1 import * as express from 'express'
2 import { body, param, query, ValidationChain } from 'express-validator/check'
3 import { UserRight, VideoPlaylistCreate, VideoPlaylistUpdate } from '../../../../shared'
4 import { logger } from '../../../helpers/logger'
5 import { UserModel } from '../../../models/account/user'
6 import { areValidationErrors } from '../utils'
7 import { doesVideoExist, isVideoImage } from '../../../helpers/custom-validators/videos'
8 import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
9 import { isArrayOf, isIdOrUUIDValid, isIdValid, isUUIDValid, toIntArray, toValueOrNull } from '../../../helpers/custom-validators/misc'
11 doesVideoPlaylistExist,
12 isVideoPlaylistDescriptionValid,
13 isVideoPlaylistNameValid,
14 isVideoPlaylistPrivacyValid,
15 isVideoPlaylistTimestampValid,
16 isVideoPlaylistTypeValid
17 } from '../../../helpers/custom-validators/video-playlists'
18 import { VideoPlaylistModel } from '../../../models/video/video-playlist'
19 import { cleanUpReqFiles } from '../../../helpers/express-utils'
20 import { doesVideoChannelIdExist } from '../../../helpers/custom-validators/video-channels'
21 import { VideoPlaylistElementModel } from '../../../models/video/video-playlist-element'
22 import { authenticatePromiseIfNeeded } from '../../oauth'
23 import { VideoPlaylistPrivacy } from '../../../../shared/models/videos/playlist/video-playlist-privacy.model'
24 import { VideoPlaylistType } from '../../../../shared/models/videos/playlist/video-playlist-type.model'
26 const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([
27 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
28 logger.debug('Checking videoPlaylistsAddValidator parameters', { parameters: req.body })
30 if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
32 const body: VideoPlaylistCreate = req.body
33 if (body.videoChannelId && !await doesVideoChannelIdExist(body.videoChannelId, res)) return cleanUpReqFiles(req)
35 if (body.privacy === VideoPlaylistPrivacy.PUBLIC && !body.videoChannelId) {
37 return res.status(400)
38 .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' })
45 const videoPlaylistsUpdateValidator = getCommonPlaylistEditAttributes().concat([
47 .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
49 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
50 logger.debug('Checking videoPlaylistsUpdateValidator parameters', { parameters: req.body })
52 if (areValidationErrors(req, res)) return cleanUpReqFiles(req)
54 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return cleanUpReqFiles(req)
56 const videoPlaylist = res.locals.videoPlaylist
58 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) {
59 return cleanUpReqFiles(req)
62 const body: VideoPlaylistUpdate = req.body
64 if (videoPlaylist.privacy !== VideoPlaylistPrivacy.PRIVATE && body.privacy === VideoPlaylistPrivacy.PRIVATE) {
66 return res.status(400)
67 .json({ error: 'Cannot set "private" a video playlist that was not private.' })
70 const newPrivacy = body.privacy || videoPlaylist.privacy
71 if (newPrivacy === VideoPlaylistPrivacy.PUBLIC &&
73 (!videoPlaylist.videoChannelId && !body.videoChannelId) ||
74 body.videoChannelId === null
78 return res.status(400)
79 .json({ error: 'Cannot set "public" a playlist that is not assigned to a channel.' })
82 if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) {
84 return res.status(400)
85 .json({ error: 'Cannot update a watch later playlist.' })
88 if (body.videoChannelId && !await doesVideoChannelIdExist(body.videoChannelId, res)) return cleanUpReqFiles(req)
94 const videoPlaylistsDeleteValidator = [
96 .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
98 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
99 logger.debug('Checking videoPlaylistsDeleteValidator parameters', { parameters: req.params })
101 if (areValidationErrors(req, res)) return
103 if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return
105 const videoPlaylist = res.locals.videoPlaylist
106 if (videoPlaylist.type === VideoPlaylistType.WATCH_LATER) {
107 return res.status(400)
108 .json({ error: 'Cannot delete a watch later playlist.' })
111 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.REMOVE_ANY_VIDEO_PLAYLIST, res)) {
