[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / abuses.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { HttpStatusCode } from '@shared/core-utils'
import {
  AbusesCommand,
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination,
  cleanupTests,
  createUser,
  doubleFollow,
  flushAndRunServer,
  generateUserAccessToken,
  getVideoIdFromUUID,
  makeGetRequest,
  makePostBodyRequest,
  ServerInfo,
  setAccessTokensToServers,
  uploadVideo,
  waitJobs
} from '@shared/extra-utils'
import { AbuseCreate, AbuseState } from '@shared/models'

describe('Test abuses API validators', function () {
  const basePath = '/api/v1/abuses/'

  let server: ServerInfo

  let userToken = ''
  let userToken2 = ''
  let abuseId: number
  let messageId: number

  let command: AbusesCommand

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await flushAndRunServer(1)

    await setAccessTokensToServers([ server ])

    const username = 'user1'
    const password = 'my super password'
    await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
    userToken = await server.loginCommand.getAccessToken({ username, password })

    userToken2 = await generateUserAccessToken(server, 'user_2')

    const res = await uploadVideo(server.url, server.accessToken, {})
    server.video = res.body.video

    command = server.abusesCommand
  })

  describe('When listing abuses for admins', function () {
    const path = basePath

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, server.accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a non admin user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: userToken,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
    })

    it('Should fail with bad predefined reason', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
    })

    it('Should fail with a bad videoIs filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        predefinedReason: 'violentOrRepulsive',
        filter: 'comment',
        state: 2,
        videoIs: 'deleted'
      }

      await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When listing abuses for users', function () {
    const path = '/api/v1/users/me/abuses'

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, userToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, userToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, userToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        state: 2
      }

      await makeGetRequest({ url: server.url, path, token: userToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When reporting an abuse', function () {
    const path = basePath

    it('Should fail with nothing', async function () {
      const fields = {}
      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown video', async function () {
      const fields = { video: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a wrong comment', async function () {
      const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown comment', async function () {
      const fields = { comment: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a wrong account', async function () {
      const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown account', async function () {
      const fields = { account: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with not account, comment or video', async function () {
      const fields = { reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
      })
    })

    it('Should fail with a non authenticated user', async function () {
      const fields = { video: { id: server.video.id }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a reason too short', async function () {
      const fields = { video: { id: server.video.id }, reason: 'h' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with a too big reason', async function () {
      const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should succeed with the correct parameters (basic)', async function () {
      const fields: AbuseCreate = { video: { id: server.video.shortUUID }, reason: 'my super reason' }

      const res = await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.OK_200
      })
      abuseId = res.body.abuse.id
    })

    it('Should fail with a wrong predefined reason', async function () {
      const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with negative timestamps', async function () {
      const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail mith misordered startAt/endAt', async function () {
      const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should succeed with the corret parameters (advanced)', async function () {
      const fields: AbuseCreate = {
        video: {
          id: server.video.id,
          startAt: 1,
          endAt: 5
        },
        reason: 'my super reason',
        predefinedReasons: [ 'serverRules' ]
      }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When updating an abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad abuse id', async function () {
      await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a bad state', async function () {
      const body = { state: 5 }
      await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail with a bad moderation comment', async function () {
      const body = { moderationComment: 'b'.repeat(3001) }
      await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should succeed with the correct params', async function () {
      const body = { state: AbuseState.ACCEPTED }
      await command.update({ abuseId, body })
    })
  })

  describe('When creating an abuse message', function () {
    const message = 'my super message'

    it('Should fail with an invalid abuse id', async function () {
      await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with an invalid message', async function () {
      await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should suceed with the correct params', async function () {
      const res = await command.addMessage({ token: userToken, abuseId, message })
      messageId = res.body.abuseMessage.id
    })
  })

  describe('When listing abuse messages', function () {

    it('Should fail with an invalid abuse id', async function () {
      await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should succeed with the correct params', async function () {
      await command.listMessages({ token: userToken, abuseId })
    })
  })

  describe('When deleting an abuse message', function () {
    it('Should fail with an invalid abuse id', async function () {
      await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with an invalid message id', async function () {
      await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should succeed with the correct params', async function () {
      await command.deleteMessage({ token: userToken, abuseId, messageId })
    })
  })

  describe('When deleting a video abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad abuse id', async function () {
      await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should succeed with the correct params', async function () {
      await command.delete({ abuseId })
    })
  })

  describe('When trying to manage messages of a remote abuse', function () {
    let remoteAbuseId: number
    let anotherServer: ServerInfo

    before(async function () {
      this.timeout(50000)

      anotherServer = await flushAndRunServer(2)
      await setAccessTokensToServers([ anotherServer ])

      await doubleFollow(anotherServer, server)

