1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import { HttpStatusCode } from '@shared/core-utils'
7 checkBadCountPagination,
8 checkBadSortPagination,
9 checkBadStartPagination,
14 generateUserAccessToken,
19 setAccessTokensToServers,
23 } from '@shared/extra-utils'
24 import { AbuseCreate, AbuseState } from '@shared/models'
26 describe('Test abuses API validators', function () {
27 const basePath = '/api/v1/abuses/'
29 let server: ServerInfo
36 let command: AbusesCommand
38 // ---------------------------------------------------------------
40 before(async function () {
43 server = await flushAndRunServer(1)
45 await setAccessTokensToServers([ server ])
47 const username = 'user1'
48 const password = 'my super password'
49 await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
50 userToken = await userLogin(server, { username, password })
52 userToken2 = await generateUserAccessToken(server, 'user_2')
54 const res = await uploadVideo(server.url, server.accessToken, {})
55 server.video = res.body.video
57 command = server.abusesCommand
60 describe('When listing abuses for admins', function () {
63 it('Should fail with a bad start pagination', async function () {
64 await checkBadStartPagination(server.url, path, server.accessToken)
67 it('Should fail with a bad count pagination', async function () {
68 await checkBadCountPagination(server.url, path, server.accessToken)
71 it('Should fail with an incorrect sort', async function () {
72 await checkBadSortPagination(server.url, path, server.accessToken)
75 it('Should fail with a non authenticated user', async function () {
76 await makeGetRequest({
79 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
83 it('Should fail with a non admin user', async function () {
84 await makeGetRequest({
88 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
92 it('Should fail with a bad id filter', async function () {
93 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
96 it('Should fail with a bad filter', async function () {
97 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
98 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
101 it('Should fail with bad predefined reason', async function () {
102 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
105 it('Should fail with a bad state filter', async function () {
106 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
107 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
110 it('Should fail with a bad videoIs filter', async function () {
111 await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
114 it('Should succeed with the correct params', async function () {
117 predefinedReason: 'violentOrRepulsive',
123 await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
127 describe('When listing abuses for users', function () {
128 const path = '/api/v1/users/me/abuses'
130 it('Should fail with a bad start pagination', async function () {
131 await checkBadStartPagination(server.url, path, userToken)
134 it('Should fail with a bad count pagination', async function () {
135 await checkBadCountPagination(server.url, path, userToken)
138 it('Should fail with an incorrect sort', async function () {
139 await checkBadSortPagination(server.url, path, userToken)
142 it('Should fail with a non authenticated user', async function () {
143 await makeGetRequest({
146 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
150 it('Should fail with a bad id filter', async function () {
151 await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } })
154 it('Should fail with a bad state filter', async function () {
155 await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } })
156 await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } })
159 it('Should succeed with the correct params', async function () {
165 await makeGetRequest({ url: server.url, path, token: userToken, query, statusCodeExpected: HttpStatusCode.OK_200 })
169 describe('When reporting an abuse', function () {
170 const path = basePath
172 it('Should fail with nothing', async function () {
174 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
177 it('Should fail with a wrong video', async function () {
178 const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
179 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
182 it('Should fail with an unknown video', async function () {
183 const fields = { video: { id: 42 }, reason: 'my super reason' }
184 await makePostBodyRequest({
189 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
193 it('Should fail with a wrong comment', async function () {
194 const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
195 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
198 it('Should fail with an unknown comment', async function () {
199 const fields = { comment: { id: 42 }, reason: 'my super reason' }
200 await makePostBodyRequest({
205 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
209 it('Should fail with a wrong account', async function () {
210 const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
211 await makePostBodyRequest({ url: server.url, path: path, token: userToken, fields })
214 it('Should fail with an unknown account', async function () {
215 const fields = { account: { id: 42 }, reason: 'my super reason' }
216 await makePostBodyRequest({
221 statusCodeExpected: HttpStatusCode.NOT_FOUND_404
225 it('Should fail with not account, comment or video', async function () {
226 const fields = { reason: 'my super reason' }
227 await makePostBodyRequest({
232 statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
236 it('Should fail with a non authenticated user', async function () {
237 const fields = { video: { id: server.video.id }, reason: 'my super reason' }
239 await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
242 it('Should fail with a reason too short', async function () {
243 const fields = { video: { id: server.video.id }, reason: 'h' }
245 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
248 it('Should fail with a too big reason', async function () {
