[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / abuses.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { HttpStatusCode } from '@shared/core-utils'
import {
  AbusesCommand,
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination,
  cleanupTests,
  doubleFollow,
  createSingleServer,
  makeGetRequest,
  makePostBodyRequest,
  PeerTubeServer,
  setAccessTokensToServers,
  waitJobs
} from '@shared/extra-utils'
import { AbuseCreate, AbuseState } from '@shared/models'

describe('Test abuses API validators', function () {
  const basePath = '/api/v1/abuses/'

  let server: PeerTubeServer

  let userToken = ''
  let userToken2 = ''
  let abuseId: number
  let messageId: number

  let command: AbusesCommand

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await createSingleServer(1)

    await setAccessTokensToServers([ server ])

    userToken = await server.users.generateUserAndToken('user_1')
    userToken2 = await server.users.generateUserAndToken('user_2')

    server.store.video = await server.videos.upload()

    command = server.abuses
  })

  describe('When listing abuses for admins', function () {
    const path = basePath

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, server.accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a non admin user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: userToken,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
    })

    it('Should fail with bad predefined reason', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
    })

    it('Should fail with a bad videoIs filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        predefinedReason: 'violentOrRepulsive',
        filter: 'comment',
        state: 2,
        videoIs: 'deleted'
      }

      await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When listing abuses for users', function () {
    const path = '/api/v1/users/me/abuses'

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, userToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, userToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, userToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        state: 2
      }

      await makeGetRequest({ url: server.url, path, token: userToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When reporting an abuse', function () {
    const path = basePath

    it('Should fail with nothing', async function () {
      const fields = {}
      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown video', async function () {
      const fields = { video: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a wrong comment', async function () {
      const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown comment', async function () {
      const fields = { comment: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a wrong account', async function () {
      const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown account', async function () {
      const fields = { account: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with not account, comment or video', async function () {
      const fields = { reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
      })
    })

    it('Should fail with a non authenticated user', async function () {
      const fields = { video: { id: server.store.video.id }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a reason too short', async function () {
      const fields = { video: { id: server.store.video.id }, reason: 'h' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with a too big reason', async function () {
      const fields = { video: { id: server.store.video.id }, reason: 'super'.repeat(605) }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should succeed with the correct parameters (basic)', async function () {
      const fields: AbuseCreate = { video: { id: server.store.video.shortUUID }, reason: 'my super reason' }

      const res = await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        statusCodeExpected: HttpStatusCode.OK_200
      })
      abuseId = res.body.abuse.id
    })

    it('Should fail with a wrong predefined reason', async function () {
      const fields = { video: { id: server.store.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with negative timestamps', async function () {
      const fields = { video: { id: server.store.video.id, startAt: -1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail mith misordered startAt/endAt', async function () {
      const fields = { video: { id: server.store.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should succeed with the corret parameters (advanced)', async function () {
      const fields: AbuseCreate = {
        video: {
          id: server.store.video.id,
          startAt: 1,
          endAt: 5
        },
        reason: 'my super reason',
        predefinedReasons: [ 'serverRules' ]
      }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
    })
  })

  describe('When updating an abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad abuse id', async function () {
      await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a bad state', async function () {
      const body = { state: 5 }
      await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail with a bad moderation comment', async function () {
      const body = { moderationComment: 'b'.repeat(3001) }
      await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should succeed with the correct params', async function () {
      const body = { state: AbuseState.ACCEPTED }
      await command.update({ abuseId, body })
    })
  })

  describe('When creating an abuse message', function () {
    const message = 'my super message'

    it('Should fail with an invalid abuse id', async function () {
      await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with an invalid message', async function () {
      await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should suceed with the correct params', async function () {
      const res = await command.addMessage({ token: userToken, abuseId, message })
      messageId = res.body.abuseMessage.id
    })
  })

