[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / video-comments.ts

/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */

import 'mocha'
import * as chai from 'chai'
import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models'
import {
  cleanupTests,
  createSingleServer,
  makeDeleteRequest,
  makeGetRequest,
  makePostBodyRequest,
  PeerTubeServer,
  setAccessTokensToServers
} from '@shared/server-commands'

const expect = chai.expect

describe('Test video comments API validator', function () {
  let pathThread: string
  let pathComment: string
  let server: PeerTubeServer
  let video: VideoCreateResult
  let userAccessToken: string
  let userAccessToken2: string
  let commentId: number
  let privateCommentId: number
  let privateVideo: VideoCreateResult

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await createSingleServer(1)

    await setAccessTokensToServers([ server ])

    {
      video = await server.videos.upload({ attributes: {} })
      pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
    }

    {
      privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
    }

    {
      const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
      commentId = created.id
      pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
    }

    {
      const created = await server.comments.createThread({ videoId: privateVideo.uuid, text: 'coucou' })
      privateCommentId = created.id
    }

    {
      const user = { username: 'user1', password: 'my super password' }
      await server.users.create({ username: user.username, password: user.password })
      userAccessToken = await server.login.getAccessToken(user)
    }

    {
      const user = { username: 'user2', password: 'my super password' }
      await server.users.create({ username: user.username, password: user.password })
      userAccessToken2 = await server.login.getAccessToken(user)
    }
  })

  describe('When listing video comment threads', function () {
    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, pathThread, server.accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, pathThread, server.accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, pathThread, server.accessToken)
    })

    it('Should fail with an incorrect video', async function () {
      await makeGetRequest({
        url: server.url,
        path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
        expectedStatus: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a private video without token', async function () {
      await makeGetRequest({
        url: server.url,
        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with another user token', async function () {
      await makeGetRequest({
        url: server.url,
        token: userAccessToken,
        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
        expectedStatus: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should succeed with the correct params', async function () {
      await makeGetRequest({
        url: server.url,
        token: server.accessToken,
        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
        expectedStatus: HttpStatusCode.OK_200
      })
    })
  })

  describe('When listing comments of a thread', function () {
    it('Should fail with an incorrect video', async function () {
      await makeGetRequest({
        url: server.url,
        path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
        expectedStatus: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with an incorrect thread id', async function () {
      await makeGetRequest({
        url: server.url,
        path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
        expectedStatus: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with a private video without token', async function () {
      await makeGetRequest({
        url: server.url,
        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with another user token', async function () {
      await makeGetRequest({
        url: server.url,
        token: userAccessToken,
        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
        expectedStatus: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should success with the correct params', async function () {
      await makeGetRequest({
        url: server.url,
        token: server.accessToken,
        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
        expectedStatus: HttpStatusCode.OK_200
      })

      await makeGetRequest({
        url: server.url,
        path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
        expectedStatus: HttpStatusCode.OK_200
      })
    })
  })

  describe('When adding a video thread', function () {

    it('Should fail with a non authenticated user', async function () {
      const fields = {
        text: 'text'
      }
      await makePostBodyRequest({
        url: server.url,
        path: pathThread,
        token: 'none',
        fields,
        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with nothing', async function () {
      const fields = {}
      await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
    })

    it('Should fail with a short comment', async function () {
      const fields = {
        text: ''
      }
      await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
    })

    it('Should fail with a long comment', async function () {
      const fields = {
        text: 'h'.repeat(10001)
      }
      await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
    })

    it('Should fail with an incorrect video', async function () {
      const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
      const fields = {
        text: 'super comment'
      }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: server.accessToken,
        fields,
        expectedStatus: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should succeed with the correct parameters', async function () {
      const fields = {
        text: 'super comment'
      }
      await makePostBodyRequest({
        url: server.url,
        path: pathThread,
        token: server.accessToken,
        fields,
        expectedStatus: HttpStatusCode.OK_200
      })
    })
  })

