]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blame - server/tests/api/check-params/blocklist.ts
projects / github / Chocobozzz / PeerTube.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix big play button
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / blocklist.ts
CommitLineData
a1587156 1/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
7ad9b984
C		 2
3import 'mocha'
4
5import {
86ebdf8c 6 cleanupTests,
7ad9b984
C		 7 createUser,
8 doubleFollow,
9 flushAndRunMultipleServers,
7ad9b984
C		 10 makeDeleteRequest,
11 makeGetRequest,
12 makePostBodyRequest,
13 ServerInfo,
86ebdf8c
C		 14 setAccessTokensToServers,
15 userLogin
94565d52 16} from '../../../../shared/extra-utils'
9639bd17 17import {
18 checkBadCountPagination,
19 checkBadSortPagination,
20 checkBadStartPagination
94565d52 21} from '../../../../shared/extra-utils/requests/check-api-params'
2d53be02 22import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
7ad9b984
C		 23
24describe('Test blocklist API validators', function () {
25 let servers: ServerInfo[]
26 let server: ServerInfo
b44164bb 27 let userAccessToken: string
7ad9b984
C		 28
29 before(async function () {
30 this.timeout(60000)
31
7ad9b984
C		 32 servers = await flushAndRunMultipleServers(2)
33 await setAccessTokensToServers(servers)
34
35 server = servers[0]
36
37 const user = { username: 'user1', password: 'password' }
1eddc9a7 38 await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
7ad9b984 39
b44164bb
C		 40 userAccessToken = await userLogin(server, user)
41
7ad9b984
C		 42 await doubleFollow(servers[0], servers[1])
43 })
44
45 // ---------------------------------------------------------------
46
47 describe('When managing user blocklist', function () {
7ad9b984
C		 48
49 describe('When managing user accounts blocklist', function () {
b44164bb 50 const path = '/api/v1/users/me/blocklist/accounts'
7ad9b984
C		 51
52 describe('When listing blocked accounts', function () {
53 it('Should fail with an unauthenticated user', async function () {
54 await makeGetRequest({
55 url: server.url,
56 path,
2d53be02 57 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 58 })
59 })
60
61 it('Should fail with a bad start pagination', async function () {
62 await checkBadStartPagination(server.url, path, server.accessToken)
63 })
64
65 it('Should fail with a bad count pagination', async function () {
66 await checkBadCountPagination(server.url, path, server.accessToken)
67 })
68
69 it('Should fail with an incorrect sort', async function () {
70 await checkBadSortPagination(server.url, path, server.accessToken)
71 })
72 })
73
74 describe('When blocking an account', function () {
75 it('Should fail with an unauthenticated user', async function () {
76 await makePostBodyRequest({
77 url: server.url,
78 path,
79 fields: { accountName: 'user1' },
2d53be02 80 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 81 })
82 })
83
84 it('Should fail with an unknown account', async function () {
85 await makePostBodyRequest({
86 url: server.url,
87 token: server.accessToken,
88 path,
89 fields: { accountName: 'user2' },
2d53be02 90 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
7ad9b984
C		 91 })
92 })
93
af5767ff
C		 94 it('Should fail to block ourselves', async function () {
95 await makePostBodyRequest({
96 url: server.url,
97 token: server.accessToken,
98 path,
99 fields: { accountName: 'root' },
2d53be02 100 statusCodeExpected: HttpStatusCode.CONFLICT_409
af5767ff
C		 101 })
102 })
103
7ad9b984
C		 104 it('Should succeed with the correct params', async function () {
105 await makePostBodyRequest({
106 url: server.url,
107 token: server.accessToken,
108 path,
109 fields: { accountName: 'user1' },
2d53be02 110 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
7ad9b984
C		 111 })
112 })
113 })
114
115 describe('When unblocking an account', function () {
116 it('Should fail with an unauthenticated user', async function () {
117 await makeDeleteRequest({
118 url: server.url,
119 path: path + '/user1',
2d53be02 120 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 121 })
122 })
123
124 it('Should fail with an unknown account block', async function () {
125 await makeDeleteRequest({
126 url: server.url,
127 path: path + '/user2',
128 token: server.accessToken,
2d53be02 129 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
7ad9b984
C		 130 })
131 })
132
133 it('Should succeed with the correct params', async function () {
134 await makeDeleteRequest({
135 url: server.url,
136 path: path + '/user1',
137 token: server.accessToken,
2d53be02 138 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
7ad9b984
C		 139 })
140 })
141 })
142 })
143
144 describe('When managing user servers blocklist', function () {
145 const path = '/api/v1/users/me/blocklist/servers'
146
147 describe('When listing blocked servers', function () {
148 it('Should fail with an unauthenticated user', async function () {
149 await makeGetRequest({
150 url: server.url,
151 path,
2d53be02 152 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 153 })
154 })
155
156 it('Should fail with a bad start pagination', async function () {
157 await checkBadStartPagination(server.url, path, server.accessToken)
158 })
159
160 it('Should fail with a bad count pagination', async function () {
