From: Chocobozzz Date: Fri, 1 Jul 2016 14:16:40 +0000 (+0200) Subject: reqValidators --> validators X-Git-Tag: v0.0.1-alpha~842 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=fc51fde048f2c3ce1dd3e85f5528335040bae894;p=oweals%2Fpeertube.git reqValidators --> validators --- diff --git a/server/controllers/api/v1/pods.js b/server/controllers/api/v1/pods.js index 9ce8120b2..4413fbc1e 100644 --- a/server/controllers/api/v1/pods.js +++ b/server/controllers/api/v1/pods.js @@ -8,16 +8,16 @@ const logger = require('../../../helpers/logger') const friends = require('../../../lib/friends') const middlewares = require('../../../middlewares') const oAuth = middlewares.oauth -const reqValidator = middlewares.reqValidators.pods -const signatureValidator = middlewares.reqValidators.remote.signature +const validators = middlewares.validators.pods +const signatureValidator = middlewares.validators.remote.signature const router = express.Router() const Pod = mongoose.model('Pod') const Video = mongoose.model('Video') router.get('/', listPodsUrl) -router.post('/', reqValidator.podsAdd, addPods) -router.get('/makefriends', oAuth.authenticate, reqValidator.makeFriends, makeFriends) +router.post('/', validators.podsAdd, addPods) +router.get('/makefriends', oAuth.authenticate, validators.makeFriends, makeFriends) router.get('/quitfriends', oAuth.authenticate, quitFriends) // Post because this is a secured request router.post('/remove', signatureValidator, removePods) diff --git a/server/controllers/api/v1/remote.js b/server/controllers/api/v1/remote.js index 2d71c605d..7af9b7e84 100644 --- a/server/controllers/api/v1/remote.js +++ b/server/controllers/api/v1/remote.js @@ -6,17 +6,17 @@ const mongoose = require('mongoose') const middlewares = require('../../../middlewares') const secureMiddleware = middlewares.secure -const reqValidator = middlewares.reqValidators.remote +const validators = middlewares.validators.remote const logger = require('../../../helpers/logger') const router = express.Router() const Video = mongoose.model('Video') router.post('/videos', - reqValidator.signature, - reqValidator.dataToDecrypt, + validators.signature, + validators.dataToDecrypt, secureMiddleware.decryptBody, - reqValidator.remoteVideos, + validators.remoteVideos, remoteVideos ) diff --git a/server/controllers/api/v1/users.js b/server/controllers/api/v1/users.js index caa979567..dde459a73 100644 --- a/server/controllers/api/v1/users.js +++ b/server/controllers/api/v1/users.js @@ -3,6 +3,7 @@ const config = require('config') const mongoose = require('mongoose') const express = require('express') + const oAuth = require('../../../middlewares').oauth const Client = mongoose.model('OAuthClient') diff --git a/server/controllers/api/v1/videos.js b/server/controllers/api/v1/videos.js index ab115bc30..a37e9278e 100644 --- a/server/controllers/api/v1/videos.js +++ b/server/controllers/api/v1/videos.js @@ -11,10 +11,10 @@ const friends = require('../../../lib/friends') const middlewares = require('../../../middlewares') const oAuth = middlewares.oauth const pagination = middlewares.pagination -const reqValidator = middlewares.reqValidators -const reqValidatorPagination = reqValidator.pagination -const reqValidatorSort = reqValidator.sort -const reqValidatorVideos = reqValidator.videos +const validators = middlewares.validators +const validatorsPagination = validators.pagination +const validatorsSort = validators.sort +const validatorsVideos = validators.videos const search = middlewares.search const sort = middlewares.sort const utils = require('../../../helpers/utils') @@ -44,8 +44,8 @@ const storage = multer.diskStorage({ const reqFiles = multer({ storage: storage }).fields([{ name: 'videofile', maxCount: 1 }]) router.get('/', - reqValidatorPagination.pagination, - reqValidatorSort.videosSort, + validatorsPagination.pagination, + validatorsSort.videosSort, sort.setVideosSort, pagination.setPagination, listVideos @@ -53,22 +53,22 @@ router.get('/', router.post('/', oAuth.authenticate, reqFiles, - reqValidatorVideos.videosAdd, + validatorsVideos.videosAdd, addVideo ) router.get('/:id', - reqValidatorVideos.videosGet, + validatorsVideos.videosGet, getVideo ) router.delete('/:id', oAuth.authenticate, - reqValidatorVideos.videosRemove, + validatorsVideos.videosRemove, removeVideo ) router.get('/search/:value', - reqValidatorVideos.videosSearch, - reqValidatorPagination.pagination, - reqValidatorSort.videosSort, + validatorsVideos.videosSearch, + validatorsPagination.pagination, + validatorsSort.videosSort, sort.setVideosSort, pagination.setPagination, search.setVideosSearch, diff --git a/server/middlewares/index.js b/server/middlewares/index.js index 01043cd85..0a233e701 100644 --- a/server/middlewares/index.js +++ b/server/middlewares/index.js @@ -2,7 +2,7 @@ const oauth = require('./oauth') const pagination = require('./pagination') -const reqValidatorsMiddleware = require('./reqValidators') +const validatorsMiddleware = require('./validators') const search = require('./search') const sort = require('./sort') const secureMiddleware = require('./secure') @@ -10,7 +10,7 @@ const secureMiddleware = require('./secure') const middlewares = { oauth: oauth, pagination: pagination, - reqValidators: reqValidatorsMiddleware, + validators: validatorsMiddleware, search: search, sort: sort, secure: secureMiddleware diff --git a/server/middlewares/reqValidators/index.js b/server/middlewares/reqValidators/index.js deleted file mode 100644 index be68f6a29..000000000 --- a/server/middlewares/reqValidators/index.js +++ /dev/null @@ -1,19 +0,0 @@ -'use strict' - -const paginationReqValidators = require('./pagination') -const podsReqValidators = require('./pods') -const remoteReqValidators = require('./remote') -const sortReqValidators = require('./sort') -const videosReqValidators = require('./videos') - -const reqValidators = { - pagination: paginationReqValidators, - pods: podsReqValidators, - remote: remoteReqValidators, - sort: sortReqValidators, - videos: videosReqValidators -} - -// --------------------------------------------------------------------------- - -module.exports = reqValidators diff --git a/server/middlewares/reqValidators/pagination.js b/server/middlewares/reqValidators/pagination.js deleted file mode 100644 index e598f269a..000000000 --- a/server/middlewares/reqValidators/pagination.js +++ /dev/null @@ -1,21 +0,0 @@ -'use strict' - -const checkErrors = require('./utils').checkErrors -const logger = require('../../helpers/logger') - -const reqValidatorsPagination = { - pagination: pagination -} - -function pagination (req, res, next) { - req.checkQuery('start', 'Should have a number start').optional().isInt() - req.checkQuery('count', 'Should have a number count').optional().isInt() - - logger.debug('Checking pagination parameters', { parameters: req.query }) - - checkErrors(req, res, next) -} - -// --------------------------------------------------------------------------- - -module.exports = reqValidatorsPagination diff --git a/server/middlewares/reqValidators/pods.js b/server/middlewares/reqValidators/pods.js deleted file mode 100644 index 78a4b76c1..000000000 --- a/server/middlewares/reqValidators/pods.js +++ /dev/null @@ -1,41 +0,0 @@ -'use strict' - -const checkErrors = require('./utils').checkErrors -const friends = require('../../lib/friends') -const logger = require('../../helpers/logger') - -const reqValidatorsPod = { - makeFriends: makeFriends, - podsAdd: podsAdd -} - -function makeFriends (req, res, next) { - friends.hasFriends(function (err, hasFriends) { - if (err) { - logger.error('Cannot know if we have friends.', { error: err }) - res.sendStatus(500) - } - - if (hasFriends === true) { - // We need to quit our friends before make new ones - res.sendStatus(409) - } else { - return next() - } - }) -} - -function podsAdd (req, res, next) { - req.checkBody('url', 'Should have an url').notEmpty().isURL({ require_protocol: true }) - req.checkBody('publicKey', 'Should have a public key').notEmpty() - - // TODO: check we don't have it already - - logger.debug('Checking