]>
Commit | Line | Data |
---|---|---|
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ | |
2 | ||
3 | import 'mocha' | |
4 | ||
5 | import { | |
6 | cleanupTests, | |
7 | createUser, | |
8 | doubleFollow, | |
9 | flushAndRunMultipleServers, | |
10 | makeDeleteRequest, | |
11 | makeGetRequest, | |
12 | makePostBodyRequest, | |
13 | ServerInfo, | |
14 | setAccessTokensToServers, | |
15 | userLogin | |
16 | } from '../../../../shared/extra-utils' | |
17 | import { | |
18 | checkBadCountPagination, | |
19 | checkBadSortPagination, | |
20 | checkBadStartPagination | |
21 | } from '../../../../shared/extra-utils/requests/check-api-params' | |
22 | import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' | |
23 | ||
24 | describe('Test blocklist API validators', function () { | |
25 | let servers: ServerInfo[] | |
26 | let server: ServerInfo | |
27 | let userAccessToken: string | |
28 | ||
29 | before(async function () { | |
30 | this.timeout(60000) | |
31 | ||
32 | servers = await flushAndRunMultipleServers(2) | |
33 | await setAccessTokensToServers(servers) | |
34 | ||
35 | server = servers[0] | |
36 | ||
37 | const user = { username: 'user1', password: 'password' } | |
38 | await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password }) | |
39 | ||
40 | userAccessToken = await userLogin(server, user) | |
41 | ||
42 | await doubleFollow(servers[0], servers[1]) | |
43 | }) | |
44 | ||
45 | // --------------------------------------------------------------- | |
46 | ||
47 | describe('When managing user blocklist', function () { | |
48 | ||
49 | describe('When managing user accounts blocklist', function () { | |
50 | const path = '/api/v1/users/me/blocklist/accounts' | |
51 | ||
52 | describe('When listing blocked accounts', function () { | |
53 | it('Should fail with an unauthenticated user', async function () { | |
54 | await makeGetRequest({ | |
55 | url: server.url, | |
56 | path, | |
57 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
58 | }) | |
59 | }) | |
60 | ||
61 | it('Should fail with a bad start pagination', async function () { | |
62 | await checkBadStartPagination(server.url, path, server.accessToken) | |
63 | }) | |
64 | ||
65 | it('Should fail with a bad count pagination', async function () { | |
66 | await checkBadCountPagination(server.url, path, server.accessToken) | |
67 | }) | |
68 | ||
69 | it('Should fail with an incorrect sort', async function () { | |
70 | await checkBadSortPagination(server.url, path, server.accessToken) | |
71 | }) | |
72 | }) | |
73 | ||
74 | describe('When blocking an account', function () { | |
75 | it('Should fail with an unauthenticated user', async function () { | |
76 | await makePostBodyRequest({ | |
77 | url: server.url, | |
78 | path, | |
79 | fields: { accountName: 'user1' }, | |
80 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
81 | }) | |
82 | }) | |
83 | ||
84 | it('Should fail with an unknown account', async function () { | |
85 | await makePostBodyRequest({ | |
86 | url: server.url, | |
87 | token: server.accessToken, | |
88 | path, | |
89 | fields: { accountName: 'user2' }, | |
90 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 | |
91 | }) | |
92 | }) | |
93 | ||
94 | it('Should fail to block ourselves', async function () { | |
95 | await makePostBodyRequest({ | |
96 | url: server.url, | |
97 | token: server.accessToken, | |
98 | path, | |
99 | fields: { accountName: 'root' }, | |
100 | statusCodeExpected: HttpStatusCode.CONFLICT_409 | |
101 | }) | |
102 | }) | |
103 | ||
104 | it('Should succeed with the correct params', async function () { | |
105 | await makePostBodyRequest({ | |
106 | url: server.url, | |
107 | token: server.accessToken, | |
108 | path, | |
109 | fields: { accountName: 'user1' }, | |
110 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 | |
111 | }) | |
112 | }) | |
113 | }) | |
114 | ||
115 | describe('When unblocking an account', function () { | |
116 | it('Should fail with an unauthenticated user', async function () { | |
117 | await makeDeleteRequest({ | |
118 | url: server.url, | |
119 | path: path + '/user1', | |
120 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
121 | }) | |
122 | }) | |
123 | ||
124 | it('Should fail with an unknown account block', async function () { | |
