From feb4bdfd9b46e87aadfa7c0d5338cde887d1f58c Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Sun, 11 Dec 2016 21:50:51 +0100 Subject: First version with PostgreSQL --- server/middlewares/pods.js | 1 - server/middlewares/secure.js | 6 ++---- server/middlewares/sort.js | 4 ++-- server/middlewares/validators/users.js | 13 +++++-------- server/middlewares/validators/videos.js | 17 +++++++---------- 5 files changed, 16 insertions(+), 25 deletions(-) (limited to 'server/middlewares') diff --git a/server/middlewares/pods.js b/server/middlewares/pods.js index 487ea1259..e38fb341d 100644 --- a/server/middlewares/pods.js +++ b/server/middlewares/pods.js @@ -44,7 +44,6 @@ module.exports = podsMiddleware function getHostWithPort (host) { const splitted = host.split(':') - console.log(splitted) // The port was not specified if (splitted.length === 1) { if (constants.REMOTE_SCHEME.HTTP === 'https') return host + ':443' diff --git a/server/middlewares/secure.js b/server/middlewares/secure.js index ee836beed..b7b4cdfb4 100644 --- a/server/middlewares/secure.js +++ b/server/middlewares/secure.js @@ -1,18 +1,16 @@ 'use strict' +const db = require('../initializers/database') const logger = require('../helpers/logger') -const mongoose = require('mongoose') const peertubeCrypto = require('../helpers/peertube-crypto') -const Pod = mongoose.model('Pod') - const secureMiddleware = { checkSignature } function checkSignature (req, res, next) { const host = req.body.signature.host - Pod.loadByHost(host, function (err, pod) { + db.Pod.loadByHost(host, function (err, pod) { if (err) { logger.error('Cannot get signed host in body.', { error: err }) return res.sendStatus(500) diff --git a/server/middlewares/sort.js b/server/middlewares/sort.js index f0b7274eb..477e10571 100644 --- a/server/middlewares/sort.js +++ b/server/middlewares/sort.js @@ -6,13 +6,13 @@ const sortMiddleware = { } function setUsersSort (req, res, next) { - if (!req.query.sort) req.query.sort = '-createdDate' + if (!req.query.sort) req.query.sort = '-createdAt' return next() } function setVideosSort (req, res, next) { - if (!req.query.sort) req.query.sort = '-createdDate' + if (!req.query.sort) req.query.sort = '-createdAt' return next() } diff --git a/server/middlewares/validators/users.js b/server/middlewares/validators/users.js index 02e4f34cb..0629550bc 100644 --- a/server/middlewares/validators/users.js +++ b/server/middlewares/validators/users.js @@ -1,12 +1,9 @@ 'use strict' -const mongoose = require('mongoose') - const checkErrors = require('./utils').checkErrors +const db = require('../../initializers/database') const logger = require('../../helpers/logger') -const User = mongoose.model('User') - const validatorsUsers = { usersAdd, usersRemove, @@ -20,7 +17,7 @@ function usersAdd (req, res, next) { logger.debug('Checking usersAdd parameters', { parameters: req.body }) checkErrors(req, res, function () { - User.loadByUsername(req.body.username, function (err, user) { + db.User.loadByUsername(req.body.username, function (err, user) { if (err) { logger.error('Error in usersAdd request validator.', { error: err }) return res.sendStatus(500) @@ -34,12 +31,12 @@ function usersAdd (req, res, next) { } function usersRemove (req, res, next) { - req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() + req.checkParams('id', 'Should have a valid id').notEmpty().isInt() logger.debug('Checking usersRemove parameters', { parameters: req.params }) checkErrors(req, res, function () { - User.loadById(req.params.id, function (err, user) { + db.User.loadById(req.params.id, function (err, user) { if (err) { logger.error('Error in usersRemove request validator.', { error: err }) return res.sendStatus(500) @@ -55,7 +52,7 @@ function usersRemove (req, res, next) { } function usersUpdate (req, res, next) { - req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() + req.checkParams('id', 'Should have a valid id').notEmpty().isInt() // Add old password verification req.checkBody('password', 'Should have a valid password').isUserPasswordValid() diff --git a/server/middlewares/validators/videos.js b/server/middlewares/validators/videos.js index 76e943e77..7e90ca047 100644 --- a/server/middlewares/validators/videos.js +++ b/server/middlewares/validators/videos.js @@ -1,14 +1,11 @@ 'use strict' -const mongoose = require('mongoose') - const checkErrors = require('./utils').checkErrors const constants = require('../../initializers/constants') const customVideosValidators = require('../../helpers/custom-validators').videos +const db = require('../../initializers/database') const logger = require('../../helpers/logger') -const Video = mongoose.model('Video') - const validatorsVideos = { videosAdd, videosGet, @@ -29,7 +26,7 @@ function videosAdd (req, res, next) { checkErrors(req, res, function () { const videoFile = req.files.videofile[0] - Video.getDurationFromFile(videoFile.path, function (err, duration) { + db.Video.getDurationFromFile(videoFile.path, function (err, duration) { if (err) { return res.status(400).send('Cannot retrieve metadata of the file.') } @@ -45,12 +42,12 @@ function videosAdd (req, res, next) { } function videosGet (req, res, next) { - req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() + req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4) logger.debug('Checking videosGet parameters', { parameters: req.params }) checkErrors(req, res, function () { - Video.load(req.params.id, function (err, video) { + db.Video.load(req.params.id, function (err, video) { if (err) { logger.error('Error in videosGet request validator.', { error: err }) return res.sendStatus(500) @@ -64,12 +61,12 @@ function videosGet (req, res, next) { } function videosRemove (req, res, next) { - req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() + req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4) logger.debug('Checking videosRemove parameters', { parameters: req.params }) checkErrors(req, res, function () { - Video.load(req.params.id, function (err, video) { + db.Video.loadAndPopulateAuthor(req.params.id, function (err, video) { if (err) { logger.error('Error in videosRemove request validator.', { error: err }) return res.sendStatus(500) @@ -77,7 +74,7 @@ function videosRemove (req, res, next) { if (!video) return res.status(404).send('Video not found') else if (video.isOwned() === false) return res.status(403).send('Cannot remove video of another pod') - else if (video.author !== res.locals.oauth.token.user.username) return res.status(403).send('Cannot remove video of another user') + else if (video.Author.name !== res.locals.oauth.token.user.username) return res.status(403).send('Cannot remove video of another user') next() }) -- cgit v1.2.3