119 const videoPlaylistsGetValidator = [
121 .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
123 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
124 logger.debug('Checking videoPlaylistsGetValidator parameters', { parameters: req.params })
126 if (areValidationErrors(req, res)) return
128 if (!await doesVideoPlaylistExist(req.params.playlistId, res)) return
130 const videoPlaylist = res.locals.videoPlaylist
132 // Video is unlisted, check we used the uuid to fetch it
133 if (videoPlaylist.privacy === VideoPlaylistPrivacy.UNLISTED) {
134 if (isUUIDValid(req.params.playlistId)) return next()
136 return res.status(404).end()
139 if (videoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
140 await authenticatePromiseIfNeeded(req, res)
142 const user = res.locals.oauth ? res.locals.oauth.token.User : null
146 (videoPlaylist.OwnerAccount.id !== user.Account.id && !user.hasRight(UserRight.UPDATE_ANY_VIDEO_PLAYLIST))
148 return res.status(403)
149 .json({ error: 'Cannot get this private video playlist.' })
159 const videoPlaylistsAddVideoValidator = [
161 .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
163 .custom(isIdOrUUIDValid).withMessage('Should have a valid video id/uuid'),
164 body('startTimestamp')
166 .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid start timestamp'),
167 body('stopTimestamp')
169 .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid stop timestamp'),
171 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
172 logger.debug('Checking videoPlaylistsAddVideoValidator parameters', { parameters: req.params })
174 if (areValidationErrors(req, res)) return
176 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
177 if (!await doesVideoExist(req.body.videoId, res, 'only-video')) return
179 const videoPlaylist = res.locals.videoPlaylist
180 const video = res.locals.video
182 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id)
183 if (videoPlaylistElement) {
185 .json({ error: 'This video in this playlist already exists' })
191 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, res.locals.videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) {
199 const videoPlaylistsUpdateOrRemoveVideoValidator = [
201 .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
203 .custom(isIdOrUUIDValid).withMessage('Should have an video id/uuid'),
204 body('startTimestamp')
206 .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid start timestamp'),
207 body('stopTimestamp')
209 .custom(isVideoPlaylistTimestampValid).withMessage('Should have a valid stop timestamp'),
211 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
212 logger.debug('Checking videoPlaylistsRemoveVideoValidator parameters', { parameters: req.params })
214 if (areValidationErrors(req, res)) return
216 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
217 if (!await doesVideoExist(req.params.videoId, res, 'id')) return
219 const videoPlaylist = res.locals.videoPlaylist
220 const video = res.locals.video
222 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideo(videoPlaylist.id, video.id)
223 if (!videoPlaylistElement) {
225 .json({ error: 'Video playlist element not found' })
230 res.locals.videoPlaylistElement = videoPlaylistElement
232 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return
238 const videoPlaylistElementAPGetValidator = [
240 .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
242 .custom(isIdOrUUIDValid).withMessage('Should have an video id/uuid'),
244 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
245 logger.debug('Checking videoPlaylistElementAPGetValidator parameters', { parameters: req.params })
247 if (areValidationErrors(req, res)) return
249 const videoPlaylistElement = await VideoPlaylistElementModel.loadByPlaylistAndVideoForAP(req.params.playlistId, req.params.videoId)
250 if (!videoPlaylistElement) {
252 .json({ error: 'Video playlist element not found' })
258 if (videoPlaylistElement.VideoPlaylist.privacy === VideoPlaylistPrivacy.PRIVATE) {
259 return res.status(403).end()
262 res.locals.videoPlaylistElement = videoPlaylistElement
268 const videoPlaylistsReorderVideosValidator = [
270 .custom(isIdOrUUIDValid).withMessage('Should have a valid playlist id/uuid'),
