1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import { HttpStatusCode } from '@shared/core-utils'
7 checkBadCountPagination,
8 checkBadSortPagination,
9 checkBadStartPagination,
16 setAccessTokensToServers,
18 } from '@shared/extra-utils'
19 import { AbuseCreate, AbuseState } from '@shared/models'
21 describe('Test abuses API validators', function () {
22 const basePath = '/api/v1/abuses/'
24 let server: PeerTubeServer
31 let command: AbusesCommand
33 // ---------------------------------------------------------------
35 before(async function () {
38 server = await createSingleServer(1)
40 await setAccessTokensToServers([ server ])
42 userToken = await server.users.generateUserAndToken('user_1')
43 userToken2 = await server.users.generateUserAndToken('user_2')
45 server.store.video = await server.videos.upload()
47 command = server.abuses
50 describe('When listing abuses for admins', function () {
53 it('Should fail with a bad start pagination', async function () {
54 await checkBadStartPagination(server.url, path, server.accessToken)
57 it('Should fail with a bad count pagination', async function () {
58 await checkBadCountPagination(server.url, path, server.accessToken)
61 it('Should fail with an incorrect sort', async function () {
62 await checkBadSortPagination(server.url, path, server.accessToken)
65 it('Should fail with a non authenticated user', async function () {
66 await makeGetRequest({
69 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
73 it('Should fail with a non admin user', async function () {
74 await makeGetRequest({
78 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
82 it('Should fail with a bad id filter', async function () {
83 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
86 it('Should fail with a bad filter', async function () {
87 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
88 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
91 it('Should fail with bad predefined reason', async function () {
92 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
95 it('Should fail with a bad state filter', async function () {
96 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
97 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
100 it('Should fail with a bad videoIs filter', async function () {
101 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
104 it('Should succeed with the correct params', async function () {
107 predefinedReason: 'violentOrRepulsive',
113 await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
117 describe('When listing abuses for users', function () {
118 const path = '/api/v1/users/me/abuses'
120 it('Should fail with a bad start pagination', async function () {
121 await checkBadStartPagination(server.url, path, userToken)
124 it('Should fail with a bad count pagination', async function () {
125 await checkBadCountPagination(server.url, path, userToken)
128 it('Should fail with an incorrect sort', async function () {
129 await checkBadSortPagination(server.url, path, userToken)
132 it('Should fail with a non authenticated user', async function () {
133 await makeGetRequest({
136 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
140 it('Should fail with a bad id filter', async function () {
141 await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
144 it('Should fail with a bad state filter', async function () {
145 await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
146 await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
149 it('Should succeed with the correct params', async function () {
155 await makeGetRequest({ url: server.url, path, token: userToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
159 describe('When reporting an abuse', function () {
160 const path = basePath
162 it('Should fail with nothing', async function () {
164 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
167 it('Should fail with a wrong video', async function () {
168 const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
169 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
172 it('Should fail with an unknown video', async function () {
173 const fields = { video: { id: 42 }, reason: 'my super reason' }
174 await makePostBodyRequest({
179 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
183 it('Should fail with a wrong comment', async function () {
184 const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
185 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
188 it('Should fail with an unknown comment', async function () {
189 const fields = { comment: { id: 42 }, reason: 'my super reason' }
190 await makePostBodyRequest({
195 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
199 it('Should fail with a wrong account', async function () {
200 const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
201 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
204 it('Should fail with an unknown account', async function () {
205 const fields = { account: { id: 42 }, reason: 'my super reason' }
206 await makePostBodyRequest({
211 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
215 it('Should fail with not account, comment or video', async function () {
216 const fields = { reason: 'my super reason' }
217 await makePostBodyRequest({
222 statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
226 it('Should fail with a non authenticated user', async function () {
227 const fields = { video: { id: server.store.video.id }, reason: 'my super reason' }
229 await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
232 it('Should fail with a reason too short', async function () {
233 const fields = { video: { id: server.store.video.id }, reason: 'h' }
235 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
238 it('Should fail with a too big reason', async function () {
239 const fields = { video: { id: server.store.video.id }, reason: 'super'.repeat(605) }
241 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
