1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
6 checkBadCountPagination,
7 checkBadSortPagination,
8 checkBadStartPagination,
15 setAccessTokensToServers,
17 } from '@shared/server-commands'
18 import { AbuseCreate, AbuseState, HttpStatusCode } from '@shared/models'
20 describe('Test abuses API validators', function () {
21 const basePath = '/api/v1/abuses/'
23 let server: PeerTubeServer
30 let command: AbusesCommand
32 // ---------------------------------------------------------------
34 before(async function () {
37 server = await createSingleServer(1)
39 await setAccessTokensToServers([ server ])
41 userToken = await server.users.generateUserAndToken('user_1')
42 userToken2 = await server.users.generateUserAndToken('user_2')
44 server.store.videoCreated = await server.videos.upload()
46 command = server.abuses
49 describe('When listing abuses for admins', function () {
52 it('Should fail with a bad start pagination', async function () {
53 await checkBadStartPagination(server.url, path, server.accessToken)
56 it('Should fail with a bad count pagination', async function () {
57 await checkBadCountPagination(server.url, path, server.accessToken)
60 it('Should fail with an incorrect sort', async function () {
61 await checkBadSortPagination(server.url, path, server.accessToken)
64 it('Should fail with a non authenticated user', async function () {
65 await makeGetRequest({
68 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
72 it('Should fail with a non admin user', async function () {
73 await makeGetRequest({
77 expectedStatus: HttpStatusCode.FORBIDDEN_403
81 it('Should fail with a bad id filter', async function () {
82 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
85 it('Should fail with a bad filter', async function () {
86 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
87 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
90 it('Should fail with bad predefined reason', async function () {
91 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
94 it('Should fail with a bad state filter', async function () {
95 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
96 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
99 it('Should fail with a bad videoIs filter', async function () {
100 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
103 it('Should succeed with the correct params', async function () {
106 predefinedReason: 'violentOrRepulsive',
112 await makeGetRequest({ url: server.url, path, token: server.accessToken, query, expectedStatus: HttpStatusCode.OK_200 })
116 describe('When listing abuses for users', function () {
117 const path = '/api/v1/users/me/abuses'
119 it('Should fail with a bad start pagination', async function () {
120 await checkBadStartPagination(server.url, path, userToken)
123 it('Should fail with a bad count pagination', async function () {
124 await checkBadCountPagination(server.url, path, userToken)
127 it('Should fail with an incorrect sort', async function () {
128 await checkBadSortPagination(server.url, path, userToken)
131 it('Should fail with a non authenticated user', async function () {
132 await makeGetRequest({
135 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
139 it('Should fail with a bad id filter', async function () {
140 await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
143 it('Should fail with a bad state filter', async function () {
144 await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
145 await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
148 it('Should succeed with the correct params', async function () {
154 await makeGetRequest({ url: server.url, path, token: userToken, query, expectedStatus: HttpStatusCode.OK_200 })
158 describe('When reporting an abuse', function () {
159 const path = basePath
161 it('Should fail with nothing', async function () {
163 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
166 it('Should fail with a wrong video', async function () {
167 const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
168 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
171 it('Should fail with an unknown video', async function () {
172 const fields = { video: { id: 42 }, reason: 'my super reason' }
173 await makePostBodyRequest({
178 expectedStatus: HttpStatusCode.NOT_FOUND_404
182 it('Should fail with a wrong comment', async function () {
183 const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
184 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
187 it('Should fail with an unknown comment', async function () {
188 const fields = { comment: { id: 42 }, reason: 'my super reason' }
189 await makePostBodyRequest({
194 expectedStatus: HttpStatusCode.NOT_FOUND_404
198 it('Should fail with a wrong account', async function () {
199 const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
200 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
203 it('Should fail with an unknown account', async function () {
204 const fields = { account: { id: 42 }, reason: 'my super reason' }
205 await makePostBodyRequest({
210 expectedStatus: HttpStatusCode.NOT_FOUND_404
214 it('Should fail with not account, comment or video', async function () {
215 const fields = { reason: 'my super reason' }
216 await makePostBodyRequest({
221 expectedStatus: HttpStatusCode.BAD_REQUEST_400
225 it('Should fail with a non authenticated user', async function () {
226 const fields = { video: { id: server.store.videoCreated.id }, reason: 'my super reason' }
228 await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
231 it('Should fail with a reason too short', async function () {
232 const fields = { video: { id: server.store.videoCreated.id }, reason: 'h' }
234 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
237 it('Should fail with a too big reason', async function () {
238 const fields = { video: { id: server.store.videoCreated.id }, reason: 'super'.repeat(605) }
240 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
243 it('Should succeed with the correct parameters (basic)', async function () {
