[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / abuses.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import {
  AbusesCommand,
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination,
  cleanupTests,
  createSingleServer,
  doubleFollow,
  makeGetRequest,
  makePostBodyRequest,
  PeerTubeServer,
  setAccessTokensToServers,
  waitJobs
} from '@shared/server-commands'
import { AbuseCreate, AbuseState, HttpStatusCode } from '@shared/models'

describe('Test abuses API validators', function () {
  const basePath = '/api/v1/abuses/'

  let server: PeerTubeServer

  let userToken = ''
  let userToken2 = ''
  let abuseId: number
  let messageId: number

  let command: AbusesCommand

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await createSingleServer(1)

    await setAccessTokensToServers([ server ])

    userToken = await server.users.generateUserAndToken('user_1')
    userToken2 = await server.users.generateUserAndToken('user_2')

    server.store.videoCreated = await server.videos.upload()

    command = server.abuses
  })

  describe('When listing abuses for admins', function () {
    const path = basePath

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, server.accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a non admin user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: userToken,
        expectedStatus: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
    })

    it('Should fail with bad predefined reason', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
    })

    it('Should fail with a bad videoIs filter', async function () {
      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        predefinedReason: 'violentOrRepulsive',
        filter: 'comment',
        state: 2,
        videoIs: 'deleted'
      }

      await makeGetRequest({ url: server.url, path, token: server.accessToken, query, expectedStatus: HttpStatusCode.OK_200 })
    })
  })

  describe('When listing abuses for users', function () {
    const path = '/api/v1/users/me/abuses'

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, userToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, userToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, userToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a bad id filter', async function () {
      await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
    })

    it('Should fail with a bad state filter', async function () {
      await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
      await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
    })

    it('Should succeed with the correct params', async function () {
      const query = {
        id: 13,
        state: 2
      }

      await makeGetRequest({ url: server.url, path, token: userToken, query, expectedStatus: HttpStatusCode.OK_200 })
    })
  })

  describe('When reporting an abuse', function () {
    const path = basePath

    it('Should fail with nothing', async function () {
      const fields = {}
      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown video', async function () {
      const fields = { video: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        expectedStatus: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a wrong comment', async function () {
      const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown comment', async function () {
      const fields = { comment: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        expectedStatus: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a wrong account', async function () {
      const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
      await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
    })

    it('Should fail with an unknown account', async function () {
      const fields = { account: { id: 42 }, reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        expectedStatus: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with not account, comment or video', async function () {
      const fields = { reason: 'my super reason' }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        expectedStatus: HttpStatusCode.BAD_REQUEST_400
      })
    })

    it('Should fail with a non authenticated user', async function () {
      const fields = { video: { id: server.store.videoCreated.id }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a reason too short', async function () {
      const fields = { video: { id: server.store.videoCreated.id }, reason: 'h' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with a too big reason', async function () {
      const fields = { video: { id: server.store.videoCreated.id }, reason: 'super'.repeat(605) }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should succeed with the correct parameters (basic)', async function () {
      const fields: AbuseCreate = { video: { id: server.store.videoCreated.shortUUID }, reason: 'my super reason' }

      const res = await makePostBodyRequest({
        url: server.url,
        path,
        token: userToken,
        fields,
        expectedStatus: HttpStatusCode.OK_200
      })
      abuseId = res.body.abuse.id
    })

    it('Should fail with a wrong predefined reason', async function () {
      const fields = { video: server.store.videoCreated, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail with negative timestamps', async function () {
      const fields = { video: { id: server.store.videoCreated.id, startAt: -1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should fail mith misordered startAt/endAt', async function () {
      const fields = { video: { id: server.store.videoCreated.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
    })

    it('Should succeed with the corret parameters (advanced)', async function () {
      const fields: AbuseCreate = {
        video: {
          id: server.store.videoCreated.id,
          startAt: 1,
          endAt: 5
        },
        reason: 'my super reason',
        predefinedReasons: [ 'serverRules' ]
      }

      await makePostBodyRequest({ url: server.url, path, token: userToken, fields, expectedStatus: HttpStatusCode.OK_200 })
    })
  })

  describe('When updating an abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad abuse id', async function () {
      await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a bad state', async function () {
      const body = { state: 5 }
      await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail with a bad moderation comment', async function () {
      const body = { moderationComment: 'b'.repeat(3001) }
      await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should succeed with the correct params', async function () {
      const body = { state: AbuseState.ACCEPTED }
      await command.update({ abuseId, body })
    })
  })

