[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / video-blacklist.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { expect } from 'chai'
import { HttpStatusCode } from '@shared/core-utils'
import {
  BlacklistCommand,
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination,
  cleanupTests,
  createUser,
  doubleFollow,
  flushAndRunMultipleServers,
  getVideo,
  getVideoWithToken,
  makePostBodyRequest,
  makePutBodyRequest,
  ServerInfo,
  setAccessTokensToServers,
  uploadVideo,
  userLogin,
  waitJobs
} from '@shared/extra-utils'
import { VideoBlacklistType, VideoDetails } from '@shared/models'

describe('Test video blacklist API validators', function () {
  let servers: ServerInfo[]
  let notBlacklistedVideoId: number
  let remoteVideoUUID: string
  let userAccessToken1 = ''
  let userAccessToken2 = ''
  let command: BlacklistCommand

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(120000)

    servers = await flushAndRunMultipleServers(2)

    await setAccessTokensToServers(servers)
    await doubleFollow(servers[0], servers[1])

    {
      const username = 'user1'
      const password = 'my super password'
      await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
      userAccessToken1 = await userLogin(servers[0], { username, password })
    }

    {
      const username = 'user2'
      const password = 'my super password'
      await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
      userAccessToken2 = await userLogin(servers[0], { username, password })
    }

    {
      const res = await uploadVideo(servers[0].url, userAccessToken1, {})
      servers[0].video = res.body.video
    }

    {
      const res = await uploadVideo(servers[0].url, servers[0].accessToken, {})
      notBlacklistedVideoId = res.body.video.uuid
    }

    {
      const res = await uploadVideo(servers[1].url, servers[1].accessToken, {})
      remoteVideoUUID = res.body.video.uuid
    }

    await waitJobs(servers)

    command = servers[0].blacklistCommand
  })

  describe('When adding a video in blacklist', function () {
    const basePath = '/api/v1/videos/'

    it('Should fail with nothing', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const wrongPath = '/api/v1/videos/blabla/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
    })

    it('Should fail with a non authenticated user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: userAccessToken2,
        fields,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an invalid reason', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = { reason: 'a'.repeat(305) }

      await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should fail to unfederate a remote video', async function () {
      const path = basePath + remoteVideoUUID + '/blacklist'
      const fields = { unfederate: true }

      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.CONFLICT_409
      })
    })

    it('Should succeed with the correct params', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = {}

      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When updating a video in blacklist', function () {
    const basePath = '/api/v1/videos/'

    it('Should fail with a wrong video', async function () {
      const wrongPath = '/api/v1/videos/blabla/blacklist'
      const fields = {}
      await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
    })

    it('Should fail with a video not blacklisted', async function () {
      const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
      const fields = {}
      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a non authenticated user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: userAccessToken2,
        fields,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an invalid reason', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = { reason: 'a'.repeat(305) }

      await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should succeed with the correct params', async function () {
      const path = basePath + servers[0].video.shortUUID + '/blacklist'
      const fields = { reason: 'hello' }

      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When getting blacklisted video', function () {

    it('Should fail with a non authenticated user', async function () {
      await getVideo(servers[0].url, servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
    })

    it('Should fail with another user', async function () {
      await getVideoWithToken(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
    })

    it('Should succeed with the owner authenticated user', async function () {
      const res = await getVideoWithToken(servers[0].url, userAccessToken1, servers[0].video.uuid, HttpStatusCode.OK_200)
      const video: VideoDetails = res.body

      expect(video.blacklisted).to.be.true
    })

    it('Should succeed with an admin', async function () {
      const video = servers[0].video

      for (const id of [ video.id, video.uuid, video.shortUUID ]) {
        const res = await getVideoWithToken(servers[0].url, servers[0].accessToken, id, HttpStatusCode.OK_200)
        const video: VideoDetails = res.body

        expect(video.blacklisted).to.be.true
      }
    })
  })

