[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / follows.ts

/* tslint:disable:no-unused-expression */

import 'mocha'

import {
  cleanupTests,
  createUser,
  flushAndRunServer,
  makeDeleteRequest,
  makePostBodyRequest,
  ServerInfo,
  setAccessTokensToServers,
  userLogin
} from '../../../../shared/extra-utils'
import {
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination
} from '../../../../shared/extra-utils/requests/check-api-params'

describe('Test server follows API validators', function () {
  let server: ServerInfo

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await flushAndRunServer(1)

    await setAccessTokensToServers([ server ])
  })

  describe('When managing following', function () {
    let userAccessToken = null

    before(async function () {
      const user = {
        username: 'user1',
        password: 'password'
      }

      await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
      userAccessToken = await userLogin(server, user)
    })

    describe('When adding follows', function () {
      const path = '/api/v1/server/following'

      it('Should fail without hosts', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if hosts is not an array', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          token: server.accessToken,
          fields: { hosts: 'localhost:9002' },
          statusCodeExpected: 400
        })
      })

      it('Should fail if the array is not composed by hosts', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if the array is composed with http schemes', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if hosts are not unique', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002' ] },
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002' ] },
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })
    })

    describe('When listing followings', function () {
      const path = '/api/v1/server/following'

      it('Should fail with a bad start pagination', async function () {
        await checkBadStartPagination(server.url, path)
      })

      it('Should fail with a bad count pagination', async function () {
        await checkBadCountPagination(server.url, path)
      })

      it('Should fail with an incorrect sort', async function () {
        await checkBadSortPagination(server.url, path)
      })
    })

    describe('When listing followers', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with a bad start pagination', async function () {
        await checkBadStartPagination(server.url, path)
      })

      it('Should fail with a bad count pagination', async function () {
        await checkBadCountPagination(server.url, path)
      })

      it('Should fail with an incorrect sort', async function () {
        await checkBadSortPagination(server.url, path)
      })
    })

    describe('When removing a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9002',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9002',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9003',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When accepting a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/accept',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/accept',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto/accept',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9003/accept',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When rejecting a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/reject',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/reject',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto/reject',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9003/reject',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When removing following', function () {
      const path = '/api/v1/server/following'

