From f0a47bc92aa20b91b46197a4d3fc430aea962848 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 29 Aug 2019 14:31:04 +0200 Subject: Hide video abuses from muted accounts --- server/controllers/api/videos/abuse.ts | 13 +++++- server/models/video/video-abuse.ts | 21 ++++++++-- server/tests/api/videos/video-abuse.ts | 77 ++++++++++++++++++++++++++++++++-- 3 files changed, 102 insertions(+), 9 deletions(-) (limited to 'server') diff --git a/server/controllers/api/videos/abuse.ts b/server/controllers/api/videos/abuse.ts index 39c841ffe..4ae899b7e 100644 --- a/server/controllers/api/videos/abuse.ts +++ b/server/controllers/api/videos/abuse.ts @@ -1,7 +1,7 @@ import * as express from 'express' import { UserRight, VideoAbuseCreate, VideoAbuseState } from '../../../../shared' import { logger } from '../../../helpers/logger' -import { getFormattedObjects } from '../../../helpers/utils' +import { getFormattedObjects, getServerActor } from '../../../helpers/utils' import { sequelizeTypescript } from '../../../initializers' import { asyncMiddleware, @@ -62,7 +62,16 @@ export { // --------------------------------------------------------------------------- async function listVideoAbuses (req: express.Request, res: express.Response) { - const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort) + const user = res.locals.oauth.token.user + const serverActor = await getServerActor() + + const resultList = await VideoAbuseModel.listForApi({ + start: req.query.start, + count: req.query.count, + sort: req.query.sort, + serverAccountId: serverActor.Account.id, + user + }) return res.json(getFormattedObjects(resultList.data, resultList.total)) } diff --git a/server/models/video/video-abuse.ts b/server/models/video/video-abuse.ts index 6ef1a915d..3636db18d 100644 --- a/server/models/video/video-abuse.ts +++ b/server/models/video/video-abuse.ts @@ -7,12 +7,13 @@ import { isVideoAbuseStateValid } from '../../helpers/custom-validators/video-abuses' import { AccountModel } from '../account/account' -import { getSort, throwIfNotValid } from '../utils' +import { buildBlockedAccountSQL, getSort, throwIfNotValid } from '../utils' import { VideoModel } from './video' import { VideoAbuseState } from '../../../shared' import { CONSTRAINTS_FIELDS, VIDEO_ABUSE_STATES } from '../../initializers/constants' -import { MVideoAbuse, MVideoAbuseFormattable, MVideoAbuseVideo } from '../../typings/models' +import { MUserAccountId, MVideoAbuse, MVideoAbuseFormattable, MVideoAbuseVideo } from '../../typings/models' import * as Bluebird from 'bluebird' +import { literal, Op } from 'sequelize' @Table({ tableName: 'videoAbuse', @@ -85,11 +86,25 @@ export class VideoAbuseModel extends Model { return VideoAbuseModel.findOne(query) } - static listForApi (start: number, count: number, sort: string) { + static listForApi (parameters: { + start: number, + count: number, + sort: string, + serverAccountId: number + user?: MUserAccountId + }) { + const { start, count, sort, user, serverAccountId } = parameters + const userAccountId = user ? user.Account.id : undefined + const query = { offset: start, limit: count, order: getSort(sort), + where: { + reporterAccountId: { + [Op.notIn]: literal('(' + buildBlockedAccountSQL(serverAccountId, userAccountId) + ')') + } + }, include: [ { model: AccountModel, diff --git a/server/tests/api/videos/video-abuse.ts b/server/tests/api/videos/video-abuse.ts index a2f3ee161..0cd6f22c7 100644 --- a/server/tests/api/videos/video-abuse.ts +++ b/server/tests/api/videos/video-abuse.ts @@ -17,6 +17,12 @@ import { } from '../../../../shared/extra-utils/index' import { doubleFollow } from '../../../../shared/extra-utils/server/follows' import { waitJobs } from '../../../../shared/extra-utils/server/jobs' +import { + addAccountToServerBlocklist, + addServerToServerBlocklist, + removeAccountFromServerBlocklist, + removeServerFromServerBlocklist +} from '../../../../shared/extra-utils/users/blocklist' const expect = chai.expect @@ -163,13 +169,76 @@ describe('Test video abuses', function () { expect(res.body.data[0].moderationComment).to.equal('It is valid') }) + it('Should hide video abuses from blocked accounts', async function () { + this.timeout(10000) + + { + await reportVideoAbuse(servers[1].url, servers[1].accessToken, servers[0].video.uuid, 'will mute this') + await waitJobs(servers) + + const res = await getVideoAbusesList(servers[0].url, servers[0].accessToken) + expect(res.body.total).to.equal(3) + } + + const accountToBlock = 'root@localhost:' + servers[1].port + + { + await addAccountToServerBlocklist(servers[ 0 ].url, servers[ 0 ].accessToken, accountToBlock) + + const res = await getVideoAbusesList(servers[ 0 ].url, servers[ 0 ].accessToken) + expect(res.body.total).to.equal(2) + + const abuse = res.body.data.find(a => a.reason === 'will mute this') + expect(abuse).to.be.undefined + } + + { + await removeAccountFromServerBlocklist(servers[ 0 ].url, servers[ 0 ].accessToken, accountToBlock) + + const res = await getVideoAbusesList(servers[ 0 ].url, servers[ 0 ].accessToken) + expect(res.body.total).to.equal(3) + } + }) + + it('Should hide video abuses from blocked servers', async function () { + const serverToBlock = servers[1].host + + { + await addServerToServerBlocklist(servers[ 0 ].url, servers[ 0 ].accessToken, servers[1].host) + + const res = await getVideoAbusesList(servers[ 0 ].url, servers[ 0 ].accessToken) + expect(res.body.total).to.equal(2) + + const abuse = res.body.data.find(a => a.reason === 'will mute this') + expect(abuse).to.be.undefined + } + + { + await removeServerFromServerBlocklist(servers[ 0 ].url, servers[ 0 ].accessToken, serverToBlock) + + const res = await getVideoAbusesList(servers[ 0 ].url, servers[ 0 ].accessToken) + expect(res.body.total).to.equal(3) + } + }) + it('Should delete the video abuse', async function () { + this.timeout(10000) + await deleteVideoAbuse(servers[1].url, servers[1].accessToken, abuseServer2.video.uuid, abuseServer2.id) - const res = await getVideoAbusesList(servers[1].url, servers[1].accessToken) - expect(res.body.total).to.equal(0) - expect(res.body.data).to.be.an('array') - expect(res.body.data.length).to.equal(0) + await waitJobs(servers) + + { + const res = await getVideoAbusesList(servers[1].url, servers[1].accessToken) + expect(res.body.total).to.equal(1) + expect(res.body.data.length).to.equal(1) + expect(res.body.data[0].id).to.not.equal(abuseServer2.id) + } + + { + const res = await getVideoAbusesList(servers[0].url, servers[0].accessToken) + expect(res.body.total).to.equal(3) + } }) after(async function () { -- cgit v1.2.3