  describe('When adding a comment to a thread', function () {
    it('Should fail with a non authenticated user', async function () {
      const fields = {
        text: 'text'
      }
      await makePostBodyRequest({
        url: server.url,
        path: pathComment,
        token: 'none',
        fields,
        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with nothing', async function () {
      const fields = {}
      await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
    })

    it('Should fail with a short comment', async function () {
      const fields = {
        text: ''
      }
      await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
    })

    it('Should fail with a long comment', async function () {
      const fields = {
        text: 'h'.repeat(10001)
      }
      await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
    })

    it('Should fail with an incorrect video', async function () {
      const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
      const fields = {
        text: 'super comment'
      }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: server.accessToken,
        fields,
        expectedStatus: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should fail with an incorrect comment', async function () {
      const path = '/api/v1/videos/' + video.uuid + '/comments/124'
      const fields = {
        text: 'super comment'
      }
      await makePostBodyRequest({
        url: server.url,
        path,
        token: server.accessToken,
        fields,
        expectedStatus: HttpStatusCode.NOT_FOUND_404
      })
    })

    it('Should succeed with the correct parameters', async function () {
      const fields = {
        text: 'super comment'
      }
      await makePostBodyRequest({
        url: server.url,
        path: pathComment,
        token: server.accessToken,
        fields,
        expectedStatus: HttpStatusCode.OK_200
      })
    })
  })

  describe('When removing video comments', function () {
    it('Should fail with a non authenticated user', async function () {
      await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
    })

    it('Should fail with another user', async function () {
      await makeDeleteRequest({
        url: server.url,
        path: pathComment,
        token: userAccessToken,
        expectedStatus: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should fail with an incorrect video', async function () {
      const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
      await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should fail with an incorrect comment', async function () {
      const path = '/api/v1/videos/' + video.uuid + '/comments/124'
      await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
    })

    it('Should succeed with the same user', async function () {
      let commentToDelete: number

      {
        const created = await server.comments.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
        commentToDelete = created.id
      }

      const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete

      await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
      await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
    })

    it('Should succeed with the owner of the video', async function () {
      let commentToDelete: number
      let anotherVideoUUID: string

      {
        const { uuid } = await server.videos.upload({ token: userAccessToken, attributes: { name: 'video' } })
        anotherVideoUUID = uuid
      }

      {
        const created = await server.comments.createThread({ videoId: anotherVideoUUID, text: 'hello' })
        commentToDelete = created.id
      }

      const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete

      await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
      await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
    })

    it('Should succeed with the correct parameters', async function () {
      await makeDeleteRequest({
        url: server.url,
        path: pathComment,
        token: server.accessToken,
        expectedStatus: HttpStatusCode.NO_CONTENT_204
      })
    })
  })

  describe('When a video has comments disabled', function () {
    before(async function () {
      video = await server.videos.upload({ attributes: { commentsEnabled: false } })
      pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
    })

    it('Should return an empty thread list', async function () {
      const res = await makeGetRequest({
        url: server.url,
        path: pathThread,
        expectedStatus: HttpStatusCode.OK_200
      })
      expect(res.body.total).to.equal(0)
      expect(res.body.data).to.have.lengthOf(0)
    })

    it('Should return an thread comments list')

    it('Should return conflict on thread add', async function () {
      const fields = {
        text: 'super comment'
      }
      await makePostBodyRequest({
        url: server.url,
        path: pathThread,
        token: server.accessToken,
        fields,
        expectedStatus: HttpStatusCode.CONFLICT_409
      })
    })

    it('Should return conflict on comment thread add')
  })

  describe('When listing admin comments threads', function () {
    const path = '/api/v1/videos/comments'

