]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blame - server/tests/api/check-params/blocklist.ts
projects / github / Chocobozzz / PeerTube.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Use an object to represent a server
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / blocklist.ts
CommitLineData
a1587156 1/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
7ad9b984
C		 2
3import 'mocha'
4
5import {
86ebdf8c 6 cleanupTests,
7ad9b984 7 doubleFollow,
254d3579 8 createMultipleServers,
7ad9b984
C		 9 makeDeleteRequest,
10 makeGetRequest,
11 makePostBodyRequest,
254d3579 12 PeerTubeServer,
41d1d075 13 setAccessTokensToServers
94565d52 14} from '../../../../shared/extra-utils'
9639bd17 15import {
16 checkBadCountPagination,
17 checkBadSortPagination,
18 checkBadStartPagination
94565d52 19} from '../../../../shared/extra-utils/requests/check-api-params'
2d53be02 20import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
7ad9b984
C		 21
22describe('Test blocklist API validators', function () {
254d3579
C		 23 let servers: PeerTubeServer[]
24 let server: PeerTubeServer
b44164bb 25 let userAccessToken: string
7ad9b984
C		 26
27 before(async function () {
28 this.timeout(60000)
29
254d3579 30 servers = await createMultipleServers(2)
7ad9b984
C		 31 await setAccessTokensToServers(servers)
32
33 server = servers[0]
34
35 const user = { username: 'user1', password: 'password' }
89d241a7 36 await server.users.create({ username: user.username, password: user.password })
7ad9b984 37
89d241a7 38 userAccessToken = await server.login.getAccessToken(user)
b44164bb 39
7ad9b984
C		 40 await doubleFollow(servers[0], servers[1])
41 })
42
43 // ---------------------------------------------------------------
44
45 describe('When managing user blocklist', function () {
7ad9b984
C		 46
47 describe('When managing user accounts blocklist', function () {
b44164bb 48 const path = '/api/v1/users/me/blocklist/accounts'
7ad9b984
C		 49
50 describe('When listing blocked accounts', function () {
51 it('Should fail with an unauthenticated user', async function () {
52 await makeGetRequest({
53 url: server.url,
54 path,
2d53be02 55 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 56 })
57 })
58
59 it('Should fail with a bad start pagination', async function () {
60 await checkBadStartPagination(server.url, path, server.accessToken)
61 })
62
63 it('Should fail with a bad count pagination', async function () {
64 await checkBadCountPagination(server.url, path, server.accessToken)
65 })
66
67 it('Should fail with an incorrect sort', async function () {
68 await checkBadSortPagination(server.url, path, server.accessToken)
69 })
70 })
71
72 describe('When blocking an account', function () {
73 it('Should fail with an unauthenticated user', async function () {
74 await makePostBodyRequest({
75 url: server.url,
76 path,
77 fields: { accountName: 'user1' },
2d53be02 78 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 79 })
80 })
81
82 it('Should fail with an unknown account', async function () {
83 await makePostBodyRequest({
84 url: server.url,
85 token: server.accessToken,
86 path,
87 fields: { accountName: 'user2' },
2d53be02 88 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
7ad9b984
C		 89 })
90 })
91
af5767ff
C		 92 it('Should fail to block ourselves', async function () {
93 await makePostBodyRequest({
94 url: server.url,
95 token: server.accessToken,
96 path,
97 fields: { accountName: 'root' },
2d53be02 98 statusCodeExpected: HttpStatusCode.CONFLICT_409
af5767ff
C		 99 })
100 })
101
7ad9b984
C		 102 it('Should succeed with the correct params', async function () {
103 await makePostBodyRequest({
104 url: server.url,
105 token: server.accessToken,
106 path,
107 fields: { accountName: 'user1' },
2d53be02 108 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
7ad9b984
C		 109 })
110 })
111 })
112
113 describe('When unblocking an account', function () {
114 it('Should fail with an unauthenticated user', async function () {
115 await makeDeleteRequest({
116 url: server.url,
117 path: path + '/user1',
2d53be02 118 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 119 })
120 })
121
122 it('Should fail with an unknown account block', async function () {
123 await makeDeleteRequest({
124 url: server.url,
125 path: path + '/user2',
126 token: server.accessToken,
2d53be02 127 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
7ad9b984
C		 128 })
129 })
130
131 it('Should succeed with the correct params', async function () {
132 await makeDeleteRequest({
133 url: server.url,
134 path: path + '/user1',
135 token: server.accessToken,
2d53be02 136 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
7ad9b984
C		 137 })
138 })
139 })
140 })
141
142 describe('When managing user servers blocklist', function () {
143 const path = '/api/v1/users/me/blocklist/servers'
144
145 describe('When listing blocked servers', function () {
146 it('Should fail with an unauthenticated user', async function () {
147 await makeGetRequest({
148 url: server.url,
149 path,
2d53be02 150 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 151 })
152 })
153
154 it('Should fail with a bad start pagination', async function () {
155 await checkBadStartPagination(server.url, path, server.accessToken)
156 })
157
