]>
Commit | Line | Data |
---|---|---|
a1587156 | 1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ |
7ad9b984 C |
2 | |
3 | import 'mocha' | |
c55e3d72 C |
4 | import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared' |
5 | import { HttpStatusCode } from '@shared/models' | |
7ad9b984 | 6 | import { |
86ebdf8c | 7 | cleanupTests, |
254d3579 | 8 | createMultipleServers, |
c0e8b12e | 9 | doubleFollow, |
7ad9b984 C |
10 | makeDeleteRequest, |
11 | makeGetRequest, | |
12 | makePostBodyRequest, | |
254d3579 | 13 | PeerTubeServer, |
41d1d075 | 14 | setAccessTokensToServers |
bf54587a | 15 | } from '@shared/server-commands' |
7ad9b984 C |
16 | |
17 | describe('Test blocklist API validators', function () { | |
254d3579 C |
18 | let servers: PeerTubeServer[] |
19 | let server: PeerTubeServer | |
b44164bb | 20 | let userAccessToken: string |
7ad9b984 C |
21 | |
22 | before(async function () { | |
23 | this.timeout(60000) | |
24 | ||
254d3579 | 25 | servers = await createMultipleServers(2) |
7ad9b984 C |
26 | await setAccessTokensToServers(servers) |
27 | ||
28 | server = servers[0] | |
29 | ||
30 | const user = { username: 'user1', password: 'password' } | |
89d241a7 | 31 | await server.users.create({ username: user.username, password: user.password }) |
7ad9b984 | 32 | |
89d241a7 | 33 | userAccessToken = await server.login.getAccessToken(user) |
b44164bb | 34 | |
7ad9b984 C |
35 | await doubleFollow(servers[0], servers[1]) |
36 | }) | |
37 | ||
38 | // --------------------------------------------------------------- | |
39 | ||
40 | describe('When managing user blocklist', function () { | |
7ad9b984 C |
41 | |
42 | describe('When managing user accounts blocklist', function () { | |
b44164bb | 43 | const path = '/api/v1/users/me/blocklist/accounts' |
7ad9b984 C |
44 | |
45 | describe('When listing blocked accounts', function () { | |
46 | it('Should fail with an unauthenticated user', async function () { | |
47 | await makeGetRequest({ | |
48 | url: server.url, | |
49 | path, | |
c0e8b12e | 50 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
51 | }) |
52 | }) | |
53 | ||
54 | it('Should fail with a bad start pagination', async function () { | |
55 | await checkBadStartPagination(server.url, path, server.accessToken) | |
56 | }) | |
57 | ||
58 | it('Should fail with a bad count pagination', async function () { | |
59 | await checkBadCountPagination(server.url, path, server.accessToken) | |
60 | }) | |
61 | ||
62 | it('Should fail with an incorrect sort', async function () { | |
63 | await checkBadSortPagination(server.url, path, server.accessToken) | |
64 | }) | |
65 | }) | |
66 | ||
67 | describe('When blocking an account', function () { | |
68 | it('Should fail with an unauthenticated user', async function () { | |
69 | await makePostBodyRequest({ | |
70 | url: server.url, | |
71 | path, | |
72 | fields: { accountName: 'user1' }, | |
c0e8b12e | 73 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
74 | }) |
75 | }) | |
76 | ||
77 | it('Should fail with an unknown account', async function () { | |
78 | await makePostBodyRequest({ | |
79 | url: server.url, | |
80 | token: server.accessToken, | |
81 | path, | |
82 | fields: { accountName: 'user2' }, | |
c0e8b12e | 83 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
84 | }) |
85 | }) | |
86 | ||
af5767ff C |
87 | it('Should fail to block ourselves', async function () { |
88 | await makePostBodyRequest({ | |
89 | url: server.url, | |
90 | token: server.accessToken, | |
91 | path, | |
92 | fields: { accountName: 'root' }, | |
c0e8b12e | 93 | expectedStatus: HttpStatusCode.CONFLICT_409 |
af5767ff C |
94 | }) |
95 | }) | |
96 | ||
7ad9b984 C |
97 | it('Should succeed with the correct params', async function () { |
98 | await makePostBodyRequest({ | |
99 | url: server.url, | |
100 | token: server.accessToken, | |
101 | path, | |
102 | fields: { accountName: 'user1' }, | |
