]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/check-params/blocklist.ts
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Move test functions outside extra-utils
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / blocklist.ts
1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2
3 import 'mocha'
4 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
5 import { HttpStatusCode } from '@shared/models'
6 import {
7 cleanupTests,
8 createMultipleServers,
9 doubleFollow,
10 makeDeleteRequest,
11 makeGetRequest,
12 makePostBodyRequest,
13 PeerTubeServer,
14 setAccessTokensToServers
15 } from '@shared/server-commands'
16
17 describe('Test blocklist API validators', function () {
18 let servers: PeerTubeServer[]
19 let server: PeerTubeServer
20 let userAccessToken: string
21
22 before(async function () {
23 this.timeout(60000)
24
25 servers = await createMultipleServers(2)
26 await setAccessTokensToServers(servers)
27
28 server = servers[0]
29
30 const user = { username: 'user1', password: 'password' }
31 await server.users.create({ username: user.username, password: user.password })
32
33 userAccessToken = await server.login.getAccessToken(user)
34
35 await doubleFollow(servers[0], servers[1])
36 })
37
38 // ---------------------------------------------------------------
39
40 describe('When managing user blocklist', function () {
41
42 describe('When managing user accounts blocklist', function () {
43 const path = '/api/v1/users/me/blocklist/accounts'
44
45 describe('When listing blocked accounts', function () {
46 it('Should fail with an unauthenticated user', async function () {
47 await makeGetRequest({
48 url: server.url,
49 path,
50 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
51 })
52 })
53
54 it('Should fail with a bad start pagination', async function () {
55 await checkBadStartPagination(server.url, path, server.accessToken)
56 })
57
58 it('Should fail with a bad count pagination', async function () {
59 await checkBadCountPagination(server.url, path, server.accessToken)
60 })
61
62 it('Should fail with an incorrect sort', async function () {
63 await checkBadSortPagination(server.url, path, server.accessToken)
64 })
65 })
66
67 describe('When blocking an account', function () {
68 it('Should fail with an unauthenticated user', async function () {
69 await makePostBodyRequest({
70 url: server.url,
71 path,
72 fields: { accountName: 'user1' },
73 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
74 })
75 })
76
77 it('Should fail with an unknown account', async function () {
78 await makePostBodyRequest({
79 url: server.url,
80 token: server.accessToken,
81 path,
82 fields: { accountName: 'user2' },
83 expectedStatus: HttpStatusCode.NOT_FOUND_404
84 })
85 })
86
87 it('Should fail to block ourselves', async function () {
88 await makePostBodyRequest({
89 url: server.url,
90 token: server.accessToken,
91 path,
92 fields: { accountName: 'root' },
93 expectedStatus: HttpStatusCode.CONFLICT_409
94 })
95 })
96
97 it('Should succeed with the correct params', async function () {
98 await makePostBodyRequest({
99 url: server.url,
100 token: server.accessToken,
101 path,
102 fields: { accountName: 'user1' },
103 expectedStatus: HttpStatusCode.NO_CONTENT_204
104 })
105 })
106 })
107
108 describe('When unblocking an account', function () {
109 it('Should fail with an unauthenticated user', async function () {
110 await makeDeleteRequest({
111 url: server.url,
112 path: path + '/user1',
113 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
114 })
115 })
116
117 it('Should fail with an unknown account block', async function () {
118 await makeDeleteRequest({
119 url: server.url,
120 path: path + '/user2',
121 token: server.accessToken,
122 expectedStatus: HttpStatusCode.NOT_FOUND_404
123 })
124 })
125
126 it('Should succeed with the correct params', async function () {
127 await makeDeleteRequest({
128 url: server.url,
129 path: path + '/user1',
