PeerTube/server/models/user.ts

198 lines
4.1 KiB
TypeScript
Raw Normal View History

2017-05-15 22:22:03 +02:00
import { values } from 'lodash'
import { getSort } from './utils'
import { USER_ROLES } from '../initializers'
import {
cryptPassword,
comparePassword,
isUserPasswordValid,
isUserUsernameValid,
isUserDisplayNSFWValid
} from '../helpers'
// ---------------------------------------------------------------------------
2016-12-11 21:50:51 +01:00
module.exports = function (sequelize, DataTypes) {
const User = sequelize.define('User',
{
password: {
2016-12-28 15:49:23 +01:00
type: DataTypes.STRING,
allowNull: false,
validate: {
passwordValid: function (value) {
2017-05-15 22:22:03 +02:00
const res = isUserPasswordValid(value)
2016-12-28 15:49:23 +01:00
if (res === false) throw new Error('Password not valid.')
}
}
2016-12-11 21:50:51 +01:00
},
username: {
2016-12-28 15:49:23 +01:00
type: DataTypes.STRING,
allowNull: false,
validate: {
usernameValid: function (value) {
2017-05-15 22:22:03 +02:00
const res = isUserUsernameValid(value)
2016-12-28 15:49:23 +01:00
if (res === false) throw new Error('Username not valid.')
}
}
2016-12-11 21:50:51 +01:00
},
2017-02-18 09:29:59 +01:00
email: {
2017-02-18 11:56:28 +01:00
type: DataTypes.STRING(400),
2017-02-18 09:29:59 +01:00
allowNull: false,
validate: {
isEmail: true
}
},
2017-04-03 21:24:36 +02:00
displayNSFW: {
type: DataTypes.BOOLEAN,
allowNull: false,
defaultValue: false,
validate: {
nsfwValid: function (value) {
2017-05-15 22:22:03 +02:00
const res = isUserDisplayNSFWValid(value)
2017-04-03 21:24:36 +02:00
if (res === false) throw new Error('Display NSFW is not valid.')
}
}
},
2016-12-11 21:50:51 +01:00
role: {
2017-05-15 22:22:03 +02:00
type: DataTypes.ENUM(values(USER_ROLES)),
2016-12-28 15:49:23 +01:00
allowNull: false
2016-12-11 21:50:51 +01:00
}
},
{
2016-12-29 09:33:28 +01:00
indexes: [
{
2017-02-16 19:24:34 +01:00
fields: [ 'username' ],
unique: true
2017-02-18 09:29:59 +01:00
},
{
fields: [ 'email' ],
unique: true
2016-12-29 09:33:28 +01:00
}
],
2016-12-11 21:50:51 +01:00
classMethods: {
associate,
countTotal,
getByUsername,
list,
listForApi,
loadById,
2017-02-18 09:29:59 +01:00
loadByUsername,
loadByUsernameOrEmail
2016-12-11 21:50:51 +01:00
},
instanceMethods: {
isPasswordMatch,
Add ability for an administrator to remove any video (#61) * Add ability for an admin to remove every video on the pod. * Server: add BlacklistedVideos relation. * Server: Insert in BlacklistedVideos relation upon deletion of a video. * Server: Modify BlacklistedVideos schema to add Pod id information. * Server: Moving insertion of a blacklisted video from the `afterDestroy` hook into the process of deletion of a video. To avoid inserting a video when it is removed on its origin pod. When a video is removed on its origin pod, the `afterDestroy` hook is fire, but no request is made on the delete('/:videoId') interface. Hence, we insert into `BlacklistedVideos` only on request on delete('/:videoId') (if requirements for insertion are met). * Server: Add removeVideoFromBlacklist hook on deletion of a video. We are going to proceed in another way :). We will add a new route : /:videoId/blacklist to blacklist a video. We do not blacklist a video upon its deletion now (to distinguish a video blacklist from a regular video delete) When we blacklist a video, the video remains in the DB, so we don't have any concern about its update. It just doesn't appear in the video list. When we remove a video, we then have to remove it from the blacklist too. We could also remove a video from the blacklist to 'unremove' it and make it appear again in the video list (will be another feature). * Server: Add handler for new route post(/:videoId/blacklist) * Client: Add isBlacklistable method * Client: Update isRemovableBy method. * Client: Move 'Delete video' feature from the video-list to the video-watch module. * Server: Exclude blacklisted videos from the video list * Server: Use findAll() in BlacklistedVideos.list() method * Server: Fix addVideoToBlacklist function. * Client: Add blacklist feature. * Server: Use JavaScript Standard Style. * Server: In checkUserCanDeleteVideo, move the callback call inside the db callback function * Server: Modify BlacklistVideo relation * Server: Modifiy Videos methods. * Server: Add checkVideoIsBlacklistable method * Server: Rewrite addVideoToBlacklist method * Server: Fix checkVideoIsBlacklistable method * Server: Add return to addVideoToBlacklist method