  describe('When listing abuse messages', function () {

    it('Should fail with an invalid abuse id', async function () {
      await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should succeed with the correct params', async function () {
      await command.listMessages({ token: userToken, abuseId })
    })
  })

  describe('When deleting an abuse message', function () {
    it('Should fail with an invalid abuse id', async function () {
      await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with an invalid message id', async function () {
      await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should succeed with the correct params', async function () {
      await command.deleteMessage({ token: userToken, abuseId, messageId })
    })
  })

  describe('When deleting a video abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad abuse id', async function () {
      await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should succeed with the correct params', async function () {
      await command.delete({ abuseId })
    })
  })

  describe('When trying to manage messages of a remote abuse', function () {
    let remoteAbuseId: number
    let anotherServer: PeerTubeServer

    before(async function () {
      this.timeout(50000)

      anotherServer = await createSingleServer(2)
      await setAccessTokensToServers([ anotherServer ])

      await doubleFollow(anotherServer, server)

      const server2VideoId = await anotherServer.videos.getId({ uuid: server.store.video.uuid })
      await anotherServer.abuses.report({ reason: 'remote server', videoId: server2VideoId })

      await waitJobs([ server, anotherServer ])

      const body = await command.getAdminList({ sort: '-createdAt' })
      remoteAbuseId = body.data[0].id
    })