158 it('Should fail with a bad count pagination', async function () {
159 await checkBadCountPagination(server.url, path, server.accessToken)
160 })
161
162 it('Should fail with an incorrect sort', async function () {
163 await checkBadSortPagination(server.url, path, server.accessToken)
164 })
165 })
166
167 describe('When blocking a server', function () {
168 it('Should fail with an unauthenticated user', async function () {
169 await makePostBodyRequest({
170 url: server.url,
171 path,
172 fields: { host: 'localhost:9002' },
2d53be02 173 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 174 })
175 })
176
bb152476 177 it('Should succeed with an unknown server', async function () {
7ad9b984
C		 178 await makePostBodyRequest({
179 url: server.url,
180 token: server.accessToken,
181 path,
182 fields: { host: 'localhost:9003' },
2d53be02 183 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
7ad9b984
C		 184 })
185 })
186
af5767ff
C		 187 it('Should fail with our own server', async function () {
188 await makePostBodyRequest({
189 url: server.url,
190 token: server.accessToken,
191 path,
86ebdf8c 192 fields: { host: 'localhost:' + server.port },
2d53be02 193 statusCodeExpected: HttpStatusCode.CONFLICT_409
af5767ff
C		 194 })
195 })
196
7ad9b984
C		 197 it('Should succeed with the correct params', async function () {
198 await makePostBodyRequest({
199 url: server.url,
200 token: server.accessToken,
201 path,
86ebdf8c 202 fields: { host: 'localhost:' + servers[1].port },
2d53be02 203 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
7ad9b984
C		 204 })
205 })
206 })
207
208 describe('When unblocking a server', function () {
209 it('Should fail with an unauthenticated user', async function () {
210 await makeDeleteRequest({
211 url: server.url,
86ebdf8c 212 path: path + '/localhost:' + servers[1].port,
2d53be02 213 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
7ad9b984
C		 214 })
215 })
216
217 it('Should fail with an unknown server block', async function () {
218 await makeDeleteRequest({
219 url: server.url,
bb152476 220 path: path + '/localhost:9004',
7ad9b984 221 token: server.accessToken,
2d53be02 222 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
7ad9b984
C		 223 })
224 })
225
226 it('Should succeed with the correct params', async function () {
227 await makeDeleteRequest({
228 url: server.url,
86ebdf8c 229 path: path + '/localhost:' + servers[1].port,
7ad9b984 230 token: server.accessToken,
2d53be02 231 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
7ad9b984
C		 232 })
233 })
234 })
235 })
236 })
237
b44164bb
C		 238 describe('When managing server blocklist', function () {
239
240 describe('When managing server accounts blocklist', function () {
241 const path = '/api/v1/server/blocklist/accounts'
242
243 describe('When listing blocked accounts', function () {
244 it('Should fail with an unauthenticated user', async function () {
245 await makeGetRequest({
246 url: server.url,
247 path,
2d53be02 248 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 249 })
250 })
251
252 it('Should fail with a user without the appropriate rights', async function () {
253 await makeGetRequest({
254 url: server.url,
255 token: userAccessToken,
256 path,
2d53be02 257 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 258 })
259 })
260
261 it('Should fail with a bad start pagination', async function () {
262 await checkBadStartPagination(server.url, path, server.accessToken)
263 })
264
265 it('Should fail with a bad count pagination', async function () {
266 await checkBadCountPagination(server.url, path, server.accessToken)
267 })
268
269 it('Should fail with an incorrect sort', async function () {
270 await checkBadSortPagination(server.url, path, server.accessToken)
271 })
272 })
273
274 describe('When blocking an account', function () {
275 it('Should fail with an unauthenticated user', async function () {
276 await makePostBodyRequest({
277 url: server.url,
278 path,
279 fields: { accountName: 'user1' },
2d53be02 280 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 281 })
282 })
283
284 it('Should fail with a user without the appropriate rights', async function () {
285 await makePostBodyRequest({
286 url: server.url,
287 token: userAccessToken,
288 path,
289 fields: { accountName: 'user1' },
2d53be02 290 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 291 })
292 })
293
294 it('Should fail with an unknown account', async function () {
295 await makePostBodyRequest({
296 url: server.url,
297 token: server.accessToken,
298 path,
299 fields: { accountName: 'user2' },
2d53be02 300 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
b44164bb
C		 301 })
302 })
303
304 it('Should fail to block ourselves', async function () {
305 await makePostBodyRequest({
306 url: server.url,
307 token: server.accessToken,
308 path,
309 fields: { accountName: 'root' },
2d53be02 310 statusCodeExpected: HttpStatusCode.CONFLICT_409
b44164bb
C		 311 })
312 })
313
314 it('Should succeed with the correct params', async function () {
315 await makePostBodyRequest({
316 url: server.url,
317 token: server.accessToken,
318 path,
319 fields: { accountName: 'user1' },
2d53be02 320 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
b44164bb
C		 321 })
322 })
323 })
324
325 describe('When unblocking an account', function () {