  describe('When removing a video in blacklist', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.remove({ token: 'fake token', videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.remove({ token: userAccessToken2, videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with an incorrect id', async function () {
      await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail with a not blacklisted video', async function () {
      // The video was not added to the blacklist so it should fail
      await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should succeed with the correct params', async function () {
      await command.remove({ videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
    })
  })

  describe('When listing videos in blacklist', function () {
    const basePath = '/api/v1/videos/blacklist/'

    it('Should fail with a non authenticated user', async function () {
      await servers[0].blacklistCommand.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await servers[0].blacklistCommand.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with an invalid type', async function () {
      await servers[0].blacklistCommand.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should succeed with the correct parameters', async function () {
      await servers[0].blacklistCommand.list({ type: VideoBlacklistType.MANUAL })
    })
  })

  after(async function () {
    await cleanupTests(servers)
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
792dbaf0 GS	2
792dbaf0 GS	3	import 'mocha'
e3d15a6a C	4	import { expect } from 'chai'
e3d15a6a C	5	import { HttpStatusCode } from '@shared/core-utils'
792dbaf0	6	import {
e3d15a6a C	7	BlacklistCommand,
	8	checkBadCountPagination,
	9	checkBadSortPagination,
	10	checkBadStartPagination,
7c3b7976	11	cleanupTests,
26b7305a	12	createUser,
5abb9fbb C	13	doubleFollow,
5abb9fbb C	14	flushAndRunMultipleServers,
5abb9fbb C	15	getVideo,
5abb9fbb C	16	getVideoWithToken,
26b7305a C	17	makePostBodyRequest,
26b7305a C	18	makePutBodyRequest,
26b7305a C	19	ServerInfo,
	20	setAccessTokensToServers,
	21	uploadVideo,
a1587156 C	22	userLogin,
a1587156 C	23	waitJobs
e3d15a6a C	24	} from '@shared/extra-utils'
e3d15a6a C	25	import { VideoBlacklistType, VideoDetails } from '@shared/models'
792dbaf0 GS	26
792dbaf0 GS	27	describe('Test video blacklist API validators', function () {
5abb9fbb	28	let servers: ServerInfo[]
26b7305a	29	let notBlacklistedVideoId: number
5abb9fbb	30	let remoteVideoUUID: string
e5e7f7fe C	31	let userAccessToken1 = ''
e5e7f7fe C	32	let userAccessToken2 = ''
e3d15a6a	33	let command: BlacklistCommand
792dbaf0 GS	34
	35	// ---------------------------------------------------------------
	36
	37	before(async function () {
	38	this.timeout(120000)
	39
5abb9fbb	40	servers = await flushAndRunMultipleServers(2)
792dbaf0	41
5abb9fbb C	42	await setAccessTokensToServers(servers)
5abb9fbb C	43	await doubleFollow(servers[0], servers[1])
792dbaf0	44
e5e7f7fe C	45	{
	46	const username = 'user1'
	47	const password = 'my super password'
a1587156	48	await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
5abb9fbb	49	userAccessToken1 = await userLogin(servers[0], { username, password })
e5e7f7fe	50	}
792dbaf0	51
26b7305a	52	{
e5e7f7fe C	53	const username = 'user2'
e5e7f7fe C	54	const password = 'my super password'
a1587156	55	await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
5abb9fbb	56	userAccessToken2 = await userLogin(servers[0], { username, password })
e5e7f7fe C	57	}
	58
	59	{
5abb9fbb C	60	const res = await uploadVideo(servers[0].url, userAccessToken1, {})
5abb9fbb C	61	servers[0].video = res.body.video
26b7305a C	62	}
	63
	64	{
5abb9fbb	65	const res = await uploadVideo(servers[0].url, servers[0].accessToken, {})
26b7305a C	66	notBlacklistedVideoId = res.body.video.uuid
26b7305a C	67	}
5abb9fbb C	68
	69	{
	70	const res = await uploadVideo(servers[1].url, servers[1].accessToken, {})
	71	remoteVideoUUID = res.body.video.uuid
	72	}
	73
	74	await waitJobs(servers)
e3d15a6a C	75
e3d15a6a C	76	command = servers[0].blacklistCommand
792dbaf0 GS	77	})
	78
