[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / abuses.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { AbuseCreate, AbuseState } from '@shared/models'
import {
  addAbuseMessage,
  cleanupTests,
  createUser,
  deleteAbuse,
  deleteAbuseMessage,
  doubleFollow,
  flushAndRunServer,
  generateUserAccessToken,
  getAdminAbusesList,
  getVideoIdFromUUID,
  listAbuseMessages,
  makeGetRequest,
  makePostBodyRequest,
  reportAbuse,
  ServerInfo,
  setAccessTokensToServers,
  updateAbuse,
  uploadVideo,
  userLogin,
  waitJobs
} from '../../../../shared/extra-utils'
import {
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination
} from '../../../../shared/extra-utils/requests/check-api-params'
import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'

describe('Test abuses API validators', function () {
  const basePath = '/api/v1/abuses/'

  let server: ServerInfo

  let userAccessToken = ''
  let userAccessToken2 = ''
  let abuseId: number
  let messageId: number

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await flushAndRunServer(1)

    await setAccessTokensToServers([ server ])

    const username = 'user1'
    const password = 'my super password'
    await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
    userAccessToken = await userLogin(server, { username, password })

    {
      userAccessToken2 = await generateUserAccessToken(server, 'user_2')
    }

    const res = await uploadVideo(server.url, server.accessToken, {})
    server.video = res.body.video
  })

  describe('When listing abuses for admins', function () {
    const path = basePath

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, server.accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a non admin user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: userAccessToken,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
    })

    it('Should fail with bad predefined reason', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
    })

    it('Should fail with a bad videoIs filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        predefinedReason: 'violentOrRepulsive',
        filter: 'comment',
        state: 2,
        videoIs: 'deleted'
      }

      await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When listing abuses for users', function () {
    const path = '/api/v1/users/me/abuses'

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, userAccessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, userAccessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, userAccessToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { state: 0 } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        state: 2
      }

      await makeGetRequest({ url: server.url, path, token: userAccessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When reporting an abuse', function () {
    const path = basePath

    it('Should fail with nothing', async function () {
      const fields = {}
      await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields })
    })

    it('Should fail with an unknown video', async function () {
      const fields = { video: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userAccessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a wrong comment', async function () {
      const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields })
    })

    it('Should fail with an unknown comment', async function () {
      const fields = { comment: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userAccessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a wrong account', async function () {
      const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields })
    })

    it('Should fail with an unknown account', async function () {
      const fields = { account: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userAccessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with not account, comment or video', async function () {
      const fields = { reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userAccessToken,
        fields,
        statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
      })
    })

    it('Should fail with a non authenticated user', async function () {
      const fields = { video: { id: server.video.id }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a reason too short', async function () {
      const fields = { video: { id: server.video.id }, reason: 'h' }

      await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
    })

    it('Should fail with a too big reason', async function () {
      const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }

      await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
    })

    it('Should succeed with the correct parameters (basic)', async function () {
      const fields: AbuseCreate = { video: { id: server.video.shortUUID }, reason: 'my super reason' }

      const res = await makePostBodyRequest({
        url: server.url,
        path,
        token: userAccessToken,
        fields,
        statusCodeExpected: HttpStatusCode.OK_200
      })
      abuseId = res.body.abuse.id
    })

    it('Should fail with a wrong predefined reason', async function () {
      const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }

      await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
    })

    it('Should fail with negative timestamps', async function () {
      const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
    })

    it('Should fail mith misordered startAt/endAt', async function () {
      const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
    })

    it('Should succeed with the corret parameters (advanced)', async function () {
      const fields: AbuseCreate = {
        video: {
          id: server.video.id,
          startAt: 1,
          endAt: 5
        },
        reason: 'my super reason',
        predefinedReasons: [ 'serverRules' ]
      }

      await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When updating an abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await updateAbuse(server.url, 'blabla', abuseId, {}, HttpStatusCode.UNAUTHORIZED_401)
    })

    it('Should fail with a non admin user', async function () {
      await updateAbuse(server.url, userAccessToken, abuseId, {}, HttpStatusCode.FORBIDDEN_403)
    })

    it('Should fail with a bad abuse id', async function () {
      await updateAbuse(server.url, server.accessToken, 45, {}, HttpStatusCode.NOT_FOUND_404)
    })

