[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / blocklist.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import {
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination,
  cleanupTests,
  createMultipleServers,
  doubleFollow,
  makeDeleteRequest,
  makeGetRequest,
  makePostBodyRequest,
  PeerTubeServer,
  setAccessTokensToServers
} from '@shared/server-commands'
import { HttpStatusCode } from '@shared/models'

describe('Test blocklist API validators', function () {
  let servers: PeerTubeServer[]
  let server: PeerTubeServer
  let userAccessToken: string

  before(async function () {
    this.timeout(60000)

    servers = await createMultipleServers(2)
    await setAccessTokensToServers(servers)

    server = servers[0]

    const user = { username: 'user1', password: 'password' }
    await server.users.create({ username: user.username, password: user.password })

    userAccessToken = await server.login.getAccessToken(user)

    await doubleFollow(servers[0], servers[1])
  })

  // ---------------------------------------------------------------

  describe('When managing user blocklist', function () {

    describe('When managing user accounts blocklist', function () {
      const path = '/api/v1/users/me/blocklist/accounts'

      describe('When listing blocked accounts', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeGetRequest({
            url: server.url,
            path,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a bad start pagination', async function () {
          await checkBadStartPagination(server.url, path, server.accessToken)
        })

        it('Should fail with a bad count pagination', async function () {
          await checkBadCountPagination(server.url, path, server.accessToken)
        })

        it('Should fail with an incorrect sort', async function () {
          await checkBadSortPagination(server.url, path, server.accessToken)
        })
      })

      describe('When blocking an account', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makePostBodyRequest({
            url: server.url,
            path,
            fields: { accountName: 'user1' },
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with an unknown account', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'user2' },
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should fail to block ourselves', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'root' },
            expectedStatus: HttpStatusCode.CONFLICT_409
          })
        })

        it('Should succeed with the correct params', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'user1' },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })

      describe('When unblocking an account', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user1',
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with an unknown account block', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user2',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should succeed with the correct params', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user1',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })
    })

    describe('When managing user servers blocklist', function () {
      const path = '/api/v1/users/me/blocklist/servers'

      describe('When listing blocked servers', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeGetRequest({
            url: server.url,
            path,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a bad start pagination', async function () {
          await checkBadStartPagination(server.url, path, server.accessToken)
        })

        it('Should fail with a bad count pagination', async function () {
          await checkBadCountPagination(server.url, path, server.accessToken)
        })

        it('Should fail with an incorrect sort', async function () {
          await checkBadSortPagination(server.url, path, server.accessToken)
        })
      })

      describe('When blocking a server', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makePostBodyRequest({
            url: server.url,
            path,
            fields: { host: 'localhost:9002' },
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should succeed with an unknown server', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: 'localhost:9003' },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })

        it('Should fail with our own server', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: 'localhost:' + server.port },
            expectedStatus: HttpStatusCode.CONFLICT_409
          })
        })

        it('Should succeed with the correct params', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: 'localhost:' + servers[1].port },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })

      describe('When unblocking a server', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/localhost:' + servers[1].port,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with an unknown server block', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/localhost:9004',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should succeed with the correct params', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/localhost:' + servers[1].port,
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })
    })
  })

  describe('When managing server blocklist', function () {

    describe('When managing server accounts blocklist', function () {
      const path = '/api/v1/server/blocklist/accounts'

      describe('When listing blocked accounts', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeGetRequest({
            url: server.url,
            path,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makeGetRequest({
            url: server.url,
            token: userAccessToken,
            path,
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should fail with a bad start pagination', async function () {
          await checkBadStartPagination(server.url, path, server.accessToken)
        })

        it('Should fail with a bad count pagination', async function () {
          await checkBadCountPagination(server.url, path, server.accessToken)
        })

        it('Should fail with an incorrect sort', async function () {
          await checkBadSortPagination(server.url, path, server.accessToken)
        })
      })

      describe('When blocking an account', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makePostBodyRequest({
            url: server.url,
            path,
            fields: { accountName: 'user1' },
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: userAccessToken,
            path,
            fields: { accountName: 'user1' },
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should fail with an unknown account', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'user2' },
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should fail to block ourselves', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'root' },
            expectedStatus: HttpStatusCode.CONFLICT_409
          })
        })

        it('Should succeed with the correct params', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { accountName: 'user1' },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })

      describe('When unblocking an account', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user1',
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user1',
            token: userAccessToken,
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should fail with an unknown account block', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user2',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should succeed with the correct params', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/user1',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })
    })

    describe('When managing server servers blocklist', function () {
      const path = '/api/v1/server/blocklist/servers'

      describe('When listing blocked servers', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeGetRequest({
            url: server.url,
            path,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makeGetRequest({
            url: server.url,
            token: userAccessToken,
            path,
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should fail with a bad start pagination', async function () {
          await checkBadStartPagination(server.url, path, server.accessToken)
        })

        it('Should fail with a bad count pagination', async function () {
          await checkBadCountPagination(server.url, path, server.accessToken)
        })

        it('Should fail with an incorrect sort', async function () {
          await checkBadSortPagination(server.url, path, server.accessToken)
        })
      })

      describe('When blocking a server', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makePostBodyRequest({
            url: server.url,
            path,
            fields: { host: 'localhost:' + servers[1].port },
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: userAccessToken,
            path,
            fields: { host: 'localhost:' + servers[1].port },
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should succeed with an unknown server', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: 'localhost:9003' },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })

        it('Should fail with our own server', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: 'localhost:' + server.port },
            expectedStatus: HttpStatusCode.CONFLICT_409
          })
        })

        it('Should succeed with the correct params', async function () {
          await makePostBodyRequest({
            url: server.url,
            token: server.accessToken,
            path,
            fields: { host: 'localhost:' + servers[1].port },
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })

      describe('When unblocking a server', function () {
        it('Should fail with an unauthenticated user', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/localhost:' + servers[1].port,
            expectedStatus: HttpStatusCode.UNAUTHORIZED_401
          })
        })

        it('Should fail with a user without the appropriate rights', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/localhost:' + servers[1].port,
            token: userAccessToken,
            expectedStatus: HttpStatusCode.FORBIDDEN_403
          })
        })

        it('Should fail with an unknown server block', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/localhost:9004',
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NOT_FOUND_404
          })
        })

        it('Should succeed with the correct params', async function () {
          await makeDeleteRequest({
            url: server.url,
            path: path + '/localhost:' + servers[1].port,
            token: server.accessToken,
            expectedStatus: HttpStatusCode.NO_CONTENT_204
          })
        })
      })
    })
  })

  describe('When getting blocklist status', function () {
    const path = '/api/v1/blocklist/status'

    it('Should fail with a bad token', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: 'false',
        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a bad accounts field', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        query: {
          accounts: 1
        },
        expectedStatus: HttpStatusCode.BAD_REQUEST_400
      })

      await makeGetRequest({
        url: server.url,
        path,
        query: {
          accounts: [ 1 ]
        },
        expectedStatus: HttpStatusCode.BAD_REQUEST_400
      })
    })

    it('Should fail with a bad hosts field', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        query: {
          hosts: 1
        },
        expectedStatus: HttpStatusCode.BAD_REQUEST_400
      })

      await makeGetRequest({
        url: server.url,
        path,
        query: {
          hosts: [ 1 ]
        },
        expectedStatus: HttpStatusCode.BAD_REQUEST_400
      })
    })

    it('Should succeed with the correct parameters', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        query: {},
        expectedStatus: HttpStatusCode.OK_200
      })

      await makeGetRequest({
        url: server.url,
        path,
        query: {
          hosts: [ 'example.com' ],
          accounts: [ 'john@example.com' ]
        },
        expectedStatus: HttpStatusCode.OK_200
      })
    })
  })

