[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / follows.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
import { HttpStatusCode } from '@shared/models'
import {
  cleanupTests,
  createSingleServer,
  makeDeleteRequest,
  makeGetRequest,
  makePostBodyRequest,
  PeerTubeServer,
  setAccessTokensToServers
} from '@shared/server-commands'

describe('Test server follows API validators', function () {
  let server: PeerTubeServer

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await createSingleServer(1)

    await setAccessTokensToServers([ server ])
  })

  describe('When managing following', function () {
    let userAccessToken = null

    before(async function () {
      userAccessToken = await server.users.generateUserAndToken('user1')
    })

    describe('When adding follows', function () {
      const path = '/api/v1/server/following'

      it('Should fail with nothing', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          token: server.accessToken,
          expectedStatus: HttpStatusCode.BAD_REQUEST_400
        })
      })

      it('Should fail if hosts is not composed by hosts', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ '127.0.0.1:9002', '127.0.0.1:coucou' ] },
          token: server.accessToken,
          expectedStatus: HttpStatusCode.BAD_REQUEST_400
        })
      })

      it('Should fail if hosts is composed with http schemes', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ '127.0.0.1:9002', 'http://127.0.0.1:9003' ] },
          token: server.accessToken,
          expectedStatus: HttpStatusCode.BAD_REQUEST_400
        })
      })

      it('Should fail if hosts are not unique', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { urls: [ '127.0.0.1:9002', '127.0.0.1:9002' ] },
          token: server.accessToken,
          expectedStatus: HttpStatusCode.BAD_REQUEST_400
        })
      })

      it('Should fail if handles is not composed by handles', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { handles: [ 'hello@example.com', '127.0.0.1:9001' ] },
          token: server.accessToken,
          expectedStatus: HttpStatusCode.BAD_REQUEST_400
        })
      })

      it('Should fail if handles are not unique', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { urls: [ 'hello@example.com', 'hello@example.com' ] },
          token: server.accessToken,
          expectedStatus: HttpStatusCode.BAD_REQUEST_400
        })
      })

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ '127.0.0.1:9002' ] },
          token: 'fake_token',
          expectedStatus: HttpStatusCode.UNAUTHORIZED_401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ '127.0.0.1:9002' ] },
          token: userAccessToken,
          expectedStatus: HttpStatusCode.FORBIDDEN_403
        })
      })
    })

    describe('When listing followings', function () {
      const path = '/api/v1/server/following'

      it('Should fail with a bad start pagination', async function () {
        await checkBadStartPagination(server.url, path)
      })

      it('Should fail with a bad count pagination', async function () {
        await checkBadCountPagination(server.url, path)
      })

      it('Should fail with an incorrect sort', async function () {
        await checkBadSortPagination(server.url, path)
      })

      it('Should fail with an incorrect state', async function () {
        await makeGetRequest({
          url: server.url,
          path,
          query: {
            state: 'blabla'
          }
        })
      })

      it('Should fail with an incorrect actor type', async function () {
        await makeGetRequest({
          url: server.url,
          path,
          query: {
            actorType: 'blabla'
          }
        })
      })

      it('Should fail succeed with the correct params', async function () {
        await makeGetRequest({
          url: server.url,
          path,
          expectedStatus: HttpStatusCode.OK_200,
          query: {
            state: 'accepted',
            actorType: 'Application'
          }
        })
      })
    })

    describe('When listing followers', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with a bad start pagination', async function () {
        await checkBadStartPagination(server.url, path)
      })

      it('Should fail with a bad count pagination', async function () {
        await checkBadCountPagination(server.url, path)
      })

      it('Should fail with an incorrect sort', async function () {
        await checkBadSortPagination(server.url, path)
      })

      it('Should fail with an incorrect actor type', async function () {
        await makeGetRequest({
          url: server.url,
          path,
          query: {
            actorType: 'blabla'
          }
        })
      })

      it('Should fail with an incorrect state', async function () {
        await makeGetRequest({
          url: server.url,
          path,
          query: {
            state: 'blabla',
            actorType: 'Application'
          }
        })
      })