161 await checkBadCountPagination(server.url, path, server.accessToken)
162 })
163
164 it('Should fail with an incorrect sort', async function () {
165 await checkBadSortPagination(server.url, path, server.accessToken)
166 })
167 })
168
169 describe('When blocking a server', function () {
170 it('Should fail with an unauthenticated user', async function () {
171 await makePostBodyRequest({
172 url: server.url,
173 path,
174 fields: { host: 'localhost:9002' },
2d53be02 175 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 176 })
177 })
178
bb152476 179 it('Should succeed with an unknown server', async function () {
7ad9b984
C		 180 await makePostBodyRequest({
181 url: server.url,
182 token: server.accessToken,
183 path,
184 fields: { host: 'localhost:9003' },
2d53be02 185 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
7ad9b984
C		 186 })
187 })
188
af5767ff
C		 189 it('Should fail with our own server', async function () {
190 await makePostBodyRequest({
191 url: server.url,
192 token: server.accessToken,
193 path,
86ebdf8c 194 fields: { host: 'localhost:' + server.port },
2d53be02 195 statusCodeExpected: HttpStatusCode.CONFLICT_409
af5767ff
C		 196 })
197 })
198
7ad9b984
C		 199 it('Should succeed with the correct params', async function () {
200 await makePostBodyRequest({
201 url: server.url,
202 token: server.accessToken,
203 path,
86ebdf8c 204 fields: { host: 'localhost:' + servers[1].port },
2d53be02 205 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
7ad9b984
C		 206 })
207 })
208 })
209
210 describe('When unblocking a server', function () {
211 it('Should fail with an unauthenticated user', async function () {
212 await makeDeleteRequest({
213 url: server.url,
86ebdf8c 214 path: path + '/localhost:' + servers[1].port,
2d53be02 215 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 216 })
217 })
218
219 it('Should fail with an unknown server block', async function () {
220 await makeDeleteRequest({
221 url: server.url,
bb152476 222 path: path + '/localhost:9004',
7ad9b984 223 token: server.accessToken,
2d53be02 224 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
7ad9b984
C		 225 })
226 })
227
228 it('Should succeed with the correct params', async function () {
229 await makeDeleteRequest({
230 url: server.url,
86ebdf8c 231 path: path + '/localhost:' + servers[1].port,
7ad9b984 232 token: server.accessToken,
2d53be02 233 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
7ad9b984
C		 234 })
235 })
236 })
237 })
238 })
239
b44164bb
C		 240 describe('When managing server blocklist', function () {
241
242 describe('When managing server accounts blocklist', function () {
243 const path = '/api/v1/server/blocklist/accounts'
244
245 describe('When listing blocked accounts', function () {
246 it('Should fail with an unauthenticated user', async function () {
247 await makeGetRequest({
248 url: server.url,
249 path,
2d53be02 250 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 251 })
252 })
253
254 it('Should fail with a user without the appropriate rights', async function () {
255 await makeGetRequest({
256 url: server.url,
257 token: userAccessToken,
258 path,
2d53be02 259 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 260 })
261 })
262
263 it('Should fail with a bad start pagination', async function () {
264 await checkBadStartPagination(server.url, path, server.accessToken)
265 })
266
267 it('Should fail with a bad count pagination', async function () {
268 await checkBadCountPagination(server.url, path, server.accessToken)
269 })
270
271 it('Should fail with an incorrect sort', async function () {
272 await checkBadSortPagination(server.url, path, server.accessToken)
273 })
274 })
275
276 describe('When blocking an account', function () {
277 it('Should fail with an unauthenticated user', async function () {
278 await makePostBodyRequest({
279 url: server.url,
280 path,
281 fields: { accountName: 'user1' },
2d53be02 282 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 283 })
284 })
285
286 it('Should fail with a user without the appropriate rights', async function () {
287 await makePostBodyRequest({
288 url: server.url,
289 token: userAccessToken,
290 path,
291 fields: { accountName: 'user1' },
2d53be02 292 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 293 })
294 })
295
296 it('Should fail with an unknown account', async function () {
297 await makePostBodyRequest({
298 url: server.url,
299 token: server.accessToken,
300 path,
301 fields: { accountName: 'user2' },
2d53be02 302 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
b44164bb
C		 303 })
304 })
305
306 it('Should fail to block ourselves', async function () {
307 await makePostBodyRequest({
308 url: server.url,
309 token: server.accessToken,
310 path,
311 fields: { accountName: 'root' },
2d53be02 312 statusCodeExpected: HttpStatusCode.CONFLICT_409
b44164bb
C		 313 })
314 })
315
316 it('Should succeed with the correct params', async function () {
317 await makePostBodyRequest({
318 url: server.url,
319 token: server.accessToken,
320 path,
321 fields: { accountName: 'user1' },
2d53be02 322 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
b44164bb
C		 323 })
324 })
325 })
326
327 describe('When unblocking an account', function () {