    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, server.accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
      })
    })

    it('Should fail with a non admin user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: userAccessToken,
        expectedStatus: HttpStatusCode.FORBIDDEN_403
      })
    })

    it('Should succeed with the correct params', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: server.accessToken,
        query: {
          isLocal: false,
          search: 'toto',
          searchAccount: 'toto',
          searchVideo: 'toto'
        },
        expectedStatus: HttpStatusCode.OK_200
      })
    })
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Commit	Line	Data
a1587156	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
e2e22e40 C	2
e2e22e40 C	3	import 'mocha'
d4a8e7a6	4	import * as chai from 'chai'
c55e3d72	5	import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
33181473	6	import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models'
11ba2ab3	7	import {
7c3b7976	8	cleanupTests,
254d3579	9	createSingleServer,
42e1ec25 C	10	makeDeleteRequest,
	11	makeGetRequest,
	12	makePostBodyRequest,
254d3579	13	PeerTubeServer,
d23dd9fb	14	setAccessTokensToServers
bf54587a	15	} from '@shared/server-commands'
e2e22e40	16
47564bbe C	17	const expect = chai.expect
47564bbe C	18
e2e22e40 C	19	describe('Test video comments API validator', function () {
	20	let pathThread: string
	21	let pathComment: string
254d3579	22	let server: PeerTubeServer
d4a8e7a6	23	let video: VideoCreateResult
4cb6d457	24	let userAccessToken: string
fde37dc9	25	let userAccessToken2: string
e2e22e40	26	let commentId: number
84c8d986 C	27	let privateCommentId: number
84c8d986 C	28	let privateVideo: VideoCreateResult
e2e22e40 C	29
	30	// ---------------------------------------------------------------
	31
	32	before(async function () {
e212f887	33	this.timeout(30000)
e2e22e40	34
254d3579	35	server = await createSingleServer(1)
e2e22e40 C	36
	37	await setAccessTokensToServers([ server ])
	38
e2e22e40	39	{
08642a76	40	video = await server.videos.upload({ attributes: {} })
d4a8e7a6	41	pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
e2e22e40 C	42	}
e2e22e40 C	43
84c8d986 C	44	{
	45	privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
	46	}
	47
e2e22e40	48	{
89d241a7	49	const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
12edc149	50	commentId = created.id
d4a8e7a6	51	pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
e2e22e40	52	}
4cb6d457	53
84c8d986 C	54	{
	55	const created = await server.comments.createThread({ videoId: privateVideo.uuid, text: 'coucou' })
	56	privateCommentId = created.id
	57	}
	58
4cb6d457	59	{
fde37dc9	60	const user = { username: 'user1', password: 'my super password' }
89d241a7 C	61	await server.users.create({ username: user.username, password: user.password })
89d241a7 C	62	userAccessToken = await server.login.getAccessToken(user)
4cb6d457	63	}
fde37dc9 C	64
	65	{
	66	const user = { username: 'user2', password: 'my super password' }
89d241a7 C	67	await server.users.create({ username: user.username, password: user.password })
89d241a7 C	68	userAccessToken2 = await server.login.getAccessToken(user)
fde37dc9	69	}
e2e22e40 C	70	})
	71
	72	describe('When listing video comment threads', function () {
	73	it('Should fail with a bad start pagination', async function () {
11ba2ab3	74	await checkBadStartPagination(server.url, pathThread, server.accessToken)
e2e22e40 C	75	})
	76
	77	it('Should fail with a bad count pagination', async function () {
11ba2ab3	78	await checkBadCountPagination(server.url, pathThread, server.accessToken)
e2e22e40 C	79	})
	80
	81	it('Should fail with an incorrect sort', async function () {
11ba2ab3	82	await checkBadSortPagination(server.url, pathThread, server.accessToken)
e2e22e40 C	83	})
	84
	85	it('Should fail with an incorrect video', async function () {
11ba2ab3 C	86	await makeGetRequest({
	87	url: server.url,
