[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / abuses.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { HttpStatusCode } from '@shared/core-utils'
import {
  AbusesCommand,
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination,
  cleanupTests,
  createUser,
  doubleFollow,
  flushAndRunServer,
  generateUserAccessToken,
  getVideoIdFromUUID,
  makeGetRequest,
  makePostBodyRequest,
  ServerInfo,
  setAccessTokensToServers,
  uploadVideo,
  userLogin,
  waitJobs
} from '@shared/extra-utils'
import { AbuseCreate, AbuseState } from '@shared/models'

describe('Test abuses API validators', function () {
  const basePath = '/api/v1/abuses/'

  let server: ServerInfo

  let userToken = ''
  let userToken2 = ''
  let abuseId: number
  let messageId: number

  let command: AbusesCommand

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await flushAndRunServer(1)

    await setAccessTokensToServers([ server ])

    const username = 'user1'
    const password = 'my super password'
    await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
    userToken = await userLogin(server, { username, password })

    userToken2 = await generateUserAccessToken(server, 'user_2')

    const res = await uploadVideo(server.url, server.accessToken, {})
    server.video = res.body.video

    command = server.abusesCommand
  })

  describe('When listing abuses for admins', function () {
    const path = basePath

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, server.accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a non admin user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: userToken,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
    })

    it('Should fail with bad predefined reason', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
    })

    it('Should fail with a bad videoIs filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        predefinedReason: 'violentOrRepulsive',
        filter: 'comment',
        state: 2,
        videoIs: 'deleted'
      }

      await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When listing abuses for users', function () {
    const path = '/api/v1/users/me/abuses'

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, userToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, userToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, userToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        state: 2
      }

      await makeGetRequest({ url: server.url, path, token: userToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When reporting an abuse', function () {
    const path = basePath

    it('Should fail with nothing', async function () {
      const fields = {}
      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown video', async function () {
      const fields = { video: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a wrong comment', async function () {
      const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown comment', async function () {
      const fields = { comment: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a wrong account', async function () {
      const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown account', async function () {
      const fields = { account: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with not account, comment or video', async function () {
      const fields = { reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
      })
    })

    it('Should fail with a non authenticated user', async function () {
      const fields = { video: { id: server.video.id }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a reason too short', async function () {
      const fields = { video: { id: server.video.id }, reason: 'h' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with a too big reason', async function () {
      const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should succeed with the correct parameters (basic)', async function () {
      const fields: AbuseCreate = { video: { id: server.video.shortUUID }, reason: 'my super reason' }

      const res = await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.OK_200
      })
      abuseId = res.body.abuse.id
    })

    it('Should fail with a wrong predefined reason', async function () {
      const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with negative timestamps', async function () {
      const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail mith misordered startAt/endAt', async function () {
      const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should succeed with the corret parameters (advanced)', async function () {
      const fields: AbuseCreate = {
        video: {
          id: server.video.id,
          startAt: 1,
          endAt: 5
        },
        reason: 'my super reason',
        predefinedReasons: [ 'serverRules' ]
      }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When updating an abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad abuse id', async function () {
      await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a bad state', async function () {
      const body = { state: 5 }
      await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail with a bad moderation comment', async function () {
      const body = { moderationComment: 'b'.repeat(3001) }
      await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should succeed with the correct params', async function () {
      const body = { state: AbuseState.ACCEPTED }
      await command.update({ abuseId, body })
    })
  })

  describe('When creating an abuse message', function () {
    const message = 'my super message'

    it('Should fail with an invalid abuse id', async function () {
      await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with an invalid message', async function () {
      await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should suceed with the correct params', async function () {
      const res = await command.addMessage({ token: userToken, abuseId, message })
      messageId = res.body.abuseMessage.id
    })
  })

  describe('When listing abuse messages', function () {

    it('Should fail with an invalid abuse id', async function () {
      await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should succeed with the correct params', async function () {
      await command.listMessages({ token: userToken, abuseId })
    })
  })

  describe('When deleting an abuse message', function () {
    it('Should fail with an invalid abuse id', async function () {
      await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with an invalid message id', async function () {
      await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should succeed with the correct params', async function () {
      await command.deleteMessage({ token: userToken, abuseId, messageId })
    })
  })

  describe('When deleting a video abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad abuse id', async function () {
      await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should succeed with the correct params', async function () {
      await command.delete({ abuseId })
    })
  })

  describe('When trying to manage messages of a remote abuse', function () {
    let remoteAbuseId: number
    let anotherServer: ServerInfo

    before(async function () {
      this.timeout(50000)

      anotherServer = await flushAndRunServer(2)
      await setAccessTokensToServers([ anotherServer ])

      await doubleFollow(anotherServer, server)