    it('Should fail when listing abuse messages of a remote abuse', async function () {
      await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail when creating abuse message of a remote abuse', async function () {
      await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    after(async function () {
      await cleanupTests([ anotherServer ])
    })
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
57f6896f C	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import 'mocha'
0c1a77e9	4	import { HttpStatusCode } from '@shared/core-utils'
57f6896f	5	import {
0c1a77e9 C	6	AbusesCommand,
	7	checkBadCountPagination,
	8	checkBadSortPagination,
	9	checkBadStartPagination,
57f6896f	10	cleanupTests,
94148c90	11	doubleFollow,
254d3579	12	createSingleServer,
57f6896f C	13	makeGetRequest,
57f6896f C	14	makePostBodyRequest,
254d3579	15	PeerTubeServer,
57f6896f	16	setAccessTokensToServers,
94148c90	17	waitJobs
0c1a77e9 C	18	} from '@shared/extra-utils'
0c1a77e9 C	19	import { AbuseCreate, AbuseState } from '@shared/models'
57f6896f	20
310b5219	21	describe('Test abuses API validators', function () {
57f6896f C	22	const basePath = '/api/v1/abuses/'
57f6896f C	23
254d3579	24	let server: PeerTubeServer
94148c90	25
0c1a77e9 C	26	let userToken = ''
0c1a77e9 C	27	let userToken2 = ''
57f6896f	28	let abuseId: number
edbc9325	29	let messageId: number
57f6896f	30
0c1a77e9 C	31	let command: AbusesCommand
0c1a77e9 C	32
57f6896f C	33	// ---------------------------------------------------------------
	34
	35	before(async function () {
	36	this.timeout(30000)
	37
254d3579	38	server = await createSingleServer(1)
57f6896f C	39
	40	await setAccessTokensToServers([ server ])
	41
89d241a7 C	42	userToken = await server.users.generateUserAndToken('user_1')
89d241a7 C	43	userToken2 = await server.users.generateUserAndToken('user_2')
edbc9325	44
89d241a7	45	server.store.video = await server.videos.upload()
0c1a77e9	46
89d241a7	47	command = server.abuses
57f6896f C	48	})
57f6896f C	49
edbc9325	50	describe('When listing abuses for admins', function () {
57f6896f C	51	const path = basePath
	52
	53	it('Should fail with a bad start pagination', async function () {
	54	await checkBadStartPagination(server.url, path, server.accessToken)
	55	})
	56
	57	it('Should fail with a bad count pagination', async function () {
	58	await checkBadCountPagination(server.url, path, server.accessToken)
	59	})
	60
	61	it('Should fail with an incorrect sort', async function () {
	62	await checkBadSortPagination(server.url, path, server.accessToken)
	63	})
	64
	65	it('Should fail with a non authenticated user', async function () {
	66	await makeGetRequest({
	67	url: server.url,
	68	path,
2d53be02	69	statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
57f6896f C	70	})
	71	})
	72
	73	it('Should fail with a non admin user', async function () {
	74	await makeGetRequest({
	75	url: server.url,
	76	path,
0c1a77e9	77	token: userToken,
2d53be02	78	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
57f6896f C	79	})
	80	})
	81
	82	it('Should fail with a bad id filter', async function () {
	83	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
	84	})
	85
	86	it('Should fail with a bad filter', async function () {
	87	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
	88	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
	89	})
	90
	91	it('Should fail with bad predefined reason', async function () {
	92	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
	93	})
	94
	95	it('Should fail with a bad state filter', async function () {
	96	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
	97	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
	98	})
	99
	100	it('Should fail with a bad videoIs filter', async function () {
	101	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
	102	})
	103
	104	it('Should succeed with the correct params', async function () {
	105	const query = {
	106	id: 13,
	107	predefinedReason: 'violentOrRepulsive',
	108	filter: 'comment',
	109	state: 2,
	110	videoIs: 'deleted'
	111	}
	112
2d53be02	113	await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
57f6896f C	114	})
	115	})
	116
edbc9325 C	117	describe('When listing abuses for users', function () {
	118	const path = '/api/v1/users/me/abuses'
	119
	120	it('Should fail with a bad start pagination', async function () {
0c1a77e9	121	await checkBadStartPagination(server.url, path, userToken)
edbc9325 C	122	})
	123
	124	it('Should fail with a bad count pagination', async function () {
0c1a77e9	125	await checkBadCountPagination(server.url, path, userToken)
edbc9325 C	126	})
	127
	128	it('Should fail with an incorrect sort', async function () {
0c1a77e9	129	await checkBadSortPagination(server.url, path, userToken)
edbc9325 C	130	})
	131
	132	it('Should fail with a non authenticated user', async function () {
	133	await makeGetRequest({
	134	url: server.url,
	135	path,
2d53be02	136	statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
edbc9325 C	137	})
	138	})
	139
	140	it('Should fail with a bad id filter', async function () {
0c1a77e9	141	await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
edbc9325 C	142	})
	143
	144	it('Should fail with a bad state filter', async function () {
0c1a77e9 C	145	await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
0c1a77e9 C	146	await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
edbc9325 C	147	})
	148
