PeerTube/server/helpers/custom-validators/videos.ts

224 lines
6.8 KiB
TypeScript
Raw Normal View History

import { Response, Request, UploadFilesForCheck } from 'express'
2023-05-22 17:04:39 +02:00
import { decode as magnetUriDecode } from 'magnet-uri'
2020-01-07 14:56:07 +01:00
import validator from 'validator'
import { HttpStatusCode, VideoFilter, VideoInclude, VideoPrivacy, VideoRateType } from '@shared/models'
2017-12-12 17:53:50 +01:00
import {
CONSTRAINTS_FIELDS,
MIMETYPES,
2017-12-12 17:53:50 +01:00
VIDEO_CATEGORIES,
VIDEO_LICENCES,
Resumable video uploads (#3933) * WIP: resumable video uploads relates to #324 * fix review comments * video upload: error handling * fix audio upload * fixes after self review * Update server/controllers/api/videos/index.ts Co-authored-by: Rigel Kent <par@rigelk.eu> * Update server/middlewares/validators/videos/videos.ts Co-authored-by: Rigel Kent <par@rigelk.eu> * Update server/controllers/api/videos/index.ts Co-authored-by: Rigel Kent <par@rigelk.eu> * update after code review * refactor upload route - restore multipart upload route - move resumable to dedicated upload-resumable route - move checks to middleware - do not leak internal fs structure in response * fix yarn.lock upon rebase * factorize addVideo for reuse in both endpoints * add resumable upload API to openapi spec * add initial test and test helper for resumable upload * typings for videoAddResumable middleware * avoid including aws and google packages via node-uploadx, by only including uploadx/core * rename ex-isAudioBg to more explicit name mentioning it is a preview file for audio * add video-upload-tmp-folder-cleaner job * stronger typing of video upload middleware * reduce dependency to @uploadx/core * add audio upload test * refactor resumable uploads cleanup from job to scheduler * refactor resumable uploads scheduler to compare to last execution time * make resumable upload validator to always cleanup on failure * move legacy upload request building outside of uploadVideo test helper * filter upload-resumable middlewares down to POST, PUT, DELETE also begin to type metadata * merge add duration functions * stronger typings and documentation for uploadx behaviour, move init validator up * refactor(client/video-edit): options > uploadxOptions * refactor(client/video-edit): remove obsolete else * scheduler/remove-dangling-resum: rename tag * refactor(server/video): add UploadVideoFiles type * refactor(mw/validators): restructure eslint disable * refactor(mw/validators/videos): rename import * refactor(client/vid-upload): rename html elem id * refactor(sched/remove-dangl): move fn to method * refactor(mw/async): add method typing * refactor(mw/vali/video): double quote > single * refactor(server/upload-resum): express use > all * proper http methud enum server/middlewares/async.ts * properly type http methods * factorize common video upload validation steps * add check for maximum partially uploaded file size * fix audioBg use * fix extname(filename) in addVideo * document parameters for uploadx's resumable protocol * clear META files in scheduler * last audio refactor before cramming preview in the initial POST form data * refactor as mulitpart/form-data initial post request this allows preview/thumbnail uploads alongside the initial request, and cleans up the upload form * Add more tests for resumable uploads * Refactor remove dangling resumable uploads * Prepare changelog * Add more resumable upload tests * Remove user quota check for resumable uploads * Fix upload error handler * Update nginx template for upload-resumable * Cleanup comment * Remove unused express methods * Prefer to use got instead of raw http * Don't retry on error 500 Co-authored-by: Rigel Kent <par@rigelk.eu> Co-authored-by: Rigel Kent <sendmemail@rigelk.eu> Co-authored-by: Chocobozzz <me@florianbigard.com>
