[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / follows.ts

/* tslint:disable:no-unused-expression */

import 'mocha'

import {
  createUser, flushTests, killallServers, makeDeleteRequest, makePostBodyRequest, runServer, ServerInfo, setAccessTokensToServers,
  userLogin
} from '../../../../shared/utils'
import {
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination
} from '../../../../shared/utils/requests/check-api-params'

describe('Test server follows API validators', function () {
  let server: ServerInfo

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    await flushTests()
    server = await runServer(1)

    await setAccessTokensToServers([ server ])
  })

  describe('When managing following', function () {
    let userAccessToken = null

    before(async function () {
      const user = {
        username: 'user1',
        password: 'password'
      }

      await createUser(server.url, server.accessToken, user.username, user.password)
      userAccessToken = await userLogin(server, user)
    })

    describe('When adding follows', function () {
      const path = '/api/v1/server/following'

      it('Should fail without hosts', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if hosts is not an array', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          token: server.accessToken,
          fields: { hosts: 'localhost:9002' },
          statusCodeExpected: 400
        })
      })

      it('Should fail if the array is not composed by hosts', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if the array is composed with http schemes', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if hosts are not unique', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002' ] },
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002' ] },
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })
    })

    describe('When listing followings', function () {
      const path = '/api/v1/server/following'

      it('Should fail with a bad start pagination', async function () {
        await checkBadStartPagination(server.url, path)
      })

      it('Should fail with a bad count pagination', async function () {
        await checkBadCountPagination(server.url, path)
      })

      it('Should fail with an incorrect sort', async function () {
        await checkBadSortPagination(server.url, path)
      })
    })

    describe('When listing followers', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with a bad start pagination', async function () {
        await checkBadStartPagination(server.url, path)
      })

      it('Should fail with a bad count pagination', async function () {
        await checkBadCountPagination(server.url, path)
      })

      it('Should fail with an incorrect sort', async function () {
        await checkBadSortPagination(server.url, path)
      })
    })

    describe('When removing a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9002',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9002',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9003',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When accepting a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/accept',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/accept',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto/accept',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9003/accept',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When rejecting a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/reject',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/reject',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto/reject',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9003/reject',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When removing following', function () {
      const path = '/api/v1/server/following'

      it('Should fail with an invalid token', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/localhost:9002',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/localhost:9002',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail if we do not follow this server', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/example.com',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })
  })

  after(async function () {
    killallServers([ server ])

