 +7,7 @@ import { ExpressPromiseHandler } from '@server/types/express'
7import { MUserAccountId, MVideoWithRights } from '@server/types/models' 7import { MUserAccountId, MVideoWithRights } from '@server/types/models'
8import { ServerErrorCode, UserRight, VideoChangeOwnershipStatus, VideoPrivacy } from '../../../../shared' 8import { ServerErrorCode, UserRight, VideoChangeOwnershipStatus, VideoPrivacy } from '../../../../shared'
9import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' 9import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
10import { VideoChangeOwnershipAccept } from '../../../../shared/models/videos/video-change-ownership-accept.model' 10import { VideoChangeOwnershipAccept } from '../../../../shared/models/videos/change-ownership/video-change-ownership-accept.model'
11import { 11import {
12 exists, 12 exists,
13 isBooleanValid, 13 isBooleanValid,
diff --git a/server/middlewares/validators/webfinger.ts b/server/middlewares/validators/webfinger.ts
index a71422ed8..c2dfccc96 100644
--- a/server/middlewares/validators/webfinger.ts
+++ b/server/middlewares/validators/webfinger.ts
@@ -1,11 +1,11 @@
1import * as express from 'express' 1import * as express from 'express'
2import { query } from 'express-validator' 2import { query } from 'express-validator'
3import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
3import { isWebfingerLocalResourceValid } from '../../helpers/custom-validators/webfinger' 4import { isWebfingerLocalResourceValid } from '../../helpers/custom-validators/webfinger'
5import { getHostWithPort } from '../../helpers/express-utils'
4import { logger } from '../../helpers/logger' 6import { logger } from '../../helpers/logger'
5import { ActorModel } from '../../models/activitypub/actor' 7import { ActorModel } from '../../models/actor/actor'
6import { areValidationErrors } from './utils' 8import { areValidationErrors } from './utils'
7import { getHostWithPort } from '../../helpers/express-utils'
8import { HttpStatusCode } from '../../../shared/core-utils/miscs/http-error-codes'
9 9
10const webfingerValidator = [ 10const webfingerValidator = [
11 query('resource').custom(isWebfingerLocalResourceValid).withMessage('Should have a valid webfinger resource'), 11 query('resource').custom(isWebfingerLocalResourceValid).withMessage('Should have a valid webfinger resource'),