[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / video-blacklist.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'

import {
  cleanupTests,
  createUser,
  doubleFollow,
  flushAndRunMultipleServers,
  getBlacklistedVideosList,
  getVideo,
  getVideoWithToken,
  makePostBodyRequest,
  makePutBodyRequest,
  removeVideoFromBlacklist,
  ServerInfo,
  setAccessTokensToServers,
  uploadVideo,
  userLogin,
  waitJobs
} from '../../../../shared/extra-utils'
import {
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination
} from '../../../../shared/extra-utils/requests/check-api-params'
import { VideoBlacklistType, VideoDetails } from '../../../../shared/models/videos'
import { expect } from 'chai'
import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'

describe('Test video blacklist API validators', function () {
  let servers: ServerInfo[]
  let notBlacklistedVideoId: number
  let remoteVideoUUID: string
  let userAccessToken1 = ''
  let userAccessToken2 = ''

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(120000)

    servers = await flushAndRunMultipleServers(2)

    await setAccessTokensToServers(servers)
    await doubleFollow(servers[0], servers[1])

    {
      const username = 'user1'
      const password = 'my super password'
      await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
      userAccessToken1 = await userLogin(servers[0], { username, password })
    }

    {
      const username = 'user2'
      const password = 'my super password'
      await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
      userAccessToken2 = await userLogin(servers[0], { username, password })
    }

    {
      const res = await uploadVideo(servers[0].url, userAccessToken1, {})
      servers[0].video = res.body.video
    }

    {
      const res = await uploadVideo(servers[0].url, servers[0].accessToken, {})
      notBlacklistedVideoId = res.body.video.uuid
    }

    {
      const res = await uploadVideo(servers[1].url, servers[1].accessToken, {})
      remoteVideoUUID = res.body.video.uuid
    }

    await waitJobs(servers)
  })

  describe('When adding a video in blacklist', function () {
    const basePath = '/api/v1/videos/'

    it('Should fail with nothing', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const wrongPath = '/api/v1/videos/blabla/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
    })

    it('Should fail with a non authenticated user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: userAccessToken2,
        fields,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an invalid reason', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = { reason: 'a'.repeat(305) }

      await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should fail to unfederate a remote video', async function () {
      const path = basePath + remoteVideoUUID + '/blacklist'
      const fields = { unfederate: true }

      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.CONFLICT_409
      })
    })

    it('Should succeed with the correct params', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = {}

      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When updating a video in blacklist', function () {
    const basePath = '/api/v1/videos/'

    it('Should fail with a wrong video', async function () {
      const wrongPath = '/api/v1/videos/blabla/blacklist'
      const fields = {}
      await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
    })

    it('Should fail with a video not blacklisted', async function () {
      const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
      const fields = {}
      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a non authenticated user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: userAccessToken2,
        fields,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an invalid reason', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = { reason: 'a'.repeat(305) }

      await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should succeed with the correct params', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = { reason: 'hello' }

      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When getting blacklisted video', function () {

    it('Should fail with a non authenticated user', async function () {
      await getVideo(servers[0].url, servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
    })

    it('Should fail with another user', async function () {
      await getVideoWithToken(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
    })

    it('Should succeed with the owner authenticated user', async function () {
      const res = await getVideoWithToken(servers[0].url, userAccessToken1, servers[0].video.uuid, HttpStatusCode.OK_200)
      const video: VideoDetails = res.body

      expect(video.blacklisted).to.be.true
    })

    it('Should succeed with an admin', async function () {
      const res = await getVideoWithToken(servers[0].url, servers[0].accessToken, servers[0].video.uuid, HttpStatusCode.OK_200)
      const video: VideoDetails = res.body

      expect(video.blacklisted).to.be.true
    })
  })

  describe('When removing a video in blacklist', function () {
    it('Should fail with a non authenticated user', async function () {
      await removeVideoFromBlacklist(servers[0].url, 'fake token', servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
    })

    it('Should fail with a non admin user', async function () {
      await removeVideoFromBlacklist(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
    })

    it('Should fail with an incorrect id', async function () {
      await removeVideoFromBlacklist(servers[0].url, servers[0].accessToken, 'hello', HttpStatusCode.BAD_REQUEST_400)
    })

    it('Should fail with a not blacklisted video', async function () {
      // The video was not added to the blacklist so it should fail
      await removeVideoFromBlacklist(servers[0].url, servers[0].accessToken, notBlacklistedVideoId, HttpStatusCode.NOT_FOUND_404)
    })

