1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
5 import { AbuseCreate, AbuseState, HttpStatusCode } from '@shared/models'
14 setAccessTokensToServers,
16 } from '@shared/server-commands'
18 describe('Test abuses API validators', function () {
19 const basePath = '/api/v1/abuses/'
21 let server: PeerTubeServer
28 let command: AbusesCommand
30 // ---------------------------------------------------------------
32 before(async function () {
35 server = await createSingleServer(1)
37 await setAccessTokensToServers([ server ])
39 userToken = await server.users.generateUserAndToken('user_1')
40 userToken2 = await server.users.generateUserAndToken('user_2')
42 server.store.videoCreated = await server.videos.upload()
44 command = server.abuses
47 describe('When listing abuses for admins', function () {
50 it('Should fail with a bad start pagination', async function () {
51 await checkBadStartPagination(server.url, path, server.accessToken)
54 it('Should fail with a bad count pagination', async function () {
55 await checkBadCountPagination(server.url, path, server.accessToken)
58 it('Should fail with an incorrect sort', async function () {
59 await checkBadSortPagination(server.url, path, server.accessToken)
62 it('Should fail with a non authenticated user', async function () {
63 await makeGetRequest({
66 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
70 it('Should fail with a non admin user', async function () {
71 await makeGetRequest({
75 expectedStatus: HttpStatusCode.FORBIDDEN_403
79 it('Should fail with a bad id filter', async function () {
80 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
83 it('Should fail with a bad filter', async function () {
84 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
85 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
88 it('Should fail with bad predefined reason', async function () {
89 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
92 it('Should fail with a bad state filter', async function () {
93 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
94 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
97 it('Should fail with a bad videoIs filter', async function () {
98 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
101 it('Should succeed with the correct params', async function () {
104 predefinedReason: 'violentOrRepulsive',
110 await makeGetRequest({ url: server.url, path, token: server.accessToken, query, expectedStatus: HttpStatusCode.OK_200 })
114 describe('When listing abuses for users', function () {
115 const path = '/api/v1/users/me/abuses'
117 it('Should fail with a bad start pagination', async function () {
118 await checkBadStartPagination(server.url, path, userToken)
121 it('Should fail with a bad count pagination', async function () {
122 await checkBadCountPagination(server.url, path, userToken)
125 it('Should fail with an incorrect sort', async function () {
126 await checkBadSortPagination(server.url, path, userToken)
129 it('Should fail with a non authenticated user', async function () {
130 await makeGetRequest({
133 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
137 it('Should fail with a bad id filter', async function () {
138 await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
141 it('Should fail with a bad state filter', async function () {
142 await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
143 await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
146 it('Should succeed with the correct params', async function () {
152 await makeGetRequest({ url: server.url, path, token: userToken, query, expectedStatus: HttpStatusCode.OK_200 })
156 describe('When reporting an abuse', function () {
157 const path = basePath
159 it('Should fail with nothing', async function () {
161 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
164 it('Should fail with a wrong video', async function () {
165 const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
166 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
169 it('Should fail with an unknown video', async function () {
170 const fields = { video: { id: 42 }, reason: 'my super reason' }
171 await makePostBodyRequest({
176 expectedStatus: HttpStatusCode.NOT_FOUND_404
180 it('Should fail with a wrong comment', async function () {
181 const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
182 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
185 it('Should fail with an unknown comment', async function () {
186 const fields = { comment: { id: 42 }, reason: 'my super reason' }
187 await makePostBodyRequest({
192 expectedStatus: HttpStatusCode.NOT_FOUND_404
196 it('Should fail with a wrong account', async function () {
197 const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
198 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
201 it('Should fail with an unknown account', async function () {
202 const fields = { account: { id: 42 }, reason: 'my super reason' }
203 await makePostBodyRequest({
208 expectedStatus: HttpStatusCode.NOT_FOUND_404
212 it('Should fail with not account, comment or video', async function () {
213 const fields = { reason: 'my super reason' }
214 await makePostBodyRequest({
219 expectedStatus: HttpStatusCode.BAD_REQUEST_400
223 it('Should fail with a non authenticated user', async function () {
224 const fields = { video: { id: server.store.videoCreated.id }, reason: 'my super reason' }
226 await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
229 it('Should fail with a reason too short', async function () {
230 const fields = { video: { id: server.store.videoCreated.id }, reason: 'h' }
232 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
235 it('Should fail with a too big reason', async function () {
236 const fields = { video: { id: server.store.videoCreated.id }, reason: 'super'.repeat(605) }
238 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
241 it('Should succeed with the correct parameters (basic)', async function () {
