[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / video-blacklist.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import { expect } from 'chai'
import { HttpStatusCode } from '@shared/core-utils'
import {
  BlacklistCommand,
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination,
  cleanupTests,
  createUser,
  doubleFollow,
  flushAndRunMultipleServers,
  getVideo,
  getVideoWithToken,
  makePostBodyRequest,
  makePutBodyRequest,
  ServerInfo,
  setAccessTokensToServers,
  uploadVideo,
  waitJobs
} from '@shared/extra-utils'
import { VideoBlacklistType, VideoDetails } from '@shared/models'

describe('Test video blacklist API validators', function () {
  let servers: ServerInfo[]
  let notBlacklistedVideoId: number
  let remoteVideoUUID: string
  let userAccessToken1 = ''
  let userAccessToken2 = ''
  let command: BlacklistCommand

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(120000)

    servers = await flushAndRunMultipleServers(2)

    await setAccessTokensToServers(servers)
    await doubleFollow(servers[0], servers[1])

    {
      const username = 'user1'
      const password = 'my super password'
      await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
      userAccessToken1 = await servers[0].loginCommand.getAccessToken({ username, password })
    }

    {
      const username = 'user2'
      const password = 'my super password'
      await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
      userAccessToken2 = await servers[0].loginCommand.getAccessToken({ username, password })
    }

    {
      const res = await uploadVideo(servers[0].url, userAccessToken1, {})
      servers[0].video = res.body.video
    }

    {
      const res = await uploadVideo(servers[0].url, servers[0].accessToken, {})
      notBlacklistedVideoId = res.body.video.uuid
    }

    {
      const res = await uploadVideo(servers[1].url, servers[1].accessToken, {})
      remoteVideoUUID = res.body.video.uuid
    }

    await waitJobs(servers)

    command = servers[0].blacklistCommand
  })

  describe('When adding a video in blacklist', function () {
    const basePath = '/api/v1/videos/'

    it('Should fail with nothing', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should fail with a wrong video', async function () {
      const wrongPath = '/api/v1/videos/blabla/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
    })

    it('Should fail with a non authenticated user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: userAccessToken2,
        fields,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an invalid reason', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = { reason: 'a'.repeat(305) }

      await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should fail to unfederate a remote video', async function () {
      const path = basePath + remoteVideoUUID + '/blacklist'
      const fields = { unfederate: true }

      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.CONFLICT_409
      })
    })

    it('Should succeed with the correct params', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = {}

      await makePostBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When updating a video in blacklist', function () {
    const basePath = '/api/v1/videos/'

    it('Should fail with a wrong video', async function () {
      const wrongPath = '/api/v1/videos/blabla/blacklist'
      const fields = {}
      await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
    })

    it('Should fail with a video not blacklisted', async function () {
      const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
      const fields = {}
      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a non authenticated user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      const path = basePath + servers[0].video + '/blacklist'
      const fields = {}
      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: userAccessToken2,
        fields,
        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an invalid reason', async function () {
      const path = basePath + servers[0].video.uuid + '/blacklist'
      const fields = { reason: 'a'.repeat(305) }

      await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
    })

    it('Should succeed with the correct params', async function () {
      const path = basePath + servers[0].video.shortUUID + '/blacklist'
      const fields = { reason: 'hello' }

      await makePutBodyRequest({
        url: servers[0].url,
        path,
        token: servers[0].accessToken,
        fields,
        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When getting blacklisted video', function () {

    it('Should fail with a non authenticated user', async function () {
      await getVideo(servers[0].url, servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
    })

    it('Should fail with another user', async function () {
      await getVideoWithToken(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
    })

    it('Should succeed with the owner authenticated user', async function () {
      const res = await getVideoWithToken(servers[0].url, userAccessToken1, servers[0].video.uuid, HttpStatusCode.OK_200)
      const video: VideoDetails = res.body

      expect(video.blacklisted).to.be.true
    })

    it('Should succeed with an admin', async function () {
      const video = servers[0].video

      for (const id of [ video.id, video.uuid, video.shortUUID ]) {
        const res = await getVideoWithToken(servers[0].url, servers[0].accessToken, id, HttpStatusCode.OK_200)
        const video: VideoDetails = res.body

        expect(video.blacklisted).to.be.true
      }
    })
  })

