[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / video-blacklist.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { expect } from 'chai'
import { HttpStatusCode } from '@shared/core-utils'
import {
  BlacklistCommand,
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination,
  cleanupTests,
  doubleFollow,
  flushAndRunMultipleServers,
  getVideo,
  getVideoWithToken,
  makePostBodyRequest,
  makePutBodyRequest,
  ServerInfo,
  setAccessTokensToServers,
  uploadVideo,
  waitJobs
} from '@shared/extra-utils'
import { VideoBlacklistType, VideoDetails } from '@shared/models'

describe('Test video blacklist API validators', function () {
  let servers: ServerInfo[]
  let notBlacklistedVideoId: number
  let remoteVideoUUID: string
  let userAccessToken1 = ''
  let userAccessToken2 = ''
  let command: BlacklistCommand

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(120000)

    servers = await flushAndRunMultipleServers(2)

    await setAccessTokensToServers(servers)
    await doubleFollow(servers[0], servers[1])

    {
      const username = 'user1'
      const password = 'my super password'
      await servers[0].usersCommand.create({ username: username, password: password })
      userAccessToken1 = await servers[0].loginCommand.getAccessToken({ username, password })
    }

    {
      const username = 'user2'
      const password = 'my super password'
      await servers[0].usersCommand.create({ username: username, password: password })
      userAccessToken2 = await servers[0].loginCommand.getAccessToken({ username, password })
    }

    {
      const res = await uploadVideo(servers[0].url, userAccessToken1, {})
      servers[0].video = res.body.video
    }

    {
      const res = await uploadVideo(servers[0].url, servers[0].accessToken, {})
      notBlacklistedVideoId = res.body.video.uuid
    }

    {
      const res = await uploadVideo(servers[1].url, servers[1].accessToken, {})
      remoteVideoUUID = res.body.video.uuid
    }

    await waitJobs(servers)

    command = servers[0].blacklistCommand
  })

  describe('When adding a video in blacklist', function () {
    const basePath = '/api/v1/videos/'

    it('Should fail with nothing', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const wrongPath = '/api/v1/videos/blabla/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
    })

    it('Should fail with a non authenticated user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: userAccessToken2,
        fields,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an invalid reason', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = { reason: 'a'.repeat(305) }

      await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should fail to unfederate a remote video', async function () {
      const path = basePath + remoteVideoUUID + '/blacklist'
      const fields = { unfederate: true }

      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.CONFLICT_409
      })
    })

    it('Should succeed with the correct params', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = {}

      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When updating a video in blacklist', function () {
    const basePath = '/api/v1/videos/'

    it('Should fail with a wrong video', async function () {
      const wrongPath = '/api/v1/videos/blabla/blacklist'
      const fields = {}
      await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
    })

    it('Should fail with a video not blacklisted', async function () {
      const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
      const fields = {}
      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a non authenticated user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: userAccessToken2,
        fields,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an invalid reason', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = { reason: 'a'.repeat(305) }

      await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should succeed with the correct params', async function () {
      const path = basePath + servers[0].video.shortUUID + '/blacklist'
      const fields = { reason: 'hello' }

      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When getting blacklisted video', function () {

    it('Should fail with a non authenticated user', async function () {
      await getVideo(servers[0].url, servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
    })

    it('Should fail with another user', async function () {
      await getVideoWithToken(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
    })

    it('Should succeed with the owner authenticated user', async function () {
      const res = await getVideoWithToken(servers[0].url, userAccessToken1, servers[0].video.uuid, HttpStatusCode.OK_200)
      const video: VideoDetails = res.body

      expect(video.blacklisted).to.be.true
    })

    it('Should succeed with an admin', async function () {
      const video = servers[0].video

      for (const id of [ video.id, video.uuid, video.shortUUID ]) {
        const res = await getVideoWithToken(servers[0].url, servers[0].accessToken, id, HttpStatusCode.OK_200)
        const video: VideoDetails = res.body

        expect(video.blacklisted).to.be.true
      }
    })
  })

