server/tests/api/check-params/follows.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4
   5 import {
   6   cleanupTests,
   7   createSingleServer,
   8   makeDeleteRequest, makeGetRequest,
   9   makePostBodyRequest,
  10   PeerTubeServer,
  11   setAccessTokensToServers
  12 } from '../../../../shared/extra-utils'
  13 import {
  14   checkBadCountPagination,
  15   checkBadSortPagination,
  16   checkBadStartPagination
  17 } from '../../../../shared/extra-utils/requests/check-api-params'
  18 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
  19
  20 describe('Test server follows API validators', function () {
  21   let server: PeerTubeServer
  22
  23   // ---------------------------------------------------------------
  24
  25   before(async function () {
  26     this.timeout(30000)
  27
  28     server = await createSingleServer(1)
  29
  30     await setAccessTokensToServers([ server ])
  31   })
  32
  33   describe('When managing following', function () {
  34     let userAccessToken = null
  35
  36     before(async function () {
  37       const user = {
  38         username: 'user1',
  39         password: 'password'
  40       }
  41
  42       await server.users.create({ username: user.username, password: user.password })
  43       userAccessToken = await server.login.getAccessToken(user)
  44     })
  45
  46     describe('When adding follows', function () {
  47       const path = '/api/v1/server/following'
  48
  49       it('Should fail without hosts', async function () {
  50         await makePostBodyRequest({
  51           url: server.url,
  52           path,
  53           token: server.accessToken,
  54           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
  55         })
  56       })
  57
  58       it('Should fail if hosts is not an array', async function () {
  59         await makePostBodyRequest({
  60           url: server.url,
  61           path,
  62           token: server.accessToken,
  63           fields: { hosts: 'localhost:9002' },
  64           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
  65         })
  66       })
  67
  68       it('Should fail if the array is not composed by hosts', async function () {
  69         await makePostBodyRequest({
  70           url: server.url,
  71           path,
  72           fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
  73           token: server.accessToken,
  74           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
  75         })
  76       })
  77
  78       it('Should fail if the array is composed with http schemes', async function () {
  79         await makePostBodyRequest({
  80           url: server.url,
  81           path,
  82           fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
  83           token: server.accessToken,
  84           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
  85         })
  86       })
  87
  88       it('Should fail if hosts are not unique', async function () {
  89         await makePostBodyRequest({
  90           url: server.url,
  91           path,
  92           fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
  93           token: server.accessToken,
  94           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
  95         })
  96       })
  97
  98       it('Should fail with an invalid token', async function () {
  99         await makePostBodyRequest({
 100           url: server.url,
 101           path,
 102           fields: { hosts: [ 'localhost:9002' ] },
 103           token: 'fake_token',
 104           statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 105         })
 106       })
 107
 108       it('Should fail if the user is not an administrator', async function () {
 109         await makePostBodyRequest({
 110           url: server.url,
 111           path,
 112           fields: { hosts: [ 'localhost:9002' ] },
 113           token: userAccessToken,
 114           statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 115         })
 116       })
 117     })
 118
 119     describe('When listing followings', function () {
 120       const path = '/api/v1/server/following'
 121
 122       it('Should fail with a bad start pagination', async function () {
 123         await checkBadStartPagination(server.url, path)
 124       })
 125
 126       it('Should fail with a bad count pagination', async function () {
 127         await checkBadCountPagination(server.url, path)
 128       })
 129
 130       it('Should fail with an incorrect sort', async function () {
 131         await checkBadSortPagination(server.url, path)
 132       })
 133
 134       it('Should fail with an incorrect state', async function () {
 135         await makeGetRequest({
 136           url: server.url,
 137           path,
 138           query: {
 139             state: 'blabla'
 140           }
 141         })
 142       })
 143
 144       it('Should fail with an incorrect actor type', async function () {
 145         await makeGetRequest({
 146           url: server.url,
 147           path,
 148           query: {
 149             actorType: 'blabla'
 150           }
 151         })
 152       })
 153
 154       it('Should fail succeed with the correct params', async function () {
 155         await makeGetRequest({
 156           url: server.url,
 157           path,
 158           statusCodeExpected: HttpStatusCode.OK_200,
 159           query: {
 160             state: 'accepted',
 161             actorType: 'Application'
 162           }
 163         })
 164       })
 165     })
 166
 167     describe('When listing followers', function () {
 168       const path = '/api/v1/server/followers'
 169
 170       it('Should fail with a bad start pagination', async function () {
 171         await checkBadStartPagination(server.url, path)
 172       })
 173
 174       it('Should fail with a bad count pagination', async function () {
 175         await checkBadCountPagination(server.url, path)
 176       })
 177
 178       it('Should fail with an incorrect sort', async function () {
 179         await checkBadSortPagination(server.url, path)
 180       })
 181
 182       it('Should fail with an incorrect actor type', async function () {
 183         await makeGetRequest({
 184           url: server.url,
 185           path,
 186           query: {
 187             actorType: 'blabla'
 188           }
 189         })
 190       })
 191