    it('Should fail with a bad state', async function () {
      const body = { state: 5 }
      await updateAbuse(server.url, server.accessToken, abuseId, body, HttpStatusCode.BAD_REQUEST_400)
    })

    it('Should fail with a bad moderation comment', async function () {
      const body = { moderationComment: 'b'.repeat(3001) }
      await updateAbuse(server.url, server.accessToken, abuseId, body, HttpStatusCode.BAD_REQUEST_400)
    })

    it('Should succeed with the correct params', async function () {
      const body = { state: AbuseState.ACCEPTED }
      await updateAbuse(server.url, server.accessToken, abuseId, body)
    })
  })

  describe('When creating an abuse message', function () {
    const message = 'my super message'

    it('Should fail with an invalid abuse id', async function () {
      await addAbuseMessage(server.url, userAccessToken2, 888, message, HttpStatusCode.NOT_FOUND_404)
    })

    it('Should fail with a non authenticated user', async function () {
      await addAbuseMessage(server.url, 'fake_token', abuseId, message, HttpStatusCode.UNAUTHORIZED_401)
    })

    it('Should fail with an invalid logged in user', async function () {
      await addAbuseMessage(server.url, userAccessToken2, abuseId, message, HttpStatusCode.FORBIDDEN_403)
    })

    it('Should fail with an invalid message', async function () {
      await addAbuseMessage(server.url, userAccessToken, abuseId, 'a'.repeat(5000), HttpStatusCode.BAD_REQUEST_400)
    })

    it('Should suceed with the correct params', async function () {
      const res = await addAbuseMessage(server.url, userAccessToken, abuseId, message)
      messageId = res.body.abuseMessage.id
    })
  })

  describe('When listing abuse messages', function () {

    it('Should fail with an invalid abuse id', async function () {
      await listAbuseMessages(server.url, userAccessToken, 888, HttpStatusCode.NOT_FOUND_404)
    })

    it('Should fail with a non authenticated user', async function () {
      await listAbuseMessages(server.url, 'fake_token', abuseId, HttpStatusCode.UNAUTHORIZED_401)
    })

    it('Should fail with an invalid logged in user', async function () {
      await listAbuseMessages(server.url, userAccessToken2, abuseId, HttpStatusCode.FORBIDDEN_403)
    })

    it('Should succeed with the correct params', async function () {
      await listAbuseMessages(server.url, userAccessToken, abuseId)
    })
  })

  describe('When deleting an abuse message', function () {

    it('Should fail with an invalid abuse id', async function () {
      await deleteAbuseMessage(server.url, userAccessToken, 888, messageId, HttpStatusCode.NOT_FOUND_404)
    })

    it('Should fail with an invalid message id', async function () {
      await deleteAbuseMessage(server.url, userAccessToken, abuseId, 888, HttpStatusCode.NOT_FOUND_404)
    })

    it('Should fail with a non authenticated user', async function () {
      await deleteAbuseMessage(server.url, 'fake_token', abuseId, messageId, HttpStatusCode.UNAUTHORIZED_401)
    })

    it('Should fail with an invalid logged in user', async function () {
      await deleteAbuseMessage(server.url, userAccessToken2, abuseId, messageId, HttpStatusCode.FORBIDDEN_403)
    })

    it('Should succeed with the correct params', async function () {
      await deleteAbuseMessage(server.url, userAccessToken, abuseId, messageId)
    })
  })

  describe('When deleting a video abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await deleteAbuse(server.url, 'blabla', abuseId, HttpStatusCode.UNAUTHORIZED_401)
    })

    it('Should fail with a non admin user', async function () {
      await deleteAbuse(server.url, userAccessToken, abuseId, HttpStatusCode.FORBIDDEN_403)
    })

    it('Should fail with a bad abuse id', async function () {
      await deleteAbuse(server.url, server.accessToken, 45, HttpStatusCode.NOT_FOUND_404)
    })

    it('Should succeed with the correct params', async function () {
      await deleteAbuse(server.url, server.accessToken, abuseId)
    })
  })

  describe('When trying to manage messages of a remote abuse', function () {
    let remoteAbuseId: number
    let anotherServer: ServerInfo

    before(async function () {
      this.timeout(50000)

      anotherServer = await flushAndRunServer(2)
      await setAccessTokensToServers([ anotherServer ])

      await doubleFollow(anotherServer, server)

      const server2VideoId = await getVideoIdFromUUID(anotherServer.url, server.video.uuid)
      await reportAbuse({
        url: anotherServer.url,
        token: anotherServer.accessToken,
        reason: 'remote server',
        videoId: server2VideoId
      })

