]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/check-params/blocklist.ts
Merge branch 'release/2.1.0' into develop
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / blocklist.ts
1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2
3 import 'mocha'
4
5 import {
6 cleanupTests,
7 createUser,
8 doubleFollow,
9 flushAndRunMultipleServers,
10 makeDeleteRequest,
11 makeGetRequest,
12 makePostBodyRequest,
13 ServerInfo,
14 setAccessTokensToServers,
15 userLogin
16 } from '../../../../shared/extra-utils'
17 import {
18 checkBadCountPagination,
19 checkBadSortPagination,
20 checkBadStartPagination
21 } from '../../../../shared/extra-utils/requests/check-api-params'
22
23 describe('Test blocklist API validators', function () {
24 let servers: ServerInfo[]
25 let server: ServerInfo
26 let userAccessToken: string
27
28 before(async function () {
29 this.timeout(60000)
30
31 servers = await flushAndRunMultipleServers(2)
32 await setAccessTokensToServers(servers)
33
34 server = servers[0]
35
36 const user = { username: 'user1', password: 'password' }
37 await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
38
39 userAccessToken = await userLogin(server, user)
40
41 await doubleFollow(servers[0], servers[1])
42 })
43
44 // ---------------------------------------------------------------
45
46 describe('When managing user blocklist', function () {
47
48 describe('When managing user accounts blocklist', function () {
49 const path = '/api/v1/users/me/blocklist/accounts'
50
51 describe('When listing blocked accounts', function () {
52 it('Should fail with an unauthenticated user', async function () {
53 await makeGetRequest({
54 url: server.url,
55 path,
56 statusCodeExpected: 401
57 })
58 })
59
60 it('Should fail with a bad start pagination', async function () {
61 await checkBadStartPagination(server.url, path, server.accessToken)
62 })
63
64 it('Should fail with a bad count pagination', async function () {
65 await checkBadCountPagination(server.url, path, server.accessToken)
66 })
67
68 it('Should fail with an incorrect sort', async function () {
69 await checkBadSortPagination(server.url, path, server.accessToken)
70 })
71 })
72
73 describe('When blocking an account', function () {
74 it('Should fail with an unauthenticated user', async function () {
75 await makePostBodyRequest({
76 url: server.url,
77 path,
78 fields: { accountName: 'user1' },
79 statusCodeExpected: 401
80 })
81 })
82
83 it('Should fail with an unknown account', async function () {
84 await makePostBodyRequest({
85 url: server.url,
86 token: server.accessToken,
87 path,
88 fields: { accountName: 'user2' },
89 statusCodeExpected: 404
90 })
91 })
92
93 it('Should fail to block ourselves', async function () {
94 await makePostBodyRequest({
95 url: server.url,
96 token: server.accessToken,
97 path,
98 fields: { accountName: 'root' },
99 statusCodeExpected: 409
100 })
101 })
102
103 it('Should succeed with the correct params', async function () {
104 await makePostBodyRequest({
105 url: server.url,
106 token: server.accessToken,
107 path,
108 fields: { accountName: 'user1' },
109 statusCodeExpected: 204
110 })
111 })
112 })
113
114 describe('When unblocking an account', function () {
115 it('Should fail with an unauthenticated user', async function () {
116 await makeDeleteRequest({
117 url: server.url,
118 path: path + '/user1',
119 statusCodeExpected: 401
120 })
121 })
122
123 it('Should fail with an unknown account block', async function () {
124 await makeDeleteRequest({
125 url: server.url,
126 path: path + '/user2',
127 token: server.accessToken,
128 statusCodeExpected: 404
129 })
130 })
131
132 it('Should succeed with the correct params', async function () {
133 await makeDeleteRequest({
134 url: server.url,
135 path: path + '/user1',
136 token: server.accessToken,
137 statusCodeExpected: 204
138 })
139 })
140 })
141 })
142
143 describe('When managing user servers blocklist', function () {
144 const path = '/api/v1/users/me/blocklist/servers'
145
146 describe('When listing blocked servers', function () {
147 it('Should fail with an unauthenticated user', async function () {
148 await makeGetRequest({
149 url: server.url,
150 path,
151 statusCodeExpected: 401
152 })
153 })
154
155 it('Should fail with a bad start pagination', async function () {
156 await checkBadStartPagination(server.url, path, server.accessToken)
157 })
158
159 it('Should fail with a bad count pagination', async function () {