  describe('When creating an abuse message', function () {
    const message = 'my super message'

    it('Should fail with an invalid abuse id', async function () {
      await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with an invalid message', async function () {
      await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should suceed with the correct params', async function () {
      const res = await command.addMessage({ token: userToken, abuseId, message })
      messageId = res.body.abuseMessage.id
    })
  })

  describe('When listing abuse messages', function () {

    it('Should fail with an invalid abuse id', async function () {
      await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should succeed with the correct params', async function () {
      await command.listMessages({ token: userToken, abuseId })
    })
  })

  describe('When deleting an abuse message', function () {
    it('Should fail with an invalid abuse id', async function () {
      await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with an invalid message id', async function () {
      await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with a non authenticated user', async function () {
      await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with an invalid logged in user', async function () {
      await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should succeed with the correct params', async function () {
      await command.deleteMessage({ token: userToken, abuseId, messageId })
    })
  })

  describe('When deleting a video abuse', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad abuse id', async function () {
      await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should succeed with the correct params', async function () {
      await command.delete({ abuseId })
    })
  })

  describe('When trying to manage messages of a remote abuse', function () {
    let remoteAbuseId: number
    let anotherServer: PeerTubeServer

    before(async function () {
      this.timeout(50000)

      anotherServer = await createSingleServer(2)
      await setAccessTokensToServers([ anotherServer ])

      await doubleFollow(anotherServer, server)

      const server2VideoId = await anotherServer.videos.getId({ uuid: server.store.videoCreated.uuid })
      await anotherServer.abuses.report({ reason: 'remote server', videoId: server2VideoId })

      await waitJobs([ server, anotherServer ])

      const body = await command.getAdminList({ sort: '-createdAt' })
      remoteAbuseId = body.data[0].id
    })