      await waitJobs([ server, anotherServer ])

      const res = await getAdminAbusesList({ url: server.url, token: server.accessToken, sort: '-createdAt' })
      remoteAbuseId = res.body.data[0].id
    })

    it('Should fail when listing abuse messages of a remote abuse', async function () {
      await listAbuseMessages(server.url, server.accessToken, remoteAbuseId, HttpStatusCode.BAD_REQUEST_400)
    })

    it('Should fail when creating abuse message of a remote abuse', async function () {
      await addAbuseMessage(server.url, server.accessToken, remoteAbuseId, 'message', HttpStatusCode.BAD_REQUEST_400)
    })

    after(async function () {
      await cleanupTests([ anotherServer ])
    })
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
57f6896f C	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import 'mocha'
	4	import { AbuseCreate, AbuseState } from '@shared/models'
	5	import {
94148c90	6	addAbuseMessage,
57f6896f C	7	cleanupTests,
	8	createUser,
	9	deleteAbuse,
94148c90 C	10	deleteAbuseMessage,
94148c90 C	11	doubleFollow,
57f6896f	12	flushAndRunServer,
94148c90 C	13	generateUserAccessToken,
	14	getAdminAbusesList,
	15	getVideoIdFromUUID,
	16	listAbuseMessages,
57f6896f C	17	makeGetRequest,
57f6896f C	18	makePostBodyRequest,
94148c90	19	reportAbuse,
57f6896f C	20	ServerInfo,
	21	setAccessTokensToServers,
	22	updateAbuse,
	23	uploadVideo,
edbc9325	24	userLogin,
94148c90	25	waitJobs
57f6896f C	26	} from '../../../../shared/extra-utils'
	27	import {
	28	checkBadCountPagination,
	29	checkBadSortPagination,
	30	checkBadStartPagination
	31	} from '../../../../shared/extra-utils/requests/check-api-params'
2d53be02	32	import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
57f6896f	33
310b5219	34	describe('Test abuses API validators', function () {
57f6896f C	35	const basePath = '/api/v1/abuses/'
	36
	37	let server: ServerInfo
94148c90	38
57f6896f	39	let userAccessToken = ''
edbc9325	40	let userAccessToken2 = ''
57f6896f	41	let abuseId: number
edbc9325	42	let messageId: number
57f6896f C	43
	44	// ---------------------------------------------------------------
	45
	46	before(async function () {
	47	this.timeout(30000)
	48
	49	server = await flushAndRunServer(1)
	50
	51	await setAccessTokensToServers([ server ])
	52
	53	const username = 'user1'
	54	const password = 'my super password'
	55	await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
	56	userAccessToken = await userLogin(server, { username, password })
	57
edbc9325 C	58	{
	59	userAccessToken2 = await generateUserAccessToken(server, 'user_2')
	60	}
	61
57f6896f C	62	const res = await uploadVideo(server.url, server.accessToken, {})
	63	server.video = res.body.video
	64	})
	65
edbc9325	66	describe('When listing abuses for admins', function () {
57f6896f C	67	const path = basePath
	68
	69	it('Should fail with a bad start pagination', async function () {
	70	await checkBadStartPagination(server.url, path, server.accessToken)
	71	})
	72
	73	it('Should fail with a bad count pagination', async function () {
	74	await checkBadCountPagination(server.url, path, server.accessToken)
	75	})
	76
	77	it('Should fail with an incorrect sort', async function () {
	78	await checkBadSortPagination(server.url, path, server.accessToken)
	79	})
	80
	81	it('Should fail with a non authenticated user', async function () {
	82	await makeGetRequest({
	83	url: server.url,
	84	path,
2d53be02	85	statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
57f6896f C	86	})
	87	})
	88
	89	it('Should fail with a non admin user', async function () {
	90	await makeGetRequest({
	91	url: server.url,
	92	path,
	93	token: userAccessToken,
2d53be02	94	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
57f6896f C	95	})
	96	})
	97
	98	it('Should fail with a bad id filter', async function () {
	99	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
	100	})
	101
	102	it('Should fail with a bad filter', async function () {
	103	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
	104	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
	105	})
	106
	107	it('Should fail with bad predefined reason', async function () {
	108	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
	109	})
	110
	111	it('Should fail with a bad state filter', async function () {
	112	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
	113	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
	114	})
	115