	149	it('Should succeed with the correct params', async function () {
	150	const query = {
	151	id: 13,
	152	state: 2
	153	}
	154
0c1a77e9	155	await makeGetRequest({ url: server.url, path, token: userToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
edbc9325 C	156	})
	157	})
	158
57f6896f C	159	describe('When reporting an abuse', function () {
	160	const path = basePath
	161
	162	it('Should fail with nothing', async function () {
	163	const fields = {}
0c1a77e9	164	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	165	})
	166
	167	it('Should fail with a wrong video', async function () {
	168	const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	169	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	170	})
	171
	172	it('Should fail with an unknown video', async function () {
	173	const fields = { video: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	174	await makePostBodyRequest({
	175	url: server.url,
	176	path,
0c1a77e9	177	token: userToken,
2d53be02 RK	178	fields,
	179	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	180	})
57f6896f C	181	})
	182
	183	it('Should fail with a wrong comment', async function () {
	184	const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	185	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	186	})
	187
	188	it('Should fail with an unknown comment', async function () {
	189	const fields = { comment: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	190	await makePostBodyRequest({
	191	url: server.url,
	192	path,
0c1a77e9	193	token: userToken,
2d53be02 RK	194	fields,
	195	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	196	})
57f6896f C	197	})
	198
	199	it('Should fail with a wrong account', async function () {
	200	const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	201	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	202	})
	203
	204	it('Should fail with an unknown account', async function () {
	205	const fields = { account: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	206	await makePostBodyRequest({
	207	url: server.url,
	208	path,
0c1a77e9	209	token: userToken,
2d53be02 RK	210	fields,
	211	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	212	})
57f6896f C	213	})
	214
	215	it('Should fail with not account, comment or video', async function () {
	216	const fields = { reason: 'my super reason' }
2d53be02 RK	217	await makePostBodyRequest({
	218	url: server.url,
	219	path,
0c1a77e9	220	token: userToken,
2d53be02 RK	221	fields,
	222	statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
	223	})
57f6896f C	224	})
	225
	226	it('Should fail with a non authenticated user', async function () {
89d241a7	227	const fields = { video: { id: server.store.video.id }, reason: 'my super reason' }
57f6896f	228
2d53be02	229	await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	230	})
	231
	232	it('Should fail with a reason too short', async function () {
89d241a7	233	const fields = { video: { id: server.store.video.id }, reason: 'h' }
57f6896f	234
0c1a77e9	235	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	236	})
	237
	238	it('Should fail with a too big reason', async function () {
89d241a7	239	const fields = { video: { id: server.store.video.id }, reason: 'super'.repeat(605) }
57f6896f	240
0c1a77e9	241	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	242	})
	243
	244	it('Should succeed with the correct parameters (basic)', async function () {
89d241a7	245	const fields: AbuseCreate = { video: { id: server.store.video.shortUUID }, reason: 'my super reason' }
57f6896f	246
2d53be02 RK	247	const res = await makePostBodyRequest({
	248	url: server.url,
	249	path,
0c1a77e9	250	token: userToken,
2d53be02 RK	251	fields,
	252	statusCodeExpected: HttpStatusCode.OK_200
	253	})
57f6896f C	254	abuseId = res.body.abuse.id
	255	})
	256
	257	it('Should fail with a wrong predefined reason', async function () {
89d241a7	258	const fields = { video: { id: server.store.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
57f6896f	259
0c1a77e9	260	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	261	})
	262
	263	it('Should fail with negative timestamps', async function () {
89d241a7	264	const fields = { video: { id: server.store.video.id, startAt: -1 }, reason: 'my super reason' }
57f6896f	265
0c1a77e9	266	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	267	})
	268
	269	it('Should fail mith misordered startAt/endAt', async function () {
89d241a7	270	const fields = { video: { id: server.store.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
57f6896f	271
0c1a77e9	272	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	273	})
	274
	275	it('Should succeed with the corret parameters (advanced)', async function () {
	276	const fields: AbuseCreate = {
	277	video: {
89d241a7	278	id: server.store.video.id,
57f6896f C	279	startAt: 1,
	280	endAt: 5
	281	},
	282	reason: 'my super reason',
	283	predefinedReasons: [ 'serverRules' ]
	284	}
	285
0c1a77e9	286	await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
57f6896f C	287	})
	288	})
	289
	290	describe('When updating an abuse', function () {
	291
	292	it('Should fail with a non authenticated user', async function () {
0c1a77e9	293	await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	294	})
	295
	296	it('Should fail with a non admin user', async function () {
0c1a77e9	297	await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
57f6896f C	298	})
	299
