server/tests/api/check-params/follows.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
   5 import { HttpStatusCode } from '@shared/models'
   6 import {
   7   cleanupTests,
   8   createSingleServer,
   9   makeDeleteRequest,
  10   makeGetRequest,
  11   makePostBodyRequest,
  12   PeerTubeServer,
  13   setAccessTokensToServers
  14 } from '@shared/server-commands'
  15
  16 describe('Test server follows API validators', function () {
  17   let server: PeerTubeServer
  18
  19   // ---------------------------------------------------------------
  20
  21   before(async function () {
  22     this.timeout(30000)
  23
  24     server = await createSingleServer(1)
  25
  26     await setAccessTokensToServers([ server ])
  27   })
  28
  29   describe('When managing following', function () {
  30     let userAccessToken = null
  31
  32     before(async function () {
  33       userAccessToken = await server.users.generateUserAndToken('user1')
  34     })
  35
  36     describe('When adding follows', function () {
  37       const path = '/api/v1/server/following'
  38
  39       it('Should fail with nothing', async function () {
  40         await makePostBodyRequest({
  41           url: server.url,
  42           path,
  43           token: server.accessToken,
  44           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  45         })
  46       })
  47
  48       it('Should fail if hosts is not composed by hosts', async function () {
  49         await makePostBodyRequest({
  50           url: server.url,
  51           path,
  52           fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
  53           token: server.accessToken,
  54           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  55         })
  56       })
  57
  58       it('Should fail if hosts is composed with http schemes', async function () {
  59         await makePostBodyRequest({
  60           url: server.url,
  61           path,
  62           fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
  63           token: server.accessToken,
  64           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  65         })
  66       })
  67
  68       it('Should fail if hosts are not unique', async function () {
  69         await makePostBodyRequest({
  70           url: server.url,
  71           path,
  72           fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
  73           token: server.accessToken,
  74           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  75         })
  76       })
  77
  78       it('Should fail if handles is not composed by handles', async function () {
  79         await makePostBodyRequest({
  80           url: server.url,
  81           path,
  82           fields: { handles: [ 'hello@example.com', 'localhost:9001' ] },
  83           token: server.accessToken,
  84           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  85         })
  86       })
  87
  88       it('Should fail if handles are not unique', async function () {
  89         await makePostBodyRequest({
  90           url: server.url,
  91           path,
  92           fields: { urls: [ 'hello@example.com', 'hello@example.com' ] },
  93           token: server.accessToken,
  94           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  95         })
  96       })
  97
  98       it('Should fail with an invalid token', async function () {
  99         await makePostBodyRequest({
 100           url: server.url,
 101           path,
 102           fields: { hosts: [ 'localhost:9002' ] },
 103           token: 'fake_token',
 104           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 105         })
 106       })
 107
 108       it('Should fail if the user is not an administrator', async function () {
 109         await makePostBodyRequest({
 110           url: server.url,
 111           path,
 112           fields: { hosts: [ 'localhost:9002' ] },
 113           token: userAccessToken,
 114           expectedStatus: HttpStatusCode.FORBIDDEN_403
 115         })
 116       })
 117     })
 118
 119     describe('When listing followings', function () {
 120       const path = '/api/v1/server/following'
 121
 122       it('Should fail with a bad start pagination', async function () {
 123         await checkBadStartPagination(server.url, path)
 124       })
 125
 126       it('Should fail with a bad count pagination', async function () {
 127         await checkBadCountPagination(server.url, path)
 128       })
 129
 130       it('Should fail with an incorrect sort', async function () {
 131         await checkBadSortPagination(server.url, path)
 132       })
 133
 134       it('Should fail with an incorrect state', async function () {
 135         await makeGetRequest({
 136           url: server.url,
 137           path,
 138           query: {
 139             state: 'blabla'
 140           }
 141         })
 142       })
 143
 144       it('Should fail with an incorrect actor type', async function () {
 145         await makeGetRequest({
 146           url: server.url,
 147           path,
 148           query: {
 149             actorType: 'blabla'
 150           }
 151         })
 152       })
 153
 154       it('Should fail succeed with the correct params', async function () {
 155         await makeGetRequest({
 156           url: server.url,
 157           path,
 158           expectedStatus: HttpStatusCode.OK_200,
 159           query: {
 160             state: 'accepted',
 161             actorType: 'Application'
 162           }
 163         })
 164       })
 165     })
 166
 167     describe('When listing followers', function () {
 168       const path = '/api/v1/server/followers'
 169
 170       it('Should fail with a bad start pagination', async function () {
 171         await checkBadStartPagination(server.url, path)
 172       })
 173
 174       it('Should fail with a bad count pagination', async function () {
 175         await checkBadCountPagination(server.url, path)
 176       })
 177
 178       it('Should fail with an incorrect sort', async function () {
 179         await checkBadSortPagination(server.url, path)
 180       })
 181
 182       it('Should fail with an incorrect actor type', async function () {
 183         await makeGetRequest({
 184           url: server.url,
 185           path,
 186           query: {
 187             actorType: 'blabla'