125 | await makeDeleteRequest({ | |
126 | url: server.url, | |
127 | path: path + '/user2', | |
128 | token: server.accessToken, | |
129 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 | |
130 | }) | |
131 | }) | |
132 | ||
133 | it('Should succeed with the correct params', async function () { | |
134 | await makeDeleteRequest({ | |
135 | url: server.url, | |
136 | path: path + '/user1', | |
137 | token: server.accessToken, | |
138 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 | |
139 | }) | |
140 | }) | |
141 | }) | |
142 | }) | |
143 | ||
144 | describe('When managing user servers blocklist', function () { | |
145 | const path = '/api/v1/users/me/blocklist/servers' | |
146 | ||
147 | describe('When listing blocked servers', function () { | |
148 | it('Should fail with an unauthenticated user', async function () { | |
149 | await makeGetRequest({ | |
150 | url: server.url, | |
151 | path, | |
152 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
153 | }) | |
154 | }) | |
155 | ||
156 | it('Should fail with a bad start pagination', async function () { | |
157 | await checkBadStartPagination(server.url, path, server.accessToken) | |
158 | }) | |
159 | ||
160 | it('Should fail with a bad count pagination', async function () { | |
161 | await checkBadCountPagination(server.url, path, server.accessToken) | |
162 | }) | |
163 | ||
164 | it('Should fail with an incorrect sort', async function () { | |
165 | await checkBadSortPagination(server.url, path, server.accessToken) | |
166 | }) | |
167 | }) | |
168 | ||
169 | describe('When blocking a server', function () { | |
170 | it('Should fail with an unauthenticated user', async function () { | |
171 | await makePostBodyRequest({ | |
172 | url: server.url, | |
173 | path, | |
174 | fields: { host: 'localhost:9002' }, | |
175 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
176 | }) | |
177 | }) | |
178 | ||
179 | it('Should succeed with an unknown server', async function () { | |
180 | await makePostBodyRequest({ | |
181 | url: server.url, | |
182 | token: server.accessToken, | |
183 | path, | |
184 | fields: { host: 'localhost:9003' }, | |
185 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 | |
186 | }) | |
187 | }) | |
188 | ||
189 | it('Should fail with our own server', async function () { | |
190 | await makePostBodyRequest({ | |
191 | url: server.url, | |
192 | token: server.accessToken, | |
193 | path, | |
194 | fields: { host: 'localhost:' + server.port }, | |
195 | statusCodeExpected: HttpStatusCode.CONFLICT_409 | |
196 | }) | |
197 | }) | |
198 | ||
199 | it('Should succeed with the correct params', async function () { | |
200 | await makePostBodyRequest({ | |
201 | url: server.url, | |
202 | token: server.accessToken, | |
203 | path, | |
204 | fields: { host: 'localhost:' + servers[1].port }, | |
205 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 | |
206 | }) | |
207 | }) | |
208 | }) | |
209 | ||
210 | describe('When unblocking a server', function () { | |
211 | it('Should fail with an unauthenticated user', async function () { | |
212 | await makeDeleteRequest({ | |
213 | url: server.url, | |
214 | path: path + '/localhost:' + servers[1].port, | |
215 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
216 | }) | |
217 | }) | |
218 | ||
219 | it('Should fail with an unknown server block', async function () { | |
220 | await makeDeleteRequest({ | |
221 | url: server.url, | |
222 | path: path + '/localhost:9004', | |
223 | token: server.accessToken, | |
224 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 | |
225 | }) | |
226 | }) | |
227 | ||
228 | it('Should succeed with the correct params', async function () { | |
229 | await makeDeleteRequest({ | |
230 | url: server.url, | |
231 | path: path + '/localhost:' + servers[1].port, | |
232 | token: server.accessToken, | |
233 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 | |
234 | }) | |
235 | }) | |
236 | }) | |
237 | }) | |
238 | }) | |
239 | ||
240 | describe('When managing server blocklist', function () { | |
241 | ||
242 | describe('When managing server accounts blocklist', function () { | |
243 | const path = '/api/v1/server/blocklist/accounts' | |
244 | ||
245 | describe('When listing blocked accounts', function () { | |