271 body('startPosition')
272 .isInt({ min: 1 }).withMessage('Should have a valid start position'),
273 body('insertAfterPosition')
274 .isInt({ min: 0 }).withMessage('Should have a valid insert after position'),
275 body('reorderLength')
277 .isInt({ min: 1 }).withMessage('Should have a valid range length'),
279 async (req: express.Request, res: express.Response, next: express.NextFunction) => {
280 logger.debug('Checking videoPlaylistsReorderVideosValidator parameters', { parameters: req.params })
282 if (areValidationErrors(req, res)) return
284 if (!await doesVideoPlaylistExist(req.params.playlistId, res, 'all')) return
286 const videoPlaylist = res.locals.videoPlaylist
287 if (!checkUserCanManageVideoPlaylist(res.locals.oauth.token.User, videoPlaylist, UserRight.UPDATE_ANY_VIDEO_PLAYLIST, res)) return
289 const nextPosition = await VideoPlaylistElementModel.getNextPositionOf(videoPlaylist.id)
290 const startPosition: number = req.body.startPosition
291 const insertAfterPosition: number = req.body.insertAfterPosition
292 const reorderLength: number = req.body.reorderLength
294 if (startPosition >= nextPosition || insertAfterPosition >= nextPosition) {
296 .json({ error: `Start position or insert after position exceed the playlist limits (max: ${nextPosition - 1})` })
302 if (reorderLength && reorderLength + startPosition > nextPosition) {
304 .json({ error: `Reorder length with this start position exceeds the playlist limits (max: ${nextPosition - startPosition})` })
314 const commonVideoPlaylistFiltersValidator = [
315 query('playlistType')
317 .custom(isVideoPlaylistTypeValid).withMessage('Should have a valid playlist type'),
319 (req: express.Request, res: express.Response, next: express.NextFunction) => {
320 logger.debug('Checking commonVideoPlaylistFiltersValidator parameters', { parameters: req.params })
322 if (areValidationErrors(req, res)) return
328 const doVideosInPlaylistExistValidator = [
330 .customSanitizer(toIntArray)
331 .custom(v => isArrayOf(v, isIdValid)).withMessage('Should have a valid video ids array'),
333 (req: express.Request, res: express.Response, next: express.NextFunction) => {
334 logger.debug('Checking areVideosInPlaylistExistValidator parameters', { parameters: req.query })
336 if (areValidationErrors(req, res)) return
342 // ---------------------------------------------------------------------------
345 videoPlaylistsAddValidator,
346 videoPlaylistsUpdateValidator,
347 videoPlaylistsDeleteValidator,
348 videoPlaylistsGetValidator,
350 videoPlaylistsAddVideoValidator,
351 videoPlaylistsUpdateOrRemoveVideoValidator,
352 videoPlaylistsReorderVideosValidator,
354 videoPlaylistElementAPGetValidator,
356 commonVideoPlaylistFiltersValidator,
358 doVideosInPlaylistExistValidator
361 // ---------------------------------------------------------------------------
363 function getCommonPlaylistEditAttributes () {
365 body('thumbnailfile')
366 .custom((value, { req }) => isVideoImage(req.files, 'thumbnailfile')).withMessage(
367 'This thumbnail file is not supported or too large. Please, make sure it is of the following type: '
368 + CONSTRAINTS_FIELDS.VIDEO_PLAYLISTS.IMAGE.EXTNAME.join(', ')
372 .custom(isVideoPlaylistNameValid).withMessage('Should have a valid display name'),
375 .customSanitizer(toValueOrNull)
376 .custom(isVideoPlaylistDescriptionValid).withMessage('Should have a valid description'),
380 .custom(isVideoPlaylistPrivacyValid).withMessage('Should have correct playlist privacy'),
381 body('videoChannelId')
383 .customSanitizer(toValueOrNull)
385 ] as (ValidationChain | express.Handler)[]
388 function checkUserCanManageVideoPlaylist (user: UserModel, videoPlaylist: VideoPlaylistModel, right: UserRight, res: express.Response) {
389 if (videoPlaylist.isOwned() === false) {
391 .json({ error: 'Cannot manage video playlist of another server.' })
397 // Check if the user can manage the video playlist
398 // The user can delete it if s/he is an admin
399 // Or if s/he is the video playlist's owner
400 if (user.hasRight(right) === false && videoPlaylist.ownerAccountId !== user.Account.id) {
402 .json({ error: 'Cannot manage video playlist of another user' })