1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
5 checkBadCountPagination,
6 checkBadSortPagination,
7 checkBadStartPagination,
15 setAccessTokensToServers
16 } from '@shared/extra-utils'
17 import { HttpStatusCode } from '@shared/models'
19 describe('Test blocklist API validators', function () {
20 let servers: PeerTubeServer[]
21 let server: PeerTubeServer
22 let userAccessToken: string
24 before(async function () {
27 servers = await createMultipleServers(2)
28 await setAccessTokensToServers(servers)
32 const user = { username: 'user1', password: 'password' }
33 await server.users.create({ username: user.username, password: user.password })
35 userAccessToken = await server.login.getAccessToken(user)
37 await doubleFollow(servers[0], servers[1])
40 // ---------------------------------------------------------------
42 describe('When managing user blocklist', function () {
44 describe('When managing user accounts blocklist', function () {
45 const path = '/api/v1/users/me/blocklist/accounts'
47 describe('When listing blocked accounts', function () {
48 it('Should fail with an unauthenticated user', async function () {
49 await makeGetRequest({
52 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
56 it('Should fail with a bad start pagination', async function () {
57 await checkBadStartPagination(server.url, path, server.accessToken)
60 it('Should fail with a bad count pagination', async function () {
61 await checkBadCountPagination(server.url, path, server.accessToken)
64 it('Should fail with an incorrect sort', async function () {
65 await checkBadSortPagination(server.url, path, server.accessToken)
69 describe('When blocking an account', function () {
70 it('Should fail with an unauthenticated user', async function () {
71 await makePostBodyRequest({
74 fields: { accountName: 'user1' },
75 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
79 it('Should fail with an unknown account', async function () {
80 await makePostBodyRequest({
82 token: server.accessToken,
84 fields: { accountName: 'user2' },
85 expectedStatus: HttpStatusCode.NOT_FOUND_404
89 it('Should fail to block ourselves', async function () {
90 await makePostBodyRequest({
92 token: server.accessToken,
94 fields: { accountName: 'root' },
95 expectedStatus: HttpStatusCode.CONFLICT_409
99 it('Should succeed with the correct params', async function () {
100 await makePostBodyRequest({
102 token: server.accessToken,
104 fields: { accountName: 'user1' },
105 expectedStatus: HttpStatusCode.NO_CONTENT_204
110 describe('When unblocking an account', function () {
111 it('Should fail with an unauthenticated user', async function () {
112 await makeDeleteRequest({
114 path: path + '/user1',
115 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
119 it('Should fail with an unknown account block', async function () {
120 await makeDeleteRequest({
122 path: path + '/user2',
123 token: server.accessToken,
124 expectedStatus: HttpStatusCode.NOT_FOUND_404
128 it('Should succeed with the correct params', async function () {
129 await makeDeleteRequest({
131 path: path + '/user1',
132 token: server.accessToken,
133 expectedStatus: HttpStatusCode.NO_CONTENT_204
139 describe('When managing user servers blocklist', function () {
140 const path = '/api/v1/users/me/blocklist/servers'
142 describe('When listing blocked servers', function () {
143 it('Should fail with an unauthenticated user', async function () {
144 await makeGetRequest({
147 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
151 it('Should fail with a bad start pagination', async function () {
152 await checkBadStartPagination(server.url, path, server.accessToken)
155 it('Should fail with a bad count pagination', async function () {
156 await checkBadCountPagination(server.url, path, server.accessToken)
159 it('Should fail with an incorrect sort', async function () {
160 await checkBadSortPagination(server.url, path, server.accessToken)
164 describe('When blocking a server', function () {
165 it('Should fail with an unauthenticated user', async function () {
166 await makePostBodyRequest({
169 fields: { host: 'localhost:9002' },
170 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
174 it('Should succeed with an unknown server', async function () {