  after(async function () {
    await cleanupTests(servers)
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
7ad9b984 C	2
7ad9b984 C	3	import 'mocha'
7ad9b984	4	import {
c0e8b12e C	5	checkBadCountPagination,
	6	checkBadSortPagination,
	7	checkBadStartPagination,
86ebdf8c	8	cleanupTests,
254d3579	9	createMultipleServers,
c0e8b12e	10	doubleFollow,
7ad9b984 C	11	makeDeleteRequest,
	12	makeGetRequest,
	13	makePostBodyRequest,
254d3579	14	PeerTubeServer,
41d1d075	15	setAccessTokensToServers
bf54587a	16	} from '@shared/server-commands'
c0e8b12e	17	import { HttpStatusCode } from '@shared/models'
7ad9b984 C	18
7ad9b984 C	19	describe('Test blocklist API validators', function () {
254d3579 C	20	let servers: PeerTubeServer[]
254d3579 C	21	let server: PeerTubeServer
b44164bb	22	let userAccessToken: string
7ad9b984 C	23
	24	before(async function () {
	25	this.timeout(60000)
	26
254d3579	27	servers = await createMultipleServers(2)
7ad9b984 C	28	await setAccessTokensToServers(servers)
	29
	30	server = servers[0]
	31
	32	const user = { username: 'user1', password: 'password' }
89d241a7	33	await server.users.create({ username: user.username, password: user.password })
7ad9b984	34
89d241a7	35	userAccessToken = await server.login.getAccessToken(user)
b44164bb	36
7ad9b984 C	37	await doubleFollow(servers[0], servers[1])
	38	})
	39
	40	// ---------------------------------------------------------------
	41
	42	describe('When managing user blocklist', function () {
7ad9b984 C	43
7ad9b984 C	44	describe('When managing user accounts blocklist', function () {
b44164bb	45	const path = '/api/v1/users/me/blocklist/accounts'
7ad9b984 C	46
	47	describe('When listing blocked accounts', function () {
	48	it('Should fail with an unauthenticated user', async function () {
	49	await makeGetRequest({
	50	url: server.url,
	51	path,
c0e8b12e	52	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	53	})
	54	})
	55
	56	it('Should fail with a bad start pagination', async function () {
	57	await checkBadStartPagination(server.url, path, server.accessToken)
	58	})
	59
	60	it('Should fail with a bad count pagination', async function () {
	61	await checkBadCountPagination(server.url, path, server.accessToken)
	62	})
	63
	64	it('Should fail with an incorrect sort', async function () {
	65	await checkBadSortPagination(server.url, path, server.accessToken)
	66	})
	67	})
	68
	69	describe('When blocking an account', function () {
	70	it('Should fail with an unauthenticated user', async function () {
	71	await makePostBodyRequest({
	72	url: server.url,
	73	path,
	74	fields: { accountName: 'user1' },
c0e8b12e	75	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	76	})
	77	})
	78
	79	it('Should fail with an unknown account', async function () {
	80	await makePostBodyRequest({
	81	url: server.url,
	82	token: server.accessToken,
	83	path,
	84	fields: { accountName: 'user2' },
c0e8b12e	85	expectedStatus: HttpStatusCode.NOT_FOUND_404
7ad9b984 C	86	})
	87	})
	88
af5767ff C	89	it('Should fail to block ourselves', async function () {
	90	await makePostBodyRequest({
	91	url: server.url,
	92	token: server.accessToken,
	93	path,
	94	fields: { accountName: 'root' },
c0e8b12e	95	expectedStatus: HttpStatusCode.CONFLICT_409
af5767ff C	96	})
	97	})
	98
7ad9b984 C	99	it('Should succeed with the correct params', async function () {
	100	await makePostBodyRequest({
	101	url: server.url,
	102	token: server.accessToken,
	103	path,
	104	fields: { accountName: 'user1' },
c0e8b12e	105	expectedStatus: HttpStatusCode.NO_CONTENT_204
7ad9b984 C	106	})
	107	})
	108	})
	109
	110	describe('When unblocking an account', function () {
	111	it('Should fail with an unauthenticated user', async function () {
	112	await makeDeleteRequest({
	113	url: server.url,
	114	path: path + '/user1',
c0e8b12e	115	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	116	})
	117	})
	118
	119	it('Should fail with an unknown account block', async function () {
	120	await makeDeleteRequest({
	121	url: server.url,
	122	path: path + '/user2',
	123	token: server.accessToken,
c0e8b12e	124	expectedStatus: HttpStatusCode.NOT_FOUND_404
7ad9b984 C	125	})
	126	})
	127
	128	it('Should succeed with the correct params', async function () {
	129	await makeDeleteRequest({
	130	url: server.url,
	131	path: path + '/user1',
	132	token: server.accessToken,