    it('Should succeed with the correct params', async function () {
      await removeVideoFromBlacklist(servers[0].url, servers[0].accessToken, servers[0].video.uuid, HttpStatusCode.NO_CONTENT_204)
    })
  })

  describe('When listing videos in blacklist', function () {
    const basePath = '/api/v1/videos/blacklist/'

    it('Should fail with a non authenticated user', async function () {
      await getBlacklistedVideosList({ url: servers[0].url, token: 'fake token', specialStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await getBlacklistedVideosList({ url: servers[0].url, token: userAccessToken2, specialStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with an invalid type', async function () {
      await getBlacklistedVideosList({
        url: servers[0].url,
        token: servers[0].accessToken,
        type: 0,
        specialStatus: HttpStatusCode.BAD_REQUEST_400
      })
    })

    it('Should succeed with the correct parameters', async function () {
      await getBlacklistedVideosList({ url: servers[0].url, token: servers[0].accessToken, type: VideoBlacklistType.MANUAL })
    })
  })

  after(async function () {
    await cleanupTests(servers)
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
792dbaf0 GS	2
792dbaf0 GS	3	import 'mocha'
792dbaf0 GS	4
792dbaf0 GS	5	import {
7c3b7976	6	cleanupTests,
26b7305a	7	createUser,
5abb9fbb C	8	doubleFollow,
5abb9fbb C	9	flushAndRunMultipleServers,
5abb9fbb C	10	getBlacklistedVideosList,
	11	getVideo,
	12	getVideoWithToken,
26b7305a C	13	makePostBodyRequest,
	14	makePutBodyRequest,
	15	removeVideoFromBlacklist,
26b7305a C	16	ServerInfo,
	17	setAccessTokensToServers,
	18	uploadVideo,
a1587156 C	19	userLogin,
a1587156 C	20	waitJobs
94565d52	21	} from '../../../../shared/extra-utils'
9639bd17	22	import {
	23	checkBadCountPagination,
	24	checkBadSortPagination,
	25	checkBadStartPagination
94565d52	26	} from '../../../../shared/extra-utils/requests/check-api-params'
a1587156	27	import { VideoBlacklistType, VideoDetails } from '../../../../shared/models/videos'
e5e7f7fe	28	import { expect } from 'chai'
2d53be02	29	import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
792dbaf0 GS	30
792dbaf0 GS	31	describe('Test video blacklist API validators', function () {
5abb9fbb	32	let servers: ServerInfo[]
26b7305a	33	let notBlacklistedVideoId: number
5abb9fbb	34	let remoteVideoUUID: string
e5e7f7fe C	35	let userAccessToken1 = ''
e5e7f7fe C	36	let userAccessToken2 = ''
792dbaf0 GS	37
	38	// ---------------------------------------------------------------
	39
	40	before(async function () {
	41	this.timeout(120000)
	42
5abb9fbb	43	servers = await flushAndRunMultipleServers(2)
792dbaf0	44
5abb9fbb C	45	await setAccessTokensToServers(servers)
5abb9fbb C	46	await doubleFollow(servers[0], servers[1])
792dbaf0	47
e5e7f7fe C	48	{
	49	const username = 'user1'
	50	const password = 'my super password'
a1587156	51	await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
5abb9fbb	52	userAccessToken1 = await userLogin(servers[0], { username, password })
e5e7f7fe	53	}
792dbaf0	54
26b7305a	55	{
e5e7f7fe C	56	const username = 'user2'
e5e7f7fe C	57	const password = 'my super password'
a1587156	58	await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
5abb9fbb	59	userAccessToken2 = await userLogin(servers[0], { username, password })
e5e7f7fe C	60	}
	61
	62	{
5abb9fbb C	63	const res = await uploadVideo(servers[0].url, userAccessToken1, {})
5abb9fbb C	64	servers[0].video = res.body.video
26b7305a C	65	}
	66
	67	{
5abb9fbb	68	const res = await uploadVideo(servers[0].url, servers[0].accessToken, {})
26b7305a C	69	notBlacklistedVideoId = res.body.video.uuid
26b7305a C	70	}
5abb9fbb C	71
	72	{
	73	const res = await uploadVideo(servers[1].url, servers[1].accessToken, {})
	74	remoteVideoUUID = res.body.video.uuid
	75	}
	76
	77	await waitJobs(servers)
792dbaf0 GS	78	})
	79
	80	describe('When adding a video in blacklist', function () {
	81	const basePath = '/api/v1/videos/'
	82
	83	it('Should fail with nothing', async function () {
5abb9fbb	84	const path = basePath + servers[0].video + '/blacklist'
792dbaf0	85	const fields = {}
