]>
Commit | Line | Data |
---|---|---|
a1587156 | 1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ |
7ad9b984 C |
2 | |
3 | import 'mocha' | |
4 | ||
5 | import { | |
86ebdf8c | 6 | cleanupTests, |
7ad9b984 | 7 | doubleFollow, |
254d3579 | 8 | createMultipleServers, |
7ad9b984 C |
9 | makeDeleteRequest, |
10 | makeGetRequest, | |
11 | makePostBodyRequest, | |
254d3579 | 12 | PeerTubeServer, |
41d1d075 | 13 | setAccessTokensToServers |
94565d52 | 14 | } from '../../../../shared/extra-utils' |
9639bd17 | 15 | import { |
16 | checkBadCountPagination, | |
17 | checkBadSortPagination, | |
18 | checkBadStartPagination | |
94565d52 | 19 | } from '../../../../shared/extra-utils/requests/check-api-params' |
2d53be02 | 20 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' |
7ad9b984 C |
21 | |
22 | describe('Test blocklist API validators', function () { | |
254d3579 C |
23 | let servers: PeerTubeServer[] |
24 | let server: PeerTubeServer | |
b44164bb | 25 | let userAccessToken: string |
7ad9b984 C |
26 | |
27 | before(async function () { | |
28 | this.timeout(60000) | |
29 | ||
254d3579 | 30 | servers = await createMultipleServers(2) |
7ad9b984 C |
31 | await setAccessTokensToServers(servers) |
32 | ||
33 | server = servers[0] | |
34 | ||
35 | const user = { username: 'user1', password: 'password' } | |
89d241a7 | 36 | await server.users.create({ username: user.username, password: user.password }) |
7ad9b984 | 37 | |
89d241a7 | 38 | userAccessToken = await server.login.getAccessToken(user) |
b44164bb | 39 | |
7ad9b984 C |
40 | await doubleFollow(servers[0], servers[1]) |
41 | }) | |
42 | ||
43 | // --------------------------------------------------------------- | |
44 | ||
45 | describe('When managing user blocklist', function () { | |
7ad9b984 C |
46 | |
47 | describe('When managing user accounts blocklist', function () { | |
b44164bb | 48 | const path = '/api/v1/users/me/blocklist/accounts' |
7ad9b984 C |
49 | |
50 | describe('When listing blocked accounts', function () { | |
51 | it('Should fail with an unauthenticated user', async function () { | |
52 | await makeGetRequest({ | |
53 | url: server.url, | |
54 | path, | |
2d53be02 | 55 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
56 | }) |
57 | }) | |
58 | ||
59 | it('Should fail with a bad start pagination', async function () { | |
60 | await checkBadStartPagination(server.url, path, server.accessToken) | |
61 | }) | |
62 | ||
63 | it('Should fail with a bad count pagination', async function () { | |
64 | await checkBadCountPagination(server.url, path, server.accessToken) | |
65 | }) | |
66 | ||
67 | it('Should fail with an incorrect sort', async function () { | |
68 | await checkBadSortPagination(server.url, path, server.accessToken) | |
69 | }) | |
70 | }) | |
71 | ||
72 | describe('When blocking an account', function () { | |
73 | it('Should fail with an unauthenticated user', async function () { | |
74 | await makePostBodyRequest({ | |
75 | url: server.url, | |
76 | path, | |
77 | fields: { accountName: 'user1' }, | |
2d53be02 | 78 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
79 | }) |
80 | }) | |
81 | ||
82 | it('Should fail with an unknown account', async function () { | |
83 | await makePostBodyRequest({ | |
84 | url: server.url, | |
85 | token: server.accessToken, | |
86 | path, | |
87 | fields: { accountName: 'user2' }, | |
2d53be02 | 88 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
89 | }) |
90 | }) | |
91 | ||
af5767ff C |
92 | it('Should fail to block ourselves', async function () { |
93 | await makePostBodyRequest({ | |
94 | url: server.url, | |
95 | token: server.accessToken, | |
96 | path, | |
97 | fields: { accountName: 'root' }, | |
2d53be02 | 98 | statusCodeExpected: HttpStatusCode.CONFLICT_409 |
af5767ff C |
99 | }) |
100 | }) | |
101 | ||
7ad9b984 C |
102 | it('Should succeed with the correct params', async function () { |
103 | await makePostBodyRequest({ | |
104 | url: server.url, | |
105 | token: server.accessToken, | |
106 | path, | |
107 | fields: { accountName: 'user1' }, | |
2d53be02 | 108 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
109 | }) |
110 | }) | |
111 | }) | |
112 | ||
113 | describe('When unblocking an account', function () { | |
114 | it('Should fail with an unauthenticated user', async function () { | |
115 | await makeDeleteRequest({ | |
116 | url: server.url, | |
117 | path: path + '/user1', | |
2d53be02 | 118 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
119 | }) |