  describe('When removing a video in blacklist', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.remove({ token: 'fake token', videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.remove({ token: userAccessToken2, videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with an incorrect id', async function () {
      await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail with a not blacklisted video', async function () {
      // The video was not added to the blacklist so it should fail
      await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should succeed with the correct params', async function () {
      await command.remove({ videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
    })
  })

  describe('When listing videos in blacklist', function () {
    const basePath = '/api/v1/videos/blacklist/'

    it('Should fail with a non authenticated user', async function () {
      await servers[0].blacklistCommand.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await servers[0].blacklistCommand.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with an invalid type', async function () {
      await servers[0].blacklistCommand.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should succeed with the correct parameters', async function () {
      await servers[0].blacklistCommand.list({ type: VideoBlacklistType.MANUAL })
    })
  })

  after(async function () {
    await cleanupTests(servers)
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
792dbaf0 GS	2
792dbaf0 GS	3	import 'mocha'
e3d15a6a C	4	import { expect } from 'chai'
e3d15a6a C	5	import { HttpStatusCode } from '@shared/core-utils'
792dbaf0	6	import {
e3d15a6a C	7	BlacklistCommand,
	8	checkBadCountPagination,
	9	checkBadSortPagination,
	10	checkBadStartPagination,
7c3b7976	11	cleanupTests,
5abb9fbb C	12	doubleFollow,
5abb9fbb C	13	flushAndRunMultipleServers,
5abb9fbb C	14	getVideo,
5abb9fbb C	15	getVideoWithToken,
26b7305a C	16	makePostBodyRequest,
26b7305a C	17	makePutBodyRequest,
26b7305a C	18	ServerInfo,
	19	setAccessTokensToServers,
	20	uploadVideo,
a1587156	21	waitJobs
e3d15a6a C	22	} from '@shared/extra-utils'
e3d15a6a C	23	import { VideoBlacklistType, VideoDetails } from '@shared/models'
792dbaf0 GS	24
792dbaf0 GS	25	describe('Test video blacklist API validators', function () {
5abb9fbb	26	let servers: ServerInfo[]
26b7305a	27	let notBlacklistedVideoId: number
5abb9fbb	28	let remoteVideoUUID: string
e5e7f7fe C	29	let userAccessToken1 = ''
e5e7f7fe C	30	let userAccessToken2 = ''
e3d15a6a	31	let command: BlacklistCommand
792dbaf0 GS	32
	33	// ---------------------------------------------------------------
	34
	35	before(async function () {
	36	this.timeout(120000)
	37
5abb9fbb	38	servers = await flushAndRunMultipleServers(2)
792dbaf0	39
5abb9fbb C	40	await setAccessTokensToServers(servers)
5abb9fbb C	41	await doubleFollow(servers[0], servers[1])
792dbaf0	42
e5e7f7fe C	43	{
	44	const username = 'user1'
	45	const password = 'my super password'
7926c5f9	46	await servers[0].usersCommand.create({ username: username, password: password })
41d1d075	47	userAccessToken1 = await servers[0].loginCommand.getAccessToken({ username, password })
e5e7f7fe	48	}
792dbaf0	49
26b7305a	50	{
e5e7f7fe C	51	const username = 'user2'
e5e7f7fe C	52	const password = 'my super password'
7926c5f9	53	await servers[0].usersCommand.create({ username: username, password: password })
41d1d075	54	userAccessToken2 = await servers[0].loginCommand.getAccessToken({ username, password })
e5e7f7fe C	55	}
	56
	57	{
5abb9fbb C	58	const res = await uploadVideo(servers[0].url, userAccessToken1, {})
5abb9fbb C	59	servers[0].video = res.body.video
26b7305a C	60	}
	61
	62	{
5abb9fbb	63	const res = await uploadVideo(servers[0].url, servers[0].accessToken, {})
26b7305a C	64	notBlacklistedVideoId = res.body.video.uuid
26b7305a C	65	}
5abb9fbb C	66
	67	{
	68	const res = await uploadVideo(servers[1].url, servers[1].accessToken, {})
	69	remoteVideoUUID = res.body.video.uuid
	70	}
	71
	72	await waitJobs(servers)
e3d15a6a C	73
e3d15a6a C	74	command = servers[0].blacklistCommand
792dbaf0 GS	75	})
	76