130 token: server.accessToken,
131 expectedStatus: HttpStatusCode.NO_CONTENT_204
132 })
133 })
134 })
135 })
136
137 describe('When managing user servers blocklist', function () {
138 const path = '/api/v1/users/me/blocklist/servers'
139
140 describe('When listing blocked servers', function () {
141 it('Should fail with an unauthenticated user', async function () {
142 await makeGetRequest({
143 url: server.url,
144 path,
145 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
146 })
147 })
148
149 it('Should fail with a bad start pagination', async function () {
150 await checkBadStartPagination(server.url, path, server.accessToken)
151 })
152
153 it('Should fail with a bad count pagination', async function () {
154 await checkBadCountPagination(server.url, path, server.accessToken)
155 })
156
157 it('Should fail with an incorrect sort', async function () {
158 await checkBadSortPagination(server.url, path, server.accessToken)
159 })
160 })
161
162 describe('When blocking a server', function () {
163 it('Should fail with an unauthenticated user', async function () {
164 await makePostBodyRequest({
165 url: server.url,
166 path,
167 fields: { host: 'localhost:9002' },
168 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
169 })
170 })
171
172 it('Should succeed with an unknown server', async function () {
173 await makePostBodyRequest({
174 url: server.url,
175 token: server.accessToken,
176 path,
177 fields: { host: 'localhost:9003' },
178 expectedStatus: HttpStatusCode.NO_CONTENT_204
179 })
180 })
181
182 it('Should fail with our own server', async function () {
183 await makePostBodyRequest({
184 url: server.url,
185 token: server.accessToken,
186 path,
187 fields: { host: 'localhost:' + server.port },
188 expectedStatus: HttpStatusCode.CONFLICT_409
189 })
190 })
191
192 it('Should succeed with the correct params', async function () {
193 await makePostBodyRequest({
194 url: server.url,
195 token: server.accessToken,
196 path,
197 fields: { host: 'localhost:' + servers[1].port },
198 expectedStatus: HttpStatusCode.NO_CONTENT_204
199 })
200 })
201 })
202
203 describe('When unblocking a server', function () {
204 it('Should fail with an unauthenticated user', async function () {
205 await makeDeleteRequest({
206 url: server.url,
207 path: path + '/localhost:' + servers[1].port,
208 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
209 })
210 })
211
212 it('Should fail with an unknown server block', async function () {
213 await makeDeleteRequest({
214 url: server.url,
215 path: path + '/localhost:9004',
216 token: server.accessToken,
217 expectedStatus: HttpStatusCode.NOT_FOUND_404
218 })
219 })
220
221 it('Should succeed with the correct params', async function () {
222 await makeDeleteRequest({
223 url: server.url,
224 path: path + '/localhost:' + servers[1].port,
225 token: server.accessToken,
226 expectedStatus: HttpStatusCode.NO_CONTENT_204
227 })
228 })
229 })
230 })
231 })
232
233 describe('When managing server blocklist', function () {
234
235 describe('When managing server accounts blocklist', function () {
236 const path = '/api/v1/server/blocklist/accounts'
237
238 describe('When listing blocked accounts', function () {
239 it('Should fail with an unauthenticated user', async function () {
240 await makeGetRequest({
241 url: server.url,
242 path,
243 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
244 })
245 })
246
247 it('Should fail with a user without the appropriate rights', async function () {
248 await makeGetRequest({
249 url: server.url,
250 token: userAccessToken,
251 path,
252 expectedStatus: HttpStatusCode.FORBIDDEN_403
253 })
254 })
255
256 it('Should fail with a bad start pagination', async function () {
257 await checkBadStartPagination(server.url, path, server.accessToken)
258 })
259
260 it('Should fail with a bad count pagination', async function () {
261 await checkBadCountPagination(server.url, path, server.accessToken)
262 })
263