160 await checkBadCountPagination(server.url, path, server.accessToken)
161 })
162
163 it('Should fail with an incorrect sort', async function () {
164 await checkBadSortPagination(server.url, path, server.accessToken)
165 })
166 })
167
168 describe('When blocking a server', function () {
169 it('Should fail with an unauthenticated user', async function () {
170 await makePostBodyRequest({
171 url: server.url,
172 path,
173 fields: { host: 'localhost:9002' },
174 statusCodeExpected: 401
175 })
176 })
177
178 it('Should fail with an unknown server', async function () {
179 await makePostBodyRequest({
180 url: server.url,
181 token: server.accessToken,
182 path,
183 fields: { host: 'localhost:9003' },
184 statusCodeExpected: 404
185 })
186 })
187
188 it('Should fail with our own server', async function () {
189 await makePostBodyRequest({
190 url: server.url,
191 token: server.accessToken,
192 path,
193 fields: { host: 'localhost:' + server.port },
194 statusCodeExpected: 409
195 })
196 })
197
198 it('Should succeed with the correct params', async function () {
199 await makePostBodyRequest({
200 url: server.url,
201 token: server.accessToken,
202 path,
203 fields: { host: 'localhost:' + servers[1].port },
204 statusCodeExpected: 204
205 })
206 })
207 })
208
209 describe('When unblocking a server', function () {
210 it('Should fail with an unauthenticated user', async function () {
211 await makeDeleteRequest({
212 url: server.url,
213 path: path + '/localhost:' + servers[1].port,
214 statusCodeExpected: 401
215 })
216 })
217
218 it('Should fail with an unknown server block', async function () {
219 await makeDeleteRequest({
220 url: server.url,
221 path: path + '/localhost:9003',
222 token: server.accessToken,
223 statusCodeExpected: 404
224 })
225 })
226
227 it('Should succeed with the correct params', async function () {
228 await makeDeleteRequest({
229 url: server.url,
230 path: path + '/localhost:' + servers[1].port,
231 token: server.accessToken,
232 statusCodeExpected: 204
233 })
234 })
235 })
236 })
237 })
238
239 describe('When managing server blocklist', function () {
240
241 describe('When managing server accounts blocklist', function () {
242 const path = '/api/v1/server/blocklist/accounts'
243
244 describe('When listing blocked accounts', function () {
245 it('Should fail with an unauthenticated user', async function () {
246 await makeGetRequest({
247 url: server.url,
248 path,
249 statusCodeExpected: 401
250 })
251 })
252
253 it('Should fail with a user without the appropriate rights', async function () {
254 await makeGetRequest({
255 url: server.url,
256 token: userAccessToken,
257 path,
258 statusCodeExpected: 403
259 })
260 })
261
262 it('Should fail with a bad start pagination', async function () {
263 await checkBadStartPagination(server.url, path, server.accessToken)
264 })
265
266 it('Should fail with a bad count pagination', async function () {
267 await checkBadCountPagination(server.url, path, server.accessToken)
268 })
269
270 it('Should fail with an incorrect sort', async function () {
271 await checkBadSortPagination(server.url, path, server.accessToken)
272 })
273 })
274
275 describe('When blocking an account', function () {
276 it('Should fail with an unauthenticated user', async function () {
277 await makePostBodyRequest({
278 url: server.url,
279 path,
280 fields: { accountName: 'user1' },
281 statusCodeExpected: 401
282 })
283 })
284
285 it('Should fail with a user without the appropriate rights', async function () {
286 await makePostBodyRequest({
287 url: server.url,
288 token: userAccessToken,
289 path,
290 fields: { accountName: 'user1' },
291 statusCodeExpected: 403
292 })
293 })
294
295 it('Should fail with an unknown account', async function () {
296 await makePostBodyRequest({
297 url: server.url,
298 token: server.accessToken,
299 path,
300 fields: { accountName: 'user2' },
301 statusCodeExpected: 404
302 })
303 })
304
305 it('Should fail to block ourselves', async function () {
306 await makePostBodyRequest({
307 url: server.url,
308 token: server.accessToken,
309 path,
310 fields: { accountName: 'root' },
311 statusCodeExpected: 409
312 })
313 })
314
315 it('Should succeed with the correct params', async function () {
316 await makePostBodyRequest({
317 url: server.url,
318 token: server.accessToken,
319 path,
320 fields: { accountName: 'user1' },
321 statusCodeExpected: 204
322 })
323 })
324 })
