interesting
/
PeerTube
mirror of https://github.com/Chocobozzz/PeerTube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Remove deprecated abuse api

This commit is contained in:
Chocobozzz 2020-11-10 14:41:20 +01:00
parent 403c69c5a3
commit 7a4ea93246
No known key found for this signature in database
GPG Key ID: 583A612D890159BE
15 changed files with 10 additions and 1041 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
client/src/app/shared/shared-abuse-list/abuse-list-table.component.ts
View File

@ -144,8 +144,8 @@ export class AbuseListTableComponent extends RestTable implements OnInit, AfterV
baseUrl: `${environment.embedUrl}/videos/embed/${abuse.video.uuid}`, baseUrl: `${environment.embedUrl}/videos/embed/${abuse.video.uuid}`,
title: false, title: false,
warningTitle: false, warningTitle: false,
startTime: abuse.startAt, startTime: abuse.video.startAt,
stopTime: abuse.endAt stopTime: abuse.video.endAt
}) })
) )
} }

8
server/controllers/api/abuse.ts
View File

@ -85,13 +85,7 @@ abuseRouter.delete('/:id/messages/:messageId',
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
export { export {
abuseRouter, abuseRouter
// FIXME: deprecated in 2.3. Remove these exports
listAbusesForAdmins,
updateAbuse,
deleteAbuse,
reportAbuse
} }
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------

114
server/controllers/api/videos/abuse.ts
View File

@ -1,114 +0,0 @@
import * as express from 'express'
import { AbuseModel } from '@server/models/abuse/abuse'
import { getServerActor } from '@server/models/application/application'
import { AbuseCreate, UserRight, VideoAbuseCreate } from '../../../../shared'
import {
abusesSortValidator,
asyncMiddleware,
asyncRetryTransactionMiddleware,
authenticate,
ensureUserHasRight,
paginationValidator,
setDefaultPagination,
setDefaultSort,
videoAbuseGetValidator,
videoAbuseListValidator,
videoAbuseReportValidator,
videoAbuseUpdateValidator
} from '../../../middlewares'
import { deleteAbuse, reportAbuse, updateAbuse } from '../abuse'
// FIXME: deprecated in 2.3. Remove this controller
const abuseVideoRouter = express.Router()
abuseVideoRouter.get('/abuse',
authenticate,
ensureUserHasRight(UserRight.MANAGE_ABUSES),
paginationValidator,
abusesSortValidator,
setDefaultSort,
setDefaultPagination,
videoAbuseListValidator,
asyncMiddleware(listVideoAbuses)
)
abuseVideoRouter.put('/:videoId/abuse/:id',
authenticate,
ensureUserHasRight(UserRight.MANAGE_ABUSES),
asyncMiddleware(videoAbuseUpdateValidator),
asyncRetryTransactionMiddleware(updateVideoAbuse)
)
abuseVideoRouter.post('/:videoId/abuse',
authenticate,
asyncMiddleware(videoAbuseReportValidator),
asyncRetryTransactionMiddleware(reportVideoAbuse)
)
abuseVideoRouter.delete('/:videoId/abuse/:id',
authenticate,
ensureUserHasRight(UserRight.MANAGE_ABUSES),
asyncMiddleware(videoAbuseGetValidator),
asyncRetryTransactionMiddleware(deleteVideoAbuse)
)
// ---------------------------------------------------------------------------
export {
abuseVideoRouter
}
// ---------------------------------------------------------------------------
async function listVideoAbuses (req: express.Request, res: express.Response) {
const user = res.locals.oauth.token.user
const serverActor = await getServerActor()
const resultList = await AbuseModel.listForAdminApi({
start: req.query.start,
count: req.query.count,
sort: req.query.sort,
id: req.query.id,
filter: 'video',
predefinedReason: req.query.predefinedReason,
search: req.query.search,
state: req.query.state,
videoIs: req.query.videoIs,
searchReporter: req.query.searchReporter,
searchReportee: req.query.searchReportee,
searchVideo: req.query.searchVideo,
searchVideoChannel: req.query.searchVideoChannel,
serverAccountId: serverActor.Account.id,
user
})
return res.json({
total: resultList.total,
data: resultList.data.map(d => d.toFormattedAdminJSON())
})
}
async function updateVideoAbuse (req: express.Request, res: express.Response) {
return updateAbuse(req, res)
}
async function deleteVideoAbuse (req: express.Request, res: express.Response) {
return deleteAbuse(req, res)
}
async function reportVideoAbuse (req: express.Request, res: express.Response) {
const oldBody = req.body as VideoAbuseCreate
req.body = {
accountId: res.locals.videoAll.VideoChannel.accountId,
reason: oldBody.reason,
predefinedReasons: oldBody.predefinedReasons,
video: {
id: res.locals.videoAll.id,
startAt: oldBody.startAt,
endAt: oldBody.endAt
}
} as AbuseCreate
return reportAbuse(req, res)
}

