[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / blocklist.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
import { HttpStatusCode } from '@shared/models'
import {
  cleanupTests,
  createMultipleServers,
  doubleFollow,
  makeDeleteRequest,
  makeGetRequest,
  makePostBodyRequest,
  PeerTubeServer,
  setAccessTokensToServers
} from '@shared/server-commands'

describe('Test blocklist API validators', function () {
  let servers: PeerTubeServer[]
  let server: PeerTubeServer
  let userAccessToken: string

  before(async function () {
    this.timeout(60000)

    servers = await createMultipleServers(2)
    await setAccessTokensToServers(servers)

    server = servers[0]

    const user = { username: 'user1', password: 'password' }
    await server.users.create({ username: user.username, password: user.password })

    userAccessToken = await server.login.getAccessToken(user)

    await doubleFollow(servers[0], servers[1])
  })

  // ---------------------------------------------------------------

  describe('When managing user blocklist', function () {

    describe('When managing user accounts blocklist', function () {
      const path = '/api/v1/users/me/blocklist/accounts'

      describe('When listing blocked accounts', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeGetRequest({
            url: server.url,
            path,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a bad start pagination', async function () {
          await checkBadStartPagination(server.url, path, server.accessToken)
        })

        it('Should fail with a bad count pagination', async function () {
          await checkBadCountPagination(server.url, path, server.accessToken)
        })

        it('Should fail with an incorrect sort', async function () {
          await checkBadSortPagination(server.url, path, server.accessToken)
        })
      })

      describe('When blocking an account', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makePostBodyRequest({
            url: server.url,
            path,
            fields: { accountName: 'user1' },
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with an unknown account', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'user2' },
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should fail to block ourselves', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'root' },
            expectedStatus: HttpStatusCode.CONFLICT_409
          })
        })

        it('Should succeed with the correct params', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'user1' },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })

      describe('When unblocking an account', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user1',
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with an unknown account block', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user2',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should succeed with the correct params', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user1',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })
    })

    describe('When managing user servers blocklist', function () {
      const path = '/api/v1/users/me/blocklist/servers'

      describe('When listing blocked servers', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeGetRequest({
            url: server.url,
            path,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a bad start pagination', async function () {
          await checkBadStartPagination(server.url, path, server.accessToken)
        })

        it('Should fail with a bad count pagination', async function () {
          await checkBadCountPagination(server.url, path, server.accessToken)
        })

        it('Should fail with an incorrect sort', async function () {
          await checkBadSortPagination(server.url, path, server.accessToken)
        })
      })

      describe('When blocking a server', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makePostBodyRequest({
            url: server.url,
            path,
            fields: { host: '127.0.0.1:9002' },
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should succeed with an unknown server', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: '127.0.0.1:9003' },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })

        it('Should fail with our own server', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: server.host },
            expectedStatus: HttpStatusCode.CONFLICT_409
          })
        })

        it('Should succeed with the correct params', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: servers[1].host },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })

      describe('When unblocking a server', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/' + servers[1].host,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with an unknown server block', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/127.0.0.1:9004',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should succeed with the correct params', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/' + servers[1].host,
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })
    })
  })

  describe('When managing server blocklist', function () {

    describe('When managing server accounts blocklist', function () {
      const path = '/api/v1/server/blocklist/accounts'

      describe('When listing blocked accounts', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeGetRequest({
            url: server.url,
            path,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makeGetRequest({
            url: server.url,
            token: userAccessToken,
            path,
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should fail with a bad start pagination', async function () {
          await checkBadStartPagination(server.url, path, server.accessToken)
        })

        it('Should fail with a bad count pagination', async function () {
          await checkBadCountPagination(server.url, path, server.accessToken)
        })

        it('Should fail with an incorrect sort', async function () {
          await checkBadSortPagination(server.url, path, server.accessToken)
        })
      })

      describe('When blocking an account', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makePostBodyRequest({
            url: server.url,
            path,
            fields: { accountName: 'user1' },
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: userAccessToken,
            path,
            fields: { accountName: 'user1' },
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should fail with an unknown account', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'user2' },
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should fail to block ourselves', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'root' },
            expectedStatus: HttpStatusCode.CONFLICT_409
          })
        })