328 it('Should fail with an unauthenticated user', async function () {
329 await makeDeleteRequest({
330 url: server.url,
331 path: path + '/user1',
2d53be02 332 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 333 })
334 })
335
336 it('Should fail with a user without the appropriate rights', async function () {
337 await makeDeleteRequest({
338 url: server.url,
339 path: path + '/user1',
340 token: userAccessToken,
2d53be02 341 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 342 })
343 })
344
345 it('Should fail with an unknown account block', async function () {
346 await makeDeleteRequest({
347 url: server.url,
348 path: path + '/user2',
349 token: server.accessToken,
2d53be02 350 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
b44164bb
C		 351 })
352 })
353
354 it('Should succeed with the correct params', async function () {
355 await makeDeleteRequest({
356 url: server.url,
357 path: path + '/user1',
358 token: server.accessToken,
2d53be02 359 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
b44164bb
C		 360 })
361 })
362 })
363 })
364
365 describe('When managing server servers blocklist', function () {
366 const path = '/api/v1/server/blocklist/servers'
367
368 describe('When listing blocked servers', function () {
369 it('Should fail with an unauthenticated user', async function () {
370 await makeGetRequest({
371 url: server.url,
372 path,
2d53be02 373 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 374 })
375 })
376
377 it('Should fail with a user without the appropriate rights', async function () {
378 await makeGetRequest({
379 url: server.url,
380 token: userAccessToken,
381 path,
2d53be02 382 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 383 })
384 })
385
386 it('Should fail with a bad start pagination', async function () {
387 await checkBadStartPagination(server.url, path, server.accessToken)
388 })
389
390 it('Should fail with a bad count pagination', async function () {
391 await checkBadCountPagination(server.url, path, server.accessToken)
392 })
393
394 it('Should fail with an incorrect sort', async function () {
395 await checkBadSortPagination(server.url, path, server.accessToken)
396 })
397 })
398
399 describe('When blocking a server', function () {
400 it('Should fail with an unauthenticated user', async function () {
401 await makePostBodyRequest({
402 url: server.url,
403 path,
86ebdf8c 404 fields: { host: 'localhost:' + servers[1].port },
2d53be02 405 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 406 })
407 })
408
409 it('Should fail with a user without the appropriate rights', async function () {
410 await makePostBodyRequest({
411 url: server.url,
412 token: userAccessToken,
413 path,
86ebdf8c 414 fields: { host: 'localhost:' + servers[1].port },
2d53be02 415 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 416 })
417 })
418
bb152476 419 it('Should succeed with an unknown server', async function () {
b44164bb
C		 420 await makePostBodyRequest({
421 url: server.url,
422 token: server.accessToken,
423 path,
424 fields: { host: 'localhost:9003' },
2d53be02 425 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
b44164bb
C		 426 })
427 })
428
429 it('Should fail with our own server', async function () {
430 await makePostBodyRequest({
431 url: server.url,
432 token: server.accessToken,
433 path,
86ebdf8c 434 fields: { host: 'localhost:' + server.port },
2d53be02 435 statusCodeExpected: HttpStatusCode.CONFLICT_409
b44164bb
C		 436 })
437 })
438
439 it('Should succeed with the correct params', async function () {
440 await makePostBodyRequest({
441 url: server.url,
442 token: server.accessToken,
443 path,
86ebdf8c 444 fields: { host: 'localhost:' + servers[1].port },
2d53be02 445 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
b44164bb
C		 446 })
447 })
448 })
449
450 describe('When unblocking a server', function () {
451 it('Should fail with an unauthenticated user', async function () {
452 await makeDeleteRequest({
453 url: server.url,
86ebdf8c 454 path: path + '/localhost:' + servers[1].port,
2d53be02 455 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 456 })
457 })
458
459 it('Should fail with a user without the appropriate rights', async function () {
460 await makeDeleteRequest({
461 url: server.url,
86ebdf8c 462 path: path + '/localhost:' + servers[1].port,
b44164bb 463 token: userAccessToken,
2d53be02 464 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 465 })
466 })
467
468 it('Should fail with an unknown server block', async function () {
469 await makeDeleteRequest({
470 url: server.url,
bb152476 471 path: path + '/localhost:9004',
b44164bb 472 token: server.accessToken,
2d53be02 473 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
b44164bb
C		 474 })
475 })
476
477 it('Should succeed with the correct params', async function () {
478 await makeDeleteRequest({
479 url: server.url,
86ebdf8c 480 path: path + '/localhost:' + servers[1].port,
b44164bb 481 token: server.accessToken,
2d53be02 482 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
b44164bb
C		 483 })
484 })
485 })
486 })
487 })
488
86ebdf8c
C		 489 after(async function () {
490 await cleanupTests(servers)
7ad9b984
C		 491 })
492})
ActivityPub-federated video streaming platform using P2P directly in your web browser