podsAdd parameters', { parameters: req.body }) - - checkErrors(req, res, next) -} - -// --------------------------------------------------------------------------- - -module.exports = reqValidatorsPod diff --git a/server/middlewares/reqValidators/remote.js b/server/middlewares/reqValidators/remote.js deleted file mode 100644 index dd8ee5f6e..000000000 --- a/server/middlewares/reqValidators/remote.js +++ /dev/null @@ -1,41 +0,0 @@ -'use strict' - -const checkErrors = require('./utils').checkErrors -const logger = require('../../helpers/logger') - -const reqValidatorsRemote = { - dataToDecrypt: dataToDecrypt, - remoteVideos: remoteVideos, - signature: signature -} - -function dataToDecrypt (req, res, next) { - req.checkBody('key', 'Should have a key').notEmpty() - req.checkBody('data', 'Should have data').notEmpty() - - logger.debug('Checking dataToDecrypt parameters', { parameters: { keyLength: req.body.key.length, bodyLength: req.body.data.length } }) - - checkErrors(req, res, next) -} - -function remoteVideos (req, res, next) { - req.checkBody('data').isArray() - req.checkBody('data').isEachRemoteVideosValid() - - logger.debug('Checking remoteVideos parameters', { parameters: req.body }) - - checkErrors(req, res, next) -} - -function signature (req, res, next) { - req.checkBody('signature.url', 'Should have a signature url').isURL() - req.checkBody('signature.signature', 'Should have a signature').notEmpty() - - logger.debug('Checking signature parameters', { parameters: { signatureUrl: req.body.signature.url } }) - - checkErrors(req, res, next) -} - -// --------------------------------------------------------------------------- - -module.exports = reqValidatorsRemote diff --git a/server/middlewares/reqValidators/sort.js b/server/middlewares/reqValidators/sort.js deleted file mode 100644 index 06e680ef4..000000000 --- a/server/middlewares/reqValidators/sort.js +++ /dev/null @@ -1,23 +0,0 @@ -'use strict' - -const checkErrors = require('./utils').checkErrors -const constants = require('../../initializers/constants') -const logger = require('../../helpers/logger') - -const reqValidatorsSort = { - videosSort: videosSort -} - -function videosSort (req, res, next) { - const sortableColumns = constants.SORTABLE_COLUMNS.VIDEOS - - req.checkQuery('sort', 'Should have correct sortable column').optional().isIn(sortableColumns) - - logger.debug('Checking sort parameters', { parameters: req.query }) - - checkErrors(req, res, next) -} - -// --------------------------------------------------------------------------- - -module.exports = reqValidatorsSort diff --git a/server/middlewares/reqValidators/utils.js b/server/middlewares/reqValidators/utils.js deleted file mode 100644 index 198ed8d26..000000000 --- a/server/middlewares/reqValidators/utils.js +++ /dev/null @@ -1,25 +0,0 @@ -'use strict' - -const util = require('util') - -const logger = require('../../helpers/logger') - -const reqValidatorsUtils = { - checkErrors: checkErrors -} - -function checkErrors (req, res, next, statusCode) { - if (statusCode === undefined) statusCode = 400 - const errors = req.validationErrors() - - if (errors) { - logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors }) - return res.status(statusCode).send('There have been validation errors: ' + util.inspect(errors)) - } - - return next() -} - -// --------------------------------------------------------------------------- - -module.exports = reqValidatorsUtils diff --git a/server/middlewares/reqValidators/videos.js b/server/middlewares/reqValidators/videos.js deleted file mode 100644 index 452fbc859..000000000 --- a/server/middlewares/reqValidators/videos.js +++ /dev/null @@ -1,97 +0,0 @@ -'use strict' - -const mongoose = require('mongoose') - -const checkErrors = require('./utils').checkErrors -const constants = require('../../initializers/constants') -const customValidators = require('../../helpers/customValidators') -const logger = require('../../helpers/logger') - -const Video = mongoose.model('Video') - -const reqValidatorsVideos = { - videosAdd: videosAdd, - videosGet: videosGet, - videosRemove: videosRemove, - videosSearch: videosSearch -} - -function videosAdd (req, res, next) { - req.checkFiles('videofile[0].originalname', 'Should have an input video').notEmpty() - req.checkFiles('videofile[0].mimetype', 'Should have a correct mime type').matches(/video\/(webm)|(mp4)|(ogg)/i) - req.checkBody('name', 'Should have a valid name').isVideoNameValid() - req.checkBody('description', 'Should have a valid description').isVideoDescriptionValid() - req.checkBody('tags', 'Should have correct tags').isVideoTagsValid() - - logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) - - checkErrors(req, res, function () { - const videoFile = req.files.videofile[0] - - Video.getDurationFromFile(videoFile.path, function (err, duration) { - if (err) { - return res.status(400).send('Cannot retrieve metadata of the file.') - } - - if (!customValidators.isVideoDurationValid(duration)) { - return res.status(400).send('Duration of the video file is too big (max: ' + constants.VIDEOS_CONSTRAINTS_FIELDS.DURATION.max + 's).') - } - - videoFile.duration = duration - next() - }) - }) -} - -function videosGet (req, res, next) { - req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() - - logger.debug('Checking videosGet parameters', { parameters: req.params }) - - checkErrors(req, res, function () { - Video.load(req.params.id, function (err, video) { - if (err) { - logger.error('Error in videosGet request validator.', { error: err }) - return res.sendStatus(500) - } - - if (!video) return res.status(404).send('Video not found') - - next() - }) - }) -} - -function videosRemove (req, res, next) { - req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() - - logger.debug('Checking videosRemove parameters', { parameters: req.params }) - - checkErrors(req, res, function () { - Video.load(req.params.id, function (err, video) { - if (err) { - logger.error('Error in videosRemove request validator.', { error: err }) - return res.sendStatus(500) - } - - if (!video) return res.status(404).send('Video not found') - else if (video.isOwned() === false) return res.status(403).send('Cannot remove video of another pod') - - next() - }) - }) -} - -function videosSearch (req, res, next) { - const searchableColumns = constants.SEARCHABLE_COLUMNS.VIDEOS - req.checkParams('value', 'Should have a valid search').notEmpty() - req.checkQuery('field', 'Should have correct searchable column').optional().isIn(searchableColumns) - - logger.debug('Checking videosSearch parameters', { parameters: req.params }) - - checkErrors(req, res, next) -} - -// --------------------------------------------------------------------------- - -module.exports = reqValidatorsVideos diff --git a/server/middlewares/validators/index.js b/server/middlewares/validators/index.js new file mode 100644 index 000000000..0471b3f92 --- /dev/null +++ b/server/middlewares/validators/index.js @@ -0,0 +1,19 @@ +'use strict' + +const paginationValidators = require('./pagination') +const podsValidators = require('./pods') +const remoteValidators = require('./remote') +const sortValidators = require('./sort') +const videosValidators = require('./videos') + +const validators = { + pagination: paginationValidators, + pods: podsValidators, + remote: remoteValidators, + sort: sortValidators, + videos: videosValidators +} + +// --------------------------------------------------------------------------- + +module.exports = validators diff --git a/server/middlewares/validators/pagination.js b/server/middlewares/validators/pagination.js new file mode 100644 index 000000000..8e9a01053 --- /dev/null +++ b/server/middlewares/validators/pagination.js @@ -0,0 +1,21 @@ +'use strict' + +const checkErrors = require('./utils').checkErrors +const logger = require('../../helpers/logger') + +const validatorsPagination = { + pagination: pagination +} + +function pagination (req, res, next) { + req.checkQuery('start', 'Should have a number start').optional().isInt() + req.checkQuery('count', 'Should have a