]>
Commit | Line | Data |
---|---|---|
a1587156 | 1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ |
7ad9b984 C |
2 | |
3 | import 'mocha' | |
7ad9b984 | 4 | import { |
c0e8b12e C |
5 | checkBadCountPagination, |
6 | checkBadSortPagination, | |
7 | checkBadStartPagination, | |
86ebdf8c | 8 | cleanupTests, |
254d3579 | 9 | createMultipleServers, |
c0e8b12e | 10 | doubleFollow, |
7ad9b984 C |
11 | makeDeleteRequest, |
12 | makeGetRequest, | |
13 | makePostBodyRequest, | |
254d3579 | 14 | PeerTubeServer, |
41d1d075 | 15 | setAccessTokensToServers |
c0e8b12e C |
16 | } from '@shared/extra-utils' |
17 | import { HttpStatusCode } from '@shared/models' | |
7ad9b984 C |
18 | |
19 | describe('Test blocklist API validators', function () { | |
254d3579 C |
20 | let servers: PeerTubeServer[] |
21 | let server: PeerTubeServer | |
b44164bb | 22 | let userAccessToken: string |
7ad9b984 C |
23 | |
24 | before(async function () { | |
25 | this.timeout(60000) | |
26 | ||
254d3579 | 27 | servers = await createMultipleServers(2) |
7ad9b984 C |
28 | await setAccessTokensToServers(servers) |
29 | ||
30 | server = servers[0] | |
31 | ||
32 | const user = { username: 'user1', password: 'password' } | |
89d241a7 | 33 | await server.users.create({ username: user.username, password: user.password }) |
7ad9b984 | 34 | |
89d241a7 | 35 | userAccessToken = await server.login.getAccessToken(user) |
b44164bb | 36 | |
7ad9b984 C |
37 | await doubleFollow(servers[0], servers[1]) |
38 | }) | |
39 | ||
40 | // --------------------------------------------------------------- | |
41 | ||
42 | describe('When managing user blocklist', function () { | |
7ad9b984 C |
43 | |
44 | describe('When managing user accounts blocklist', function () { | |
b44164bb | 45 | const path = '/api/v1/users/me/blocklist/accounts' |
7ad9b984 C |
46 | |
47 | describe('When listing blocked accounts', function () { | |
48 | it('Should fail with an unauthenticated user', async function () { | |
49 | await makeGetRequest({ | |
50 | url: server.url, | |
51 | path, | |
c0e8b12e | 52 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
53 | }) |
54 | }) | |
55 | ||
56 | it('Should fail with a bad start pagination', async function () { | |
57 | await checkBadStartPagination(server.url, path, server.accessToken) | |
58 | }) | |
59 | ||
60 | it('Should fail with a bad count pagination', async function () { | |
61 | await checkBadCountPagination(server.url, path, server.accessToken) | |
62 | }) | |
63 | ||
64 | it('Should fail with an incorrect sort', async function () { | |
65 | await checkBadSortPagination(server.url, path, server.accessToken) | |
66 | }) | |
67 | }) | |
68 | ||
69 | describe('When blocking an account', function () { | |
70 | it('Should fail with an unauthenticated user', async function () { | |
71 | await makePostBodyRequest({ | |
72 | url: server.url, | |
73 | path, | |
74 | fields: { accountName: 'user1' }, | |
c0e8b12e | 75 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
76 | }) |
77 | }) | |
78 | ||
79 | it('Should fail with an unknown account', async function () { | |
80 | await makePostBodyRequest({ | |
81 | url: server.url, | |
82 | token: server.accessToken, | |
83 | path, | |
84 | fields: { accountName: 'user2' }, | |
c0e8b12e | 85 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
86 | }) |
87 | }) | |
88 | ||
af5767ff C |
89 | it('Should fail to block ourselves', async function () { |
90 | await makePostBodyRequest({ | |
91 | url: server.url, | |
92 | token: server.accessToken, | |
93 | path, | |
94 | fields: { accountName: 'root' }, | |
c0e8b12e | 95 | expectedStatus: HttpStatusCode.CONFLICT_409 |
af5767ff C |
96 | }) |
97 | }) | |
98 | ||
7ad9b984 C |
99 | it('Should succeed with the correct params', async function () { |
100 | await makePostBodyRequest({ | |
101 | url: server.url, | |
102 | token: server.accessToken, | |
103 | path, | |
104 | fields: { accountName: 'user1' }, | |
c0e8b12e | 105 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
106 | }) |
107 | }) | |
108 | }) | |
109 | ||
110 | describe('When unblocking an account', function () { | |
111 | it('Should fail with an unauthenticated user', async function () { | |
112 | await makeDeleteRequest({ | |
113 | url: server.url, | |
114 | path: path + '/user1', | |
c0e8b12e | 115 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
116 | }) |
117 | }) | |
118 | ||
119 | it('Should fail with an unknown account block', async function () { | |