        it('Should succeed with the correct params', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'user1' },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })

      describe('When unblocking an account', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user1',
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user1',
            token: userAccessToken,
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should fail with an unknown account block', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user2',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should succeed with the correct params', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user1',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })
    })

    describe('When managing server servers blocklist', function () {
      const path = '/api/v1/server/blocklist/servers'

      describe('When listing blocked servers', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeGetRequest({
            url: server.url,
            path,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makeGetRequest({
            url: server.url,
            token: userAccessToken,
            path,
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should fail with a bad start pagination', async function () {
          await checkBadStartPagination(server.url, path, server.accessToken)
        })

        it('Should fail with a bad count pagination', async function () {
          await checkBadCountPagination(server.url, path, server.accessToken)
        })

        it('Should fail with an incorrect sort', async function () {
          await checkBadSortPagination(server.url, path, server.accessToken)
        })
      })

      describe('When blocking a server', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makePostBodyRequest({
            url: server.url,
            path,
            fields: { host: servers[1].host },
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: userAccessToken,
            path,
            fields: { host: servers[1].host },
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should succeed with an unknown server', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: '127.0.0.1:9003' },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })

        it('Should fail with our own server', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: server.host },
            expectedStatus: HttpStatusCode.CONFLICT_409
          })
        })

        it('Should succeed with the correct params', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: servers[1].host },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })

      describe('When unblocking a server', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/' + servers[1].host,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/' + servers[1].host,
            token: userAccessToken,
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should fail with an unknown server block', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/127.0.0.1:9004',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should succeed with the correct params', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/' + servers[1].host,
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })
    })
  })

  describe('When getting blocklist status', function () {
    const path = '/api/v1/blocklist/status'

    it('Should fail with a bad token', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: 'false',
        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a bad accounts field', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        query: {
          accounts: 1
        },
        expectedStatus: HttpStatusCode.BAD_REQUEST_400
      })

      await makeGetRequest({
        url: server.url,
        path,
        query: {
          accounts: [ 1 ]
        },
        expectedStatus: HttpStatusCode.BAD_REQUEST_400
      })
    })

    it('Should fail with a bad hosts field', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        query: {
          hosts: 1
        },
        expectedStatus: HttpStatusCode.BAD_REQUEST_400
      })

      await makeGetRequest({
        url: server.url,
        path,
        query: {
          hosts: [ 1 ]
        },
        expectedStatus: HttpStatusCode.BAD_REQUEST_400
      })
    })

    it('Should succeed with the correct parameters', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        query: {},
        expectedStatus: HttpStatusCode.OK_200
      })

      await makeGetRequest({
        url: server.url,
        path,
        query: {
          hosts: [ 'example.com' ],
          accounts: [ 'john@example.com' ]
        },
        expectedStatus: HttpStatusCode.OK_200
      })
    })
  })