number count').optional().isInt() + + logger.debug('Checking pagination parameters', { parameters: req.query }) + + checkErrors(req, res, next) +} + +// --------------------------------------------------------------------------- + +module.exports = validatorsPagination diff --git a/server/middlewares/validators/pods.js b/server/middlewares/validators/pods.js new file mode 100644 index 000000000..fda2e865f --- /dev/null +++ b/server/middlewares/validators/pods.js @@ -0,0 +1,41 @@ +'use strict' + +const checkErrors = require('./utils').checkErrors +const friends = require('../../lib/friends') +const logger = require('../../helpers/logger') + +const validatorsPod = { + makeFriends: makeFriends, + podsAdd: podsAdd +} + +function makeFriends (req, res, next) { + friends.hasFriends(function (err, hasFriends) { + if (err) { + logger.error('Cannot know if we have friends.', { error: err }) + res.sendStatus(500) + } + + if (hasFriends === true) { + // We need to quit our friends before make new ones + res.sendStatus(409) + } else { + return next() + } + }) +} + +function podsAdd (req, res, next) { + req.checkBody('url', 'Should have an url').notEmpty().isURL({ require_protocol: true }) + req.checkBody('publicKey', 'Should have a public key').notEmpty() + + // TODO: check we don't have it already + + logger.debug('Checking podsAdd parameters', { parameters: req.body }) + + checkErrors(req, res, next) +} + +// --------------------------------------------------------------------------- + +module.exports = validatorsPod diff --git a/server/middlewares/validators/remote.js b/server/middlewares/validators/remote.js new file mode 100644 index 000000000..1be119458 --- /dev/null +++ b/server/middlewares/validators/remote.js @@ -0,0 +1,41 @@ +'use strict' + +const checkErrors = require('./utils').checkErrors +const logger = require('../../helpers/logger') + +const validatorsRemote = { + dataToDecrypt: dataToDecrypt, + remoteVideos: remoteVideos, + signature: signature +} + +function dataToDecrypt (req, res, next) { + req.checkBody('key', 'Should have a key').notEmpty() + req.checkBody('data', 'Should have data').notEmpty() + + logger.debug('Checking dataToDecrypt parameters', { parameters: { keyLength: req.body.key.length, bodyLength: req.body.data.length } }) + + checkErrors(req, res, next) +} + +function remoteVideos (req, res, next) { + req.checkBody('data').isArray() + req.checkBody('data').isEachRemoteVideosValid() + + logger.debug('Checking remoteVideos parameters', { parameters: req.body }) + + checkErrors(req, res, next) +} + +function signature (req, res, next) { + req.checkBody('signature.url', 'Should have a signature url').isURL() + req.checkBody('signature.signature', 'Should have a signature').notEmpty() + + logger.debug('Checking signature parameters', { parameters: { signatureUrl: req.body.signature.url } }) + + checkErrors(req, res, next) +} + +// --------------------------------------------------------------------------- + +module.exports = validatorsRemote diff --git a/server/middlewares/validators/sort.js b/server/middlewares/validators/sort.js new file mode 100644 index 000000000..56b63cc8b --- /dev/null +++ b/server/middlewares/validators/sort.js @@ -0,0 +1,23 @@ +'use strict' + +const checkErrors = require('./utils').checkErrors +const constants = require('../../initializers/constants') +const logger = require('../../helpers/logger') + +const validatorsSort = { + videosSort: videosSort +} + +function videosSort (req, res, next) { + const sortableColumns = constants.SORTABLE_COLUMNS.VIDEOS + + req.checkQuery('sort', 'Should have correct sortable column').optional().isIn(sortableColumns) + + logger.debug('Checking sort parameters', { parameters: req.query }) + + checkErrors(req, res, next) +} + +// --------------------------------------------------------------------------- + +module.exports = validatorsSort diff --git a/server/middlewares/validators/utils.js b/server/middlewares/validators/utils.js new file mode 100644 index 000000000..f6e5b2b38 --- /dev/null +++ b/server/middlewares/validators/utils.js @@ -0,0 +1,25 @@ +'use strict' + +const util = require('util') + +const logger = require('../../helpers/logger') + +const validatorsUtils = { + checkErrors: checkErrors +} + +function checkErrors (req, res, next, statusCode) { + if (statusCode === undefined) statusCode = 400 + const errors = req.validationErrors() + + if (errors) { + logger.warn('Incorrect request parameters', { path: req.originalUrl, err: errors }) + return res.status(statusCode).send('There have been validation errors: ' + util.inspect(errors)) + } + + return next() +} + +// --------------------------------------------------------------------------- + +module.exports = validatorsUtils diff --git a/server/middlewares/validators/videos.js b/server/middlewares/validators/videos.js new file mode 100644 index 000000000..24e2299dc --- /dev/null +++ b/server/middlewares/validators/videos.js @@ -0,0 +1,97 @@ +'use strict' + +const mongoose = require('mongoose') + +const checkErrors = require('./utils').checkErrors +const constants = require('../../initializers/constants') +const customValidators = require('../../helpers/customValidators') +const logger = require('../../helpers/logger') + +const Video = mongoose.model('Video') + +const validatorsVideos = { + videosAdd: videosAdd, + videosGet: videosGet, + videosRemove: videosRemove, + videosSearch: videosSearch +} + +function videosAdd (req, res, next) { + req.checkFiles('videofile[0].originalname', 'Should have an input video').notEmpty() + req.checkFiles('videofile[0].mimetype', 'Should have a correct mime type').matches(/video\/(webm)|(mp4)|(ogg)/i) + req.checkBody('name', 'Should have a valid name').isVideoNameValid() + req.checkBody('description', 'Should have a valid description').isVideoDescriptionValid() + req.checkBody('tags', 'Should have correct tags').isVideoTagsValid() + + logger.debug('Checking videosAdd parameters', { parameters: req.body, files: req.files }) + + checkErrors(req, res, function () { + const videoFile = req.files.videofile[0] + + Video.getDurationFromFile(videoFile.path, function (err, duration) { + if (err) { + return res.status(400).send('Cannot retrieve metadata of the file.') + } + + if (!customValidators.isVideoDurationValid(duration)) { + return res.status(400).send('Duration of the video file is too big (max: ' + constants.VIDEOS_CONSTRAINTS_FIELDS.DURATION.max + 's).') + } + + videoFile.duration = duration + next() + }) + }) +} + +function videosGet (req, res, next) { + req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() + + logger.debug('Checking videosGet parameters', { parameters: req.params }) + + checkErrors(req, res, function () { + Video.load(req.params.id, function (err, video) { + if (err) { + logger.error('Error in videosGet request validator.', { error: err }) + return res.sendStatus(500) + } + + if (!video) return res.status(404).send('Video not found') + + next() + }) + }) +} + +function videosRemove (req, res, next) { + req.checkParams('id', 'Should have a valid id').notEmpty().isMongoId() + + logger.debug('Checking videosRemove parameters', { parameters: req.params }) + + checkErrors(req, res, function () { + Video.load(req.params.id, function (err, video) { + if (err) { + logger.error('Error in videosRemove request validator.', { error: err }) + return res.sendStatus(500) + } + + if (!video) return res.status(404).send('Video not found') + else if (video.isOwned() === false) return res.status(403).send('Cannot remove video of another pod') + + next() + }) + }) +} + +function videosSearch (req, res, next) { + const searchableColumns = constants.SEARCHABLE_COLUMNS.VIDEOS + req.checkParams('value', 'Should have a valid search').notEmpty() + req.checkQuery('field', 'Should have correct searchable column').optional().isIn(searchableColumns) + + logger.debug('Checking videosSearch parameters', { parameters: req.params }) + + checkErrors(req, res, next) +} + +// --------------------------------------------------------------------------- + +module.exports = validatorsVideos