      it('Should fail succeed with the correct params', async function () {
        await makeGetRequest({
          url: server.url,
          path,
          expectedStatus: HttpStatusCode.OK_200,
          query: {
            state: 'accepted'
          }
        })
      })
    })

    describe('When removing a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@127.0.0.1:9002',
          token: 'fake_token',
          expectedStatus: HttpStatusCode.UNAUTHORIZED_401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@127.0.0.1:9002',
          token: userAccessToken,
          expectedStatus: HttpStatusCode.FORBIDDEN_403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto',
          token: server.accessToken,
          expectedStatus: HttpStatusCode.BAD_REQUEST_400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@127.0.0.1:9003',
          token: server.accessToken,
          expectedStatus: HttpStatusCode.NOT_FOUND_404
        })
      })
    })

    describe('When accepting a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@127.0.0.1:9002/accept',
          token: 'fake_token',
          expectedStatus: HttpStatusCode.UNAUTHORIZED_401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@127.0.0.1:9002/accept',
          token: userAccessToken,
          expectedStatus: HttpStatusCode.FORBIDDEN_403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto/accept',
          token: server.accessToken,
          expectedStatus: HttpStatusCode.BAD_REQUEST_400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@127.0.0.1:9003/accept',
          token: server.accessToken,
          expectedStatus: HttpStatusCode.NOT_FOUND_404
        })
      })
    })

    describe('When rejecting a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@127.0.0.1:9002/reject',
          token: 'fake_token',
          expectedStatus: HttpStatusCode.UNAUTHORIZED_401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@127.0.0.1:9002/reject',
          token: userAccessToken,
          expectedStatus: HttpStatusCode.FORBIDDEN_403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto/reject',
          token: server.accessToken,
          expectedStatus: HttpStatusCode.BAD_REQUEST_400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@127.0.0.1:9003/reject',
          token: server.accessToken,
          expectedStatus: HttpStatusCode.NOT_FOUND_404
        })
      })
    })

    describe('When removing following', function () {
      const path = '/api/v1/server/following'

      it('Should fail with an invalid token', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/127.0.0.1:9002',
          token: 'fake_token',
          expectedStatus: HttpStatusCode.UNAUTHORIZED_401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/127.0.0.1:9002',
          token: userAccessToken,
          expectedStatus: HttpStatusCode.FORBIDDEN_403
        })
      })

