From fd45e8f43c2638478599ca75632518054461da85 Mon Sep 17 00:00:00 2001
From: Chocobozzz <florian.bigard@gmail.com>
Date: Tue, 31 Oct 2017 11:52:52 +0100
Subject: Add video privacy setting

---
 server/middlewares/validators/videos.ts | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

(limited to 'server/middlewares/validators')

diff --git a/server/middlewares/validators/videos.ts b/server/middlewares/validators/videos.ts
index 0c07404c5..e197d4606 100644
--- a/server/middlewares/validators/videos.ts
+++ b/server/middlewares/validators/videos.ts
@@ -20,9 +20,10 @@ import {
   isVideoRatingTypeValid,
   getDurationFromVideoFile,
   checkVideoExists,
-  isIdValid
+  isIdValid,
+  isVideoPrivacyValid
 } from '../../helpers'
-import { UserRight } from '../../../shared'
+import { UserRight, VideoPrivacy } from '../../../shared'
 
 const videosAddValidator = [
   body('videofile').custom((value, { req }) => isVideoFile(req.files)).withMessage(
@@ -36,6 +37,7 @@ const videosAddValidator = [
   body('nsfw').custom(isVideoNSFWValid).withMessage('Should have a valid NSFW attribute'),
   body('description').custom(isVideoDescriptionValid).withMessage('Should have a valid description'),
   body('channelId').custom(isIdValid).withMessage('Should have correct video channel id'),
+  body('privacy').custom(isVideoPrivacyValid).withMessage('Should have correct video privacy'),
   body('tags').optional().custom(isVideoTagsValid).withMessage('Should have correct tags'),
 
   (req: express.Request, res: express.Response, next: express.NextFunction) => {
@@ -110,6 +112,7 @@ const videosUpdateValidator = [
   body('licence').optional().custom(isVideoLicenceValid).withMessage('Should have a valid licence'),
   body('language').optional().custom(isVideoLanguageValid).withMessage('Should have a valid language'),
   body('nsfw').optional().custom(isVideoNSFWValid).withMessage('Should have a valid NSFW attribute'),
+  body('privacy').custom(isVideoPrivacyValid).withMessage('Should have correct video privacy'),
   body('description').optional().custom(isVideoDescriptionValid).withMessage('Should have a valid description'),
   body('tags').optional().custom(isVideoTagsValid).withMessage('Should have correct tags'),
 
@@ -118,19 +121,27 @@ const videosUpdateValidator = [
 
     checkErrors(req, res, () => {
       checkVideoExists(req.params.id, res, () => {
+        const video = res.locals.video
+
         // We need to make additional checks
-        if (res.locals.video.isOwned() === false) {
+        if (video.isOwned() === false) {
           return res.status(403)
                     .json({ error: 'Cannot update video of another pod' })
                     .end()
         }
 
-        if (res.locals.video.VideoChannel.Author.userId !== res.locals.oauth.token.User.id) {
+        if (video.VideoChannel.Author.userId !== res.locals.oauth.token.User.id) {
           return res.status(403)
                     .json({ error: 'Cannot update video of another user' })
                     .end()
         }
 
+        if (video.privacy !== VideoPrivacy.PRIVATE && req.body.privacy === VideoPrivacy.PRIVATE) {
+          return res.status(409)
+            .json({ error: 'Cannot set "private" a video that was not private anymore.' })
+            .end()
+        }
+
         next()
       })
     })
-- 
cgit v1.2.3