1
0
Fork 0
peertube/server/controllers/api/videos/abuse.ts

82 lines
2.8 KiB
TypeScript
Raw Normal View History

2017-06-05 15:53:49 -04:00
import * as express from 'express'
2017-12-14 11:38:41 -05:00
import { UserRight, VideoAbuseCreate } from '../../../../shared'
2017-12-28 05:16:08 -05:00
import { logger } from '../../../helpers/logger'
import { getFormattedObjects } from '../../../helpers/utils'
2017-12-12 11:53:50 -05:00
import { sequelizeTypescript } from '../../../initializers'
2017-12-14 11:38:41 -05:00
import { sendVideoAbuse } from '../../../lib/activitypub/send'
2017-05-15 16:22:03 -04:00
import {
2018-06-13 08:27:40 -04:00
asyncMiddleware,
asyncRetryTransactionMiddleware,
authenticate,
ensureUserHasRight,
paginationValidator,
setDefaultPagination,
setDefaultSort,
videoAbuseReportValidator,
2018-01-17 04:50:33 -05:00
videoAbusesSortValidator
2017-05-15 16:22:03 -04:00
} from '../../../middlewares'
2017-12-12 11:53:50 -05:00
import { AccountModel } from '../../../models/account/account'
import { VideoModel } from '../../../models/video/video'
import { VideoAbuseModel } from '../../../models/video/video-abuse'
import { auditLoggerFactory, VideoAbuseAuditView } from '../../../helpers/audit-logger'
2017-05-15 16:22:03 -04:00
const auditLogger = auditLoggerFactory('abuse')
2017-05-15 16:22:03 -04:00
const abuseVideoRouter = express.Router()
abuseVideoRouter.get('/abuse',
authenticate,
ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
2017-05-15 16:22:03 -04:00
paginationValidator,
videoAbusesSortValidator,
2018-01-17 04:50:33 -05:00
setDefaultSort,
setDefaultPagination,
2017-10-25 05:55:06 -04:00
asyncMiddleware(listVideoAbuses)
2017-05-05 10:53:35 -04:00
)
2017-05-15 16:22:03 -04:00
abuseVideoRouter.post('/:id/abuse',
authenticate,
2017-11-27 11:30:46 -05:00
asyncMiddleware(videoAbuseReportValidator),
2018-06-13 08:27:40 -04:00
asyncRetryTransactionMiddleware(reportVideoAbuse)
2017-05-05 10:53:35 -04:00
)
// ---------------------------------------------------------------------------
2017-05-15 16:22:03 -04:00
export {
abuseVideoRouter
}
2017-05-05 10:53:35 -04:00
// ---------------------------------------------------------------------------
2017-10-25 05:55:06 -04:00
async function listVideoAbuses (req: express.Request, res: express.Response, next: express.NextFunction) {
2017-12-12 11:53:50 -05:00
const resultList = await VideoAbuseModel.listForApi(req.query.start, req.query.count, req.query.sort)
2017-10-25 05:55:06 -04:00
return res.json(getFormattedObjects(resultList.data, resultList.total))
2017-05-05 10:53:35 -04:00
}
2017-10-25 05:55:06 -04:00
async function reportVideoAbuse (req: express.Request, res: express.Response) {
2017-12-12 11:53:50 -05:00
const videoInstance = res.locals.video as VideoModel
const reporterAccount = res.locals.oauth.token.User.Account as AccountModel
const body: VideoAbuseCreate = req.body
2017-05-05 10:53:35 -04:00
2017-10-25 05:55:06 -04:00
const abuseToCreate = {
2017-11-15 09:12:23 -05:00
reporterAccountId: reporterAccount.id,
reason: body.reason,
2017-11-15 09:12:23 -05:00
videoId: videoInstance.id
2017-05-05 10:53:35 -04:00
}
2017-12-12 11:53:50 -05:00
await sequelizeTypescript.transaction(async t => {
const videoAbuseInstance = await VideoAbuseModel.create(abuseToCreate, { transaction: t })
2017-11-16 11:04:19 -05:00
videoAbuseInstance.Video = videoInstance
videoAbuseInstance.Account = reporterAccount
2017-11-15 09:12:23 -05:00
// We send the video abuse to the origin server
2017-10-25 05:55:06 -04:00
if (videoInstance.isOwned() === false) {
2017-12-14 11:38:41 -05:00
await sendVideoAbuse(reporterAccount.Actor, videoAbuseInstance, videoInstance, t)
2017-10-25 05:55:06 -04:00
}
auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON()))
logger.info('Abuse report for video %s created.', videoInstance.name)
})
2018-06-13 08:27:40 -04:00
return res.type('json').status(204).end()
2017-05-05 10:53:35 -04:00
}