]>
Commit | Line | Data |
---|---|---|
a1587156 | 1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ |
7ad9b984 | 2 | |
c55e3d72 C |
3 | import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared' |
4 | import { HttpStatusCode } from '@shared/models' | |
7ad9b984 | 5 | import { |
86ebdf8c | 6 | cleanupTests, |
254d3579 | 7 | createMultipleServers, |
c0e8b12e | 8 | doubleFollow, |
7ad9b984 C |
9 | makeDeleteRequest, |
10 | makeGetRequest, | |
11 | makePostBodyRequest, | |
254d3579 | 12 | PeerTubeServer, |
41d1d075 | 13 | setAccessTokensToServers |
bf54587a | 14 | } from '@shared/server-commands' |
7ad9b984 C |
15 | |
16 | describe('Test blocklist API validators', function () { | |
254d3579 C |
17 | let servers: PeerTubeServer[] |
18 | let server: PeerTubeServer | |
b44164bb | 19 | let userAccessToken: string |
7ad9b984 C |
20 | |
21 | before(async function () { | |
22 | this.timeout(60000) | |
23 | ||
254d3579 | 24 | servers = await createMultipleServers(2) |
7ad9b984 C |
25 | await setAccessTokensToServers(servers) |
26 | ||
27 | server = servers[0] | |
28 | ||
29 | const user = { username: 'user1', password: 'password' } | |
89d241a7 | 30 | await server.users.create({ username: user.username, password: user.password }) |
7ad9b984 | 31 | |
89d241a7 | 32 | userAccessToken = await server.login.getAccessToken(user) |
b44164bb | 33 | |
7ad9b984 C |
34 | await doubleFollow(servers[0], servers[1]) |
35 | }) | |
36 | ||
37 | // --------------------------------------------------------------- | |
38 | ||
39 | describe('When managing user blocklist', function () { | |
7ad9b984 C |
40 | |
41 | describe('When managing user accounts blocklist', function () { | |
b44164bb | 42 | const path = '/api/v1/users/me/blocklist/accounts' |
7ad9b984 C |
43 | |
44 | describe('When listing blocked accounts', function () { | |
45 | it('Should fail with an unauthenticated user', async function () { | |
46 | await makeGetRequest({ | |
47 | url: server.url, | |
48 | path, | |
c0e8b12e | 49 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
50 | }) |
51 | }) | |
52 | ||
53 | it('Should fail with a bad start pagination', async function () { | |
54 | await checkBadStartPagination(server.url, path, server.accessToken) | |
55 | }) | |
56 | ||
57 | it('Should fail with a bad count pagination', async function () { | |
58 | await checkBadCountPagination(server.url, path, server.accessToken) | |
59 | }) | |
60 | ||
61 | it('Should fail with an incorrect sort', async function () { | |
62 | await checkBadSortPagination(server.url, path, server.accessToken) | |
63 | }) | |
64 | }) | |
65 | ||
66 | describe('When blocking an account', function () { | |
67 | it('Should fail with an unauthenticated user', async function () { | |
68 | await makePostBodyRequest({ | |
69 | url: server.url, | |
70 | path, | |
71 | fields: { accountName: 'user1' }, | |
c0e8b12e | 72 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
73 | }) |
74 | }) | |
75 | ||
76 | it('Should fail with an unknown account', async function () { | |
77 | await makePostBodyRequest({ | |
78 | url: server.url, | |
79 | token: server.accessToken, | |
80 | path, | |
81 | fields: { accountName: 'user2' }, | |
c0e8b12e | 82 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
83 | }) |
84 | }) | |
85 | ||
af5767ff C |
86 | it('Should fail to block ourselves', async function () { |
87 | await makePostBodyRequest({ | |
88 | url: server.url, | |
89 | token: server.accessToken, | |
90 | path, | |
91 | fields: { accountName: 'root' }, | |
c0e8b12e | 92 | expectedStatus: HttpStatusCode.CONFLICT_409 |
af5767ff C |
93 | }) |
94 | }) | |
95 | ||
7ad9b984 C |
96 | it('Should succeed with the correct params', async function () { |
97 | await makePostBodyRequest({ | |
98 | url: server.url, | |
99 | token: server.accessToken, | |
100 | path, | |
101 | fields: { accountName: 'user1' }, | |
c0e8b12e | 102 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