      it('Should fail if we do not follow this server', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/example.com',
          token: server.accessToken,
          expectedStatus: HttpStatusCode.NOT_FOUND_404
        })
      })
    })
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
9a27cdc2	2
c55e3d72 C	3	import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
c55e3d72 C	4	import { HttpStatusCode } from '@shared/models'
9a27cdc2	5	import {
7c3b7976	6	cleanupTests,
254d3579	7	createSingleServer,
c0e8b12e C	8	makeDeleteRequest,
c0e8b12e C	9	makeGetRequest,
7c3b7976	10	makePostBodyRequest,
254d3579	11	PeerTubeServer,
41d1d075	12	setAccessTokensToServers
bf54587a	13	} from '@shared/server-commands'
9a27cdc2 C	14
9a27cdc2 C	15	describe('Test server follows API validators', function () {
254d3579	16	let server: PeerTubeServer
9a27cdc2 C	17
	18	// ---------------------------------------------------------------
	19
	20	before(async function () {
e212f887	21	this.timeout(30000)
9a27cdc2	22
254d3579	23	server = await createSingleServer(1)
9a27cdc2 C	24
	25	await setAccessTokensToServers([ server ])
	26	})
	27
	28	describe('When managing following', function () {
	29	let userAccessToken = null
	30
	31	before(async function () {
4d029ef8	32	userAccessToken = await server.users.generateUserAndToken('user1')
9a27cdc2 C	33	})
	34
	35	describe('When adding follows', function () {
	36	const path = '/api/v1/server/following'
9a27cdc2	37
4d029ef8	38	it('Should fail with nothing', async function () {
eec63bbc C	39	await makePostBodyRequest({
	40	url: server.url,
	41	path,
	42	token: server.accessToken,
c0e8b12e	43	expectedStatus: HttpStatusCode.BAD_REQUEST_400
eec63bbc	44	})
9a27cdc2 C	45	})
9a27cdc2 C	46
4d029ef8	47	it('Should fail if hosts is not composed by hosts', async function () {
eec63bbc C	48	await makePostBodyRequest({
	49	url: server.url,
	50	path,
2732eeff	51	fields: { hosts: [ '127.0.0.1:9002', '127.0.0.1:coucou' ] },
eec63bbc	52	token: server.accessToken,
c0e8b12e	53	expectedStatus: HttpStatusCode.BAD_REQUEST_400
eec63bbc	54	})
9a27cdc2 C	55	})
9a27cdc2 C	56
4d029ef8	57	it('Should fail if hosts is composed with http schemes', async function () {
eec63bbc C	58	await makePostBodyRequest({
	59	url: server.url,
	60	path,
2732eeff	61	fields: { hosts: [ '127.0.0.1:9002', 'http://127.0.0.1:9003' ] },
eec63bbc	62	token: server.accessToken,
c0e8b12e	63	expectedStatus: HttpStatusCode.BAD_REQUEST_400
eec63bbc	64	})
9a27cdc2 C	65	})
9a27cdc2 C	66
4d029ef8	67	it('Should fail if hosts are not unique', async function () {
eec63bbc C	68	await makePostBodyRequest({
	69	url: server.url,
	70	path,
2732eeff	71	fields: { urls: [ '127.0.0.1:9002', '127.0.0.1:9002' ] },
eec63bbc	72	token: server.accessToken,
c0e8b12e	73	expectedStatus: HttpStatusCode.BAD_REQUEST_400
eec63bbc	74	})
9a27cdc2 C	75	})
9a27cdc2 C	76
4d029ef8	77	it('Should fail if handles is not composed by handles', async function () {
eec63bbc C	78	await makePostBodyRequest({
	79	url: server.url,
	80	path,
2732eeff	81	fields: { handles: [ 'hello@example.com', '127.0.0.1:9001' ] },
4d029ef8 C	82	token: server.accessToken,
	83	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	84	})
	85	})
	86
	87	it('Should fail if handles are not unique', async function () {
	88	await makePostBodyRequest({
	89	url: server.url,
	90	path,
	91	fields: { urls: [ 'hello@example.com', 'hello@example.com' ] },
eec63bbc	92	token: server.accessToken,
c0e8b12e	93	expectedStatus: HttpStatusCode.BAD_REQUEST_400
eec63bbc	94	})
9a27cdc2 C	95	})
	96
	97	it('Should fail with an invalid token', async function () {
eec63bbc C	98	await makePostBodyRequest({
	99	url: server.url,
	100	path,
2732eeff	101	fields: { hosts: [ '127.0.0.1:9002' ] },
eec63bbc	102	token: 'fake_token',
c0e8b12e	103	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
eec63bbc	104	})
9a27cdc2 C	105	})
	106
	107	it('Should fail if the user is not an administrator', async function () {
eec63bbc C	108	await makePostBodyRequest({
	109	url: server.url,
	110	path,