	116	it('Should fail with a bad videoIs filter', async function () {
	117	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
	118	})
	119
	120	it('Should succeed with the correct params', async function () {
	121	const query = {
	122	id: 13,
	123	predefinedReason: 'violentOrRepulsive',
	124	filter: 'comment',
	125	state: 2,
	126	videoIs: 'deleted'
	127	}
	128
2d53be02	129	await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
57f6896f C	130	})
	131	})
	132
edbc9325 C	133	describe('When listing abuses for users', function () {
	134	const path = '/api/v1/users/me/abuses'
	135
	136	it('Should fail with a bad start pagination', async function () {
	137	await checkBadStartPagination(server.url, path, userAccessToken)
	138	})
	139
	140	it('Should fail with a bad count pagination', async function () {
	141	await checkBadCountPagination(server.url, path, userAccessToken)
	142	})
	143
	144	it('Should fail with an incorrect sort', async function () {
	145	await checkBadSortPagination(server.url, path, userAccessToken)
	146	})
	147
	148	it('Should fail with a non authenticated user', async function () {
	149	await makeGetRequest({
	150	url: server.url,
	151	path,
2d53be02	152	statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
edbc9325 C	153	})
	154	})
	155
	156	it('Should fail with a bad id filter', async function () {
	157	await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { id: 'toto' } })
	158	})
	159
	160	it('Should fail with a bad state filter', async function () {
	161	await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { state: 'toto' } })
	162	await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { state: 0 } })
	163	})
	164
	165	it('Should succeed with the correct params', async function () {
	166	const query = {
	167	id: 13,
	168	state: 2
	169	}
	170
2d53be02	171	await makeGetRequest({ url: server.url, path, token: userAccessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
edbc9325 C	172	})
	173	})
	174
57f6896f C	175	describe('When reporting an abuse', function () {
	176	const path = basePath
	177
	178	it('Should fail with nothing', async function () {
	179	const fields = {}
edbc9325	180	await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
57f6896f C	181	})
	182
	183	it('Should fail with a wrong video', async function () {
	184	const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
edbc9325	185	await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields })
57f6896f C	186	})
	187
	188	it('Should fail with an unknown video', async function () {
	189	const fields = { video: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	190	await makePostBodyRequest({
	191	url: server.url,
	192	path,
	193	token: userAccessToken,
	194	fields,
	195	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	196	})
57f6896f C	197	})
	198
	199	it('Should fail with a wrong comment', async function () {
	200	const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
edbc9325	201	await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields })
57f6896f C	202	})
	203
	204	it('Should fail with an unknown comment', async function () {
	205	const fields = { comment: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	206	await makePostBodyRequest({
	207	url: server.url,
	208	path,
	209	token: userAccessToken,
	210	fields,
	211	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	212	})
57f6896f C	213	})
	214
	215	it('Should fail with a wrong account', async function () {
	216	const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
edbc9325	217	await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields })
57f6896f C	218	})
	219
	220	it('Should fail with an unknown account', async function () {
	221	const fields = { account: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	222	await makePostBodyRequest({
	223	url: server.url,
	224	path,
	225	token: userAccessToken,
	226	fields,
	227	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	228	})
57f6896f C	229	})
	230
	231	it('Should fail with not account, comment or video', async function () {
	232	const fields = { reason: 'my super reason' }
2d53be02 RK	233	await makePostBodyRequest({
	234	url: server.url,
	235	path,
	236	token: userAccessToken,
	237	fields,
	238	statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
	239	})
57f6896f C	240	})
	241
	242	it('Should fail with a non authenticated user', async function () {
	243	const fields = { video: { id: server.video.id }, reason: 'my super reason' }