246 | it('Should fail with an unauthenticated user', async function () { | |
247 | await makeGetRequest({ | |
248 | url: server.url, | |
249 | path, | |
250 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
251 | }) | |
252 | }) | |
253 | ||
254 | it('Should fail with a user without the appropriate rights', async function () { | |
255 | await makeGetRequest({ | |
256 | url: server.url, | |
257 | token: userAccessToken, | |
258 | path, | |
259 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 | |
260 | }) | |
261 | }) | |
262 | ||
263 | it('Should fail with a bad start pagination', async function () { | |
264 | await checkBadStartPagination(server.url, path, server.accessToken) | |
265 | }) | |
266 | ||
267 | it('Should fail with a bad count pagination', async function () { | |
268 | await checkBadCountPagination(server.url, path, server.accessToken) | |
269 | }) | |
270 | ||
271 | it('Should fail with an incorrect sort', async function () { | |
272 | await checkBadSortPagination(server.url, path, server.accessToken) | |
273 | }) | |
274 | }) | |
275 | ||
276 | describe('When blocking an account', function () { | |
277 | it('Should fail with an unauthenticated user', async function () { | |
278 | await makePostBodyRequest({ | |
279 | url: server.url, | |
280 | path, | |
281 | fields: { accountName: 'user1' }, | |
282 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
283 | }) | |
284 | }) | |
285 | ||
286 | it('Should fail with a user without the appropriate rights', async function () { | |
287 | await makePostBodyRequest({ | |
288 | url: server.url, | |
289 | token: userAccessToken, | |
290 | path, | |
291 | fields: { accountName: 'user1' }, | |
292 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 | |
293 | }) | |
294 | }) | |
295 | ||
296 | it('Should fail with an unknown account', async function () { | |
297 | await makePostBodyRequest({ | |
298 | url: server.url, | |
299 | token: server.accessToken, | |
300 | path, | |
301 | fields: { accountName: 'user2' }, | |
302 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 | |
303 | }) | |
304 | }) | |
305 | ||
306 | it('Should fail to block ourselves', async function () { | |
307 | await makePostBodyRequest({ | |
308 | url: server.url, | |
309 | token: server.accessToken, | |
310 | path, | |
311 | fields: { accountName: 'root' }, | |
312 | statusCodeExpected: HttpStatusCode.CONFLICT_409 | |
313 | }) | |
314 | }) | |
315 | ||
316 | it('Should succeed with the correct params', async function () { | |
317 | await makePostBodyRequest({ | |
318 | url: server.url, | |
319 | token: server.accessToken, | |
320 | path, | |
321 | fields: { accountName: 'user1' }, | |
322 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 | |
323 | }) | |
324 | }) | |
325 | }) | |
326 | ||
327 | describe('When unblocking an account', function () { | |
328 | it('Should fail with an unauthenticated user', async function () { | |
329 | await makeDeleteRequest({ | |
330 | url: server.url, | |
331 | path: path + '/user1', | |
332 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
333 | }) | |
334 | }) | |
335 | ||
336 | it('Should fail with a user without the appropriate rights', async function () { | |
337 | await makeDeleteRequest({ | |
338 | url: server.url, | |
339 | path: path + '/user1', | |
340 | token: userAccessToken, | |
341 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 | |
342 | }) | |
343 | }) | |
344 | ||
345 | it('Should fail with an unknown account block', async function () { | |
346 | await makeDeleteRequest({ | |
347 | url: server.url, | |
348 | path: path + '/user2', | |
349 | token: server.accessToken, | |
350 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 | |
351 | }) | |
352 | }) | |
353 | ||
354 | it('Should succeed with the correct params', async function () { | |
355 | await makeDeleteRequest({ | |
356 | url: server.url, | |
357 | path: path + '/user1', | |
358 | token: server.accessToken, | |
359 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 | |
360 | }) | |
361 | }) | |
362 | }) | |
363 | }) | |
364 | ||
365 | describe('When managing server servers blocklist', function () { | |
366 | const path = '/api/v1/server/blocklist/servers' | |
367 | ||
368 | describe('When listing blocked servers', function () { | |