103 | }) |
104 | }) | |
105 | }) | |
106 | ||
107 | describe('When unblocking an account', function () { | |
108 | it('Should fail with an unauthenticated user', async function () { | |
109 | await makeDeleteRequest({ | |
110 | url: server.url, | |
111 | path: path + '/user1', | |
c0e8b12e | 112 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
113 | }) |
114 | }) | |
115 | ||
116 | it('Should fail with an unknown account block', async function () { | |
117 | await makeDeleteRequest({ | |
118 | url: server.url, | |
119 | path: path + '/user2', | |
120 | token: server.accessToken, | |
c0e8b12e | 121 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
122 | }) |
123 | }) | |
124 | ||
125 | it('Should succeed with the correct params', async function () { | |
126 | await makeDeleteRequest({ | |
127 | url: server.url, | |
128 | path: path + '/user1', | |
129 | token: server.accessToken, | |
c0e8b12e | 130 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
131 | }) |
132 | }) | |
133 | }) | |
134 | }) | |
135 | ||
136 | describe('When managing user servers blocklist', function () { | |
137 | const path = '/api/v1/users/me/blocklist/servers' | |
138 | ||
139 | describe('When listing blocked servers', function () { | |
140 | it('Should fail with an unauthenticated user', async function () { | |
141 | await makeGetRequest({ | |
142 | url: server.url, | |
143 | path, | |
c0e8b12e | 144 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
145 | }) |
146 | }) | |
147 | ||
148 | it('Should fail with a bad start pagination', async function () { | |
149 | await checkBadStartPagination(server.url, path, server.accessToken) | |
150 | }) | |
151 | ||
152 | it('Should fail with a bad count pagination', async function () { | |
153 | await checkBadCountPagination(server.url, path, server.accessToken) | |
154 | }) | |
155 | ||
156 | it('Should fail with an incorrect sort', async function () { | |
157 | await checkBadSortPagination(server.url, path, server.accessToken) | |
158 | }) | |
159 | }) | |
160 | ||
161 | describe('When blocking a server', function () { | |
162 | it('Should fail with an unauthenticated user', async function () { | |
163 | await makePostBodyRequest({ | |
164 | url: server.url, | |
165 | path, | |
166 | fields: { host: 'localhost:9002' }, | |
c0e8b12e | 167 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
168 | }) |
169 | }) | |
170 | ||
bb152476 | 171 | it('Should succeed with an unknown server', async function () { |
7ad9b984 C |
172 | await makePostBodyRequest({ |
173 | url: server.url, | |
174 | token: server.accessToken, | |
175 | path, | |
176 | fields: { host: 'localhost:9003' }, | |
c0e8b12e | 177 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
178 | }) |
179 | }) | |
180 | ||
af5767ff C |
181 | it('Should fail with our own server', async function () { |
182 | await makePostBodyRequest({ | |
183 | url: server.url, | |
184 | token: server.accessToken, | |
185 | path, | |
86ebdf8c | 186 | fields: { host: 'localhost:' + server.port }, |
c0e8b12e | 187 | expectedStatus: HttpStatusCode.CONFLICT_409 |
af5767ff C |
188 | }) |
189 | }) | |
190 | ||
7ad9b984 C |
191 | it('Should succeed with the correct params', async function () { |
192 | await makePostBodyRequest({ | |
193 | url: server.url, | |
194 | token: server.accessToken, | |
195 | path, | |
86ebdf8c | 196 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 197 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
198 | }) |
199 | }) | |
200 | }) | |
201 | ||
202 | describe('When unblocking a server', function () { | |
203 | it('Should fail with an unauthenticated user', async function () { | |
204 | await makeDeleteRequest({ | |
205 | url: server.url, | |
86ebdf8c | 206 | path: path + '/localhost:' + servers[1].port, |
c0e8b12e | 207 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
208 | }) |
209 | }) | |
210 | ||
211 | it('Should fail with an unknown server block', async function () { | |
