[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / video-blacklist.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { expect } from 'chai'
import { HttpStatusCode } from '@shared/core-utils'
import {
  BlacklistCommand,
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination,
  cleanupTests,
  doubleFollow,
  createMultipleServers,
  makePostBodyRequest,
  makePutBodyRequest,
  PeerTubeServer,
  setAccessTokensToServers,
  waitJobs
} from '@shared/extra-utils'
import { VideoBlacklistType } from '@shared/models'

describe('Test video blacklist API validators', function () {
  let servers: PeerTubeServer[]
  let notBlacklistedVideoId: string
  let remoteVideoUUID: string
  let userAccessToken1 = ''
  let userAccessToken2 = ''
  let command: BlacklistCommand

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(120000)

    servers = await createMultipleServers(2)

    await setAccessTokensToServers(servers)
    await doubleFollow(servers[0], servers[1])

    {
      const username = 'user1'
      const password = 'my super password'
      await servers[0].users.create({ username: username, password: password })
      userAccessToken1 = await servers[0].login.getAccessToken({ username, password })
    }

    {
      const username = 'user2'
      const password = 'my super password'
      await servers[0].users.create({ username: username, password: password })
      userAccessToken2 = await servers[0].login.getAccessToken({ username, password })
    }

    {
      servers[0].store.video = await servers[0].videos.upload({ token: userAccessToken1 })
    }

    {
      const { uuid } = await servers[0].videos.upload()
      notBlacklistedVideoId = uuid
    }

    {
      const { uuid } = await servers[1].videos.upload()
      remoteVideoUUID = uuid
    }

    await waitJobs(servers)

    command = servers[0].blacklist
  })

  describe('When adding a video in blacklist', function () {
    const basePath = '/api/v1/videos/'

    it('Should fail with nothing', async function () {
      const path = basePath + servers[0].store.video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const wrongPath = '/api/v1/videos/blabla/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
    })

    it('Should fail with a non authenticated user', async function () {
      const path = basePath + servers[0].store.video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      const path = basePath + servers[0].store.video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: userAccessToken2,
        fields,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an invalid reason', async function () {
      const path = basePath + servers[0].store.video.uuid + '/blacklist'
      const fields = { reason: 'a'.repeat(305) }

      await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should fail to unfederate a remote video', async function () {
      const path = basePath + remoteVideoUUID + '/blacklist'
      const fields = { unfederate: true }

      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.CONFLICT_409
      })
    })

    it('Should succeed with the correct params', async function () {
      const path = basePath + servers[0].store.video.uuid + '/blacklist'
      const fields = {}

      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When updating a video in blacklist', function () {
    const basePath = '/api/v1/videos/'

    it('Should fail with a wrong video', async function () {
      const wrongPath = '/api/v1/videos/blabla/blacklist'
      const fields = {}
      await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
    })

    it('Should fail with a video not blacklisted', async function () {
      const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
      const fields = {}
      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a non authenticated user', async function () {
      const path = basePath + servers[0].store.video + '/blacklist'
      const fields = {}
      await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      const path = basePath + servers[0].store.video + '/blacklist'
      const fields = {}
      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: userAccessToken2,
        fields,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an invalid reason', async function () {
      const path = basePath + servers[0].store.video.uuid + '/blacklist'
      const fields = { reason: 'a'.repeat(305) }

      await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should succeed with the correct params', async function () {
      const path = basePath + servers[0].store.video.shortUUID + '/blacklist'
      const fields = { reason: 'hello' }

      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When getting blacklisted video', function () {

    it('Should fail with a non authenticated user', async function () {
      await servers[0].videos.get({ id: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with another user', async function () {
      await servers[0].videos.getWithToken({
        token: userAccessToken2,
        id: servers[0].store.video.uuid,
        expectedStatus: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should succeed with the owner authenticated user', async function () {
      const video = await servers[0].videos.getWithToken({ token: userAccessToken1, id: servers[0].store.video.uuid })
      expect(video.blacklisted).to.be.true
    })

    it('Should succeed with an admin', async function () {
      const video = servers[0].store.video

