1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
3 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
4 import { HttpStatusCode } from '@shared/models'
13 setAccessTokensToServers
14 } from '@shared/server-commands'
16 describe('Test blocklist API validators', function () {
17 let servers: PeerTubeServer[]
18 let server: PeerTubeServer
19 let userAccessToken: string
21 before(async function () {
24 servers = await createMultipleServers(2)
25 await setAccessTokensToServers(servers)
29 const user = { username: 'user1', password: 'password' }
30 await server.users.create({ username: user.username, password: user.password })
32 userAccessToken = await server.login.getAccessToken(user)
34 await doubleFollow(servers[0], servers[1])
37 // ---------------------------------------------------------------
39 describe('When managing user blocklist', function () {
41 describe('When managing user accounts blocklist', function () {
42 const path = '/api/v1/users/me/blocklist/accounts'
44 describe('When listing blocked accounts', function () {
45 it('Should fail with an unauthenticated user', async function () {
46 await makeGetRequest({
49 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
53 it('Should fail with a bad start pagination', async function () {
54 await checkBadStartPagination(server.url, path, server.accessToken)
57 it('Should fail with a bad count pagination', async function () {
58 await checkBadCountPagination(server.url, path, server.accessToken)
61 it('Should fail with an incorrect sort', async function () {
62 await checkBadSortPagination(server.url, path, server.accessToken)
66 describe('When blocking an account', function () {
67 it('Should fail with an unauthenticated user', async function () {
68 await makePostBodyRequest({
71 fields: { accountName: 'user1' },
72 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
76 it('Should fail with an unknown account', async function () {
77 await makePostBodyRequest({
79 token: server.accessToken,
81 fields: { accountName: 'user2' },
82 expectedStatus: HttpStatusCode.NOT_FOUND_404
86 it('Should fail to block ourselves', async function () {
87 await makePostBodyRequest({
89 token: server.accessToken,
91 fields: { accountName: 'root' },
92 expectedStatus: HttpStatusCode.CONFLICT_409
96 it('Should succeed with the correct params', async function () {
97 await makePostBodyRequest({
99 token: server.accessToken,
101 fields: { accountName: 'user1' },
102 expectedStatus: HttpStatusCode.NO_CONTENT_204
107 describe('When unblocking an account', function () {
108 it('Should fail with an unauthenticated user', async function () {
109 await makeDeleteRequest({
111 path: path + '/user1',
112 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
116 it('Should fail with an unknown account block', async function () {
117 await makeDeleteRequest({
119 path: path + '/user2',
120 token: server.accessToken,
121 expectedStatus: HttpStatusCode.NOT_FOUND_404
125 it('Should succeed with the correct params', async function () {
126 await makeDeleteRequest({
128 path: path + '/user1',
129 token: server.accessToken,
130 expectedStatus: HttpStatusCode.NO_CONTENT_204
136 describe('When managing user servers blocklist', function () {
137 const path = '/api/v1/users/me/blocklist/servers'
139 describe('When listing blocked servers', function () {
140 it('Should fail with an unauthenticated user', async function () {
141 await makeGetRequest({
144 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
148 it('Should fail with a bad start pagination', async function () {
149 await checkBadStartPagination(server.url, path, server.accessToken)
152 it('Should fail with a bad count pagination', async function () {
153 await checkBadCountPagination(server.url, path, server.accessToken)
156 it('Should fail with an incorrect sort', async function () {
157 await checkBadSortPagination(server.url, path, server.accessToken)
161 describe('When blocking a server', function () {
162 it('Should fail with an unauthenticated user', async function () {
163 await makePostBodyRequest({
166 fields: { host: '127.0.0.1:9002' },
167 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