	244
2d53be02	245	await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	246	})
	247
	248	it('Should fail with a reason too short', async function () {
	249	const fields = { video: { id: server.video.id }, reason: 'h' }
	250
edbc9325	251	await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
57f6896f C	252	})
	253
	254	it('Should fail with a too big reason', async function () {
	255	const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
	256
edbc9325	257	await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
57f6896f C	258	})
	259
	260	it('Should succeed with the correct parameters (basic)', async function () {
d4a8e7a6	261	const fields: AbuseCreate = { video: { id: server.video.shortUUID }, reason: 'my super reason' }
57f6896f	262
2d53be02 RK	263	const res = await makePostBodyRequest({
	264	url: server.url,
	265	path,
	266	token: userAccessToken,
	267	fields,
	268	statusCodeExpected: HttpStatusCode.OK_200
	269	})
57f6896f C	270	abuseId = res.body.abuse.id
	271	})
	272
	273	it('Should fail with a wrong predefined reason', async function () {
	274	const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
	275
edbc9325	276	await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
57f6896f C	277	})
	278
	279	it('Should fail with negative timestamps', async function () {
	280	const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
	281
edbc9325	282	await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
57f6896f C	283	})
	284
	285	it('Should fail mith misordered startAt/endAt', async function () {
	286	const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
	287
edbc9325	288	await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
57f6896f C	289	})
	290
	291	it('Should succeed with the corret parameters (advanced)', async function () {
	292	const fields: AbuseCreate = {
	293	video: {
	294	id: server.video.id,
	295	startAt: 1,
	296	endAt: 5
	297	},
	298	reason: 'my super reason',
	299	predefinedReasons: [ 'serverRules' ]
	300	}
	301
2d53be02	302	await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
57f6896f C	303	})
	304	})
	305
	306	describe('When updating an abuse', function () {
	307
	308	it('Should fail with a non authenticated user', async function () {
2d53be02	309	await updateAbuse(server.url, 'blabla', abuseId, {}, HttpStatusCode.UNAUTHORIZED_401)
57f6896f C	310	})
	311
	312	it('Should fail with a non admin user', async function () {
2d53be02	313	await updateAbuse(server.url, userAccessToken, abuseId, {}, HttpStatusCode.FORBIDDEN_403)
57f6896f C	314	})
	315
	316	it('Should fail with a bad abuse id', async function () {
2d53be02	317	await updateAbuse(server.url, server.accessToken, 45, {}, HttpStatusCode.NOT_FOUND_404)
57f6896f C	318	})
	319
	320	it('Should fail with a bad state', async function () {
	321	const body = { state: 5 }
2d53be02	322	await updateAbuse(server.url, server.accessToken, abuseId, body, HttpStatusCode.BAD_REQUEST_400)
57f6896f C	323	})
	324
	325	it('Should fail with a bad moderation comment', async function () {
	326	const body = { moderationComment: 'b'.repeat(3001) }
2d53be02	327	await updateAbuse(server.url, server.accessToken, abuseId, body, HttpStatusCode.BAD_REQUEST_400)
57f6896f C	328	})
	329
	330	it('Should succeed with the correct params', async function () {
	331	const body = { state: AbuseState.ACCEPTED }
	332	await updateAbuse(server.url, server.accessToken, abuseId, body)
	333	})
	334	})
	335
edbc9325 C	336	describe('When creating an abuse message', function () {
	337	const message = 'my super message'
	338
	339	it('Should fail with an invalid abuse id', async function () {
2d53be02	340	await addAbuseMessage(server.url, userAccessToken2, 888, message, HttpStatusCode.NOT_FOUND_404)
edbc9325 C	341	})
	342
	343	it('Should fail with a non authenticated user', async function () {
2d53be02	344	await addAbuseMessage(server.url, 'fake_token', abuseId, message, HttpStatusCode.UNAUTHORIZED_401)
edbc9325 C	345	})
	346
	347	it('Should fail with an invalid logged in user', async function () {
2d53be02	348	await addAbuseMessage(server.url, userAccessToken2, abuseId, message, HttpStatusCode.FORBIDDEN_403)
edbc9325 C	349	})
	350
	351	it('Should fail with an invalid message', async function () {
2d53be02	352	await addAbuseMessage(server.url, userAccessToken, abuseId, 'a'.repeat(5000), HttpStatusCode.BAD_REQUEST_400)
edbc9325 C	353	})
	354
	355	it('Should suceed with the correct params', async function () {
