[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / follows.ts

/* tslint:disable:no-unused-expression */

import 'mocha'

import {
  createUser, flushTests, killallServers, makeDeleteRequest, makePostBodyRequest, flushAndRunServer, ServerInfo, setAccessTokensToServers,
  userLogin
} from '../../../../shared/extra-utils'
import {
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination
} from '../../../../shared/extra-utils/requests/check-api-params'

describe('Test server follows API validators', function () {
  let server: ServerInfo

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await flushAndRunServer(1)

    await setAccessTokensToServers([ server ])
  })

  describe('When managing following', function () {
    let userAccessToken = null

    before(async function () {
      const user = {
        username: 'user1',
        password: 'password'
      }

      await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
      userAccessToken = await userLogin(server, user)
    })

    describe('When adding follows', function () {
      const path = '/api/v1/server/following'

      it('Should fail without hosts', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if hosts is not an array', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          token: server.accessToken,
          fields: { hosts: 'localhost:9002' },
          statusCodeExpected: 400
        })
      })

      it('Should fail if the array is not composed by hosts', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if the array is composed with http schemes', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if hosts are not unique', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002' ] },
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002' ] },
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })
    })

    describe('When listing followings', function () {
      const path = '/api/v1/server/following'

      it('Should fail with a bad start pagination', async function () {
        await checkBadStartPagination(server.url, path)
      })

      it('Should fail with a bad count pagination', async function () {
        await checkBadCountPagination(server.url, path)
      })

      it('Should fail with an incorrect sort', async function () {
        await checkBadSortPagination(server.url, path)
      })
    })

    describe('When listing followers', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with a bad start pagination', async function () {
        await checkBadStartPagination(server.url, path)
      })

      it('Should fail with a bad count pagination', async function () {
        await checkBadCountPagination(server.url, path)
      })

      it('Should fail with an incorrect sort', async function () {
        await checkBadSortPagination(server.url, path)
      })
    })

    describe('When removing a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9002',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9002',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9003',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When accepting a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/accept',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/accept',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto/accept',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9003/accept',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When rejecting a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/reject',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/reject',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto/reject',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9003/reject',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When removing following', function () {
      const path = '/api/v1/server/following'

      it('Should fail with an invalid token', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/localhost:9002',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/localhost:9002',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail if we do not follow this server', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/example.com',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })
  })

