]>
Commit | Line | Data |
---|---|---|
a1587156 | 1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ |
7ad9b984 C |
2 | |
3 | import 'mocha' | |
4 | ||
5 | import { | |
86ebdf8c | 6 | cleanupTests, |
7ad9b984 C |
7 | createUser, |
8 | doubleFollow, | |
9 | flushAndRunMultipleServers, | |
7ad9b984 C |
10 | makeDeleteRequest, |
11 | makeGetRequest, | |
12 | makePostBodyRequest, | |
13 | ServerInfo, | |
41d1d075 | 14 | setAccessTokensToServers |
94565d52 | 15 | } from '../../../../shared/extra-utils' |
9639bd17 | 16 | import { |
17 | checkBadCountPagination, | |
18 | checkBadSortPagination, | |
19 | checkBadStartPagination | |
94565d52 | 20 | } from '../../../../shared/extra-utils/requests/check-api-params' |
2d53be02 | 21 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' |
7ad9b984 C |
22 | |
23 | describe('Test blocklist API validators', function () { | |
24 | let servers: ServerInfo[] | |
25 | let server: ServerInfo | |
b44164bb | 26 | let userAccessToken: string |
7ad9b984 C |
27 | |
28 | before(async function () { | |
29 | this.timeout(60000) | |
30 | ||
7ad9b984 C |
31 | servers = await flushAndRunMultipleServers(2) |
32 | await setAccessTokensToServers(servers) | |
33 | ||
34 | server = servers[0] | |
35 | ||
36 | const user = { username: 'user1', password: 'password' } | |
1eddc9a7 | 37 | await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password }) |
7ad9b984 | 38 | |
41d1d075 | 39 | userAccessToken = await server.loginCommand.getAccessToken(user) |
b44164bb | 40 | |
7ad9b984 C |
41 | await doubleFollow(servers[0], servers[1]) |
42 | }) | |
43 | ||
44 | // --------------------------------------------------------------- | |
45 | ||
46 | describe('When managing user blocklist', function () { | |
7ad9b984 C |
47 | |
48 | describe('When managing user accounts blocklist', function () { | |
b44164bb | 49 | const path = '/api/v1/users/me/blocklist/accounts' |
7ad9b984 C |
50 | |
51 | describe('When listing blocked accounts', function () { | |
52 | it('Should fail with an unauthenticated user', async function () { | |
53 | await makeGetRequest({ | |
54 | url: server.url, | |
55 | path, | |
2d53be02 | 56 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
57 | }) |
58 | }) | |
59 | ||
60 | it('Should fail with a bad start pagination', async function () { | |
61 | await checkBadStartPagination(server.url, path, server.accessToken) | |
62 | }) | |
63 | ||
64 | it('Should fail with a bad count pagination', async function () { | |
65 | await checkBadCountPagination(server.url, path, server.accessToken) | |
66 | }) | |
67 | ||
68 | it('Should fail with an incorrect sort', async function () { | |
69 | await checkBadSortPagination(server.url, path, server.accessToken) | |
70 | }) | |
71 | }) | |
72 | ||
73 | describe('When blocking an account', function () { | |
74 | it('Should fail with an unauthenticated user', async function () { | |
75 | await makePostBodyRequest({ | |
76 | url: server.url, | |
77 | path, | |
78 | fields: { accountName: 'user1' }, | |
2d53be02 | 79 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
80 | }) |
81 | }) | |
82 | ||
83 | it('Should fail with an unknown account', async function () { | |
84 | await makePostBodyRequest({ | |
85 | url: server.url, | |
86 | token: server.accessToken, | |
87 | path, | |
88 | fields: { accountName: 'user2' }, | |
2d53be02 | 89 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
90 | }) |
91 | }) | |
92 | ||
af5767ff C |
93 | it('Should fail to block ourselves', async function () { |
94 | await makePostBodyRequest({ | |
95 | url: server.url, | |
96 | token: server.accessToken, | |
97 | path, | |
98 | fields: { accountName: 'root' }, | |
2d53be02 | 99 | statusCodeExpected: HttpStatusCode.CONFLICT_409 |
af5767ff C |
100 | }) |
101 | }) | |
102 | ||
7ad9b984 C |
103 | it('Should succeed with the correct params', async function () { |
104 | await makePostBodyRequest({ | |
105 | url: server.url, | |
106 | token: server.accessToken, | |
107 | path, | |
108 | fields: { accountName: 'user1' }, | |
2d53be02 | 109 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
110 | }) |
111 | }) | |
112 | }) | |
113 | ||
114 | describe('When unblocking an account', function () { | |
115 | it('Should fail with an unauthenticated user', async function () { | |
116 | await makeDeleteRequest({ | |
117 | url: server.url, | |
118 | path: path + '/user1', | |
2d53be02 | 119 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
120 | }) |
121 | }) | |
122 | ||