c0e8b12e	133	expectedStatus: HttpStatusCode.NO_CONTENT_204
7ad9b984 C	134	})
	135	})
	136	})
	137	})
	138
	139	describe('When managing user servers blocklist', function () {
	140	const path = '/api/v1/users/me/blocklist/servers'
	141
	142	describe('When listing blocked servers', function () {
	143	it('Should fail with an unauthenticated user', async function () {
	144	await makeGetRequest({
	145	url: server.url,
	146	path,
c0e8b12e	147	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	148	})
	149	})
	150
	151	it('Should fail with a bad start pagination', async function () {
	152	await checkBadStartPagination(server.url, path, server.accessToken)
	153	})
	154
	155	it('Should fail with a bad count pagination', async function () {
	156	await checkBadCountPagination(server.url, path, server.accessToken)
	157	})
	158
	159	it('Should fail with an incorrect sort', async function () {
	160	await checkBadSortPagination(server.url, path, server.accessToken)
	161	})
	162	})
	163
	164	describe('When blocking a server', function () {
	165	it('Should fail with an unauthenticated user', async function () {
	166	await makePostBodyRequest({
	167	url: server.url,
	168	path,
	169	fields: { host: 'localhost:9002' },
c0e8b12e	170	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	171	})
	172	})
	173
bb152476	174	it('Should succeed with an unknown server', async function () {
7ad9b984 C	175	await makePostBodyRequest({
	176	url: server.url,
	177	token: server.accessToken,
	178	path,
	179	fields: { host: 'localhost:9003' },
c0e8b12e	180	expectedStatus: HttpStatusCode.NO_CONTENT_204
7ad9b984 C	181	})
	182	})
	183
af5767ff C	184	it('Should fail with our own server', async function () {
	185	await makePostBodyRequest({
	186	url: server.url,
	187	token: server.accessToken,
	188	path,
86ebdf8c	189	fields: { host: 'localhost:' + server.port },
c0e8b12e	190	expectedStatus: HttpStatusCode.CONFLICT_409
af5767ff C	191	})
	192	})
	193
7ad9b984 C	194	it('Should succeed with the correct params', async function () {
	195	await makePostBodyRequest({
	196	url: server.url,
	197	token: server.accessToken,
	198	path,
86ebdf8c	199	fields: { host: 'localhost:' + servers[1].port },
c0e8b12e	200	expectedStatus: HttpStatusCode.NO_CONTENT_204
7ad9b984 C	201	})
	202	})
	203	})
	204
	205	describe('When unblocking a server', function () {
	206	it('Should fail with an unauthenticated user', async function () {
	207	await makeDeleteRequest({
	208	url: server.url,
86ebdf8c	209	path: path + '/localhost:' + servers[1].port,
c0e8b12e	210	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
7ad9b984 C	211	})
	212	})
	213
	214	it('Should fail with an unknown server block', async function () {
	215	await makeDeleteRequest({
	216	url: server.url,
bb152476	217	path: path + '/localhost:9004',
7ad9b984	218	token: server.accessToken,
c0e8b12e	219	expectedStatus: HttpStatusCode.NOT_FOUND_404
7ad9b984 C	220	})
	221	})
	222
	223	it('Should succeed with the correct params', async function () {
	224	await makeDeleteRequest({
	225	url: server.url,
86ebdf8c	226	path: path + '/localhost:' + servers[1].port,
7ad9b984	227	token: server.accessToken,
c0e8b12e	228	expectedStatus: HttpStatusCode.NO_CONTENT_204
7ad9b984 C	229	})
	230	})
	231	})
	232	})
	233	})
	234
b44164bb C	235	describe('When managing server blocklist', function () {
	236
	237	describe('When managing server accounts blocklist', function () {
	238	const path = '/api/v1/server/blocklist/accounts'
	239
	240	describe('When listing blocked accounts', function () {
	241	it('Should fail with an unauthenticated user', async function () {
	242	await makeGetRequest({
	243	url: server.url,
	244	path,
c0e8b12e	245	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	246	})
	247	})
	248
	249	it('Should fail with a user without the appropriate rights', async function () {
	250	await makeGetRequest({
	251	url: server.url,
	252	token: userAccessToken,
	253	path,
c0e8b12e	254	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	255	})
	256	})
	257
	258	it('Should fail with a bad start pagination', async function () {
	259	await checkBadStartPagination(server.url, path, server.accessToken)
	260	})
	261
	262	it('Should fail with a bad count pagination', async function () {
	263	await checkBadCountPagination(server.url, path, server.accessToken)