 188           }
 189         })
 190       })
 191
 192       it('Should fail with an incorrect state', async function () {
 193         await makeGetRequest({
 194           url: server.url,
 195           path,
 196           query: {
 197             state: 'blabla',
 198             actorType: 'Application'
 199           }
 200         })
 201       })
 202
 203       it('Should fail succeed with the correct params', async function () {
 204         await makeGetRequest({
 205           url: server.url,
 206           path,
 207           expectedStatus: HttpStatusCode.OK_200,
 208           query: {
 209             state: 'accepted'
 210           }
 211         })
 212       })
 213     })
 214
 215     describe('When removing a follower', function () {
 216       const path = '/api/v1/server/followers'
 217
 218       it('Should fail with an invalid token', async function () {
 219         await makeDeleteRequest({
 220           url: server.url,
 221           path: path + '/toto@localhost:9002',
 222           token: 'fake_token',
 223           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 224         })
 225       })
 226
 227       it('Should fail if the user is not an administrator', async function () {
 228         await makeDeleteRequest({
 229           url: server.url,
 230           path: path + '/toto@localhost:9002',
 231           token: userAccessToken,
 232           expectedStatus: HttpStatusCode.FORBIDDEN_403
 233         })
 234       })
 235
 236       it('Should fail with an invalid follower', async function () {
 237         await makeDeleteRequest({
 238           url: server.url,
 239           path: path + '/toto',
 240           token: server.accessToken,
 241           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 242         })
 243       })
 244
 245       it('Should fail with an unknown follower', async function () {
 246         await makeDeleteRequest({
 247           url: server.url,
 248           path: path + '/toto@localhost:9003',
 249           token: server.accessToken,
 250           expectedStatus: HttpStatusCode.NOT_FOUND_404
 251         })
 252       })
 253     })
 254
 255     describe('When accepting a follower', function () {
 256       const path = '/api/v1/server/followers'
 257
 258       it('Should fail with an invalid token', async function () {
 259         await makePostBodyRequest({
 260           url: server.url,
 261           path: path + '/toto@localhost:9002/accept',
 262           token: 'fake_token',
 263           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 264         })
 265       })
 266
 267       it('Should fail if the user is not an administrator', async function () {
 268         await makePostBodyRequest({
 269           url: server.url,
 270           path: path + '/toto@localhost:9002/accept',
 271           token: userAccessToken,
 272           expectedStatus: HttpStatusCode.FORBIDDEN_403
 273         })
 274       })
 275
 276       it('Should fail with an invalid follower', async function () {
 277         await makePostBodyRequest({
 278           url: server.url,
 279           path: path + '/toto/accept',
 280           token: server.accessToken,
 281           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 282         })
 283       })
 284
 285       it('Should fail with an unknown follower', async function () {
 286         await makePostBodyRequest({
 287           url: server.url,
 288           path: path + '/toto@localhost:9003/accept',
 289           token: server.accessToken,
 290           expectedStatus: HttpStatusCode.NOT_FOUND_404
 291         })
 292       })
 293     })
 294
 295     describe('When rejecting a follower', function () {
 296       const path = '/api/v1/server/followers'
 297
 298       it('Should fail with an invalid token', async function () {
 299         await makePostBodyRequest({
 300           url: server.url,
 301           path: path + '/toto@localhost:9002/reject',
 302           token: 'fake_token',
 303           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 304         })
 305       })
 306
 307       it('Should fail if the user is not an administrator', async function () {
 308         await makePostBodyRequest({
 309           url: server.url,
 310           path: path + '/toto@localhost:9002/reject',
 311           token: userAccessToken,
 312           expectedStatus: HttpStatusCode.FORBIDDEN_403
 313         })
 314       })
 315
 316       it('Should fail with an invalid follower', async function () {
 317         await makePostBodyRequest({
 318           url: server.url,
 319           path: path + '/toto/reject',
 320           token: server.accessToken,
 321           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 322         })
 323       })
 324
 325       it('Should fail with an unknown follower', async function () {
 326         await makePostBodyRequest({
 327           url: server.url,
 328           path: path + '/toto@localhost:9003/reject',
 329           token: server.accessToken,
 330           expectedStatus: HttpStatusCode.NOT_FOUND_404
 331         })
 332       })
 333     })
 334
 335     describe('When removing following', function () {
 336       const path = '/api/v1/server/following'
 337
 338       it('Should fail with an invalid token', async function () {
 339         await makeDeleteRequest({
 340           url: server.url,
 341           path: path + '/localhost:9002',
 342           token: 'fake_token',
 343           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 344         })
 345       })
 346
 347       it('Should fail if the user is not an administrator', async function () {
 348         await makeDeleteRequest({
 349           url: server.url,
 350           path: path + '/localhost:9002',
 351           token: userAccessToken,
 352           expectedStatus: HttpStatusCode.FORBIDDEN_403
 353         })
 354       })
 355
 356       it('Should fail if we do not follow this server', async function () {
 357         await makeDeleteRequest({
 358           url: server.url,
 359           path: path + '/example.com',
 360           token: server.accessToken,
 361           expectedStatus: HttpStatusCode.NOT_FOUND_404
 362         })
 363       })
 364     })
 365   })
 366
 367   after(async function () {
 368     await cleanupTests([ server ])
 369   })
 370 })