From edbc9325462ddf4536775871ebc25e06f46612d1 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 24 Jul 2020 15:05:51 +0200 Subject: Add server API to abuse messages --- server/controllers/api/abuse.ts | 81 ++++++++++++++++++++++++++++--- server/controllers/api/users/index.ts | 26 +++++----- server/controllers/api/users/my-abuses.ts | 48 ++++++++++++++++++ server/controllers/api/videos/abuse.ts | 8 +-- 4 files changed, 141 insertions(+), 22 deletions(-) create mode 100644 server/controllers/api/users/my-abuses.ts (limited to 'server/controllers/api') diff --git a/server/controllers/api/abuse.ts b/server/controllers/api/abuse.ts index 04a0c06e3..50d068157 100644 --- a/server/controllers/api/abuse.ts +++ b/server/controllers/api/abuse.ts @@ -1,20 +1,24 @@ import * as express from 'express' import { createAccountAbuse, createVideoAbuse, createVideoCommentAbuse } from '@server/lib/moderation' import { AbuseModel } from '@server/models/abuse/abuse' +import { AbuseMessageModel } from '@server/models/abuse/abuse-message' import { getServerActor } from '@server/models/application/application' import { AbuseCreate, abusePredefinedReasonsMap, AbuseState, UserRight } from '../../../shared' import { getFormattedObjects } from '../../helpers/utils' import { sequelizeTypescript } from '../../initializers/database' import { abuseGetValidator, - abuseListValidator, + abuseListForAdminsValidator, abuseReportValidator, abusesSortValidator, abuseUpdateValidator, + addAbuseMessageValidator, asyncMiddleware, asyncRetryTransactionMiddleware, authenticate, + deleteAbuseMessageValidator, ensureUserHasRight, + getAbuseValidator, paginationValidator, setDefaultPagination, setDefaultSort @@ -30,8 +34,8 @@ abuseRouter.get('/', abusesSortValidator, setDefaultSort, setDefaultPagination, - abuseListValidator, - asyncMiddleware(listAbuses) + abuseListForAdminsValidator, + asyncMiddleware(listAbusesForAdmins) ) abuseRouter.put('/:id', authenticate, @@ -51,13 +55,33 @@ abuseRouter.delete('/:id', asyncRetryTransactionMiddleware(deleteAbuse) ) +abuseRouter.get('/:id/messages', + authenticate, + asyncMiddleware(getAbuseValidator), + asyncRetryTransactionMiddleware(listAbuseMessages) +) + +abuseRouter.post('/:id/messages', + authenticate, + asyncMiddleware(getAbuseValidator), + addAbuseMessageValidator, + asyncRetryTransactionMiddleware(addAbuseMessage) +) + +abuseRouter.delete('/:id/messages/:messageId', + authenticate, + asyncMiddleware(getAbuseValidator), + asyncMiddleware(deleteAbuseMessageValidator), + asyncRetryTransactionMiddleware(deleteAbuseMessage) +) + // --------------------------------------------------------------------------- export { abuseRouter, // FIXME: deprecated in 2.3. Remove these exports - listAbuses, + listAbusesForAdmins, updateAbuse, deleteAbuse, reportAbuse @@ -65,11 +89,11 @@ export { // --------------------------------------------------------------------------- -async function listAbuses (req: express.Request, res: express.Response) { +async function listAbusesForAdmins (req: express.Request, res: express.Response) { const user = res.locals.oauth.token.user const serverActor = await getServerActor() - const resultList = await AbuseModel.listForApi({ + const resultList = await AbuseModel.listForAdminApi({ start: req.query.start, count: req.query.count, sort: req.query.sort, @@ -87,7 +111,10 @@ async function listAbuses (req: express.Request, res: express.Response) { user }) - return res.json(getFormattedObjects(resultList.data, resultList.total)) + return res.json({ + total: resultList.total, + data: resultList.data.map(d => d.toFormattedAdminJSON()) + }) } async function updateAbuse (req: express.Request, res: express.Response) { @@ -100,6 +127,8 @@ async function updateAbuse (req: express.Request, res: express.Response) { return abuse.save({ transaction: t }) }) + // TODO: Notification + // Do not send the delete to other instances, we updated OUR copy of this abuse return res.type('json').status(204).end() @@ -166,3 +195,41 @@ async function reportAbuse (req: express.Request, res: express.Response) { return res.json({ abuse: { id } }) } + +async function listAbuseMessages (req: express.Request, res: express.Response) { + const abuse = res.locals.abuse + + const resultList = await AbuseMessageModel.listForApi(abuse.id) + + return res.json(getFormattedObjects(resultList.data, resultList.total)) +} + +async function addAbuseMessage (req: express.Request, res: express.Response) { + const abuse = res.locals.abuse + const user = res.locals.oauth.token.user + + const abuseMessage = await AbuseMessageModel.create({ + message: req.body.message, + byModerator: abuse.reporterAccountId !== user.Account.id, + accountId: user.Account.id, + abuseId: abuse.id + }) + + // TODO: Notification + + return res.json({ + abuseMessage: { + id: abuseMessage.id + } + }) +} + +async function deleteAbuseMessage (req: express.Request, res: express.Response) { + const abuseMessage = res.locals.abuseMessage + + await sequelizeTypescript.transaction(t => { + return abuseMessage.destroy({ transaction: t }) + }) + + return res.sendStatus(204) +} diff --git a/server/controllers/api/users/index.ts b/server/controllers/api/users/index.ts index 5939f6125..d339c2a1c 100644 --- a/server/controllers/api/users/index.ts +++ b/server/controllers/api/users/index.ts @@ -1,10 +1,20 @@ import * as express from 'express' import * as RateLimit from 'express-rate-limit' +import { tokensRouter } from '@server/controllers/api/users/token' +import { Hooks } from '@server/lib/plugins/hooks' +import { MUser, MUserAccountDefault } from '@server/types/models' import { UserCreate, UserRight, UserRole, UserUpdate } from '../../../../shared' +import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' +import { UserRegister } from '../../../../shared/models/users/user-register.model' +import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger' import { logger } from '../../../helpers/logger' import { generateRandomString, getFormattedObjects } from '../../../helpers/utils' +import { CONFIG } from '../../../initializers/config' import { WEBSERVER } from '../../../initializers/constants' +import { sequelizeTypescript } from '../../../initializers/database' import { Emailer } from '../../../lib/emailer' +import { Notifier } from '../../../lib/notifier' +import { deleteUserToken } from '../../../lib/oauth-model' import { Redis } from '../../../lib/redis' import { createUserAccountAndChannelAndPlaylist, sendVerifyUserEmail } from '../../../lib/user' import { @@ -18,9 +28,9 @@ import { setDefaultPagination, setDefaultSort, userAutocompleteValidator, - usersListValidator, usersAddValidator, usersGetValidator, + usersListValidator, usersRegisterValidator, usersRemoveValidator, usersSortValidator, @@ -35,22 +45,13 @@ import { usersVerifyEmailValidator } from '../../../middlewares/validators' import { UserModel } from '../../../models/account/user' -import { auditLoggerFactory, getAuditIdFromRes, UserAuditView } from '../../../helpers/audit-logger' import { meRouter } from './me' -import { deleteUserToken } from '../../../lib/oauth-model' +import { myAbusesRouter } from './my-abuses' import { myBlocklistRouter } from './my-blocklist' -import { myVideoPlaylistsRouter } from './my-video-playlists' import { myVideosHistoryRouter } from './my-history' import { myNotificationsRouter } from './my-notifications' -import { Notifier } from '../../../lib/notifier' import { mySubscriptionsRouter } from './my-subscriptions' -import { CONFIG } from '../../../initializers/config' -import { sequelizeTypescript } from '../../../initializers/database' -import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' -import { UserRegister } from '../../../../shared/models/users/user-register.model' -import { MUser, MUserAccountDefault } from '@server/types/models' -import { Hooks } from '@server/lib/plugins/hooks' -import { tokensRouter } from '@server/controllers/api/users/token' +import { myVideoPlaylistsRouter } from './my-video-playlists' const auditLogger = auditLoggerFactory('users') @@ -72,6 +73,7 @@ usersRouter.use('/', mySubscriptionsRouter) usersRouter.use('/', myBlocklistRouter) usersRouter.use('/', myVideosHistoryRouter) usersRouter.use('/', myVideoPlaylistsRouter) +usersRouter.use('/', myAbusesRouter) usersRouter.use('/', meRouter) usersRouter.get('/autocomplete', diff --git a/server/controllers/api/users/my-abuses.ts b/server/controllers/api/users/my-abuses.ts new file mode 100644 index 000000000..e43fc483e --- /dev/null +++ b/server/controllers/api/users/my-abuses.ts @@ -0,0 +1,48 @@ +import * as express from 'express' +import { AbuseModel } from '@server/models/abuse/abuse' +import { + abuseListForUserValidator, + abusesSortValidator, + asyncMiddleware, + authenticate, + paginationValidator, + setDefaultPagination, + setDefaultSort +} from '../../../middlewares' + +const myAbusesRouter = express.Router() + +myAbusesRouter.get('/me/abuses', + authenticate, + paginationValidator, + abusesSortValidator, + setDefaultSort, + setDefaultPagination, + abuseListForUserValidator, + asyncMiddleware(listMyAbuses) +) + +// --------------------------------------------------------------------------- + +export { + myAbusesRouter +} + +// --------------------------------------------------------------------------- + +async function listMyAbuses (req: express.Request, res: express.Response) { + const resultList = await AbuseModel.listForUserApi({ + start: req.query.start, + count: req.query.count, + sort: req.query.sort, + id: req.query.id, + search: req.query.search, + state: req.query.state, + user: res.locals.oauth.token.User + }) + + return res.json({ + total: resultList.total, + data: resultList.data.map(d => d.toFormattedAdminJSON()) + }) +} diff --git a/server/controllers/api/videos/abuse.ts b/server/controllers/api/videos/abuse.ts index b92a66360..9c4d00849 100644 --- a/server/controllers/api/videos/abuse.ts +++ b/server/controllers/api/videos/abuse.ts @@ -2,7 +2,6 @@ import * as express from 'express' import { AbuseModel } from '@server/models/abuse/abuse' import { getServerActor } from '@server/models/application/application' import { AbuseCreate, UserRight, VideoAbuseCreate } from '../../../../shared' -import { getFormattedObjects } from '../../../helpers/utils' import { abusesSortValidator, asyncMiddleware, @@ -63,7 +62,7 @@ async function listVideoAbuses (req: express.Request, res: express.Response) { const user = res.locals.oauth.token.user const serverActor = await getServerActor() - const resultList = await AbuseModel.listForApi({ + const resultList = await AbuseModel.listForAdminApi({ start: req.query.start, count: req.query.count, sort: req.query.sort, @@ -81,7 +80,10 @@ async function listVideoAbuses (req: express.Request, res: express.Response) { user }) - return res.json(getFormattedObjects(resultList.data, resultList.total)) + return res.json({ + total: resultList.total, + data: resultList.data.map(d => d.toFormattedAdminJSON()) + }) } async function updateVideoAbuse (req: express.Request, res: express.Response) { -- cgit v1.2.3