120 | }) | |
121 | ||
122 | it('Should fail with an unknown account block', async function () { | |
123 | await makeDeleteRequest({ | |
124 | url: server.url, | |
125 | path: path + '/user2', | |
126 | token: server.accessToken, | |
2d53be02 | 127 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
128 | }) |
129 | }) | |
130 | ||
131 | it('Should succeed with the correct params', async function () { | |
132 | await makeDeleteRequest({ | |
133 | url: server.url, | |
134 | path: path + '/user1', | |
135 | token: server.accessToken, | |
2d53be02 | 136 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
137 | }) |
138 | }) | |
139 | }) | |
140 | }) | |
141 | ||
142 | describe('When managing user servers blocklist', function () { | |
143 | const path = '/api/v1/users/me/blocklist/servers' | |
144 | ||
145 | describe('When listing blocked servers', function () { | |
146 | it('Should fail with an unauthenticated user', async function () { | |
147 | await makeGetRequest({ | |
148 | url: server.url, | |
149 | path, | |
2d53be02 | 150 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
151 | }) |
152 | }) | |
153 | ||
154 | it('Should fail with a bad start pagination', async function () { | |
155 | await checkBadStartPagination(server.url, path, server.accessToken) | |
156 | }) | |
157 | ||
158 | it('Should fail with a bad count pagination', async function () { | |
159 | await checkBadCountPagination(server.url, path, server.accessToken) | |
160 | }) | |
161 | ||
162 | it('Should fail with an incorrect sort', async function () { | |
163 | await checkBadSortPagination(server.url, path, server.accessToken) | |
164 | }) | |
165 | }) | |
166 | ||
167 | describe('When blocking a server', function () { | |
168 | it('Should fail with an unauthenticated user', async function () { | |
169 | await makePostBodyRequest({ | |
170 | url: server.url, | |
171 | path, | |
172 | fields: { host: 'localhost:9002' }, | |
2d53be02 | 173 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
174 | }) |
175 | }) | |
176 | ||
bb152476 | 177 | it('Should succeed with an unknown server', async function () { |
7ad9b984 C |
178 | await makePostBodyRequest({ |
179 | url: server.url, | |
180 | token: server.accessToken, | |
181 | path, | |
182 | fields: { host: 'localhost:9003' }, | |
2d53be02 | 183 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
184 | }) |
185 | }) | |
186 | ||
af5767ff C |
187 | it('Should fail with our own server', async function () { |
188 | await makePostBodyRequest({ | |
189 | url: server.url, | |
190 | token: server.accessToken, | |
191 | path, | |
86ebdf8c | 192 | fields: { host: 'localhost:' + server.port }, |
2d53be02 | 193 | statusCodeExpected: HttpStatusCode.CONFLICT_409 |
af5767ff C |
194 | }) |
195 | }) | |
196 | ||
7ad9b984 C |
197 | it('Should succeed with the correct params', async function () { |
198 | await makePostBodyRequest({ | |
199 | url: server.url, | |
200 | token: server.accessToken, | |
201 | path, | |
86ebdf8c | 202 | fields: { host: 'localhost:' + servers[1].port }, |
2d53be02 | 203 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
204 | }) |
205 | }) | |
206 | }) | |
207 | ||
208 | describe('When unblocking a server', function () { | |
209 | it('Should fail with an unauthenticated user', async function () { | |
210 | await makeDeleteRequest({ | |
211 | url: server.url, | |
86ebdf8c | 212 | path: path + '/localhost:' + servers[1].port, |
2d53be02 | 213 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
214 | }) |
215 | }) | |
216 | ||
217 | it('Should fail with an unknown server block', async function () { | |
218 | await makeDeleteRequest({ | |
219 | url: server.url, | |
bb152476 | 220 | path: path + '/localhost:9004', |
7ad9b984 | 221 | token: server.accessToken, |
2d53be02 | 222 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
223 | }) |
224 | }) | |
225 | ||
226 | it('Should succeed with the correct params', async function () { | |
227 | await makeDeleteRequest({ | |
228 | url: server.url, | |
86ebdf8c | 229 | path: path + '/localhost:' + servers[1].port, |
7ad9b984 | 230 | token: server.accessToken, |
2d53be02 | 231 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
232 | }) |
233 | }) | |
234 | }) | |
235 | }) | |
236 | }) | |
237 | ||
b44164bb C |
238 | describe('When managing server blocklist', function () { |
239 | ||
240 | describe('When managing server accounts blocklist', function () { | |
241 | const path = '/api/v1/server/blocklist/accounts' | |
