[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / abuses.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { AbuseCreate, AbuseState } from '@shared/models'
import {
  cleanupTests,
  createUser,
  deleteAbuse,
  flushAndRunServer,
  makeGetRequest,
  makePostBodyRequest,
  ServerInfo,
  setAccessTokensToServers,
  updateAbuse,
  uploadVideo,
  userLogin
} from '../../../../shared/extra-utils'
import {
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination
} from '../../../../shared/extra-utils/requests/check-api-params'

describe('Test abuses API validators', function () {
  const basePath = '/api/v1/abuses/'

  let server: ServerInfo
  let userAccessToken = ''
  let abuseId: number

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await flushAndRunServer(1)

    await setAccessTokensToServers([ server ])

    const username = 'user1'
    const password = 'my super password'
    await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
    userAccessToken = await userLogin(server, { username, password })

    const res = await uploadVideo(server.url, server.accessToken, {})
    server.video = res.body.video
  })

  describe('When listing abuses', function () {
    const path = basePath

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, server.accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: 401
      })
    })

    it('Should fail with a non admin user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: userAccessToken,
        statusCodeExpected: 403
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
    })

    it('Should fail with bad predefined reason', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
    })

    it('Should fail with a bad videoIs filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        predefinedReason: 'violentOrRepulsive',
        filter: 'comment',
        state: 2,
        videoIs: 'deleted'
      }

      await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: 200 })
    })
  })

  describe('When reporting an abuse', function () {
    const path = basePath

    it('Should fail with nothing', async function () {
      const fields = {}
      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
    })

    it('Should fail with an unknown video', async function () {
      const fields = { video: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
    })

    it('Should fail with a wrong comment', async function () {
      const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
    })

    it('Should fail with an unknown comment', async function () {
      const fields = { comment: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
    })

    it('Should fail with a wrong account', async function () {
      const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
    })

    it('Should fail with an unknown account', async function () {
      const fields = { account: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
    })

    it('Should fail with not account, comment or video', async function () {
      const fields = { reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 400 })
    })

    it('Should fail with a non authenticated user', async function () {
      const fields = { video: { id: server.video.id }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: 401 })
    })

    it('Should fail with a reason too short', async function () {
      const fields = { video: { id: server.video.id }, reason: 'h' }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a too big reason', async function () {
      const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should succeed with the correct parameters (basic)', async function () {
      const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' }

      const res = await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
      abuseId = res.body.abuse.id
    })

    it('Should fail with a wrong predefined reason', async function () {
      const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with negative timestamps', async function () {
      const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail mith misordered startAt/endAt', async function () {
      const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should succeed with the corret parameters (advanced)', async function () {
      const fields: AbuseCreate = {
        video: {
          id: server.video.id,
          startAt: 1,
          endAt: 5
        },
        reason: 'my super reason',
        predefinedReasons: [ 'serverRules' ]
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
    })
  })

  describe('When updating an abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await updateAbuse(server.url, 'blabla', abuseId, {}, 401)
    })

    it('Should fail with a non admin user', async function () {
      await updateAbuse(server.url, userAccessToken, abuseId, {}, 403)
    })

    it('Should fail with a bad abuse id', async function () {
      await updateAbuse(server.url, server.accessToken, 45, {}, 404)
    })

    it('Should fail with a bad state', async function () {
      const body = { state: 5 }
      await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
    })

    it('Should fail with a bad moderation comment', async function () {
      const body = { moderationComment: 'b'.repeat(3001) }
      await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
    })

    it('Should succeed with the correct params', async function () {
      const body = { state: AbuseState.ACCEPTED }
      await updateAbuse(server.url, server.accessToken, abuseId, body)
    })
  })

  describe('When deleting a video abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await deleteAbuse(server.url, 'blabla', abuseId, 401)
    })

    it('Should fail with a non admin user', async function () {
      await deleteAbuse(server.url, userAccessToken, abuseId, 403)
    })

    it('Should fail with a bad abuse id', async function () {
      await deleteAbuse(server.url, server.accessToken, 45, 404)
    })

