2017-06-05 19:53:49 +00:00
|
|
|
import * as express from 'express'
|
2018-08-10 14:54:01 +00:00
|
|
|
import { UserRight, VideoAbuseCreate, VideoAbuseState } from '../../../../shared'
|
2017-12-28 10:16:08 +00:00
|
|
|
import { logger } from '../../../helpers/logger'
|
2019-08-29 12:31:04 +00:00
|
|
|
import { getFormattedObjects, getServerActor } from '../../../helpers/utils'
|
2017-12-12 16:53:50 +00:00
|
|
|
import { sequelizeTypescript } from '../../../initializers'
|
2017-05-15 20:22:03 +00:00
|
|
|
import {
|
2018-06-13 12:27:40 +00:00
|
|
|
asyncMiddleware,
|
|
|
|
|
asyncRetryTransactionMiddleware,
|
|
|
|
|
authenticate,
|
|
|
|
|
ensureUserHasRight,
|
|
|
|
|
paginationValidator,
|
|
|
|
|
setDefaultPagination,
|
|
|
|
|
setDefaultSort,
|
2018-08-10 14:54:01 +00:00
|
|
|
videoAbuseGetValidator,
|
2018-06-13 12:27:40 +00:00
|
|
|
videoAbuseReportValidator,
|
2018-08-10 14:54:01 +00:00
|
|
|
videoAbusesSortValidator,
|
|
|
|
|
videoAbuseUpdateValidator
|
2017-05-15 20:22:03 +00:00
|
|
|
} from '../../../middlewares'
|
2017-12-12 16:53:50 +00:00
|
|
|
import { AccountModel } from '../../../models/account/account'
|
|
|
|
|
import { VideoAbuseModel } from '../../../models/video/video-abuse'
|
2018-07-31 12:04:26 +00:00
|
|
|
import { auditLoggerFactory, VideoAbuseAuditView } from '../../../helpers/audit-logger'
|
2018-12-26 09:36:24 +00:00
|
|
|
import { Notifier } from '../../../lib/notifier'
|
2019-01-15 13:52:33 +00:00
|
|
|
import { sendVideoAbuse } from '../../../lib/activitypub/send/send-flag'
|
2019-08-15 09:53:26 +00:00
|
|
|
import { MVideoAbuseAccountVideo } from '../../../typings/models/video'
|
2017-05-15 20:22:03 +00:00
|
|
|
|
2018-07-31 12:04:26 +00:00
|
|
|
const auditLogger = auditLoggerFactory('abuse')
|
2017-05-15 20:22:03 +00:00
|
|
|
const abuseVideoRouter = express.Router()
|
|
|
|
|
|
|
|
|
|
abuseVideoRouter.get('/abuse',
|
|
|
|
|
authenticate,
|
2017-10-27 14:55:03 +00:00
|
|
|
ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
|
2017-05-15 20:22:03 +00:00
|
|
|
paginationValidator,
|
|
|
|
|
videoAbusesSortValidator,
|
2018-01-17 09:50:33 +00:00
|
|
|
setDefaultSort,
|
2018-01-18 09:53:54 +00:00
|
|
|
setDefaultPagination,
|
2017-10-25 09:55:06 +00:00
|
|
|
asyncMiddleware(listVideoAbuses)
|
2017-05-05 14:53:35 +00:00
|
|
|
)
|
2018-08-10 14:54:01 +00:00
|
|
|
abuseVideoRouter.put('/:videoId/abuse/:id',
|
|
|
|
|
authenticate,
|
|
|
|
|
ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
|
|
|
|
|
asyncMiddleware(videoAbuseUpdateValidator),
|
|
|
|
|
asyncRetryTransactionMiddleware(updateVideoAbuse)
|
|
|
|
|
)
|
|
|
|
|
abuseVideoRouter.post('/:videoId/abuse',
|
2017-05-15 20:22:03 +00:00
|
|
|
authenticate,
|
2017-11-27 16:30:46 +00:00
|
|
|
asyncMiddleware(videoAbuseReportValidator),
|
2018-06-13 12:27:40 +00:00
|
|
|
asyncRetryTransactionMiddleware(reportVideoAbuse)
|
2017-05-05 14:53:35 +00:00
|
|
|
)
|
2018-08-10 14:54:01 +00:00
|
|
|
abuseVideoRouter.delete('/:videoId/abuse/:id',
|
|
|
|
|
authenticate,
|
|
|
|
|
ensureUserHasRight(UserRight.MANAGE_VIDEO_ABUSES),
|
|
|
|
|
asyncMiddleware(videoAbuseGetValidator),
|
|
|
|
|
asyncRetryTransactionMiddleware(deleteVideoAbuse)
|
|
|
|
|
)
|
2017-05-05 14:53:35 +00:00
|
|
|
|
|
|
|
|
// ---------------------------------------------------------------------------
|
|
|
|
|
|
2017-05-15 20:22:03 +00:00
|
|
|
export {
|
|
|
|
|
abuseVideoRouter
|
|
|
|
|
}
|
2017-05-05 14:53:35 +00:00
|
|
|
|
|
|
|
|
// ---------------------------------------------------------------------------
|
|
|
|
|
|
2018-08-10 14:54:01 +00:00
|
|
|
async function listVideoAbuses (req: express.Request, res: express.Response) {
|
2019-08-29 12:31:04 +00:00
|
|
|
const user = res.locals.oauth.token.user
|
|
|
|
|
const serverActor = await getServerActor()
|
|
|
|
|
|
|
|
|
|