212 | await makeDeleteRequest({ | |
213 | url: server.url, | |
bb152476 | 214 | path: path + '/localhost:9004', |
7ad9b984 | 215 | token: server.accessToken, |
c0e8b12e | 216 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
217 | }) |
218 | }) | |
219 | ||
220 | it('Should succeed with the correct params', async function () { | |
221 | await makeDeleteRequest({ | |
222 | url: server.url, | |
86ebdf8c | 223 | path: path + '/localhost:' + servers[1].port, |
7ad9b984 | 224 | token: server.accessToken, |
c0e8b12e | 225 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
226 | }) |
227 | }) | |
228 | }) | |
229 | }) | |
230 | }) | |
231 | ||
b44164bb C |
232 | describe('When managing server blocklist', function () { |
233 | ||
234 | describe('When managing server accounts blocklist', function () { | |
235 | const path = '/api/v1/server/blocklist/accounts' | |
236 | ||
237 | describe('When listing blocked accounts', function () { | |
238 | it('Should fail with an unauthenticated user', async function () { | |
239 | await makeGetRequest({ | |
240 | url: server.url, | |
241 | path, | |
c0e8b12e | 242 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
243 | }) |
244 | }) | |
245 | ||
246 | it('Should fail with a user without the appropriate rights', async function () { | |
247 | await makeGetRequest({ | |
248 | url: server.url, | |
249 | token: userAccessToken, | |
250 | path, | |
c0e8b12e | 251 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
252 | }) |
253 | }) | |
254 | ||
255 | it('Should fail with a bad start pagination', async function () { | |
256 | await checkBadStartPagination(server.url, path, server.accessToken) | |
257 | }) | |
258 | ||
259 | it('Should fail with a bad count pagination', async function () { | |
260 | await checkBadCountPagination(server.url, path, server.accessToken) | |
261 | }) | |
262 | ||
263 | it('Should fail with an incorrect sort', async function () { | |
264 | await checkBadSortPagination(server.url, path, server.accessToken) | |
265 | }) | |
266 | }) | |
267 | ||
268 | describe('When blocking an account', function () { | |
269 | it('Should fail with an unauthenticated user', async function () { | |
270 | await makePostBodyRequest({ | |
271 | url: server.url, | |
272 | path, | |
273 | fields: { accountName: 'user1' }, | |
c0e8b12e | 274 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
275 | }) |
276 | }) | |
277 | ||
278 | it('Should fail with a user without the appropriate rights', async function () { | |
279 | await makePostBodyRequest({ | |
280 | url: server.url, | |
281 | token: userAccessToken, | |
282 | path, | |
283 | fields: { accountName: 'user1' }, | |
c0e8b12e | 284 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
285 | }) |
286 | }) | |
287 | ||
288 | it('Should fail with an unknown account', async function () { | |
289 | await makePostBodyRequest({ | |
290 | url: server.url, | |
291 | token: server.accessToken, | |
292 | path, | |
293 | fields: { accountName: 'user2' }, | |
c0e8b12e | 294 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
295 | }) |
296 | }) | |
297 | ||
298 | it('Should fail to block ourselves', async function () { | |
299 | await makePostBodyRequest({ | |
300 | url: server.url, | |
301 | token: server.accessToken, | |
302 | path, | |
303 | fields: { accountName: 'root' }, | |
c0e8b12e | 304 | expectedStatus: HttpStatusCode.CONFLICT_409 |
b44164bb C |
305 | }) |
306 | }) | |
307 | ||
308 | it('Should succeed with the correct params', async function () { | |
309 | await makePostBodyRequest({ | |
310 | url: server.url, | |
311 | token: server.accessToken, | |
312 | path, | |
313 | fields: { accountName: 'user1' }, | |
c0e8b12e | 314 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
315 | }) |
316 | }) | |
317 | }) | |
318 | ||
319 | describe('When unblocking an account', function () { | |
320 | it('Should fail with an unauthenticated user', async function () { | |
