server/tests/api/check-params/follows.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import {
   5   checkBadCountPagination,
   6   checkBadSortPagination,
   7   checkBadStartPagination,
   8   cleanupTests,
   9   createSingleServer,
  10   makeDeleteRequest,
  11   makeGetRequest,
  12   makePostBodyRequest,
  13   PeerTubeServer,
  14   setAccessTokensToServers
  15 } from '@shared/server-commands'
  16 import { HttpStatusCode } from '@shared/models'
  17
  18 describe('Test server follows API validators', function () {
  19   let server: PeerTubeServer
  20
  21   // ---------------------------------------------------------------
  22
  23   before(async function () {
  24     this.timeout(30000)
  25
  26     server = await createSingleServer(1)
  27
  28     await setAccessTokensToServers([ server ])
  29   })
  30
  31   describe('When managing following', function () {
  32     let userAccessToken = null
  33
  34     before(async function () {
  35       userAccessToken = await server.users.generateUserAndToken('user1')
  36     })
  37
  38     describe('When adding follows', function () {
  39       const path = '/api/v1/server/following'
  40
  41       it('Should fail with nothing', async function () {
  42         await makePostBodyRequest({
  43           url: server.url,
  44           path,
  45           token: server.accessToken,
  46           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  47         })
  48       })
  49
  50       it('Should fail if hosts is not composed by hosts', async function () {
  51         await makePostBodyRequest({
  52           url: server.url,
  53           path,
  54           fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
  55           token: server.accessToken,
  56           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  57         })
  58       })
  59
  60       it('Should fail if hosts is composed with http schemes', async function () {
  61         await makePostBodyRequest({
  62           url: server.url,
  63           path,
  64           fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
  65           token: server.accessToken,
  66           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  67         })
  68       })
  69
  70       it('Should fail if hosts are not unique', async function () {
  71         await makePostBodyRequest({
  72           url: server.url,
  73           path,
  74           fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
  75           token: server.accessToken,
  76           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  77         })
  78       })
  79
  80       it('Should fail if handles is not composed by handles', async function () {
  81         await makePostBodyRequest({
  82           url: server.url,
  83           path,
  84           fields: { handles: [ 'hello@example.com', 'localhost:9001' ] },
  85           token: server.accessToken,
  86           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  87         })
  88       })
  89
  90       it('Should fail if handles are not unique', async function () {
  91         await makePostBodyRequest({
  92           url: server.url,
  93           path,
  94           fields: { urls: [ 'hello@example.com', 'hello@example.com' ] },
  95           token: server.accessToken,
  96           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  97         })
  98       })
  99
 100       it('Should fail with an invalid token', async function () {
 101         await makePostBodyRequest({
 102           url: server.url,
 103           path,
 104           fields: { hosts: [ 'localhost:9002' ] },
 105           token: 'fake_token',
 106           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 107         })
 108       })
 109
 110       it('Should fail if the user is not an administrator', async function () {
 111         await makePostBodyRequest({
 112           url: server.url,
 113           path,
 114           fields: { hosts: [ 'localhost:9002' ] },
 115           token: userAccessToken,
 116           expectedStatus: HttpStatusCode.FORBIDDEN_403
 117         })
 118       })
 119     })
 120
 121     describe('When listing followings', function () {
 122       const path = '/api/v1/server/following'
 123
 124       it('Should fail with a bad start pagination', async function () {
 125         await checkBadStartPagination(server.url, path)
 126       })
 127
 128       it('Should fail with a bad count pagination', async function () {
 129         await checkBadCountPagination(server.url, path)
 130       })
 131
 132       it('Should fail with an incorrect sort', async function () {
 133         await checkBadSortPagination(server.url, path)
 134       })
 135
 136       it('Should fail with an incorrect state', async function () {
 137         await makeGetRequest({
 138           url: server.url,
 139           path,
 140           query: {
 141             state: 'blabla'
 142           }
 143         })
 144       })
 145
 146       it('Should fail with an incorrect actor type', async function () {
 147         await makeGetRequest({
 148           url: server.url,
 149           path,
 150           query: {
 151             actorType: 'blabla'
 152           }
 153         })
 154       })
 155
 156       it('Should fail succeed with the correct params', async function () {
 157         await makeGetRequest({
 158           url: server.url,
 159           path,
 160           expectedStatus: HttpStatusCode.OK_200,
 161           query: {
 162             state: 'accepted',
 163             actorType: 'Application'
 164           }
 165         })
 166       })
 167     })
 168
 169     describe('When listing followers', function () {
 170       const path = '/api/v1/server/followers'
 171
 172       it('Should fail with a bad start pagination', async function () {
 173         await checkBadStartPagination(server.url, path)
 174       })
 175
 176       it('Should fail with a bad count pagination', async function () {
 177         await checkBadCountPagination(server.url, path)
 178       })
 179
 180       it('Should fail with an incorrect sort', async function () {
 181         await checkBadSortPagination(server.url, path)
 182       })
 183
 184       it('Should fail with an incorrect actor type', async function () {
 185         await makeGetRequest({
 186           url: server.url,
 187           path,