c0e8b12e | 103 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
104 | }) |
105 | }) | |
106 | }) | |
107 | ||
108 | describe('When unblocking an account', function () { | |
109 | it('Should fail with an unauthenticated user', async function () { | |
110 | await makeDeleteRequest({ | |
111 | url: server.url, | |
112 | path: path + '/user1', | |
c0e8b12e | 113 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
114 | }) |
115 | }) | |
116 | ||
117 | it('Should fail with an unknown account block', async function () { | |
118 | await makeDeleteRequest({ | |
119 | url: server.url, | |
120 | path: path + '/user2', | |
121 | token: server.accessToken, | |
c0e8b12e | 122 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
123 | }) |
124 | }) | |
125 | ||
126 | it('Should succeed with the correct params', async function () { | |
127 | await makeDeleteRequest({ | |
128 | url: server.url, | |
129 | path: path + '/user1', | |
130 | token: server.accessToken, | |
c0e8b12e | 131 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
132 | }) |
133 | }) | |
134 | }) | |
135 | }) | |
136 | ||
137 | describe('When managing user servers blocklist', function () { | |
138 | const path = '/api/v1/users/me/blocklist/servers' | |
139 | ||
140 | describe('When listing blocked servers', function () { | |
141 | it('Should fail with an unauthenticated user', async function () { | |
142 | await makeGetRequest({ | |
143 | url: server.url, | |
144 | path, | |
c0e8b12e | 145 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
146 | }) |
147 | }) | |
148 | ||
149 | it('Should fail with a bad start pagination', async function () { | |
150 | await checkBadStartPagination(server.url, path, server.accessToken) | |
151 | }) | |
152 | ||
153 | it('Should fail with a bad count pagination', async function () { | |
154 | await checkBadCountPagination(server.url, path, server.accessToken) | |
155 | }) | |
156 | ||
157 | it('Should fail with an incorrect sort', async function () { | |
158 | await checkBadSortPagination(server.url, path, server.accessToken) | |
159 | }) | |
160 | }) | |
161 | ||
162 | describe('When blocking a server', function () { | |
163 | it('Should fail with an unauthenticated user', async function () { | |
164 | await makePostBodyRequest({ | |
165 | url: server.url, | |
166 | path, | |
167 | fields: { host: 'localhost:9002' }, | |
c0e8b12e | 168 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
169 | }) |
170 | }) | |
171 | ||
bb152476 | 172 | it('Should succeed with an unknown server', async function () { |
7ad9b984 C |
173 | await makePostBodyRequest({ |
174 | url: server.url, | |
175 | token: server.accessToken, | |
176 | path, | |
177 | fields: { host: 'localhost:9003' }, | |
c0e8b12e | 178 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
179 | }) |
180 | }) | |
181 | ||
af5767ff C |
182 | it('Should fail with our own server', async function () { |
183 | await makePostBodyRequest({ | |
184 | url: server.url, | |
185 | token: server.accessToken, | |
186 | path, | |
86ebdf8c | 187 | fields: { host: 'localhost:' + server.port }, |
c0e8b12e | 188 | expectedStatus: HttpStatusCode.CONFLICT_409 |
af5767ff C |
189 | }) |
190 | }) | |
191 | ||
7ad9b984 C |
192 | it('Should succeed with the correct params', async function () { |
193 | await makePostBodyRequest({ | |
194 | url: server.url, | |
195 | token: server.accessToken, | |
196 | path, | |
86ebdf8c | 197 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 198 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
199 | }) |
200 | }) | |
201 | }) | |
202 | ||
203 | describe('When unblocking a server', function () { | |
204 | it('Should fail with an unauthenticated user', async function () { | |
205 | await makeDeleteRequest({ | |
206 | url: server.url, | |
86ebdf8c | 207 | path: path + '/localhost:' + servers[1].port, |
c0e8b12e | 208 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
209 | }) |
210 | }) | |
211 | ||