      it('Should fail with an invalid token', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/localhost:9002',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/localhost:9002',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail if we do not follow this server', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/example.com',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
9a27cdc2 C	1	/* tslint:disable:no-unused-expression */
9a27cdc2 C	2
9a27cdc2 C	3	import 'mocha'
	4
	5	import {
7c3b7976 C	6	cleanupTests,
	7	createUser,
	8	flushAndRunServer,
	9	makeDeleteRequest,
	10	makePostBodyRequest,
	11	ServerInfo,
	12	setAccessTokensToServers,
eec63bbc	13	userLogin
94565d52	14	} from '../../../../shared/extra-utils'
9639bd17	15	import {
	16	checkBadCountPagination,
	17	checkBadSortPagination,
	18	checkBadStartPagination
94565d52	19	} from '../../../../shared/extra-utils/requests/check-api-params'
9a27cdc2 C	20
	21	describe('Test server follows API validators', function () {
	22	let server: ServerInfo
	23
	24	// ---------------------------------------------------------------
	25
	26	before(async function () {
e212f887	27	this.timeout(30000)
9a27cdc2	28
210feb6c	29	server = await flushAndRunServer(1)
9a27cdc2 C	30
	31	await setAccessTokensToServers([ server ])
	32	})
	33
	34	describe('When managing following', function () {
	35	let userAccessToken = null
	36
	37	before(async function () {
eec63bbc	38	const user = {
9a27cdc2 C	39	username: 'user1',
	40	password: 'password'
	41	}
	42
1eddc9a7	43	await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
eec63bbc	44	userAccessToken = await userLogin(server, user)
9a27cdc2 C	45	})
	46
	47	describe('When adding follows', function () {
	48	const path = '/api/v1/server/following'
9a27cdc2 C	49
9a27cdc2 C	50	it('Should fail without hosts', async function () {
eec63bbc C	51	await makePostBodyRequest({
	52	url: server.url,
	53	path,
	54	token: server.accessToken,
	55	statusCodeExpected: 400
	56	})
9a27cdc2 C	57	})
	58
	59	it('Should fail if hosts is not an array', async function () {
eec63bbc C	60	await makePostBodyRequest({
	61	url: server.url,
	62	path,
	63	token: server.accessToken,
	64	fields: { hosts: 'localhost:9002' },
	65	statusCodeExpected: 400
	66	})
9a27cdc2 C	67	})
	68
	69	it('Should fail if the array is not composed by hosts', async function () {
eec63bbc C	70	await makePostBodyRequest({
	71	url: server.url,
	72	path,
	73	fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
	74	token: server.accessToken,
	75	statusCodeExpected: 400
	76	})
9a27cdc2 C	77	})
	78
	79	it('Should fail if the array is composed with http schemes', async function () {
eec63bbc C	80	await makePostBodyRequest({
	81	url: server.url,
	82	path,
	83	fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
	84	token: server.accessToken,
	85	statusCodeExpected: 400
	86	})
9a27cdc2 C	87	})
	88
	89	it('Should fail if hosts are not unique', async function () {
eec63bbc C	90	await makePostBodyRequest({
	91	url: server.url,
	92	path,
	93	fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
	94	token: server.accessToken,
	95	statusCodeExpected: 400
	96	})
9a27cdc2 C	97	})
	98
	99	it('Should fail with an invalid token', async function () {
eec63bbc C	100	await makePostBodyRequest({
	101	url: server.url,
	102	path,
	103	fields: { hosts: [ 'localhost:9002' ] },
	104	token: 'fake_token',
	105	statusCodeExpected: 401
	106	})
9a27cdc2 C	107	})
	108
	109	it('Should fail if the user is not an administrator', async function () {
eec63bbc C	110	await makePostBodyRequest({
	111	url: server.url,
	112	path,
	113	fields: { hosts: [ 'localhost:9002' ] },
	114	token: userAccessToken,
	115	statusCodeExpected: 403
	116	})
9a27cdc2 C	117	})
	118	})
	119
	120	describe('When listing followings', function () {
	121	const path = '/api/v1/server/following'
	122
	123	it('Should fail with a bad start pagination', async function () {
eec63bbc	124	await checkBadStartPagination(server.url, path)
9a27cdc2 C	125	})
	126
	127	it('Should fail with a bad count pagination', async function () {
eec63bbc	128	await checkBadCountPagination(server.url, path)
9a27cdc2 C	129	})
	130
	131	it('Should fail with an incorrect sort', async function () {
eec63bbc	132	await checkBadSortPagination(server.url, path)
9a27cdc2 C	133	})
	134	})
	135
	136	describe('When listing followers', function () {
	137	const path = '/api/v1/server/followers'
	138
	139	it('Should fail with a bad start pagination', async function () {
eec63bbc	140	await checkBadStartPagination(server.url, path)
9a27cdc2 C	141	})
	142
	143	it('Should fail with a bad count pagination', async function () {