	77	describe('When adding a video in blacklist', function () {
	78	const basePath = '/api/v1/videos/'
	79
	80	it('Should fail with nothing', async function () {
5abb9fbb	81	const path = basePath + servers[0].video + '/blacklist'
792dbaf0	82	const fields = {}
5abb9fbb	83	await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
792dbaf0 GS	84	})
	85
	86	it('Should fail with a wrong video', async function () {
	87	const wrongPath = '/api/v1/videos/blabla/blacklist'
	88	const fields = {}
5abb9fbb	89	await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
792dbaf0 GS	90	})
	91
	92	it('Should fail with a non authenticated user', async function () {
5abb9fbb	93	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	94	const fields = {}
2d53be02	95	await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	96	})
	97
	98	it('Should fail with a non admin user', async function () {
5abb9fbb	99	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	100	const fields = {}
2d53be02 RK	101	await makePostBodyRequest({
	102	url: servers[0].url,
	103	path,
	104	token: userAccessToken2,
	105	fields,
	106	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
	107	})
792dbaf0 GS	108	})
792dbaf0 GS	109
26b7305a	110	it('Should fail with an invalid reason', async function () {
5abb9fbb	111	const path = basePath + servers[0].video.uuid + '/blacklist'
26b7305a C	112	const fields = { reason: 'a'.repeat(305) }
26b7305a C	113
5abb9fbb C	114	await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
	115	})
	116
	117	it('Should fail to unfederate a remote video', async function () {
	118	const path = basePath + remoteVideoUUID + '/blacklist'
	119	const fields = { unfederate: true }
	120
2d53be02 RK	121	await makePostBodyRequest({
	122	url: servers[0].url,
	123	path,
	124	token: servers[0].accessToken,
	125	fields,
	126	statusCodeExpected: HttpStatusCode.CONFLICT_409
	127	})
26b7305a C	128	})
	129
	130	it('Should succeed with the correct params', async function () {
5abb9fbb	131	const path = basePath + servers[0].video.uuid + '/blacklist'
a1587156	132	const fields = {}
26b7305a	133
2d53be02 RK	134	await makePostBodyRequest({
	135	url: servers[0].url,
	136	path,
	137	token: servers[0].accessToken,
	138	fields,
	139	statusCodeExpected: HttpStatusCode.NO_CONTENT_204
	140	})
26b7305a C	141	})
	142	})
	143
	144	describe('When updating a video in blacklist', function () {
	145	const basePath = '/api/v1/videos/'
	146
	147	it('Should fail with a wrong video', async function () {
	148	const wrongPath = '/api/v1/videos/blabla/blacklist'
	149	const fields = {}
5abb9fbb	150	await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
26b7305a C	151	})
	152
	153	it('Should fail with a video not blacklisted', async function () {
	154	const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
	155	const fields = {}
2d53be02 RK	156	await makePutBodyRequest({
	157	url: servers[0].url,
	158	path,
	159	token: servers[0].accessToken,
	160	fields,
	161	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	162	})
26b7305a C	163	})
	164
	165	it('Should fail with a non authenticated user', async function () {
5abb9fbb	166	const path = basePath + servers[0].video + '/blacklist'
26b7305a	167	const fields = {}
2d53be02	168	await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
26b7305a C	169	})
	170
	171	it('Should fail with a non admin user', async function () {
5abb9fbb	172	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	173	const fields = {}
2d53be02 RK	174	await makePutBodyRequest({
	175	url: servers[0].url,
	176	path,
	177	token: userAccessToken2,
	178	fields,
	179	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
	180	})
26b7305a C	181	})
	182
	183	it('Should fail with an invalid reason', async function () {
5abb9fbb	184	const path = basePath + servers[0].video.uuid + '/blacklist'
26b7305a C	185	const fields = { reason: 'a'.repeat(305) }
26b7305a C	186
5abb9fbb	187	await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
26b7305a C	188	})
	189
	190	it('Should succeed with the correct params', async function () {
d4a8e7a6	191	const path = basePath + servers[0].video.shortUUID + '/blacklist'
