3RESIT/backend/app/middlewares/video.middleware.js

import {getClient} from "../utils/database.js";
import {body, param} from "express-validator";
import jwt from "jsonwebtoken";

export const Video = {

    id: param("id").notEmpty().isNumeric().trim(),
    title: body("title").notEmpty().isAlphanumeric("fr-FR", {'ignore': " _-"}).trim(),
    description: body("description").optional({values: "falsy"}).isAlphanumeric("fr-FR", {ignore: " -_"}).trim(),
    channel: body("channel").notEmpty().isNumeric().trim(),
    visibility: body("visibility").notEmpty().isAlpha().trim(),
    idBody: body("video").notEmpty().isNumeric().trim(),
    tags: body("tags").optional({values: "falsy"}).isArray().custom((value) => {
        if (value.length > 10) {
            throw new Error("Too many tags, maximum is 10");
        }
        return true;
    }),
}

export const VideoCreate = {
    title: body("title").notEmpty().isAlphanumeric("fr-FR", {'ignore': " _-"}).trim(),
    description: body("description").optional({values: "falsy"}).isAlphanumeric("fr-FR", {ignore: " -_"}).trim(),
    channel: body("channel").notEmpty().isNumeric().trim(),
    visibility: body("visibility").notEmpty().isAlpha().trim(),
}

export const VideoThumbnail = {
    video: body("video").notEmpty().isNumeric().trim(),
}

export async function isOwner(req, res, next) {
    const logger = req.body.logger;
    const channelId = req.body.channel;
    const token = req.headers.authorization.split(' ')[1];
    const claims = jwt.decode(token);
    const client = await getClient();
    const channelQuery = `SELECT owner FROM channels WHERE id = '${channelId}'`;
    const channelResult = await client.query(channelQuery);
    const channelInBase = channelResult.rows[0];
    if (channelInBase.owner !== claims.id) {
        logger.write("failed because user is not owner", 403);
        res.status(403).json({error: "Not authorized"});
        return
    }
    next()
}

export async function doVideoExists(req, res, next) {
    const logger = req.body.logger;
    const videoId = req.body.video;

    const client = await getClient();
    const query = `SELECT * FROM videos WHERE id = ${videoId}`;
    const result = await client.query(query);
    const videos = result.rows;
    if (videos.length === 0) {
        logger.write("failed because video not found", 404);
        res.status(404).json({error: "Not Found"});
        return
    }
    next()

}

export async function doVideoExistsParam(req, res, next) {
    const logger = req.body.logger;
    const videoId = req.params.id;

    const client = await getClient();
    const query = `SELECT * FROM videos WHERE id = ${videoId}`;
    const result = await client.query(query);
    const video = result.rows[0];
    if (!video) {
        logger.write("failed because video not found", 404);
        res.status(404).json({error: "Not Found"});
        return
    }
    next()

}