212 | it('Should fail with an unknown server block', async function () { | |
213 | await makeDeleteRequest({ | |
214 | url: server.url, | |
bb152476 | 215 | path: path + '/localhost:9004', |
7ad9b984 | 216 | token: server.accessToken, |
c0e8b12e | 217 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
218 | }) |
219 | }) | |
220 | ||
221 | it('Should succeed with the correct params', async function () { | |
222 | await makeDeleteRequest({ | |
223 | url: server.url, | |
86ebdf8c | 224 | path: path + '/localhost:' + servers[1].port, |
7ad9b984 | 225 | token: server.accessToken, |
c0e8b12e | 226 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
227 | }) |
228 | }) | |
229 | }) | |
230 | }) | |
231 | }) | |
232 | ||
b44164bb C |
233 | describe('When managing server blocklist', function () { |
234 | ||
235 | describe('When managing server accounts blocklist', function () { | |
236 | const path = '/api/v1/server/blocklist/accounts' | |
237 | ||
238 | describe('When listing blocked accounts', function () { | |
239 | it('Should fail with an unauthenticated user', async function () { | |
240 | await makeGetRequest({ | |
241 | url: server.url, | |
242 | path, | |
c0e8b12e | 243 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
244 | }) |
245 | }) | |
246 | ||
247 | it('Should fail with a user without the appropriate rights', async function () { | |
248 | await makeGetRequest({ | |
249 | url: server.url, | |
250 | token: userAccessToken, | |
251 | path, | |
c0e8b12e | 252 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
253 | }) |
254 | }) | |
255 | ||
256 | it('Should fail with a bad start pagination', async function () { | |
257 | await checkBadStartPagination(server.url, path, server.accessToken) | |
258 | }) | |
259 | ||
260 | it('Should fail with a bad count pagination', async function () { | |
261 | await checkBadCountPagination(server.url, path, server.accessToken) | |
262 | }) | |
263 | ||
264 | it('Should fail with an incorrect sort', async function () { | |
265 | await checkBadSortPagination(server.url, path, server.accessToken) | |
266 | }) | |
267 | }) | |
268 | ||
269 | describe('When blocking an account', function () { | |
270 | it('Should fail with an unauthenticated user', async function () { | |
271 | await makePostBodyRequest({ | |
272 | url: server.url, | |
273 | path, | |
274 | fields: { accountName: 'user1' }, | |
c0e8b12e | 275 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
276 | }) |
277 | }) | |
278 | ||
279 | it('Should fail with a user without the appropriate rights', async function () { | |
280 | await makePostBodyRequest({ | |
281 | url: server.url, | |
282 | token: userAccessToken, | |
283 | path, | |
284 | fields: { accountName: 'user1' }, | |
c0e8b12e | 285 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
286 | }) |
287 | }) | |
288 | ||
289 | it('Should fail with an unknown account', async function () { | |
290 | await makePostBodyRequest({ | |
291 | url: server.url, | |
292 | token: server.accessToken, | |
293 | path, | |
294 | fields: { accountName: 'user2' }, | |
c0e8b12e | 295 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
296 | }) |
297 | }) | |
298 | ||
299 | it('Should fail to block ourselves', async function () { | |
300 | await makePostBodyRequest({ | |
301 | url: server.url, | |
302 | token: server.accessToken, | |
303 | path, | |
304 | fields: { accountName: 'root' }, | |
c0e8b12e | 305 | expectedStatus: HttpStatusCode.CONFLICT_409 |
b44164bb C |
306 | }) |
307 | }) | |
308 | ||
309 | it('Should succeed with the correct params', async function () { | |
310 | await makePostBodyRequest({ | |
311 | url: server.url, | |
312 | token: server.accessToken, | |
313 | path, | |
314 | fields: { accountName: 'user1' }, | |
c0e8b12e | 315 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
316 | }) |
317 | }) | |
318 | }) | |
319 | ||
320 | describe('When unblocking an account', function () { | |