	356	const res = await addAbuseMessage(server.url, userAccessToken, abuseId, message)
	357	messageId = res.body.abuseMessage.id
	358	})
	359	})
	360
94148c90	361	describe('When listing abuse messages', function () {
edbc9325 C	362
edbc9325 C	363	it('Should fail with an invalid abuse id', async function () {
2d53be02	364	await listAbuseMessages(server.url, userAccessToken, 888, HttpStatusCode.NOT_FOUND_404)
edbc9325 C	365	})
	366
	367	it('Should fail with a non authenticated user', async function () {
2d53be02	368	await listAbuseMessages(server.url, 'fake_token', abuseId, HttpStatusCode.UNAUTHORIZED_401)
edbc9325 C	369	})
	370
	371	it('Should fail with an invalid logged in user', async function () {
2d53be02	372	await listAbuseMessages(server.url, userAccessToken2, abuseId, HttpStatusCode.FORBIDDEN_403)
edbc9325 C	373	})
	374
	375	it('Should succeed with the correct params', async function () {
	376	await listAbuseMessages(server.url, userAccessToken, abuseId)
	377	})
	378	})
	379
	380	describe('When deleting an abuse message', function () {
	381
	382	it('Should fail with an invalid abuse id', async function () {
2d53be02	383	await deleteAbuseMessage(server.url, userAccessToken, 888, messageId, HttpStatusCode.NOT_FOUND_404)
edbc9325 C	384	})
	385
	386	it('Should fail with an invalid message id', async function () {
2d53be02	387	await deleteAbuseMessage(server.url, userAccessToken, abuseId, 888, HttpStatusCode.NOT_FOUND_404)
edbc9325 C	388	})
	389
	390	it('Should fail with a non authenticated user', async function () {
2d53be02	391	await deleteAbuseMessage(server.url, 'fake_token', abuseId, messageId, HttpStatusCode.UNAUTHORIZED_401)
edbc9325 C	392	})
	393
	394	it('Should fail with an invalid logged in user', async function () {
2d53be02	395	await deleteAbuseMessage(server.url, userAccessToken2, abuseId, messageId, HttpStatusCode.FORBIDDEN_403)
edbc9325 C	396	})
	397
	398	it('Should succeed with the correct params', async function () {
	399	await deleteAbuseMessage(server.url, userAccessToken, abuseId, messageId)
	400	})
	401	})
	402
57f6896f C	403	describe('When deleting a video abuse', function () {
	404
	405	it('Should fail with a non authenticated user', async function () {
2d53be02	406	await deleteAbuse(server.url, 'blabla', abuseId, HttpStatusCode.UNAUTHORIZED_401)
57f6896f C	407	})
	408
	409	it('Should fail with a non admin user', async function () {
2d53be02	410	await deleteAbuse(server.url, userAccessToken, abuseId, HttpStatusCode.FORBIDDEN_403)
57f6896f C	411	})
	412
	413	it('Should fail with a bad abuse id', async function () {
2d53be02	414	await deleteAbuse(server.url, server.accessToken, 45, HttpStatusCode.NOT_FOUND_404)
57f6896f C	415	})
	416
	417	it('Should succeed with the correct params', async function () {
	418	await deleteAbuse(server.url, server.accessToken, abuseId)
	419	})
	420	})
	421
94148c90 C	422	describe('When trying to manage messages of a remote abuse', function () {
	423	let remoteAbuseId: number
	424	let anotherServer: ServerInfo
	425
	426	before(async function () {
55a5b0fd	427	this.timeout(50000)
94148c90 C	428
	429	anotherServer = await flushAndRunServer(2)
	430	await setAccessTokensToServers([ anotherServer ])
	431
	432	await doubleFollow(anotherServer, server)
	433
	434	const server2VideoId = await getVideoIdFromUUID(anotherServer.url, server.video.uuid)
	435	await reportAbuse({
	436	url: anotherServer.url,
	437	token: anotherServer.accessToken,
	438	reason: 'remote server',
	439	videoId: server2VideoId
	440	})
	441
	442	await waitJobs([ server, anotherServer ])
	443
	444	const res = await getAdminAbusesList({ url: server.url, token: server.accessToken, sort: '-createdAt' })
	445	remoteAbuseId = res.body.data[0].id
	446	})
	447
	448	it('Should fail when listing abuse messages of a remote abuse', async function () {
2d53be02	449	await listAbuseMessages(server.url, server.accessToken, remoteAbuseId, HttpStatusCode.BAD_REQUEST_400)
94148c90 C	450	})
	451
	452	it('Should fail when creating abuse message of a remote abuse', async function () {
2d53be02	453	await addAbuseMessage(server.url, server.accessToken, remoteAbuseId, 'message', HttpStatusCode.BAD_REQUEST_400)
94148c90	454	})
a02b93ce C	455
	456	after(async function () {
	457	await cleanupTests([ anotherServer ])
	458	})
94148c90 C	459	})
94148c90 C	460
57f6896f C	461	after(async function () {
	462	await cleanupTests([ server ])
	463	})
	464	})