mirror of https://github.com/Chocobozzz/PeerTube
Fix video channel update with an admin account
parent
a14d3b6b23
commit
6200d8d917
|
@ -219,7 +219,6 @@ export class VideoAddComponent extends FormReactive implements OnInit, OnDestroy
|
|||
|
||||
const video = new VideoEdit()
|
||||
video.patch(this.form.value)
|
||||
video.channelId = this.firstStepChannelId
|
||||
video.id = this.videoUploadedIds.id
|
||||
video.uuid = this.videoUploadedIds.uuid
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@ import { FormReactive } from '../../shared'
|
|||
import { ValidatorMessage } from '../../shared/forms/form-validators/validator-message'
|
||||
import { VideoEdit } from '../../shared/video/video-edit.model'
|
||||
import { VideoService } from '../../shared/video/video.service'
|
||||
import { populateAsyncUserVideoChannels } from '@app/shared/misc/utils'
|
||||
import { VideoChannelService } from '@app/shared/video-channel/video-channel.service'
|
||||
|
||||
@Component({
|
||||
selector: 'my-videos-update',
|
||||
|
@ -36,7 +36,8 @@ export class VideoUpdateComponent extends FormReactive implements OnInit {
|
|||
private serverService: ServerService,
|
||||
private videoService: VideoService,
|
||||
private authService: AuthService,
|
||||
private loadingBar: LoadingBarService
|
||||
private loadingBar: LoadingBarService,
|
||||
private videoChannelService: VideoChannelService
|
||||
) {
|
||||
super()
|
||||
}
|
||||
|
@ -59,14 +60,21 @@ export class VideoUpdateComponent extends FormReactive implements OnInit {
|
|||
return this.videoService
|
||||
.loadCompleteDescription(video.descriptionPath)
|
||||
.pipe(map(description => Object.assign(video, { description })))
|
||||
}),
|
||||
switchMap(video => {
|
||||
return this.videoChannelService
|
||||
.listAccountVideoChannels(video.account.id)
|
||||
.pipe(
|
||||
map(result => result.data),
|
||||
map(videoChannels => videoChannels.map(c => ({ id: c.id, label: c.displayName }))),
|
||||
map(videoChannels => ({ video, videoChannels }))
|
||||
)
|
||||
})
|
||||
)
|
||||
.subscribe(
|
||||
video => {
|
||||
({ video, videoChannels }) => {
|
||||
this.video = new VideoEdit(video)
|
||||
|
||||
populateAsyncUserVideoChannels(this.authService, this.userVideoChannels)
|
||||
.catch(err => console.error(err))
|
||||
this.userVideoChannels = videoChannels
|
||||
|
||||
// We cannot set private a video that was not private
|
||||
if (video.privacy.id !== VideoPrivacy.PRIVATE) {
|
||||
|
|
|
@ -341,7 +341,7 @@ async function updateVideo (req: express.Request, res: express.Response) {
|
|||
|
||||
// Video channel update?