321 | it('Should fail with an unauthenticated user', async function () { | |
322 | await makeDeleteRequest({ | |
323 | url: server.url, | |
324 | path: path + '/user1', | |
c0e8b12e | 325 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
326 | }) |
327 | }) | |
328 | ||
329 | it('Should fail with a user without the appropriate rights', async function () { | |
330 | await makeDeleteRequest({ | |
331 | url: server.url, | |
332 | path: path + '/user1', | |
333 | token: userAccessToken, | |
c0e8b12e | 334 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
335 | }) |
336 | }) | |
337 | ||
338 | it('Should fail with an unknown account block', async function () { | |
339 | await makeDeleteRequest({ | |
340 | url: server.url, | |
341 | path: path + '/user2', | |
342 | token: server.accessToken, | |
c0e8b12e | 343 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
344 | }) |
345 | }) | |
346 | ||
347 | it('Should succeed with the correct params', async function () { | |
348 | await makeDeleteRequest({ | |
349 | url: server.url, | |
350 | path: path + '/user1', | |
351 | token: server.accessToken, | |
c0e8b12e | 352 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
353 | }) |
354 | }) | |
355 | }) | |
356 | }) | |
357 | ||
358 | describe('When managing server servers blocklist', function () { | |
359 | const path = '/api/v1/server/blocklist/servers' | |
360 | ||
361 | describe('When listing blocked servers', function () { | |
362 | it('Should fail with an unauthenticated user', async function () { | |
363 | await makeGetRequest({ | |
364 | url: server.url, | |
365 | path, | |
c0e8b12e | 366 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
367 | }) |
368 | }) | |
369 | ||
370 | it('Should fail with a user without the appropriate rights', async function () { | |
371 | await makeGetRequest({ | |
372 | url: server.url, | |
373 | token: userAccessToken, | |
374 | path, | |
c0e8b12e | 375 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
376 | }) |
377 | }) | |
378 | ||
379 | it('Should fail with a bad start pagination', async function () { | |
380 | await checkBadStartPagination(server.url, path, server.accessToken) | |
381 | }) | |
382 | ||
383 | it('Should fail with a bad count pagination', async function () { | |
384 | await checkBadCountPagination(server.url, path, server.accessToken) | |
385 | }) | |
386 | ||
387 | it('Should fail with an incorrect sort', async function () { | |
388 | await checkBadSortPagination(server.url, path, server.accessToken) | |
389 | }) | |
390 | }) | |
391 | ||
392 | describe('When blocking a server', function () { | |
393 | it('Should fail with an unauthenticated user', async function () { | |
394 | await makePostBodyRequest({ | |
395 | url: server.url, | |
396 | path, | |
86ebdf8c | 397 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 398 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
399 | }) |
400 | }) | |
401 | ||
402 | it('Should fail with a user without the appropriate rights', async function () { | |
403 | await makePostBodyRequest({ | |
404 | url: server.url, | |
405 | token: userAccessToken, | |
406 | path, | |
86ebdf8c | 407 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 408 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
409 | }) |
410 | }) | |
411 | ||
bb152476 | 412 | it('Should succeed with an unknown server', async function () { |
b44164bb C |
413 | await makePostBodyRequest({ |
414 | url: server.url, | |
415 | token: server.accessToken, | |
416 | path, | |
417 | fields: { host: 'localhost:9003' }, | |
c0e8b12e | 418 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
419 | }) |
420 | }) | |
421 | ||
422 | it('Should fail with our own server', async function () { | |
423 | await makePostBodyRequest({ | |
424 | url: server.url, | |
425 | token: server.accessToken, | |
426 | path, | |
86ebdf8c | 427 | fields: { host: 'localhost:' + server.port }, |
c0e8b12e | 428 | expectedStatus: HttpStatusCode.CONFLICT_409 |