2021-05-10 11:13:41 +02:00
VIDEO_LIVE,
2017-12-12 17:53:50 +01:00
VIDEO_PRIVACIES,
VIDEO_RATE_TYPES,
Resumable video uploads (#3933) * WIP: resumable video uploads relates to #324 * fix review comments * video upload: error handling * fix audio upload * fixes after self review * Update server/controllers/api/videos/index.ts Co-authored-by: Rigel Kent <par@rigelk.eu> * Update server/middlewares/validators/videos/videos.ts Co-authored-by: Rigel Kent <par@rigelk.eu> * Update server/controllers/api/videos/index.ts Co-authored-by: Rigel Kent <par@rigelk.eu> * update after code review * refactor upload route - restore multipart upload route - move resumable to dedicated upload-resumable route - move checks to middleware - do not leak internal fs structure in response * fix yarn.lock upon rebase * factorize addVideo for reuse in both endpoints * add resumable upload API to openapi spec * add initial test and test helper for resumable upload * typings for videoAddResumable middleware * avoid including aws and google packages via node-uploadx, by only including uploadx/core * rename ex-isAudioBg to more explicit name mentioning it is a preview file for audio * add video-upload-tmp-folder-cleaner job * stronger typing of video upload middleware * reduce dependency to @uploadx/core * add audio upload test * refactor resumable uploads cleanup from job to scheduler * refactor resumable uploads scheduler to compare to last execution time * make resumable upload validator to always cleanup on failure * move legacy upload request building outside of uploadVideo test helper * filter upload-resumable middlewares down to POST, PUT, DELETE also begin to type metadata * merge add duration functions * stronger typings and documentation for uploadx behaviour, move init validator up * refactor(client/video-edit): options > uploadxOptions * refactor(client/video-edit): remove obsolete else * scheduler/remove-dangling-resum: rename tag * refactor(server/video): add UploadVideoFiles type * refactor(mw/validators): restructure eslint disable * refactor(mw/validators/videos): rename import * refactor(client/vid-upload): rename html elem id * refactor(sched/remove-dangl): move fn to method * refactor(mw/async): add method typing * refactor(mw/vali/video): double quote > single * refactor(server/upload-resum): express use > all * proper http methud enum server/middlewares/async.ts * properly type http methods * factorize common video upload validation steps * add check for maximum partially uploaded file size * fix audioBg use * fix extname(filename) in addVideo * document parameters for uploadx's resumable protocol * clear META files in scheduler * last audio refactor before cramming preview in the initial POST form data * refactor as mulitpart/form-data initial post request this allows preview/thumbnail uploads alongside the initial request, and cleans up the upload form * Add more tests for resumable uploads * Refactor remove dangling resumable uploads * Prepare changelog * Add more resumable upload tests * Remove user quota check for resumable uploads * Fix upload error handler * Update nginx template for upload-resumable * Cleanup comment * Remove unused express methods * Prefer to use got instead of raw http * Don't retry on error 500 Co-authored-by: Rigel Kent <par@rigelk.eu> Co-authored-by: Rigel Kent <sendmemail@rigelk.eu> Co-authored-by: Chocobozzz <me@florianbigard.com>
2021-05-10 11:13:41 +02:00
VIDEO_STATES
} from '../../initializers/constants'
2022-02-11 10:51:33 +01:00
import { exists, isArray, isDateValid, isFileValid } from './misc'