  after(async function () {
    await cleanupTests(servers)
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
7ad9b984	2
c55e3d72 C	3	import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
c55e3d72 C	4	import { HttpStatusCode } from '@shared/models'
7ad9b984	5	import {
86ebdf8c	6	cleanupTests,
254d3579	7	createMultipleServers,
c0e8b12e	8	doubleFollow,
7ad9b984 C	9	makeDeleteRequest,
	10	makeGetRequest,
	11	makePostBodyRequest,
254d3579	12	PeerTubeServer,
41d1d075	13	setAccessTokensToServers
bf54587a	14	} from '@shared/server-commands'
7ad9b984 C	15
7ad9b984 C	16	describe('Test blocklist API validators', function () {
254d3579 C	17	let servers: PeerTubeServer[]
254d3579 C	18	let server: PeerTubeServer
b44164bb	19	let userAccessToken: string
7ad9b984 C	20
	21	before(async function () {
	22	this.timeout(60000)
	23
254d3579	24	servers = await createMultipleServers(2)
7ad9b984 C	25	await setAccessTokensToServers(servers)
	26
	27	server = servers[0]
	28
	29	const user = { username: 'user1', password: 'password' }
89d241a7	30	await server.users.create({ username: user.username, password: user.password })
7ad9b984	31
89d241a7	32	userAccessToken = await server.login.getAccessToken(user)
b44164bb	33
7ad9b984 C	34	await doubleFollow(servers[0], servers[1])
	35	})
	36
	37	// ---------------------------------------------------------------
	38
	39	describe('When managing user blocklist', function () {
7ad9b984 C	40
7ad9b984 C	41	describe('When managing user accounts blocklist', function () {
b44164bb	42	const path = '/api/v1/users/me/blocklist/accounts'
7ad9b984 C	43
	44	describe('When listing blocked accounts', function () {
	45	it('Should fail with an unauthenticated user', async function () {
	46	await makeGetRequest({
	47	url: server.url,
	48	path,
c0e8b12e	49	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	50	})
	51	})
	52
	53	it('Should fail with a bad start pagination', async function () {
	54	await checkBadStartPagination(server.url, path, server.accessToken)
	55	})
	56
	57	it('Should fail with a bad count pagination', async function () {
	58	await checkBadCountPagination(server.url, path, server.accessToken)
	59	})
	60
	61	it('Should fail with an incorrect sort', async function () {
	62	await checkBadSortPagination(server.url, path, server.accessToken)
	63	})
	64	})
	65
	66	describe('When blocking an account', function () {
	67	it('Should fail with an unauthenticated user', async function () {
	68	await makePostBodyRequest({
	69	url: server.url,
	70	path,
	71	fields: { accountName: 'user1' },
c0e8b12e	72	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	73	})
	74	})
	75
	76	it('Should fail with an unknown account', async function () {
	77	await makePostBodyRequest({
	78	url: server.url,
	79	token: server.accessToken,
	80	path,
	81	fields: { accountName: 'user2' },
c0e8b12e	82	expectedStatus: HttpStatusCode.NOT_FOUND_404
7ad9b984 C	83	})
	84	})
	85
af5767ff C	86	it('Should fail to block ourselves', async function () {
	87	await makePostBodyRequest({
	88	url: server.url,
	89	token: server.accessToken,
	90	path,
	91	fields: { accountName: 'root' },
c0e8b12e	92	expectedStatus: HttpStatusCode.CONFLICT_409
af5767ff C	93	})
	94	})
	95
7ad9b984 C	96	it('Should succeed with the correct params', async function () {
	97	await makePostBodyRequest({
	98	url: server.url,
	99	token: server.accessToken,
	100	path,
	101	fields: { accountName: 'user1' },
c0e8b12e	102	expectedStatus: HttpStatusCode.NO_CONTENT_204
7ad9b984 C	103	})
	104	})
	105	})
	106
	107	describe('When unblocking an account', function () {
	108	it('Should fail with an unauthenticated user', async function () {
	109	await makeDeleteRequest({
	110	url: server.url,
	111	path: path + '/user1',
c0e8b12e	112	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	113	})
	114	})
	115
	116	it('Should fail with an unknown account block', async function () {
	117	await makeDeleteRequest({
	118	url: server.url,
	119	path: path + '/user2',
	120	token: server.accessToken,
c0e8b12e	121	expectedStatus: HttpStatusCode.NOT_FOUND_404
7ad9b984 C	122	})
	123	})
	124
	125	it('Should succeed with the correct params', async function () {
	126	await makeDeleteRequest({
	127	url: server.url,
	128	path: path + '/user1',
	129	token: server.accessToken,