321 | await makeDeleteRequest({ | |
322 | url: server.url, | |
323 | path: path + '/user1', | |
c0e8b12e | 324 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
325 | }) |
326 | }) | |
327 | ||
328 | it('Should fail with a user without the appropriate rights', async function () { | |
329 | await makeDeleteRequest({ | |
330 | url: server.url, | |
331 | path: path + '/user1', | |
332 | token: userAccessToken, | |
c0e8b12e | 333 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
334 | }) |
335 | }) | |
336 | ||
337 | it('Should fail with an unknown account block', async function () { | |
338 | await makeDeleteRequest({ | |
339 | url: server.url, | |
340 | path: path + '/user2', | |
341 | token: server.accessToken, | |
c0e8b12e | 342 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
343 | }) |
344 | }) | |
345 | ||
346 | it('Should succeed with the correct params', async function () { | |
347 | await makeDeleteRequest({ | |
348 | url: server.url, | |
349 | path: path + '/user1', | |
350 | token: server.accessToken, | |
c0e8b12e | 351 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
352 | }) |
353 | }) | |
354 | }) | |
355 | }) | |
356 | ||
357 | describe('When managing server servers blocklist', function () { | |
358 | const path = '/api/v1/server/blocklist/servers' | |
359 | ||
360 | describe('When listing blocked servers', function () { | |
361 | it('Should fail with an unauthenticated user', async function () { | |
362 | await makeGetRequest({ | |
363 | url: server.url, | |
364 | path, | |
c0e8b12e | 365 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
366 | }) |
367 | }) | |
368 | ||
369 | it('Should fail with a user without the appropriate rights', async function () { | |
370 | await makeGetRequest({ | |
371 | url: server.url, | |
372 | token: userAccessToken, | |
373 | path, | |
c0e8b12e | 374 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
375 | }) |
376 | }) | |
377 | ||
378 | it('Should fail with a bad start pagination', async function () { | |
379 | await checkBadStartPagination(server.url, path, server.accessToken) | |
380 | }) | |
381 | ||
382 | it('Should fail with a bad count pagination', async function () { | |
383 | await checkBadCountPagination(server.url, path, server.accessToken) | |
384 | }) | |
385 | ||
386 | it('Should fail with an incorrect sort', async function () { | |
387 | await checkBadSortPagination(server.url, path, server.accessToken) | |
388 | }) | |
389 | }) | |
390 | ||
391 | describe('When blocking a server', function () { | |
392 | it('Should fail with an unauthenticated user', async function () { | |
393 | await makePostBodyRequest({ | |
394 | url: server.url, | |
395 | path, | |
86ebdf8c | 396 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 397 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
398 | }) |
399 | }) | |
400 | ||
401 | it('Should fail with a user without the appropriate rights', async function () { | |
402 | await makePostBodyRequest({ | |
403 | url: server.url, | |
404 | token: userAccessToken, | |
405 | path, | |
86ebdf8c | 406 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 407 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
408 | }) |
409 | }) | |
410 | ||
bb152476 | 411 | it('Should succeed with an unknown server', async function () { |
b44164bb C |
412 | await makePostBodyRequest({ |
413 | url: server.url, | |
414 | token: server.accessToken, | |
415 | path, | |
416 | fields: { host: 'localhost:9003' }, | |
c0e8b12e | 417 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
418 | }) |
419 | }) | |
420 | ||
421 | it('Should fail with our own server', async function () { | |
422 | await makePostBodyRequest({ | |
423 | url: server.url, | |
424 | token: server.accessToken, | |
425 | path, | |
86ebdf8c | 426 | fields: { host: 'localhost:' + server.port }, |
c0e8b12e | 427 | expectedStatus: HttpStatusCode.CONFLICT_409 |
b44164bb C |
428 | }) |
429 | }) | |
430 | ||