4
server/controllers/api/videos/index.ts
View File

@ -6,6 +6,7 @@ import { addOptimizeOrMergeAudioJob } from '@server/helpers/video'
import { createTorrentAndSetInfoHash } from '@server/helpers/webtorrent' import { createTorrentAndSetInfoHash } from '@server/helpers/webtorrent'
import { changeVideoChannelShare } from '@server/lib/activitypub/share' import { changeVideoChannelShare } from '@server/lib/activitypub/share'
import { getVideoActivityPubUrl } from '@server/lib/activitypub/url' import { getVideoActivityPubUrl } from '@server/lib/activitypub/url'
import { LiveManager } from '@server/lib/live-manager'
import { buildLocalVideoFromReq, buildVideoThumbnailsFromReq, setVideoTags } from '@server/lib/video' import { buildLocalVideoFromReq, buildVideoThumbnailsFromReq, setVideoTags } from '@server/lib/video'
import { getVideoFilePath } from '@server/lib/video-paths' import { getVideoFilePath } from '@server/lib/video-paths'
import { getServerActor } from '@server/models/application/application' import { getServerActor } from '@server/models/application/application'
@ -57,7 +58,6 @@ import {
import { ScheduleVideoUpdateModel } from '../../../models/video/schedule-video-update' import { ScheduleVideoUpdateModel } from '../../../models/video/schedule-video-update'
import { VideoModel } from '../../../models/video/video' import { VideoModel } from '../../../models/video/video'
import { VideoFileModel } from '../../../models/video/video-file' import { VideoFileModel } from '../../../models/video/video-file'
import { abuseVideoRouter } from './abuse'
import { blacklistRouter } from './blacklist' import { blacklistRouter } from './blacklist'
import { videoCaptionsRouter } from './captions' import { videoCaptionsRouter } from './captions'
import { videoCommentRouter } from './comment' import { videoCommentRouter } from './comment'
@ -66,7 +66,6 @@ import { liveRouter } from './live'
import { ownershipVideoRouter } from './ownership' import { ownershipVideoRouter } from './ownership'
import { rateVideoRouter } from './rate' import { rateVideoRouter } from './rate'
import { watchingRouter } from './watching' import { watchingRouter } from './watching'
import { LiveManager } from '@server/lib/live-manager'
const auditLogger = auditLoggerFactory('videos') const auditLogger = auditLoggerFactory('videos')
const videosRouter = express.Router() const videosRouter = express.Router()
@ -89,7 +88,6 @@ const reqVideoFileUpdate = createReqFiles(
} }
) )
videosRouter.use('/', abuseVideoRouter)
videosRouter.use('/', blacklistRouter) videosRouter.use('/', blacklistRouter)
videosRouter.use('/', rateVideoRouter) videosRouter.use('/', rateVideoRouter)
videosRouter.use('/', videoCommentRouter) videosRouter.use('/', videoCommentRouter)

27
server/helpers/middlewares/abuses.ts
View File

@ -1,29 +1,5 @@
import { Response } from 'express' import { Response } from 'express'
import { AbuseModel } from '../../models/abuse/abuse' import { AbuseModel } from '../../models/abuse/abuse'
import { fetchVideo } from '../video'
// FIXME: deprecated in 2.3. Remove this function
async function doesVideoAbuseExist (abuseIdArg: number | string, videoUUID: string, res: Response) {
const abuseId = parseInt(abuseIdArg + '', 10)
let abuse = await AbuseModel.loadByIdAndVideoId(abuseId, null, videoUUID)
if (!abuse) {
const userId = res.locals.oauth?.token.User.id
const video = await fetchVideo(videoUUID, 'all', userId)
if (video) abuse = await AbuseModel.loadByIdAndVideoId(abuseId, video.id)
}
if (abuse === null) {
res.status(404)
.json({ error: 'Video abuse not found' })
return false
}
res.locals.abuse = abuse
return true
}
async function doesAbuseExist (abuseId: number | string, res: Response) { async function doesAbuseExist (abuseId: number | string, res: Response) {
const abuse = await AbuseModel.loadByIdWithReporter(parseInt(abuseId + '', 10)) const abuse = await AbuseModel.loadByIdWithReporter(parseInt(abuseId + '', 10))
@ -42,6 +18,5 @@ async function doesAbuseExist (abuseId: number | string, res: Response) {
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
export { export {
doesAbuseExist, doesAbuseExist
doesVideoAbuseExist
} }