c0e8b12e	130	expectedStatus: HttpStatusCode.NO_CONTENT_204
7ad9b984 C	131	})
	132	})
	133	})
	134	})
	135
	136	describe('When managing user servers blocklist', function () {
	137	const path = '/api/v1/users/me/blocklist/servers'
	138
	139	describe('When listing blocked servers', function () {
	140	it('Should fail with an unauthenticated user', async function () {
	141	await makeGetRequest({
	142	url: server.url,
	143	path,
c0e8b12e	144	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	145	})
	146	})
	147
	148	it('Should fail with a bad start pagination', async function () {
	149	await checkBadStartPagination(server.url, path, server.accessToken)
	150	})
	151
	152	it('Should fail with a bad count pagination', async function () {
	153	await checkBadCountPagination(server.url, path, server.accessToken)
	154	})
	155
	156	it('Should fail with an incorrect sort', async function () {
	157	await checkBadSortPagination(server.url, path, server.accessToken)
	158	})
	159	})
	160
	161	describe('When blocking a server', function () {
	162	it('Should fail with an unauthenticated user', async function () {
	163	await makePostBodyRequest({
	164	url: server.url,
	165	path,
2732eeff	166	fields: { host: '127.0.0.1:9002' },
c0e8b12e	167	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	168	})
	169	})
	170
bb152476	171	it('Should succeed with an unknown server', async function () {
7ad9b984 C	172	await makePostBodyRequest({
	173	url: server.url,
	174	token: server.accessToken,
	175	path,
2732eeff	176	fields: { host: '127.0.0.1:9003' },
c0e8b12e	177	expectedStatus: HttpStatusCode.NO_CONTENT_204
7ad9b984 C	178	})
	179	})
	180
af5767ff C	181	it('Should fail with our own server', async function () {
	182	await makePostBodyRequest({
	183	url: server.url,
	184	token: server.accessToken,
	185	path,
2732eeff	186	fields: { host: server.host },
c0e8b12e	187	expectedStatus: HttpStatusCode.CONFLICT_409
af5767ff C	188	})
	189	})
	190
7ad9b984 C	191	it('Should succeed with the correct params', async function () {
	192	await makePostBodyRequest({
	193	url: server.url,
	194	token: server.accessToken,
	195	path,
2732eeff	196	fields: { host: servers[1].host },
c0e8b12e	197	expectedStatus: HttpStatusCode.NO_CONTENT_204
7ad9b984 C	198	})
	199	})
	200	})
	201
	202	describe('When unblocking a server', function () {
	203	it('Should fail with an unauthenticated user', async function () {
	204	await makeDeleteRequest({
	205	url: server.url,
2732eeff	206	path: path + '/' + servers[1].host,
c0e8b12e	207	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	208	})
	209	})
	210
	211	it('Should fail with an unknown server block', async function () {
	212	await makeDeleteRequest({
	213	url: server.url,
2732eeff	214	path: path + '/127.0.0.1:9004',
7ad9b984	215	token: server.accessToken,
c0e8b12e	216	expectedStatus: HttpStatusCode.NOT_FOUND_404
7ad9b984 C	217	})
	218	})
	219
	220	it('Should succeed with the correct params', async function () {
	221	await makeDeleteRequest({
	222	url: server.url,
2732eeff	223	path: path + '/' + servers[1].host,
7ad9b984	224	token: server.accessToken,
c0e8b12e	225	expectedStatus: HttpStatusCode.NO_CONTENT_204
7ad9b984 C	226	})
	227	})
	228	})
	229	})
	230	})
	231
b44164bb C	232	describe('When managing server blocklist', function () {
	233
	234	describe('When managing server accounts blocklist', function () {
	235	const path = '/api/v1/server/blocklist/accounts'
	236
	237	describe('When listing blocked accounts', function () {
	238	it('Should fail with an unauthenticated user', async function () {
	239	await makeGetRequest({
	240	url: server.url,
	241	path,
c0e8b12e	242	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	243	})
	244	})
	245
	246	it('Should fail with a user without the appropriate rights', async function () {
	247	await makeGetRequest({
	248	url: server.url,
	249	token: userAccessToken,
	250	path,
c0e8b12e	251	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	252	})
	253	})
	254
	255	it('Should fail with a bad start pagination', async function () {
	256	await checkBadStartPagination(server.url, path, server.accessToken)
	257	})
	258
	259	it('Should fail with a bad count pagination', async function () {
	260	await checkBadCountPagination(server.url, path, server.accessToken)
