1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
'use strict'
const checkErrors = require('./utils').checkErrors
const constants = require('../../initializers/constants')
const customVideosValidators = require('../../helpers/custom-validators').videos
const db = require('../../initializers/database')
const logger = require('../../helpers/logger')
const validatorsVideos = {
videosAdd,
videosUpdate,
videosGet,
videosRemove,
videosSearch,
videoAbuseReport,
videoRate
}
function videosAdd (req, res, next) {
req.checkBody('videofile', 'Should have a valid file').isVideoFile(req.files)
req.checkBody('name', 'Should have a valid name').isVideoNameValid()
req.checkBody('category', 'Should have a valid category').isVideoCategoryValid()
req.checkBody('description', 'Should have a valid description').isVideoDescriptionValid()
req.checkBody('tags', 'Should have correct tags').isVideoTagsValid()
logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files })
checkErrors(req, res, function () {
const videoFile = req.files.videofile[0]
db.Video.getDurationFromFile(videoFile.path, function (err, duration) {
if (err) {
return res.status(400).send('Cannot retrieve metadata of the file.')
}
if (!customVideosValidators.isVideoDurationValid(duration)) {
return res.status(400).send('Duration of the video file is too big (max: ' + constants.CONSTRAINTS_FIELDS.VIDEOS.DURATION.max + 's).')
}
videoFile.duration = duration
next()
})
})
}
function videosUpdate (req, res, next) {
req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
req.checkBody('name', 'Should have a valid name').optional().isVideoNameValid()
req.checkBody('category', 'Should have a valid category').optional().isVideoCategoryValid()
req.checkBody('description', 'Should have a valid description').optional().isVideoDescriptionValid()
req.checkBody('tags', 'Should have correct tags').optional().isVideoTagsValid()
logger.debug('Checking videosUpdate parameters', { parameters: req.body })
checkErrors(req, res, function () {
checkVideoExists(req.params.id, res, function () {
// We need to make additional checks
if (res.locals.video.isOwned() === false) {
return res.status(403).send('Cannot update video of another pod')
}
if (res.locals.video.Author.userId !== res.locals.oauth.token.User.id) {
return res.status(403).send('Cannot update video of another user')
}
next()
})
})
}
function videosGet (req, res, next) {
req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
logger.debug('Checking videosGet parameters', { parameters: req.params })
checkErrors(req, res, function () {
checkVideoExists(req.params.id, res, next)
})
}
function videosRemove (req, res, next) {
req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
logger.debug('Checking videosRemove parameters', { parameters: req.params })
checkErrors(req, res, function () {
checkVideoExists(req.params.id, res, function () {
// We need to make additional checks
if (res.locals.video.isOwned() === false) {
return res.status(403).send('Cannot remove video of another pod')
}
if (res.locals.video.Author.userId !== res.locals.oauth.token.User.id) {
return res.status(403).send('Cannot remove video of another user')
}
next()
})
})
}
function videosSearch (req, res, next) {
const searchableColumns = constants.SEARCHABLE_COLUMNS.VIDEOS
req.checkParams('value', 'Should have a valid search').notEmpty()
req.checkQuery('field', 'Should have correct searchable column').optional().isIn(searchableColumns)
logger.debug('Checking videosSearch parameters', { parameters: req.params })
checkErrors(req, res, next)
}
function videoAbuseReport (req, res, next) {
req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
req.checkBody('reason', 'Should have a valid reason').isVideoAbuseReasonValid()
logger.debug('Checking videoAbuseReport parameters', { parameters: req.body })
checkErrors(req, res, function () {
checkVideoExists(req.params.id, res, next)
})
}
function videoRate (req, res, next) {
req.checkParams('id', 'Should have a valid id').notEmpty().isUUID(4)
req.checkBody('rating', 'Should have a valid rate type').isVideoRatingTypeValid()
logger.debug('Checking videoRate parameters', { parameters: req.body })
checkErrors(req, res, function () {
checkVideoExists(req.params.id, res, next)
})
}
// ---------------------------------------------------------------------------
module.exports = validatorsVideos
// ---------------------------------------------------------------------------
function checkVideoExists (id, res, callback) {
db.Video.loadAndPopulateAuthorAndPodAndTags(id, function (err, video) {
if (err) {
logger.error('Error in video request validator.', { error: err })
return res.sendStatus(500)
}
if (!video) return res.status(404).send('Video not found')
res.locals.video = video
callback()
})
}
|