    it('Should succeed with the correct params', async function () {
      await deleteAbuse(server.url, server.accessToken, abuseId)
    })
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
57f6896f C	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import 'mocha'
	4	import { AbuseCreate, AbuseState } from '@shared/models'
	5	import {
	6	cleanupTests,
	7	createUser,
	8	deleteAbuse,
	9	flushAndRunServer,
	10	makeGetRequest,
	11	makePostBodyRequest,
	12	ServerInfo,
	13	setAccessTokensToServers,
	14	updateAbuse,
	15	uploadVideo,
	16	userLogin
	17	} from '../../../../shared/extra-utils'
	18	import {
	19	checkBadCountPagination,
	20	checkBadSortPagination,
	21	checkBadStartPagination
	22	} from '../../../../shared/extra-utils/requests/check-api-params'
	23
310b5219	24	describe('Test abuses API validators', function () {
57f6896f C	25	const basePath = '/api/v1/abuses/'
	26
	27	let server: ServerInfo
	28	let userAccessToken = ''
	29	let abuseId: number
	30
	31	// ---------------------------------------------------------------
	32
	33	before(async function () {
	34	this.timeout(30000)
	35
	36	server = await flushAndRunServer(1)
	37
	38	await setAccessTokensToServers([ server ])
	39
	40	const username = 'user1'
	41	const password = 'my super password'
	42	await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
	43	userAccessToken = await userLogin(server, { username, password })
	44
	45	const res = await uploadVideo(server.url, server.accessToken, {})
	46	server.video = res.body.video
	47	})
	48
	49	describe('When listing abuses', function () {
	50	const path = basePath
	51
	52	it('Should fail with a bad start pagination', async function () {
	53	await checkBadStartPagination(server.url, path, server.accessToken)
	54	})
	55
	56	it('Should fail with a bad count pagination', async function () {
	57	await checkBadCountPagination(server.url, path, server.accessToken)
	58	})
	59
	60	it('Should fail with an incorrect sort', async function () {
	61	await checkBadSortPagination(server.url, path, server.accessToken)
	62	})
	63
	64	it('Should fail with a non authenticated user', async function () {
	65	await makeGetRequest({
	66	url: server.url,
	67	path,
	68	statusCodeExpected: 401
	69	})
	70	})
	71
	72	it('Should fail with a non admin user', async function () {
	73	await makeGetRequest({
	74	url: server.url,
	75	path,
	76	token: userAccessToken,
	77	statusCodeExpected: 403
	78	})
	79	})
	80
	81	it('Should fail with a bad id filter', async function () {
	82	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
	83	})
	84
	85	it('Should fail with a bad filter', async function () {
	86	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
	87	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
	88	})
89
90	it('Should fail with bad predefined reason', async function () {
91	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
92	})
93
94	it('Should fail with a bad state filter', async function () {
95	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
96	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
97	})
98
99	it('Should fail with a bad videoIs filter', async function () {
100	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
101	})
102
103	it('Should succeed with the correct params', async function () {
104	const query = {
105	id: 13,
106	predefinedReason: 'violentOrRepulsive',
107	filter: 'comment',
108	state: 2,
109	videoIs: 'deleted'
110	}
111
112	await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: 200 })
113	})
114	})
115
116	describe('When reporting an abuse', function () {
117	const path = basePath
118
119	it('Should fail with nothing', async function () {
120	const fields = {}
121	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
122	})
123
124	it('Should fail with a wrong video', async function () {
125	const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
126	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
127	})
128
129	it('Should fail with an unknown video', async function () {
130	const fields = { video: { id: 42 }, reason: 'my super reason' }
131	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
132	})
133
134	it('Should fail with a wrong comment', async function () {
135	const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
136	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
137	})
138
139	it('Should fail with an unknown comment', async function () {
140	const fields = { comment: { id: 42 }, reason: 'my super reason' }
141	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
142	})
143
144	it('Should fail with a wrong account', async function () {
145	const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
146	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
147	})
148
149	it('Should fail with an unknown account', async function () {
150	const fields = { account: { id: 42 }, reason: 'my super reason' }
151	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
152	})
153
154	it('Should fail with not account, comment or video', async function () {
155	const fields = { reason: 'my super reason' }
156	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 400 })
157	})
158
159	it('Should fail with a non authenticated user', async function () {
160	const fields = { video: { id: server.video.id }, reason: 'my super reason' }
161
162	await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: 401 })
163	})
164
165	it('Should fail with a reason too short', async function () {
166	const fields = { video: { id: server.video.id }, reason: 'h' }
167
168	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
169	})
170
171	it('Should fail with a too big reason', async function () {
172	const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
173
174	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
175	})
176
177	it('Should succeed with the correct parameters (basic)', async function () {
178	const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' }
179
180	const res = await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
181	abuseId = res.body.abuse.id
182	})
183
184	it('Should fail with a wrong predefined reason', async function () {
185	const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
186
187	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
188	})
189
190	it('Should fail with negative timestamps', async function () {
191	const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
192
193	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
194	})
195
196	it('Should fail mith misordered startAt/endAt', async function () {
197	const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
198
199	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
200	})
201
202	it('Should succeed with the corret parameters (advanced)', async function () {
203	const fields: AbuseCreate = {
204	video: {
205	id: server.video.id,
206	startAt: 1,
207	endAt: 5
208	},
209	reason: 'my super reason',
210	predefinedReasons: [ 'serverRules' ]
211	}
212
213	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
214	})
215	})
216
217	describe('When updating an abuse', function () {
218
219	it('Should fail with a non authenticated user', async function () {
220	await updateAbuse(server.url, 'blabla', abuseId, {}, 401)
221	})
222
223	it('Should fail with a non admin user', async function () {
224	await updateAbuse(server.url, userAccessToken, abuseId, {}, 403)
225	})
226
227	it('Should fail with a bad abuse id', async function () {
228	await updateAbuse(server.url, server.accessToken, 45, {}, 404)
229	})
230
231	it('Should fail with a bad state', async function () {
232	const body = { state: 5 }
233	await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
234	})
235
236	it('Should fail with a bad moderation comment', async function () {
237	const body = { moderationComment: 'b'.repeat(3001) }
238	await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
239	})
240
241	it('Should succeed with the correct params', async function () {
242	const body = { state: AbuseState.ACCEPTED }
243	await updateAbuse(server.url, server.accessToken, abuseId, body)
244	})
245	})
246
247	describe('When deleting a video abuse', function () {
248
249	it('Should fail with a non authenticated user', async function () {
250	await deleteAbuse(server.url, 'blabla', abuseId, 401)
251	})
252
253	it('Should fail with a non admin user', async function () {
254	await deleteAbuse(server.url, userAccessToken, abuseId, 403)
255	})
256
257	it('Should fail with a bad abuse id', async function () {
258	await deleteAbuse(server.url, server.accessToken, 45, 404)
259	})
260
261	it('Should succeed with the correct params', async function () {
262	await deleteAbuse(server.url, server.accessToken, abuseId)
263	})
264	})
265
266	after(async function () {
267	await cleanupTests([ server ])
268	})
269	})