From af5767ffae41b2d5604e41ba9a7225c623dd6735 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 12 Oct 2018 17:26:40 +0200 Subject: Add user/instance block by users in the client --- server/middlewares/validators/blocklist.ts | 45 +++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) (limited to 'server/middlewares/validators/blocklist.ts') diff --git a/server/middlewares/validators/blocklist.ts b/server/middlewares/validators/blocklist.ts index 9dbd5e512..25c054d6b 100644 --- a/server/middlewares/validators/blocklist.ts +++ b/server/middlewares/validators/blocklist.ts @@ -1,4 +1,4 @@ -import { param, body } from 'express-validator/check' +import { body, param } from 'express-validator/check' import * as express from 'express' import { logger } from '../../helpers/logger' import { areValidationErrors } from './utils' @@ -7,6 +7,8 @@ import { UserModel } from '../../models/account/user' import { AccountBlocklistModel } from '../../models/account/account-blocklist' import { isHostValid } from '../../helpers/custom-validators/servers' import { ServerBlocklistModel } from '../../models/server/server-blocklist' +import { ServerModel } from '../../models/server/server' +import { CONFIG } from '../../initializers' const blockAccountByAccountValidator = [ body('accountName').exists().withMessage('Should have an account name with host'), @@ -17,6 +19,17 @@ const blockAccountByAccountValidator = [ if (areValidationErrors(req, res)) return if (!await isAccountNameWithHostExist(req.body.accountName, res)) return + const user = res.locals.oauth.token.User as UserModel + const accountToBlock = res.locals.account + + if (user.Account.id === accountToBlock.id) { + res.status(409) + .send({ error: 'You cannot block yourself.' }) + .end() + + return + } + return next() } ] @@ -38,6 +51,35 @@ const unblockAccountByAccountValidator = [ } ] +const blockServerByAccountValidator = [ + body('host').custom(isHostValid).withMessage('Should have a valid host'), + + async (req: express.Request, res: express.Response, next: express.NextFunction) => { + logger.debug('Checking serverGetValidator parameters', { parameters: req.body }) + + if (areValidationErrors(req, res)) return + + const host: string = req.body.host + + if (host === CONFIG.WEBSERVER.HOST) { + return res.status(409) + .send({ error: 'You cannot block your own server.' }) + .end() + } + + const server = await ServerModel.loadByHost(host) + if (!server) { + return res.status(404) + .send({ error: 'Server host not found.' }) + .end() + } + + res.locals.server = server + + return next() + } +] + const unblockServerByAccountValidator = [ param('host').custom(isHostValid).withMessage('Should have an account name with host'), @@ -56,6 +98,7 @@ const unblockServerByAccountValidator = [ // --------------------------------------------------------------------------- export { + blockServerByAccountValidator, blockAccountByAccountValidator, unblockAccountByAccountValidator, unblockServerByAccountValidator -- cgit v1.2.3