From 6d8524702874120a4667269a81a61e3c7c5e300d Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Fri, 22 Dec 2017 09:14:50 +0100
Subject: Create comment on replied mastodon statutes

---
 .../custom-validators/activitypub/activity.ts      |  4 ++-
 .../activitypub/video-comments.ts                  | 40 ++++++++++++++++++++++
 2 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 server/helpers/custom-validators/activitypub/video-comments.ts

(limited to 'server/helpers')

diff --git a/server/helpers/custom-validators/activitypub/activity.ts b/server/helpers/custom-validators/activitypub/activity.ts
index c402800a4..f2e137061 100644
--- a/server/helpers/custom-validators/activitypub/activity.ts
+++ b/server/helpers/custom-validators/activitypub/activity.ts
@@ -6,6 +6,7 @@ import { isActivityPubUrlValid } from './misc'
 import { isDislikeActivityValid, isLikeActivityValid } from './rate'
 import { isUndoActivityValid } from './undo'
 import { isVideoChannelDeleteActivityValid, isVideoChannelUpdateActivityValid } from './video-channels'
+import { isVideoCommentCreateActivityValid } from './video-comments'
 import {
   isVideoFlagValid,
   isVideoTorrentCreateActivityValid,
@@ -59,7 +60,8 @@ function checkCreateActivity (activity: any) {
   return isViewActivityValid(activity) ||
     isDislikeActivityValid(activity) ||
     isVideoTorrentCreateActivityValid(activity) ||
-    isVideoFlagValid(activity)
+    isVideoFlagValid(activity) ||
+    isVideoCommentCreateActivityValid(activity)
 }
 
 function checkUpdateActivity (activity: any) {
diff --git a/server/helpers/custom-validators/activitypub/video-comments.ts b/server/helpers/custom-validators/activitypub/video-comments.ts
new file mode 100644
index 000000000..489ff27de
--- /dev/null
+++ b/server/helpers/custom-validators/activitypub/video-comments.ts
@@ -0,0 +1,40 @@
+import * as validator from 'validator'
+import { exists, isDateValid } from '../misc'
+import { isActivityPubUrlValid, isBaseActivityValid } from './misc'
+import * as sanitizeHtml from 'sanitize-html'
+
+function isVideoCommentCreateActivityValid (activity: any) {
+  return isBaseActivityValid(activity, 'Create') &&
+    isVideoCommentObjectValid(activity.object)
+}
+
+function isVideoCommentObjectValid (comment: any) {
+  return comment.type === 'Note' &&
+    isActivityPubUrlValid(comment.id) &&
+    sanitizeCommentHTML(comment) &&
+    isCommentContentValid(comment.content) &&
+    isActivityPubUrlValid(comment.inReplyTo) &&
+    isDateValid(comment.published) &&
+    isActivityPubUrlValid(comment.url)
+}
+
+// ---------------------------------------------------------------------------
+
+export {
+  isVideoCommentCreateActivityValid
+}
+
+// ---------------------------------------------------------------------------
+
+function sanitizeCommentHTML (comment: any) {
+  return sanitizeHtml(comment.content, {
+    allowedTags: [ 'b', 'i', 'em', 'span', 'a' ],
+    allowedAttributes: {
+      'a': [ 'href' ]
+    }
+  })
+}
+
+function isCommentContentValid (content: any) {
+  return exists(content) && validator.isLength('' + content, { min: 1 })
+}
-- 
cgit v1.2.3