244 it('Should succeed with the correct parameters (basic)', async function () {
245 const fields: AbuseCreate = { video: { id: server.store.video.shortUUID }, reason: 'my super reason' }
247 const res = await makePostBodyRequest({
252 statusCodeExpected: HttpStatusCode.OK_200
254 abuseId = res.body.abuse.id
257 it('Should fail with a wrong predefined reason', async function () {
258 const fields = { video: { id: server.store.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
260 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
263 it('Should fail with negative timestamps', async function () {
264 const fields = { video: { id: server.store.video.id, startAt: -1 }, reason: 'my super reason' }
266 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
269 it('Should fail mith misordered startAt/endAt', async function () {
270 const fields = { video: { id: server.store.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
272 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
275 it('Should succeed with the corret parameters (advanced)', async function () {
276 const fields: AbuseCreate = {
278 id: server.store.video.id,
282 reason: 'my super reason',
283 predefinedReasons: [ 'serverRules' ]
286 await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
290 describe('When updating an abuse', function () {
292 it('Should fail with a non authenticated user', async function () {
293 await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
296 it('Should fail with a non admin user', async function () {
297 await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
300 it('Should fail with a bad abuse id', async function () {
301 await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
304 it('Should fail with a bad state', async function () {
305 const body = { state: 5 }
306 await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
309 it('Should fail with a bad moderation comment', async function () {
310 const body = { moderationComment: 'b'.repeat(3001) }
311 await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
314 it('Should succeed with the correct params', async function () {
315 const body = { state: AbuseState.ACCEPTED }
316 await command.update({ abuseId, body })
320 describe('When creating an abuse message', function () {
321 const message = 'my super message'
323 it('Should fail with an invalid abuse id', async function () {
324 await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
327 it('Should fail with a non authenticated user', async function () {
328 await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
331 it('Should fail with an invalid logged in user', async function () {
332 await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
335 it('Should fail with an invalid message', async function () {
336 await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
339 it('Should suceed with the correct params', async function () {
340 const res = await command.addMessage({ token: userToken, abuseId, message })
341 messageId = res.body.abuseMessage.id
345 describe('When listing abuse messages', function () {
347 it('Should fail with an invalid abuse id', async function () {
348 await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
351 it('Should fail with a non authenticated user', async function () {
352 await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
355 it('Should fail with an invalid logged in user', async function () {
356 await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
359 it('Should succeed with the correct params', async function () {
360 await command.listMessages({ token: userToken, abuseId })
364 describe('When deleting an abuse message', function () {
365 it('Should fail with an invalid abuse id', async function () {
366 await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
369 it('Should fail with an invalid message id', async function () {
370 await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
373 it('Should fail with a non authenticated user', async function () {
374 await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
377 it('Should fail with an invalid logged in user', async function () {
378 await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
381 it('Should succeed with the correct params', async function () {
382 await command.deleteMessage({ token: userToken, abuseId, messageId })
386 describe('When deleting a video abuse', function () {
388 it('Should fail with a non authenticated user', async function () {
389 await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
392 it('Should fail with a non admin user', async function () {
393 await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
396 it('Should fail with a bad abuse id', async function () {
397 await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
400 it('Should succeed with the correct params', async function () {
401 await command.delete({ abuseId })
405 describe('When trying to manage messages of a remote abuse', function () {
406 let remoteAbuseId: number
407 let anotherServer: PeerTubeServer
409 before(async function () {
412 anotherServer = await createSingleServer(2)
413 await setAccessTokensToServers([ anotherServer ])
415 await doubleFollow(anotherServer, server)
417 const server2VideoId = await anotherServer.videos.getId({ uuid: server.store.video.uuid })
418 await anotherServer.abuses.report({ reason: 'remote server', videoId: server2VideoId })
420 await waitJobs([ server, anotherServer ])
422 const body = await command.getAdminList({ sort: '-createdAt' })
423 remoteAbuseId = body.data[0].id
426 it('Should fail when listing abuse messages of a remote abuse', async function () {
427 await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
430 it('Should fail when creating abuse message of a remote abuse', async function () {
431 await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
434 after(async function () {
435 await cleanupTests([ anotherServer ])
439 after(async function () {
440 await cleanupTests([ server ])