	300	it('Should fail with a bad abuse id', async function () {
0c1a77e9	301	await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
57f6896f C	302	})
	303
	304	it('Should fail with a bad state', async function () {
	305	const body = { state: 5 }
0c1a77e9	306	await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
57f6896f C	307	})
	308
	309	it('Should fail with a bad moderation comment', async function () {
	310	const body = { moderationComment: 'b'.repeat(3001) }
0c1a77e9	311	await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
57f6896f C	312	})
	313
	314	it('Should succeed with the correct params', async function () {
	315	const body = { state: AbuseState.ACCEPTED }
0c1a77e9	316	await command.update({ abuseId, body })
57f6896f C	317	})
	318	})
	319
edbc9325 C	320	describe('When creating an abuse message', function () {
	321	const message = 'my super message'
	322
	323	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	324	await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	325	})
	326
	327	it('Should fail with a non authenticated user', async function () {
0c1a77e9	328	await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	329	})
	330
	331	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	332	await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	333	})
	334
	335	it('Should fail with an invalid message', async function () {
0c1a77e9	336	await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
edbc9325 C	337	})
	338
	339	it('Should suceed with the correct params', async function () {
0c1a77e9	340	const res = await command.addMessage({ token: userToken, abuseId, message })
edbc9325 C	341	messageId = res.body.abuseMessage.id
	342	})
	343	})
	344
94148c90	345	describe('When listing abuse messages', function () {
edbc9325 C	346
edbc9325 C	347	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	348	await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	349	})
	350
	351	it('Should fail with a non authenticated user', async function () {
0c1a77e9	352	await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	353	})
	354
	355	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	356	await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	357	})
	358
	359	it('Should succeed with the correct params', async function () {
0c1a77e9	360	await command.listMessages({ token: userToken, abuseId })
edbc9325 C	361	})
	362	})
	363
	364	describe('When deleting an abuse message', function () {
edbc9325	365	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	366	await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	367	})
	368
	369	it('Should fail with an invalid message id', async function () {
0c1a77e9	370	await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	371	})
	372
	373	it('Should fail with a non authenticated user', async function () {
0c1a77e9	374	await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	375	})
	376
	377	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	378	await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	379	})
	380
	381	it('Should succeed with the correct params', async function () {
0c1a77e9	382	await command.deleteMessage({ token: userToken, abuseId, messageId })
edbc9325 C	383	})
	384	})
	385
57f6896f C	386	describe('When deleting a video abuse', function () {
	387
	388	it('Should fail with a non authenticated user', async function () {
0c1a77e9	389	await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	390	})
	391
	392	it('Should fail with a non admin user', async function () {
0c1a77e9	393	await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
57f6896f C	394	})
	395
	396	it('Should fail with a bad abuse id', async function () {
0c1a77e9	397	await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
57f6896f C	398	})
	399
	400	it('Should succeed with the correct params', async function () {
0c1a77e9	401	await command.delete({ abuseId })
57f6896f C	402	})
	403	})
	404
94148c90 C	405	describe('When trying to manage messages of a remote abuse', function () {
94148c90 C	406	let remoteAbuseId: number
254d3579	407	let anotherServer: PeerTubeServer
94148c90 C	408
94148c90 C	409	before(async function () {
55a5b0fd	410	this.timeout(50000)
94148c90	411
254d3579	412	anotherServer = await createSingleServer(2)
94148c90 C	413	await setAccessTokensToServers([ anotherServer ])
	414
	415	await doubleFollow(anotherServer, server)
	416
89d241a7 C	417	const server2VideoId = await anotherServer.videos.getId({ uuid: server.store.video.uuid })
89d241a7 C	418	await anotherServer.abuses.report({ reason: 'remote server', videoId: server2VideoId })
94148c90 C	419
	420	await waitJobs([ server, anotherServer ])
	421
0c1a77e9 C	422	const body = await command.getAdminList({ sort: '-createdAt' })
0c1a77e9 C	423	remoteAbuseId = body.data[0].id
94148c90 C	424	})
	425
	426	it('Should fail when listing abuse messages of a remote abuse', async function () {
0c1a77e9	427	await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
94148c90 C	428	})
	429
	430	it('Should fail when creating abuse message of a remote abuse', async function () {
0c1a77e9	431	await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
94148c90	432	})
a02b93ce C	433
	434	after(async function () {
	435	await cleanupTests([ anotherServer ])
	436	})
94148c90 C	437	})
94148c90 C	438
57f6896f C	439	after(async function () {
	440	await cleanupTests([ server ])
	441	})
	442	})