175 await makePostBodyRequest({
177 token: server.accessToken,
179 fields: { host: 'localhost:9003' },
180 expectedStatus: HttpStatusCode.NO_CONTENT_204
184 it('Should fail with our own server', async function () {
185 await makePostBodyRequest({
187 token: server.accessToken,
189 fields: { host: 'localhost:' + server.port },
190 expectedStatus: HttpStatusCode.CONFLICT_409
194 it('Should succeed with the correct params', async function () {
195 await makePostBodyRequest({
197 token: server.accessToken,
199 fields: { host: 'localhost:' + servers[1].port },
200 expectedStatus: HttpStatusCode.NO_CONTENT_204
205 describe('When unblocking a server', function () {
206 it('Should fail with an unauthenticated user', async function () {
207 await makeDeleteRequest({
209 path: path + '/localhost:' + servers[1].port,
210 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
214 it('Should fail with an unknown server block', async function () {
215 await makeDeleteRequest({
217 path: path + '/localhost:9004',
218 token: server.accessToken,
219 expectedStatus: HttpStatusCode.NOT_FOUND_404
223 it('Should succeed with the correct params', async function () {
224 await makeDeleteRequest({
226 path: path + '/localhost:' + servers[1].port,
227 token: server.accessToken,
228 expectedStatus: HttpStatusCode.NO_CONTENT_204
235 describe('When managing server blocklist', function () {
237 describe('When managing server accounts blocklist', function () {
238 const path = '/api/v1/server/blocklist/accounts'
240 describe('When listing blocked accounts', function () {
241 it('Should fail with an unauthenticated user', async function () {
242 await makeGetRequest({
245 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
249 it('Should fail with a user without the appropriate rights', async function () {
250 await makeGetRequest({
252 token: userAccessToken,
254 expectedStatus: HttpStatusCode.FORBIDDEN_403
258 it('Should fail with a bad start pagination', async function () {
259 await checkBadStartPagination(server.url, path, server.accessToken)
262 it('Should fail with a bad count pagination', async function () {
263 await checkBadCountPagination(server.url, path, server.accessToken)
266 it('Should fail with an incorrect sort', async function () {
267 await checkBadSortPagination(server.url, path, server.accessToken)
271 describe('When blocking an account', function () {
272 it('Should fail with an unauthenticated user', async function () {
273 await makePostBodyRequest({
276 fields: { accountName: 'user1' },
277 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
281 it('Should fail with a user without the appropriate rights', async function () {
282 await makePostBodyRequest({
284 token: userAccessToken,
286 fields: { accountName: 'user1' },
287 expectedStatus: HttpStatusCode.FORBIDDEN_403
291 it('Should fail with an unknown account', async function () {
292 await makePostBodyRequest({
294 token: server.accessToken,
296 fields: { accountName: 'user2' },
297 expectedStatus: HttpStatusCode.NOT_FOUND_404
301 it('Should fail to block ourselves', async function () {
302 await makePostBodyRequest({
304 token: server.accessToken,
306 fields: { accountName: 'root' },
307 expectedStatus: HttpStatusCode.CONFLICT_409
311 it('Should succeed with the correct params', async function () {
312 await makePostBodyRequest({
314 token: server.accessToken,
316 fields: { accountName: 'user1' },
317 expectedStatus: HttpStatusCode.NO_CONTENT_204
322 describe('When unblocking an account', function () {
323 it('Should fail with an unauthenticated user', async function () {
324 await makeDeleteRequest({
326 path: path + '/user1',
327 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
331 it('Should fail with a user without the appropriate rights', async function () {
332 await makeDeleteRequest({
334 path: path + '/user1',
335 token: userAccessToken,
336 expectedStatus: HttpStatusCode.FORBIDDEN_403
340 it('Should fail with an unknown account block', async function () {
341 await makeDeleteRequest({
343 path: path + '/user2',
344 token: server.accessToken,
345 expectedStatus: HttpStatusCode.NOT_FOUND_404
349 it('Should succeed with the correct params', async function () {
350 await makeDeleteRequest({