2017-04-26 21:22:10 +02:00
toFormatedJSON,
isAdmin
2016-12-11 21:50:51 +01:00
},
hooks: {
beforeCreate: beforeCreateOrUpdate,
beforeUpdate: beforeCreateOrUpdate
}
}
)
return User
}
2016-12-11 21:50:51 +01:00
function beforeCreateOrUpdate (user, options, next) {
2017-05-15 22:22:03 +02:00
cryptPassword(user.password, function (err, hash) {
2016-08-25 17:57:37 +02:00
if (err) return next(err)
user.password = hash
return next()
})
2016-12-11 21:50:51 +01:00
}
2016-08-25 17:57:37 +02:00
// ------------------------------ METHODS ------------------------------
function isPasswordMatch (password, callback) {
2017-05-15 22:22:03 +02:00
return comparePassword(password, this.password, callback)
2016-08-25 17:57:37 +02:00
}
function toFormatedJSON () {
return {
2016-12-11 21:50:51 +01:00
id: this.id,
2016-08-25 17:57:37 +02:00
username: this.username,
2017-02-18 09:29:59 +01:00
email: this.email,
2017-04-03 21:24:36 +02:00
displayNSFW: this.displayNSFW,
role: this.role,
2016-12-11 21:50:51 +01:00
createdAt: this.createdAt
2016-08-25 17:57:37 +02:00
}
}
Add ability for an administrator to remove any video (#61) * Add ability for an admin to remove every video on the pod. * Server: add BlacklistedVideos relation. * Server: Insert in BlacklistedVideos relation upon deletion of a video. * Server: Modify BlacklistedVideos schema to add Pod id information. * Server: Moving insertion of a blacklisted video from the `afterDestroy` hook into the process of deletion of a video. To avoid inserting a video when it is removed on its origin pod. When a video is removed on its origin pod, the `afterDestroy` hook is fire, but no request is made on the delete('/:videoId') interface. Hence, we insert into `BlacklistedVideos` only on request on delete('/:videoId') (if requirements for insertion are met). * Server: Add removeVideoFromBlacklist hook on deletion of a video. We are going to proceed in another way :). We will add a new route : /:videoId/blacklist to blacklist a video. We do not blacklist a video upon its deletion now (to distinguish a video blacklist from a regular video delete) When we blacklist a video, the video remains in the DB, so we don't have any concern about its update. It just doesn't appear in the video list. When we remove a video, we then have to remove it from the blacklist too. We could also remove a video from the blacklist to 'unremove' it and make it appear again in the video list (will be another feature). * Server: Add handler for new route post(/:videoId/blacklist) * Client: Add isBlacklistable method * Client: Update isRemovableBy method. * Client: Move 'Delete video' feature from the video-list to the video-watch module. * Server: Exclude blacklisted videos from the video list * Server: Use findAll() in BlacklistedVideos.list() method * Server: Fix addVideoToBlacklist function. * Client: Add blacklist feature. * Server: Use JavaScript Standard Style. * Server: In checkUserCanDeleteVideo, move the callback call inside the db callback function * Server: Modify BlacklistVideo relation * Server: Modifiy Videos methods. * Server: Add checkVideoIsBlacklistable method * Server: Rewrite addVideoToBlacklist method * Server: Fix checkVideoIsBlacklistable method * Server: Add return to addVideoToBlacklist method
2017-04-26 21:22:10 +02:00
function isAdmin () {