const resultList = await VideoAbuseModel.listForApi({
|
|
|
|
|
start: req.query.start,
|
|
|
|
|
count: req.query.count,
|
|
|
|
|
sort: req.query.sort,
|
|
|
|
|
serverAccountId: serverActor.Account.id,
|
|
|
|
|
user
|
|
|
|
|
})
|
2017-10-25 09:55:06 +00:00
|
|
|
|
|
|
|
|
return res.json(getFormattedObjects(resultList.data, resultList.total))
|
2017-05-05 14:53:35 +00:00
|
|
|
}
|
|
|
|
|
|
2018-08-10 14:54:01 +00:00
|
|
|
async function updateVideoAbuse (req: express.Request, res: express.Response) {
|
2019-03-19 09:35:15 +00:00
|
|
|
const videoAbuse = res.locals.videoAbuse
|
2018-08-10 14:54:01 +00:00
|
|
|
|
|
|
|
|
if (req.body.moderationComment !== undefined) videoAbuse.moderationComment = req.body.moderationComment
|
|
|
|
|
if (req.body.state !== undefined) videoAbuse.state = req.body.state
|
|
|
|
|
|
|
|
|
|
await sequelizeTypescript.transaction(t => {
|
|
|
|
|
return videoAbuse.save({ transaction: t })
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Do not send the delete to other instances, we updated OUR copy of this video abuse
|
|
|
|
|
|
|
|
|
|
return res.type('json').status(204).end()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function deleteVideoAbuse (req: express.Request, res: express.Response) {
|
2019-03-19 09:35:15 +00:00
|
|
|
const videoAbuse = res.locals.videoAbuse
|
2018-08-10 14:54:01 +00:00
|
|
|
|
|
|
|
|
await sequelizeTypescript.transaction(t => {
|
|
|
|
|
return videoAbuse.destroy({ transaction: t })
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
// Do not send the delete to other instances, we delete OUR copy of this video abuse
|
|
|
|
|
|
|
|
|
|
return res.type('json').status(204).end()
|
|
|
|
|
}
|
|
|
|
|
|
2017-10-25 09:55:06 +00:00
|
|
|
async function reportVideoAbuse (req: express.Request, res: express.Response) {
|
2019-08-15 09:53:26 +00:00
|
|
|
const videoInstance = res.locals.videoAll
|
2017-07-10 17:43:21 +00:00
|
|
|
const body: VideoAbuseCreate = req.body
|
2017-05-05 14:53:35 +00:00
|
|
|
|
2019-08-15 09:53:26 +00:00
|
|
|
const videoAbuse = await sequelizeTypescript.transaction(async t => {
|
2019-03-19 09:35:15 +00:00
|
|
|
const reporterAccount = await AccountModel.load(res.locals.oauth.token.User.Account.id, t)
|
2018-09-20 08:13:13 +00:00
|
|
|
|
|
|
|
|
const abuseToCreate = {
|
|
|
|
|
reporterAccountId: reporterAccount.id,
|
|
|
|
|
reason: body.reason,
|
|
|
|
|
videoId: videoInstance.id,
|
|
|
|
|
state: VideoAbuseState.PENDING
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-15 09:53:26 +00:00
|
|
|
const videoAbuseInstance: MVideoAbuseAccountVideo = await VideoAbuseModel.create(abuseToCreate, { transaction: t })
|
2017-11-16 16:04:19 +00:00
|
|
|
videoAbuseInstance.Video = videoInstance
|
2018-07-31 12:04:26 +00:00
|
|
|
videoAbuseInstance.Account = reporterAccount
|
2017-11-15 14:12:23 +00:00
|
|
|
|
|
|
|
|
// We send the video abuse to the origin server
|
2017-10-25 09:55:06 +00:00
|
|
|
if (videoInstance.isOwned() === false) {
|
2019-07-29 09:59:29 +00:00
|
|
|
await sendVideoAbuse(reporterAccount.Actor, videoAbuseInstance, videoInstance, t)
|
2017-10-25 09:55:06 +00:00
|
|
|
}
|
|
|
|
|
|
2018-07-31 12:04:26 +00:00
|
|
|
auditLogger.create(reporterAccount.Actor.getIdentifier(), new VideoAbuseAuditView(videoAbuseInstance.toFormattedJSON()))
|
2018-08-10 14:54:01 +00:00
|
|
|
|
|
|
|
|
return videoAbuseInstance
|
2018-07-31 12:04:26 +00:00
|
|
|
})
|
2018-06-13 12:27:40 +00:00
|
|
|
|
2019-07-29 09:59:29 +00:00
|
|
|
Notifier.Instance.notifyOnNewVideoAbuse(videoAbuse)
|
|
|
|
|
|
2018-08-10 14:54:01 +00:00
|
|
|
logger.info('Abuse report for video %s created.', videoInstance.name)
|
2018-09-20 08:13:13 +00:00
|
|
|
|
|
|
|
|
return res.json({ videoAbuse: videoAbuse.toFormattedJSON() }).end()
|
2017-05-05 14:53:35 +00:00
|
|
|
}
|