	79	describe('When adding a video in blacklist', function () {
	80	const basePath = '/api/v1/videos/'
	81
	82	it('Should fail with nothing', async function () {
5abb9fbb	83	const path = basePath + servers[0].video + '/blacklist'
792dbaf0	84	const fields = {}
5abb9fbb	85	await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
792dbaf0 GS	86	})
	87
	88	it('Should fail with a wrong video', async function () {
	89	const wrongPath = '/api/v1/videos/blabla/blacklist'
	90	const fields = {}
5abb9fbb	91	await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
792dbaf0 GS	92	})
	93
	94	it('Should fail with a non authenticated user', async function () {
5abb9fbb	95	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	96	const fields = {}
2d53be02	97	await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	98	})
	99
	100	it('Should fail with a non admin user', async function () {
5abb9fbb	101	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	102	const fields = {}
2d53be02 RK	103	await makePostBodyRequest({
	104	url: servers[0].url,
	105	path,
	106	token: userAccessToken2,
	107	fields,
	108	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
	109	})
792dbaf0 GS	110	})
792dbaf0 GS	111
26b7305a	112	it('Should fail with an invalid reason', async function () {
5abb9fbb	113	const path = basePath + servers[0].video.uuid + '/blacklist'
26b7305a C	114	const fields = { reason: 'a'.repeat(305) }
26b7305a C	115
5abb9fbb C	116	await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
	117	})
	118
	119	it('Should fail to unfederate a remote video', async function () {
	120	const path = basePath + remoteVideoUUID + '/blacklist'
	121	const fields = { unfederate: true }
	122
2d53be02 RK	123	await makePostBodyRequest({
	124	url: servers[0].url,
	125	path,
	126	token: servers[0].accessToken,
	127	fields,
	128	statusCodeExpected: HttpStatusCode.CONFLICT_409
	129	})
26b7305a C	130	})
	131
	132	it('Should succeed with the correct params', async function () {
5abb9fbb	133	const path = basePath + servers[0].video.uuid + '/blacklist'
a1587156	134	const fields = {}
26b7305a	135
2d53be02 RK	136	await makePostBodyRequest({
	137	url: servers[0].url,
	138	path,
	139	token: servers[0].accessToken,
	140	fields,
	141	statusCodeExpected: HttpStatusCode.NO_CONTENT_204
	142	})
26b7305a C	143	})
	144	})
	145
	146	describe('When updating a video in blacklist', function () {
	147	const basePath = '/api/v1/videos/'
	148
	149	it('Should fail with a wrong video', async function () {
	150	const wrongPath = '/api/v1/videos/blabla/blacklist'
	151	const fields = {}
5abb9fbb	152	await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
26b7305a C	153	})
	154
	155	it('Should fail with a video not blacklisted', async function () {
	156	const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
	157	const fields = {}
2d53be02 RK	158	await makePutBodyRequest({
	159	url: servers[0].url,
	160	path,
	161	token: servers[0].accessToken,
	162	fields,
	163	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	164	})
26b7305a C	165	})
	166
	167	it('Should fail with a non authenticated user', async function () {
5abb9fbb	168	const path = basePath + servers[0].video + '/blacklist'
26b7305a	169	const fields = {}
2d53be02	170	await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
26b7305a C	171	})
	172
	173	it('Should fail with a non admin user', async function () {
5abb9fbb	174	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	175	const fields = {}
2d53be02 RK	176	await makePutBodyRequest({
	177	url: servers[0].url,
	178	path,
	179	token: userAccessToken2,
	180	fields,
	181	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
	182	})
26b7305a C	183	})
	184
	185	it('Should fail with an invalid reason', async function () {
5abb9fbb	186	const path = basePath + servers[0].video.uuid + '/blacklist'
26b7305a C	187	const fields = { reason: 'a'.repeat(305) }
26b7305a C	188
5abb9fbb	189	await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
26b7305a C	190	})
	191
	192	it('Should succeed with the correct params', async function () {
d4a8e7a6	193	const path = basePath + servers[0].video.shortUUID + '/blacklist'