326 it('Should fail with an unauthenticated user', async function () {
327 await makeDeleteRequest({
328 url: server.url,
329 path: path + '/user1',
2d53be02 330 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 331 })
332 })
333
334 it('Should fail with a user without the appropriate rights', async function () {
335 await makeDeleteRequest({
336 url: server.url,
337 path: path + '/user1',
338 token: userAccessToken,
2d53be02 339 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 340 })
341 })
342
343 it('Should fail with an unknown account block', async function () {
344 await makeDeleteRequest({
345 url: server.url,
346 path: path + '/user2',
347 token: server.accessToken,
2d53be02 348 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
b44164bb
C		 349 })
350 })
351
352 it('Should succeed with the correct params', async function () {
353 await makeDeleteRequest({
354 url: server.url,
355 path: path + '/user1',
356 token: server.accessToken,
2d53be02 357 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
b44164bb
C		 358 })
359 })
360 })
361 })
362
363 describe('When managing server servers blocklist', function () {
364 const path = '/api/v1/server/blocklist/servers'
365
366 describe('When listing blocked servers', function () {
367 it('Should fail with an unauthenticated user', async function () {
368 await makeGetRequest({
369 url: server.url,
370 path,
2d53be02 371 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 372 })
373 })
374
375 it('Should fail with a user without the appropriate rights', async function () {
376 await makeGetRequest({
377 url: server.url,
378 token: userAccessToken,
379 path,
2d53be02 380 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 381 })
382 })
383
384 it('Should fail with a bad start pagination', async function () {
385 await checkBadStartPagination(server.url, path, server.accessToken)
386 })
387
388 it('Should fail with a bad count pagination', async function () {
389 await checkBadCountPagination(server.url, path, server.accessToken)
390 })
391
392 it('Should fail with an incorrect sort', async function () {
393 await checkBadSortPagination(server.url, path, server.accessToken)
394 })
395 })
396
397 describe('When blocking a server', function () {
398 it('Should fail with an unauthenticated user', async function () {
399 await makePostBodyRequest({
400 url: server.url,
401 path,
86ebdf8c 402 fields: { host: 'localhost:' + servers[1].port },
2d53be02 403 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 404 })
405 })
406
407 it('Should fail with a user without the appropriate rights', async function () {
408 await makePostBodyRequest({
409 url: server.url,
410 token: userAccessToken,
411 path,
86ebdf8c 412 fields: { host: 'localhost:' + servers[1].port },
2d53be02 413 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 414 })
415 })
416
bb152476 417 it('Should succeed with an unknown server', async function () {
b44164bb
C		 418 await makePostBodyRequest({
419 url: server.url,
420 token: server.accessToken,
421 path,
422 fields: { host: 'localhost:9003' },
2d53be02 423 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
b44164bb
C		 424 })
425 })
426
427 it('Should fail with our own server', async function () {
428 await makePostBodyRequest({
429 url: server.url,
430 token: server.accessToken,
431 path,
86ebdf8c 432 fields: { host: 'localhost:' + server.port },
2d53be02 433 statusCodeExpected: HttpStatusCode.CONFLICT_409
b44164bb
C		 434 })
435 })
436
437 it('Should succeed with the correct params', async function () {
438 await makePostBodyRequest({
439 url: server.url,
440 token: server.accessToken,
441 path,
86ebdf8c 442 fields: { host: 'localhost:' + servers[1].port },
2d53be02 443 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
b44164bb
C		 444 })
445 })
446 })
447
448 describe('When unblocking a server', function () {
449 it('Should fail with an unauthenticated user', async function () {
450 await makeDeleteRequest({
451 url: server.url,
86ebdf8c 452 path: path + '/localhost:' + servers[1].port,
2d53be02 453 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
b44164bb
C		 454 })
455 })
456
457 it('Should fail with a user without the appropriate rights', async function () {
458 await makeDeleteRequest({
459 url: server.url,
86ebdf8c 460 path: path + '/localhost:' + servers[1].port,
b44164bb 461 token: userAccessToken,
2d53be02 462 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
b44164bb
C		 463 })
464 })
465
466 it('Should fail with an unknown server block', async function () {
467 await makeDeleteRequest({
468 url: server.url,
bb152476 469 path: path + '/localhost:9004',
b44164bb 470 token: server.accessToken,
2d53be02 471 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
b44164bb
C		 472 })
473 })
474
475 it('Should succeed with the correct params', async function () {
476 await makeDeleteRequest({
477 url: server.url,
86ebdf8c 478 path: path + '/localhost:' + servers[1].port,
b44164bb 479 token: server.accessToken,
2d53be02 480 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
b44164bb
C		 481 })
482 })
483 })
484 })
485 })
486
86ebdf8c
C		 487 after(async function () {
488 await cleanupTests(servers)
7ad9b984
C		 489 })
490})
ActivityPub-federated video streaming platform using P2P directly in your web browser