    it('Should fail when listing abuse messages of a remote abuse', async function () {
      await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail when creating abuse message of a remote abuse', async function () {
      await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    after(async function () {
      await cleanupTests([ anotherServer ])
    })
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
57f6896f C	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import 'mocha'
57f6896f	4	import {
0c1a77e9 C	5	AbusesCommand,
	6	checkBadCountPagination,
	7	checkBadSortPagination,
	8	checkBadStartPagination,
57f6896f	9	cleanupTests,
254d3579	10	createSingleServer,
4c7e60bc	11	doubleFollow,
57f6896f C	12	makeGetRequest,
57f6896f C	13	makePostBodyRequest,
254d3579	14	PeerTubeServer,
57f6896f	15	setAccessTokensToServers,
94148c90	16	waitJobs
bf54587a	17	} from '@shared/server-commands'
4c7e60bc	18	import { AbuseCreate, AbuseState, HttpStatusCode } from '@shared/models'
57f6896f	19
310b5219	20	describe('Test abuses API validators', function () {
57f6896f C	21	const basePath = '/api/v1/abuses/'
57f6896f C	22
254d3579	23	let server: PeerTubeServer
94148c90	24
0c1a77e9 C	25	let userToken = ''
0c1a77e9 C	26	let userToken2 = ''
57f6896f	27	let abuseId: number
edbc9325	28	let messageId: number
57f6896f	29
0c1a77e9 C	30	let command: AbusesCommand
0c1a77e9 C	31
57f6896f C	32	// ---------------------------------------------------------------
	33
	34	before(async function () {
	35	this.timeout(30000)
	36
254d3579	37	server = await createSingleServer(1)
57f6896f C	38
	39	await setAccessTokensToServers([ server ])
	40
89d241a7 C	41	userToken = await server.users.generateUserAndToken('user_1')
89d241a7 C	42	userToken2 = await server.users.generateUserAndToken('user_2')
edbc9325	43
83903cb6	44	server.store.videoCreated = await server.videos.upload()
0c1a77e9	45
89d241a7	46	command = server.abuses
57f6896f C	47	})
57f6896f C	48
edbc9325	49	describe('When listing abuses for admins', function () {
57f6896f C	50	const path = basePath
	51
	52	it('Should fail with a bad start pagination', async function () {
	53	await checkBadStartPagination(server.url, path, server.accessToken)
	54	})
	55
	56	it('Should fail with a bad count pagination', async function () {
	57	await checkBadCountPagination(server.url, path, server.accessToken)
	58	})
	59
	60	it('Should fail with an incorrect sort', async function () {
	61	await checkBadSortPagination(server.url, path, server.accessToken)
	62	})
	63
	64	it('Should fail with a non authenticated user', async function () {
	65	await makeGetRequest({
	66	url: server.url,
	67	path,
c0e8b12e	68	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
57f6896f C	69	})
	70	})
	71
	72	it('Should fail with a non admin user', async function () {
	73	await makeGetRequest({
	74	url: server.url,
	75	path,
0c1a77e9	76	token: userToken,
c0e8b12e	77	expectedStatus: HttpStatusCode.FORBIDDEN_403
57f6896f C	78	})
	79	})
	80
	81	it('Should fail with a bad id filter', async function () {
	82	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
	83	})
	84
	85	it('Should fail with a bad filter', async function () {
	86	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
	87	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
	88	})
	89
	90	it('Should fail with bad predefined reason', async function () {
	91	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
	92	})
	93
	94	it('Should fail with a bad state filter', async function () {
	95	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
	96	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
	97	})
	98
	99	it('Should fail with a bad videoIs filter', async function () {
	100	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
	101	})
	102
	103	it('Should succeed with the correct params', async function () {
	104	const query = {
	105	id: 13,
	106	predefinedReason: 'violentOrRepulsive',
	107	filter: 'comment',
	108	state: 2,
	109	videoIs: 'deleted'
	110	}
	111
c0e8b12e	112	await makeGetRequest({ url: server.url, path, token: server.accessToken, query, expectedStatus: HttpStatusCode.OK_200 })
57f6896f C	113	})
	114	})
	115
edbc9325 C	116	describe('When listing abuses for users', function () {
	117	const path = '/api/v1/users/me/abuses'
	118
	119	it('Should fail with a bad start pagination', async function () {
0c1a77e9	120	await checkBadStartPagination(server.url, path, userToken)
edbc9325 C	121	})
	122
	123	it('Should fail with a bad count pagination', async function () {
0c1a77e9	124	await checkBadCountPagination(server.url, path, userToken)
edbc9325 C	125	})
	126
	127	it('Should fail with an incorrect sort', async function () {
0c1a77e9	128	await checkBadSortPagination(server.url, path, userToken)
edbc9325 C	129	})
	130
	131	it('Should fail with a non authenticated user', async function () {
	132	await makeGetRequest({
	133	url: server.url,
	134	path,
c0e8b12e	135	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
edbc9325 C	136	})
	137	})
	138
	139	it('Should fail with a bad id filter', async function () {
0c1a77e9	140	await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
edbc9325 C	141	})
	142
	143	it('Should fail with a bad state filter', async function () {
0c1a77e9 C	144	await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
0c1a77e9 C	145	await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
edbc9325 C	146	})
	147
	148	it('Should succeed with the correct params', async function () {
	149	const query = {