    // Keep the logs if the test failed
    if (this['ok']) {
      await flushTests()
    }
  })
})
Commit	Line	Data
9a27cdc2 C	1	/* tslint:disable:no-unused-expression */
9a27cdc2 C	2
9a27cdc2 C	3	import 'mocha'
	4
	5	import {
eec63bbc C	6	createUser, flushTests, killallServers, makeDeleteRequest, makePostBodyRequest, runServer, ServerInfo, setAccessTokensToServers,
eec63bbc C	7	userLogin
9639bd17	8	} from '../../../../shared/utils'
	9	import {
	10	checkBadCountPagination,
	11	checkBadSortPagination,
	12	checkBadStartPagination
	13	} from '../../../../shared/utils/requests/check-api-params'
9a27cdc2 C	14
	15	describe('Test server follows API validators', function () {
	16	let server: ServerInfo
	17
	18	// ---------------------------------------------------------------
	19
	20	before(async function () {
e212f887	21	this.timeout(30000)
9a27cdc2 C	22
	23	await flushTests()
	24	server = await runServer(1)
	25
	26	await setAccessTokensToServers([ server ])
	27	})
	28
	29	describe('When managing following', function () {
	30	let userAccessToken = null
	31
	32	before(async function () {
eec63bbc	33	const user = {
9a27cdc2 C	34	username: 'user1',
	35	password: 'password'
	36	}
	37
eec63bbc C	38	await createUser(server.url, server.accessToken, user.username, user.password)
eec63bbc C	39	userAccessToken = await userLogin(server, user)
9a27cdc2 C	40	})
	41
	42	describe('When adding follows', function () {
	43	const path = '/api/v1/server/following'
9a27cdc2 C	44
9a27cdc2 C	45	it('Should fail without hosts', async function () {
eec63bbc C	46	await makePostBodyRequest({
	47	url: server.url,
	48	path,
	49	token: server.accessToken,
	50	statusCodeExpected: 400
	51	})
9a27cdc2 C	52	})
	53
	54	it('Should fail if hosts is not an array', async function () {
eec63bbc C	55	await makePostBodyRequest({
	56	url: server.url,
	57	path,
	58	token: server.accessToken,
	59	fields: { hosts: 'localhost:9002' },
	60	statusCodeExpected: 400
	61	})
9a27cdc2 C	62	})
	63
	64	it('Should fail if the array is not composed by hosts', async function () {
eec63bbc C	65	await makePostBodyRequest({
	66	url: server.url,
	67	path,
	68	fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
	69	token: server.accessToken,
	70	statusCodeExpected: 400
	71	})
9a27cdc2 C	72	})
	73
	74	it('Should fail if the array is composed with http schemes', async function () {
eec63bbc C	75	await makePostBodyRequest({
	76	url: server.url,
	77	path,
	78	fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
	79	token: server.accessToken,
	80	statusCodeExpected: 400
	81	})
9a27cdc2 C	82	})
	83
	84	it('Should fail if hosts are not unique', async function () {
eec63bbc C	85	await makePostBodyRequest({
	86	url: server.url,
	87	path,
	88	fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
	89	token: server.accessToken,
	90	statusCodeExpected: 400
	91	})
9a27cdc2 C	92	})
	93
	94	it('Should fail with an invalid token', async function () {
eec63bbc C	95	await makePostBodyRequest({
	96	url: server.url,
	97	path,
	98	fields: { hosts: [ 'localhost:9002' ] },
	99	token: 'fake_token',
	100	statusCodeExpected: 401
	101	})
9a27cdc2 C	102	})
	103
	104	it('Should fail if the user is not an administrator', async function () {
eec63bbc C	105	await makePostBodyRequest({
	106	url: server.url,
	107	path,
	108	fields: { hosts: [ 'localhost:9002' ] },
	109	token: userAccessToken,
	110	statusCodeExpected: 403
	111	})
9a27cdc2 C	112	})
	113	})
	114
	115	describe('When listing followings', function () {
	116	const path = '/api/v1/server/following'
	117
	118	it('Should fail with a bad start pagination', async function () {
eec63bbc	119	await checkBadStartPagination(server.url, path)
9a27cdc2 C	120	})
	121
	122	it('Should fail with a bad count pagination', async function () {
eec63bbc	123	await checkBadCountPagination(server.url, path)
9a27cdc2 C	124	})
	125
	126	it('Should fail with an incorrect sort', async function () {
eec63bbc	127	await checkBadSortPagination(server.url, path)
9a27cdc2 C	128	})
	129	})
	130
	131	describe('When listing followers', function () {
	132	const path = '/api/v1/server/followers'
	133
	134	it('Should fail with a bad start pagination', async function () {
eec63bbc	135	await checkBadStartPagination(server.url, path)
9a27cdc2 C	136	})
	137
	138	it('Should fail with a bad count pagination', async function () {
eec63bbc	139	await checkBadCountPagination(server.url, path)
9a27cdc2 C	140	})
	141
	142	it('Should fail with an incorrect sort', async function () {