119
server/middlewares/validators/abuse.ts
View File

@ -1,10 +1,10 @@
import * as express from 'express' import * as express from 'express'
import { body, param, query } from 'express-validator' import { body, param, query } from 'express-validator'
import { import {
areAbusePredefinedReasonsValid,
isAbuseFilterValid, isAbuseFilterValid,
isAbuseMessageValid, isAbuseMessageValid,
isAbuseModerationCommentValid, isAbuseModerationCommentValid,
areAbusePredefinedReasonsValid,
isAbusePredefinedReasonValid, isAbusePredefinedReasonValid,
isAbuseReasonValid, isAbuseReasonValid,
isAbuseStateValid, isAbuseStateValid,
@ -15,7 +15,7 @@ import {
import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '@server/helpers/custom-validators/misc' import { exists, isIdOrUUIDValid, isIdValid, toIntOrNull } from '@server/helpers/custom-validators/misc'
import { doesCommentIdExist } from '@server/helpers/custom-validators/video-comments' import { doesCommentIdExist } from '@server/helpers/custom-validators/video-comments'
import { logger } from '@server/helpers/logger' import { logger } from '@server/helpers/logger'
import { doesAbuseExist, doesAccountIdExist, doesVideoAbuseExist, doesVideoExist } from '@server/helpers/middlewares' import { doesAbuseExist, doesAccountIdExist, doesVideoExist } from '@server/helpers/middlewares'
import { AbuseMessageModel } from '@server/models/abuse/abuse-message' import { AbuseMessageModel } from '@server/models/abuse/abuse-message'
import { AbuseCreate, UserRight } from '@shared/models' import { AbuseCreate, UserRight } from '@shared/models'
import { areValidationErrors } from './utils' import { areValidationErrors } from './utils'
@ -256,115 +256,6 @@ const deleteAbuseMessageValidator = [
} }
] ]
// FIXME: deprecated in 2.3. Remove these validators
const videoAbuseReportValidator = [
param('videoId')
.custom(isIdOrUUIDValid)
.not()
.isEmpty()
.withMessage('Should have a valid videoId'),
body('reason')
.custom(isAbuseReasonValid)
.withMessage('Should have a valid reason'),
body('predefinedReasons')
.optional()
.custom(areAbusePredefinedReasonsValid)
.withMessage('Should have a valid list of predefined reasons'),
body('startAt')
.optional()
.customSanitizer(toIntOrNull)
.custom(isAbuseTimestampValid)
.withMessage('Should have valid starting time value'),
body('endAt')
.optional()
.customSanitizer(toIntOrNull)
.custom(isAbuseTimestampValid)
.withMessage('Should have valid ending time value'),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking videoAbuseReport parameters', { parameters: req.body })
if (areValidationErrors(req, res)) return
if (!await doesVideoExist(req.params.videoId, res)) return
return next()
}
]
const videoAbuseGetValidator = [
param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking videoAbuseGetValidator parameters', { parameters: req.body })
if (areValidationErrors(req, res)) return
if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return
return next()
}
]
const videoAbuseUpdateValidator = [
param('videoId').custom(isIdOrUUIDValid).not().isEmpty().withMessage('Should have a valid videoId'),
param('id').custom(isIdValid).not().isEmpty().withMessage('Should have a valid id'),
body('state')
.optional()
.custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
body('moderationComment')
.optional()
.custom(isAbuseModerationCommentValid).withMessage('Should have a valid video moderation comment'),
async (req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking videoAbuseUpdateValidator parameters', { parameters: req.body })
if (areValidationErrors(req, res)) return
if (!await doesVideoAbuseExist(req.params.id, req.params.videoId, res)) return
return next()
}
]
const videoAbuseListValidator = [
query('id')
.optional()
.custom(isIdValid).withMessage('Should have a valid id'),
query('predefinedReason')
.optional()
.custom(isAbusePredefinedReasonValid)
.withMessage('Should have a valid predefinedReason'),
query('search')
.optional()
.custom(exists).withMessage('Should have a valid search'),
query('state')
.optional()
.custom(isAbuseStateValid).withMessage('Should have a valid video abuse state'),
query('videoIs')
.optional()
.custom(isAbuseVideoIsValid).withMessage('Should have a valid "video is" attribute'),
query('searchReporter')
.optional()
.custom(exists).withMessage('Should have a valid reporter search'),
query('searchReportee')
.optional()
.custom(exists).withMessage('Should have a valid reportee search'),
query('searchVideo')
.optional()
.custom(exists).withMessage('Should have a valid video search'),
query('searchVideoChannel')
.optional()
.custom(exists).withMessage('Should have a valid video channel search'),
(req: express.Request, res: express.Response, next: express.NextFunction) => {
logger.debug('Checking videoAbuseListValidator parameters', { parameters: req.body })
if (areValidationErrors(req, res)) return
return next()
}
]
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
export { export {
@ -376,9 +267,5 @@ export {
abuseUpdateValidator, abuseUpdateValidator,
deleteAbuseMessageValidator, deleteAbuseMessageValidator,
abuseListForUserValidator, abuseListForUserValidator,
getAbuseValidator, getAbuseValidator
videoAbuseReportValidator,
videoAbuseGetValidator,
videoAbuseUpdateValidator,
videoAbuseListValidator
} }

