Fix separate SQL query for video get

server/middlewares/validators/videos/videos.ts

@@ -3,7 +3,7 @@ import { body, param, query, ValidationChain } from 'express-validator'
 import { isAbleToUploadVideo } from '@server/lib/user'
 import { getServerActor } from '@server/models/application/application'
 import { ExpressPromiseHandler } from '@server/types/express'
-import { MVideoFullLight } from '@server/types/models'
+import { MVideoFullLight, MVideoWithRights } from '@server/types/models'
 import { ServerErrorCode, UserRight, VideoChangeOwnershipStatus, VideoPrivacy } from '../../../../shared'
 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
 import { VideoChangeOwnershipAccept } from '../../../../shared/models/videos/video-change-ownership-accept.model'
@@ -197,17 +197,16 @@ const videosCustomGetValidator = (
       // Controllers does not need to check video rights
       if (fetchType === 'only-immutable-attributes') return next()
 
-      const video = getVideoWithAttributes(res)
-      const videoAll = video as MVideoFullLight
+      const video = getVideoWithAttributes(res) as MVideoWithRights
 
       // Video private or blacklisted
-      if (videoAll.requiresAuth()) {
+      if (video.requiresAuth()) {
         await authenticatePromiseIfNeeded(req, res, authenticateInQuery)
 
         const user = res.locals.oauth ? res.locals.oauth.token.User : null
 
         // Only the owner or a user that have blacklist rights can see the video
-        if (!user || !user.canGetVideo(videoAll)) {
+        if (!user || !user.canGetVideo(video)) {
           return res.status(HttpStatusCode.FORBIDDEN_403)
                     .json({ error: 'Cannot get this private/internal or blacklisted video.' })
         }

server/models/account/user.ts

@@ -28,7 +28,8 @@ import {
   MUserFormattable,
   MUserNotifSettingChannelDefault,
   MUserWithNotificationSetting,
-  MVideoFullLight
+  MVideoFullLight,
+  MVideoWithRights
 } from '@server/types/models'
 import { hasUserRight, USER_ROLE_LABELS } from '../../../shared/core-utils/users'
 import { AbuseState, MyUser, UserRight, VideoPlaylistType, VideoPrivacy } from '../../../shared/models'
@@ -819,7 +820,7 @@ export class UserModel extends Model {
                     .then(u => u.map(u => u.username))
   }
 
-  canGetVideo (video: MVideoFullLight) {
+  canGetVideo (video: MVideoWithRights) {
     const videoUserId = video.VideoChannel.Account.userId
 
     if (video.isBlacklisted()) {

server/models/video/video.ts

@@ -356,6 +356,7 @@ export type AvailableForListIDsOptions = {
       include: [
         {
           model: VideoFileModel,
+          separate: true,
           required: false,
           include: subInclude
         }
@@ -383,6 +384,7 @@ export type AvailableForListIDsOptions = {
         {
           model: VideoStreamingPlaylistModel.unscoped(),
           required: false,
+          separate: true,
           include: subInclude
         }
       ]
@@ -1312,8 +1314,7 @@ export class VideoModel extends Model {
 
     return VideoModel.scope([
       ScopeNames.WITH_BLACKLISTED,
-      ScopeNames.WITH_USER_ID,
-      ScopeNames.WITH_THUMBNAILS
+      ScopeNames.WITH_USER_ID
     ]).findOne(options)
   }
 

server/types/models/video/video.ts

@@ -107,7 +107,6 @@ export type MVideoAccountLight =
 export type MVideoWithRights =
   MVideo &
   Use<'VideoBlacklist', MVideoBlacklistLight> &
-  Use<'Thumbnails', MThumbnail[]> &
   Use<'VideoChannel', MChannelUserId>
 
 // ############################################################################