120 | await makeDeleteRequest({ | |
121 | url: server.url, | |
122 | path: path + '/user2', | |
123 | token: server.accessToken, | |
c0e8b12e | 124 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
125 | }) |
126 | }) | |
127 | ||
128 | it('Should succeed with the correct params', async function () { | |
129 | await makeDeleteRequest({ | |
130 | url: server.url, | |
131 | path: path + '/user1', | |
132 | token: server.accessToken, | |
c0e8b12e | 133 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
134 | }) |
135 | }) | |
136 | }) | |
137 | }) | |
138 | ||
139 | describe('When managing user servers blocklist', function () { | |
140 | const path = '/api/v1/users/me/blocklist/servers' | |
141 | ||
142 | describe('When listing blocked servers', function () { | |
143 | it('Should fail with an unauthenticated user', async function () { | |
144 | await makeGetRequest({ | |
145 | url: server.url, | |
146 | path, | |
c0e8b12e | 147 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
148 | }) |
149 | }) | |
150 | ||
151 | it('Should fail with a bad start pagination', async function () { | |
152 | await checkBadStartPagination(server.url, path, server.accessToken) | |
153 | }) | |
154 | ||
155 | it('Should fail with a bad count pagination', async function () { | |
156 | await checkBadCountPagination(server.url, path, server.accessToken) | |
157 | }) | |
158 | ||
159 | it('Should fail with an incorrect sort', async function () { | |
160 | await checkBadSortPagination(server.url, path, server.accessToken) | |
161 | }) | |
162 | }) | |
163 | ||
164 | describe('When blocking a server', function () { | |
165 | it('Should fail with an unauthenticated user', async function () { | |
166 | await makePostBodyRequest({ | |
167 | url: server.url, | |
168 | path, | |
169 | fields: { host: 'localhost:9002' }, | |
c0e8b12e | 170 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
171 | }) |
172 | }) | |
173 | ||
bb152476 | 174 | it('Should succeed with an unknown server', async function () { |
7ad9b984 C |
175 | await makePostBodyRequest({ |
176 | url: server.url, | |
177 | token: server.accessToken, | |
178 | path, | |
179 | fields: { host: 'localhost:9003' }, | |
c0e8b12e | 180 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
181 | }) |
182 | }) | |
183 | ||
af5767ff C |
184 | it('Should fail with our own server', async function () { |
185 | await makePostBodyRequest({ | |
186 | url: server.url, | |
187 | token: server.accessToken, | |
188 | path, | |
86ebdf8c | 189 | fields: { host: 'localhost:' + server.port }, |
c0e8b12e | 190 | expectedStatus: HttpStatusCode.CONFLICT_409 |
af5767ff C |
191 | }) |
192 | }) | |
193 | ||
7ad9b984 C |
194 | it('Should succeed with the correct params', async function () { |
195 | await makePostBodyRequest({ | |
196 | url: server.url, | |
197 | token: server.accessToken, | |
198 | path, | |
86ebdf8c | 199 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 200 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
201 | }) |
202 | }) | |
203 | }) | |
204 | ||
205 | describe('When unblocking a server', function () { | |
206 | it('Should fail with an unauthenticated user', async function () { | |
207 | await makeDeleteRequest({ | |
208 | url: server.url, | |
86ebdf8c | 209 | path: path + '/localhost:' + servers[1].port, |
c0e8b12e | 210 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
211 | }) |
212 | }) | |
213 | ||
214 | it('Should fail with an unknown server block', async function () { | |
215 | await makeDeleteRequest({ | |
216 | url: server.url, | |
bb152476 | 217 | path: path + '/localhost:9004', |
7ad9b984 | 218 | token: server.accessToken, |
c0e8b12e | 219 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
220 | }) |
221 | }) | |
222 | ||
223 | it('Should succeed with the correct params', async function () { | |
224 | await makeDeleteRequest({ | |
225 | url: server.url, | |
86ebdf8c | 226 | path: path + '/localhost:' + servers[1].port, |
7ad9b984 | 227 | token: server.accessToken, |
c0e8b12e | 228 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
229 | }) |
230 | }) | |
231 | }) | |
232 | }) | |
233 | }) | |
234 | ||
b44164bb C |
235 | describe('When managing server blocklist', function () { |
236 | ||
237 | describe('When managing server accounts blocklist', function () { | |
238 | const path = '/api/v1/server/blocklist/accounts' | |
239 | ||
240 | describe('When listing blocked accounts', function () { | |