  after(function () {
    killallServers([ server ])
  })
})
Commit	Line	Data
9a27cdc2 C	1	/* tslint:disable:no-unused-expression */
9a27cdc2 C	2
9a27cdc2 C	3	import 'mocha'
	4
	5	import {
210feb6c	6	createUser, flushTests, killallServers, makeDeleteRequest, makePostBodyRequest, flushAndRunServer, ServerInfo, setAccessTokensToServers,
eec63bbc	7	userLogin
94565d52	8	} from '../../../../shared/extra-utils'
9639bd17	9	import {
	10	checkBadCountPagination,
	11	checkBadSortPagination,
	12	checkBadStartPagination
94565d52	13	} from '../../../../shared/extra-utils/requests/check-api-params'
9a27cdc2 C	14
	15	describe('Test server follows API validators', function () {
	16	let server: ServerInfo
	17
	18	// ---------------------------------------------------------------
	19
	20	before(async function () {
e212f887	21	this.timeout(30000)
9a27cdc2	22
210feb6c	23	server = await flushAndRunServer(1)
9a27cdc2 C	24
	25	await setAccessTokensToServers([ server ])
	26	})
	27
	28	describe('When managing following', function () {
	29	let userAccessToken = null
	30
	31	before(async function () {
eec63bbc	32	const user = {
9a27cdc2 C	33	username: 'user1',
	34	password: 'password'
	35	}
	36
1eddc9a7	37	await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
eec63bbc	38	userAccessToken = await userLogin(server, user)
9a27cdc2 C	39	})
	40
	41	describe('When adding follows', function () {
	42	const path = '/api/v1/server/following'
9a27cdc2 C	43
9a27cdc2 C	44	it('Should fail without hosts', async function () {
eec63bbc C	45	await makePostBodyRequest({
	46	url: server.url,
	47	path,
	48	token: server.accessToken,
	49	statusCodeExpected: 400
	50	})
9a27cdc2 C	51	})
	52
	53	it('Should fail if hosts is not an array', async function () {
eec63bbc C	54	await makePostBodyRequest({
	55	url: server.url,
	56	path,
	57	token: server.accessToken,
	58	fields: { hosts: 'localhost:9002' },
	59	statusCodeExpected: 400
	60	})
9a27cdc2 C	61	})
	62
	63	it('Should fail if the array is not composed by hosts', async function () {
eec63bbc C	64	await makePostBodyRequest({
	65	url: server.url,
	66	path,
	67	fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
	68	token: server.accessToken,
	69	statusCodeExpected: 400
	70	})
9a27cdc2 C	71	})
	72
	73	it('Should fail if the array is composed with http schemes', async function () {
eec63bbc C	74	await makePostBodyRequest({
	75	url: server.url,
	76	path,
	77	fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
	78	token: server.accessToken,
	79	statusCodeExpected: 400
	80	})
9a27cdc2 C	81	})
	82
	83	it('Should fail if hosts are not unique', async function () {
eec63bbc C	84	await makePostBodyRequest({
	85	url: server.url,
	86	path,
	87	fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
	88	token: server.accessToken,
	89	statusCodeExpected: 400
	90	})
9a27cdc2 C	91	})
	92
	93	it('Should fail with an invalid token', async function () {
eec63bbc C	94	await makePostBodyRequest({
	95	url: server.url,
	96	path,
	97	fields: { hosts: [ 'localhost:9002' ] },
	98	token: 'fake_token',
	99	statusCodeExpected: 401
	100	})
9a27cdc2 C	101	})
	102
	103	it('Should fail if the user is not an administrator', async function () {
eec63bbc C	104	await makePostBodyRequest({
	105	url: server.url,
	106	path,
	107	fields: { hosts: [ 'localhost:9002' ] },
	108	token: userAccessToken,
	109	statusCodeExpected: 403
	110	})
9a27cdc2 C	111	})
	112	})
	113
	114	describe('When listing followings', function () {
	115	const path = '/api/v1/server/following'
	116
	117	it('Should fail with a bad start pagination', async function () {
eec63bbc	118	await checkBadStartPagination(server.url, path)
9a27cdc2 C	119	})
	120
	121	it('Should fail with a bad count pagination', async function () {
eec63bbc	122	await checkBadCountPagination(server.url, path)
9a27cdc2 C	123	})
	124
	125	it('Should fail with an incorrect sort', async function () {
eec63bbc	126	await checkBadSortPagination(server.url, path)
9a27cdc2 C	127	})
	128	})
	129
	130	describe('When listing followers', function () {
	131	const path = '/api/v1/server/followers'
	132
	133	it('Should fail with a bad start pagination', async function () {
eec63bbc	134	await checkBadStartPagination(server.url, path)
9a27cdc2 C	135	})
	136
	137	it('Should fail with a bad count pagination', async function () {
eec63bbc	138	await checkBadCountPagination(server.url, path)
9a27cdc2 C	139	})
	140
	141	it('Should fail with an incorrect sort', async function () {