171 it('Should succeed with an unknown server', async function () {
172 await makePostBodyRequest({
174 token: server.accessToken,
176 fields: { host: '127.0.0.1:9003' },
177 expectedStatus: HttpStatusCode.NO_CONTENT_204
181 it('Should fail with our own server', async function () {
182 await makePostBodyRequest({
184 token: server.accessToken,
186 fields: { host: server.host },
187 expectedStatus: HttpStatusCode.CONFLICT_409
191 it('Should succeed with the correct params', async function () {
192 await makePostBodyRequest({
194 token: server.accessToken,
196 fields: { host: servers[1].host },
197 expectedStatus: HttpStatusCode.NO_CONTENT_204
202 describe('When unblocking a server', function () {
203 it('Should fail with an unauthenticated user', async function () {
204 await makeDeleteRequest({
206 path: path + '/' + servers[1].host,
207 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
211 it('Should fail with an unknown server block', async function () {
212 await makeDeleteRequest({
214 path: path + '/127.0.0.1:9004',
215 token: server.accessToken,
216 expectedStatus: HttpStatusCode.NOT_FOUND_404
220 it('Should succeed with the correct params', async function () {
221 await makeDeleteRequest({
223 path: path + '/' + servers[1].host,
224 token: server.accessToken,
225 expectedStatus: HttpStatusCode.NO_CONTENT_204
232 describe('When managing server blocklist', function () {
234 describe('When managing server accounts blocklist', function () {
235 const path = '/api/v1/server/blocklist/accounts'
237 describe('When listing blocked accounts', function () {
238 it('Should fail with an unauthenticated user', async function () {
239 await makeGetRequest({
242 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
246 it('Should fail with a user without the appropriate rights', async function () {
247 await makeGetRequest({
249 token: userAccessToken,
251 expectedStatus: HttpStatusCode.FORBIDDEN_403
255 it('Should fail with a bad start pagination', async function () {
256 await checkBadStartPagination(server.url, path, server.accessToken)
259 it('Should fail with a bad count pagination', async function () {
260 await checkBadCountPagination(server.url, path, server.accessToken)
263 it('Should fail with an incorrect sort', async function () {
264 await checkBadSortPagination(server.url, path, server.accessToken)
268 describe('When blocking an account', function () {
269 it('Should fail with an unauthenticated user', async function () {
270 await makePostBodyRequest({
273 fields: { accountName: 'user1' },
274 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
278 it('Should fail with a user without the appropriate rights', async function () {
279 await makePostBodyRequest({
281 token: userAccessToken,
283 fields: { accountName: 'user1' },
284 expectedStatus: HttpStatusCode.FORBIDDEN_403
288 it('Should fail with an unknown account', async function () {
289 await makePostBodyRequest({
291 token: server.accessToken,
293 fields: { accountName: 'user2' },
294 expectedStatus: HttpStatusCode.NOT_FOUND_404
298 it('Should fail to block ourselves', async function () {
299 await makePostBodyRequest({
301 token: server.accessToken,
303 fields: { accountName: 'root' },
304 expectedStatus: HttpStatusCode.CONFLICT_409
308 it('Should succeed with the correct params', async function () {
309 await makePostBodyRequest({
311 token: server.accessToken,
313 fields: { accountName: 'user1' },
314 expectedStatus: HttpStatusCode.NO_CONTENT_204
319 describe('When unblocking an account', function () {
320 it('Should fail with an unauthenticated user', async function () {
321 await makeDeleteRequest({
323 path: path + '/user1',
324 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
328 it('Should fail with a user without the appropriate rights', async function () {
329 await makeDeleteRequest({
331 path: path + '/user1',
332 token: userAccessToken,
333 expectedStatus: HttpStatusCode.FORBIDDEN_403
337 it('Should fail with an unknown account block', async function () {
338 await makeDeleteRequest({
340 path: path + '/user2',
341 token: server.accessToken,
342 expectedStatus: HttpStatusCode.NOT_FOUND_404
346 it('Should succeed with the correct params', async function () {