      const server2VideoId = await getVideoIdFromUUID(anotherServer.url, server.video.uuid)
      await anotherServer.abusesCommand.report({ reason: 'remote server', videoId: server2VideoId })

      await waitJobs([ server, anotherServer ])

      const body = await command.getAdminList({ sort: '-createdAt' })
      remoteAbuseId = body.data[0].id
    })

    it('Should fail when listing abuse messages of a remote abuse', async function () {
      await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail when creating abuse message of a remote abuse', async function () {
      await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    after(async function () {
      await cleanupTests([ anotherServer ])
    })
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
57f6896f C	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import 'mocha'
0c1a77e9	4	import { HttpStatusCode } from '@shared/core-utils'
57f6896f	5	import {
0c1a77e9 C	6	AbusesCommand,
	7	checkBadCountPagination,
	8	checkBadSortPagination,
	9	checkBadStartPagination,
57f6896f C	10	cleanupTests,
57f6896f C	11	createUser,
94148c90	12	doubleFollow,
57f6896f	13	flushAndRunServer,
94148c90	14	generateUserAccessToken,
94148c90	15	getVideoIdFromUUID,
57f6896f C	16	makeGetRequest,
	17	makePostBodyRequest,
	18	ServerInfo,
	19	setAccessTokensToServers,
57f6896f	20	uploadVideo,
edbc9325	21	userLogin,
94148c90	22	waitJobs
0c1a77e9 C	23	} from '@shared/extra-utils'
0c1a77e9 C	24	import { AbuseCreate, AbuseState } from '@shared/models'
57f6896f	25
310b5219	26	describe('Test abuses API validators', function () {
57f6896f C	27	const basePath = '/api/v1/abuses/'
	28
	29	let server: ServerInfo
94148c90	30
0c1a77e9 C	31	let userToken = ''
0c1a77e9 C	32	let userToken2 = ''
57f6896f	33	let abuseId: number
edbc9325	34	let messageId: number
57f6896f	35
0c1a77e9 C	36	let command: AbusesCommand
0c1a77e9 C	37
57f6896f C	38	// ---------------------------------------------------------------
	39
	40	before(async function () {
	41	this.timeout(30000)
	42
	43	server = await flushAndRunServer(1)
	44
	45	await setAccessTokensToServers([ server ])
	46
	47	const username = 'user1'
	48	const password = 'my super password'
	49	await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
0c1a77e9	50	userToken = await userLogin(server, { username, password })
57f6896f	51
0c1a77e9	52	userToken2 = await generateUserAccessToken(server, 'user_2')
edbc9325	53
57f6896f C	54	const res = await uploadVideo(server.url, server.accessToken, {})
57f6896f C	55	server.video = res.body.video
0c1a77e9 C	56
0c1a77e9 C	57	command = server.abusesCommand
57f6896f C	58	})
57f6896f C	59
edbc9325	60	describe('When listing abuses for admins', function () {
57f6896f C	61	const path = basePath
	62
	63	it('Should fail with a bad start pagination', async function () {
	64	await checkBadStartPagination(server.url, path, server.accessToken)
	65	})
	66
	67	it('Should fail with a bad count pagination', async function () {
	68	await checkBadCountPagination(server.url, path, server.accessToken)
	69	})
	70
	71	it('Should fail with an incorrect sort', async function () {
	72	await checkBadSortPagination(server.url, path, server.accessToken)
	73	})
	74
	75	it('Should fail with a non authenticated user', async function () {
	76	await makeGetRequest({
	77	url: server.url,
	78	path,
2d53be02	79	statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
57f6896f C	80	})
	81	})
	82
	83	it('Should fail with a non admin user', async function () {
	84	await makeGetRequest({
	85	url: server.url,
	86	path,
0c1a77e9	87	token: userToken,
2d53be02	88	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
57f6896f C	89	})
	90	})
	91
	92	it('Should fail with a bad id filter', async function () {
	93	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
	94	})
	95
	96	it('Should fail with a bad filter', async function () {
	97	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
	98	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
	99	})
	100
	101	it('Should fail with bad predefined reason', async function () {
	102	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
	103	})
	104
	105	it('Should fail with a bad state filter', async function () {
	106	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
	107	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
	108	})
	109
	110	it('Should fail with a bad videoIs filter', async function () {
	111	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
	112	})
	113
	114	it('Should succeed with the correct params', async function () {
	115	const query = {
	116	id: 13,
	117	predefinedReason: 'violentOrRepulsive',
	118	filter: 'comment',
	119	state: 2,
	120	videoIs: 'deleted'
	121	}
	122
2d53be02	123	await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
57f6896f C	124	})
	125	})
	126
edbc9325 C	127	describe('When listing abuses for users', function () {
	128	const path = '/api/v1/users/me/abuses'
	129
	130	it('Should fail with a bad start pagination', async function () {
0c1a77e9	131	await checkBadStartPagination(server.url, path, userToken)
edbc9325 C	132	})
	133
	134	it('Should fail with a bad count pagination', async function () {
0c1a77e9	135	await checkBadCountPagination(server.url, path, userToken)
edbc9325 C	136	})
	137
	138	it('Should fail with an incorrect sort', async function () {
0c1a77e9	139	await checkBadSortPagination(server.url, path, userToken)
edbc9325 C	140	})
	141
	142	it('Should fail with a non authenticated user', async function () {