2732eeff	111	fields: { hosts: [ '127.0.0.1:9002' ] },
eec63bbc	112	token: userAccessToken,
c0e8b12e	113	expectedStatus: HttpStatusCode.FORBIDDEN_403
eec63bbc	114	})
9a27cdc2 C	115	})
	116	})
	117
	118	describe('When listing followings', function () {
	119	const path = '/api/v1/server/following'
	120
	121	it('Should fail with a bad start pagination', async function () {
eec63bbc	122	await checkBadStartPagination(server.url, path)
9a27cdc2 C	123	})
	124
	125	it('Should fail with a bad count pagination', async function () {
eec63bbc	126	await checkBadCountPagination(server.url, path)
9a27cdc2 C	127	})
	128
	129	it('Should fail with an incorrect sort', async function () {
eec63bbc	130	await checkBadSortPagination(server.url, path)
9a27cdc2	131	})
b8f4167f C	132
	133	it('Should fail with an incorrect state', async function () {
	134	await makeGetRequest({
	135	url: server.url,
	136	path,
	137	query: {
	138	state: 'blabla'
	139	}
	140	})
	141	})
	142
97ecddae C	143	it('Should fail with an incorrect actor type', async function () {
	144	await makeGetRequest({
	145	url: server.url,
	146	path,
	147	query: {
	148	actorType: 'blabla'
	149	}
	150	})
	151	})
	152
b8f4167f C	153	it('Should fail succeed with the correct params', async function () {
	154	await makeGetRequest({
	155	url: server.url,
	156	path,
c0e8b12e	157	expectedStatus: HttpStatusCode.OK_200,
b8f4167f	158	query: {
97ecddae C	159	state: 'accepted',
97ecddae C	160	actorType: 'Application'
b8f4167f C	161	}
	162	})
	163	})
9a27cdc2 C	164	})
	165
	166	describe('When listing followers', function () {
	167	const path = '/api/v1/server/followers'
	168
	169	it('Should fail with a bad start pagination', async function () {
eec63bbc	170	await checkBadStartPagination(server.url, path)
9a27cdc2 C	171	})
	172
	173	it('Should fail with a bad count pagination', async function () {
eec63bbc	174	await checkBadCountPagination(server.url, path)
9a27cdc2 C	175	})
	176
	177	it('Should fail with an incorrect sort', async function () {
eec63bbc	178	await checkBadSortPagination(server.url, path)
9a27cdc2	179	})
b8f4167f	180
97ecddae C	181	it('Should fail with an incorrect actor type', async function () {
	182	await makeGetRequest({
	183	url: server.url,
	184	path,
	185	query: {
	186	actorType: 'blabla'
	187	}
	188	})
	189	})
	190
b8f4167f C	191	it('Should fail with an incorrect state', async function () {
	192	await makeGetRequest({
	193	url: server.url,
	194	path,
	195	query: {
97ecddae C	196	state: 'blabla',
97ecddae C	197	actorType: 'Application'
b8f4167f C	198	}
	199	})
	200	})
	201
	202	it('Should fail succeed with the correct params', async function () {
	203	await makeGetRequest({
	204	url: server.url,
	205	path,
c0e8b12e	206	expectedStatus: HttpStatusCode.OK_200,
b8f4167f C	207	query: {
	208	state: 'accepted'
	209	}
	210	})
	211	})
9a27cdc2 C	212	})
9a27cdc2 C	213
5b9c965d C	214	describe('When removing a follower', function () {
	215	const path = '/api/v1/server/followers'
	216
	217	it('Should fail with an invalid token', async function () {
	218	await makeDeleteRequest({
	219	url: server.url,
2732eeff	220	path: path + '/toto@127.0.0.1:9002',
5b9c965d	221	token: 'fake_token',
c0e8b12e	222	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
5b9c965d C	223	})
	224	})
	225
	226	it('Should fail if the user is not an administrator', async function () {
	227	await makeDeleteRequest({
	228	url: server.url,
2732eeff	229	path: path + '/toto@127.0.0.1:9002',
5b9c965d	230	token: userAccessToken,
c0e8b12e	231	expectedStatus: HttpStatusCode.FORBIDDEN_403
5b9c965d C	232	})
	233	})
	234
	235	it('Should fail with an invalid follower', async function () {
	236	await makeDeleteRequest({
	237	url: server.url,
	238	path: path + '/toto',
	239	token: server.accessToken,
c0e8b12e	240	expectedStatus: HttpStatusCode.BAD_REQUEST_400
5b9c965d C	241	})
	242	})
	243
	244	it('Should fail with an unknown follower', async function () {
	245	await makeDeleteRequest({
	246	url: server.url,
2732eeff	247	path: path + '/toto@127.0.0.1:9003',