264 it('Should fail with an incorrect sort', async function () {
265 await checkBadSortPagination(server.url, path, server.accessToken)
266 })
267 })
268
269 describe('When blocking an account', function () {
270 it('Should fail with an unauthenticated user', async function () {
271 await makePostBodyRequest({
272 url: server.url,
273 path,
274 fields: { accountName: 'user1' },
275 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
276 })
277 })
278
279 it('Should fail with a user without the appropriate rights', async function () {
280 await makePostBodyRequest({
281 url: server.url,
282 token: userAccessToken,
283 path,
284 fields: { accountName: 'user1' },
285 expectedStatus: HttpStatusCode.FORBIDDEN_403
286 })
287 })
288
289 it('Should fail with an unknown account', async function () {
290 await makePostBodyRequest({
291 url: server.url,
292 token: server.accessToken,
293 path,
294 fields: { accountName: 'user2' },
295 expectedStatus: HttpStatusCode.NOT_FOUND_404
296 })
297 })
298
299 it('Should fail to block ourselves', async function () {
300 await makePostBodyRequest({
301 url: server.url,
302 token: server.accessToken,
303 path,
304 fields: { accountName: 'root' },
305 expectedStatus: HttpStatusCode.CONFLICT_409
306 })
307 })
308
309 it('Should succeed with the correct params', async function () {
310 await makePostBodyRequest({
311 url: server.url,
312 token: server.accessToken,
313 path,
314 fields: { accountName: 'user1' },
315 expectedStatus: HttpStatusCode.NO_CONTENT_204
316 })
317 })
318 })
319
320 describe('When unblocking an account', function () {
321 it('Should fail with an unauthenticated user', async function () {
322 await makeDeleteRequest({
323 url: server.url,
324 path: path + '/user1',
325 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
326 })
327 })
328
329 it('Should fail with a user without the appropriate rights', async function () {
330 await makeDeleteRequest({
331 url: server.url,
332 path: path + '/user1',
333 token: userAccessToken,
334 expectedStatus: HttpStatusCode.FORBIDDEN_403
335 })
336 })
337
338 it('Should fail with an unknown account block', async function () {
339 await makeDeleteRequest({
340 url: server.url,
341 path: path + '/user2',
342 token: server.accessToken,
343 expectedStatus: HttpStatusCode.NOT_FOUND_404
344 })
345 })
346
347 it('Should succeed with the correct params', async function () {
348 await makeDeleteRequest({
349 url: server.url,
350 path: path + '/user1',
351 token: server.accessToken,
352 expectedStatus: HttpStatusCode.NO_CONTENT_204
353 })
354 })
355 })
356 })
357
358 describe('When managing server servers blocklist', function () {
359 const path = '/api/v1/server/blocklist/servers'
360
361 describe('When listing blocked servers', function () {
362 it('Should fail with an unauthenticated user', async function () {
363 await makeGetRequest({
364 url: server.url,
365 path,
366 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
367 })
368 })
369
370 it('Should fail with a user without the appropriate rights', async function () {
371 await makeGetRequest({
372 url: server.url,
373 token: userAccessToken,
374 path,
375 expectedStatus: HttpStatusCode.FORBIDDEN_403
376 })
377 })
378
379 it('Should fail with a bad start pagination', async function () {
380 await checkBadStartPagination(server.url, path, server.accessToken)
381 })
382
383 it('Should fail with a bad count pagination', async function () {
384 await checkBadCountPagination(server.url, path, server.accessToken)
385 })
386
387 it('Should fail with an incorrect sort', async function () {
388 await checkBadSortPagination(server.url, path, server.accessToken)
389 })
390 })
391
392 describe('When blocking a server', function () {
393 it('Should fail with an unauthenticated user', async function () {
394 await makePostBodyRequest({
395 url: server.url,
396 path,
397 fields: { host: 'localhost:' + servers[1].port },
398 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