	143	await makeGetRequest({
	144	url: server.url,
	145	path,
2d53be02	146	statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
edbc9325 C	147	})
	148	})
	149
	150	it('Should fail with a bad id filter', async function () {
0c1a77e9	151	await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
edbc9325 C	152	})
	153
	154	it('Should fail with a bad state filter', async function () {
0c1a77e9 C	155	await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
0c1a77e9 C	156	await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
edbc9325 C	157	})
	158
	159	it('Should succeed with the correct params', async function () {
	160	const query = {
	161	id: 13,
	162	state: 2
	163	}
	164
0c1a77e9	165	await makeGetRequest({ url: server.url, path, token: userToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
edbc9325 C	166	})
	167	})
	168
57f6896f C	169	describe('When reporting an abuse', function () {
	170	const path = basePath
	171
	172	it('Should fail with nothing', async function () {
	173	const fields = {}
0c1a77e9	174	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	175	})
	176
	177	it('Should fail with a wrong video', async function () {
	178	const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	179	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	180	})
	181
	182	it('Should fail with an unknown video', async function () {
	183	const fields = { video: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	184	await makePostBodyRequest({
	185	url: server.url,
	186	path,
0c1a77e9	187	token: userToken,
2d53be02 RK	188	fields,
	189	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	190	})
57f6896f C	191	})
	192
	193	it('Should fail with a wrong comment', async function () {
	194	const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	195	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	196	})
	197
	198	it('Should fail with an unknown comment', async function () {
	199	const fields = { comment: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	200	await makePostBodyRequest({
	201	url: server.url,
	202	path,
0c1a77e9	203	token: userToken,
2d53be02 RK	204	fields,
	205	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	206	})
57f6896f C	207	})
	208
	209	it('Should fail with a wrong account', async function () {
	210	const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	211	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	212	})
	213
	214	it('Should fail with an unknown account', async function () {
	215	const fields = { account: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	216	await makePostBodyRequest({
	217	url: server.url,
	218	path,
0c1a77e9	219	token: userToken,
2d53be02 RK	220	fields,
	221	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	222	})
57f6896f C	223	})
	224
	225	it('Should fail with not account, comment or video', async function () {
	226	const fields = { reason: 'my super reason' }
2d53be02 RK	227	await makePostBodyRequest({
	228	url: server.url,
	229	path,
0c1a77e9	230	token: userToken,
2d53be02 RK	231	fields,
	232	statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
	233	})
57f6896f C	234	})
	235
	236	it('Should fail with a non authenticated user', async function () {
	237	const fields = { video: { id: server.video.id }, reason: 'my super reason' }
	238
2d53be02	239	await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	240	})
	241
	242	it('Should fail with a reason too short', async function () {
	243	const fields = { video: { id: server.video.id }, reason: 'h' }
	244
0c1a77e9	245	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	246	})
	247
	248	it('Should fail with a too big reason', async function () {
	249	const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
	250
0c1a77e9	251	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	252	})
	253
	254	it('Should succeed with the correct parameters (basic)', async function () {
d4a8e7a6	255	const fields: AbuseCreate = { video: { id: server.video.shortUUID }, reason: 'my super reason' }
57f6896f	256
2d53be02 RK	257	const res = await makePostBodyRequest({
	258	url: server.url,
	259	path,
0c1a77e9	260	token: userToken,
2d53be02 RK	261	fields,
	262	statusCodeExpected: HttpStatusCode.OK_200
	263	})
57f6896f C	264	abuseId = res.body.abuse.id
	265	})
	266
	267	it('Should fail with a wrong predefined reason', async function () {
	268	const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
	269
0c1a77e9	270	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	271	})
	272
	273	it('Should fail with negative timestamps', async function () {
	274	const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
	275
0c1a77e9	276	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	277	})
	278
	279	it('Should fail mith misordered startAt/endAt', async function () {
	280	const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
	281
0c1a77e9	282	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	283	})
	284
	285	it('Should succeed with the corret parameters (advanced)', async function () {
	286	const fields: AbuseCreate = {
	287	video: {
	288	id: server.video.id,
	289	startAt: 1,
	290	endAt: 5
	291	},
	292	reason: 'my super reason',
	293	predefinedReasons: [ 'serverRules' ]
	294	}
	295
0c1a77e9	296	await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
57f6896f C	297	})
	298	})
	299
	300	describe('When updating an abuse', function () {
	301
	302	it('Should fail with a non authenticated user', async function () {
0c1a77e9	303	await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	304	})