	264	})
	265
	266	it('Should fail with an incorrect sort', async function () {
	267	await checkBadSortPagination(server.url, path, server.accessToken)
	268	})
	269	})
	270
	271	describe('When blocking an account', function () {
	272	it('Should fail with an unauthenticated user', async function () {
	273	await makePostBodyRequest({
	274	url: server.url,
	275	path,
	276	fields: { accountName: 'user1' },
c0e8b12e	277	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	278	})
	279	})
	280
	281	it('Should fail with a user without the appropriate rights', async function () {
	282	await makePostBodyRequest({
	283	url: server.url,
	284	token: userAccessToken,
	285	path,
	286	fields: { accountName: 'user1' },
c0e8b12e	287	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	288	})
	289	})
	290
	291	it('Should fail with an unknown account', async function () {
	292	await makePostBodyRequest({
	293	url: server.url,
	294	token: server.accessToken,
	295	path,
	296	fields: { accountName: 'user2' },
c0e8b12e	297	expectedStatus: HttpStatusCode.NOT_FOUND_404
b44164bb C	298	})
	299	})
	300
	301	it('Should fail to block ourselves', async function () {
	302	await makePostBodyRequest({
	303	url: server.url,
	304	token: server.accessToken,
	305	path,
	306	fields: { accountName: 'root' },
c0e8b12e	307	expectedStatus: HttpStatusCode.CONFLICT_409
b44164bb C	308	})
	309	})
	310
	311	it('Should succeed with the correct params', async function () {
	312	await makePostBodyRequest({
	313	url: server.url,
	314	token: server.accessToken,
	315	path,
	316	fields: { accountName: 'user1' },
c0e8b12e	317	expectedStatus: HttpStatusCode.NO_CONTENT_204
b44164bb C	318	})
	319	})
	320	})
	321
	322	describe('When unblocking an account', function () {
	323	it('Should fail with an unauthenticated user', async function () {
	324	await makeDeleteRequest({
	325	url: server.url,
	326	path: path + '/user1',
c0e8b12e	327	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	328	})
	329	})
	330
	331	it('Should fail with a user without the appropriate rights', async function () {
	332	await makeDeleteRequest({
	333	url: server.url,
	334	path: path + '/user1',
	335	token: userAccessToken,
c0e8b12e	336	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	337	})
	338	})
	339
	340	it('Should fail with an unknown account block', async function () {
	341	await makeDeleteRequest({
	342	url: server.url,
	343	path: path + '/user2',
	344	token: server.accessToken,
c0e8b12e	345	expectedStatus: HttpStatusCode.NOT_FOUND_404
b44164bb C	346	})
	347	})
	348
	349	it('Should succeed with the correct params', async function () {
	350	await makeDeleteRequest({
	351	url: server.url,
	352	path: path + '/user1',
	353	token: server.accessToken,
c0e8b12e	354	expectedStatus: HttpStatusCode.NO_CONTENT_204
b44164bb C	355	})
	356	})
	357	})
	358	})
	359
	360	describe('When managing server servers blocklist', function () {
	361	const path = '/api/v1/server/blocklist/servers'
	362
	363	describe('When listing blocked servers', function () {
	364	it('Should fail with an unauthenticated user', async function () {
	365	await makeGetRequest({
	366	url: server.url,
	367	path,
c0e8b12e	368	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	369	})
	370	})
	371
	372	it('Should fail with a user without the appropriate rights', async function () {
	373	await makeGetRequest({
	374	url: server.url,
	375	token: userAccessToken,
	376	path,
c0e8b12e	377	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	378	})
	379	})
	380
	381	it('Should fail with a bad start pagination', async function () {
	382	await checkBadStartPagination(server.url, path, server.accessToken)
	383	})
	384
	385	it('Should fail with a bad count pagination', async function () {
	386	await checkBadCountPagination(server.url, path, server.accessToken)
	387	})
	388
	389	it('Should fail with an incorrect sort', async function () {
	390	await checkBadSortPagination(server.url, path, server.accessToken)
	391	})
	392	})
	393
	394	describe('When blocking a server', function () {
	395	it('Should fail with an unauthenticated user', async function () {
	396	await makePostBodyRequest({
	397	url: server.url,
	398	path,
86ebdf8c	399	fields: { host: 'localhost:' + servers[1].port },
c0e8b12e	400	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	401	})
	402	})