399 })
400 })
401
402 it('Should fail with a user without the appropriate rights', async function () {
403 await makePostBodyRequest({
404 url: server.url,
405 token: userAccessToken,
406 path,
407 fields: { host: 'localhost:' + servers[1].port },
408 expectedStatus: HttpStatusCode.FORBIDDEN_403
409 })
410 })
411
412 it('Should succeed with an unknown server', async function () {
413 await makePostBodyRequest({
414 url: server.url,
415 token: server.accessToken,
416 path,
417 fields: { host: 'localhost:9003' },
418 expectedStatus: HttpStatusCode.NO_CONTENT_204
419 })
420 })
421
422 it('Should fail with our own server', async function () {
423 await makePostBodyRequest({
424 url: server.url,
425 token: server.accessToken,
426 path,
427 fields: { host: 'localhost:' + server.port },
428 expectedStatus: HttpStatusCode.CONFLICT_409
429 })
430 })
431
432 it('Should succeed with the correct params', async function () {
433 await makePostBodyRequest({
434 url: server.url,
435 token: server.accessToken,
436 path,
437 fields: { host: 'localhost:' + servers[1].port },
438 expectedStatus: HttpStatusCode.NO_CONTENT_204
439 })
440 })
441 })
442
443 describe('When unblocking a server', function () {
444 it('Should fail with an unauthenticated user', async function () {
445 await makeDeleteRequest({
446 url: server.url,
447 path: path + '/localhost:' + servers[1].port,
448 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
449 })
450 })
451
452 it('Should fail with a user without the appropriate rights', async function () {
453 await makeDeleteRequest({
454 url: server.url,
455 path: path + '/localhost:' + servers[1].port,
456 token: userAccessToken,
457 expectedStatus: HttpStatusCode.FORBIDDEN_403
458 })
459 })
460
461 it('Should fail with an unknown server block', async function () {
462 await makeDeleteRequest({
463 url: server.url,
464 path: path + '/localhost:9004',
465 token: server.accessToken,
466 expectedStatus: HttpStatusCode.NOT_FOUND_404
467 })
468 })
469
470 it('Should succeed with the correct params', async function () {
471 await makeDeleteRequest({
472 url: server.url,
473 path: path + '/localhost:' + servers[1].port,
474 token: server.accessToken,
475 expectedStatus: HttpStatusCode.NO_CONTENT_204
476 })
477 })
478 })
479 })
480 })
481
482 describe('When getting blocklist status', function () {
483 const path = '/api/v1/blocklist/status'
484
485 it('Should fail with a bad token', async function () {
486 await makeGetRequest({
487 url: server.url,
488 path,
489 token: 'false',
490 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
491 })
492 })
493
494 it('Should fail with a bad accounts field', async function () {
495 await makeGetRequest({
496 url: server.url,
497 path,
498 query: {
499 accounts: 1
500 },
501 expectedStatus: HttpStatusCode.BAD_REQUEST_400
502 })
503
504 await makeGetRequest({
505 url: server.url,
506 path,
507 query: {
508 accounts: [ 1 ]
509 },
510 expectedStatus: HttpStatusCode.BAD_REQUEST_400
511 })
512 })
513
514 it('Should fail with a bad hosts field', async function () {
515 await makeGetRequest({
516 url: server.url,
517 path,
518 query: {
519 hosts: 1
520 },
521 expectedStatus: HttpStatusCode.BAD_REQUEST_400
522 })
523
524 await makeGetRequest({
525 url: server.url,
526 path,
527 query: {
528 hosts: [ 1 ]
529 },
530 expectedStatus: HttpStatusCode.BAD_REQUEST_400
531 })
532 })
533
534 it('Should succeed with the correct parameters', async function () {
535 await makeGetRequest({
536 url: server.url,
537 path,
538 query: {},
539 expectedStatus: HttpStatusCode.OK_200
540 })
541
542 await makeGetRequest({
543 url: server.url,
544 path,
545 query: {
546 hosts: [ 'example.com' ],
547 accounts: [ 'john@example.com' ]
548 },
549 expectedStatus: HttpStatusCode.OK_200
550 })
551 })
552 })
553
554 after(async function () {
555 await cleanupTests(servers)
556 })
557 })
ActivityPub-federated video streaming platform using P2P directly in your web browser