  describe('When removing a video in blacklist', function () {

    it('Should fail with a non authenticated user', async function () {
      await command.remove({ token: 'fake token', videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await command.remove({ token: userAccessToken2, videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with an incorrect id', async function () {
      await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should fail with a not blacklisted video', async function () {
      // The video was not added to the blacklist so it should fail
      await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should succeed with the correct params', async function () {
      await command.remove({ videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
    })
  })

  describe('When listing videos in blacklist', function () {
    const basePath = '/api/v1/videos/blacklist/'

    it('Should fail with a non authenticated user', async function () {
      await servers[0].blacklistCommand.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with a non admin user', async function () {
      await servers[0].blacklistCommand.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
    })

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
    })

    it('Should fail with an invalid type', async function () {
      await servers[0].blacklistCommand.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
    })

    it('Should succeed with the correct parameters', async function () {
      await servers[0].blacklistCommand.list({ type: VideoBlacklistType.MANUAL })
    })
  })

  after(async function () {
    await cleanupTests(servers)
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
792dbaf0 GS	2
792dbaf0 GS	3	import 'mocha'
e3d15a6a C	4	import { expect } from 'chai'
e3d15a6a C	5	import { HttpStatusCode } from '@shared/core-utils'
792dbaf0	6	import {
e3d15a6a C	7	BlacklistCommand,
	8	checkBadCountPagination,
	9	checkBadSortPagination,
	10	checkBadStartPagination,
7c3b7976	11	cleanupTests,
26b7305a	12	createUser,
5abb9fbb C	13	doubleFollow,
5abb9fbb C	14	flushAndRunMultipleServers,
5abb9fbb C	15	getVideo,
5abb9fbb C	16	getVideoWithToken,
26b7305a C	17	makePostBodyRequest,
26b7305a C	18	makePutBodyRequest,
26b7305a C	19	ServerInfo,
	20	setAccessTokensToServers,
	21	uploadVideo,
a1587156	22	waitJobs
e3d15a6a C	23	} from '@shared/extra-utils'
e3d15a6a C	24	import { VideoBlacklistType, VideoDetails } from '@shared/models'
792dbaf0 GS	25
792dbaf0 GS	26	describe('Test video blacklist API validators', function () {
5abb9fbb	27	let servers: ServerInfo[]
26b7305a	28	let notBlacklistedVideoId: number
5abb9fbb	29	let remoteVideoUUID: string
e5e7f7fe C	30	let userAccessToken1 = ''
e5e7f7fe C	31	let userAccessToken2 = ''
e3d15a6a	32	let command: BlacklistCommand
792dbaf0 GS	33
	34	// ---------------------------------------------------------------
	35
	36	before(async function () {
	37	this.timeout(120000)
	38
5abb9fbb	39	servers = await flushAndRunMultipleServers(2)
792dbaf0	40
5abb9fbb C	41	await setAccessTokensToServers(servers)
5abb9fbb C	42	await doubleFollow(servers[0], servers[1])
792dbaf0	43
e5e7f7fe C	44	{
	45	const username = 'user1'
	46	const password = 'my super password'
a1587156	47	await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
41d1d075	48	userAccessToken1 = await servers[0].loginCommand.getAccessToken({ username, password })
e5e7f7fe	49	}
792dbaf0	50
26b7305a	51	{
e5e7f7fe C	52	const username = 'user2'
e5e7f7fe C	53	const password = 'my super password'
a1587156	54	await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
41d1d075	55	userAccessToken2 = await servers[0].loginCommand.getAccessToken({ username, password })
e5e7f7fe C	56	}
	57
	58	{
5abb9fbb C	59	const res = await uploadVideo(servers[0].url, userAccessToken1, {})
5abb9fbb C	60	servers[0].video = res.body.video
26b7305a C	61	}
	62
	63	{
5abb9fbb	64	const res = await uploadVideo(servers[0].url, servers[0].accessToken, {})
26b7305a C	65	notBlacklistedVideoId = res.body.video.uuid
26b7305a C	66	}
5abb9fbb C	67
	68	{
	69	const res = await uploadVideo(servers[1].url, servers[1].accessToken, {})
	70	remoteVideoUUID = res.body.video.uuid