      const server2VideoId = await getVideoIdFromUUID(anotherServer.url, server.video.uuid)
      await anotherServer.abusesCommand.report({ reason: 'remote server', videoId: server2VideoId })

      await waitJobs([ server, anotherServer ])

      const body = await command.getAdminList({ sort: '-createdAt' })
      remoteAbuseId = body.data[0].id
    })

    it('Should fail when listing abuse messages of a remote abuse', async function () {
      await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail when creating abuse message of a remote abuse', async function () {
      await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    after(async function () {
      await cleanupTests([ anotherServer ])
    })
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
57f6896f C	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import 'mocha'
0c1a77e9	4	import { HttpStatusCode } from '@shared/core-utils'
57f6896f	5	import {
0c1a77e9 C	6	AbusesCommand,
	7	checkBadCountPagination,
	8	checkBadSortPagination,
	9	checkBadStartPagination,
57f6896f C	10	cleanupTests,
57f6896f C	11	createUser,
94148c90	12	doubleFollow,
57f6896f	13	flushAndRunServer,
94148c90	14	generateUserAccessToken,
94148c90	15	getVideoIdFromUUID,
57f6896f C	16	makeGetRequest,
	17	makePostBodyRequest,
	18	ServerInfo,
	19	setAccessTokensToServers,
57f6896f	20	uploadVideo,
94148c90	21	waitJobs
0c1a77e9 C	22	} from '@shared/extra-utils'
0c1a77e9 C	23	import { AbuseCreate, AbuseState } from '@shared/models'
57f6896f	24
310b5219	25	describe('Test abuses API validators', function () {
57f6896f C	26	const basePath = '/api/v1/abuses/'
	27
	28	let server: ServerInfo
94148c90	29
0c1a77e9 C	30	let userToken = ''
0c1a77e9 C	31	let userToken2 = ''
57f6896f	32	let abuseId: number
edbc9325	33	let messageId: number
57f6896f	34
0c1a77e9 C	35	let command: AbusesCommand
0c1a77e9 C	36
57f6896f C	37	// ---------------------------------------------------------------
	38
	39	before(async function () {
	40	this.timeout(30000)
	41
	42	server = await flushAndRunServer(1)
	43
	44	await setAccessTokensToServers([ server ])
	45
	46	const username = 'user1'
	47	const password = 'my super password'
	48	await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
41d1d075	49	userToken = await server.loginCommand.getAccessToken({ username, password })
57f6896f	50
0c1a77e9	51	userToken2 = await generateUserAccessToken(server, 'user_2')
edbc9325	52
57f6896f C	53	const res = await uploadVideo(server.url, server.accessToken, {})
57f6896f C	54	server.video = res.body.video
0c1a77e9 C	55
0c1a77e9 C	56	command = server.abusesCommand
57f6896f C	57	})
57f6896f C	58
edbc9325	59	describe('When listing abuses for admins', function () {
57f6896f C	60	const path = basePath
	61
	62	it('Should fail with a bad start pagination', async function () {
	63	await checkBadStartPagination(server.url, path, server.accessToken)
	64	})
	65
	66	it('Should fail with a bad count pagination', async function () {
	67	await checkBadCountPagination(server.url, path, server.accessToken)
	68	})
	69
	70	it('Should fail with an incorrect sort', async function () {
	71	await checkBadSortPagination(server.url, path, server.accessToken)
	72	})
	73
	74	it('Should fail with a non authenticated user', async function () {
	75	await makeGetRequest({
	76	url: server.url,
	77	path,
2d53be02	78	statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
57f6896f C	79	})
	80	})
	81
	82	it('Should fail with a non admin user', async function () {
	83	await makeGetRequest({
	84	url: server.url,
	85	path,
0c1a77e9	86	token: userToken,
2d53be02	87	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
57f6896f C	88	})
	89	})
	90
	91	it('Should fail with a bad id filter', async function () {
	92	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
	93	})
	94
	95	it('Should fail with a bad filter', async function () {
	96	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
	97	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
	98	})
	99
	100	it('Should fail with bad predefined reason', async function () {
	101	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
	102	})
	103
	104	it('Should fail with a bad state filter', async function () {
	105	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
	106	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
	107	})
	108
	109	it('Should fail with a bad videoIs filter', async function () {
	110	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
	111	})
	112
	113	it('Should succeed with the correct params', async function () {
	114	const query = {
	115	id: 13,
	116	predefinedReason: 'violentOrRepulsive',
	117	filter: 'comment',
	118	state: 2,
	119	videoIs: 'deleted'
	120	}
	121
2d53be02	122	await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
57f6896f C	123	})
	124	})
	125
edbc9325 C	126	describe('When listing abuses for users', function () {
	127	const path = '/api/v1/users/me/abuses'
	128
	129	it('Should fail with a bad start pagination', async function () {
0c1a77e9	130	await checkBadStartPagination(server.url, path, userToken)
edbc9325 C	131	})
	132
	133	it('Should fail with a bad count pagination', async function () {
0c1a77e9	134	await checkBadCountPagination(server.url, path, userToken)
edbc9325 C	135	})
	136
	137	it('Should fail with an incorrect sort', async function () {
0c1a77e9	138	await checkBadSortPagination(server.url, path, userToken)
edbc9325 C	139	})
	140
	141	it('Should fail with a non authenticated user', async function () {
