From 8b40dec395fd1ae19364ff836edc9bef70e77a52 Mon Sep 17 00:00:00 2001
From: kontrollanten <6680299+kontrollanten@users.noreply.github.com>
Date: Thu, 9 Dec 2021 23:56:49 +0100
Subject: [PATCH] REMOVE_ANY_VIDEO_CHANNEL > MANAGE_ANY_VIDEO_CHANNEL

Merge REMOVE_ANY_VIDEO_CHANNEL and MANY_VIDEO_CHANNELS to
MANAGE_ANY_VIDEO_CHANNEL.
---
 .../video-channels.component.ts               |  2 +-
 server/controllers/api/video-channel.ts       | 11 ++++----
 server/middlewares/user-right.ts              |  4 +--
 .../validators/videos/video-channels.ts       | 27 +------------------
 shared/core-utils/users/user-role.ts          |  2 +-
 shared/models/users/user-right.enum.ts        |  6 ++---
 6 files changed, 13 insertions(+), 39 deletions(-)

diff --git a/client/src/app/+video-channels/video-channels.component.ts b/client/src/app/+video-channels/video-channels.component.ts
index 1ed4f9bb7009..1a8e06795882 100644
--- a/client/src/app/+video-channels/video-channels.component.ts
+++ b/client/src/app/+video-channels/video-channels.component.ts
@@ -105,7 +105,7 @@ export class VideoChannelsComponent implements OnInit, OnDestroy {
   isManageable () {
     if (!this.isUserLoggedIn()) return false
 
-    return this.isOwner() || this.authService.getUser().hasRight(UserRight.MANAGE_VIDEO_CHANNELS)
+    return this.isOwner() || this.authService.getUser().hasRight(UserRight.MANAGE_ANY_VIDEO_CHANNEL)
   }
 
   activateCopiedMessage () {
diff --git a/server/controllers/api/video-channel.ts b/server/controllers/api/video-channel.ts
index b2916278752a..6ba132bffd4a 100644
--- a/server/controllers/api/video-channel.ts
+++ b/server/controllers/api/video-channel.ts
@@ -75,7 +75,7 @@ videoChannelRouter.post('/:nameWithHost/avatar/pick',
   authenticate,
   reqAvatarFile,
   asyncMiddleware(videoChannelsNameWithHostValidator),
-  ensureUserCanManageChannel,
+  asyncMiddleware(ensureUserCanManageChannel),
   updateAvatarValidator,
   asyncMiddleware(updateVideoChannelAvatar)
 )
@@ -84,7 +84,7 @@ videoChannelRouter.post('/:nameWithHost/banner/pick',
   authenticate,
   reqBannerFile,
   asyncMiddleware(videoChannelsNameWithHostValidator),
-  ensureUserCanManageChannel,
+  asyncMiddleware(ensureUserCanManageChannel),
   updateBannerValidator,
   asyncMiddleware(updateVideoChannelBanner)
 )
@@ -92,21 +92,21 @@ videoChannelRouter.post('/:nameWithHost/banner/pick',
 videoChannelRouter.delete('/:nameWithHost/avatar',
   authenticate,
   asyncMiddleware(videoChannelsNameWithHostValidator),
-  ensureUserCanManageChannel,
+  asyncMiddleware(ensureUserCanManageChannel),
   asyncMiddleware(deleteVideoChannelAvatar)
 )
 
 videoChannelRouter.delete('/:nameWithHost/banner',
   authenticate,
   asyncMiddleware(videoChannelsNameWithHostValidator),
-  ensureUserCanManageChannel,
+  asyncMiddleware(ensureUserCanManageChannel),
   asyncMiddleware(deleteVideoChannelBanner)
 )
 
 videoChannelRouter.put('/:nameWithHost',
   authenticate,
   asyncMiddleware(videoChannelsNameWithHostValidator),
-  ensureUserCanManageChannel,
+  asyncMiddleware(ensureUserCanManageChannel),
   videoChannelsUpdateValidator,
   asyncRetryTransactionMiddleware(updateVideoChannel)
 )
@@ -114,6 +114,7 @@ videoChannelRouter.put('/:nameWithHost',
 videoChannelRouter.delete('/:nameWithHost',
   authenticate,
   asyncMiddleware(videoChannelsRemoveValidator),
+  asyncMiddleware(ensureUserCanManageChannel),
   asyncRetryTransactionMiddleware(removeVideoChannel)
 )
 
diff --git a/server/middlewares/user-right.ts b/server/middlewares/user-right.ts
index e864d1bc54c0..aa623c837d52 100644
--- a/server/middlewares/user-right.ts
+++ b/server/middlewares/user-right.ts
@@ -20,11 +20,11 @@ function ensureUserHasRight (userRight: UserRight) {
   }
 }
 
-function ensureUserCanManageChannel (req: express.Request, res: express.Response, next: express.NextFunction) {
+async function ensureUserCanManageChannel (req: express.Request, res: express.Response, next: express.NextFunction) {
   const user = res.locals.oauth.token.user
   const isUserOwner = res.locals.videoChannel.Account.userId !== user.id
 