431 | it('Should succeed with the correct params', async function () { | |
432 | await makePostBodyRequest({ | |
433 | url: server.url, | |
434 | token: server.accessToken, | |
435 | path, | |
86ebdf8c | 436 | fields: { host: 'localhost:' + servers[1].port }, |
c0e8b12e | 437 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
438 | }) |
439 | }) | |
440 | }) | |
441 | ||
442 | describe('When unblocking a server', function () { | |
443 | it('Should fail with an unauthenticated user', async function () { | |
444 | await makeDeleteRequest({ | |
445 | url: server.url, | |
86ebdf8c | 446 | path: path + '/localhost:' + servers[1].port, |
c0e8b12e | 447 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
448 | }) |
449 | }) | |
450 | ||
451 | it('Should fail with a user without the appropriate rights', async function () { | |
452 | await makeDeleteRequest({ | |
453 | url: server.url, | |
86ebdf8c | 454 | path: path + '/localhost:' + servers[1].port, |
b44164bb | 455 | token: userAccessToken, |
c0e8b12e | 456 | expectedStatus: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
457 | }) |
458 | }) | |
459 | ||
460 | it('Should fail with an unknown server block', async function () { | |
461 | await makeDeleteRequest({ | |
462 | url: server.url, | |
bb152476 | 463 | path: path + '/localhost:9004', |
b44164bb | 464 | token: server.accessToken, |
c0e8b12e | 465 | expectedStatus: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
466 | }) |
467 | }) | |
468 | ||
469 | it('Should succeed with the correct params', async function () { | |
470 | await makeDeleteRequest({ | |
471 | url: server.url, | |
86ebdf8c | 472 | path: path + '/localhost:' + servers[1].port, |
b44164bb | 473 | token: server.accessToken, |
c0e8b12e | 474 | expectedStatus: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
475 | }) |
476 | }) | |
477 | }) | |
478 | }) | |
479 | }) | |
480 | ||
80badf49 C |
481 | describe('When getting blocklist status', function () { |
482 | const path = '/api/v1/blocklist/status' | |
483 | ||
484 | it('Should fail with a bad token', async function () { | |
485 | await makeGetRequest({ | |
486 | url: server.url, | |
487 | path, | |
488 | token: 'false', | |
489 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | |
490 | }) | |
491 | }) | |
492 | ||
493 | it('Should fail with a bad accounts field', async function () { | |
494 | await makeGetRequest({ | |
495 | url: server.url, | |
496 | path, | |
497 | query: { | |
498 | accounts: 1 | |
499 | }, | |
500 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
501 | }) | |
502 | ||
503 | await makeGetRequest({ | |
504 | url: server.url, | |
505 | path, | |
506 | query: { | |
507 | accounts: [ 1 ] | |
508 | }, | |
509 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
510 | }) | |
511 | }) | |
512 | ||
513 | it('Should fail with a bad hosts field', async function () { | |
514 | await makeGetRequest({ | |
515 | url: server.url, | |
516 | path, | |
517 | query: { | |
518 | hosts: 1 | |
519 | }, | |
520 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
521 | }) | |
522 | ||
523 | await makeGetRequest({ | |
524 | url: server.url, | |
525 | path, | |
526 | query: { | |
527 | hosts: [ 1 ] | |
528 | }, | |
529 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
530 | }) | |
531 | }) | |
532 | ||
533 | it('Should succeed with the correct parameters', async function () { | |
534 | await makeGetRequest({ | |
535 | url: server.url, | |
536 | path, | |
537 | query: {}, | |
538 | expectedStatus: HttpStatusCode.OK_200 | |
539 | }) | |
540 | ||
541 | await makeGetRequest({ | |
542 | url: server.url, | |
543 | path, | |
544 | query: { | |
545 | hosts: [ 'example.com' ], | |
546 | accounts: [ 'john@example.com' ] | |
547 | }, | |
548 | expectedStatus: HttpStatusCode.OK_200 | |
549 | }) | |
550 | }) | |
551 | }) | |
552 | ||
86ebdf8c C |
553 | after(async function () { |
554 | await cleanupTests(servers) | |
7ad9b984 C |
555 | }) |
556 | }) |