244 const fields: AbuseCreate = { video: { id: server.store.videoCreated.shortUUID }, reason: 'my super reason' }
246 const res = await makePostBodyRequest({
251 expectedStatus: HttpStatusCode.OK_200
253 abuseId = res.body.abuse.id
256 it('Should fail with a wrong predefined reason', async function () {
257 const fields = { video: server.store.videoCreated, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
259 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
262 it('Should fail with negative timestamps', async function () {
263 const fields = { video: { id: server.store.videoCreated.id, startAt: -1 }, reason: 'my super reason' }
265 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
268 it('Should fail mith misordered startAt/endAt', async function () {
269 const fields = { video: { id: server.store.videoCreated.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
271 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
274 it('Should succeed with the corret parameters (advanced)', async function () {
275 const fields: AbuseCreate = {
277 id: server.store.videoCreated.id,
281 reason: 'my super reason',
282 predefinedReasons: [ 'serverRules' ]
285 await makePostBodyRequest({ url: server.url, path, token: userToken, fields, expectedStatus: HttpStatusCode.OK_200 })
289 describe('When updating an abuse', function () {
291 it('Should fail with a non authenticated user', async function () {
292 await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
295 it('Should fail with a non admin user', async function () {
296 await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
299 it('Should fail with a bad abuse id', async function () {
300 await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
303 it('Should fail with a bad state', async function () {
304 const body = { state: 5 }
305 await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
308 it('Should fail with a bad moderation comment', async function () {
309 const body = { moderationComment: 'b'.repeat(3001) }
310 await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
313 it('Should succeed with the correct params', async function () {
314 const body = { state: AbuseState.ACCEPTED }
315 await command.update({ abuseId, body })
319 describe('When creating an abuse message', function () {
320 const message = 'my super message'
322 it('Should fail with an invalid abuse id', async function () {
323 await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
326 it('Should fail with a non authenticated user', async function () {
327 await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
330 it('Should fail with an invalid logged in user', async function () {
331 await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
334 it('Should fail with an invalid message', async function () {
335 await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
338 it('Should suceed with the correct params', async function () {
339 const res = await command.addMessage({ token: userToken, abuseId, message })
340 messageId = res.body.abuseMessage.id
344 describe('When listing abuse messages', function () {
346 it('Should fail with an invalid abuse id', async function () {
347 await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
350 it('Should fail with a non authenticated user', async function () {
351 await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
354 it('Should fail with an invalid logged in user', async function () {
355 await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
358 it('Should succeed with the correct params', async function () {
359 await command.listMessages({ token: userToken, abuseId })
363 describe('When deleting an abuse message', function () {
364 it('Should fail with an invalid abuse id', async function () {
365 await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
368 it('Should fail with an invalid message id', async function () {
369 await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
372 it('Should fail with a non authenticated user', async function () {
373 await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
376 it('Should fail with an invalid logged in user', async function () {
377 await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
380 it('Should succeed with the correct params', async function () {
381 await command.deleteMessage({ token: userToken, abuseId, messageId })
385 describe('When deleting a video abuse', function () {
387 it('Should fail with a non authenticated user', async function () {
388 await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
391 it('Should fail with a non admin user', async function () {
392 await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
395 it('Should fail with a bad abuse id', async function () {
396 await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
399 it('Should succeed with the correct params', async function () {
400 await command.delete({ abuseId })
404 describe('When trying to manage messages of a remote abuse', function () {
405 let remoteAbuseId: number
406 let anotherServer: PeerTubeServer
408 before(async function () {
411 anotherServer = await createSingleServer(2)
412 await setAccessTokensToServers([ anotherServer ])
414 await doubleFollow(anotherServer, server)
416 const server2VideoId = await anotherServer.videos.getId({ uuid: server.store.videoCreated.uuid })
417 await anotherServer.abuses.report({ reason: 'remote server', videoId: server2VideoId })
419 await waitJobs([ server, anotherServer ])
421 const body = await command.getAdminList({ sort: '-createdAt' })
422 remoteAbuseId = body.data[0].id
425 it('Should fail when listing abuse messages of a remote abuse', async function () {
426 await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
429 it('Should fail when creating abuse message of a remote abuse', async function () {
430 await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
433 after(async function () {
434 await cleanupTests([ anotherServer ])
438 after(async function () {
439 await cleanupTests([ server ])