369 | it('Should fail with an unauthenticated user', async function () { | |
370 | await makeGetRequest({ | |
371 | url: server.url, | |
372 | path, | |
373 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
374 | }) | |
375 | }) | |
376 | ||
377 | it('Should fail with a user without the appropriate rights', async function () { | |
378 | await makeGetRequest({ | |
379 | url: server.url, | |
380 | token: userAccessToken, | |
381 | path, | |
382 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 | |
383 | }) | |
384 | }) | |
385 | ||
386 | it('Should fail with a bad start pagination', async function () { | |
387 | await checkBadStartPagination(server.url, path, server.accessToken) | |
388 | }) | |
389 | ||
390 | it('Should fail with a bad count pagination', async function () { | |
391 | await checkBadCountPagination(server.url, path, server.accessToken) | |
392 | }) | |
393 | ||
394 | it('Should fail with an incorrect sort', async function () { | |
395 | await checkBadSortPagination(server.url, path, server.accessToken) | |
396 | }) | |
397 | }) | |
398 | ||
399 | describe('When blocking a server', function () { | |
400 | it('Should fail with an unauthenticated user', async function () { | |
401 | await makePostBodyRequest({ | |
402 | url: server.url, | |
403 | path, | |
404 | fields: { host: 'localhost:' + servers[1].port }, | |
405 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
406 | }) | |
407 | }) | |
408 | ||
409 | it('Should fail with a user without the appropriate rights', async function () { | |
410 | await makePostBodyRequest({ | |
411 | url: server.url, | |
412 | token: userAccessToken, | |
413 | path, | |
414 | fields: { host: 'localhost:' + servers[1].port }, | |
415 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 | |
416 | }) | |
417 | }) | |
418 | ||
419 | it('Should succeed with an unknown server', async function () { | |
420 | await makePostBodyRequest({ | |
421 | url: server.url, | |
422 | token: server.accessToken, | |
423 | path, | |
424 | fields: { host: 'localhost:9003' }, | |
425 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 | |
426 | }) | |
427 | }) | |
428 | ||
429 | it('Should fail with our own server', async function () { | |
430 | await makePostBodyRequest({ | |
431 | url: server.url, | |
432 | token: server.accessToken, | |
433 | path, | |
434 | fields: { host: 'localhost:' + server.port }, | |
435 | statusCodeExpected: HttpStatusCode.CONFLICT_409 | |
436 | }) | |
437 | }) | |
438 | ||
439 | it('Should succeed with the correct params', async function () { | |
440 | await makePostBodyRequest({ | |
441 | url: server.url, | |
442 | token: server.accessToken, | |
443 | path, | |
444 | fields: { host: 'localhost:' + servers[1].port }, | |
445 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 | |
446 | }) | |
447 | }) | |
448 | }) | |
449 | ||
450 | describe('When unblocking a server', function () { | |
451 | it('Should fail with an unauthenticated user', async function () { | |
452 | await makeDeleteRequest({ | |
453 | url: server.url, | |
454 | path: path + '/localhost:' + servers[1].port, | |
455 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
456 | }) | |
457 | }) | |
458 | ||
459 | it('Should fail with a user without the appropriate rights', async function () { | |
460 | await makeDeleteRequest({ | |
461 | url: server.url, | |
462 | path: path + '/localhost:' + servers[1].port, | |
463 | token: userAccessToken, | |
464 | statusCodeExpected: HttpStatusCode.FORBIDDEN_403 | |
465 | }) | |
466 | }) | |
467 | ||
468 | it('Should fail with an unknown server block', async function () { | |
469 | await makeDeleteRequest({ | |
470 | url: server.url, | |
471 | path: path + '/localhost:9004', | |
472 | token: server.accessToken, | |
473 | statusCodeExpected: HttpStatusCode.NOT_FOUND_404 | |
474 | }) | |
475 | }) | |
476 | ||
477 | it('Should succeed with the correct params', async function () { | |
478 | await makeDeleteRequest({ | |
479 | url: server.url, | |
480 | path: path + '/localhost:' + servers[1].port, | |
481 | token: server.accessToken, | |
482 | statusCodeExpected: HttpStatusCode.NO_CONTENT_204 | |
483 | }) | |
484 | }) | |
485 | }) | |
486 | }) | |
487 | }) | |
488 | ||
489 | after(async function () { | |
490 | await cleanupTests(servers) | |
491 | }) | |
492 | }) |