server/tests/api/check-params/follows.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
   4 import { HttpStatusCode } from '@shared/models'
   5 import {
   6   cleanupTests,
   7   createSingleServer,
   8   makeDeleteRequest,
   9   makeGetRequest,
  10   makePostBodyRequest,
  11   PeerTubeServer,
  12   setAccessTokensToServers
  13 } from '@shared/server-commands'
  14
  15 describe('Test server follows API validators', function () {
  16   let server: PeerTubeServer
  17
  18   // ---------------------------------------------------------------
  19
  20   before(async function () {
  21     this.timeout(30000)
  22
  23     server = await createSingleServer(1)
  24
  25     await setAccessTokensToServers([ server ])
  26   })
  27
  28   describe('When managing following', function () {
  29     let userAccessToken = null
  30
  31     before(async function () {
  32       userAccessToken = await server.users.generateUserAndToken('user1')
  33     })
  34
  35     describe('When adding follows', function () {
  36       const path = '/api/v1/server/following'
  37
  38       it('Should fail with nothing', async function () {
  39         await makePostBodyRequest({
  40           url: server.url,
  41           path,
  42           token: server.accessToken,
  43           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  44         })
  45       })
  46
  47       it('Should fail if hosts is not composed by hosts', async function () {
  48         await makePostBodyRequest({
  49           url: server.url,
  50           path,
  51           fields: { hosts: [ '127.0.0.1:9002', '127.0.0.1:coucou' ] },
  52           token: server.accessToken,
  53           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  54         })
  55       })
  56
  57       it('Should fail if hosts is composed with http schemes', async function () {
  58         await makePostBodyRequest({
  59           url: server.url,
  60           path,
  61           fields: { hosts: [ '127.0.0.1:9002', 'http://127.0.0.1:9003' ] },
  62           token: server.accessToken,
  63           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  64         })
  65       })
  66
  67       it('Should fail if hosts are not unique', async function () {
  68         await makePostBodyRequest({
  69           url: server.url,
  70           path,
  71           fields: { urls: [ '127.0.0.1:9002', '127.0.0.1:9002' ] },
  72           token: server.accessToken,
  73           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  74         })
  75       })
  76
  77       it('Should fail if handles is not composed by handles', async function () {
  78         await makePostBodyRequest({
  79           url: server.url,
  80           path,
  81           fields: { handles: [ 'hello@example.com', '127.0.0.1:9001' ] },
  82           token: server.accessToken,
  83           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  84         })
  85       })
  86
  87       it('Should fail if handles are not unique', async function () {
  88         await makePostBodyRequest({
  89           url: server.url,
  90           path,
  91           fields: { urls: [ 'hello@example.com', 'hello@example.com' ] },
  92           token: server.accessToken,
  93           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  94         })
  95       })
  96
  97       it('Should fail with an invalid token', async function () {
  98         await makePostBodyRequest({
  99           url: server.url,
 100           path,
 101           fields: { hosts: [ '127.0.0.1:9002' ] },
 102           token: 'fake_token',
 103           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 104         })
 105       })
 106
 107       it('Should fail if the user is not an administrator', async function () {
 108         await makePostBodyRequest({
 109           url: server.url,
 110           path,
 111           fields: { hosts: [ '127.0.0.1:9002' ] },
 112           token: userAccessToken,
 113           expectedStatus: HttpStatusCode.FORBIDDEN_403
 114         })
 115       })
 116     })
 117
 118     describe('When listing followings', function () {
 119       const path = '/api/v1/server/following'
 120
 121       it('Should fail with a bad start pagination', async function () {
 122         await checkBadStartPagination(server.url, path)
 123       })
 124
 125       it('Should fail with a bad count pagination', async function () {
 126         await checkBadCountPagination(server.url, path)
 127       })
 128
 129       it('Should fail with an incorrect sort', async function () {
 130         await checkBadSortPagination(server.url, path)
 131       })
 132
 133       it('Should fail with an incorrect state', async function () {
 134         await makeGetRequest({
 135           url: server.url,
 136           path,
 137           query: {
 138             state: 'blabla'
 139           }
 140         })
 141       })
 142
 143       it('Should fail with an incorrect actor type', async function () {
 144         await makeGetRequest({
 145           url: server.url,
 146           path,
 147           query: {
 148             actorType: 'blabla'
 149           }
 150         })
 151       })
 152
 153       it('Should fail succeed with the correct params', async function () {
 154         await makeGetRequest({
 155           url: server.url,
 156           path,
 157           expectedStatus: HttpStatusCode.OK_200,
 158           query: {
 159             state: 'accepted',
 160             actorType: 'Application'
 161           }
 162         })
 163       })
 164     })
 165
 166     describe('When listing followers', function () {
 167       const path = '/api/v1/server/followers'
 168
 169       it('Should fail with a bad start pagination', async function () {
 170         await checkBadStartPagination(server.url, path)
 171       })
 172
 173       it('Should fail with a bad count pagination', async function () {
 174         await checkBadCountPagination(server.url, path)
 175       })
 176
 177       it('Should fail with an incorrect sort', async function () {
 178         await checkBadSortPagination(server.url, path)
 179       })
 180
 181       it('Should fail with an incorrect actor type', async function () {
 182         await makeGetRequest({
 183           url: server.url,
 184           path,
 185           query: {