242 | ||
243 | describe('When listing blocked accounts', function () { | |
244 | it('Should fail with an unauthenticated user', async function () { | |
245 | await makeGetRequest({ | |
246 | url: server.url, | |
247 | path, | |
2d53be02 | 248 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
249 | }) |
250 | }) | |
251 | ||
252 | it('Should fail with a user without the appropriate rights', async function () { | |
253 | await makeGetRequest({ | |
254 | url: server.url, | |
255 | token: userAccessToken, | |
256 | path, | |
2d53be02 | 257 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
258 | }) |
259 | }) | |
260 | ||
261 | it('Should fail with a bad start pagination', async function () { | |
262 | await checkBadStartPagination(server.url, path, server.accessToken) | |
263 | }) | |
264 | ||
265 | it('Should fail with a bad count pagination', async function () { | |
266 | await checkBadCountPagination(server.url, path, server.accessToken) | |
267 | }) | |
268 | ||
269 | it('Should fail with an incorrect sort', async function () { | |
270 | await checkBadSortPagination(server.url, path, server.accessToken) | |
271 | }) | |
272 | }) | |
273 | ||
274 | describe('When blocking an account', function () { | |
275 | it('Should fail with an unauthenticated user', async function () { | |
276 | await makePostBodyRequest({ | |
277 | url: server.url, | |
278 | path, | |
279 | fields: { accountName: 'user1' }, | |
2d53be02 | 280 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
281 | }) |
282 | }) | |
283 | ||
284 | it('Should fail with a user without the appropriate rights', async function () { | |
285 | await makePostBodyRequest({ | |
286 | url: server.url, | |
287 | token: userAccessToken, | |
288 | path, | |
289 | fields: { accountName: 'user1' }, | |
2d53be02 | 290 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
291 | }) |
292 | }) | |
293 | ||
294 | it('Should fail with an unknown account', async function () { | |
295 | await makePostBodyRequest({ | |
296 | url: server.url, | |
297 | token: server.accessToken, | |
298 | path, | |
299 | fields: { accountName: 'user2' }, | |
2d53be02 | 300 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
301 | }) |
302 | }) | |
303 | ||
304 | it('Should fail to block ourselves', async function () { | |
305 | await makePostBodyRequest({ | |
306 | url: server.url, | |
307 | token: server.accessToken, | |
308 | path, | |
309 | fields: { accountName: 'root' }, | |
2d53be02 | 310 | statusCodeExpected: HttpStatusCode.CONFLICT_409 |
b44164bb C |
311 | }) |
312 | }) | |
313 | ||
314 | it('Should succeed with the correct params', async function () { | |
315 | await makePostBodyRequest({ | |
316 | url: server.url, | |
317 | token: server.accessToken, | |
318 | path, | |
319 | fields: { accountName: 'user1' }, | |
2d53be02 | 320 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
321 | }) |
322 | }) | |
323 | }) | |
324 | ||
325 | describe('When unblocking an account', function () { | |
326 | it('Should fail with an unauthenticated user', async function () { | |
327 | await makeDeleteRequest({ | |
328 | url: server.url, | |
329 | path: path + '/user1', | |
2d53be02 | 330 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
331 | }) |
332 | }) | |
333 | ||
334 | it('Should fail with a user without the appropriate rights', async function () { | |
335 | await makeDeleteRequest({ | |
336 | url: server.url, | |
337 | path: path + '/user1', | |
338 | token: userAccessToken, | |
2d53be02 | 339 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
340 | }) |
341 | }) | |
342 | ||
343 | it('Should fail with an unknown account block', async function () { | |
344 | await makeDeleteRequest({ | |
345 | url: server.url, | |
346 | path: path + '/user2', | |
347 | token: server.accessToken, | |
2d53be02 | 348 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
349 | }) |
350 | }) | |
351 | ||
352 | it('Should succeed with the correct params', async function () { | |
353 | await makeDeleteRequest({ | |
354 | url: server.url, | |
355 | path: path + '/user1', | |
356 | token: server.accessToken, | |
2d53be02 | 357 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
358 | }) |
359 | }) | |
360 | }) | |
361 | }) | |
362 | ||
363 | describe('When managing server servers blocklist', function () { | |
364 | const path = '/api/v1/server/blocklist/servers' | |
365 | ||
366 | describe('When listing blocked servers', function () { | |
367 | it('Should fail with an unauthenticated user', async function () { | |