b44164bb C |
429 | }) |
430 | }) | |
431 | ||
432 | it('Should succeed with the correct params', async function () { | |
433 | await makePostBodyRequest({ | |
434 | url: server.url, | |
435 | token: server.accessToken, | |
436 | path, | |
86ebdf8c | 437 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 438 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
439 | }) |
440 | }) | |
441 | }) | |
442 | ||
443 | describe('When unblocking a server', function () { | |
444 | it('Should fail with an unauthenticated user', async function () { | |
445 | await makeDeleteRequest({ | |
446 | url: server.url, | |
86ebdf8c | 447 | path: path + '/localhost:' + servers[1].port, |
c0e8b12e | 448 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
449 | }) |
450 | }) | |
451 | ||
452 | it('Should fail with a user without the appropriate rights', async function () { | |
453 | await makeDeleteRequest({ | |
454 | url: server.url, | |
86ebdf8c | 455 | path: path + '/localhost:' + servers[1].port, |
b44164bb | 456 | token: userAccessToken, |
c0e8b12e | 457 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
458 | }) |
459 | }) | |
460 | ||
461 | it('Should fail with an unknown server block', async function () { | |
462 | await makeDeleteRequest({ | |
463 | url: server.url, | |
bb152476 | 464 | path: path + '/localhost:9004', |
b44164bb | 465 | token: server.accessToken, |
c0e8b12e | 466 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
467 | }) |
468 | }) | |
469 | ||
470 | it('Should succeed with the correct params', async function () { | |
471 | await makeDeleteRequest({ | |
472 | url: server.url, | |
86ebdf8c | 473 | path: path + '/localhost:' + servers[1].port, |
b44164bb | 474 | token: server.accessToken, |
c0e8b12e | 475 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
476 | }) |
477 | }) | |
478 | }) | |
479 | }) | |
480 | }) | |
481 | ||
80badf49 C |
482 | describe('When getting blocklist status', function () { |
483 | const path = '/api/v1/blocklist/status' | |
484 | ||
485 | it('Should fail with a bad token', async function () { | |
486 | await makeGetRequest({ | |
487 | url: server.url, | |
488 | path, | |
489 | token: 'false', | |
490 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | |
491 | }) | |
492 | }) | |
493 | ||
494 | it('Should fail with a bad accounts field', async function () { | |
495 | await makeGetRequest({ | |
496 | url: server.url, | |
497 | path, | |
498 | query: { | |
499 | accounts: 1 | |
500 | }, | |
501 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
502 | }) | |
503 | ||
504 | await makeGetRequest({ | |
505 | url: server.url, | |
506 | path, | |
507 | query: { | |
508 | accounts: [ 1 ] | |
509 | }, | |
510 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
511 | }) | |
512 | }) | |
513 | ||
514 | it('Should fail with a bad hosts field', async function () { | |
515 | await makeGetRequest({ | |
516 | url: server.url, | |
517 | path, | |
518 | query: { | |
519 | hosts: 1 | |
520 | }, | |
521 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
522 | }) | |
523 | ||
524 | await makeGetRequest({ | |
525 | url: server.url, | |
526 | path, | |
527 | query: { | |
528 | hosts: [ 1 ] | |
529 | }, | |
530 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
531 | }) | |
532 | }) | |
533 | ||
534 | it('Should succeed with the correct parameters', async function () { | |
535 | await makeGetRequest({ | |
536 | url: server.url, | |
537 | path, | |
538 | query: {}, | |
539 | expectedStatus: HttpStatusCode.OK_200 | |
540 | }) | |
541 | ||
542 | await makeGetRequest({ | |
543 | url: server.url, | |
544 | path, | |
545 | query: { | |
546 | hosts: [ 'example.com' ], | |
547 | accounts: [ 'john@example.com' ] | |
548 | }, | |
549 | expectedStatus: HttpStatusCode.OK_200 | |
550 | }) | |
551 | }) | |
552 | }) | |
553 | ||
86ebdf8c C |
554 | after(async function () { |
555 | await cleanupTests(servers) | |
7ad9b984 C |
556 | }) |
557 | }) |