	150	id: 13,
	151	state: 2
	152	}
	153
c0e8b12e	154	await makeGetRequest({ url: server.url, path, token: userToken, query, expectedStatus: HttpStatusCode.OK_200 })
edbc9325 C	155	})
	156	})
	157
57f6896f C	158	describe('When reporting an abuse', function () {
	159	const path = basePath
	160
	161	it('Should fail with nothing', async function () {
	162	const fields = {}
0c1a77e9	163	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	164	})
	165
	166	it('Should fail with a wrong video', async function () {
	167	const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	168	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	169	})
	170
	171	it('Should fail with an unknown video', async function () {
	172	const fields = { video: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	173	await makePostBodyRequest({
	174	url: server.url,
	175	path,
0c1a77e9	176	token: userToken,
2d53be02	177	fields,
c0e8b12e	178	expectedStatus: HttpStatusCode.NOT_FOUND_404
2d53be02	179	})
57f6896f C	180	})
	181
	182	it('Should fail with a wrong comment', async function () {
	183	const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	184	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	185	})
	186
	187	it('Should fail with an unknown comment', async function () {
	188	const fields = { comment: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	189	await makePostBodyRequest({
	190	url: server.url,
	191	path,
0c1a77e9	192	token: userToken,
2d53be02	193	fields,
c0e8b12e	194	expectedStatus: HttpStatusCode.NOT_FOUND_404
2d53be02	195	})
57f6896f C	196	})
	197
	198	it('Should fail with a wrong account', async function () {
	199	const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
0c1a77e9	200	await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
57f6896f C	201	})
	202
	203	it('Should fail with an unknown account', async function () {
	204	const fields = { account: { id: 42 }, reason: 'my super reason' }
2d53be02 RK	205	await makePostBodyRequest({
	206	url: server.url,
	207	path,
0c1a77e9	208	token: userToken,
2d53be02	209	fields,
c0e8b12e	210	expectedStatus: HttpStatusCode.NOT_FOUND_404
2d53be02	211	})
57f6896f C	212	})
	213
	214	it('Should fail with not account, comment or video', async function () {
	215	const fields = { reason: 'my super reason' }
2d53be02 RK	216	await makePostBodyRequest({
	217	url: server.url,
	218	path,
0c1a77e9	219	token: userToken,
2d53be02	220	fields,
c0e8b12e	221	expectedStatus: HttpStatusCode.BAD_REQUEST_400
2d53be02	222	})
57f6896f C	223	})
	224
	225	it('Should fail with a non authenticated user', async function () {
83903cb6	226	const fields = { video: { id: server.store.videoCreated.id }, reason: 'my super reason' }
57f6896f	227
c0e8b12e	228	await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	229	})
	230
	231	it('Should fail with a reason too short', async function () {
83903cb6	232	const fields = { video: { id: server.store.videoCreated.id }, reason: 'h' }
57f6896f	233
0c1a77e9	234	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	235	})
	236
	237	it('Should fail with a too big reason', async function () {
83903cb6	238	const fields = { video: { id: server.store.videoCreated.id }, reason: 'super'.repeat(605) }
57f6896f	239
0c1a77e9	240	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	241	})
	242
	243	it('Should succeed with the correct parameters (basic)', async function () {
83903cb6	244	const fields: AbuseCreate = { video: { id: server.store.videoCreated.shortUUID }, reason: 'my super reason' }
57f6896f	245
2d53be02 RK	246	const res = await makePostBodyRequest({
	247	url: server.url,
	248	path,
0c1a77e9	249	token: userToken,
2d53be02	250	fields,
c0e8b12e	251	expectedStatus: HttpStatusCode.OK_200
2d53be02	252	})
57f6896f C	253	abuseId = res.body.abuse.id
	254	})
	255
	256	it('Should fail with a wrong predefined reason', async function () {
83903cb6	257	const fields = { video: server.store.videoCreated, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
57f6896f	258
0c1a77e9	259	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	260	})
	261
	262	it('Should fail with negative timestamps', async function () {
83903cb6	263	const fields = { video: { id: server.store.videoCreated.id, startAt: -1 }, reason: 'my super reason' }
57f6896f	264
0c1a77e9	265	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	266	})
	267
	268	it('Should fail mith misordered startAt/endAt', async function () {
83903cb6	269	const fields = { video: { id: server.store.videoCreated.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
57f6896f	270
0c1a77e9	271	await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
57f6896f C	272	})
	273
	274	it('Should succeed with the corret parameters (advanced)', async function () {
	275	const fields: AbuseCreate = {
	276	video: {
83903cb6	277	id: server.store.videoCreated.id,
57f6896f C	278	startAt: 1,
	279	endAt: 5
	280	},
	281	reason: 'my super reason',
	282	predefinedReasons: [ 'serverRules' ]
	283	}
	284
c0e8b12e	285	await makePostBodyRequest({ url: server.url, path, token: userToken, fields, expectedStatus: HttpStatusCode.OK_200 })
57f6896f C	286	})
	287	})
	288
	289	describe('When updating an abuse', function () {
	290
	291	it('Should fail with a non authenticated user', async function () {
0c1a77e9	292	await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	293	})
	294
	295	it('Should fail with a non admin user', async function () {
0c1a77e9	296	await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
57f6896f C	297	})