	142	await makeGetRequest({
	143	url: server.url,
	144	path,
2d53be02	145	statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
edbc9325 C	146	})
	147	})
	148
	149	it('Should fail with a bad id filter', async function () {
0c1a77e9	150	await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
edbc9325 C	151	})
	152
	153	it('Should fail with a bad state filter', async function () {
0c1a77e9 C	154	await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
0c1a77e9 C	155	await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
edbc9325 C	156	})
	157
	158	it('Should succeed with the correct params', async function () {
	159	const query = {
	160	id: 13,
	161	state: 2
	162	}
	163
0c1a77e9	164	await makeGetRequest({ url: server.url, path, token: userToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
edbc9325 C	165	})
	166	})
	167
57f6896f C	168	describe('When reporting an abuse', function () {
	169	const path = basePath
	170
	171	it('Should fail with nothing', async function () {
	172	const fields = {}
0c1a77e9	173	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	174	})
	175
	176	it('Should fail with a wrong video', async function () {
	177	const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	178	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	179	})
	180
	181	it('Should fail with an unknown video', async function () {
	182	const fields = { video: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	183	await makePostBodyRequest({
	184	url: server.url,
	185	path,
0c1a77e9	186	token: userToken,
2d53be02 RK	187	fields,
	188	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	189	})
57f6896f C	190	})
	191
	192	it('Should fail with a wrong comment', async function () {
	193	const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	194	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	195	})
	196
	197	it('Should fail with an unknown comment', async function () {
	198	const fields = { comment: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	199	await makePostBodyRequest({
	200	url: server.url,
	201	path,
0c1a77e9	202	token: userToken,
2d53be02 RK	203	fields,
	204	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	205	})
57f6896f C	206	})
	207
	208	it('Should fail with a wrong account', async function () {
	209	const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	210	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	211	})
	212
	213	it('Should fail with an unknown account', async function () {
	214	const fields = { account: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	215	await makePostBodyRequest({
	216	url: server.url,
	217	path,
0c1a77e9	218	token: userToken,
2d53be02 RK	219	fields,
	220	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	221	})
57f6896f C	222	})
	223
	224	it('Should fail with not account, comment or video', async function () {
	225	const fields = { reason: 'my super reason' }
2d53be02 RK	226	await makePostBodyRequest({
	227	url: server.url,
	228	path,
0c1a77e9	229	token: userToken,
2d53be02 RK	230	fields,
	231	statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
	232	})
57f6896f C	233	})
	234
	235	it('Should fail with a non authenticated user', async function () {
	236	const fields = { video: { id: server.video.id }, reason: 'my super reason' }
	237
2d53be02	238	await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	239	})
	240
	241	it('Should fail with a reason too short', async function () {
	242	const fields = { video: { id: server.video.id }, reason: 'h' }
	243
0c1a77e9	244	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	245	})
	246
	247	it('Should fail with a too big reason', async function () {
	248	const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
	249
0c1a77e9	250	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	251	})
	252
	253	it('Should succeed with the correct parameters (basic)', async function () {
d4a8e7a6	254	const fields: AbuseCreate = { video: { id: server.video.shortUUID }, reason: 'my super reason' }
57f6896f	255
2d53be02 RK	256	const res = await makePostBodyRequest({
	257	url: server.url,
	258	path,
0c1a77e9	259	token: userToken,
2d53be02 RK	260	fields,
	261	statusCodeExpected: HttpStatusCode.OK_200
	262	})
57f6896f C	263	abuseId = res.body.abuse.id
	264	})
	265
	266	it('Should fail with a wrong predefined reason', async function () {
	267	const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
	268
0c1a77e9	269	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	270	})
	271
	272	it('Should fail with negative timestamps', async function () {
	273	const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
	274
0c1a77e9	275	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	276	})
	277
	278	it('Should fail mith misordered startAt/endAt', async function () {
	279	const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
	280
0c1a77e9	281	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	282	})
	283
	284	it('Should succeed with the corret parameters (advanced)', async function () {
	285	const fields: AbuseCreate = {
	286	video: {
	287	id: server.video.id,
	288	startAt: 1,
	289	endAt: 5
	290	},
	291	reason: 'my super reason',
	292	predefinedReasons: [ 'serverRules' ]
	293	}
	294
0c1a77e9	295	await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
57f6896f C	296	})
	297	})
	298
	299	describe('When updating an abuse', function () {
	300
	301	it('Should fail with a non authenticated user', async function () {
0c1a77e9	302	await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	303	})