123 | it('Should fail with an unknown account block', async function () { | |
124 | await makeDeleteRequest({ | |
125 | url: server.url, | |
126 | path: path + '/user2', | |
127 | token: server.accessToken, | |
2d53be02 | 128 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
129 | }) |
130 | }) | |
131 | ||
132 | it('Should succeed with the correct params', async function () { | |
133 | await makeDeleteRequest({ | |
134 | url: server.url, | |
135 | path: path + '/user1', | |
136 | token: server.accessToken, | |
2d53be02 | 137 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
138 | }) |
139 | }) | |
140 | }) | |
141 | }) | |
142 | ||
143 | describe('When managing user servers blocklist', function () { | |
144 | const path = '/api/v1/users/me/blocklist/servers' | |
145 | ||
146 | describe('When listing blocked servers', function () { | |
147 | it('Should fail with an unauthenticated user', async function () { | |
148 | await makeGetRequest({ | |
149 | url: server.url, | |
150 | path, | |
2d53be02 | 151 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
152 | }) |
153 | }) | |
154 | ||
155 | it('Should fail with a bad start pagination', async function () { | |
156 | await checkBadStartPagination(server.url, path, server.accessToken) | |
157 | }) | |
158 | ||
159 | it('Should fail with a bad count pagination', async function () { | |
160 | await checkBadCountPagination(server.url, path, server.accessToken) | |
161 | }) | |
162 | ||
163 | it('Should fail with an incorrect sort', async function () { | |
164 | await checkBadSortPagination(server.url, path, server.accessToken) | |
165 | }) | |
166 | }) | |
167 | ||
168 | describe('When blocking a server', function () { | |
169 | it('Should fail with an unauthenticated user', async function () { | |
170 | await makePostBodyRequest({ | |
171 | url: server.url, | |
172 | path, | |
173 | fields: { host: 'localhost:9002' }, | |
2d53be02 | 174 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
175 | }) |
176 | }) | |
177 | ||
bb152476 | 178 | it('Should succeed with an unknown server', async function () { |
7ad9b984 C |
179 | await makePostBodyRequest({ |
180 | url: server.url, | |
181 | token: server.accessToken, | |
182 | path, | |
183 | fields: { host: 'localhost:9003' }, | |
2d53be02 | 184 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
185 | }) |
186 | }) | |
187 | ||
af5767ff C |
188 | it('Should fail with our own server', async function () { |
189 | await makePostBodyRequest({ | |
190 | url: server.url, | |
191 | token: server.accessToken, | |
192 | path, | |
86ebdf8c | 193 | fields: { host: 'localhost:' + server.port }, |
2d53be02 | 194 | statusCodeExpected: HttpStatusCode.CONFLICT_409 |
af5767ff C |
195 | }) |
196 | }) | |
197 | ||
7ad9b984 C |
198 | it('Should succeed with the correct params', async function () { |
199 | await makePostBodyRequest({ | |
200 | url: server.url, | |
201 | token: server.accessToken, | |
202 | path, | |
86ebdf8c | 203 | fields: { host: 'localhost:' + servers[1].port }, |
2d53be02 | 204 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
205 | }) |
206 | }) | |
207 | }) | |
208 | ||
209 | describe('When unblocking a server', function () { | |
210 | it('Should fail with an unauthenticated user', async function () { | |
211 | await makeDeleteRequest({ | |
212 | url: server.url, | |
86ebdf8c | 213 | path: path + '/localhost:' + servers[1].port, |
2d53be02 | 214 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
7ad9b984 C |
215 | }) |
216 | }) | |
217 | ||
218 | it('Should fail with an unknown server block', async function () { | |
219 | await makeDeleteRequest({ | |
220 | url: server.url, | |
bb152476 | 221 | path: path + '/localhost:9004', |
7ad9b984 | 222 | token: server.accessToken, |
2d53be02 | 223 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
7ad9b984 C |
224 | }) |
225 | }) | |
226 | ||
227 | it('Should succeed with the correct params', async function () { | |
228 | await makeDeleteRequest({ | |
229 | url: server.url, | |
86ebdf8c | 230 | path: path + '/localhost:' + servers[1].port, |
7ad9b984 | 231 | token: server.accessToken, |
2d53be02 | 232 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
7ad9b984 C |
233 | }) |
234 | }) | |
235 | }) | |
236 | }) | |
237 | }) | |
238 | ||
b44164bb C |
239 | describe('When managing server blocklist', function () { |
240 | ||
241 | describe('When managing server accounts blocklist', function () { | |
242 | const path = '/api/v1/server/blocklist/accounts' | |
243 | ||