 188           query: {
 189             actorType: 'blabla'
 190           }
 191         })
 192       })
 193
 194       it('Should fail with an incorrect state', async function () {
 195         await makeGetRequest({
 196           url: server.url,
 197           path,
 198           query: {
 199             state: 'blabla',
 200             actorType: 'Application'
 201           }
 202         })
 203       })
 204
 205       it('Should fail succeed with the correct params', async function () {
 206         await makeGetRequest({
 207           url: server.url,
 208           path,
 209           expectedStatus: HttpStatusCode.OK_200,
 210           query: {
 211             state: 'accepted'
 212           }
 213         })
 214       })
 215     })
 216
 217     describe('When removing a follower', function () {
 218       const path = '/api/v1/server/followers'
 219
 220       it('Should fail with an invalid token', async function () {
 221         await makeDeleteRequest({
 222           url: server.url,
 223           path: path + '/toto@localhost:9002',
 224           token: 'fake_token',
 225           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 226         })
 227       })
 228
 229       it('Should fail if the user is not an administrator', async function () {
 230         await makeDeleteRequest({
 231           url: server.url,
 232           path: path + '/toto@localhost:9002',
 233           token: userAccessToken,
 234           expectedStatus: HttpStatusCode.FORBIDDEN_403
 235         })
 236       })
 237
 238       it('Should fail with an invalid follower', async function () {
 239         await makeDeleteRequest({
 240           url: server.url,
 241           path: path + '/toto',
 242           token: server.accessToken,
 243           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 244         })
 245       })
 246
 247       it('Should fail with an unknown follower', async function () {
 248         await makeDeleteRequest({
 249           url: server.url,
 250           path: path + '/toto@localhost:9003',
 251           token: server.accessToken,
 252           expectedStatus: HttpStatusCode.NOT_FOUND_404
 253         })
 254       })
 255     })
 256
 257     describe('When accepting a follower', function () {
 258       const path = '/api/v1/server/followers'
 259
 260       it('Should fail with an invalid token', async function () {
 261         await makePostBodyRequest({
 262           url: server.url,
 263           path: path + '/toto@localhost:9002/accept',
 264           token: 'fake_token',
 265           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 266         })
 267       })
 268
 269       it('Should fail if the user is not an administrator', async function () {
 270         await makePostBodyRequest({
 271           url: server.url,
 272           path: path + '/toto@localhost:9002/accept',
 273           token: userAccessToken,
 274           expectedStatus: HttpStatusCode.FORBIDDEN_403
 275         })
 276       })
 277
 278       it('Should fail with an invalid follower', async function () {
 279         await makePostBodyRequest({
 280           url: server.url,
 281           path: path + '/toto/accept',
 282           token: server.accessToken,
 283           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 284         })
 285       })
 286
 287       it('Should fail with an unknown follower', async function () {
 288         await makePostBodyRequest({
 289           url: server.url,
 290           path: path + '/toto@localhost:9003/accept',
 291           token: server.accessToken,
 292           expectedStatus: HttpStatusCode.NOT_FOUND_404
 293         })
 294       })
 295     })
 296
 297     describe('When rejecting a follower', function () {
 298       const path = '/api/v1/server/followers'
 299
 300       it('Should fail with an invalid token', async function () {
 301         await makePostBodyRequest({
 302           url: server.url,
 303           path: path + '/toto@localhost:9002/reject',
 304           token: 'fake_token',
 305           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 306         })
 307       })
 308
 309       it('Should fail if the user is not an administrator', async function () {
 310         await makePostBodyRequest({
 311           url: server.url,
 312           path: path + '/toto@localhost:9002/reject',
 313           token: userAccessToken,
 314           expectedStatus: HttpStatusCode.FORBIDDEN_403
 315         })
 316       })
 317
 318       it('Should fail with an invalid follower', async function () {
 319         await makePostBodyRequest({
 320           url: server.url,
 321           path: path + '/toto/reject',
 322           token: server.accessToken,
 323           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 324         })
 325       })
 326
 327       it('Should fail with an unknown follower', async function () {
 328         await makePostBodyRequest({
 329           url: server.url,
 330           path: path + '/toto@localhost:9003/reject',
 331           token: server.accessToken,
 332           expectedStatus: HttpStatusCode.NOT_FOUND_404
 333         })
 334       })
 335     })
 336
 337     describe('When removing following', function () {
 338       const path = '/api/v1/server/following'
 339
 340       it('Should fail with an invalid token', async function () {
 341         await makeDeleteRequest({
 342           url: server.url,
 343           path: path + '/localhost:9002',
 344           token: 'fake_token',
 345           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 346         })
 347       })
 348
 349       it('Should fail if the user is not an administrator', async function () {
 350         await makeDeleteRequest({
 351           url: server.url,
 352           path: path + '/localhost:9002',
 353           token: userAccessToken,
 354           expectedStatus: HttpStatusCode.FORBIDDEN_403
 355         })
 356       })
 357
 358       it('Should fail if we do not follow this server', async function () {
 359         await makeDeleteRequest({
 360           url: server.url,
 361           path: path + '/example.com',
 362           token: server.accessToken,
 363           expectedStatus: HttpStatusCode.NOT_FOUND_404
 364         })
 365       })
 366     })
 367   })
 368
 369   after(async function () {
 370     await cleanupTests([ server ])
 371   })
 372 })