import { values } from 'lodash'
import 'multer'
import * as validator from 'validator'
-import { UserRight, VideoRateType } from '../../../shared'
+import { UserRight, VideoPrivacy, VideoRateType } from '../../../shared'
import {
CONSTRAINTS_FIELDS,
VIDEO_CATEGORIES,
const videoFileTypesRegex = videoFileTypes.join('|')
function isVideoFile (files: { [ fieldname: string ]: Express.Multer.File[] } | Express.Multer.File[]) {
- return isFileValid(files, videoFileTypesRegex, 'videofile')
+ return isFileValid(files, videoFileTypesRegex, 'videofile', null)
}
const videoImageTypes = CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME
const videoImageTypesRegex = `image/(${videoImageTypes})`
function isVideoImage (files: { [ fieldname: string ]: Express.Multer.File[] } | Express.Multer.File[], field: string) {
- return isFileValid(files, videoImageTypesRegex, field, true)
+ return isFileValid(files, videoImageTypesRegex, field, CONSTRAINTS_FIELDS.VIDEOS.IMAGE.FILE_SIZE.max, true)
}
-function isVideoPrivacyValid (value: string) {
+function isVideoPrivacyValid (value: number) {
return validator.isInt(value + '') && VIDEO_PRIVACIES[ value ] !== undefined
}
+function isScheduleVideoUpdatePrivacyValid (value: number) {
+ return validator.isInt(value + '') &&
+ (
+ value === VideoPrivacy.UNLISTED ||
+ value === VideoPrivacy.PUBLIC
+ )
+}
+
function isVideoFileInfoHashValid (value: string) {
return exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.INFO_HASH)
}
return exists(value) && validator.isInt(value + '')
}
+function isVideoFPSResolutionValid (value: string) {
+ return value === null || validator.isInt(value + '')
+}
+
function isVideoFileSizeValid (value: string) {
return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.FILE_SIZE)
}
+function checkUserCanManageVideo (user: UserModel, video: VideoModel, right: UserRight, res: Response) {
+ // Retrieve the user who did the request
+ if (video.isOwned() === false) {
+ res.status(403)
+ .json({ error: 'Cannot manage a video of another server.' })
+ .end()
+ return false
+ }
+
+ // Check if the user can delete the video
+ // The user can delete it if he has the right
+ // Or if s/he is the video's account
+ const account = video.VideoChannel.Account
+ if (user.hasRight(right) === false && account.userId !== user.id) {
+ res.status(403)
+ .json({ error: 'Cannot manage a video of another user.' })
+ .end()
+ return false
+ }
+
+ return true
+}
+
async function isVideoExist (id: string, res: Response) {
let video: VideoModel
export {
isVideoCategoryValid,
+ checkUserCanManageVideo,
isVideoLicenceValid,
isVideoLanguageValid,
isVideoTruncatedDescriptionValid,
isVideoFileInfoHashValid,
isVideoNameValid,
isVideoTagsValid,
+ isVideoFPSResolutionValid,
+ isScheduleVideoUpdatePrivacyValid,
isVideoAbuseReasonValid,
isVideoFile,
isVideoStateValid,