From 451539c4f885351eb83b8e95b4f7a6873553fc80 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 11 Mar 2024 02:18:00 -0400 Subject: [PATCH 1/8] add voteSchema to OttApiRequestVote --- common/models/rest-api.ts | 4 ++-- common/models/zod-schemas.ts | 11 +++++++++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/common/models/rest-api.ts b/common/models/rest-api.ts index 3c9fbcd19..d37d45032 100644 --- a/common/models/rest-api.ts +++ b/common/models/rest-api.ts @@ -3,7 +3,7 @@ import { ServerMessageEvent } from "./messages"; import { BehaviorOption, QueueMode, RoomSettings, RoomUserInfo, Visibility } from "./types"; import { QueueItem, Video, VideoId } from "./video"; import type { Category } from "sponsorblock-api"; -import { createRoomSchema } from "./zod-schemas"; +import { createRoomSchema, voteSchema } from "./zod-schemas"; import { z } from "zod"; export type OttResponseBody = @@ -83,7 +83,7 @@ export type OttApiResponseAddPreview = { result: Video[]; }; -export interface OttApiRequestVote extends VideoId {} +export type OttApiRequestVote = z.infer; export type OttApiRequestAccountRecoveryStart = { email?: string; diff --git a/common/models/zod-schemas.ts b/common/models/zod-schemas.ts index cb922948c..d5610e98f 100644 --- a/common/models/zod-schemas.ts +++ b/common/models/zod-schemas.ts @@ -1,6 +1,7 @@ -import { ROOM_NAME_REGEX } from "ott-common/constants"; +import { ALL_VIDEO_SERVICES, ROOM_NAME_REGEX } from "ott-common/constants"; import { Visibility, QueueMode } from "ott-common/models/types"; -import { z } from "zod"; +import { VideoService } from "./video"; +import { string, z } from "zod"; // These strings are not allowed to be used as room names. const RESERVED_ROOM_NAMES = ["list", "create", "generate"]; @@ -18,3 +19,9 @@ export const createRoomSchema = z.object({ visibility: z.nativeEnum(Visibility).default(Visibility.Public).optional(), queueMode: z.nativeEnum(QueueMode).optional(), }); + +export const voteSchema = z.object({ + service: z.enum(ALL_VIDEO_SERVICES), + id: z.string(), + token: z.string(), +}); From c8eea801f766a4fc85b4e84dd245688eaf1ee935 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 11 Mar 2024 02:18:14 -0400 Subject: [PATCH 2/8] add voteSchema validation to addVote API endpoint --- server/api/room.ts | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/server/api/room.ts b/server/api/room.ts index 0576a216f..a44b82278 100644 --- a/server/api/room.ts +++ b/server/api/room.ts @@ -32,7 +32,7 @@ import { getApiKey } from "../admin"; import { v4 as uuidv4 } from "uuid"; import { counterHttpErrors } from "../metrics"; import { conf } from "../ott-config"; -import { createRoomSchema } from "ott-common/models/zod-schemas"; +import { createRoomSchema, voteSchema } from "ott-common/models/zod-schemas"; import { ZodError } from "zod"; import { fromZodError } from "zod-validation-error"; @@ -304,17 +304,9 @@ const undoEvent: RequestHandler<{ name: string }> = async (req, res) => { }; const addVote: RequestHandler<{ name: string }, unknown, OttApiRequestVote> = async (req, res) => { - if (!req.token) { - throw new OttException("Missing token"); - } - if (!req.body.service) { - throw new BadApiArgumentException("service", "missing"); - } - if (!req.body.id) { - throw new BadApiArgumentException("id", "missing"); - } + const body = voteSchema.parse(req.body); - const client = clientmanager.getClientByToken(req.token, req.params.name); + const client = clientmanager.getClientByToken(body.token, req.params.name); await clientmanager.makeRoomRequest(client, { type: RoomRequestType.VoteRequest, video: { service: req.body.service, id: req.body.id }, From 234b7b590ef13c032d9f3a3f72aff4d71f88dd60 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 11 Mar 2024 02:19:05 -0400 Subject: [PATCH 3/8] add voteSchema validation to removeVote API endpoint --- server/api/room.ts | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/server/api/room.ts b/server/api/room.ts index a44b82278..bc49d9493 100644 --- a/server/api/room.ts +++ b/server/api/room.ts @@ -321,17 +321,8 @@ const removeVote: RequestHandler<{ name: string }, unknown, OttApiRequestVote> = req, res ) => { - if (!req.token) { - throw new OttException("Missing token"); - } - if (!req.body.service) { - throw new BadApiArgumentException("service", "missing"); - } - if (!req.body.id) { - throw new BadApiArgumentException("id", "missing"); - } - - const client = clientmanager.getClientByToken(req.token, req.params.name); + const body = voteSchema.parse(req.body); + const client = clientmanager.getClientByToken(body.token, req.params.name); await clientmanager.makeRoomRequest(client, { type: RoomRequestType.VoteRequest, video: { service: req.body.service, id: req.body.id }, From 1a2b46b97778532103577c2c2fdc67418ddab868 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 11 Mar 2024 09:09:35 -0400 Subject: [PATCH 4/8] made requested changes --- common/models/zod-schemas.ts | 7 +++++-- server/api/room.ts | 13 +++++++++++-- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/common/models/zod-schemas.ts b/common/models/zod-schemas.ts index d5610e98f..f70b16de8 100644 --- a/common/models/zod-schemas.ts +++ b/common/models/zod-schemas.ts @@ -20,8 +20,11 @@ export const createRoomSchema = z.object({ queueMode: z.nativeEnum(QueueMode).optional(), }); -export const voteSchema = z.object({ +const VideoIdSchema = z.object({ service: z.enum(ALL_VIDEO_SERVICES), id: z.string(), - token: z.string(), +}); + +export const voteSchema = z.object({ + ...VideoIdSchema.shape, }); diff --git a/server/api/room.ts b/server/api/room.ts index bc49d9493..4f50ab693 100644 --- a/server/api/room.ts +++ b/server/api/room.ts @@ -306,7 +306,11 @@ const undoEvent: RequestHandler<{ name: string }> = async (req, res) => { const addVote: RequestHandler<{ name: string }, unknown, OttApiRequestVote> = async (req, res) => { const body = voteSchema.parse(req.body); - const client = clientmanager.getClientByToken(body.token, req.params.name); + if (!req.token) { + throw new OttException("Missing token"); + } + + const client = clientmanager.getClientByToken(req.token, req.params.name); await clientmanager.makeRoomRequest(client, { type: RoomRequestType.VoteRequest, video: { service: req.body.service, id: req.body.id }, @@ -322,7 +326,12 @@ const removeVote: RequestHandler<{ name: string }, unknown, OttApiRequestVote> = res ) => { const body = voteSchema.parse(req.body); - const client = clientmanager.getClientByToken(body.token, req.params.name); + + if (!req.token) { + throw new OttException("Missing token"); + } + + const client = clientmanager.getClientByToken(req.token, req.params.name); await clientmanager.makeRoomRequest(client, { type: RoomRequestType.VoteRequest, video: { service: req.body.service, id: req.body.id }, From 181a14b9e377f52173f944ff68b2876eb32c73fb Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 11 Mar 2024 09:14:25 -0400 Subject: [PATCH 5/8] update naming convention --- common/models/rest-api.ts | 6 +++--- common/models/zod-schemas.ts | 4 ++-- server/api/room.ts | 8 ++++---- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/common/models/rest-api.ts b/common/models/rest-api.ts index d37d45032..f43868247 100644 --- a/common/models/rest-api.ts +++ b/common/models/rest-api.ts @@ -3,7 +3,7 @@ import { ServerMessageEvent } from "./messages"; import { BehaviorOption, QueueMode, RoomSettings, RoomUserInfo, Visibility } from "./types"; import { QueueItem, Video, VideoId } from "./video"; import type { Category } from "sponsorblock-api"; -import { createRoomSchema, voteSchema } from "./zod-schemas"; +import { OttApiRequestRoomCreateSchema, OttApiRequestVoteSchema } from "./zod-schemas"; import { z } from "zod"; export type OttResponseBody = @@ -35,7 +35,7 @@ export interface OttApiResponseRoomGenerate { } /** Endpoint: `/api/room/create` */ -export type OttApiRequestRoomCreate = z.infer; +export type OttApiRequestRoomCreate = z.infer; /** Endpoint: `/api/room/create` */ export interface OttApiResponseRoomCreate {} @@ -83,7 +83,7 @@ export type OttApiResponseAddPreview = { result: Video[]; }; -export type OttApiRequestVote = z.infer; +export type OttApiRequestVote = z.infer; export type OttApiRequestAccountRecoveryStart = { email?: string; diff --git a/common/models/zod-schemas.ts b/common/models/zod-schemas.ts index f70b16de8..0486373d9 100644 --- a/common/models/zod-schemas.ts +++ b/common/models/zod-schemas.ts @@ -6,7 +6,7 @@ import { string, z } from "zod"; // These strings are not allowed to be used as room names. const RESERVED_ROOM_NAMES = ["list", "create", "generate"]; -export const createRoomSchema = z.object({ +export const OttApiRequestRoomCreateSchema = z.object({ name: z .string() .min(3, "too short, must be atleast 3 characters") @@ -25,6 +25,6 @@ const VideoIdSchema = z.object({ id: z.string(), }); -export const voteSchema = z.object({ +export const OttApiRequestVoteSchema = z.object({ ...VideoIdSchema.shape, }); diff --git a/server/api/room.ts b/server/api/room.ts index 4f50ab693..5e6a9ee67 100644 --- a/server/api/room.ts +++ b/server/api/room.ts @@ -32,7 +32,7 @@ import { getApiKey } from "../admin"; import { v4 as uuidv4 } from "uuid"; import { counterHttpErrors } from "../metrics"; import { conf } from "../ott-config"; -import { createRoomSchema, voteSchema } from "ott-common/models/zod-schemas"; +import { OttApiRequestRoomCreateSchema, OttApiRequestVoteSchema } from "ott-common/models/zod-schemas"; import { ZodError } from "zod"; import { fromZodError } from "zod-validation-error"; @@ -119,7 +119,7 @@ const createRoom: RequestHandler< OttResponseBody, OttApiRequestRoomCreate > = async (req, res) => { - const body = createRoomSchema.parse(req.body); + const body = OttApiRequestRoomCreateSchema.parse(req.body); if (body.isTemporary && !conf.get("room.enable_create_temporary")) { throw new FeatureDisabledException("Temporary rooms are disabled."); @@ -304,7 +304,7 @@ const undoEvent: RequestHandler<{ name: string }> = async (req, res) => { }; const addVote: RequestHandler<{ name: string }, unknown, OttApiRequestVote> = async (req, res) => { - const body = voteSchema.parse(req.body); + const body = OttApiRequestVoteSchema.parse(req.body); if (!req.token) { throw new OttException("Missing token"); @@ -325,7 +325,7 @@ const removeVote: RequestHandler<{ name: string }, unknown, OttApiRequestVote> = req, res ) => { - const body = voteSchema.parse(req.body); + const body = OttApiRequestVoteSchema.parse(req.body); if (!req.token) { throw new OttException("Missing token"); From 9236c3ed9c10fbf50593434889113c71abfd8699 Mon Sep 17 00:00:00 2001 From: Victor Date: Mon, 11 Mar 2024 09:20:39 -0400 Subject: [PATCH 6/8] fix lint --- server/api/room.ts | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/server/api/room.ts b/server/api/room.ts index 5e6a9ee67..479ac3585 100644 --- a/server/api/room.ts +++ b/server/api/room.ts @@ -32,7 +32,10 @@ import { getApiKey } from "../admin"; import { v4 as uuidv4 } from "uuid"; import { counterHttpErrors } from "../metrics"; import { conf } from "../ott-config"; -import { OttApiRequestRoomCreateSchema, OttApiRequestVoteSchema } from "ott-common/models/zod-schemas"; +import { + OttApiRequestRoomCreateSchema, + OttApiRequestVoteSchema, +} from "ott-common/models/zod-schemas"; import { ZodError } from "zod"; import { fromZodError } from "zod-validation-error"; From 45aa2884353d4ad684517945286c115a4f99fc82 Mon Sep 17 00:00:00 2001 From: Victor Giraldo Date: Tue, 12 Mar 2024 12:55:36 -0400 Subject: [PATCH 7/8] use body in makeRoomRequest calls --- server/api/room.ts | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/server/api/room.ts b/server/api/room.ts index 479ac3585..697f3144e 100644 --- a/server/api/room.ts +++ b/server/api/room.ts @@ -145,8 +145,7 @@ const createRoom: RequestHandler< await roommanager.createRoom(body); } log.info( - `${body.isTemporary ? "Temporary" : "Permanent"} room created: name=${body.name} ip=${ - req.ip + `${body.isTemporary ? "Temporary" : "Permanent"} room created: name=${body.name} ip=${req.ip } user-agent=${req.headers["user-agent"]}` ); res.status(201).json({ @@ -316,7 +315,7 @@ const addVote: RequestHandler<{ name: string }, unknown, OttApiRequestVote> = as const client = clientmanager.getClientByToken(req.token, req.params.name); await clientmanager.makeRoomRequest(client, { type: RoomRequestType.VoteRequest, - video: { service: req.body.service, id: req.body.id }, + video: { service: body.service, id: body.id }, add: true, }); res.json({ @@ -337,7 +336,7 @@ const removeVote: RequestHandler<{ name: string }, unknown, OttApiRequestVote> = const client = clientmanager.getClientByToken(req.token, req.params.name); await clientmanager.makeRoomRequest(client, { type: RoomRequestType.VoteRequest, - video: { service: req.body.service, id: req.body.id }, + video: { service: body.service, id: body.id }, add: false, }); res.json({ From fb79baca7cacbaa85a1b37429f7b8a42521a2913 Mon Sep 17 00:00:00 2001 From: Victor Giraldo Date: Tue, 12 Mar 2024 12:56:44 -0400 Subject: [PATCH 8/8] fix lint --- server/api/room.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/server/api/room.ts b/server/api/room.ts index 697f3144e..9915ca9f6 100644 --- a/server/api/room.ts +++ b/server/api/room.ts @@ -145,7 +145,8 @@ const createRoom: RequestHandler< await roommanager.createRoom(body); } log.info( - `${body.isTemporary ? "Temporary" : "Permanent"} room created: name=${body.name} ip=${req.ip + `${body.isTemporary ? "Temporary" : "Permanent"} room created: name=${body.name} ip=${ + req.ip } user-agent=${req.headers["user-agent"]}` ); res.status(201).json({