244 | describe('When listing blocked accounts', function () { | |
245 | it('Should fail with an unauthenticated user', async function () { | |
246 | await makeGetRequest({ | |
247 | url: server.url, | |
248 | path, | |
2d53be02 | 249 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
250 | }) |
251 | }) | |
252 | ||
253 | it('Should fail with a user without the appropriate rights', async function () { | |
254 | await makeGetRequest({ | |
255 | url: server.url, | |
256 | token: userAccessToken, | |
257 | path, | |
2d53be02 | 258 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
259 | }) |
260 | }) | |
261 | ||
262 | it('Should fail with a bad start pagination', async function () { | |
263 | await checkBadStartPagination(server.url, path, server.accessToken) | |
264 | }) | |
265 | ||
266 | it('Should fail with a bad count pagination', async function () { | |
267 | await checkBadCountPagination(server.url, path, server.accessToken) | |
268 | }) | |
269 | ||
270 | it('Should fail with an incorrect sort', async function () { | |
271 | await checkBadSortPagination(server.url, path, server.accessToken) | |
272 | }) | |
273 | }) | |
274 | ||
275 | describe('When blocking an account', function () { | |
276 | it('Should fail with an unauthenticated user', async function () { | |
277 | await makePostBodyRequest({ | |
278 | url: server.url, | |
279 | path, | |
280 | fields: { accountName: 'user1' }, | |
2d53be02 | 281 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
282 | }) |
283 | }) | |
284 | ||
285 | it('Should fail with a user without the appropriate rights', async function () { | |
286 | await makePostBodyRequest({ | |
287 | url: server.url, | |
288 | token: userAccessToken, | |
289 | path, | |
290 | fields: { accountName: 'user1' }, | |
2d53be02 | 291 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
292 | }) |
293 | }) | |
294 | ||
295 | it('Should fail with an unknown account', async function () { | |
296 | await makePostBodyRequest({ | |
297 | url: server.url, | |
298 | token: server.accessToken, | |
299 | path, | |
300 | fields: { accountName: 'user2' }, | |
2d53be02 | 301 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
302 | }) |
303 | }) | |
304 | ||
305 | it('Should fail to block ourselves', async function () { | |
306 | await makePostBodyRequest({ | |
307 | url: server.url, | |
308 | token: server.accessToken, | |
309 | path, | |
310 | fields: { accountName: 'root' }, | |
2d53be02 | 311 | statusCodeExpected: HttpStatusCode.CONFLICT_409 |
b44164bb C |
312 | }) |
313 | }) | |
314 | ||
315 | it('Should succeed with the correct params', async function () { | |
316 | await makePostBodyRequest({ | |
317 | url: server.url, | |
318 | token: server.accessToken, | |
319 | path, | |
320 | fields: { accountName: 'user1' }, | |
2d53be02 | 321 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
322 | }) |
323 | }) | |
324 | }) | |
325 | ||
326 | describe('When unblocking an account', function () { | |
327 | it('Should fail with an unauthenticated user', async function () { | |
328 | await makeDeleteRequest({ | |
329 | url: server.url, | |
330 | path: path + '/user1', | |
2d53be02 | 331 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
332 | }) |
333 | }) | |
334 | ||
335 | it('Should fail with a user without the appropriate rights', async function () { | |
336 | await makeDeleteRequest({ | |
337 | url: server.url, | |
338 | path: path + '/user1', | |
339 | token: userAccessToken, | |
2d53be02 | 340 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
341 | }) |
342 | }) | |
343 | ||
344 | it('Should fail with an unknown account block', async function () { | |
345 | await makeDeleteRequest({ | |
346 | url: server.url, | |
347 | path: path + '/user2', | |
348 | token: server.accessToken, | |
2d53be02 | 349 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
350 | }) |
351 | }) | |
352 | ||
353 | it('Should succeed with the correct params', async function () { | |
354 | await makeDeleteRequest({ | |
355 | url: server.url, | |
356 | path: path + '/user1', | |
357 | token: server.accessToken, | |
2d53be02 | 358 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
359 | }) |
360 | }) | |
361 | }) | |
362 | }) | |
363 | ||
364 | describe('When managing server servers blocklist', function () { | |
365 | const path = '/api/v1/server/blocklist/servers' | |
366 | ||
367 | describe('When listing blocked servers', function () { | |
368 | it('Should fail with an unauthenticated user', async function () { | |
369 | await makeGetRequest({ | |