368 | await makeGetRequest({ | |
369 | url: server.url, | |
370 | path, | |
2d53be02 | 371 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
372 | }) |
373 | }) | |
374 | ||
375 | it('Should fail with a user without the appropriate rights', async function () { | |
376 | await makeGetRequest({ | |
377 | url: server.url, | |
378 | token: userAccessToken, | |
379 | path, | |
2d53be02 | 380 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
381 | }) |
382 | }) | |
383 | ||
384 | it('Should fail with a bad start pagination', async function () { | |
385 | await checkBadStartPagination(server.url, path, server.accessToken) | |
386 | }) | |
387 | ||
388 | it('Should fail with a bad count pagination', async function () { | |
389 | await checkBadCountPagination(server.url, path, server.accessToken) | |
390 | }) | |
391 | ||
392 | it('Should fail with an incorrect sort', async function () { | |
393 | await checkBadSortPagination(server.url, path, server.accessToken) | |
394 | }) | |
395 | }) | |
396 | ||
397 | describe('When blocking a server', function () { | |
398 | it('Should fail with an unauthenticated user', async function () { | |
399 | await makePostBodyRequest({ | |
400 | url: server.url, | |
401 | path, | |
86ebdf8c | 402 | fields: { host: 'localhost:' + servers[1].port }, |
2d53be02 | 403 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
404 | }) |
405 | }) | |
406 | ||
407 | it('Should fail with a user without the appropriate rights', async function () { | |
408 | await makePostBodyRequest({ | |
409 | url: server.url, | |
410 | token: userAccessToken, | |
411 | path, | |
86ebdf8c | 412 | fields: { host: 'localhost:' + servers[1].port }, |
2d53be02 | 413 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
414 | }) |
415 | }) | |
416 | ||
bb152476 | 417 | it('Should succeed with an unknown server', async function () { |
b44164bb C |
418 | await makePostBodyRequest({ |
419 | url: server.url, | |
420 | token: server.accessToken, | |
421 | path, | |
422 | fields: { host: 'localhost:9003' }, | |
2d53be02 | 423 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
424 | }) |
425 | }) | |
426 | ||
427 | it('Should fail with our own server', async function () { | |
428 | await makePostBodyRequest({ | |
429 | url: server.url, | |
430 | token: server.accessToken, | |
431 | path, | |
86ebdf8c | 432 | fields: { host: 'localhost:' + server.port }, |
2d53be02 | 433 | statusCodeExpected: HttpStatusCode.CONFLICT_409 |
b44164bb C |
434 | }) |
435 | }) | |
436 | ||
437 | it('Should succeed with the correct params', async function () { | |
438 | await makePostBodyRequest({ | |
439 | url: server.url, | |
440 | token: server.accessToken, | |
441 | path, | |
86ebdf8c | 442 | fields: { host: 'localhost:' + servers[1].port }, |
2d53be02 | 443 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
444 | }) |
445 | }) | |
446 | }) | |
447 | ||
448 | describe('When unblocking a server', function () { | |
449 | it('Should fail with an unauthenticated user', async function () { | |
450 | await makeDeleteRequest({ | |
451 | url: server.url, | |
86ebdf8c | 452 | path: path + '/localhost:' + servers[1].port, |
2d53be02 | 453 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
454 | }) |
455 | }) | |
456 | ||
457 | it('Should fail with a user without the appropriate rights', async function () { | |
458 | await makeDeleteRequest({ | |
459 | url: server.url, | |
86ebdf8c | 460 | path: path + '/localhost:' + servers[1].port, |
b44164bb | 461 | token: userAccessToken, |
2d53be02 | 462 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
463 | }) |
464 | }) | |
465 | ||
466 | it('Should fail with an unknown server block', async function () { | |
467 | await makeDeleteRequest({ | |
468 | url: server.url, | |
bb152476 | 469 | path: path + '/localhost:9004', |
b44164bb | 470 | token: server.accessToken, |
2d53be02 | 471 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
472 | }) |
473 | }) | |
474 | ||
475 | it('Should succeed with the correct params', async function () { | |
476 | await makeDeleteRequest({ | |
477 | url: server.url, | |
86ebdf8c | 478 | path: path + '/localhost:' + servers[1].port, |
b44164bb | 479 | token: server.accessToken, |
2d53be02 | 480 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
481 | }) |
482 | }) | |
483 | }) | |
484 | }) | |
485 | }) | |
486 | ||
86ebdf8c C |
487 | after(async function () { |
488 | await cleanupTests(servers) | |
7ad9b984 C |
489 | }) |
490 | }) |