	71	}
	72
	73	await waitJobs(servers)
e3d15a6a C	74
e3d15a6a C	75	command = servers[0].blacklistCommand
792dbaf0 GS	76	})
	77
	78	describe('When adding a video in blacklist', function () {
	79	const basePath = '/api/v1/videos/'
	80
	81	it('Should fail with nothing', async function () {
5abb9fbb	82	const path = basePath + servers[0].video + '/blacklist'
792dbaf0	83	const fields = {}
5abb9fbb	84	await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
792dbaf0 GS	85	})
	86
	87	it('Should fail with a wrong video', async function () {
	88	const wrongPath = '/api/v1/videos/blabla/blacklist'
	89	const fields = {}
5abb9fbb	90	await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
792dbaf0 GS	91	})
	92
	93	it('Should fail with a non authenticated user', async function () {
5abb9fbb	94	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	95	const fields = {}
2d53be02	96	await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	97	})
	98
	99	it('Should fail with a non admin user', async function () {
5abb9fbb	100	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	101	const fields = {}
2d53be02 RK	102	await makePostBodyRequest({
	103	url: servers[0].url,
	104	path,
	105	token: userAccessToken2,
	106	fields,
	107	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
	108	})
792dbaf0 GS	109	})
792dbaf0 GS	110
26b7305a	111	it('Should fail with an invalid reason', async function () {
5abb9fbb	112	const path = basePath + servers[0].video.uuid + '/blacklist'
26b7305a C	113	const fields = { reason: 'a'.repeat(305) }
26b7305a C	114
5abb9fbb C	115	await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
	116	})
	117
	118	it('Should fail to unfederate a remote video', async function () {
	119	const path = basePath + remoteVideoUUID + '/blacklist'
	120	const fields = { unfederate: true }
	121
2d53be02 RK	122	await makePostBodyRequest({
	123	url: servers[0].url,
	124	path,
	125	token: servers[0].accessToken,
	126	fields,
	127	statusCodeExpected: HttpStatusCode.CONFLICT_409
	128	})
26b7305a C	129	})
	130
	131	it('Should succeed with the correct params', async function () {
5abb9fbb	132	const path = basePath + servers[0].video.uuid + '/blacklist'
a1587156	133	const fields = {}
26b7305a	134
2d53be02 RK	135	await makePostBodyRequest({
	136	url: servers[0].url,
	137	path,
	138	token: servers[0].accessToken,
	139	fields,
	140	statusCodeExpected: HttpStatusCode.NO_CONTENT_204
	141	})
26b7305a C	142	})
	143	})
	144
	145	describe('When updating a video in blacklist', function () {
	146	const basePath = '/api/v1/videos/'
	147
	148	it('Should fail with a wrong video', async function () {
	149	const wrongPath = '/api/v1/videos/blabla/blacklist'
	150	const fields = {}
5abb9fbb	151	await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
26b7305a C	152	})
	153
	154	it('Should fail with a video not blacklisted', async function () {
	155	const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
	156	const fields = {}
2d53be02 RK	157	await makePutBodyRequest({
	158	url: servers[0].url,
	159	path,
	160	token: servers[0].accessToken,
	161	fields,
	162	statusCodeExpected: HttpStatusCode.NOT_FOUND_404
	163	})
26b7305a C	164	})
	165
	166	it('Should fail with a non authenticated user', async function () {
5abb9fbb	167	const path = basePath + servers[0].video + '/blacklist'
26b7305a	168	const fields = {}
2d53be02	169	await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
26b7305a C	170	})
	171
	172	it('Should fail with a non admin user', async function () {
5abb9fbb	173	const path = basePath + servers[0].video + '/blacklist'
11ba2ab3	174	const fields = {}
2d53be02 RK	175	await makePutBodyRequest({
	176	url: servers[0].url,
	177	path,
	178	token: userAccessToken2,
	179	fields,
	180	statusCodeExpected: HttpStatusCode.FORBIDDEN_403
	181	})
26b7305a C	182	})
	183
	184	it('Should fail with an invalid reason', async function () {
5abb9fbb	185	const path = basePath + servers[0].video.uuid + '/blacklist'
26b7305a C	186	const fields = { reason: 'a'.repeat(305) }
26b7305a C	187
5abb9fbb	188	await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
26b7305a C	189	})
	190
	191	it('Should succeed with the correct params', async function () {