	88	path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
c0e8b12e	89	expectedStatus: HttpStatusCode.NOT_FOUND_404
11ba2ab3	90	})
e2e22e40	91	})
84c8d986 C	92
	93	it('Should fail with a private video without token', async function () {
	94	await makeGetRequest({
	95	url: server.url,
	96	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
	97	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
	98	})
	99	})
	100
	101	it('Should fail with another user token', async function () {
	102	await makeGetRequest({
	103	url: server.url,
	104	token: userAccessToken,
	105	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
	106	expectedStatus: HttpStatusCode.FORBIDDEN_403
	107	})
	108	})
	109
	110	it('Should succeed with the correct params', async function () {
	111	await makeGetRequest({
	112	url: server.url,
	113	token: server.accessToken,
	114	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
	115	expectedStatus: HttpStatusCode.OK_200
	116	})
	117	})
e2e22e40 C	118	})
	119
	120	describe('When listing comments of a thread', function () {
	121	it('Should fail with an incorrect video', async function () {
11ba2ab3 C	122	await makeGetRequest({
	123	url: server.url,
	124	path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
c0e8b12e	125	expectedStatus: HttpStatusCode.NOT_FOUND_404
11ba2ab3	126	})
e2e22e40 C	127	})
	128
	129	it('Should fail with an incorrect thread id', async function () {
11ba2ab3 C	130	await makeGetRequest({
11ba2ab3 C	131	url: server.url,
d4a8e7a6	132	path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
c0e8b12e	133	expectedStatus: HttpStatusCode.NOT_FOUND_404
11ba2ab3	134	})
e2e22e40 C	135	})
e2e22e40 C	136
84c8d986 C	137	it('Should fail with a private video without token', async function () {
	138	await makeGetRequest({
	139	url: server.url,
	140	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
	141	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
	142	})
	143	})
	144
	145	it('Should fail with another user token', async function () {
	146	await makeGetRequest({
	147	url: server.url,
	148	token: userAccessToken,
	149	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
	150	expectedStatus: HttpStatusCode.FORBIDDEN_403
	151	})
	152	})
	153
e2e22e40	154	it('Should success with the correct params', async function () {
84c8d986 C	155	await makeGetRequest({
	156	url: server.url,
	157	token: server.accessToken,
	158	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
	159	expectedStatus: HttpStatusCode.OK_200
	160	})
	161
11ba2ab3 C	162	await makeGetRequest({
11ba2ab3 C	163	url: server.url,
d4a8e7a6	164	path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
c0e8b12e	165	expectedStatus: HttpStatusCode.OK_200
11ba2ab3	166	})
e2e22e40 C	167	})
	168	})
	169
	170	describe('When adding a video thread', function () {
	171
	172	it('Should fail with a non authenticated user', async function () {
	173	const fields = {
	174	text: 'text'
	175	}
2d53be02 RK	176	await makePostBodyRequest({
	177	url: server.url,
	178	path: pathThread,
	179	token: 'none',
	180	fields,
c0e8b12e	181	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
2d53be02	182	})
e2e22e40 C	183	})
	184
	185	it('Should fail with nothing', async function () {
	186	const fields = {}
	187	await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
	188	})
	189
	190	it('Should fail with a short comment', async function () {
	191	const fields = {
53eb90c0	192	text: ''
e2e22e40 C	193	}
	194	await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
	195	})
	196
	197	it('Should fail with a long comment', async function () {
	198	const fields = {
298b3fd3	199	text: 'h'.repeat(10001)
e2e22e40 C	200	}
	201	await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
	202	})
	203
	204	it('Should fail with an incorrect video', async function () {
	205	const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
	206	const fields = {
	207	text: 'super comment'
	208	}
2d53be02 RK	209	await makePostBodyRequest({
	210	url: server.url,
	211	path,