      for (const id of [ video.id, video.uuid, video.shortUUID ]) {
        const video = await servers[0].videos.getWithToken({ id, expectedStatus: HttpStatusCode.OK_200 })
        expect(video.blacklisted).to.be.true
      }
    })
  })

  describe('When removing a video in blacklist', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.remove({ token: 'fake token', videoId: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.remove({ token: userAccessToken2, videoId: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with an incorrect id', async function () {
      await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail with a not blacklisted video', async function () {
      // The video was not added to the blacklist so it should fail
      await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should succeed with the correct params', async function () {
      await command.remove({ videoId: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
    })
  })

  describe('When listing videos in blacklist', function () {
    const basePath = '/api/v1/videos/blacklist/'

    it('Should fail with a non authenticated user', async function () {
      await servers[0].blacklist.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await servers[0].blacklist.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with an invalid type', async function () {
      await servers[0].blacklist.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should succeed with the correct parameters', async function () {
      await servers[0].blacklist.list({ type: VideoBlacklistType.MANUAL })
    })
  })

  after(async function () {
    await cleanupTests(servers)
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
792dbaf0 GS	2
792dbaf0 GS	3	import 'mocha'
e3d15a6a C	4	import { expect } from 'chai'
e3d15a6a C	5	import { HttpStatusCode } from '@shared/core-utils'
792dbaf0	6	import {
e3d15a6a C	7	BlacklistCommand,
	8	checkBadCountPagination,
	9	checkBadSortPagination,
	10	checkBadStartPagination,
7c3b7976	11	cleanupTests,
5abb9fbb	12	doubleFollow,
254d3579	13	createMultipleServers,
26b7305a C	14	makePostBodyRequest,
26b7305a C	15	makePutBodyRequest,
254d3579	16	PeerTubeServer,
26b7305a	17	setAccessTokensToServers,
a1587156	18	waitJobs
e3d15a6a	19	} from '@shared/extra-utils'
d23dd9fb	20	import { VideoBlacklistType } from '@shared/models'
792dbaf0 GS	21
792dbaf0 GS	22	describe('Test video blacklist API validators', function () {
254d3579	23	let servers: PeerTubeServer[]
d23dd9fb	24	let notBlacklistedVideoId: string
5abb9fbb	25	let remoteVideoUUID: string
e5e7f7fe C	26	let userAccessToken1 = ''
e5e7f7fe C	27	let userAccessToken2 = ''
e3d15a6a	28	let command: BlacklistCommand
792dbaf0 GS	29
	30	// ---------------------------------------------------------------
	31
	32	before(async function () {
	33	this.timeout(120000)
	34
254d3579	35	servers = await createMultipleServers(2)
792dbaf0	36
5abb9fbb C	37	await setAccessTokensToServers(servers)
5abb9fbb C	38	await doubleFollow(servers[0], servers[1])
792dbaf0	39
e5e7f7fe C	40	{
	41	const username = 'user1'
	42	const password = 'my super password'
89d241a7 C	43	await servers[0].users.create({ username: username, password: password })
89d241a7 C	44	userAccessToken1 = await servers[0].login.getAccessToken({ username, password })
e5e7f7fe	45	}
792dbaf0	46
26b7305a	47	{
e5e7f7fe C	48	const username = 'user2'
e5e7f7fe C	49	const password = 'my super password'
89d241a7 C	50	await servers[0].users.create({ username: username, password: password })
89d241a7 C	51	userAccessToken2 = await servers[0].login.getAccessToken({ username, password })
e5e7f7fe C	52	}
	53
	54	{
89d241a7	55	servers[0].store.video = await servers[0].videos.upload({ token: userAccessToken1 })
26b7305a C	56	}
	57
	58	{
89d241a7	59	const { uuid } = await servers[0].videos.upload()
d23dd9fb	60	notBlacklistedVideoId = uuid
26b7305a	61	}
5abb9fbb C	62
5abb9fbb C	63	{
89d241a7	64	const { uuid } = await servers[1].videos.upload()
d23dd9fb	65	remoteVideoUUID = uuid
5abb9fbb C	66	}
	67
	68	await waitJobs(servers)
e3d15a6a	69
89d241a7	70	command = servers[0].blacklist
792dbaf0 GS	71	})
	72