eec63bbc	142	await checkBadSortPagination(server.url, path)
9a27cdc2 C	143	})
	144	})
	145
5b9c965d C	146	describe('When removing a follower', function () {
	147	const path = '/api/v1/server/followers'
	148
	149	it('Should fail with an invalid token', async function () {
	150	await makeDeleteRequest({
	151	url: server.url,
	152	path: path + '/toto@localhost:9002',
	153	token: 'fake_token',
	154	statusCodeExpected: 401
	155	})
	156	})
	157
	158	it('Should fail if the user is not an administrator', async function () {
	159	await makeDeleteRequest({
	160	url: server.url,
	161	path: path + '/toto@localhost:9002',
	162	token: userAccessToken,
	163	statusCodeExpected: 403
	164	})
	165	})
	166
	167	it('Should fail with an invalid follower', async function () {
	168	await makeDeleteRequest({
	169	url: server.url,
	170	path: path + '/toto',
	171	token: server.accessToken,
	172	statusCodeExpected: 400
	173	})
	174	})
	175
	176	it('Should fail with an unknown follower', async function () {
	177	await makeDeleteRequest({
	178	url: server.url,
	179	path: path + '/toto@localhost:9003',
	180	token: server.accessToken,
	181	statusCodeExpected: 404
	182	})
	183	})
	184	})
	185
14893eb7 C	186	describe('When accepting a follower', function () {
	187	const path = '/api/v1/server/followers'
	188
	189	it('Should fail with an invalid token', async function () {
	190	await makePostBodyRequest({
	191	url: server.url,
	192	path: path + '/toto@localhost:9002/accept',
	193	token: 'fake_token',
	194	statusCodeExpected: 401
	195	})
	196	})
	197
	198	it('Should fail if the user is not an administrator', async function () {
	199	await makePostBodyRequest({
	200	url: server.url,
	201	path: path + '/toto@localhost:9002/accept',
	202	token: userAccessToken,
	203	statusCodeExpected: 403
	204	})
	205	})
	206
	207	it('Should fail with an invalid follower', async function () {
	208	await makePostBodyRequest({
	209	url: server.url,
	210	path: path + '/toto/accept',
	211	token: server.accessToken,
	212	statusCodeExpected: 400
	213	})
	214	})
	215
	216	it('Should fail with an unknown follower', async function () {
	217	await makePostBodyRequest({
	218	url: server.url,
	219	path: path + '/toto@localhost:9003/accept',
	220	token: server.accessToken,
	221	statusCodeExpected: 404
	222	})
	223	})
	224	})
	225
	226	describe('When rejecting a follower', function () {
	227	const path = '/api/v1/server/followers'
	228
	229	it('Should fail with an invalid token', async function () {
	230	await makePostBodyRequest({
	231	url: server.url,
	232	path: path + '/toto@localhost:9002/reject',
	233	token: 'fake_token',
	234	statusCodeExpected: 401
	235	})
	236	})
	237
	238	it('Should fail if the user is not an administrator', async function () {
	239	await makePostBodyRequest({
	240	url: server.url,
	241	path: path + '/toto@localhost:9002/reject',
	242	token: userAccessToken,
	243	statusCodeExpected: 403
	244	})
	245	})
	246
	247	it('Should fail with an invalid follower', async function () {
	248	await makePostBodyRequest({
	249	url: server.url,
250	path: path + '/toto/reject',
251	token: server.accessToken,
252	statusCodeExpected: 400
253	})
254	})
255
256	it('Should fail with an unknown follower', async function () {
257	await makePostBodyRequest({
258	url: server.url,
259	path: path + '/toto@localhost:9003/reject',
260	token: server.accessToken,
261	statusCodeExpected: 404
262	})
263	})
264	})
265
9a27cdc2	266	describe('When removing following', function () {
0f91ae62 C	267	const path = '/api/v1/server/following'
	268
	269	it('Should fail with an invalid token', async function () {
eec63bbc C	270	await makeDeleteRequest({
	271	url: server.url,
	272	path: path + '/localhost:9002',
	273	token: 'fake_token',
	274	statusCodeExpected: 401
	275	})
0f91ae62 C	276	})
	277
	278	it('Should fail if the user is not an administrator', async function () {
eec63bbc C	279	await makeDeleteRequest({
	280	url: server.url,
	281	path: path + '/localhost:9002',
	282	token: userAccessToken,
	283	statusCodeExpected: 403
	284	})
	285	})
	286
	287	it('Should fail if we do not follow this server', async function () {
	288	await makeDeleteRequest({
	289	url: server.url,
	290	path: path + '/example.com',
	291	token: server.accessToken,
	292	statusCodeExpected: 404
	293	})
	294	})
9a27cdc2 C	295	})
	296	})
	297
210feb6c	298	after(function () {
9a27cdc2	299	killallServers([ server ])
9a27cdc2 C	300	})
9a27cdc2 C	301	})