242 const fields: AbuseCreate = { video: { id: server.store.videoCreated.shortUUID }, reason: 'my super reason' }
244 const res = await makePostBodyRequest({
249 expectedStatus: HttpStatusCode.OK_200
251 abuseId = res.body.abuse.id
254 it('Should fail with a wrong predefined reason', async function () {
255 const fields = { video: server.store.videoCreated, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
257 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
260 it('Should fail with negative timestamps', async function () {
261 const fields = { video: { id: server.store.videoCreated.id, startAt: -1 }, reason: 'my super reason' }
263 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
266 it('Should fail mith misordered startAt/endAt', async function () {
267 const fields = { video: { id: server.store.videoCreated.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
269 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
272 it('Should succeed with the correct parameters (advanced)', async function () {
273 const fields: AbuseCreate = {
275 id: server.store.videoCreated.id,
279 reason: 'my super reason',
280 predefinedReasons: [ 'serverRules' ]
283 await makePostBodyRequest({ url: server.url, path, token: userToken, fields, expectedStatus: HttpStatusCode.OK_200 })
287 describe('When updating an abuse', function () {
289 it('Should fail with a non authenticated user', async function () {
290 await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
293 it('Should fail with a non admin user', async function () {
294 await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
297 it('Should fail with a bad abuse id', async function () {
298 await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
301 it('Should fail with a bad state', async function () {
302 const body = { state: 5 }
303 await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
306 it('Should fail with a bad moderation comment', async function () {
307 const body = { moderationComment: 'b'.repeat(3001) }
308 await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
311 it('Should succeed with the correct params', async function () {
312 const body = { state: AbuseState.ACCEPTED }
313 await command.update({ abuseId, body })
317 describe('When creating an abuse message', function () {
318 const message = 'my super message'
320 it('Should fail with an invalid abuse id', async function () {
321 await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
324 it('Should fail with a non authenticated user', async function () {
325 await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
328 it('Should fail with an invalid logged in user', async function () {
329 await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
332 it('Should fail with an invalid message', async function () {
333 await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
336 it('Should succeed with the correct params', async function () {
337 const res = await command.addMessage({ token: userToken, abuseId, message })
338 messageId = res.body.abuseMessage.id
342 describe('When listing abuse messages', function () {
344 it('Should fail with an invalid abuse id', async function () {
345 await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
348 it('Should fail with a non authenticated user', async function () {
349 await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
352 it('Should fail with an invalid logged in user', async function () {
353 await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
356 it('Should succeed with the correct params', async function () {
357 await command.listMessages({ token: userToken, abuseId })
361 describe('When deleting an abuse message', function () {
362 it('Should fail with an invalid abuse id', async function () {
363 await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
366 it('Should fail with an invalid message id', async function () {
367 await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
370 it('Should fail with a non authenticated user', async function () {
371 await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
374 it('Should fail with an invalid logged in user', async function () {
375 await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
378 it('Should succeed with the correct params', async function () {
379 await command.deleteMessage({ token: userToken, abuseId, messageId })
383 describe('When deleting a video abuse', function () {
385 it('Should fail with a non authenticated user', async function () {
386 await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
389 it('Should fail with a non admin user', async function () {
390 await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
393 it('Should fail with a bad abuse id', async function () {
394 await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
397 it('Should succeed with the correct params', async function () {
398 await command.delete({ abuseId })
402 describe('When trying to manage messages of a remote abuse', function () {
403 let remoteAbuseId: number
404 let anotherServer: PeerTubeServer
406 before(async function () {
409 anotherServer = await createSingleServer(2)
410 await setAccessTokensToServers([ anotherServer ])
412 await doubleFollow(anotherServer, server)
414 const server2VideoId = await anotherServer.videos.getId({ uuid: server.store.videoCreated.uuid })
415 await anotherServer.abuses.report({ reason: 'remote server', videoId: server2VideoId })
417 await waitJobs([ server, anotherServer ])
419 const body = await command.getAdminList({ sort: '-createdAt' })
420 remoteAbuseId = body.data[0].id
423 it('Should fail when listing abuse messages of a remote abuse', async function () {
424 await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
427 it('Should fail when creating abuse message of a remote abuse', async function () {
428 await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
431 after(async function () {
432 await cleanupTests([ anotherServer ])
436 after(async function () {
437 await cleanupTests([ server ])