From ab683a8e0d998cfd9dfb9562d3c616f3e6e1dbfd Mon Sep 17 00:00:00 2001
From: Chocobozzz <florian.bigard@gmail.com>
Date: Wed, 26 Apr 2017 21:42:36 +0200
Subject: Format video blacklist

---
 server/middlewares/admin.js             |  3 +--
 server/middlewares/validators/videos.js | 30 +++++++++++++++---------------
 2 files changed, 16 insertions(+), 17 deletions(-)

(limited to 'server/middlewares')

diff --git a/server/middlewares/admin.js b/server/middlewares/admin.js
index e6d9dc887..3288f4c6b 100644
--- a/server/middlewares/admin.js
+++ b/server/middlewares/admin.js
@@ -1,6 +1,5 @@
 'use strict'
 
-const constants = require('../initializers/constants')
 const logger = require('../helpers/logger')
 
 const adminMiddleware = {
@@ -9,7 +8,7 @@ const adminMiddleware = {
 
 function ensureIsAdmin (req, res, next) {
   const user = res.locals.oauth.token.user
-  if (user.role !== constants.USER_ROLES.ADMIN) {
+  if (user.isAdmin() === false) {
     logger.info('A non admin user is trying to access to an admin content.')
     return res.sendStatus(403)
   }
diff --git a/server/middlewares/validators/videos.js b/server/middlewares/validators/videos.js
index 86a7e39ae..f18ca1597 100644
--- a/server/middlewares/validators/videos.js
+++ b/server/middlewares/validators/videos.js
@@ -137,6 +137,18 @@ function videoRate (req, res, next) {
   })
 }
 
+function videosBlacklist (req, res, next) {
+  req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
+
+  logger.debug('Checking videosBlacklist parameters', { parameters: req.params })
+
+  checkErrors(req, res, function () {
+    checkVideoExists(req.params.id, res, function () {
+      checkVideoIsBlacklistable(req, res, next)
+    })
+  })
+}
+
 // ---------------------------------------------------------------------------
 
 module.exports = validatorsVideos
@@ -166,8 +178,8 @@ function checkUserCanDeleteVideo (userId, res, callback) {
     }
 
     // Check if the user can delete the video
-    //  The user can delete it if s/he an admin
-    //  Or if s/he is the video's author
+    // The user can delete it if s/he is an admin
+    // Or if s/he is the video's author
     if (user.isAdmin() === false) {
       if (res.locals.video.isOwned() === false) {
         return res.status(403).send('Cannot remove video of another pod')
@@ -185,20 +197,8 @@ function checkUserCanDeleteVideo (userId, res, callback) {
 
 function checkVideoIsBlacklistable (req, res, callback) {
   if (res.locals.video.isOwned() === true) {
-        return res.status(403).send('Cannot blacklist a local video')
+    return res.status(403).send('Cannot blacklist a local video')
   }
 
   callback()
 }
-
-function videosBlacklist (req, res, next) {
-  req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
-
-  logger.debug('Checking videosBlacklist parameters', { parameters: req.params })
-
-  checkErrors(req, res, function () {
-    checkVideoExists(req.params.id, res, function() {
-      checkVideoIsBlacklistable(req, res, next)
-    })
-  })
-}
-- 
cgit v1.2.3