server/tests/api/check-params/follows.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4
   5 import {
   6   cleanupTests,
   7   createUser,
   8   flushAndRunServer,
   9   makeDeleteRequest, makeGetRequest,
  10   makePostBodyRequest,
  11   ServerInfo,
  12   setAccessTokensToServers,
  13   userLogin
  14 } from '../../../../shared/extra-utils'
  15 import {
  16   checkBadCountPagination,
  17   checkBadSortPagination,
  18   checkBadStartPagination
  19 } from '../../../../shared/extra-utils/requests/check-api-params'
  20 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
  21
  22 describe('Test server follows API validators', function () {
  23   let server: ServerInfo
  24
  25   // ---------------------------------------------------------------
  26
  27   before(async function () {
  28     this.timeout(30000)
  29
  30     server = await flushAndRunServer(1)
  31
  32     await setAccessTokensToServers([ server ])
  33   })
  34
  35   describe('When managing following', function () {
  36     let userAccessToken = null
  37
  38     before(async function () {
  39       const user = {
  40         username: 'user1',
  41         password: 'password'
  42       }
  43
  44       await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
  45       userAccessToken = await userLogin(server, user)
  46     })
  47
  48     describe('When adding follows', function () {
  49       const path = '/api/v1/server/following'
  50
  51       it('Should fail without hosts', async function () {
  52         await makePostBodyRequest({
  53           url: server.url,
  54           path,
  55           token: server.accessToken,
  56           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
  57         })
  58       })
  59
  60       it('Should fail if hosts is not an array', async function () {
  61         await makePostBodyRequest({
  62           url: server.url,
  63           path,
  64           token: server.accessToken,
  65           fields: { hosts: 'localhost:9002' },
  66           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
  67         })
  68       })
  69
  70       it('Should fail if the array is not composed by hosts', async function () {
  71         await makePostBodyRequest({
  72           url: server.url,
  73           path,
  74           fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
  75           token: server.accessToken,
  76           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
  77         })
  78       })
  79
  80       it('Should fail if the array is composed with http schemes', async function () {
  81         await makePostBodyRequest({
  82           url: server.url,
  83           path,
  84           fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
  85           token: server.accessToken,
  86           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
  87         })
  88       })
  89
  90       it('Should fail if hosts are not unique', async function () {
  91         await makePostBodyRequest({
  92           url: server.url,
  93           path,
  94           fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
  95           token: server.accessToken,
  96           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
  97         })
  98       })
  99
 100       it('Should fail with an invalid token', async function () {
 101         await makePostBodyRequest({
 102           url: server.url,
 103           path,
 104           fields: { hosts: [ 'localhost:9002' ] },
 105           token: 'fake_token',
 106           statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 107         })
 108       })
 109
 110       it('Should fail if the user is not an administrator', async function () {
 111         await makePostBodyRequest({
 112           url: server.url,
 113           path,
 114           fields: { hosts: [ 'localhost:9002' ] },
 115           token: userAccessToken,
 116           statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 117         })
 118       })
 119     })
 120
 121     describe('When listing followings', function () {
 122       const path = '/api/v1/server/following'
 123
 124       it('Should fail with a bad start pagination', async function () {
 125         await checkBadStartPagination(server.url, path)
 126       })
 127
 128       it('Should fail with a bad count pagination', async function () {
 129         await checkBadCountPagination(server.url, path)
 130       })
 131
 132       it('Should fail with an incorrect sort', async function () {
 133         await checkBadSortPagination(server.url, path)
 134       })
 135
 136       it('Should fail with an incorrect state', async function () {
 137         await makeGetRequest({
 138           url: server.url,
 139           path,
 140           query: {
 141             state: 'blabla'
 142           }
 143         })
 144       })
 145
 146       it('Should fail with an incorrect actor type', async function () {
 147         await makeGetRequest({
 148           url: server.url,
 149           path,
 150           query: {
 151             actorType: 'blabla'
 152           }
 153         })
 154       })
 155
 156       it('Should fail succeed with the correct params', async function () {
 157         await makeGetRequest({
 158           url: server.url,
 159           path,
 160           statusCodeExpected: HttpStatusCode.OK_200,
 161           query: {
 162             state: 'accepted',
 163             actorType: 'Application'
 164           }
 165         })
 166       })
 167     })
 168
 169     describe('When listing followers', function () {
 170       const path = '/api/v1/server/followers'
 171
 172       it('Should fail with a bad start pagination', async function () {
 173         await checkBadStartPagination(server.url, path)
 174       })
 175
 176       it('Should fail with a bad count pagination', async function () {
 177         await checkBadCountPagination(server.url, path)
 178       })
 179
 180       it('Should fail with an incorrect sort', async function () {
 181         await checkBadSortPagination(server.url, path)
 182       })
 183
 184       it('Should fail with an incorrect actor type', async function () {
 185         await makeGetRequest({
 186           url: server.url,
 187           path,
 188           query: {
 189             actorType: 'blabla'
 190           }
 191         })
 192       })
 193