eec63bbc	144	await checkBadCountPagination(server.url, path)
9a27cdc2 C	145	})
	146
	147	it('Should fail with an incorrect sort', async function () {
eec63bbc	148	await checkBadSortPagination(server.url, path)
9a27cdc2 C	149	})
	150	})
	151
5b9c965d C	152	describe('When removing a follower', function () {
	153	const path = '/api/v1/server/followers'
	154
	155	it('Should fail with an invalid token', async function () {
	156	await makeDeleteRequest({
	157	url: server.url,
	158	path: path + '/toto@localhost:9002',
	159	token: 'fake_token',
	160	statusCodeExpected: 401
	161	})
	162	})
	163
	164	it('Should fail if the user is not an administrator', async function () {
	165	await makeDeleteRequest({
	166	url: server.url,
	167	path: path + '/toto@localhost:9002',
	168	token: userAccessToken,
	169	statusCodeExpected: 403
	170	})
	171	})
	172
	173	it('Should fail with an invalid follower', async function () {
	174	await makeDeleteRequest({
	175	url: server.url,
	176	path: path + '/toto',
	177	token: server.accessToken,
	178	statusCodeExpected: 400
	179	})
	180	})
	181
	182	it('Should fail with an unknown follower', async function () {
	183	await makeDeleteRequest({
	184	url: server.url,
	185	path: path + '/toto@localhost:9003',
	186	token: server.accessToken,
	187	statusCodeExpected: 404
	188	})
	189	})
	190	})
	191
14893eb7 C	192	describe('When accepting a follower', function () {
	193	const path = '/api/v1/server/followers'
	194
	195	it('Should fail with an invalid token', async function () {
	196	await makePostBodyRequest({
	197	url: server.url,
	198	path: path + '/toto@localhost:9002/accept',
	199	token: 'fake_token',
	200	statusCodeExpected: 401
	201	})
	202	})
	203
	204	it('Should fail if the user is not an administrator', async function () {
	205	await makePostBodyRequest({
	206	url: server.url,
	207	path: path + '/toto@localhost:9002/accept',
	208	token: userAccessToken,
	209	statusCodeExpected: 403
	210	})
	211	})
	212
	213	it('Should fail with an invalid follower', async function () {
	214	await makePostBodyRequest({
	215	url: server.url,
	216	path: path + '/toto/accept',
	217	token: server.accessToken,
	218	statusCodeExpected: 400
	219	})
	220	})
	221
	222	it('Should fail with an unknown follower', async function () {
	223	await makePostBodyRequest({
	224	url: server.url,
	225	path: path + '/toto@localhost:9003/accept',
	226	token: server.accessToken,
	227	statusCodeExpected: 404
	228	})
	229	})
	230	})
	231
	232	describe('When rejecting a follower', function () {
	233	const path = '/api/v1/server/followers'
	234
	235	it('Should fail with an invalid token', async function () {
	236	await makePostBodyRequest({
	237	url: server.url,
	238	path: path + '/toto@localhost:9002/reject',
	239	token: 'fake_token',
	240	statusCodeExpected: 401
	241	})
	242	})
	243
	244	it('Should fail if the user is not an administrator', async function () {
	245	await makePostBodyRequest({
	246	url: server.url,
	247	path: path + '/toto@localhost:9002/reject',
	248	token: userAccessToken,
	249	statusCodeExpected: 403
	250	})
	251	})
	252
	253	it('Should fail with an invalid follower', async function () {
	254	await makePostBodyRequest({
	255	url: server.url,
256	path: path + '/toto/reject',
257	token: server.accessToken,
258	statusCodeExpected: 400
259	})
260	})
261
262	it('Should fail with an unknown follower', async function () {
263	await makePostBodyRequest({
264	url: server.url,
265	path: path + '/toto@localhost:9003/reject',
266	token: server.accessToken,
267	statusCodeExpected: 404
268	})
269	})
270	})
271
9a27cdc2	272	describe('When removing following', function () {
0f91ae62 C	273	const path = '/api/v1/server/following'
	274
	275	it('Should fail with an invalid token', async function () {
eec63bbc C	276	await makeDeleteRequest({
	277	url: server.url,
	278	path: path + '/localhost:9002',
	279	token: 'fake_token',
	280	statusCodeExpected: 401
	281	})
0f91ae62 C	282	})
	283
	284	it('Should fail if the user is not an administrator', async function () {
eec63bbc C	285	await makeDeleteRequest({
	286	url: server.url,
	287	path: path + '/localhost:9002',
	288	token: userAccessToken,
	289	statusCodeExpected: 403
	290	})
	291	})
	292
	293	it('Should fail if we do not follow this server', async function () {
	294	await makeDeleteRequest({
	295	url: server.url,
	296	path: path + '/example.com',
	297	token: server.accessToken,
	298	statusCodeExpected: 404
	299	})
	300	})
9a27cdc2 C	301	})
	302	})
	303
7c3b7976 C	304	after(async function () {
7c3b7976 C	305	await cleanupTests([ server ])
9a27cdc2 C	306	})
9a27cdc2 C	307	})