249 const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
251 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
254 it('Should succeed with the correct parameters (basic)', async function () {
255 const fields: AbuseCreate = { video: { id: server.video.shortUUID }, reason: 'my super reason' }
257 const res = await makePostBodyRequest({
262 statusCodeExpected: HttpStatusCode.OK_200
264 abuseId = res.body.abuse.id
267 it('Should fail with a wrong predefined reason', async function () {
268 const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
270 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
273 it('Should fail with negative timestamps', async function () {
274 const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
276 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
279 it('Should fail mith misordered startAt/endAt', async function () {
280 const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
282 await makePostBodyRequest({ url: server.url, path, token: userToken, fields })
285 it('Should succeed with the corret parameters (advanced)', async function () {
286 const fields: AbuseCreate = {
292 reason: 'my super reason',
293 predefinedReasons: [ 'serverRules' ]
296 await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.OK_200 })
300 describe('When updating an abuse', function () {
302 it('Should fail with a non authenticated user', async function () {
303 await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
306 it('Should fail with a non admin user', async function () {
307 await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
310 it('Should fail with a bad abuse id', async function () {
311 await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
314 it('Should fail with a bad state', async function () {
315 const body = { state: 5 }
316 await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
319 it('Should fail with a bad moderation comment', async function () {
320 const body = { moderationComment: 'b'.repeat(3001) }
321 await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
324 it('Should succeed with the correct params', async function () {
325 const body = { state: AbuseState.ACCEPTED }
326 await command.update({ abuseId, body })
330 describe('When creating an abuse message', function () {
331 const message = 'my super message'
333 it('Should fail with an invalid abuse id', async function () {
334 await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
337 it('Should fail with a non authenticated user', async function () {
338 await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
341 it('Should fail with an invalid logged in user', async function () {
342 await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
345 it('Should fail with an invalid message', async function () {
346 await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
349 it('Should suceed with the correct params', async function () {
350 const res = await command.addMessage({ token: userToken, abuseId, message })
351 messageId = res.body.abuseMessage.id
355 describe('When listing abuse messages', function () {
357 it('Should fail with an invalid abuse id', async function () {
358 await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
361 it('Should fail with a non authenticated user', async function () {
362 await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
365 it('Should fail with an invalid logged in user', async function () {
366 await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
369 it('Should succeed with the correct params', async function () {
370 await command.listMessages({ token: userToken, abuseId })
374 describe('When deleting an abuse message', function () {
375 it('Should fail with an invalid abuse id', async function () {
376 await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
379 it('Should fail with an invalid message id', async function () {
380 await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
383 it('Should fail with a non authenticated user', async function () {
384 await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
387 it('Should fail with an invalid logged in user', async function () {
388 await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
391 it('Should succeed with the correct params', async function () {
392 await command.deleteMessage({ token: userToken, abuseId, messageId })
396 describe('When deleting a video abuse', function () {
398 it('Should fail with a non authenticated user', async function () {
399 await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
402 it('Should fail with a non admin user', async function () {
403 await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
406 it('Should fail with a bad abuse id', async function () {
407 await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
410 it('Should succeed with the correct params', async function () {
411 await command.delete({ abuseId })
415 describe('When trying to manage messages of a remote abuse', function () {
416 let remoteAbuseId: number
417 let anotherServer: ServerInfo
419 before(async function () {
422 anotherServer = await flushAndRunServer(2)
423 await setAccessTokensToServers([ anotherServer ])
425 await doubleFollow(anotherServer, server)
427 const server2VideoId = await getVideoIdFromUUID(anotherServer.url, server.video.uuid)
428 await anotherServer.abusesCommand.report({ reason: 'remote server', videoId: server2VideoId })
430 await waitJobs([ server, anotherServer ])
432 const body = await command.getAdminList({ sort: '-createdAt' })
433 remoteAbuseId = body.data[0].id
436 it('Should fail when listing abuse messages of a remote abuse', async function () {
437 await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
440 it('Should fail when creating abuse message of a remote abuse', async function () {
441 await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
444 after(async function () {
445 await cleanupTests([ anotherServer ])
449 after(async function () {
450 await cleanupTests([ server ])