From 46a6db245f50249246325090eeaffd165453a396 Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Thu, 6 Jun 2019 16:44:02 +0200
Subject: Add ability to set to private a public/unlisted video

---
 server/controllers/api/videos/index.ts         | 13 ++++++++++---
 server/middlewares/validators/videos/videos.ts |  8 --------
 server/tests/api/videos/video-privacy.ts       | 26 ++++++++++++++++++++++++--
 3 files changed, 34 insertions(+), 13 deletions(-)

diff --git a/server/controllers/api/videos/index.ts b/server/controllers/api/videos/index.ts
index 99900ca4a..5ebd8fbc4 100644
--- a/server/controllers/api/videos/index.ts
+++ b/server/controllers/api/videos/index.ts
@@ -199,11 +199,10 @@ async function addVideo (req: express.Request, res: express.Response) {
   const video = new VideoModel(videoData)
   video.url = getVideoActivityPubUrl(video) // We use the UUID, so set the URL after building the object
 
-  const videoFileData = {
+  const videoFile = new VideoFileModel({
     extname: extname(videoPhysicalFile.filename),
     size: videoPhysicalFile.size
-  }
-  const videoFile = new VideoFileModel(videoFileData)
+  })
 
   if (videoFile.isAudio()) {
     videoFile.resolution = DEFAULT_AUDIO_RESOLUTION
@@ -321,7 +320,9 @@ async function updateVideo (req: express.Request, res: express.Response) {
   const videoFieldsSave = videoInstance.toJSON()
   const oldVideoAuditView = new VideoAuditView(videoInstance.toFormattedDetailsJSON())
   const videoInfoToUpdate: VideoUpdate = req.body
+
   const wasPrivateVideo = videoInstance.privacy === VideoPrivacy.PRIVATE
+  const wasNotPrivateVideo = videoInstance.privacy !== VideoPrivacy.PRIVATE
   const wasUnlistedVideo = videoInstance.privacy === VideoPrivacy.UNLISTED
 
   // Process thumbnail or create it from the video
@@ -357,9 +358,15 @@ async function updateVideo (req: express.Request, res: express.Response) {
         const newPrivacy = parseInt(videoInfoToUpdate.privacy.toString(), 10)
         videoInstance.privacy = newPrivacy
 
+        // The video was private, and is not anymore -> publish it
         if (wasPrivateVideo === true && newPrivacy !== VideoPrivacy.PRIVATE) {
           videoInstance.publishedAt = new Date()
         }
+
+        // The video was not private, but now it is -> we need to unfederate it
+        if (wasNotPrivateVideo === true && newPrivacy === VideoPrivacy.PRIVATE) {
+          await VideoModel.sendDelete(videoInstance, { transaction: t })
+        }
       }
 
       const videoInstanceUpdated = await videoInstance.save(sequelizeOptions)
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index 2b01f108d..b1c05ab2d 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -111,18 +111,10 @@ const videosUpdateValidator = getCommonVideoEditAttributes().concat([
     if (areErrorsInScheduleUpdate(req, res)) return cleanUpReqFiles(req)
     if (!await doesVideoExist(req.params.id, res)) return cleanUpReqFiles(req)
 
-    const video = res.locals.video
-
     // Check if the user who did the request is able to update the video
     const user = res.locals.oauth.token.User
     if (!checkUserCanManageVideo(user, res.locals.video, UserRight.UPDATE_ANY_VIDEO, res)) return cleanUpReqFiles(req)
 
-    if (video.privacy !== VideoPrivacy.PRIVATE && req.body.privacy === VideoPrivacy.PRIVATE) {
-      cleanUpReqFiles(req)
-      return res.status(409)
-        .json({ error: 'Cannot set "private" a video that was not private.' })
-    }
-
     if (req.body.channelId && !await doesVideoChannelOfAccountExist(req.body.channelId, user, res)) return cleanUpReqFiles(req)
 
     return next()
diff --git a/server/tests/api/videos/video-privacy.ts b/server/tests/api/videos/video-privacy.ts
index ef1cf0f07..40b539106 100644
--- a/server/tests/api/videos/video-privacy.ts
+++ b/server/tests/api/videos/video-privacy.ts
@@ -6,8 +6,7 @@ import { VideoPrivacy } from '../../../../shared/models/videos/video-privacy.enu
 import {
   cleanupTests,
   flushAndRunMultipleServers,
-  getVideosList,
-  killallServers,
+  getVideosList, getVideosListWithToken,
   ServerInfo,
   setAccessTokensToServers,
   uploadVideo
@@ -153,6 +152,29 @@ describe('Test video privacy', function () {
     }
   })
 
+  it('Should set this new video as private', async function () {
+    this.timeout(10000)
+
+    await updateVideo(servers[0].url, servers[0].accessToken, privateVideoId, { privacy: VideoPrivacy.PRIVATE })
+
+    await waitJobs(servers)
+
+    for (const server of servers) {
+      const res = await getVideosList(server.url)
+
+      expect(res.body.total).to.equal(0)
+      expect(res.body.data).to.have.lengthOf(0)
+    }
+
+    {
+      const res = await getMyVideos(servers[0].url, servers[0].accessToken, 0, 5)
+
+      expect(res.body.total).to.equal(1)
+      expect(res.body.data).to.have.lengthOf(1)
+      expect(res.body.data[0].name).to.equal('super video public')
+    }
+  })
+
   after(async function () {
     await cleanupTests(servers)
   })
-- 
cgit v1.2.3