eec63bbc	143	await checkBadSortPagination(server.url, path)
9a27cdc2 C	144	})
	145	})
	146
5b9c965d C	147	describe('When removing a follower', function () {
	148	const path = '/api/v1/server/followers'
	149
	150	it('Should fail with an invalid token', async function () {
	151	await makeDeleteRequest({
	152	url: server.url,
	153	path: path + '/toto@localhost:9002',
	154	token: 'fake_token',
	155	statusCodeExpected: 401
	156	})
	157	})
	158
	159	it('Should fail if the user is not an administrator', async function () {
	160	await makeDeleteRequest({
	161	url: server.url,
	162	path: path + '/toto@localhost:9002',
	163	token: userAccessToken,
	164	statusCodeExpected: 403
	165	})
	166	})
	167
	168	it('Should fail with an invalid follower', async function () {
	169	await makeDeleteRequest({
	170	url: server.url,
	171	path: path + '/toto',
	172	token: server.accessToken,
	173	statusCodeExpected: 400
	174	})
	175	})
	176
	177	it('Should fail with an unknown follower', async function () {
	178	await makeDeleteRequest({
	179	url: server.url,
	180	path: path + '/toto@localhost:9003',
	181	token: server.accessToken,
	182	statusCodeExpected: 404
	183	})
	184	})
	185	})
	186
14893eb7 C	187	describe('When accepting a follower', function () {
	188	const path = '/api/v1/server/followers'
	189
	190	it('Should fail with an invalid token', async function () {
	191	await makePostBodyRequest({
	192	url: server.url,
	193	path: path + '/toto@localhost:9002/accept',
	194	token: 'fake_token',
	195	statusCodeExpected: 401
	196	})
	197	})
	198
	199	it('Should fail if the user is not an administrator', async function () {
	200	await makePostBodyRequest({
	201	url: server.url,
	202	path: path + '/toto@localhost:9002/accept',
	203	token: userAccessToken,
	204	statusCodeExpected: 403
	205	})
	206	})
	207
	208	it('Should fail with an invalid follower', async function () {
	209	await makePostBodyRequest({
	210	url: server.url,
	211	path: path + '/toto/accept',
	212	token: server.accessToken,
	213	statusCodeExpected: 400
	214	})
	215	})
	216
	217	it('Should fail with an unknown follower', async function () {
	218	await makePostBodyRequest({
	219	url: server.url,
	220	path: path + '/toto@localhost:9003/accept',
	221	token: server.accessToken,
	222	statusCodeExpected: 404
	223	})
	224	})
	225	})
	226
	227	describe('When rejecting a follower', function () {
	228	const path = '/api/v1/server/followers'
	229
	230	it('Should fail with an invalid token', async function () {
	231	await makePostBodyRequest({
	232	url: server.url,
	233	path: path + '/toto@localhost:9002/reject',
	234	token: 'fake_token',
	235	statusCodeExpected: 401
	236	})
	237	})
	238
	239	it('Should fail if the user is not an administrator', async function () {
	240	await makePostBodyRequest({
	241	url: server.url,
	242	path: path + '/toto@localhost:9002/reject',
	243	token: userAccessToken,
	244	statusCodeExpected: 403
	245	})
	246	})
	247
	248	it('Should fail with an invalid follower', async function () {
	249	await makePostBodyRequest({
	250	url: server.url,
251	path: path + '/toto/reject',
252	token: server.accessToken,
253	statusCodeExpected: 400
254	})
255	})
256
257	it('Should fail with an unknown follower', async function () {
258	await makePostBodyRequest({
259	url: server.url,
260	path: path + '/toto@localhost:9003/reject',
261	token: server.accessToken,
262	statusCodeExpected: 404
263	})
264	})
265	})
266
9a27cdc2	267	describe('When removing following', function () {
0f91ae62 C	268	const path = '/api/v1/server/following'
	269
	270	it('Should fail with an invalid token', async function () {
eec63bbc C	271	await makeDeleteRequest({
	272	url: server.url,
	273	path: path + '/localhost:9002',
	274	token: 'fake_token',
	275	statusCodeExpected: 401
	276	})
0f91ae62 C	277	})
	278
	279	it('Should fail if the user is not an administrator', async function () {
eec63bbc C	280	await makeDeleteRequest({
	281	url: server.url,
	282	path: path + '/localhost:9002',
	283	token: userAccessToken,
	284	statusCodeExpected: 403
	285	})
	286	})
	287
	288	it('Should fail if we do not follow this server', async function () {
	289	await makeDeleteRequest({
	290	url: server.url,
	291	path: path + '/example.com',
	292	token: server.accessToken,
	293	statusCodeExpected: 404
	294	})
	295	})
9a27cdc2 C	296	})
	297	})
	298
	299	after(async function () {
	300	killallServers([ server ])
	301
	302	// Keep the logs if the test failed
	303	if (this['ok']) {
	304	await flushTests()
	305	}
	306	})
	307	})