241 | it('Should fail with an unauthenticated user', async function () { | |
242 | await makeGetRequest({ | |
243 | url: server.url, | |
244 | path, | |
c0e8b12e | 245 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
246 | }) |
247 | }) | |
248 | ||
249 | it('Should fail with a user without the appropriate rights', async function () { | |
250 | await makeGetRequest({ | |
251 | url: server.url, | |
252 | token: userAccessToken, | |
253 | path, | |
c0e8b12e | 254 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
255 | }) |
256 | }) | |
257 | ||
258 | it('Should fail with a bad start pagination', async function () { | |
259 | await checkBadStartPagination(server.url, path, server.accessToken) | |
260 | }) | |
261 | ||
262 | it('Should fail with a bad count pagination', async function () { | |
263 | await checkBadCountPagination(server.url, path, server.accessToken) | |
264 | }) | |
265 | ||
266 | it('Should fail with an incorrect sort', async function () { | |
267 | await checkBadSortPagination(server.url, path, server.accessToken) | |
268 | }) | |
269 | }) | |
270 | ||
271 | describe('When blocking an account', function () { | |
272 | it('Should fail with an unauthenticated user', async function () { | |
273 | await makePostBodyRequest({ | |
274 | url: server.url, | |
275 | path, | |
276 | fields: { accountName: 'user1' }, | |
c0e8b12e | 277 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
278 | }) |
279 | }) | |
280 | ||
281 | it('Should fail with a user without the appropriate rights', async function () { | |
282 | await makePostBodyRequest({ | |
283 | url: server.url, | |
284 | token: userAccessToken, | |
285 | path, | |
286 | fields: { accountName: 'user1' }, | |
c0e8b12e | 287 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
288 | }) |
289 | }) | |
290 | ||
291 | it('Should fail with an unknown account', async function () { | |
292 | await makePostBodyRequest({ | |
293 | url: server.url, | |
294 | token: server.accessToken, | |
295 | path, | |
296 | fields: { accountName: 'user2' }, | |
c0e8b12e | 297 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
298 | }) |
299 | }) | |
300 | ||
301 | it('Should fail to block ourselves', async function () { | |
302 | await makePostBodyRequest({ | |
303 | url: server.url, | |
304 | token: server.accessToken, | |
305 | path, | |
306 | fields: { accountName: 'root' }, | |
c0e8b12e | 307 | expectedStatus: HttpStatusCode.CONFLICT_409 |
b44164bb C |
308 | }) |
309 | }) | |
310 | ||
311 | it('Should succeed with the correct params', async function () { | |
312 | await makePostBodyRequest({ | |
313 | url: server.url, | |
314 | token: server.accessToken, | |
315 | path, | |
316 | fields: { accountName: 'user1' }, | |
c0e8b12e | 317 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
318 | }) |
319 | }) | |
320 | }) | |
321 | ||
322 | describe('When unblocking an account', function () { | |
323 | it('Should fail with an unauthenticated user', async function () { | |
324 | await makeDeleteRequest({ | |
325 | url: server.url, | |
326 | path: path + '/user1', | |
c0e8b12e | 327 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
328 | }) |
329 | }) | |
330 | ||
331 | it('Should fail with a user without the appropriate rights', async function () { | |
332 | await makeDeleteRequest({ | |
333 | url: server.url, | |
334 | path: path + '/user1', | |
335 | token: userAccessToken, | |
c0e8b12e | 336 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
337 | }) |
338 | }) | |
339 | ||
340 | it('Should fail with an unknown account block', async function () { | |
341 | await makeDeleteRequest({ | |
342 | url: server.url, | |
343 | path: path + '/user2', | |
344 | token: server.accessToken, | |
c0e8b12e | 345 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
346 | }) |
347 | }) | |
348 | ||
349 | it('Should succeed with the correct params', async function () { | |
350 | await makeDeleteRequest({ | |
351 | url: server.url, | |
352 | path: path + '/user1', | |
353 | token: server.accessToken, | |
c0e8b12e | 354 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
355 | }) |
356 | }) | |
357 | }) | |
358 | }) | |
359 | ||
360 | describe('When managing server servers blocklist', function () { | |
361 | const path = '/api/v1/server/blocklist/servers' | |
362 | ||
363 | describe('When listing blocked servers', function () { | |
364 | it('Should fail with an unauthenticated user', async function () { | |