352 path: path + '/user1',
353 token: server.accessToken,
354 expectedStatus: HttpStatusCode.NO_CONTENT_204
360 describe('When managing server servers blocklist', function () {
361 const path = '/api/v1/server/blocklist/servers'
363 describe('When listing blocked servers', function () {
364 it('Should fail with an unauthenticated user', async function () {
365 await makeGetRequest({
368 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
372 it('Should fail with a user without the appropriate rights', async function () {
373 await makeGetRequest({
375 token: userAccessToken,
377 expectedStatus: HttpStatusCode.FORBIDDEN_403
381 it('Should fail with a bad start pagination', async function () {
382 await checkBadStartPagination(server.url, path, server.accessToken)
385 it('Should fail with a bad count pagination', async function () {
386 await checkBadCountPagination(server.url, path, server.accessToken)
389 it('Should fail with an incorrect sort', async function () {
390 await checkBadSortPagination(server.url, path, server.accessToken)
394 describe('When blocking a server', function () {
395 it('Should fail with an unauthenticated user', async function () {
396 await makePostBodyRequest({
399 fields: { host: 'localhost:' + servers[1].port },
400 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
404 it('Should fail with a user without the appropriate rights', async function () {
405 await makePostBodyRequest({
407 token: userAccessToken,
409 fields: { host: 'localhost:' + servers[1].port },
410 expectedStatus: HttpStatusCode.FORBIDDEN_403
414 it('Should succeed with an unknown server', async function () {
415 await makePostBodyRequest({
417 token: server.accessToken,
419 fields: { host: 'localhost:9003' },
420 expectedStatus: HttpStatusCode.NO_CONTENT_204
424 it('Should fail with our own server', async function () {
425 await makePostBodyRequest({
427 token: server.accessToken,
429 fields: { host: 'localhost:' + server.port },
430 expectedStatus: HttpStatusCode.CONFLICT_409
434 it('Should succeed with the correct params', async function () {
435 await makePostBodyRequest({
437 token: server.accessToken,
439 fields: { host: 'localhost:' + servers[1].port },
440 expectedStatus: HttpStatusCode.NO_CONTENT_204
445 describe('When unblocking a server', function () {
446 it('Should fail with an unauthenticated user', async function () {
447 await makeDeleteRequest({
449 path: path + '/localhost:' + servers[1].port,
450 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
454 it('Should fail with a user without the appropriate rights', async function () {
455 await makeDeleteRequest({
457 path: path + '/localhost:' + servers[1].port,
458 token: userAccessToken,
459 expectedStatus: HttpStatusCode.FORBIDDEN_403
463 it('Should fail with an unknown server block', async function () {
464 await makeDeleteRequest({
466 path: path + '/localhost:9004',
467 token: server.accessToken,
468 expectedStatus: HttpStatusCode.NOT_FOUND_404
472 it('Should succeed with the correct params', async function () {
473 await makeDeleteRequest({
475 path: path + '/localhost:' + servers[1].port,
476 token: server.accessToken,
477 expectedStatus: HttpStatusCode.NO_CONTENT_204
484 describe('When getting blocklist status', function () {
485 const path = '/api/v1/blocklist/status'
487 it('Should fail with a bad token', async function () {
488 await makeGetRequest({
492 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
496 it('Should fail with a bad accounts field', async function () {
497 await makeGetRequest({
503 expectedStatus: HttpStatusCode.BAD_REQUEST_400
506 await makeGetRequest({
512 expectedStatus: HttpStatusCode.BAD_REQUEST_400
516 it('Should fail with a bad hosts field', async function () {
517 await makeGetRequest({
523 expectedStatus: HttpStatusCode.BAD_REQUEST_400
526 await makeGetRequest({
532 expectedStatus: HttpStatusCode.BAD_REQUEST_400
536 it('Should succeed with the correct parameters', async function () {
537 await makeGetRequest({
541 expectedStatus: HttpStatusCode.OK_200
544 await makeGetRequest({
548 hosts: [ 'example.com' ],
549 accounts: [ 'john@example.com' ]
551 expectedStatus: HttpStatusCode.OK_200
556 after(async function () {
557 await cleanupTests(servers)