mirror of https://github.com/Chocobozzz/PeerTube
Do not host remote AP objects
parent
7373507fa8
commit
8d1fa36ad2
|
@ -39,6 +39,7 @@ import {
|
|||
import { VideoCaptionModel } from '../../models/video/video-caption'
|
||||
import { videoRedundancyGetValidator } from '../../middlewares/validators/redundancy'
|
||||
import { getServerActor } from '../../helpers/utils'
|
||||
import { VideoRedundancyModel } from '../../models/redundancy/video-redundancy'
|
||||
|
||||
const activityPubClientRouter = express.Router()
|
||||
|
||||
|
@ -164,6 +165,8 @@ function getAccountVideoRate (rateType: VideoRateType) {
|
|||
async function videoController (req: express.Request, res: express.Response, next: express.NextFunction) {
|
||||
const video: VideoModel = res.locals.video
|
||||
|
||||
if (video.isOwned() === false) return res.redirect(video.url)
|
||||
|
||||
// We need captions to render AP object
|
||||
video.VideoCaptions = await VideoCaptionModel.listVideoCaptions(video.id)
|
||||
|
||||
|
@ -180,6 +183,9 @@ async function videoController (req: express.Request, res: express.Response, nex
|
|||
|
||||
async function videoAnnounceController (req: express.Request, res: express.Response, next: express.NextFunction) {
|
||||
const share = res.locals.videoShare as VideoShareModel
|
||||
|
||||
if (share.Actor.isOwned() === false) return res.redirect(share.url)
|
||||
|
||||
const { activity } = await buildAnnounceWithVideoAudience(share.Actor, share, res.locals.video, undefined)
|
||||
|
||||
return activityPubResponse(activityPubContextify(activity), res)
|
||||
|
@ -252,6 +258,8 @@ async function videoChannelFollowingController (req: express.Request, res: expre
|
|||
async function videoCommentController (req: express.Request, res: express.Response, next: express.NextFunction) {
|
||||
const videoComment: VideoCommentModel = res.locals.videoComment
|
||||
|
||||
if (videoComment.isOwned() === false) return res.redirect(videoComment.url)
|
||||
|
||||
const threadParentComments = await VideoCommentModel.listThreadParentComments(videoComment, undefined)
|
||||
const isPublic = true // Comments are always public
|
||||
const audience = getAudience(videoComment.Account.Actor, isPublic)
|
||||
|
@ -267,7 +275,9 @@ async function videoCommentController (req: express.Request, res: express.Respon
|
|||
}
|
||||
|
||||
async function videoRedundancyController (req: express.Request, res: express.Response) {
|
||||
const videoRedundancy = res.locals.videoRedundancy
|
||||
const videoRedundancy: VideoRedundancyModel = res.locals.videoRedundancy
|
||||
if (videoRedundancy.isOwned() === false) return res.redirect(videoRedundancy.url)
|
||||
|
||||
const serverActor = await getServerActor()
|
||||
|
||||
const audience = getAudience(serverActor)
|
||||
|
|
|
@ -19,6 +19,7 @@ function cacheRoute (lifetimeArg: string | number) {
|
|||
logger.debug('No cached results for route %s.', req.originalUrl)
|
||||
|
||||
const sendSave = res.send.bind(res)
|
||||
const redirectSave = res.redirect.bind(res)
|
||||
|
||||
res.send = (body) => {
|
||||
if (res.statusCode >= 200 && res.statusCode < 400) {
|
||||
|
@ -38,6 +39,12 @@ function cacheRoute (lifetimeArg: string | number) {
|
|||
return sendSave(body)
|
||||
}
|
||||
|
||||
res.redirect = url => {
|
||||
done()
|
||||
|
||||
return redirectSave(url)
|
||||
}
|
||||
|
||||
return next()
|
||||
}
|
||||
|
||||
|
|
|
@ -117,8 +117,7 @@ export class VideoRedundancyModel extends Model<VideoRedundancyModel> {
|
|||
|
||||
@BeforeDestroy
|
||||
static async removeFile (instance: VideoRedundancyModel) {
|
||||
// Not us
|
||||
if (!instance.strategy) return
|
||||
if (!instance.isOwned()) return
|
||||
|
||||
const videoFile = await VideoFileModel.loadWithVideo(instance.videoFileId)
|
||||
|
||||
|
@ -404,6 +403,10 @@ export class VideoRedundancyModel extends Model<VideoRedundancyModel> {
|
|||
}))
|
||||
}
|
||||
|
||||
isOwned () {
|
||||
return !!this.strategy
|
||||
}
|
||||
|
||||
toActivityPubObject (): CacheFileObject {
|
||||
return {
|
||||
id: this.url,
|
||||
|
|
|
@ -15,6 +15,7 @@ import {
|
|||
userLogin
|
||||
} from '../../utils'
|
||||
import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
|
||||
import { waitJobs } from '../../utils/server/jobs'
|
||||
|
||||
describe('Test user subscriptions API validators', function () {
|
||||
const path = '/api/v1/users/me/subscriptions'
|
||||
|
@ -141,6 +142,8 @@ describe('Test user subscriptions API validators', function () {
|
|||
})
|
||||
|
||||
it('Should succeed with the correct parameters', async function () {
|
||||
this.timeout(20000)
|
||||
|
||||
await makePostBodyRequest({
|
||||
url: server.url,
|
||||
path,
|
||||
|
@ -148,6 +151,8 @@ describe('Test user subscriptions API validators', function () {
|
|||
fields: { uri: 'user1_channel@localhost:9001' },
|
||||
statusCodeExpected: 204
|
||||
})
|
||||
|
||||
await waitJobs([ server ])
|
||||
})
|
||||
})
|
||||
|
||||
|
|
Loading…
Reference in New Issue