diff options
Diffstat (limited to 'server/middlewares')
-rw-r--r-- | server/middlewares/validators/follows.ts | 37 |
1 files changed, 29 insertions, 8 deletions
diff --git a/server/middlewares/validators/follows.ts b/server/middlewares/validators/follows.ts index 05cc66c38..16abdd096 100644 --- a/server/middlewares/validators/follows.ts +++ b/server/middlewares/validators/follows.ts | |||
@@ -1,7 +1,8 @@ | |||
1 | import * as express from 'express' | 1 | import * as express from 'express' |
2 | import { body, param, query } from 'express-validator' | 2 | import { body, param, query } from 'express-validator' |
3 | import { isFollowStateValid } from '@server/helpers/custom-validators/follows' | 3 | import { isEachUniqueHandleValid, isFollowStateValid, isRemoteHandleValid } from '@server/helpers/custom-validators/follows' |
4 | import { loadActorUrlOrGetFromWebfinger } from '@server/lib/activitypub/actors' | 4 | import { loadActorUrlOrGetFromWebfinger } from '@server/lib/activitypub/actors' |
5 | import { getRemoteNameAndHost } from '@server/lib/activitypub/follow' | ||
5 | import { getServerActor } from '@server/models/application/application' | 6 | import { getServerActor } from '@server/models/application/application' |
6 | import { MActorFollowActorsDefault } from '@server/types/models' | 7 | import { MActorFollowActorsDefault } from '@server/types/models' |
7 | import { HttpStatusCode } from '../../../shared/models/http/http-error-codes' | 8 | import { HttpStatusCode } from '../../../shared/models/http/http-error-codes' |
@@ -9,10 +10,11 @@ import { isTestInstance } from '../../helpers/core-utils' | |||
9 | import { isActorTypeValid, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor' | 10 | import { isActorTypeValid, isValidActorHandle } from '../../helpers/custom-validators/activitypub/actor' |
10 | import { isEachUniqueHostValid, isHostValid } from '../../helpers/custom-validators/servers' | 11 | import { isEachUniqueHostValid, isHostValid } from '../../helpers/custom-validators/servers' |
11 | import { logger } from '../../helpers/logger' | 12 | import { logger } from '../../helpers/logger' |
12 | import { SERVER_ACTOR_NAME, WEBSERVER } from '../../initializers/constants' | 13 | import { WEBSERVER } from '../../initializers/constants' |
13 | import { ActorModel } from '../../models/actor/actor' | 14 | import { ActorModel } from '../../models/actor/actor' |
14 | import { ActorFollowModel } from '../../models/actor/actor-follow' | 15 | import { ActorFollowModel } from '../../models/actor/actor-follow' |
15 | import { areValidationErrors } from './shared' | 16 | import { areValidationErrors } from './shared' |
17 | import { ServerFollowCreate } from '@shared/models' | ||
16 | 18 | ||
17 | const listFollowsValidator = [ | 19 | const listFollowsValidator = [ |
18 | query('state') | 20 | query('state') |
@@ -30,29 +32,46 @@ const listFollowsValidator = [ | |||
30 | ] | 32 | ] |
31 | 33 | ||
32 | const followValidator = [ | 34 | const followValidator = [ |
33 | body('hosts').custom(isEachUniqueHostValid).withMessage('Should have an array of unique hosts'), | 35 | body('hosts') |
36 | .toArray() | ||
37 | .custom(isEachUniqueHostValid).withMessage('Should have an array of unique hosts'), | ||
38 | |||
39 | body('handles') | ||
40 | .toArray() | ||
41 | .custom(isEachUniqueHandleValid).withMessage('Should have an array of handles'), | ||
34 | 42 | ||
35 | (req: express.Request, res: express.Response, next: express.NextFunction) => { | 43 | (req: express.Request, res: express.Response, next: express.NextFunction) => { |
36 | // Force https if the administrator wants to make friends | 44 | // Force https if the administrator wants to follow remote actors |
37 | if (isTestInstance() === false && WEBSERVER.SCHEME === 'http') { | 45 | if (isTestInstance() === false && WEBSERVER.SCHEME === 'http') { |
38 | return res | 46 | return res |
39 | .status(HttpStatusCode.INTERNAL_SERVER_ERROR_500) | 47 | .status(HttpStatusCode.INTERNAL_SERVER_ERROR_500) |
40 | .json({ | 48 | .json({ |
41 | error: 'Cannot follow on a non HTTPS web server.' | 49 | error: 'Cannot follow on a non HTTPS web server.' |
42 | }) | 50 | }) |
43 | .end() | ||
44 | } | 51 | } |
45 | 52 | ||
46 | logger.debug('Checking follow parameters', { parameters: req.body }) | 53 | logger.debug('Checking follow parameters', { parameters: req.body }) |
47 | 54 | ||
48 | if (areValidationErrors(req, res)) return | 55 | if (areValidationErrors(req, res)) return |
49 | 56 | ||
57 | const body: ServerFollowCreate = req.body | ||
58 | if (body.hosts.length === 0 && body.handles.length === 0) { | ||
59 | |||
60 | return res | ||
61 | .status(HttpStatusCode.BAD_REQUEST_400) | ||
62 | .json({ | ||
63 | error: 'You must provide at least one handle or one host.' | ||
64 | }) | ||
65 | } | ||
66 | |||
50 | return next() | 67 | return next() |
51 | } | 68 | } |
52 | ] | 69 | ] |
53 | 70 | ||
54 | const removeFollowingValidator = [ | 71 | const removeFollowingValidator = [ |
55 | param('host').custom(isHostValid).withMessage('Should have a valid host'), | 72 | param('hostOrHandle') |
73 | .custom(value => isHostValid(value) || isRemoteHandleValid(value)) | ||
74 | .withMessage('Should have a valid host/handle'), | ||
56 | 75 | ||
57 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { | 76 | async (req: express.Request, res: express.Response, next: express.NextFunction) => { |
58 | logger.debug('Checking unfollowing parameters', { parameters: req.params }) | 77 | logger.debug('Checking unfollowing parameters', { parameters: req.params }) |
@@ -60,12 +79,14 @@ const removeFollowingValidator = [ | |||
60 | if (areValidationErrors(req, res)) return | 79 | if (areValidationErrors(req, res)) return |
61 | 80 | ||
62 | const serverActor = await getServerActor() | 81 | const serverActor = await getServerActor() |
63 | const follow = await ActorFollowModel.loadByActorAndTargetNameAndHostForAPI(serverActor.id, SERVER_ACTOR_NAME, req.params.host) | 82 | |
83 | const { name, host } = getRemoteNameAndHost(req.params.hostOrHandle) | ||
84 | const follow = await ActorFollowModel.loadByActorAndTargetNameAndHostForAPI(serverActor.id, name, host) | ||
64 | 85 | ||
65 | if (!follow) { | 86 | if (!follow) { |
66 | return res.fail({ | 87 | return res.fail({ |
67 | status: HttpStatusCode.NOT_FOUND_404, | 88 | status: HttpStatusCode.NOT_FOUND_404, |
68 | message: `Following ${req.params.host} not found.` | 89 | message: `Follow ${req.params.hostOrHandle} not found.` |
69 | }) | 90 | }) |
70 | } | 91 | } |
71 | 92 | ||