	73	describe('When adding a video in blacklist', function () {
	74	const basePath = '/api/v1/videos/'
	75
	76	it('Should fail with nothing', async function () {
89d241a7	77	const path = basePath + servers[0].store.video + '/blacklist'
792dbaf0	78	const fields = {}
5abb9fbb	79	await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
792dbaf0 GS	80	})
	81
	82	it('Should fail with a wrong video', async function () {
	83	const wrongPath = '/api/v1/videos/blabla/blacklist'
	84	const fields = {}
5abb9fbb	85	await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
792dbaf0 GS	86	})
	87
	88	it('Should fail with a non authenticated user', async function () {
89d241a7	89	const path = basePath + servers[0].store.video + '/blacklist'
11ba2ab3	90	const fields = {}
2d53be02	91	await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	92	})
	93
	94	it('Should fail with a non admin user', async function () {
89d241a7	95	const path = basePath + servers[0].store.video + '/blacklist'
11ba2ab3	96	const fields = {}
2d53be02 RK	97	await makePostBodyRequest({
	98	url: servers[0].url,
	99	path,
	100	token: userAccessToken2,
	101	fields,
	102	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
	103	})
792dbaf0 GS	104	})
792dbaf0 GS	105
26b7305a	106	it('Should fail with an invalid reason', async function () {
89d241a7	107	const path = basePath + servers[0].store.video.uuid + '/blacklist'
26b7305a C	108	const fields = { reason: 'a'.repeat(305) }
26b7305a C	109
5abb9fbb C	110	await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
	111	})
	112
	113	it('Should fail to unfederate a remote video', async function () {
	114	const path = basePath + remoteVideoUUID + '/blacklist'
	115	const fields = { unfederate: true }
	116
2d53be02 RK	117	await makePostBodyRequest({
	118	url: servers[0].url,
	119	path,
	120	token: servers[0].accessToken,
	121	fields,
	122	statusCodeExpected: HttpStatusCode.CONFLICT_409
	123	})
26b7305a C	124	})
	125
	126	it('Should succeed with the correct params', async function () {
89d241a7	127	const path = basePath + servers[0].store.video.uuid + '/blacklist'
a1587156	128	const fields = {}
26b7305a	129
2d53be02 RK	130	await makePostBodyRequest({
	131	url: servers[0].url,
	132	path,
	133	token: servers[0].accessToken,
	134	fields,
	135	statusCodeExpected: HttpStatusCode.NO_CONTENT_204
	136	})
26b7305a C	137	})
	138	})
	139
	140	describe('When updating a video in blacklist', function () {
	141	const basePath = '/api/v1/videos/'
	142
	143	it('Should fail with a wrong video', async function () {
	144	const wrongPath = '/api/v1/videos/blabla/blacklist'
	145	const fields = {}
5abb9fbb	146	await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
26b7305a C	147	})
	148
	149	it('Should fail with a video not blacklisted', async function () {
	150	const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
	151	const fields = {}
2d53be02 RK	152	await makePutBodyRequest({
	153	url: servers[0].url,
	154	path,
	155	token: servers[0].accessToken,
	156	fields,
	157	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	158	})
26b7305a C	159	})
	160
	161	it('Should fail with a non authenticated user', async function () {
89d241a7	162	const path = basePath + servers[0].store.video + '/blacklist'
26b7305a	163	const fields = {}
2d53be02	164	await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
26b7305a C	165	})
	166
	167	it('Should fail with a non admin user', async function () {
89d241a7	168	const path = basePath + servers[0].store.video + '/blacklist'
11ba2ab3	169	const fields = {}
2d53be02 RK	170	await makePutBodyRequest({
	171	url: servers[0].url,
	172	path,
	173	token: userAccessToken2,
	174	fields,
	175	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
	176	})
26b7305a C	177	})
	178
	179	it('Should fail with an invalid reason', async function () {
89d241a7	180	const path = basePath + servers[0].store.video.uuid + '/blacklist'
26b7305a C	181	const fields = { reason: 'a'.repeat(305) }
26b7305a C	182
5abb9fbb	183	await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
26b7305a C	184	})
	185
	186	it('Should succeed with the correct params', async function () {
89d241a7	187	const path = basePath + servers[0].store.video.shortUUID + '/blacklist'