365 | await makeGetRequest({ | |
366 | url: server.url, | |
367 | path, | |
c0e8b12e | 368 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
369 | }) |
370 | }) | |
371 | ||
372 | it('Should fail with a user without the appropriate rights', async function () { | |
373 | await makeGetRequest({ | |
374 | url: server.url, | |
375 | token: userAccessToken, | |
376 | path, | |
c0e8b12e | 377 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
378 | }) |
379 | }) | |
380 | ||
381 | it('Should fail with a bad start pagination', async function () { | |
382 | await checkBadStartPagination(server.url, path, server.accessToken) | |
383 | }) | |
384 | ||
385 | it('Should fail with a bad count pagination', async function () { | |
386 | await checkBadCountPagination(server.url, path, server.accessToken) | |
387 | }) | |
388 | ||
389 | it('Should fail with an incorrect sort', async function () { | |
390 | await checkBadSortPagination(server.url, path, server.accessToken) | |
391 | }) | |
392 | }) | |
393 | ||
394 | describe('When blocking a server', function () { | |
395 | it('Should fail with an unauthenticated user', async function () { | |
396 | await makePostBodyRequest({ | |
397 | url: server.url, | |
398 | path, | |
86ebdf8c | 399 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 400 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
401 | }) |
402 | }) | |
403 | ||
404 | it('Should fail with a user without the appropriate rights', async function () { | |
405 | await makePostBodyRequest({ | |
406 | url: server.url, | |
407 | token: userAccessToken, | |
408 | path, | |
86ebdf8c | 409 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 410 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
411 | }) |
412 | }) | |
413 | ||
bb152476 | 414 | it('Should succeed with an unknown server', async function () { |
b44164bb C |
415 | await makePostBodyRequest({ |
416 | url: server.url, | |
417 | token: server.accessToken, | |
418 | path, | |
419 | fields: { host: 'localhost:9003' }, | |
c0e8b12e | 420 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
421 | }) |
422 | }) | |
423 | ||
424 | it('Should fail with our own server', async function () { | |
425 | await makePostBodyRequest({ | |
426 | url: server.url, | |
427 | token: server.accessToken, | |
428 | path, | |
86ebdf8c | 429 | fields: { host: 'localhost:' + server.port }, |
c0e8b12e | 430 | expectedStatus: HttpStatusCode.CONFLICT_409 |
b44164bb C |
431 | }) |
432 | }) | |
433 | ||
434 | it('Should succeed with the correct params', async function () { | |
435 | await makePostBodyRequest({ | |
436 | url: server.url, | |
437 | token: server.accessToken, | |
438 | path, | |
86ebdf8c | 439 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 440 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
441 | }) |
442 | }) | |
443 | }) | |
444 | ||
445 | describe('When unblocking a server', function () { | |
446 | it('Should fail with an unauthenticated user', async function () { | |
447 | await makeDeleteRequest({ | |
448 | url: server.url, | |
86ebdf8c | 449 | path: path + '/localhost:' + servers[1].port, |
c0e8b12e | 450 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
451 | }) |
452 | }) | |
453 | ||
454 | it('Should fail with a user without the appropriate rights', async function () { | |
455 | await makeDeleteRequest({ | |
456 | url: server.url, | |
86ebdf8c | 457 | path: path + '/localhost:' + servers[1].port, |
b44164bb | 458 | token: userAccessToken, |
c0e8b12e | 459 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
460 | }) |
461 | }) | |
462 | ||
463 | it('Should fail with an unknown server block', async function () { | |
464 | await makeDeleteRequest({ | |
465 | url: server.url, | |
bb152476 | 466 | path: path + '/localhost:9004', |
b44164bb | 467 | token: server.accessToken, |
c0e8b12e | 468 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
469 | }) |
470 | }) | |
471 | ||
472 | it('Should succeed with the correct params', async function () { | |
473 | await makeDeleteRequest({ | |
474 | url: server.url, | |
86ebdf8c | 475 | path: path + '/localhost:' + servers[1].port, |
b44164bb | 476 | token: server.accessToken, |
c0e8b12e | 477 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
478 | }) |
479 | }) | |
480 | }) | |
481 | }) | |
482 | }) | |
483 | ||
86ebdf8c C |
484 | after(async function () { |
485 | await cleanupTests(servers) | |
7ad9b984 C |
486 | }) |
487 | }) |