1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import { HttpStatusCode } from '@shared/core-utils'
7 checkBadCountPagination,
8 checkBadSortPagination,
9 checkBadStartPagination,
14 generateUserAccessToken,
19 setAccessTokensToServers,
22 } from '@shared/extra-utils'
23 import { AbuseCreate, AbuseState } from '@shared/models'
25 describe('Test abuses API validators', function () {
26 const basePath = '/api/v1/abuses/'
28 let server: ServerInfo
35 let command: AbusesCommand
37 // ---------------------------------------------------------------
39 before(async function () {
42 server = await flushAndRunServer(1)
44 await setAccessTokensToServers([ server ])
46 const username = 'user1'
47 const password = 'my super password'
48 await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
49 userToken = await server.loginCommand.getAccessToken({ username, password })
51 userToken2 = await generateUserAccessToken(server, 'user_2')
53 const res = await uploadVideo(server.url, server.accessToken, {})
54 server.video = res.body.video
56 command = server.abusesCommand
59 describe('When listing abuses for admins', function () {
62 it('Should fail with a bad start pagination', async function () {
63 await checkBadStartPagination(server.url, path, server.accessToken)
66 it('Should fail with a bad count pagination', async function () {
67 await checkBadCountPagination(server.url, path, server.accessToken)
70 it('Should fail with an incorrect sort', async function () {
71 await checkBadSortPagination(server.url, path, server.accessToken)
74 it('Should fail with a non authenticated user', async function () {
75 await makeGetRequest({
78 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
82 it('Should fail with a non admin user', async function () {
83 await makeGetRequest({
87 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
91 it('Should fail with a bad id filter', async function () {
92 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
95 it('Should fail with a bad filter', async function () {
96 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
97 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
100 it('Should fail with bad predefined reason', async function () {
101 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
104 it('Should fail with a bad state filter', async function () {
105 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
106 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
109 it('Should fail with a bad videoIs filter', async function () {
110 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
113 it('Should succeed with the correct params', async function () {
116 predefinedReason: 'violentOrRepulsive',
122 await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
126 describe('When listing abuses for users', function () {
127 const path = '/api/v1/users/me/abuses'
129 it('Should fail with a bad start pagination', async function () {
130 await checkBadStartPagination(server.url, path, userToken)
133 it('Should fail with a bad count pagination', async function () {
134 await checkBadCountPagination(server.url, path, userToken)
137 it('Should fail with an incorrect sort', async function () {
138 await checkBadSortPagination(server.url, path, userToken)
141 it('Should fail with a non authenticated user', async function () {
142 await makeGetRequest({
145 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
149 it('Should fail with a bad id filter', async function () {
150 await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
153 it('Should fail with a bad state filter', async function () {
154 await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
155 await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
158 it('Should succeed with the correct params', async function () {
164 await makeGetRequest({ url: server.url, path, token: userToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
168 describe('When reporting an abuse', function () {
169 const path = basePath
171 it('Should fail with nothing', async function () {
173 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
176 it('Should fail with a wrong video', async function () {
177 const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
178 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
181 it('Should fail with an unknown video', async function () {
182 const fields = { video: { id: 42 }, reason: 'my super reason' }
183 await makePostBodyRequest({
188 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
192 it('Should fail with a wrong comment', async function () {
193 const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
194 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
197 it('Should fail with an unknown comment', async function () {
198 const fields = { comment: { id: 42 }, reason: 'my super reason' }
199 await makePostBodyRequest({
204 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
208 it('Should fail with a wrong account', async function () {
209 const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
210 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
213 it('Should fail with an unknown account', async function () {
214 const fields = { account: { id: 42 }, reason: 'my super reason' }
215 await makePostBodyRequest({
220 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
224 it('Should fail with not account, comment or video', async function () {
225 const fields = { reason: 'my super reason' }
226 await makePostBodyRequest({
231 statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
235 it('Should fail with a non authenticated user', async function () {
236 const fields = { video: { id: server.video.id }, reason: 'my super reason' }
238 await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
241 it('Should fail with a reason too short', async function () {
242 const fields = { video: { id: server.video.id }, reason: 'h' }
244 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
247 it('Should fail with a too big reason', async function () {