26b7305a C	188	const fields = { reason: 'hello' }
26b7305a C	189
2d53be02 RK	190	await makePutBodyRequest({
	191	url: servers[0].url,
	192	path,
	193	token: servers[0].accessToken,
	194	fields,
	195	statusCodeExpected: HttpStatusCode.NO_CONTENT_204
	196	})
792dbaf0 GS	197	})
	198	})
	199
e5e7f7fe C	200	describe('When getting blacklisted video', function () {
	201
	202	it('Should fail with a non authenticated user', async function () {
89d241a7	203	await servers[0].videos.get({ id: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
e5e7f7fe C	204	})
	205
	206	it('Should fail with another user', async function () {
89d241a7	207	await servers[0].videos.getWithToken({
d23dd9fb	208	token: userAccessToken2,
89d241a7	209	id: servers[0].store.video.uuid,
d23dd9fb C	210	expectedStatus: HttpStatusCode.FORBIDDEN_403
d23dd9fb C	211	})
e5e7f7fe C	212	})
	213
	214	it('Should succeed with the owner authenticated user', async function () {
89d241a7	215	const video = await servers[0].videos.getWithToken({ token: userAccessToken1, id: servers[0].store.video.uuid })
e5e7f7fe C	216	expect(video.blacklisted).to.be.true
	217	})
	218
	219	it('Should succeed with an admin', async function () {
89d241a7	220	const video = servers[0].store.video
e5e7f7fe	221
d4a8e7a6	222	for (const id of [ video.id, video.uuid, video.shortUUID ]) {
89d241a7	223	const video = await servers[0].videos.getWithToken({ id, expectedStatus: HttpStatusCode.OK_200 })
d4a8e7a6 C	224	expect(video.blacklisted).to.be.true
d4a8e7a6 C	225	}
e5e7f7fe C	226	})
	227	})
	228
792dbaf0	229	describe('When removing a video in blacklist', function () {
e3d15a6a	230
792dbaf0	231	it('Should fail with a non authenticated user', async function () {
89d241a7	232	await command.remove({ token: 'fake token', videoId: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	233	})
	234
	235	it('Should fail with a non admin user', async function () {
89d241a7	236	await command.remove({ token: userAccessToken2, videoId: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
792dbaf0 GS	237	})
	238
	239	it('Should fail with an incorrect id', async function () {
e3d15a6a	240	await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
792dbaf0 GS	241	})
	242
	243	it('Should fail with a not blacklisted video', async function () {
	244	// The video was not added to the blacklist so it should fail
e3d15a6a	245	await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
26b7305a C	246	})
	247
	248	it('Should succeed with the correct params', async function () {
89d241a7	249	await command.remove({ videoId: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
792dbaf0 GS	250	})
	251	})
	252
	253	describe('When listing videos in blacklist', function () {
35bf0c83	254	const basePath = '/api/v1/videos/blacklist/'
792dbaf0 GS	255
792dbaf0 GS	256	it('Should fail with a non authenticated user', async function () {
89d241a7	257	await servers[0].blacklist.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	258	})
	259
	260	it('Should fail with a non admin user', async function () {
89d241a7	261	await servers[0].blacklist.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
792dbaf0 GS	262	})
	263
	264	it('Should fail with a bad start pagination', async function () {
5abb9fbb	265	await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0 GS	266	})
	267
	268	it('Should fail with a bad count pagination', async function () {
5abb9fbb	269	await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0 GS	270	})
	271
	272	it('Should fail with an incorrect sort', async function () {
5abb9fbb	273	await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0	274	})
7ccddd7b JM	275
7ccddd7b JM	276	it('Should fail with an invalid type', async function () {
89d241a7	277	await servers[0].blacklist.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
7ccddd7b JM	278	})
	279
	280	it('Should succeed with the correct parameters', async function () {
89d241a7	281	await servers[0].blacklist.list({ type: VideoBlacklistType.MANUAL })
7ccddd7b	282	})
792dbaf0 GS	283	})
792dbaf0 GS	284
7c3b7976 C	285	after(async function () {
7c3b7976 C	286	await cleanupTests(servers)
792dbaf0 GS	287	})
792dbaf0 GS	288	})