347 await makeDeleteRequest({
349 path: path + '/user1',
350 token: server.accessToken,
351 expectedStatus: HttpStatusCode.NO_CONTENT_204
357 describe('When managing server servers blocklist', function () {
358 const path = '/api/v1/server/blocklist/servers'
360 describe('When listing blocked servers', function () {
361 it('Should fail with an unauthenticated user', async function () {
362 await makeGetRequest({
365 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
369 it('Should fail with a user without the appropriate rights', async function () {
370 await makeGetRequest({
372 token: userAccessToken,
374 expectedStatus: HttpStatusCode.FORBIDDEN_403
378 it('Should fail with a bad start pagination', async function () {
379 await checkBadStartPagination(server.url, path, server.accessToken)
382 it('Should fail with a bad count pagination', async function () {
383 await checkBadCountPagination(server.url, path, server.accessToken)
386 it('Should fail with an incorrect sort', async function () {
387 await checkBadSortPagination(server.url, path, server.accessToken)
391 describe('When blocking a server', function () {
392 it('Should fail with an unauthenticated user', async function () {
393 await makePostBodyRequest({
396 fields: { host: servers[1].host },
397 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
401 it('Should fail with a user without the appropriate rights', async function () {
402 await makePostBodyRequest({
404 token: userAccessToken,
406 fields: { host: servers[1].host },
407 expectedStatus: HttpStatusCode.FORBIDDEN_403
411 it('Should succeed with an unknown server', async function () {
412 await makePostBodyRequest({
414 token: server.accessToken,
416 fields: { host: '127.0.0.1:9003' },
417 expectedStatus: HttpStatusCode.NO_CONTENT_204
421 it('Should fail with our own server', async function () {
422 await makePostBodyRequest({
424 token: server.accessToken,
426 fields: { host: server.host },
427 expectedStatus: HttpStatusCode.CONFLICT_409
431 it('Should succeed with the correct params', async function () {
432 await makePostBodyRequest({
434 token: server.accessToken,
436 fields: { host: servers[1].host },
437 expectedStatus: HttpStatusCode.NO_CONTENT_204
442 describe('When unblocking a server', function () {
443 it('Should fail with an unauthenticated user', async function () {
444 await makeDeleteRequest({
446 path: path + '/' + servers[1].host,
447 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
451 it('Should fail with a user without the appropriate rights', async function () {
452 await makeDeleteRequest({
454 path: path + '/' + servers[1].host,
455 token: userAccessToken,
456 expectedStatus: HttpStatusCode.FORBIDDEN_403
460 it('Should fail with an unknown server block', async function () {
461 await makeDeleteRequest({
463 path: path + '/127.0.0.1:9004',
464 token: server.accessToken,
465 expectedStatus: HttpStatusCode.NOT_FOUND_404
469 it('Should succeed with the correct params', async function () {
470 await makeDeleteRequest({
472 path: path + '/' + servers[1].host,
473 token: server.accessToken,
474 expectedStatus: HttpStatusCode.NO_CONTENT_204
481 describe('When getting blocklist status', function () {
482 const path = '/api/v1/blocklist/status'
484 it('Should fail with a bad token', async function () {
485 await makeGetRequest({
489 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
493 it('Should fail with a bad accounts field', async function () {
494 await makeGetRequest({
500 expectedStatus: HttpStatusCode.BAD_REQUEST_400
503 await makeGetRequest({
509 expectedStatus: HttpStatusCode.BAD_REQUEST_400
513 it('Should fail with a bad hosts field', async function () {
514 await makeGetRequest({
520 expectedStatus: HttpStatusCode.BAD_REQUEST_400
523 await makeGetRequest({
529 expectedStatus: HttpStatusCode.BAD_REQUEST_400
533 it('Should succeed with the correct parameters', async function () {
534 await makeGetRequest({
538 expectedStatus: HttpStatusCode.OK_200
541 await makeGetRequest({
545 hosts: [ 'example.com' ],
546 accounts: [ 'john@example.com' ]
548 expectedStatus: HttpStatusCode.OK_200
553 after(async function () {
554 await cleanupTests(servers)