import { getVideoWithAttributes } from '@server/helpers/video'
2017-05-15 22:22:03 +02:00
const VIDEOS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEOS
function isVideoFilterValid (filter: VideoFilter) {
return filter === 'local' || filter === 'all-local' || filter === 'all'
}
function isVideoIncludeValid (include: VideoInclude) {
return exists(include) && validator.isInt('' + include)
}
2018-04-23 14:39:52 +02:00
function isVideoCategoryValid (value: any) {
2020-01-31 16:56:52 +01:00
return value === null || VIDEO_CATEGORIES[value] !== undefined
}
function isVideoStateValid (value: any) {
2020-01-31 16:56:52 +01:00
return exists(value) && VIDEO_STATES[value] !== undefined
2017-03-22 21:15:55 +01:00
}
2018-04-23 14:39:52 +02:00
function isVideoLicenceValid (value: any) {
2020-01-31 16:56:52 +01:00
return value === null || VIDEO_LICENCES[value] !== undefined
2017-03-27 20:53:11 +02:00
}
2018-04-23 14:39:52 +02:00
function isVideoLanguageValid (value: any) {
return value === null ||
(typeof value === 'string' && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.LANGUAGE))
2017-04-07 12:13:37 +02:00
}
2017-11-15 16:28:35 +01:00
function isVideoDurationValid (value: string) {
return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.DURATION)
}
2017-06-10 22:15:25 +02:00
function isVideoDescriptionValid (value: string) {
2017-12-08 17:31:21 +01:00
return value === null || (exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.DESCRIPTION))
2016-06-06 14:15:03 +02:00
}
function isVideoSupportValid (value: string) {
return value === null || (exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.SUPPORT))
}
2017-06-10 22:15:25 +02:00
function isVideoNameValid (value: string) {
return exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.NAME)
2016-06-06 14:15:03 +02:00
}
2017-11-10 14:34:45 +01:00
function isVideoTagValid (tag: string) {
return exists(tag) && validator.isLength(tag, VIDEOS_CONSTRAINTS_FIELDS.TAG)
}
2022-02-11 10:51:33 +01:00
function areVideoTagsValid (tags: string[]) {
2018-05-16 09:28:18 +02:00
return tags === null || (
isArray(tags) &&
validator.isInt(tags.length.toString(), VIDEOS_CONSTRAINTS_FIELDS.TAGS) &&
tags.every(tag => isVideoTagValid(tag))
)
2016-06-06 14:15:03 +02:00
}
2017-06-10 22:15:25 +02:00
function isVideoViewsValid (value: string) {
return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.VIEWS)
}
2022-08-17 15:36:03 +02:00
const ratingTypes = new Set(Object.values(VIDEO_RATE_TYPES))
2017-06-10 22:15:25 +02:00
function isVideoRatingTypeValid (value: string) {
2022-08-17 15:36:03 +02:00
return value === 'none' || ratingTypes.has(value as VideoRateType)
2017-03-08 21:35:43 +01:00
}
2018-12-11 14:52:50 +01:00
function isVideoFileExtnameValid (value: string) {
return exists(value) && (value === VIDEO_LIVE.EXTENSION || MIMETYPES.VIDEO.EXT_MIMETYPE[value] !== undefined)
2018-12-11 14:52:50 +01:00
}
2022-02-11 10:51:33 +01:00
function isVideoFileMimeTypeValid (files: UploadFilesForCheck, field = 'videofile') {
return isFileValid({
files,
mimeTypeRegex: MIMETYPES.VIDEO.MIMETYPES_REGEX,
field,
maxSize: null
})
}
2017-02-10 11:27:14 +01:00
const videoImageTypes = CONSTRAINTS_FIELDS.VIDEOS.IMAGE.EXTNAME
.map(v => v.replace('.', ''))
.join('|')
const videoImageTypesRegex = `image/(${videoImageTypes})`
2022-02-11 10:51:33 +01:00
function isVideoImageValid (files: UploadFilesForCheck, field: string, optional = true) {
return isFileValid({
files,
mimeTypeRegex: videoImageTypesRegex,
field,
maxSize: CONSTRAINTS_FIELDS.VIDEOS.IMAGE.FILE_SIZE.max,
optional
})
2017-02-10 11:27:14 +01:00
}
function isVideoPrivacyValid (value: number) {
2020-01-31 16:56:52 +01:00
return VIDEO_PRIVACIES[value] !== undefined
2017-11-23 18:04:48 +01:00
}
function isVideoReplayPrivacyValid (value: number) {