5b9c965d	248	token: server.accessToken,
c0e8b12e	249	expectedStatus: HttpStatusCode.NOT_FOUND_404
5b9c965d C	250	})
	251	})
	252	})
	253
14893eb7 C	254	describe('When accepting a follower', function () {
	255	const path = '/api/v1/server/followers'
	256
	257	it('Should fail with an invalid token', async function () {
	258	await makePostBodyRequest({
	259	url: server.url,
2732eeff	260	path: path + '/toto@127.0.0.1:9002/accept',
14893eb7	261	token: 'fake_token',
c0e8b12e	262	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
14893eb7 C	263	})
	264	})
	265
	266	it('Should fail if the user is not an administrator', async function () {
	267	await makePostBodyRequest({
	268	url: server.url,
2732eeff	269	path: path + '/toto@127.0.0.1:9002/accept',
14893eb7	270	token: userAccessToken,
c0e8b12e	271	expectedStatus: HttpStatusCode.FORBIDDEN_403
14893eb7 C	272	})
	273	})
	274
	275	it('Should fail with an invalid follower', async function () {
	276	await makePostBodyRequest({
	277	url: server.url,
	278	path: path + '/toto/accept',
	279	token: server.accessToken,
c0e8b12e	280	expectedStatus: HttpStatusCode.BAD_REQUEST_400
14893eb7 C	281	})
	282	})
	283
	284	it('Should fail with an unknown follower', async function () {
	285	await makePostBodyRequest({
	286	url: server.url,
2732eeff	287	path: path + '/toto@127.0.0.1:9003/accept',
14893eb7	288	token: server.accessToken,
c0e8b12e	289	expectedStatus: HttpStatusCode.NOT_FOUND_404
14893eb7 C	290	})
	291	})
	292	})
	293
	294	describe('When rejecting a follower', function () {
	295	const path = '/api/v1/server/followers'
	296
	297	it('Should fail with an invalid token', async function () {
	298	await makePostBodyRequest({
	299	url: server.url,
2732eeff	300	path: path + '/toto@127.0.0.1:9002/reject',
14893eb7	301	token: 'fake_token',
c0e8b12e	302	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
14893eb7 C	303	})
	304	})
	305
	306	it('Should fail if the user is not an administrator', async function () {
	307	await makePostBodyRequest({
	308	url: server.url,
2732eeff	309	path: path + '/toto@127.0.0.1:9002/reject',
14893eb7	310	token: userAccessToken,
c0e8b12e	311	expectedStatus: HttpStatusCode.FORBIDDEN_403
14893eb7 C	312	})
	313	})
	314
	315	it('Should fail with an invalid follower', async function () {
	316	await makePostBodyRequest({
	317	url: server.url,
	318	path: path + '/toto/reject',
	319	token: server.accessToken,
c0e8b12e	320	expectedStatus: HttpStatusCode.BAD_REQUEST_400
14893eb7 C	321	})
	322	})
	323
	324	it('Should fail with an unknown follower', async function () {
	325	await makePostBodyRequest({
	326	url: server.url,
2732eeff	327	path: path + '/toto@127.0.0.1:9003/reject',
14893eb7	328	token: server.accessToken,
c0e8b12e	329	expectedStatus: HttpStatusCode.NOT_FOUND_404
14893eb7 C	330	})
	331	})
	332	})
	333
9a27cdc2	334	describe('When removing following', function () {
0f91ae62 C	335	const path = '/api/v1/server/following'
	336
	337	it('Should fail with an invalid token', async function () {
eec63bbc C	338	await makeDeleteRequest({
eec63bbc C	339	url: server.url,
2732eeff	340	path: path + '/127.0.0.1:9002',
eec63bbc	341	token: 'fake_token',
c0e8b12e	342	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
eec63bbc	343	})
0f91ae62 C	344	})
	345
	346	it('Should fail if the user is not an administrator', async function () {
eec63bbc C	347	await makeDeleteRequest({
eec63bbc C	348	url: server.url,
2732eeff	349	path: path + '/127.0.0.1:9002',
eec63bbc	350	token: userAccessToken,
c0e8b12e	351	expectedStatus: HttpStatusCode.FORBIDDEN_403
eec63bbc C	352	})
	353	})
	354
	355	it('Should fail if we do not follow this server', async function () {
	356	await makeDeleteRequest({
	357	url: server.url,
	358	path: path + '/example.com',
	359	token: server.accessToken,
c0e8b12e	360	expectedStatus: HttpStatusCode.NOT_FOUND_404
eec63bbc C	361	})
eec63bbc C	362	})
9a27cdc2 C	363	})
	364	})
	365
7c3b7976 C	366	after(async function () {
7c3b7976 C	367	await cleanupTests([ server ])
9a27cdc2 C	368	})
9a27cdc2 C	369	})