2017-05-15 22:22:03 +02:00
return this.role === USER_ROLES.ADMIN
Add ability for an administrator to remove any video (#61) * Add ability for an admin to remove every video on the pod. * Server: add BlacklistedVideos relation. * Server: Insert in BlacklistedVideos relation upon deletion of a video. * Server: Modify BlacklistedVideos schema to add Pod id information. * Server: Moving insertion of a blacklisted video from the `afterDestroy` hook into the process of deletion of a video. To avoid inserting a video when it is removed on its origin pod. When a video is removed on its origin pod, the `afterDestroy` hook is fire, but no request is made on the delete('/:videoId') interface. Hence, we insert into `BlacklistedVideos` only on request on delete('/:videoId') (if requirements for insertion are met). * Server: Add removeVideoFromBlacklist hook on deletion of a video. We are going to proceed in another way :). We will add a new route : /:videoId/blacklist to blacklist a video. We do not blacklist a video upon its deletion now (to distinguish a video blacklist from a regular video delete) When we blacklist a video, the video remains in the DB, so we don't have any concern about its update. It just doesn't appear in the video list. When we remove a video, we then have to remove it from the blacklist too. We could also remove a video from the blacklist to 'unremove' it and make it appear again in the video list (will be another feature). * Server: Add handler for new route post(/:videoId/blacklist) * Client: Add isBlacklistable method * Client: Update isRemovableBy method. * Client: Move 'Delete video' feature from the video-list to the video-watch module. * Server: Exclude blacklisted videos from the video list * Server: Use findAll() in BlacklistedVideos.list() method * Server: Fix addVideoToBlacklist function. * Client: Add blacklist feature. * Server: Use JavaScript Standard Style. * Server: In checkUserCanDeleteVideo, move the callback call inside the db callback function * Server: Modify BlacklistVideo relation * Server: Modifiy Videos methods. * Server: Add checkVideoIsBlacklistable method * Server: Rewrite addVideoToBlacklist method * Server: Fix checkVideoIsBlacklistable method * Server: Add return to addVideoToBlacklist method
2017-04-26 21:22:10 +02:00
}
2016-08-25 17:57:37 +02:00
// ------------------------------ STATICS ------------------------------
2016-12-11 21:50:51 +01:00
function associate (models) {
this.hasOne(models.Author, {
foreignKey: 'userId',
onDelete: 'cascade'
})
2016-12-11 21:50:51 +01:00
this.hasMany(models.OAuthToken, {
foreignKey: 'userId',
onDelete: 'cascade'
})
}
2016-08-16 22:31:45 +02:00
function countTotal (callback) {
2016-12-11 21:50:51 +01:00
return this.count().asCallback(callback)
}
2016-08-25 17:57:37 +02:00
function getByUsername (username) {
2016-12-11 21:50:51 +01:00
const query = {
where: {
username: username
}
}
return this.findOne(query)
}
function list (callback) {
2016-12-11 21:50:51 +01:00
return this.find().asCallback(callback)
}
2016-08-16 22:31:45 +02:00
function listForApi (start, count, sort, callback) {
2016-12-11 21:50:51 +01:00
const query = {
offset: start,
limit: count,
2017-05-15 22:22:03 +02:00
order: [ getSort(sort) ]
2016-12-11 21:50:51 +01:00
}
return this.findAndCountAll(query).asCallback(function (err, result) {
if (err) return callback(err)
return callback(null, result.rows, result.count)
})
}
function loadById (id, callback) {
2016-12-11 21:50:51 +01:00
return this.findById(id).asCallback(callback)
}
function loadByUsername (username, callback) {
2016-12-11 21:50:51 +01:00
const query = {
where: {
username: username
}
}
return this.findOne(query).asCallback(callback)
}
2017-02-18 09:29:59 +01:00
function loadByUsernameOrEmail (username, email, callback) {
const query = {
where: {
$or: [ { username }, { email } ]
}
}
return this.findOne(query).asCallback(callback)
}