 192       it('Should fail with an incorrect state', async function () {
 193         await makeGetRequest({
 194           url: server.url,
 195           path,
 196           query: {
 197             state: 'blabla',
 198             actorType: 'Application'
 199           }
 200         })
 201       })
 202
 203       it('Should fail succeed with the correct params', async function () {
 204         await makeGetRequest({
 205           url: server.url,
 206           path,
 207           statusCodeExpected: HttpStatusCode.OK_200,
 208           query: {
 209             state: 'accepted'
 210           }
 211         })
 212       })
 213     })
 214
 215     describe('When removing a follower', function () {
 216       const path = '/api/v1/server/followers'
 217
 218       it('Should fail with an invalid token', async function () {
 219         await makeDeleteRequest({
 220           url: server.url,
 221           path: path + '/toto@localhost:9002',
 222           token: 'fake_token',
 223           statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 224         })
 225       })
 226
 227       it('Should fail if the user is not an administrator', async function () {
 228         await makeDeleteRequest({
 229           url: server.url,
 230           path: path + '/toto@localhost:9002',
 231           token: userAccessToken,
 232           statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 233         })
 234       })
 235
 236       it('Should fail with an invalid follower', async function () {
 237         await makeDeleteRequest({
 238           url: server.url,
 239           path: path + '/toto',
 240           token: server.accessToken,
 241           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
 242         })
 243       })
 244
 245       it('Should fail with an unknown follower', async function () {
 246         await makeDeleteRequest({
 247           url: server.url,
 248           path: path + '/toto@localhost:9003',
 249           token: server.accessToken,
 250           statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 251         })
 252       })
 253     })
 254
 255     describe('When accepting a follower', function () {
 256       const path = '/api/v1/server/followers'
 257
 258       it('Should fail with an invalid token', async function () {
 259         await makePostBodyRequest({
 260           url: server.url,
 261           path: path + '/toto@localhost:9002/accept',
 262           token: 'fake_token',
 263           statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 264         })
 265       })
 266
 267       it('Should fail if the user is not an administrator', async function () {
 268         await makePostBodyRequest({
 269           url: server.url,
 270           path: path + '/toto@localhost:9002/accept',
 271           token: userAccessToken,
 272           statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 273         })
 274       })
 275
 276       it('Should fail with an invalid follower', async function () {
 277         await makePostBodyRequest({
 278           url: server.url,
 279           path: path + '/toto/accept',
 280           token: server.accessToken,
 281           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
 282         })
 283       })
 284
 285       it('Should fail with an unknown follower', async function () {
 286         await makePostBodyRequest({
 287           url: server.url,
 288           path: path + '/toto@localhost:9003/accept',
 289           token: server.accessToken,
 290           statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 291         })
 292       })
 293     })
 294
 295     describe('When rejecting a follower', function () {
 296       const path = '/api/v1/server/followers'
 297
 298       it('Should fail with an invalid token', async function () {
 299         await makePostBodyRequest({
 300           url: server.url,
 301           path: path + '/toto@localhost:9002/reject',
 302           token: 'fake_token',
 303           statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 304         })
 305       })
 306
 307       it('Should fail if the user is not an administrator', async function () {
 308         await makePostBodyRequest({
 309           url: server.url,
 310           path: path + '/toto@localhost:9002/reject',
 311           token: userAccessToken,
 312           statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 313         })
 314       })
 315
 316       it('Should fail with an invalid follower', async function () {
 317         await makePostBodyRequest({
 318           url: server.url,
 319           path: path + '/toto/reject',
 320           token: server.accessToken,
 321           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
 322         })
 323       })
 324
 325       it('Should fail with an unknown follower', async function () {
 326         await makePostBodyRequest({
 327           url: server.url,
 328           path: path + '/toto@localhost:9003/reject',
 329           token: server.accessToken,
 330           statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 331         })
 332       })
 333     })
 334
 335     describe('When removing following', function () {
 336       const path = '/api/v1/server/following'
 337
 338       it('Should fail with an invalid token', async function () {
 339         await makeDeleteRequest({
 340           url: server.url,
 341           path: path + '/localhost:9002',
 342           token: 'fake_token',
 343           statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 344         })
 345       })
 346
 347       it('Should fail if the user is not an administrator', async function () {
 348         await makeDeleteRequest({
 349           url: server.url,
 350           path: path + '/localhost:9002',
 351           token: userAccessToken,
 352           statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 353         })
 354       })
 355
 356       it('Should fail if we do not follow this server', async function () {
 357         await makeDeleteRequest({
 358           url: server.url,
 359           path: path + '/example.com',
 360           token: server.accessToken,
 361           statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 362         })
 363       })
 364     })
 365   })
 366
 367   after(async function () {
 368     await cleanupTests([ server ])
 369   })
 370 })