26b7305a C	194	const fields = { reason: 'hello' }
26b7305a C	195
2d53be02 RK	196	await makePutBodyRequest({
	197	url: servers[0].url,
	198	path,
	199	token: servers[0].accessToken,
	200	fields,
	201	statusCodeExpected: HttpStatusCode.NO_CONTENT_204
	202	})
792dbaf0 GS	203	})
	204	})
	205
e5e7f7fe C	206	describe('When getting blacklisted video', function () {
	207
	208	it('Should fail with a non authenticated user', async function () {
2d53be02	209	await getVideo(servers[0].url, servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
e5e7f7fe C	210	})
	211
	212	it('Should fail with another user', async function () {
2d53be02	213	await getVideoWithToken(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
e5e7f7fe C	214	})
	215
	216	it('Should succeed with the owner authenticated user', async function () {
2d53be02	217	const res = await getVideoWithToken(servers[0].url, userAccessToken1, servers[0].video.uuid, HttpStatusCode.OK_200)
e5e7f7fe C	218	const video: VideoDetails = res.body
	219
	220	expect(video.blacklisted).to.be.true
	221	})
	222
	223	it('Should succeed with an admin', async function () {
d4a8e7a6	224	const video = servers[0].video
e5e7f7fe	225
d4a8e7a6 C	226	for (const id of [ video.id, video.uuid, video.shortUUID ]) {
	227	const res = await getVideoWithToken(servers[0].url, servers[0].accessToken, id, HttpStatusCode.OK_200)
	228	const video: VideoDetails = res.body
	229
	230	expect(video.blacklisted).to.be.true
	231	}
e5e7f7fe C	232	})
	233	})
	234
792dbaf0	235	describe('When removing a video in blacklist', function () {
e3d15a6a	236
792dbaf0	237	it('Should fail with a non authenticated user', async function () {
e3d15a6a	238	await command.remove({ token: 'fake token', videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	239	})
	240
	241	it('Should fail with a non admin user', async function () {
e3d15a6a	242	await command.remove({ token: userAccessToken2, videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
792dbaf0 GS	243	})
	244
	245	it('Should fail with an incorrect id', async function () {
e3d15a6a	246	await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
792dbaf0 GS	247	})
	248
	249	it('Should fail with a not blacklisted video', async function () {
	250	// The video was not added to the blacklist so it should fail
e3d15a6a	251	await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
26b7305a C	252	})
	253
	254	it('Should succeed with the correct params', async function () {
e3d15a6a	255	await command.remove({ videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
792dbaf0 GS	256	})
	257	})
	258
	259	describe('When listing videos in blacklist', function () {
35bf0c83	260	const basePath = '/api/v1/videos/blacklist/'
792dbaf0 GS	261
792dbaf0 GS	262	it('Should fail with a non authenticated user', async function () {
e3d15a6a	263	await servers[0].blacklistCommand.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	264	})
	265
	266	it('Should fail with a non admin user', async function () {
e3d15a6a	267	await servers[0].blacklistCommand.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
792dbaf0 GS	268	})
	269
	270	it('Should fail with a bad start pagination', async function () {
5abb9fbb	271	await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0 GS	272	})
	273
	274	it('Should fail with a bad count pagination', async function () {
5abb9fbb	275	await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0 GS	276	})
	277
	278	it('Should fail with an incorrect sort', async function () {
5abb9fbb	279	await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0	280	})
7ccddd7b JM	281
7ccddd7b JM	282	it('Should fail with an invalid type', async function () {
e3d15a6a	283	await servers[0].blacklistCommand.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
7ccddd7b JM	284	})
	285
	286	it('Should succeed with the correct parameters', async function () {
e3d15a6a	287	await servers[0].blacklistCommand.list({ type: VideoBlacklistType.MANUAL })
7ccddd7b	288	})
792dbaf0 GS	289	})
792dbaf0 GS	290
7c3b7976 C	291	after(async function () {
7c3b7976 C	292	await cleanupTests(servers)
792dbaf0 GS	293	})
792dbaf0 GS	294	})