248 const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
250 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
253 it('Should succeed with the correct parameters (basic)', async function () {
254 const fields: AbuseCreate = { video: { id: server.video.shortUUID }, reason: 'my super reason' }
256 const res = await makePostBodyRequest({
261 statusCodeExpected: HttpStatusCode.OK_200
263 abuseId = res.body.abuse.id
266 it('Should fail with a wrong predefined reason', async function () {
267 const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
269 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
272 it('Should fail with negative timestamps', async function () {
273 const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
275 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
278 it('Should fail mith misordered startAt/endAt', async function () {
279 const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
281 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
284 it('Should succeed with the corret parameters (advanced)', async function () {
285 const fields: AbuseCreate = {
291 reason: 'my super reason',
292 predefinedReasons: [ 'serverRules' ]
295 await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
299 describe('When updating an abuse', function () {
301 it('Should fail with a non authenticated user', async function () {
302 await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
305 it('Should fail with a non admin user', async function () {
306 await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
309 it('Should fail with a bad abuse id', async function () {
310 await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
313 it('Should fail with a bad state', async function () {
314 const body = { state: 5 }
315 await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
318 it('Should fail with a bad moderation comment', async function () {
319 const body = { moderationComment: 'b'.repeat(3001) }
320 await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
323 it('Should succeed with the correct params', async function () {
324 const body = { state: AbuseState.ACCEPTED }
325 await command.update({ abuseId, body })
329 describe('When creating an abuse message', function () {
330 const message = 'my super message'
332 it('Should fail with an invalid abuse id', async function () {
333 await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
336 it('Should fail with a non authenticated user', async function () {
337 await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
340 it('Should fail with an invalid logged in user', async function () {
341 await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
344 it('Should fail with an invalid message', async function () {
345 await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
348 it('Should suceed with the correct params', async function () {
349 const res = await command.addMessage({ token: userToken, abuseId, message })
350 messageId = res.body.abuseMessage.id
354 describe('When listing abuse messages', function () {
356 it('Should fail with an invalid abuse id', async function () {
357 await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
360 it('Should fail with a non authenticated user', async function () {
361 await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
364 it('Should fail with an invalid logged in user', async function () {
365 await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
368 it('Should succeed with the correct params', async function () {
369 await command.listMessages({ token: userToken, abuseId })
373 describe('When deleting an abuse message', function () {
374 it('Should fail with an invalid abuse id', async function () {
375 await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
378 it('Should fail with an invalid message id', async function () {
379 await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
382 it('Should fail with a non authenticated user', async function () {
383 await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
386 it('Should fail with an invalid logged in user', async function () {
387 await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
390 it('Should succeed with the correct params', async function () {
391 await command.deleteMessage({ token: userToken, abuseId, messageId })
395 describe('When deleting a video abuse', function () {
397 it('Should fail with a non authenticated user', async function () {
398 await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
401 it('Should fail with a non admin user', async function () {
402 await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
405 it('Should fail with a bad abuse id', async function () {
406 await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
409 it('Should succeed with the correct params', async function () {
410 await command.delete({ abuseId })
414 describe('When trying to manage messages of a remote abuse', function () {
415 let remoteAbuseId: number
416 let anotherServer: ServerInfo
418 before(async function () {
421 anotherServer = await flushAndRunServer(2)
422 await setAccessTokensToServers([ anotherServer ])
424 await doubleFollow(anotherServer, server)
426 const server2VideoId = await getVideoIdFromUUID(anotherServer.url, server.video.uuid)
427 await anotherServer.abusesCommand.report({ reason: 'remote server', videoId: server2VideoId })
429 await waitJobs([ server, anotherServer ])
431 const body = await command.getAdminList({ sort: '-createdAt' })
432 remoteAbuseId = body.data[0].id
435 it('Should fail when listing abuse messages of a remote abuse', async function () {
436 await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
439 it('Should fail when creating abuse message of a remote abuse', async function () {
440 await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
443 after(async function () {
444 await cleanupTests([ anotherServer ])
448 after(async function () {
449 await cleanupTests([ server ])