return VIDEO_PRIVACIES[value] !== undefined && value !== VideoPrivacy.PASSWORD_PROTECTED
}
function isScheduleVideoUpdatePrivacyValid (value: number) {
2019-12-12 15:47:47 +01:00
return value === VideoPrivacy.UNLISTED || value === VideoPrivacy.PUBLIC || value === VideoPrivacy.INTERNAL
}
2019-01-12 14:45:23 +01:00
function isVideoOriginallyPublishedAtValid (value: string | null) {
return value === null || isDateValid(value)
}
2018-07-26 10:45:10 +02:00
function isVideoFileInfoHashValid (value: string | null | undefined) {
return exists(value) && validator.isLength(value, VIDEOS_CONSTRAINTS_FIELDS.INFO_HASH)
}
2017-11-23 18:04:48 +01:00
function isVideoFileResolutionValid (value: string) {
return exists(value) && validator.isInt(value + '')
}
function isVideoFPSResolutionValid (value: string) {
return value === null || validator.isInt(value + '')
}
2017-11-23 18:04:48 +01:00
function isVideoFileSizeValid (value: string) {
return exists(value) && validator.isInt(value + '', VIDEOS_CONSTRAINTS_FIELDS.FILE_SIZE)
2017-11-23 17:53:38 +01:00
}
2018-08-06 17:13:39 +02:00
function isVideoMagnetUriValid (value: string) {
if (!exists(value)) return false
2023-05-22 17:04:39 +02:00
const parsed = magnetUriDecode(value)
2018-08-06 17:13:39 +02:00
return parsed && isVideoFileInfoHashValid(parsed.infoHash)
}
function isPasswordValid (password: string) {
return password.length >= CONSTRAINTS_FIELDS.VIDEO_PASSWORD.LENGTH.min &&
password.length < CONSTRAINTS_FIELDS.VIDEO_PASSWORD.LENGTH.max
}
function isValidPasswordProtectedPrivacy (req: Request, res: Response) {
const fail = (message: string) => {
res.fail({
status: HttpStatusCode.BAD_REQUEST_400,
message
})
return false
}
let privacy: VideoPrivacy
const video = getVideoWithAttributes(res)
if (exists(req.body?.privacy)) privacy = req.body.privacy
else if (exists(video?.privacy)) privacy = video.privacy
if (privacy !== VideoPrivacy.PASSWORD_PROTECTED) return true
if (!exists(req.body.videoPasswords) && !exists(req.body.passwords)) return fail('Video passwords are missing.')
const passwords = req.body.videoPasswords || req.body.passwords
if (passwords.length === 0) return fail('At least one video password is required.')
if (new Set(passwords).size !== passwords.length) return fail('Duplicate video passwords are not allowed.')
for (const password of passwords) {
if (typeof password !== 'string') {
return fail('Video password should be a string.')
}
if (!isPasswordValid(password)) {
return fail('Invalid video password. Password length should be at least 2 characters and no more than 100 characters.')
}
}
return true
}
2017-01-04 20:59:23 +01:00
// ---------------------------------------------------------------------------
2017-05-15 22:22:03 +02:00
export {
isVideoCategoryValid,
isVideoLicenceValid,
isVideoLanguageValid,
isVideoDescriptionValid,
isVideoFileInfoHashValid,
2017-05-15 22:22:03 +02:00
isVideoNameValid,
2022-02-11 10:51:33 +01:00
areVideoTagsValid,
isVideoFPSResolutionValid,
isScheduleVideoUpdatePrivacyValid,
2019-01-12 14:45:23 +01:00
isVideoOriginallyPublishedAtValid,
2018-08-06 17:13:39 +02:00
isVideoMagnetUriValid,
isVideoStateValid,
isVideoIncludeValid,
2017-05-15 22:22:03 +02:00
isVideoViewsValid,
isVideoRatingTypeValid,
2018-12-11 14:52:50 +01:00
isVideoFileExtnameValid,
isVideoFileMimeTypeValid,
2017-11-15 16:28:35 +01:00
isVideoDurationValid,
2017-11-10 14:34:45 +01:00
isVideoTagValid,
2017-11-23 17:53:38 +01:00
isVideoPrivacyValid,
isVideoReplayPrivacyValid,
2017-11-23 18:04:48 +01:00
isVideoFileResolutionValid,
isVideoFileSizeValid,
2022-02-11 10:51:33 +01:00
isVideoImageValid,
isVideoSupportValid,
isVideoFilterValid,
isPasswordValid,
isValidPasswordProtectedPrivacy
2017-05-15 22:22:03 +02:00
}