-  if (isUserOwner && user.hasRight(UserRight.MANAGE_VIDEO_CHANNELS) === false) {
+  if (isUserOwner && user.hasRight(UserRight.MANAGE_ANY_VIDEO_CHANNEL) === false) {
     const message = `User ${user.username} does not have right to manage channel ${req.params.nameWithHost}.`
     logger.info(message)
 
diff --git a/server/middlewares/validators/videos/video-channels.ts b/server/middlewares/validators/videos/video-channels.ts
index 001f8042ffc7..28623aec600e 100644
--- a/server/middlewares/validators/videos/video-channels.ts
+++ b/server/middlewares/validators/videos/video-channels.ts
@@ -1,7 +1,6 @@
 import express from 'express'
 import { body, param, query } from 'express-validator'
-import { MChannelAccountDefault, MUser } from '@server/types/models'
-import { UserRight } from '../../../../shared'
+import { MChannelAccountDefault } from '@server/types/models'
 import { HttpStatusCode } from '../../../../shared/models/http/http-error-codes'
 import { isBooleanValid, toBooleanOrNull } from '../../../helpers/custom-validators/misc'
 import {
@@ -79,7 +78,6 @@ const videoChannelsRemoveValidator = [
     if (areValidationErrors(req, res)) return
     if (!await doesVideoChannelNameWithHostExist(req.params.nameWithHost, res)) return
 
-    if (!checkUserCanDeleteVideoChannel(res.locals.oauth.token.User, res.locals.videoChannel, res)) return
     if (!await checkVideoChannelIsNotTheLastOne(res.locals.videoChannel, res)) return
 
     return next()
@@ -151,29 +149,6 @@ export {
 
 // ---------------------------------------------------------------------------
 
-function checkUserCanDeleteVideoChannel (user: MUser, videoChannel: MChannelAccountDefault, res: express.Response) {
-  if (videoChannel.Actor.isOwned() === false) {
-    res.fail({
-      status: HttpStatusCode.FORBIDDEN_403,
-      message: 'Cannot remove video channel of another server.'
-    })
-    return false
-  }
-
-  // Check if the user can delete the video channel
-  // The user can delete it if s/he is an admin
-  // Or if s/he is the video channel's account
-  if (user.hasRight(UserRight.REMOVE_ANY_VIDEO_CHANNEL) === false && videoChannel.Account.userId !== user.id) {
-    res.fail({
-      status: HttpStatusCode.FORBIDDEN_403,
-      message: 'Cannot remove video channel of another user'
-    })
-    return false
-  }
-
-  return true
-}
-
 async function checkVideoChannelIsNotTheLastOne (videoChannel: MChannelAccountDefault, res: express.Response) {
   const count = await VideoChannelModel.countByAccount(videoChannel.Account.id)
 
diff --git a/shared/core-utils/users/user-role.ts b/shared/core-utils/users/user-role.ts
index 81cba1dad0fc..cc757d779e91 100644
--- a/shared/core-utils/users/user-role.ts
+++ b/shared/core-utils/users/user-role.ts
@@ -14,8 +14,8 @@ const userRoleRights: { [ id in UserRole ]: UserRight[] } = {
   [UserRole.MODERATOR]: [
     UserRight.MANAGE_VIDEO_BLACKLIST,
     UserRight.MANAGE_ABUSES,
+    UserRight.MANAGE_ANY_VIDEO_CHANNEL,
     UserRight.REMOVE_ANY_VIDEO,
-    UserRight.REMOVE_ANY_VIDEO_CHANNEL,
     UserRight.REMOVE_ANY_VIDEO_PLAYLIST,
     UserRight.REMOVE_ANY_VIDEO_COMMENT,
     UserRight.UPDATE_ANY_VIDEO,
diff --git a/shared/models/users/user-right.enum.ts b/shared/models/users/user-right.enum.ts
index b35345ec9627..668535f4eb86 100644
--- a/shared/models/users/user-right.enum.ts
+++ b/shared/models/users/user-right.enum.ts
@@ -22,9 +22,9 @@ export const enum UserRight {
   MANAGE_SERVERS_BLOCKLIST,
 
   MANAGE_VIDEO_BLACKLIST,
+  MANAGE_ANY_VIDEO_CHANNEL,
 
   REMOVE_ANY_VIDEO,
-  REMOVE_ANY_VIDEO_CHANNEL,
   REMOVE_ANY_VIDEO_PLAYLIST,
   REMOVE_ANY_VIDEO_COMMENT,
 
@@ -41,7 +41,5 @@ export const enum UserRight {
   MANAGE_VIDEOS_REDUNDANCIES,
 
   MANAGE_VIDEO_FILES,
-  RUN_VIDEO_TRANSCODING,
-
-  MANAGE_VIDEO_CHANNELS
+  RUN_VIDEO_TRANSCODING
 }