	304
	305	it('Should fail with a non admin user', async function () {
0c1a77e9	306	await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
57f6896f C	307	})
	308
	309	it('Should fail with a bad abuse id', async function () {
0c1a77e9	310	await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
57f6896f C	311	})
	312
	313	it('Should fail with a bad state', async function () {
	314	const body = { state: 5 }
0c1a77e9	315	await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
57f6896f C	316	})
	317
	318	it('Should fail with a bad moderation comment', async function () {
	319	const body = { moderationComment: 'b'.repeat(3001) }
0c1a77e9	320	await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
57f6896f C	321	})
	322
	323	it('Should succeed with the correct params', async function () {
	324	const body = { state: AbuseState.ACCEPTED }
0c1a77e9	325	await command.update({ abuseId, body })
57f6896f C	326	})
	327	})
	328
edbc9325 C	329	describe('When creating an abuse message', function () {
	330	const message = 'my super message'
	331
	332	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	333	await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	334	})
	335
	336	it('Should fail with a non authenticated user', async function () {
0c1a77e9	337	await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	338	})
	339
	340	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	341	await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	342	})
	343
	344	it('Should fail with an invalid message', async function () {
0c1a77e9	345	await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
edbc9325 C	346	})
	347
	348	it('Should suceed with the correct params', async function () {
0c1a77e9	349	const res = await command.addMessage({ token: userToken, abuseId, message })
edbc9325 C	350	messageId = res.body.abuseMessage.id
	351	})
	352	})
	353
94148c90	354	describe('When listing abuse messages', function () {
edbc9325 C	355
edbc9325 C	356	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	357	await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	358	})
	359
	360	it('Should fail with a non authenticated user', async function () {
0c1a77e9	361	await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	362	})
	363
	364	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	365	await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	366	})
	367
	368	it('Should succeed with the correct params', async function () {
0c1a77e9	369	await command.listMessages({ token: userToken, abuseId })
edbc9325 C	370	})
	371	})
	372
	373	describe('When deleting an abuse message', function () {
edbc9325	374	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	375	await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	376	})
	377
	378	it('Should fail with an invalid message id', async function () {
0c1a77e9	379	await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	380	})
	381
	382	it('Should fail with a non authenticated user', async function () {
0c1a77e9	383	await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	384	})
	385
	386	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	387	await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	388	})
	389
	390	it('Should succeed with the correct params', async function () {
0c1a77e9	391	await command.deleteMessage({ token: userToken, abuseId, messageId })
edbc9325 C	392	})
	393	})
	394
57f6896f C	395	describe('When deleting a video abuse', function () {
	396
	397	it('Should fail with a non authenticated user', async function () {
0c1a77e9	398	await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	399	})
	400
	401	it('Should fail with a non admin user', async function () {
0c1a77e9	402	await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
57f6896f C	403	})
	404
	405	it('Should fail with a bad abuse id', async function () {
0c1a77e9	406	await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
57f6896f C	407	})
	408
	409	it('Should succeed with the correct params', async function () {
0c1a77e9	410	await command.delete({ abuseId })
57f6896f C	411	})
	412	})
	413
94148c90 C	414	describe('When trying to manage messages of a remote abuse', function () {
	415	let remoteAbuseId: number
	416	let anotherServer: ServerInfo
	417
	418	before(async function () {
55a5b0fd	419	this.timeout(50000)
94148c90 C	420
	421	anotherServer = await flushAndRunServer(2)
	422	await setAccessTokensToServers([ anotherServer ])
	423
	424	await doubleFollow(anotherServer, server)
	425
	426	const server2VideoId = await getVideoIdFromUUID(anotherServer.url, server.video.uuid)
0c1a77e9	427	await anotherServer.abusesCommand.report({ reason: 'remote server', videoId: server2VideoId })
94148c90 C	428
	429	await waitJobs([ server, anotherServer ])
	430
0c1a77e9 C	431	const body = await command.getAdminList({ sort: '-createdAt' })
0c1a77e9 C	432	remoteAbuseId = body.data[0].id
94148c90 C	433	})
	434
	435	it('Should fail when listing abuse messages of a remote abuse', async function () {
0c1a77e9	436	await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
94148c90 C	437	})
	438
	439	it('Should fail when creating abuse message of a remote abuse', async function () {
0c1a77e9	440	await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
94148c90	441	})
a02b93ce C	442
	443	after(async function () {
	444	await cleanupTests([ anotherServer ])
	445	})
94148c90 C	446	})
94148c90 C	447
57f6896f C	448	after(async function () {
	449	await cleanupTests([ server ])
	450	})
	451	})