36
server/models/abuse/abuse.ts
View File

@ -1,6 +1,6 @@
import * as Bluebird from 'bluebird' import * as Bluebird from 'bluebird'
import { invert } from 'lodash' import { invert } from 'lodash'
import { literal, Op, QueryTypes, WhereOptions } from 'sequelize' import { literal, Op, QueryTypes } from 'sequelize'
import { import {
AllowNull, AllowNull,
BelongsTo, BelongsTo,
@ -265,32 +265,6 @@ export class AbuseModel extends Model<AbuseModel> {
}) })
VideoAbuse: VideoAbuseModel VideoAbuse: VideoAbuseModel
// FIXME: deprecated in 2.3. Remove these validators
static loadByIdAndVideoId (id: number, videoId?: number, uuid?: string): Bluebird<MAbuseReporter> {
const videoWhere: WhereOptions = {}
if (videoId) videoWhere.videoId = videoId
if (uuid) videoWhere.deletedVideo = { uuid }
const query = {
include: [
{
model: VideoAbuseModel,
required: true,
where: videoWhere
},
{
model: AccountModel,
as: 'ReporterAccount'
}
],
where: {
id
}
}
return AbuseModel.findOne(query)
}
static loadByIdWithReporter (id: number): Bluebird<MAbuseReporter> { static loadByIdWithReporter (id: number): Bluebird<MAbuseReporter> {
const query = { const query = {
where: { where: {
@ -561,13 +535,7 @@ export class AbuseModel extends Model<AbuseModel> {
: null, : null,
countReportsForReporter: (countReportsForReporter || 0), countReportsForReporter: (countReportsForReporter || 0),
countReportsForReportee: (countReportsForReportee || 0), countReportsForReportee: (countReportsForReportee || 0)
// FIXME: deprecated in 2.3, remove this
startAt: null,
endAt: null,
count: countReportsForVideo || 0,
nth: nthReportForVideo || 0
}) })
} }

1
server/tests/api/check-params/index.ts
View File

@ -16,7 +16,6 @@ import './services'
import './user-notifications' import './user-notifications'
import './user-subscriptions' import './user-subscriptions'
import './users' import './users'
import './video-abuses'
import './video-blacklist' import './video-blacklist'
import './video-captions' import './video-captions'
import './video-channels' import './video-channels'

216
server/tests/api/check-params/video-abuses.ts
View File

@ -1,216 +0,0 @@
/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
import 'mocha'
import { AbuseState, VideoAbuseCreate } from '@shared/models'
import {
cleanupTests,
createUser,
deleteVideoAbuse,
flushAndRunServer,
makeGetRequest,
makePostBodyRequest,
ServerInfo,
setAccessTokensToServers,
updateVideoAbuse,
uploadVideo,
userLogin
} from '../../../../shared/extra-utils'
import {
checkBadCountPagination,
checkBadSortPagination,
checkBadStartPagination
} from '../../../../shared/extra-utils/requests/check-api-params'
// FIXME: deprecated in 2.3. Remove this controller
describe('Test video abuses API validators', function () {
let server: ServerInfo
let userAccessToken = ''
let videoAbuseId: number
// ---------------------------------------------------------------
before(async function () {
this.timeout(30000)
server = await flushAndRunServer(1)
await setAccessTokensToServers([ server ])
const username = 'user1'
const password = 'my super password'
await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
userAccessToken = await userLogin(server, { username, password })
const res = await uploadVideo(server.url, server.accessToken, {})
server.video = res.body.video
})
describe('When listing video abuses', function () {
const path = '/api/v1/videos/abuse'
it('Should fail with a bad start pagination', async function () {
await checkBadStartPagination(server.url, path, server.accessToken)
})
it('Should fail with a bad count pagination', async function () {
await checkBadCountPagination(server.url, path, server.accessToken)
})
it('Should fail with an incorrect sort', async function () {
await checkBadSortPagination(server.url, path, server.accessToken)
})
it('Should fail with a non authenticated user', async function () {
await makeGetRequest({
url: server.url,
path,
statusCodeExpected: 401
})
})
it('Should fail with a non admin user', async function () {
await makeGetRequest({
url: server.url,
path,
token: userAccessToken,
statusCodeExpected: 403
})
})
it('Should fail with a bad id filter', async function () {
await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
})
it('Should fail with a bad state filter', async function () {
await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
})
it('Should fail with a bad videoIs filter', async function () {
await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
})
it('Should succeed with the correct params', async function () {
await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 13 }, statusCodeExpected: 200 })
})
})
describe('When reporting a video abuse', function () {
const basePath = '/api/v1/videos/'
let path: string
before(() => {
path = basePath + server.video.id + '/abuse'
})
it('Should fail with nothing', async function () {
const fields = {}
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
})
it('Should fail with a wrong video', async function () {
const wrongPath = '/api/v1/videos/blabla/abuse'
const fields = { reason: 'my super reason' }
await makePostBodyRequest({ url: server.url, path: wrongPath, token: server.accessToken, fields })
})
it('Should fail with a non authenticated user', async function () {
const fields = { reason: 'my super reason' }
await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: 401 })
})
it('Should fail with a reason too short', async function () {
const fields = { reason: 'h' }
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
})
it('Should fail with a too big reason', async function () {
const fields = { reason: 'super'.repeat(605) }
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
})
it('Should succeed with the correct parameters (basic)', async function () {
const fields = { reason: 'my super reason' }
const res = await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
videoAbuseId = res.body.abuse.id
})
it('Should fail with a wrong predefined reason', async function () {
const fields = { reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
})
it('Should fail with negative timestamps', async function () {
const fields = { reason: 'my super reason', startAt: -1 }
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
})
it('Should succeed with the corret parameters (advanced)', async function () {
const fields: VideoAbuseCreate = { reason: 'my super reason', predefinedReasons: [ 'serverRules' ], startAt: 1, endAt: 5 }
await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
})
})
describe('When updating a video abuse', function () {
it('Should fail with a non authenticated user', async function () {
await updateVideoAbuse(server.url, 'blabla', server.video.uuid, videoAbuseId, {}, 401)
})
it('Should fail with a non admin user', async function () {
await updateVideoAbuse(server.url, userAccessToken, server.video.uuid, videoAbuseId, {}, 403)
})
it('Should fail with a bad video id or bad video abuse id', async function () {
await updateVideoAbuse(server.url, server.accessToken, server.video.uuid, 45, {}, 404)
await updateVideoAbuse(server.url, server.accessToken, 52, videoAbuseId, {}, 404)
})
it('Should fail with a bad state', async function () {
const body = { state: 5 }
await updateVideoAbuse(server.url, server.accessToken, server.video.uuid, videoAbuseId, body, 400)
})
it('Should fail with a bad moderation comment', async function () {
const body = { moderationComment: 'b'.repeat(3001) }
await updateVideoAbuse(server.url, server.accessToken, server.video.uuid, videoAbuseId, body, 400)
})
it('Should succeed with the correct params', async function () {
const body = { state: AbuseState.ACCEPTED }
await updateVideoAbuse(server.url, server.accessToken, server.video.uuid, videoAbuseId, body)
})
})
describe('When deleting a video abuse', function () {
it('Should fail with a non authenticated user', async function () {
await deleteVideoAbuse(server.url, 'blabla', server.video.uuid, videoAbuseId, 401)
})
it('Should fail with a non admin user', async function () {
await deleteVideoAbuse(server.url, userAccessToken, server.video.uuid, videoAbuseId, 403)
})
it('Should fail with a bad video id or bad video abuse id', async function () {
await deleteVideoAbuse(server.url, server.accessToken, server.video.uuid, 45, 404)
await deleteVideoAbuse(server.url, server.accessToken, 52, videoAbuseId, 404)
})
it('Should succeed with the correct params', async function () {
await deleteVideoAbuse(server.url, server.accessToken, server.video.uuid, videoAbuseId)
})
})
after(async function () {
await cleanupTests([ server ])
})
})