5abb9fbb	86	await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
792dbaf0 GS	87	})
	88
	89	it('Should fail with a wrong video', async function () {
	90	const wrongPath = '/api/v1/videos/blabla/blacklist'
	91	const fields = {}
5abb9fbb	92	await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
792dbaf0 GS	93	})
	94
	95	it('Should fail with a non authenticated user', async function () {
5abb9fbb	96	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	97	const fields = {}
2d53be02	98	await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	99	})
	100
	101	it('Should fail with a non admin user', async function () {
5abb9fbb	102	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	103	const fields = {}
2d53be02 RK	104	await makePostBodyRequest({
	105	url: servers[0].url,
	106	path,
	107	token: userAccessToken2,
	108	fields,
	109	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
	110	})
792dbaf0 GS	111	})
792dbaf0 GS	112
26b7305a	113	it('Should fail with an invalid reason', async function () {
5abb9fbb	114	const path = basePath + servers[0].video.uuid + '/blacklist'
26b7305a C	115	const fields = { reason: 'a'.repeat(305) }
26b7305a C	116
5abb9fbb C	117	await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
	118	})
	119
	120	it('Should fail to unfederate a remote video', async function () {
	121	const path = basePath + remoteVideoUUID + '/blacklist'
	122	const fields = { unfederate: true }
	123
2d53be02 RK	124	await makePostBodyRequest({
	125	url: servers[0].url,
	126	path,
	127	token: servers[0].accessToken,
	128	fields,
	129	statusCodeExpected: HttpStatusCode.CONFLICT_409
	130	})
26b7305a C	131	})
	132
	133	it('Should succeed with the correct params', async function () {
5abb9fbb	134	const path = basePath + servers[0].video.uuid + '/blacklist'
a1587156	135	const fields = {}
26b7305a	136
2d53be02 RK	137	await makePostBodyRequest({
	138	url: servers[0].url,
	139	path,
	140	token: servers[0].accessToken,
	141	fields,
	142	statusCodeExpected: HttpStatusCode.NO_CONTENT_204
	143	})
26b7305a C	144	})
	145	})
	146
	147	describe('When updating a video in blacklist', function () {
	148	const basePath = '/api/v1/videos/'
	149
	150	it('Should fail with a wrong video', async function () {
	151	const wrongPath = '/api/v1/videos/blabla/blacklist'
	152	const fields = {}
5abb9fbb	153	await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
26b7305a C	154	})
	155
	156	it('Should fail with a video not blacklisted', async function () {
	157	const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
	158	const fields = {}
2d53be02 RK	159	await makePutBodyRequest({
	160	url: servers[0].url,
	161	path,
	162	token: servers[0].accessToken,
	163	fields,
	164	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	165	})
26b7305a C	166	})
	167
	168	it('Should fail with a non authenticated user', async function () {
5abb9fbb	169	const path = basePath + servers[0].video + '/blacklist'
26b7305a	170	const fields = {}
2d53be02	171	await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
26b7305a C	172	})
	173
	174	it('Should fail with a non admin user', async function () {
5abb9fbb	175	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	176	const fields = {}
2d53be02 RK	177	await makePutBodyRequest({
	178	url: servers[0].url,
	179	path,
	180	token: userAccessToken2,
	181	fields,
	182	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
	183	})
26b7305a C	184	})
	185
	186	it('Should fail with an invalid reason', async function () {
5abb9fbb	187	const path = basePath + servers[0].video.uuid + '/blacklist'
26b7305a C	188	const fields = { reason: 'a'.repeat(305) }
26b7305a C	189
5abb9fbb	190	await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
26b7305a C	191	})
	192
	193	it('Should succeed with the correct params', async function () {
5abb9fbb	194	const path = basePath + servers[0].video.uuid + '/blacklist'
26b7305a C	195	const fields = { reason: 'hello' }
26b7305a C	196
2d53be02 RK	197	await makePutBodyRequest({
	198	url: servers[0].url,
	199	path,
	200	token: servers[0].accessToken,
	201	fields,
	202	statusCodeExpected: HttpStatusCode.NO_CONTENT_204
	203	})