d4a8e7a6	192	const path = basePath + servers[0].video.shortUUID + '/blacklist'
26b7305a C	193	const fields = { reason: 'hello' }
26b7305a C	194
2d53be02 RK	195	await makePutBodyRequest({
	196	url: servers[0].url,
	197	path,
	198	token: servers[0].accessToken,
	199	fields,
	200	statusCodeExpected: HttpStatusCode.NO_CONTENT_204
	201	})
792dbaf0 GS	202	})
	203	})
	204
e5e7f7fe C	205	describe('When getting blacklisted video', function () {
	206
	207	it('Should fail with a non authenticated user', async function () {
2d53be02	208	await getVideo(servers[0].url, servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
e5e7f7fe C	209	})
	210
	211	it('Should fail with another user', async function () {
2d53be02	212	await getVideoWithToken(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
e5e7f7fe C	213	})
	214
	215	it('Should succeed with the owner authenticated user', async function () {
2d53be02	216	const res = await getVideoWithToken(servers[0].url, userAccessToken1, servers[0].video.uuid, HttpStatusCode.OK_200)
e5e7f7fe C	217	const video: VideoDetails = res.body
	218
	219	expect(video.blacklisted).to.be.true
	220	})
	221
	222	it('Should succeed with an admin', async function () {
d4a8e7a6	223	const video = servers[0].video
e5e7f7fe	224
d4a8e7a6 C	225	for (const id of [ video.id, video.uuid, video.shortUUID ]) {
	226	const res = await getVideoWithToken(servers[0].url, servers[0].accessToken, id, HttpStatusCode.OK_200)
	227	const video: VideoDetails = res.body
	228
	229	expect(video.blacklisted).to.be.true
	230	}
e5e7f7fe C	231	})
	232	})
	233
792dbaf0	234	describe('When removing a video in blacklist', function () {
e3d15a6a	235
792dbaf0	236	it('Should fail with a non authenticated user', async function () {
e3d15a6a	237	await command.remove({ token: 'fake token', videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	238	})
	239
	240	it('Should fail with a non admin user', async function () {
e3d15a6a	241	await command.remove({ token: userAccessToken2, videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
792dbaf0 GS	242	})
	243
	244	it('Should fail with an incorrect id', async function () {
e3d15a6a	245	await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
792dbaf0 GS	246	})
	247
	248	it('Should fail with a not blacklisted video', async function () {
	249	// The video was not added to the blacklist so it should fail
e3d15a6a	250	await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
26b7305a C	251	})
	252
	253	it('Should succeed with the correct params', async function () {
e3d15a6a	254	await command.remove({ videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
792dbaf0 GS	255	})
	256	})
	257
	258	describe('When listing videos in blacklist', function () {
35bf0c83	259	const basePath = '/api/v1/videos/blacklist/'
792dbaf0 GS	260
792dbaf0 GS	261	it('Should fail with a non authenticated user', async function () {
e3d15a6a	262	await servers[0].blacklistCommand.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
792dbaf0 GS	263	})
	264
	265	it('Should fail with a non admin user', async function () {
e3d15a6a	266	await servers[0].blacklistCommand.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
792dbaf0 GS	267	})
	268
	269	it('Should fail with a bad start pagination', async function () {
5abb9fbb	270	await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0 GS	271	})
	272
	273	it('Should fail with a bad count pagination', async function () {
5abb9fbb	274	await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0 GS	275	})
	276
	277	it('Should fail with an incorrect sort', async function () {
5abb9fbb	278	await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
792dbaf0	279	})
7ccddd7b JM	280
7ccddd7b JM	281	it('Should fail with an invalid type', async function () {
e3d15a6a	282	await servers[0].blacklistCommand.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
7ccddd7b JM	283	})
	284
	285	it('Should succeed with the correct parameters', async function () {
e3d15a6a	286	await servers[0].blacklistCommand.list({ type: VideoBlacklistType.MANUAL })
7ccddd7b	287	})
792dbaf0 GS	288	})
792dbaf0 GS	289
7c3b7976 C	290	after(async function () {
7c3b7976 C	291	await cleanupTests(servers)
792dbaf0 GS	292	})
792dbaf0 GS	293	})