	212	token: server.accessToken,
	213	fields,
c0e8b12e	214	expectedStatus: HttpStatusCode.NOT_FOUND_404
2d53be02	215	})
e2e22e40 C	216	})
	217
	218	it('Should succeed with the correct parameters', async function () {
	219	const fields = {
	220	text: 'super comment'
	221	}
2d53be02 RK	222	await makePostBodyRequest({
	223	url: server.url,
	224	path: pathThread,
	225	token: server.accessToken,
	226	fields,
c0e8b12e	227	expectedStatus: HttpStatusCode.OK_200
2d53be02	228	})
e2e22e40 C	229	})
	230	})
	231
	232	describe('When adding a comment to a thread', function () {
	233	it('Should fail with a non authenticated user', async function () {
	234	const fields = {
	235	text: 'text'
	236	}
2d53be02 RK	237	await makePostBodyRequest({
	238	url: server.url,
	239	path: pathComment,
	240	token: 'none',
	241	fields,
c0e8b12e	242	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
2d53be02	243	})
e2e22e40 C	244	})
	245
	246	it('Should fail with nothing', async function () {
	247	const fields = {}
	248	await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
	249	})
	250
	251	it('Should fail with a short comment', async function () {
	252	const fields = {
53eb90c0	253	text: ''
e2e22e40 C	254	}
	255	await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
	256	})
	257
	258	it('Should fail with a long comment', async function () {
	259	const fields = {
298b3fd3	260	text: 'h'.repeat(10001)
e2e22e40 C	261	}
	262	await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
	263	})
	264
	265	it('Should fail with an incorrect video', async function () {
	266	const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
	267	const fields = {
	268	text: 'super comment'
	269	}
2d53be02 RK	270	await makePostBodyRequest({
	271	url: server.url,
	272	path,
	273	token: server.accessToken,
	274	fields,
c0e8b12e	275	expectedStatus: HttpStatusCode.NOT_FOUND_404
2d53be02	276	})
e2e22e40 C	277	})
	278
	279	it('Should fail with an incorrect comment', async function () {
d4a8e7a6	280	const path = '/api/v1/videos/' + video.uuid + '/comments/124'
e2e22e40 C	281	const fields = {
	282	text: 'super comment'
	283	}
2d53be02 RK	284	await makePostBodyRequest({
	285	url: server.url,
	286	path,
	287	token: server.accessToken,
	288	fields,
c0e8b12e	289	expectedStatus: HttpStatusCode.NOT_FOUND_404
2d53be02	290	})
e2e22e40 C	291	})
	292
	293	it('Should succeed with the correct parameters', async function () {
	294	const fields = {
	295	text: 'super comment'
	296	}
2d53be02 RK	297	await makePostBodyRequest({
	298	url: server.url,
	299	path: pathComment,
	300	token: server.accessToken,
	301	fields,
c0e8b12e	302	expectedStatus: HttpStatusCode.OK_200
2d53be02	303	})
e2e22e40 C	304	})
	305	})
	306
4cb6d457 C	307	describe('When removing video comments', function () {
4cb6d457 C	308	it('Should fail with a non authenticated user', async function () {
c0e8b12e	309	await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
4cb6d457 C	310	})
	311
	312	it('Should fail with another user', async function () {
2d53be02 RK	313	await makeDeleteRequest({
	314	url: server.url,
	315	path: pathComment,
	316	token: userAccessToken,
c0e8b12e	317	expectedStatus: HttpStatusCode.FORBIDDEN_403
2d53be02	318	})
4cb6d457 C	319	})
	320
	321	it('Should fail with an incorrect video', async function () {
	322	const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
c0e8b12e	323	await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
4cb6d457 C	324	})
	325
	326	it('Should fail with an incorrect comment', async function () {
d4a8e7a6	327	const path = '/api/v1/videos/' + video.uuid + '/comments/124'
c0e8b12e	328	await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
4cb6d457 C	329	})
4cb6d457 C	330
fde37dc9 C	331	it('Should succeed with the same user', async function () {
	332	let commentToDelete: number
	333
	334	{
89d241a7	335	const created = await server.comments.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
12edc149	336	commentToDelete = created.id
fde37dc9 C	337	}
fde37dc9 C	338