	403
	404	it('Should fail with a user without the appropriate rights', async function () {
	405	await makePostBodyRequest({
	406	url: server.url,
	407	token: userAccessToken,
	408	path,
86ebdf8c	409	fields: { host: 'localhost:' + servers[1].port },
c0e8b12e	410	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	411	})
	412	})
	413
bb152476	414	it('Should succeed with an unknown server', async function () {
b44164bb C	415	await makePostBodyRequest({
	416	url: server.url,
	417	token: server.accessToken,
	418	path,
	419	fields: { host: 'localhost:9003' },
c0e8b12e	420	expectedStatus: HttpStatusCode.NO_CONTENT_204
b44164bb C	421	})
	422	})
	423
	424	it('Should fail with our own server', async function () {
	425	await makePostBodyRequest({
	426	url: server.url,
	427	token: server.accessToken,
	428	path,
86ebdf8c	429	fields: { host: 'localhost:' + server.port },
c0e8b12e	430	expectedStatus: HttpStatusCode.CONFLICT_409
b44164bb C	431	})
	432	})
	433
	434	it('Should succeed with the correct params', async function () {
	435	await makePostBodyRequest({
	436	url: server.url,
	437	token: server.accessToken,
	438	path,
86ebdf8c	439	fields: { host: 'localhost:' + servers[1].port },
c0e8b12e	440	expectedStatus: HttpStatusCode.NO_CONTENT_204
b44164bb C	441	})
	442	})
	443	})
	444
	445	describe('When unblocking a server', function () {
	446	it('Should fail with an unauthenticated user', async function () {
	447	await makeDeleteRequest({
	448	url: server.url,
86ebdf8c	449	path: path + '/localhost:' + servers[1].port,
c0e8b12e	450	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
b44164bb C	451	})
	452	})
	453
	454	it('Should fail with a user without the appropriate rights', async function () {
	455	await makeDeleteRequest({
	456	url: server.url,
86ebdf8c	457	path: path + '/localhost:' + servers[1].port,
b44164bb	458	token: userAccessToken,
c0e8b12e	459	expectedStatus: HttpStatusCode.FORBIDDEN_403
b44164bb C	460	})
	461	})
	462
	463	it('Should fail with an unknown server block', async function () {
	464	await makeDeleteRequest({
	465	url: server.url,
bb152476	466	path: path + '/localhost:9004',
b44164bb	467	token: server.accessToken,
c0e8b12e	468	expectedStatus: HttpStatusCode.NOT_FOUND_404
b44164bb C	469	})
	470	})
	471
	472	it('Should succeed with the correct params', async function () {
	473	await makeDeleteRequest({
	474	url: server.url,
86ebdf8c	475	path: path + '/localhost:' + servers[1].port,
b44164bb	476	token: server.accessToken,
c0e8b12e	477	expectedStatus: HttpStatusCode.NO_CONTENT_204
b44164bb C	478	})
	479	})
	480	})
	481	})
	482	})
	483
80badf49 C	484	describe('When getting blocklist status', function () {
	485	const path = '/api/v1/blocklist/status'
	486
	487	it('Should fail with a bad token', async function () {
	488	await makeGetRequest({
	489	url: server.url,
	490	path,
	491	token: 'false',
	492	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
	493	})
	494	})
	495
	496	it('Should fail with a bad accounts field', async function () {
	497	await makeGetRequest({
	498	url: server.url,
	499	path,
	500	query: {
	501	accounts: 1
	502	},
	503	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	504	})
	505
	506	await makeGetRequest({
	507	url: server.url,
	508	path,
	509	query: {
	510	accounts: [ 1 ]
	511	},
	512	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	513	})
	514	})
	515
	516	it('Should fail with a bad hosts field', async function () {
	517	await makeGetRequest({
	518	url: server.url,
	519	path,
	520	query: {
	521	hosts: 1
	522	},
	523	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	524	})
	525
	526	await makeGetRequest({
	527	url: server.url,
	528	path,
	529	query: {
	530	hosts: [ 1 ]
	531	},
	532	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	533	})
	534	})
	535
	536	it('Should succeed with the correct parameters', async function () {
	537	await makeGetRequest({
	538	url: server.url,
	539	path,
	540	query: {},
	541	expectedStatus: HttpStatusCode.OK_200
	542	})
	543
	544	await makeGetRequest({
	545	url: server.url,
	546	path,
	547	query: {
548	hosts: [ 'example.com' ],
549	accounts: [ 'john@example.com' ]
550	},
551	expectedStatus: HttpStatusCode.OK_200
552	})
553	})
554	})
555
86ebdf8c C	556	after(async function () {
86ebdf8c C	557	await cleanupTests(servers)
7ad9b984 C	558	})
7ad9b984 C	559	})