	261	})
	262
	263	it('Should fail with an incorrect sort', async function () {
	264	await checkBadSortPagination(server.url, path, server.accessToken)
	265	})
	266	})
	267
	268	describe('When blocking an account', function () {
	269	it('Should fail with an unauthenticated user', async function () {
	270	await makePostBodyRequest({
	271	url: server.url,
	272	path,
	273	fields: { accountName: 'user1' },
c0e8b12e	274	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	275	})
	276	})
	277
	278	it('Should fail with a user without the appropriate rights', async function () {
	279	await makePostBodyRequest({
	280	url: server.url,
	281	token: userAccessToken,
	282	path,
	283	fields: { accountName: 'user1' },
c0e8b12e	284	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	285	})
	286	})
	287
	288	it('Should fail with an unknown account', async function () {
	289	await makePostBodyRequest({
	290	url: server.url,
	291	token: server.accessToken,
	292	path,
	293	fields: { accountName: 'user2' },
c0e8b12e	294	expectedStatus: HttpStatusCode.NOT_FOUND_404
b44164bb C	295	})
	296	})
	297
	298	it('Should fail to block ourselves', async function () {
	299	await makePostBodyRequest({
	300	url: server.url,
	301	token: server.accessToken,
	302	path,
	303	fields: { accountName: 'root' },
c0e8b12e	304	expectedStatus: HttpStatusCode.CONFLICT_409
b44164bb C	305	})
	306	})
	307
	308	it('Should succeed with the correct params', async function () {
	309	await makePostBodyRequest({
	310	url: server.url,
	311	token: server.accessToken,
	312	path,
	313	fields: { accountName: 'user1' },
c0e8b12e	314	expectedStatus: HttpStatusCode.NO_CONTENT_204
b44164bb C	315	})
	316	})
	317	})
	318
	319	describe('When unblocking an account', function () {
	320	it('Should fail with an unauthenticated user', async function () {
	321	await makeDeleteRequest({
	322	url: server.url,
	323	path: path + '/user1',
c0e8b12e	324	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	325	})
	326	})
	327
	328	it('Should fail with a user without the appropriate rights', async function () {
	329	await makeDeleteRequest({
	330	url: server.url,
	331	path: path + '/user1',
	332	token: userAccessToken,
c0e8b12e	333	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	334	})
	335	})
	336
	337	it('Should fail with an unknown account block', async function () {
	338	await makeDeleteRequest({
	339	url: server.url,
	340	path: path + '/user2',
	341	token: server.accessToken,
c0e8b12e	342	expectedStatus: HttpStatusCode.NOT_FOUND_404
b44164bb C	343	})
	344	})
	345
	346	it('Should succeed with the correct params', async function () {
	347	await makeDeleteRequest({
	348	url: server.url,
	349	path: path + '/user1',
	350	token: server.accessToken,
c0e8b12e	351	expectedStatus: HttpStatusCode.NO_CONTENT_204
b44164bb C	352	})
	353	})
	354	})
	355	})
	356
	357	describe('When managing server servers blocklist', function () {
	358	const path = '/api/v1/server/blocklist/servers'
	359
	360	describe('When listing blocked servers', function () {
	361	it('Should fail with an unauthenticated user', async function () {
	362	await makeGetRequest({
	363	url: server.url,
	364	path,
c0e8b12e	365	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	366	})
	367	})
	368
	369	it('Should fail with a user without the appropriate rights', async function () {
	370	await makeGetRequest({
	371	url: server.url,
	372	token: userAccessToken,
	373	path,
c0e8b12e	374	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	375	})
	376	})
	377
	378	it('Should fail with a bad start pagination', async function () {
	379	await checkBadStartPagination(server.url, path, server.accessToken)
	380	})
	381
	382	it('Should fail with a bad count pagination', async function () {
	383	await checkBadCountPagination(server.url, path, server.accessToken)
	384	})
	385
	386	it('Should fail with an incorrect sort', async function () {
	387	await checkBadSortPagination(server.url, path, server.accessToken)
	388	})
	389	})
	390
	391	describe('When blocking a server', function () {
	392	it('Should fail with an unauthenticated user', async function () {
	393	await makePostBodyRequest({
	394	url: server.url,
	395	path,
2732eeff	396	fields: { host: servers[1].host },
c0e8b12e	397	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	398	})