370 | url: server.url, | |
371 | path, | |
2d53be02 | 372 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
373 | }) |
374 | }) | |
375 | ||
376 | it('Should fail with a user without the appropriate rights', async function () { | |
377 | await makeGetRequest({ | |
378 | url: server.url, | |
379 | token: userAccessToken, | |
380 | path, | |
2d53be02 | 381 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
382 | }) |
383 | }) | |
384 | ||
385 | it('Should fail with a bad start pagination', async function () { | |
386 | await checkBadStartPagination(server.url, path, server.accessToken) | |
387 | }) | |
388 | ||
389 | it('Should fail with a bad count pagination', async function () { | |
390 | await checkBadCountPagination(server.url, path, server.accessToken) | |
391 | }) | |
392 | ||
393 | it('Should fail with an incorrect sort', async function () { | |
394 | await checkBadSortPagination(server.url, path, server.accessToken) | |
395 | }) | |
396 | }) | |
397 | ||
398 | describe('When blocking a server', function () { | |
399 | it('Should fail with an unauthenticated user', async function () { | |
400 | await makePostBodyRequest({ | |
401 | url: server.url, | |
402 | path, | |
86ebdf8c | 403 | fields: { host: 'localhost:' + servers[1].port }, |
2d53be02 | 404 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
405 | }) |
406 | }) | |
407 | ||
408 | it('Should fail with a user without the appropriate rights', async function () { | |
409 | await makePostBodyRequest({ | |
410 | url: server.url, | |
411 | token: userAccessToken, | |
412 | path, | |
86ebdf8c | 413 | fields: { host: 'localhost:' + servers[1].port }, |
2d53be02 | 414 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
415 | }) |
416 | }) | |
417 | ||
bb152476 | 418 | it('Should succeed with an unknown server', async function () { |
b44164bb C |
419 | await makePostBodyRequest({ |
420 | url: server.url, | |
421 | token: server.accessToken, | |
422 | path, | |
423 | fields: { host: 'localhost:9003' }, | |
2d53be02 | 424 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
425 | }) |
426 | }) | |
427 | ||
428 | it('Should fail with our own server', async function () { | |
429 | await makePostBodyRequest({ | |
430 | url: server.url, | |
431 | token: server.accessToken, | |
432 | path, | |
86ebdf8c | 433 | fields: { host: 'localhost:' + server.port }, |
2d53be02 | 434 | statusCodeExpected: HttpStatusCode.CONFLICT_409 |
b44164bb C |
435 | }) |
436 | }) | |
437 | ||
438 | it('Should succeed with the correct params', async function () { | |
439 | await makePostBodyRequest({ | |
440 | url: server.url, | |
441 | token: server.accessToken, | |
442 | path, | |
86ebdf8c | 443 | fields: { host: 'localhost:' + servers[1].port }, |
2d53be02 | 444 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
445 | }) |
446 | }) | |
447 | }) | |
448 | ||
449 | describe('When unblocking a server', function () { | |
450 | it('Should fail with an unauthenticated user', async function () { | |
451 | await makeDeleteRequest({ | |
452 | url: server.url, | |
86ebdf8c | 453 | path: path + '/localhost:' + servers[1].port, |
2d53be02 | 454 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 |
b44164bb C |
455 | }) |
456 | }) | |
457 | ||
458 | it('Should fail with a user without the appropriate rights', async function () { | |
459 | await makeDeleteRequest({ | |
460 | url: server.url, | |
86ebdf8c | 461 | path: path + '/localhost:' + servers[1].port, |
b44164bb | 462 | token: userAccessToken, |
2d53be02 | 463 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 |
b44164bb C |
464 | }) |
465 | }) | |
466 | ||
467 | it('Should fail with an unknown server block', async function () { | |
468 | await makeDeleteRequest({ | |
469 | url: server.url, | |
bb152476 | 470 | path: path + '/localhost:9004', |
b44164bb | 471 | token: server.accessToken, |
2d53be02 | 472 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 |
b44164bb C |
473 | }) |
474 | }) | |
475 | ||
476 | it('Should succeed with the correct params', async function () { | |
477 | await makeDeleteRequest({ | |
478 | url: server.url, | |
86ebdf8c | 479 | path: path + '/localhost:' + servers[1].port, |
b44164bb | 480 | token: server.accessToken, |
2d53be02 | 481 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 |
b44164bb C |
482 | }) |
483 | }) | |
484 | }) | |
485 | }) | |
486 | }) | |
487 | ||
86ebdf8c C |
488 | after(async function () { |
489 | await cleanupTests(servers) | |
7ad9b984 C |
490 | }) |
491 | }) |