1
server/tests/api/moderation/index.ts
View File

@ -1,4 +1,3 @@
export * from './abuses' export * from './abuses'
export * from './blocklist' export * from './blocklist'
export * from './video-abuse'
export * from './video-blacklist' export * from './video-blacklist'

386
server/tests/api/moderation/video-abuse.ts
View File

@ -1,386 +0,0 @@
/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
import 'mocha'
import * as chai from 'chai'
import { AbusePredefinedReasonsString, AbuseState, AdminAbuse } from '@shared/models'
import {
cleanupTests,
createUser,
deleteVideoAbuse,
flushAndRunMultipleServers,
getVideoAbusesList,
getVideosList,
removeVideo,
reportVideoAbuse,
ServerInfo,
setAccessTokensToServers,
updateVideoAbuse,
uploadVideo,
userLogin
} from '../../../../shared/extra-utils/index'
import { doubleFollow } from '../../../../shared/extra-utils/server/follows'
import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
import {
addAccountToServerBlocklist,
addServerToServerBlocklist,
removeAccountFromServerBlocklist,
removeServerFromServerBlocklist
} from '../../../../shared/extra-utils/users/blocklist'
const expect = chai.expect
// FIXME: deprecated in 2.3. Remove this controller
describe('Test video abuses', function () {
let servers: ServerInfo[] = []
let abuseServer2: AdminAbuse
before(async function () {
this.timeout(50000)
// Run servers
servers = await flushAndRunMultipleServers(2)
// Get the access tokens
await setAccessTokensToServers(servers)
// Server 1 and server 2 follow each other
await doubleFollow(servers[0], servers[1])
// Upload some videos on each servers
const video1Attributes = {
name: 'my super name for server 1',
description: 'my super description for server 1'
}
await uploadVideo(servers[0].url, servers[0].accessToken, video1Attributes)
const video2Attributes = {
name: 'my super name for server 2',
description: 'my super description for server 2'
}
await uploadVideo(servers[1].url, servers[1].accessToken, video2Attributes)
// Wait videos propagation, server 2 has transcoding enabled
await waitJobs(servers)
const res = await getVideosList(servers[0].url)
const videos = res.body.data
expect(videos.length).to.equal(2)
servers[0].video = videos.find(video => video.name === 'my super name for server 1')
servers[1].video = videos.find(video => video.name === 'my super name for server 2')
})
it('Should not have video abuses', async function () {
const res = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
expect(res.body.total).to.equal(0)
expect(res.body.data).to.be.an('array')
expect(res.body.data.length).to.equal(0)
})
it('Should report abuse on a local video', async function () {
this.timeout(15000)
const reason = 'my super bad reason'
await reportVideoAbuse(servers[0].url, servers[0].accessToken, servers[0].video.id, reason)
// We wait requests propagation, even if the server 1 is not supposed to make a request to server 2
await waitJobs(servers)
})
it('Should have 1 video abuses on server 1 and 0 on server 2', async function () {
const res1 = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
expect(res1.body.total).to.equal(1)
expect(res1.body.data).to.be.an('array')
expect(res1.body.data.length).to.equal(1)
const abuse: AdminAbuse = res1.body.data[0]
expect(abuse.reason).to.equal('my super bad reason')
expect(abuse.reporterAccount.name).to.equal('root')
expect(abuse.reporterAccount.host).to.equal('localhost:' + servers[0].port)
expect(abuse.video.id).to.equal(servers[0].video.id)
expect(abuse.video.channel).to.exist
expect(abuse.video.countReports).to.equal(1)
expect(abuse.video.nthReport).to.equal(1)
expect(abuse.countReportsForReporter).to.equal(1)
expect(abuse.countReportsForReportee).to.equal(1)
const res2 = await getVideoAbusesList({ url: servers[1].url, token: servers[1].accessToken })
expect(res2.body.total).to.equal(0)
expect(res2.body.data).to.be.an('array')
expect(res2.body.data.length).to.equal(0)
})
it('Should report abuse on a remote video', async function () {
this.timeout(10000)
const reason = 'my super bad reason 2'
await reportVideoAbuse(servers[0].url, servers[0].accessToken, servers[1].video.id, reason)
// We wait requests propagation
await waitJobs(servers)
})
it('Should have 2 video abuses on server 1 and 1 on server 2', async function () {
const res1 = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
expect(res1.body.total).to.equal(2)
expect(res1.body.data).to.be.an('array')
expect(res1.body.data.length).to.equal(2)
const abuse1: AdminAbuse = res1.body.data[0]
expect(abuse1.reason).to.equal('my super bad reason')
expect(abuse1.reporterAccount.name).to.equal('root')