	399	})
	400
	401	it('Should fail with a user without the appropriate rights', async function () {
	402	await makePostBodyRequest({
	403	url: server.url,
	404	token: userAccessToken,
	405	path,
2732eeff	406	fields: { host: servers[1].host },
c0e8b12e	407	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	408	})
	409	})
	410
bb152476	411	it('Should succeed with an unknown server', async function () {
b44164bb C	412	await makePostBodyRequest({
	413	url: server.url,
	414	token: server.accessToken,
	415	path,
2732eeff	416	fields: { host: '127.0.0.1:9003' },
c0e8b12e	417	expectedStatus: HttpStatusCode.NO_CONTENT_204
b44164bb C	418	})
	419	})
	420
	421	it('Should fail with our own server', async function () {
	422	await makePostBodyRequest({
	423	url: server.url,
	424	token: server.accessToken,
	425	path,
2732eeff	426	fields: { host: server.host },
c0e8b12e	427	expectedStatus: HttpStatusCode.CONFLICT_409
b44164bb C	428	})
	429	})
	430
	431	it('Should succeed with the correct params', async function () {
	432	await makePostBodyRequest({
	433	url: server.url,
	434	token: server.accessToken,
	435	path,
2732eeff	436	fields: { host: servers[1].host },
c0e8b12e	437	expectedStatus: HttpStatusCode.NO_CONTENT_204
b44164bb C	438	})
	439	})
	440	})
	441
	442	describe('When unblocking a server', function () {
	443	it('Should fail with an unauthenticated user', async function () {
	444	await makeDeleteRequest({
	445	url: server.url,
2732eeff	446	path: path + '/' + servers[1].host,
c0e8b12e	447	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	448	})
	449	})
	450
	451	it('Should fail with a user without the appropriate rights', async function () {
	452	await makeDeleteRequest({
	453	url: server.url,
2732eeff	454	path: path + '/' + servers[1].host,
b44164bb	455	token: userAccessToken,
c0e8b12e	456	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	457	})
	458	})
	459
	460	it('Should fail with an unknown server block', async function () {
	461	await makeDeleteRequest({
	462	url: server.url,
2732eeff	463	path: path + '/127.0.0.1:9004',
b44164bb	464	token: server.accessToken,
c0e8b12e	465	expectedStatus: HttpStatusCode.NOT_FOUND_404
b44164bb C	466	})
	467	})
	468
	469	it('Should succeed with the correct params', async function () {
	470	await makeDeleteRequest({
	471	url: server.url,
2732eeff	472	path: path + '/' + servers[1].host,
b44164bb	473	token: server.accessToken,
c0e8b12e	474	expectedStatus: HttpStatusCode.NO_CONTENT_204
b44164bb C	475	})
	476	})
	477	})
	478	})
	479	})
	480
80badf49 C	481	describe('When getting blocklist status', function () {
	482	const path = '/api/v1/blocklist/status'
	483
	484	it('Should fail with a bad token', async function () {
	485	await makeGetRequest({
	486	url: server.url,
	487	path,
	488	token: 'false',
	489	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
	490	})
	491	})
	492
	493	it('Should fail with a bad accounts field', async function () {
	494	await makeGetRequest({
	495	url: server.url,
	496	path,
	497	query: {
	498	accounts: 1
	499	},
	500	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	501	})
	502
	503	await makeGetRequest({
	504	url: server.url,
	505	path,
	506	query: {
	507	accounts: [ 1 ]
	508	},
	509	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	510	})
	511	})
	512
	513	it('Should fail with a bad hosts field', async function () {
	514	await makeGetRequest({
	515	url: server.url,
	516	path,
	517	query: {
	518	hosts: 1
	519	},
	520	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	521	})
	522
	523	await makeGetRequest({
	524	url: server.url,
	525	path,
	526	query: {
	527	hosts: [ 1 ]
	528	},
	529	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	530	})
	531	})
	532
	533	it('Should succeed with the correct parameters', async function () {
	534	await makeGetRequest({
	535	url: server.url,
	536	path,
	537	query: {},
	538	expectedStatus: HttpStatusCode.OK_200
	539	})
	540
	541	await makeGetRequest({
	542	url: server.url,
	543	path,
	544	query: {
545	hosts: [ 'example.com' ],
546	accounts: [ 'john@example.com' ]
547	},
548	expectedStatus: HttpStatusCode.OK_200
549	})
550	})
551	})
552
86ebdf8c C	553	after(async function () {
86ebdf8c C	554	await cleanupTests(servers)
7ad9b984 C	555	})
7ad9b984 C	556	})