|
||||
if (res.locals.videoChannel && videoInstanceUpdated.channelId !== res.locals.videoChannel.id) {
|
||||
await videoInstanceUpdated.$set('VideoChannel', res.locals.videoChannel)
|
||||
await videoInstanceUpdated.$set('VideoChannel', res.locals.videoChannel, { transaction: t })
|
||||
videoInstance.VideoChannel = res.locals.videoChannel
|
||||
|
||||
if (wasPrivateVideo === false) await changeVideoChannelShare(videoInstanceUpdated, oldVideoChannel, t)
|
||||
|
|
|
@ -3,7 +3,7 @@ import 'express-validator'
|
|||
import { values } from 'lodash'
|
||||
import 'multer'
|
||||
import * as validator from 'validator'
|
||||
import { VideoRateType } from '../../../shared'
|
||||
import { UserRight, VideoRateType } from '../../../shared'
|
||||
import {
|
||||
CONSTRAINTS_FIELDS,
|
||||
VIDEO_CATEGORIES,
|
||||
|
@ -15,6 +15,7 @@ import {
|
|||
import { VideoModel } from '../../models/video/video'
|
||||
import { exists, isArray, isFileValid } from './misc'
|
||||
import { VideoChannelModel } from '../../models/video/video-channel'
|
||||
import { UserModel } from '../../models/account/user'
|
||||
|
||||
const VIDEOS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEOS
|
||||
const VIDEO_ABUSES_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEO_ABUSES
|
||||
|
@ -127,8 +128,22 @@ async function isVideoExist (id: string, res: Response) {
|
|||
return true
|
||||
}
|
||||
|
||||
async function isVideoChannelOfAccountExist (channelId: number, accountId: number, res: Response) {
|
||||
const videoChannel = await VideoChannelModel.loadByIdAndAccount(channelId, accountId)
|
||||
async function isVideoChannelOfAccountExist (channelId: number, user: UserModel, res: Response) {
|
||||
if (user.hasRight(UserRight.UPDATE_ANY_VIDEO) === true) {
|
||||
const videoChannel = await VideoChannelModel.loadAndPopulateAccount(channelId)
|
||||
if (!videoChannel) {
|
||||
res.status(400)
|
||||
.json({ error: 'Unknown video video channel on this instance.' })
|
||||
.end()
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
res.locals.videoChannel = videoChannel
|
||||
return true
|
||||
}
|
||||
|
||||
const videoChannel = await VideoChannelModel.loadByIdAndAccount(channelId, user.Account.id)
|
||||
if (!videoChannel) {
|
||||
res.status(400)
|
||||
.json({ error: 'Unknown video video channel for this account.' })
|
||||
|
|
|
@ -90,7 +90,7 @@ const videosAddValidator = [
|
|||
const videoFile: Express.Multer.File = req.files['videofile'][0]
|
||||
const user = res.locals.oauth.token.User
|
||||
|
||||
if (!await isVideoChannelOfAccountExist(req.body.channelId, user.Account.id, res)) return
|
||||
if (!await isVideoChannelOfAccountExist(req.body.channelId, user, res)) return
|
||||
|
||||
const isAble = await user.isAbleToUploadVideo(videoFile)
|
||||
if (isAble === false) {
|
||||
|
@ -193,7 +193,7 @@ const videosUpdateValidator = [
|
|||
.end()
|
||||
}
|
||||
|
||||
if (req.body.channelId && !await isVideoChannelOfAccountExist(req.body.channelId, user.Account.id, res)) return
|
||||
if (req.body.channelId && !await isVideoChannelOfAccountExist(req.body.channelId, user, res)) return
|
||||
|
||||
return next()
|
||||
}
|
||||
|
@ -332,7 +332,7 @@ function checkUserCanManageVideo (user: UserModel, video: VideoModel, right: Use
|
|||
// Retrieve the user who did the request
|
||||
if (video.isOwned() === false) {
|
||||
res.status(403)
|
||||
.json({ error: 'Cannot remove video of another server, blacklist it' })
|
||||
.json({ error: 'Cannot manage a video of another server.' })
|
||||
.end()
|
||||
return false
|
||||
}
|
||||
|
@ -343,7 +343,7 @@ function checkUserCanManageVideo (user: UserModel, video: VideoModel, right: Use
|
|||
const account = video.VideoChannel.Account
|
||||
if (user.hasRight(right) === false && account.userId !== user.id) {
|
||||
res.status(403)
|
||||
.json({ error: 'Cannot remove video of another user' })
|
||||
.json({ error: 'Cannot manage a video of another user.' })
|
||||
.end()
|
||||
return false
|
||||
}
|
||||
|
|
|
@ -280,7 +280,7 @@ describe('Test videos API validator', function () {
|
|||
const fields = immutableAssign(baseCorrectParams, { channelId: customChannelId })
|
||||
const attaches = baseCorrectAttaches
|
||||
|
||||
await makeUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
|
||||
await makeUploadRequest({ url: server.url, path: path + '/upload', token: userAccessToken, fields, attaches })
|
||||
})
|
||||
|
||||
it('Should fail with too many tags', async function () {
|
||||
|
|
Loading…
Reference in New Issue