expect(abuse1.reporterAccount.host).to.equal('localhost:' + servers[0].port)
expect(abuse1.video.id).to.equal(servers[0].video.id)
expect(abuse1.state.id).to.equal(AbuseState.PENDING)
expect(abuse1.state.label).to.equal('Pending')
expect(abuse1.moderationComment).to.be.null
expect(abuse1.video.countReports).to.equal(1)
expect(abuse1.video.nthReport).to.equal(1)
const abuse2: AdminAbuse = res1.body.data[1]
expect(abuse2.reason).to.equal('my super bad reason 2')
expect(abuse2.reporterAccount.name).to.equal('root')
expect(abuse2.reporterAccount.host).to.equal('localhost:' + servers[0].port)
expect(abuse2.video.id).to.equal(servers[1].video.id)
expect(abuse2.state.id).to.equal(AbuseState.PENDING)
expect(abuse2.state.label).to.equal('Pending')
expect(abuse2.moderationComment).to.be.null
const res2 = await getVideoAbusesList({ url: servers[1].url, token: servers[1].accessToken })
expect(res2.body.total).to.equal(1)
expect(res2.body.data).to.be.an('array')
expect(res2.body.data.length).to.equal(1)
abuseServer2 = res2.body.data[0]
expect(abuseServer2.reason).to.equal('my super bad reason 2')
expect(abuseServer2.reporterAccount.name).to.equal('root')
expect(abuseServer2.reporterAccount.host).to.equal('localhost:' + servers[0].port)
expect(abuseServer2.state.id).to.equal(AbuseState.PENDING)
expect(abuseServer2.state.label).to.equal('Pending')
expect(abuseServer2.moderationComment).to.be.null
})
it('Should update the state of a video abuse', async function () {
const body = { state: AbuseState.REJECTED }
await updateVideoAbuse(servers[1].url, servers[1].accessToken, abuseServer2.video.uuid, abuseServer2.id, body)
const res = await getVideoAbusesList({ url: servers[1].url, token: servers[1].accessToken })
expect(res.body.data[0].state.id).to.equal(AbuseState.REJECTED)
})
it('Should add a moderation comment', async function () {
const body = { state: AbuseState.ACCEPTED, moderationComment: 'It is valid' }
await updateVideoAbuse(servers[1].url, servers[1].accessToken, abuseServer2.video.uuid, abuseServer2.id, body)
const res = await getVideoAbusesList({ url: servers[1].url, token: servers[1].accessToken })
expect(res.body.data[0].state.id).to.equal(AbuseState.ACCEPTED)
expect(res.body.data[0].moderationComment).to.equal('It is valid')
})
it('Should hide video abuses from blocked accounts', async function () {
this.timeout(10000)
{
await reportVideoAbuse(servers[1].url, servers[1].accessToken, servers[0].video.uuid, 'will mute this')
await waitJobs(servers)
const res = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
expect(res.body.total).to.equal(3)
}
const accountToBlock = 'root@localhost:' + servers[1].port
{
await addAccountToServerBlocklist(servers[0].url, servers[0].accessToken, accountToBlock)
const res = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
expect(res.body.total).to.equal(2)
const abuse = res.body.data.find(a => a.reason === 'will mute this')
expect(abuse).to.be.undefined
}
{
await removeAccountFromServerBlocklist(servers[0].url, servers[0].accessToken, accountToBlock)
const res = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
expect(res.body.total).to.equal(3)
}
})
it('Should hide video abuses from blocked servers', async function () {
const serverToBlock = servers[1].host
{
await addServerToServerBlocklist(servers[0].url, servers[0].accessToken, servers[1].host)
const res = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
expect(res.body.total).to.equal(2)
const abuse = res.body.data.find(a => a.reason === 'will mute this')
expect(abuse).to.be.undefined
}
{
await removeServerFromServerBlocklist(servers[0].url, servers[0].accessToken, serverToBlock)
const res = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
expect(res.body.total).to.equal(3)
}
})
it('Should keep the video abuse when deleting the video', async function () {
this.timeout(10000)
await removeVideo(servers[1].url, servers[1].accessToken, abuseServer2.video.uuid)
await waitJobs(servers)
const res = await getVideoAbusesList({ url: servers[1].url, token: servers[1].accessToken })
expect(res.body.total).to.equal(2, "wrong number of videos returned")
expect(res.body.data.length).to.equal(2, "wrong number of videos returned")
expect(res.body.data[0].id).to.equal(abuseServer2.id, "wrong origin server id for first video")
const abuse: AdminAbuse = res.body.data[0]
expect(abuse.video.id).to.equal(abuseServer2.video.id, "wrong video id")
expect(abuse.video.channel).to.exist
expect(abuse.video.deleted).to.be.true
})
it('Should include counts of reports from reporter and reportee', async function () {
this.timeout(10000)
// register a second user to have two reporters/reportees