	305
	306	it('Should fail with a non admin user', async function () {
0c1a77e9	307	await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
57f6896f C	308	})
	309
	310	it('Should fail with a bad abuse id', async function () {
0c1a77e9	311	await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
57f6896f C	312	})
	313
	314	it('Should fail with a bad state', async function () {
	315	const body = { state: 5 }
0c1a77e9	316	await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
57f6896f C	317	})
	318
	319	it('Should fail with a bad moderation comment', async function () {
	320	const body = { moderationComment: 'b'.repeat(3001) }
0c1a77e9	321	await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
57f6896f C	322	})
	323
	324	it('Should succeed with the correct params', async function () {
	325	const body = { state: AbuseState.ACCEPTED }
0c1a77e9	326	await command.update({ abuseId, body })
57f6896f C	327	})
	328	})
	329
edbc9325 C	330	describe('When creating an abuse message', function () {
	331	const message = 'my super message'
	332
	333	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	334	await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	335	})
	336
	337	it('Should fail with a non authenticated user', async function () {
0c1a77e9	338	await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	339	})
	340
	341	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	342	await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	343	})
	344
	345	it('Should fail with an invalid message', async function () {
0c1a77e9	346	await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
edbc9325 C	347	})
	348
	349	it('Should suceed with the correct params', async function () {
0c1a77e9	350	const res = await command.addMessage({ token: userToken, abuseId, message })
edbc9325 C	351	messageId = res.body.abuseMessage.id
	352	})
	353	})
	354
94148c90	355	describe('When listing abuse messages', function () {
edbc9325 C	356
edbc9325 C	357	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	358	await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	359	})
	360
	361	it('Should fail with a non authenticated user', async function () {
0c1a77e9	362	await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	363	})
	364
	365	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	366	await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	367	})
	368
	369	it('Should succeed with the correct params', async function () {
0c1a77e9	370	await command.listMessages({ token: userToken, abuseId })
edbc9325 C	371	})
	372	})
	373
	374	describe('When deleting an abuse message', function () {
edbc9325	375	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	376	await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	377	})
	378
	379	it('Should fail with an invalid message id', async function () {
0c1a77e9	380	await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	381	})
	382
	383	it('Should fail with a non authenticated user', async function () {
0c1a77e9	384	await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	385	})
	386
	387	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	388	await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	389	})
	390
	391	it('Should succeed with the correct params', async function () {
0c1a77e9	392	await command.deleteMessage({ token: userToken, abuseId, messageId })
edbc9325 C	393	})
	394	})
	395
57f6896f C	396	describe('When deleting a video abuse', function () {
	397
	398	it('Should fail with a non authenticated user', async function () {
0c1a77e9	399	await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	400	})
	401
	402	it('Should fail with a non admin user', async function () {
0c1a77e9	403	await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
57f6896f C	404	})
	405
	406	it('Should fail with a bad abuse id', async function () {
0c1a77e9	407	await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
57f6896f C	408	})
	409
	410	it('Should succeed with the correct params', async function () {
0c1a77e9	411	await command.delete({ abuseId })
57f6896f C	412	})
	413	})
	414
94148c90 C	415	describe('When trying to manage messages of a remote abuse', function () {
	416	let remoteAbuseId: number
	417	let anotherServer: ServerInfo
	418
	419	before(async function () {
55a5b0fd	420	this.timeout(50000)
94148c90 C	421
	422	anotherServer = await flushAndRunServer(2)
	423	await setAccessTokensToServers([ anotherServer ])
	424
	425	await doubleFollow(anotherServer, server)
	426
	427	const server2VideoId = await getVideoIdFromUUID(anotherServer.url, server.video.uuid)
0c1a77e9	428	await anotherServer.abusesCommand.report({ reason: 'remote server', videoId: server2VideoId })
94148c90 C	429
	430	await waitJobs([ server, anotherServer ])
	431
0c1a77e9 C	432	const body = await command.getAdminList({ sort: '-createdAt' })
0c1a77e9 C	433	remoteAbuseId = body.data[0].id
94148c90 C	434	})
	435
	436	it('Should fail when listing abuse messages of a remote abuse', async function () {
0c1a77e9	437	await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
94148c90 C	438	})
	439
	440	it('Should fail when creating abuse message of a remote abuse', async function () {
0c1a77e9	441	await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
94148c90	442	})
a02b93ce C	443
	444	after(async function () {
	445	await cleanupTests([ anotherServer ])
	446	})
94148c90 C	447	})
94148c90 C	448
57f6896f C	449	after(async function () {
	450	await cleanupTests([ server ])
	451	})
	452	})