 186             actorType: 'blabla'
 187           }
 188         })
 189       })
 190
 191       it('Should fail with an incorrect state', async function () {
 192         await makeGetRequest({
 193           url: server.url,
 194           path,
 195           query: {
 196             state: 'blabla',
 197             actorType: 'Application'
 198           }
 199         })
 200       })
 201
 202       it('Should fail succeed with the correct params', async function () {
 203         await makeGetRequest({
 204           url: server.url,
 205           path,
 206           expectedStatus: HttpStatusCode.OK_200,
 207           query: {
 208             state: 'accepted'
 209           }
 210         })
 211       })
 212     })
 213
 214     describe('When removing a follower', function () {
 215       const path = '/api/v1/server/followers'
 216
 217       it('Should fail with an invalid token', async function () {
 218         await makeDeleteRequest({
 219           url: server.url,
 220           path: path + '/toto@127.0.0.1:9002',
 221           token: 'fake_token',
 222           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 223         })
 224       })
 225
 226       it('Should fail if the user is not an administrator', async function () {
 227         await makeDeleteRequest({
 228           url: server.url,
 229           path: path + '/toto@127.0.0.1:9002',
 230           token: userAccessToken,
 231           expectedStatus: HttpStatusCode.FORBIDDEN_403
 232         })
 233       })
 234
 235       it('Should fail with an invalid follower', async function () {
 236         await makeDeleteRequest({
 237           url: server.url,
 238           path: path + '/toto',
 239           token: server.accessToken,
 240           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 241         })
 242       })
 243
 244       it('Should fail with an unknown follower', async function () {
 245         await makeDeleteRequest({
 246           url: server.url,
 247           path: path + '/toto@127.0.0.1:9003',
 248           token: server.accessToken,
 249           expectedStatus: HttpStatusCode.NOT_FOUND_404
 250         })
 251       })
 252     })
 253
 254     describe('When accepting a follower', function () {
 255       const path = '/api/v1/server/followers'
 256
 257       it('Should fail with an invalid token', async function () {
 258         await makePostBodyRequest({
 259           url: server.url,
 260           path: path + '/toto@127.0.0.1:9002/accept',
 261           token: 'fake_token',
 262           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 263         })
 264       })
 265
 266       it('Should fail if the user is not an administrator', async function () {
 267         await makePostBodyRequest({
 268           url: server.url,
 269           path: path + '/toto@127.0.0.1:9002/accept',
 270           token: userAccessToken,
 271           expectedStatus: HttpStatusCode.FORBIDDEN_403
 272         })
 273       })
 274
 275       it('Should fail with an invalid follower', async function () {
 276         await makePostBodyRequest({
 277           url: server.url,
 278           path: path + '/toto/accept',
 279           token: server.accessToken,
 280           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 281         })
 282       })
 283
 284       it('Should fail with an unknown follower', async function () {
 285         await makePostBodyRequest({
 286           url: server.url,
 287           path: path + '/toto@127.0.0.1:9003/accept',
 288           token: server.accessToken,
 289           expectedStatus: HttpStatusCode.NOT_FOUND_404
 290         })
 291       })
 292     })
 293
 294     describe('When rejecting a follower', function () {
 295       const path = '/api/v1/server/followers'
 296
 297       it('Should fail with an invalid token', async function () {
 298         await makePostBodyRequest({
 299           url: server.url,
 300           path: path + '/toto@127.0.0.1:9002/reject',
 301           token: 'fake_token',
 302           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 303         })
 304       })
 305
 306       it('Should fail if the user is not an administrator', async function () {
 307         await makePostBodyRequest({
 308           url: server.url,
 309           path: path + '/toto@127.0.0.1:9002/reject',
 310           token: userAccessToken,
 311           expectedStatus: HttpStatusCode.FORBIDDEN_403
 312         })
 313       })
 314
 315       it('Should fail with an invalid follower', async function () {
 316         await makePostBodyRequest({
 317           url: server.url,
 318           path: path + '/toto/reject',
 319           token: server.accessToken,
 320           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 321         })
 322       })
 323
 324       it('Should fail with an unknown follower', async function () {
 325         await makePostBodyRequest({
 326           url: server.url,
 327           path: path + '/toto@127.0.0.1:9003/reject',
 328           token: server.accessToken,
 329           expectedStatus: HttpStatusCode.NOT_FOUND_404
 330         })
 331       })
 332     })
 333
 334     describe('When removing following', function () {
 335       const path = '/api/v1/server/following'
 336
 337       it('Should fail with an invalid token', async function () {
 338         await makeDeleteRequest({
 339           url: server.url,
 340           path: path + '/127.0.0.1:9002',
 341           token: 'fake_token',
 342           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 343         })
 344       })
 345
 346       it('Should fail if the user is not an administrator', async function () {
 347         await makeDeleteRequest({
 348           url: server.url,
 349           path: path + '/127.0.0.1:9002',
 350           token: userAccessToken,
 351           expectedStatus: HttpStatusCode.FORBIDDEN_403
 352         })
 353       })
 354
 355       it('Should fail if we do not follow this server', async function () {
 356         await makeDeleteRequest({
 357           url: server.url,
 358           path: path + '/example.com',
 359           token: server.accessToken,
 360           expectedStatus: HttpStatusCode.NOT_FOUND_404
 361         })
 362       })
 363     })
 364   })
 365
 366   after(async function () {
 367     await cleanupTests([ server ])
 368   })
 369 })