	298
	299	it('Should fail with a bad abuse id', async function () {
0c1a77e9	300	await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
57f6896f C	301	})
	302
	303	it('Should fail with a bad state', async function () {
	304	const body = { state: 5 }
0c1a77e9	305	await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
57f6896f C	306	})
	307
	308	it('Should fail with a bad moderation comment', async function () {
	309	const body = { moderationComment: 'b'.repeat(3001) }
0c1a77e9	310	await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
57f6896f C	311	})
	312
	313	it('Should succeed with the correct params', async function () {
	314	const body = { state: AbuseState.ACCEPTED }
0c1a77e9	315	await command.update({ abuseId, body })
57f6896f C	316	})
	317	})
	318
edbc9325 C	319	describe('When creating an abuse message', function () {
	320	const message = 'my super message'
	321
	322	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	323	await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	324	})
	325
	326	it('Should fail with a non authenticated user', async function () {
0c1a77e9	327	await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	328	})
	329
	330	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	331	await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	332	})
	333
	334	it('Should fail with an invalid message', async function () {
0c1a77e9	335	await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
edbc9325 C	336	})
	337
	338	it('Should suceed with the correct params', async function () {
0c1a77e9	339	const res = await command.addMessage({ token: userToken, abuseId, message })
edbc9325 C	340	messageId = res.body.abuseMessage.id
	341	})
	342	})
	343
94148c90	344	describe('When listing abuse messages', function () {
edbc9325 C	345
edbc9325 C	346	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	347	await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	348	})
	349
	350	it('Should fail with a non authenticated user', async function () {
0c1a77e9	351	await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	352	})
	353
	354	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	355	await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	356	})
	357
	358	it('Should succeed with the correct params', async function () {
0c1a77e9	359	await command.listMessages({ token: userToken, abuseId })
edbc9325 C	360	})
	361	})
	362
	363	describe('When deleting an abuse message', function () {
edbc9325	364	it('Should fail with an invalid abuse id', async function () {
0c1a77e9	365	await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	366	})
	367
	368	it('Should fail with an invalid message id', async function () {
0c1a77e9	369	await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
edbc9325 C	370	})
	371
	372	it('Should fail with a non authenticated user', async function () {
0c1a77e9	373	await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
edbc9325 C	374	})
	375
	376	it('Should fail with an invalid logged in user', async function () {
0c1a77e9	377	await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
edbc9325 C	378	})
	379
	380	it('Should succeed with the correct params', async function () {
0c1a77e9	381	await command.deleteMessage({ token: userToken, abuseId, messageId })
edbc9325 C	382	})
	383	})
	384
57f6896f C	385	describe('When deleting a video abuse', function () {
	386
	387	it('Should fail with a non authenticated user', async function () {
0c1a77e9	388	await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
57f6896f C	389	})
	390
	391	it('Should fail with a non admin user', async function () {
0c1a77e9	392	await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
57f6896f C	393	})
	394
	395	it('Should fail with a bad abuse id', async function () {
0c1a77e9	396	await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
57f6896f C	397	})
	398
	399	it('Should succeed with the correct params', async function () {
0c1a77e9	400	await command.delete({ abuseId })
57f6896f C	401	})
	402	})
	403
94148c90 C	404	describe('When trying to manage messages of a remote abuse', function () {
94148c90 C	405	let remoteAbuseId: number
254d3579	406	let anotherServer: PeerTubeServer
94148c90 C	407
94148c90 C	408	before(async function () {
55a5b0fd	409	this.timeout(50000)
94148c90	410
254d3579	411	anotherServer = await createSingleServer(2)
94148c90 C	412	await setAccessTokensToServers([ anotherServer ])
	413
	414	await doubleFollow(anotherServer, server)
	415
83903cb6	416	const server2VideoId = await anotherServer.videos.getId({ uuid: server.store.videoCreated.uuid })
89d241a7	417	await anotherServer.abuses.report({ reason: 'remote server', videoId: server2VideoId })
94148c90 C	418
	419	await waitJobs([ server, anotherServer ])
	420
0c1a77e9 C	421	const body = await command.getAdminList({ sort: '-createdAt' })
0c1a77e9 C	422	remoteAbuseId = body.data[0].id
94148c90 C	423	})
	424
	425	it('Should fail when listing abuse messages of a remote abuse', async function () {
0c1a77e9	426	await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
94148c90 C	427	})
	428
	429	it('Should fail when creating abuse message of a remote abuse', async function () {
0c1a77e9	430	await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
94148c90	431	})
a02b93ce C	432
	433	after(async function () {
	434	await cleanupTests([ anotherServer ])
	435	})
94148c90 C	436	})
94148c90 C	437
57f6896f C	438	after(async function () {
	439	await cleanupTests([ server ])
	440	})
	441	})