792dbaf0 GS	204	})
	205	})
	206
e5e7f7fe C	207	describe('When getting blacklisted video', function () {
	208
	209	it('Should fail with a non authenticated user', async function () {
2d53be02	210	await getVideo(servers[0].url, servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
e5e7f7fe C	211	})
	212
	213	it('Should fail with another user', async function () {
2d53be02	214	await getVideoWithToken(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
e5e7f7fe C	215	})
	216
	217	it('Should succeed with the owner authenticated user', async function () {
2d53be02	218	const res = await getVideoWithToken(servers[0].url, userAccessToken1, servers[0].video.uuid, HttpStatusCode.OK_200)
e5e7f7fe C	219	const video: VideoDetails = res.body
	220
	221	expect(video.blacklisted).to.be.true
	222	})
	223
	224	it('Should succeed with an admin', async function () {
2d53be02	225	const res = await getVideoWithToken(servers[0].url, servers[0].accessToken, servers[0].video.uuid, HttpStatusCode.OK_200)
e5e7f7fe C	226	const video: VideoDetails = res.body
	227
	228	expect(video.blacklisted).to.be.true
	229	})
	230	})
	231
792dbaf0	232	describe('When removing a video in blacklist', function () {
792dbaf0	233	it('Should fail with a non authenticated user', async function () {
2d53be02	234	await removeVideoFromBlacklist(servers[0].url, 'fake token', servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
792dbaf0 GS	235	})
	236
	237	it('Should fail with a non admin user', async function () {
2d53be02	238	await removeVideoFromBlacklist(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
792dbaf0 GS	239	})
	240
	241	it('Should fail with an incorrect id', async function () {
2d53be02	242	await removeVideoFromBlacklist(servers[0].url, servers[0].accessToken, 'hello', HttpStatusCode.BAD_REQUEST_400)
792dbaf0 GS	243	})
	244
	245	it('Should fail with a not blacklisted video', async function () {
	246	// The video was not added to the blacklist so it should fail
2d53be02	247	await removeVideoFromBlacklist(servers[0].url, servers[0].accessToken, notBlacklistedVideoId, HttpStatusCode.NOT_FOUND_404)
26b7305a C	248	})
	249
	250	it('Should succeed with the correct params', async function () {
2d53be02	251	await removeVideoFromBlacklist(servers[0].url, servers[0].accessToken, servers[0].video.uuid, HttpStatusCode.NO_CONTENT_204)
792dbaf0 GS	252	})
	253	})
	254
	255	describe('When listing videos in blacklist', function () {
35bf0c83	256	const basePath = '/api/v1/videos/blacklist/'
792dbaf0 GS	257
792dbaf0 GS	258	it('Should fail with a non authenticated user', async function () {
2d53be02	259	await getBlacklistedVideosList({ url: servers[0].url, token: 'fake token', specialStatus: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	260	})
	261
	262	it('Should fail with a non admin user', async function () {
2d53be02	263	await getBlacklistedVideosList({ url: servers[0].url, token: userAccessToken2, specialStatus: HttpStatusCode.FORBIDDEN_403 })
792dbaf0 GS	264	})
	265
	266	it('Should fail with a bad start pagination', async function () {
5abb9fbb	267	await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0 GS	268	})
	269
	270	it('Should fail with a bad count pagination', async function () {
5abb9fbb	271	await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0 GS	272	})
	273
	274	it('Should fail with an incorrect sort', async function () {
5abb9fbb	275	await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0	276	})
7ccddd7b JM	277
7ccddd7b JM	278	it('Should fail with an invalid type', async function () {
2d53be02 RK	279	await getBlacklistedVideosList({
	280	url: servers[0].url,
	281	token: servers[0].accessToken,
	282	type: 0,
	283	specialStatus: HttpStatusCode.BAD_REQUEST_400
	284	})
7ccddd7b JM	285	})
	286
	287	it('Should succeed with the correct parameters', async function () {
1eddc9a7	288	await getBlacklistedVideosList({ url: servers[0].url, token: servers[0].accessToken, type: VideoBlacklistType.MANUAL })
7ccddd7b	289	})
792dbaf0 GS	290	})
792dbaf0 GS	291
7c3b7976 C	292	after(async function () {
7c3b7976 C	293	await cleanupTests(servers)
792dbaf0 GS	294	})
792dbaf0 GS	295	})