d4a8e7a6	339	const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
fde37dc9	340
c0e8b12e C	341	await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
c0e8b12e C	342	await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
fde37dc9 C	343	})
	344
	345	it('Should succeed with the owner of the video', async function () {
	346	let commentToDelete: number
	347	let anotherVideoUUID: string
	348
	349	{
89d241a7	350	const { uuid } = await server.videos.upload({ token: userAccessToken, attributes: { name: 'video' } })
d23dd9fb	351	anotherVideoUUID = uuid
fde37dc9 C	352	}
	353
	354	{
89d241a7	355	const created = await server.comments.createThread({ videoId: anotherVideoUUID, text: 'hello' })
12edc149	356	commentToDelete = created.id
fde37dc9 C	357	}
	358
	359	const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
	360
c0e8b12e C	361	await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
c0e8b12e C	362	await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
fde37dc9 C	363	})
fde37dc9 C	364
4cb6d457	365	it('Should succeed with the correct parameters', async function () {
2d53be02 RK	366	await makeDeleteRequest({
	367	url: server.url,
	368	path: pathComment,
	369	token: server.accessToken,
c0e8b12e	370	expectedStatus: HttpStatusCode.NO_CONTENT_204
2d53be02	371	})
4cb6d457 C	372	})
	373	})
	374
47564bbe C	375	describe('When a video has comments disabled', function () {
47564bbe C	376	before(async function () {
89d241a7	377	video = await server.videos.upload({ attributes: { commentsEnabled: false } })
d4a8e7a6	378	pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
47564bbe C	379	})
	380
	381	it('Should return an empty thread list', async function () {
	382	const res = await makeGetRequest({
	383	url: server.url,
	384	path: pathThread,
c0e8b12e	385	expectedStatus: HttpStatusCode.OK_200
47564bbe C	386	})
	387	expect(res.body.total).to.equal(0)
	388	expect(res.body.data).to.have.lengthOf(0)
	389	})
	390
	391	it('Should return an thread comments list')
	392
	393	it('Should return conflict on thread add', async function () {
	394	const fields = {
	395	text: 'super comment'
	396	}
2d53be02 RK	397	await makePostBodyRequest({
	398	url: server.url,
	399	path: pathThread,
	400	token: server.accessToken,
	401	fields,
c0e8b12e	402	expectedStatus: HttpStatusCode.CONFLICT_409
2d53be02	403	})
47564bbe C	404	})
	405
	406	it('Should return conflict on comment thread add')
	407	})
	408
f1273314 C	409	describe('When listing admin comments threads', function () {
	410	const path = '/api/v1/videos/comments'
	411
	412	it('Should fail with a bad start pagination', async function () {
	413	await checkBadStartPagination(server.url, path, server.accessToken)
	414	})
	415
	416	it('Should fail with a bad count pagination', async function () {
	417	await checkBadCountPagination(server.url, path, server.accessToken)
	418	})
	419
	420	it('Should fail with an incorrect sort', async function () {
	421	await checkBadSortPagination(server.url, path, server.accessToken)
	422	})
	423
	424	it('Should fail with a non authenticated user', async function () {
	425	await makeGetRequest({
	426	url: server.url,
	427	path,
c0e8b12e	428	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
f1273314 C	429	})
	430	})
	431
	432	it('Should fail with a non admin user', async function () {
	433	await makeGetRequest({
	434	url: server.url,
	435	path,
	436	token: userAccessToken,
c0e8b12e	437	expectedStatus: HttpStatusCode.FORBIDDEN_403
f1273314 C	438	})
	439	})
	440
	441	it('Should succeed with the correct params', async function () {
	442	await makeGetRequest({
	443	url: server.url,
	444	path,
	445	token: server.accessToken,
	446	query: {
	447	isLocal: false,
	448	search: 'toto',
	449	searchAccount: 'toto',
	450	searchVideo: 'toto'
	451	},
c0e8b12e	452	expectedStatus: HttpStatusCode.OK_200
f1273314 C	453	})
	454	})
	455	})
	456
7c3b7976 C	457	after(async function () {
7c3b7976 C	458	await cleanupTests([ server ])
e2e22e40 C	459	})
e2e22e40 C	460	})