const user = { username: 'user2', password: 'password' }
await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, ...user })
const userAccessToken = await userLogin(servers[0], user)
// upload a third video via this user
const video3Attributes = {
name: 'my second super name for server 1',
description: 'my second super description for server 1'
}
await uploadVideo(servers[0].url, userAccessToken, video3Attributes)
const res1 = await getVideosList(servers[0].url)
const videos = res1.body.data
const video3 = videos.find(video => video.name === 'my second super name for server 1')
// resume with the test
const reason3 = 'my super bad reason 3'
await reportVideoAbuse(servers[0].url, servers[0].accessToken, video3.id, reason3)
const reason4 = 'my super bad reason 4'
await reportVideoAbuse(servers[0].url, userAccessToken, servers[0].video.id, reason4)
const res2 = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
{
for (const abuse of res2.body.data as AdminAbuse[]) {
if (abuse.video.id === video3.id) {
expect(abuse.video.countReports).to.equal(1, "wrong reports count for video 3")
expect(abuse.video.nthReport).to.equal(1, "wrong report position in report list for video 3")
expect(abuse.countReportsForReportee).to.equal(1, "wrong reports count for reporter on video 3 abuse")
expect(abuse.countReportsForReporter).to.equal(3, "wrong reports count for reportee on video 3 abuse")
}
if (abuse.video.id === servers[0].video.id) {
expect(abuse.countReportsForReportee).to.equal(3, "wrong reports count for reporter on video 1 abuse")
}
}
}
})
it('Should list predefined reasons as well as timestamps for the reported video', async function () {
this.timeout(10000)
const reason5 = 'my super bad reason 5'
const predefinedReasons5: AbusePredefinedReasonsString[] = [ 'violentOrRepulsive', 'captions' ]
const createdAbuse = (await reportVideoAbuse(
servers[0].url,
servers[0].accessToken,
servers[0].video.id,
reason5,
predefinedReasons5,
1,
5
)).body.abuse
const res = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
{
const abuse = (res.body.data as AdminAbuse[]).find(a => a.id === createdAbuse.id)
expect(abuse.reason).to.equals(reason5)
expect(abuse.predefinedReasons).to.deep.equals(predefinedReasons5, "predefined reasons do not match the one reported")
expect(abuse.video.startAt).to.equal(1, "starting timestamp doesn't match the one reported")
expect(abuse.video.endAt).to.equal(5, "ending timestamp doesn't match the one reported")
}
})
it('Should delete the video abuse', async function () {
this.timeout(10000)
await deleteVideoAbuse(servers[1].url, servers[1].accessToken, abuseServer2.video.uuid, abuseServer2.id)
await waitJobs(servers)
{
const res = await getVideoAbusesList({ url: servers[1].url, token: servers[1].accessToken })
expect(res.body.total).to.equal(1)
expect(res.body.data.length).to.equal(1)
expect(res.body.data[0].id).to.not.equal(abuseServer2.id)
}
{
const res = await getVideoAbusesList({ url: servers[0].url, token: servers[0].accessToken })
expect(res.body.total).to.equal(6)
}
})
it('Should list and filter video abuses', async function () {
async function list (query: Omit<Parameters<typeof getVideoAbusesList>[0], 'url' | 'token'>) {
const options = {
url: servers[0].url,
token: servers[0].accessToken
}
Object.assign(options, query)
const res = await getVideoAbusesList(options)
return res.body.data as AdminAbuse[]
}
expect(await list({ id: 56 })).to.have.lengthOf(0)
expect(await list({ id: 1 })).to.have.lengthOf(1)
expect(await list({ search: 'my super name for server 1' })).to.have.lengthOf(4)
expect(await list({ search: 'aaaaaaaaaaaaaaaaaaaaaaaaaa' })).to.have.lengthOf(0)
expect(await list({ searchVideo: 'my second super name for server 1' })).to.have.lengthOf(1)
expect(await list({ searchVideoChannel: 'root' })).to.have.lengthOf(4)
expect(await list({ searchVideoChannel: 'aaaa' })).to.have.lengthOf(0)
expect(await list({ searchReporter: 'user2' })).to.have.lengthOf(1)
expect(await list({ searchReporter: 'root' })).to.have.lengthOf(5)
expect(await list({ searchReportee: 'root' })).to.have.lengthOf(5)
expect(await list({ searchReportee: 'aaaa' })).to.have.lengthOf(0)
expect(await list({ videoIs: 'deleted' })).to.have.lengthOf(1)
expect(await list({ videoIs: 'blacklisted' })).to.have.lengthOf(0)
expect(await list({ state: AbuseState.ACCEPTED })).to.have.lengthOf(0)
expect(await list({ state: AbuseState.PENDING })).to.have.lengthOf(6)
expect(await list({ predefinedReason: 'violentOrRepulsive' })).to.have.lengthOf(1)
expect(await list({ predefinedReason: 'serverRules' })).to.have.lengthOf(0)
})
after(async function () {
await cleanupTests(servers)
})
})