26b7305a C	192	const fields = { reason: 'hello' }
26b7305a C	193
2d53be02 RK	194	await makePutBodyRequest({
	195	url: servers[0].url,
	196	path,
	197	token: servers[0].accessToken,
	198	fields,
	199	statusCodeExpected: HttpStatusCode.NO_CONTENT_204
	200	})
792dbaf0 GS	201	})
	202	})
	203
e5e7f7fe C	204	describe('When getting blacklisted video', function () {
	205
	206	it('Should fail with a non authenticated user', async function () {
2d53be02	207	await getVideo(servers[0].url, servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
e5e7f7fe C	208	})
	209
	210	it('Should fail with another user', async function () {
2d53be02	211	await getVideoWithToken(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
e5e7f7fe C	212	})
	213
	214	it('Should succeed with the owner authenticated user', async function () {
2d53be02	215	const res = await getVideoWithToken(servers[0].url, userAccessToken1, servers[0].video.uuid, HttpStatusCode.OK_200)
e5e7f7fe C	216	const video: VideoDetails = res.body
	217
	218	expect(video.blacklisted).to.be.true
	219	})
	220
	221	it('Should succeed with an admin', async function () {
d4a8e7a6	222	const video = servers[0].video
e5e7f7fe	223
d4a8e7a6 C	224	for (const id of [ video.id, video.uuid, video.shortUUID ]) {
	225	const res = await getVideoWithToken(servers[0].url, servers[0].accessToken, id, HttpStatusCode.OK_200)
	226	const video: VideoDetails = res.body
	227
	228	expect(video.blacklisted).to.be.true
	229	}
e5e7f7fe C	230	})
	231	})
	232
792dbaf0	233	describe('When removing a video in blacklist', function () {
e3d15a6a	234
792dbaf0	235	it('Should fail with a non authenticated user', async function () {
e3d15a6a	236	await command.remove({ token: 'fake token', videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	237	})
	238
	239	it('Should fail with a non admin user', async function () {
e3d15a6a	240	await command.remove({ token: userAccessToken2, videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
792dbaf0 GS	241	})
	242
	243	it('Should fail with an incorrect id', async function () {
e3d15a6a	244	await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
792dbaf0 GS	245	})
	246
	247	it('Should fail with a not blacklisted video', async function () {
	248	// The video was not added to the blacklist so it should fail
e3d15a6a	249	await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
26b7305a C	250	})
	251
	252	it('Should succeed with the correct params', async function () {
e3d15a6a	253	await command.remove({ videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
792dbaf0 GS	254	})
	255	})
	256
	257	describe('When listing videos in blacklist', function () {
35bf0c83	258	const basePath = '/api/v1/videos/blacklist/'
792dbaf0 GS	259
792dbaf0 GS	260	it('Should fail with a non authenticated user', async function () {
e3d15a6a	261	await servers[0].blacklistCommand.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	262	})
	263
	264	it('Should fail with a non admin user', async function () {
e3d15a6a	265	await servers[0].blacklistCommand.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
792dbaf0 GS	266	})
	267
	268	it('Should fail with a bad start pagination', async function () {
5abb9fbb	269	await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0 GS	270	})
	271
	272	it('Should fail with a bad count pagination', async function () {
5abb9fbb	273	await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0 GS	274	})
	275
	276	it('Should fail with an incorrect sort', async function () {
5abb9fbb	277	await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0	278	})
7ccddd7b JM	279
7ccddd7b JM	280	it('Should fail with an invalid type', async function () {
e3d15a6a	281	await servers[0].blacklistCommand.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
7ccddd7b JM	282	})
	283
	284	it('Should succeed with the correct parameters', async function () {
e3d15a6a	285	await servers[0].blacklistCommand.list({ type: VideoBlacklistType.MANUAL })
7ccddd7b	286	})
792dbaf0 GS	287	})
792dbaf0 GS	288
7c3b7976 C	289	after(async function () {
7c3b7976 C	290	await cleanupTests(servers)
792dbaf0 GS	291	})
792dbaf0 GS	292	})