325
326 describe('When unblocking an account', function () {
327 it('Should fail with an unauthenticated user', async function () {
328 await makeDeleteRequest({
329 url: server.url,
330 path: path + '/user1',
331 statusCodeExpected: 401
332 })
333 })
334
335 it('Should fail with a user without the appropriate rights', async function () {
336 await makeDeleteRequest({
337 url: server.url,
338 path: path + '/user1',
339 token: userAccessToken,
340 statusCodeExpected: 403
341 })
342 })
343
344 it('Should fail with an unknown account block', async function () {
345 await makeDeleteRequest({
346 url: server.url,
347 path: path + '/user2',
348 token: server.accessToken,
349 statusCodeExpected: 404
350 })
351 })
352
353 it('Should succeed with the correct params', async function () {
354 await makeDeleteRequest({
355 url: server.url,
356 path: path + '/user1',
357 token: server.accessToken,
358 statusCodeExpected: 204
359 })
360 })
361 })
362 })
363
364 describe('When managing server servers blocklist', function () {
365 const path = '/api/v1/server/blocklist/servers'
366
367 describe('When listing blocked servers', function () {
368 it('Should fail with an unauthenticated user', async function () {
369 await makeGetRequest({
370 url: server.url,
371 path,
372 statusCodeExpected: 401
373 })
374 })
375
376 it('Should fail with a user without the appropriate rights', async function () {
377 await makeGetRequest({
378 url: server.url,
379 token: userAccessToken,
380 path,
381 statusCodeExpected: 403
382 })
383 })
384
385 it('Should fail with a bad start pagination', async function () {
386 await checkBadStartPagination(server.url, path, server.accessToken)
387 })
388
389 it('Should fail with a bad count pagination', async function () {
390 await checkBadCountPagination(server.url, path, server.accessToken)
391 })
392
393 it('Should fail with an incorrect sort', async function () {
394 await checkBadSortPagination(server.url, path, server.accessToken)
395 })
396 })
397
398 describe('When blocking a server', function () {
399 it('Should fail with an unauthenticated user', async function () {
400 await makePostBodyRequest({
401 url: server.url,
402 path,
403 fields: { host: 'localhost:' + servers[1].port },
404 statusCodeExpected: 401
405 })
406 })
407
408 it('Should fail with a user without the appropriate rights', async function () {
409 await makePostBodyRequest({
410 url: server.url,
411 token: userAccessToken,
412 path,
413 fields: { host: 'localhost:' + servers[1].port },
414 statusCodeExpected: 403
415 })
416 })
417
418 it('Should fail with an unknown server', async function () {
419 await makePostBodyRequest({
420 url: server.url,
421 token: server.accessToken,
422 path,
423 fields: { host: 'localhost:9003' },
424 statusCodeExpected: 404
425 })
426 })
427
428 it('Should fail with our own server', async function () {
429 await makePostBodyRequest({
430 url: server.url,
431 token: server.accessToken,
432 path,
433 fields: { host: 'localhost:' + server.port },
434 statusCodeExpected: 409
435 })
436 })
437
438 it('Should succeed with the correct params', async function () {
439 await makePostBodyRequest({
440 url: server.url,
441 token: server.accessToken,
442 path,
443 fields: { host: 'localhost:' + servers[1].port },
444 statusCodeExpected: 204
445 })
446 })
447 })
448
449 describe('When unblocking a server', function () {
450 it('Should fail with an unauthenticated user', async function () {
451 await makeDeleteRequest({
452 url: server.url,
453 path: path + '/localhost:' + servers[1].port,
454 statusCodeExpected: 401
455 })
456 })
457
458 it('Should fail with a user without the appropriate rights', async function () {
459 await makeDeleteRequest({
460 url: server.url,
461 path: path + '/localhost:' + servers[1].port,
462 token: userAccessToken,
463 statusCodeExpected: 403
464 })
465 })
466
467 it('Should fail with an unknown server block', async function () {
468 await makeDeleteRequest({
469 url: server.url,
470 path: path + '/localhost:9003',
471 token: server.accessToken,
472 statusCodeExpected: 404
473 })
474 })
475
476 it('Should succeed with the correct params', async function () {
477 await makeDeleteRequest({
478 url: server.url,
479 path: path + '/localhost:' + servers[1].port,
480 token: server.accessToken,
481 statusCodeExpected: 204
482 })
483 })
484 })
485 })
486 })
487
488 after(async function () {
489 await cleanupTests(servers)
490 })
491 })