1
shared/extra-utils/index.ts
View File

@ -19,7 +19,6 @@ export * from './users/accounts'
export * from './moderation/abuses' export * from './moderation/abuses'
export * from './videos/services' export * from './videos/services'
export * from './videos/live' export * from './videos/live'
export * from './videos/video-abuses'
export * from './videos/video-blacklist' export * from './videos/video-blacklist'
export * from './videos/video-captions' export * from './videos/video-captions'
export * from './videos/video-channels' export * from './videos/video-channels'

114
shared/extra-utils/videos/video-abuses.ts
View File

@ -1,114 +0,0 @@
import * as request from 'supertest'
import { AbusePredefinedReasonsString, AbuseState, AbuseUpdate, AbuseVideoIs } from '@shared/models'
import { makeDeleteRequest, makeGetRequest, makePutBodyRequest } from '../requests/requests'
// FIXME: deprecated in 2.3. Remove this file
function reportVideoAbuse (
url: string,
token: string,
videoId: number | string,
reason: string,
predefinedReasons?: AbusePredefinedReasonsString[],
startAt?: number,
endAt?: number,
specialStatus = 200
) {
const path = '/api/v1/videos/' + videoId + '/abuse'
return request(url)
.post(path)
.set('Accept', 'application/json')
.set('Authorization', 'Bearer ' + token)
.send({ reason, predefinedReasons, startAt, endAt })
.expect(specialStatus)
}
function getVideoAbusesList (options: {
url: string
token: string
id?: number
predefinedReason?: AbusePredefinedReasonsString
search?: string
state?: AbuseState
videoIs?: AbuseVideoIs
searchReporter?: string
searchReportee?: string
searchVideo?: string
searchVideoChannel?: string
}) {
const {
url,
token,
id,
predefinedReason,
search,
state,
videoIs,
searchReporter,
searchReportee,
searchVideo,
searchVideoChannel
} = options
const path = '/api/v1/videos/abuse'
const query = {
sort: 'createdAt',
id,
predefinedReason,
search,
state,
videoIs,
searchReporter,
searchReportee,
searchVideo,
searchVideoChannel
}
return makeGetRequest({
url,
path,
token,
query,
statusCodeExpected: 200
})
}
function updateVideoAbuse (
url: string,
token: string,
videoId: string | number,
videoAbuseId: number,
body: AbuseUpdate,
statusCodeExpected = 204
) {
const path = '/api/v1/videos/' + videoId + '/abuse/' + videoAbuseId
return makePutBodyRequest({
url,
token,
path,
fields: body,
statusCodeExpected
})
}
function deleteVideoAbuse (url: string, token: string, videoId: string | number, videoAbuseId: number, statusCodeExpected = 204) {
const path = '/api/v1/videos/' + videoId + '/abuse/' + videoAbuseId
return makeDeleteRequest({
url,
token,
path,
statusCodeExpected
})
}
// ---------------------------------------------------------------------------
export {
reportVideoAbuse,
getVideoAbusesList,
updateVideoAbuse,
deleteVideoAbuse
}

8
shared/models/moderation/abuse/abuse-create.model.ts
View File

@ -19,11 +19,3 @@ export interface AbuseCreate {
id: number id: number
} }
} }
// FIXME: deprecated in 2.3. Remove it
export interface VideoAbuseCreate {
reason: string
predefinedReasons?: AbusePredefinedReasonsString[]
startAt?: number
endAt?: number
}

12
shared/models/moderation/abuse/abuse.model.ts
View File

@ -60,18 +60,6 @@ export interface AdminAbuse {
countReportsForReportee?: number countReportsForReportee?: number
countMessages: number countMessages: number
// FIXME: deprecated in 2.3, remove the following properties
// @deprecated
startAt?: null
// @deprecated
endAt?: null
// @deprecated
count?: number
// @deprecated
nth?: number
} }
export type UserVideoAbuse = Omit<AdminVideoAbuse, 'countReports' | 'nthReport'> export type UserVideoAbuse = Omit<AdminVideoAbuse, 'countReports' | 'nthReport'>