 194       it('Should fail with an incorrect state', async function () {
 195         await makeGetRequest({
 196           url: server.url,
 197           path,
 198           query: {
 199             state: 'blabla',
 200             actorType: 'Application'
 201           }
 202         })
 203       })
 204
 205       it('Should fail succeed with the correct params', async function () {
 206         await makeGetRequest({
 207           url: server.url,
 208           path,
 209           statusCodeExpected: HttpStatusCode.OK_200,
 210           query: {
 211             state: 'accepted'
 212           }
 213         })
 214       })
 215     })
 216
 217     describe('When removing a follower', function () {
 218       const path = '/api/v1/server/followers'
 219
 220       it('Should fail with an invalid token', async function () {
 221         await makeDeleteRequest({
 222           url: server.url,
 223           path: path + '/toto@localhost:9002',
 224           token: 'fake_token',
 225           statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 226         })
 227       })
 228
 229       it('Should fail if the user is not an administrator', async function () {
 230         await makeDeleteRequest({
 231           url: server.url,
 232           path: path + '/toto@localhost:9002',
 233           token: userAccessToken,
 234           statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 235         })
 236       })
 237
 238       it('Should fail with an invalid follower', async function () {
 239         await makeDeleteRequest({
 240           url: server.url,
 241           path: path + '/toto',
 242           token: server.accessToken,
 243           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
 244         })
 245       })
 246
 247       it('Should fail with an unknown follower', async function () {
 248         await makeDeleteRequest({
 249           url: server.url,
 250           path: path + '/toto@localhost:9003',
 251           token: server.accessToken,
 252           statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 253         })
 254       })
 255     })
 256
 257     describe('When accepting a follower', function () {
 258       const path = '/api/v1/server/followers'
 259
 260       it('Should fail with an invalid token', async function () {
 261         await makePostBodyRequest({
 262           url: server.url,
 263           path: path + '/toto@localhost:9002/accept',
 264           token: 'fake_token',
 265           statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 266         })
 267       })
 268
 269       it('Should fail if the user is not an administrator', async function () {
 270         await makePostBodyRequest({
 271           url: server.url,
 272           path: path + '/toto@localhost:9002/accept',
 273           token: userAccessToken,
 274           statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 275         })
 276       })
 277
 278       it('Should fail with an invalid follower', async function () {
 279         await makePostBodyRequest({
 280           url: server.url,
 281           path: path + '/toto/accept',
 282           token: server.accessToken,
 283           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
 284         })
 285       })
 286
 287       it('Should fail with an unknown follower', async function () {
 288         await makePostBodyRequest({
 289           url: server.url,
 290           path: path + '/toto@localhost:9003/accept',
 291           token: server.accessToken,
 292           statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 293         })
 294       })
 295     })
 296
 297     describe('When rejecting a follower', function () {
 298       const path = '/api/v1/server/followers'
 299
 300       it('Should fail with an invalid token', async function () {
 301         await makePostBodyRequest({
 302           url: server.url,
 303           path: path + '/toto@localhost:9002/reject',
 304           token: 'fake_token',
 305           statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 306         })
 307       })
 308
 309       it('Should fail if the user is not an administrator', async function () {
 310         await makePostBodyRequest({
 311           url: server.url,
 312           path: path + '/toto@localhost:9002/reject',
 313           token: userAccessToken,
 314           statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 315         })
 316       })
 317
 318       it('Should fail with an invalid follower', async function () {
 319         await makePostBodyRequest({
 320           url: server.url,
 321           path: path + '/toto/reject',
 322           token: server.accessToken,
 323           statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
 324         })
 325       })
 326
 327       it('Should fail with an unknown follower', async function () {
 328         await makePostBodyRequest({
 329           url: server.url,
 330           path: path + '/toto@localhost:9003/reject',
 331           token: server.accessToken,
 332           statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 333         })
 334       })
 335     })
 336
 337     describe('When removing following', function () {
 338       const path = '/api/v1/server/following'
 339
 340       it('Should fail with an invalid token', async function () {
 341         await makeDeleteRequest({
 342           url: server.url,
 343           path: path + '/localhost:9002',
 344           token: 'fake_token',
 345           statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 346         })
 347       })
 348
 349       it('Should fail if the user is not an administrator', async function () {
 350         await makeDeleteRequest({
 351           url: server.url,
 352           path: path + '/localhost:9002',
 353           token: userAccessToken,
 354           statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 355         })
 356       })
 357
 358       it('Should fail if we do not follow this server', async function () {
 359         await makeDeleteRequest({
 360           url: server.url,
 361           path: path + '/example.com',
 362           token: server.accessToken,
 363           statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 364         })
 365       })
 366     })
 367   })
 368
 369   after(async function () {
 370     await cleanupTests([ server ])
 371   })
 372 })