server/tests/api/check-params/follows.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import {
   5   checkBadCountPagination,
   6   checkBadSortPagination,
   7   checkBadStartPagination,
   8   cleanupTests,
   9   createSingleServer,
  10   makeDeleteRequest,
  11   makeGetRequest,
  12   makePostBodyRequest,
  13   PeerTubeServer,
  14   setAccessTokensToServers
  15 } from '@shared/extra-utils'
  16 import { HttpStatusCode } from '@shared/models'
  17
  18 describe('Test server follows API validators', function () {
  19   let server: PeerTubeServer
  20
  21   // ---------------------------------------------------------------
  22
  23   before(async function () {
  24     this.timeout(30000)
  25
  26     server = await createSingleServer(1)
  27
  28     await setAccessTokensToServers([ server ])
  29   })
  30
  31   describe('When managing following', function () {
  32     let userAccessToken = null
  33
  34     before(async function () {
  35       const user = {
  36         username: 'user1',
  37         password: 'password'
  38       }
  39
  40       await server.users.create({ username: user.username, password: user.password })
  41       userAccessToken = await server.login.getAccessToken(user)
  42     })
  43
  44     describe('When adding follows', function () {
  45       const path = '/api/v1/server/following'
  46
  47       it('Should fail without hosts', async function () {
  48         await makePostBodyRequest({
  49           url: server.url,
  50           path,
  51           token: server.accessToken,
  52           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  53         })
  54       })
  55
  56       it('Should fail if hosts is not an array', async function () {
  57         await makePostBodyRequest({
  58           url: server.url,
  59           path,
  60           token: server.accessToken,
  61           fields: { hosts: 'localhost:9002' },
  62           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  63         })
  64       })
  65
  66       it('Should fail if the array is not composed by hosts', async function () {
  67         await makePostBodyRequest({
  68           url: server.url,
  69           path,
  70           fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
  71           token: server.accessToken,
  72           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  73         })
  74       })
  75
  76       it('Should fail if the array is composed with http schemes', async function () {
  77         await makePostBodyRequest({
  78           url: server.url,
  79           path,
  80           fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
  81           token: server.accessToken,
  82           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  83         })
  84       })
  85
  86       it('Should fail if hosts are not unique', async function () {
  87         await makePostBodyRequest({
  88           url: server.url,
  89           path,
  90           fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
  91           token: server.accessToken,
  92           expectedStatus: HttpStatusCode.BAD_REQUEST_400
  93         })
  94       })
  95
  96       it('Should fail with an invalid token', async function () {
  97         await makePostBodyRequest({
  98           url: server.url,
  99           path,
 100           fields: { hosts: [ 'localhost:9002' ] },
 101           token: 'fake_token',
 102           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 103         })
 104       })
 105
 106       it('Should fail if the user is not an administrator', async function () {
 107         await makePostBodyRequest({
 108           url: server.url,
 109           path,
 110           fields: { hosts: [ 'localhost:9002' ] },
 111           token: userAccessToken,
 112           expectedStatus: HttpStatusCode.FORBIDDEN_403
 113         })
 114       })
 115     })
 116
 117     describe('When listing followings', function () {
 118       const path = '/api/v1/server/following'
 119
 120       it('Should fail with a bad start pagination', async function () {
 121         await checkBadStartPagination(server.url, path)
 122       })
 123
 124       it('Should fail with a bad count pagination', async function () {
 125         await checkBadCountPagination(server.url, path)
 126       })
 127
 128       it('Should fail with an incorrect sort', async function () {
 129         await checkBadSortPagination(server.url, path)
 130       })
 131
 132       it('Should fail with an incorrect state', async function () {
 133         await makeGetRequest({
 134           url: server.url,
 135           path,
 136           query: {
 137             state: 'blabla'
 138           }
 139         })
 140       })
 141
 142       it('Should fail with an incorrect actor type', async function () {
 143         await makeGetRequest({
 144           url: server.url,
 145           path,
 146           query: {
 147             actorType: 'blabla'
 148           }
 149         })
 150       })
 151
 152       it('Should fail succeed with the correct params', async function () {
 153         await makeGetRequest({
 154           url: server.url,
 155           path,
 156           expectedStatus: HttpStatusCode.OK_200,
 157           query: {
 158             state: 'accepted',
 159             actorType: 'Application'
 160           }
 161         })
 162       })
 163     })
 164
 165     describe('When listing followers', function () {
 166       const path = '/api/v1/server/followers'
 167
 168       it('Should fail with a bad start pagination', async function () {
 169         await checkBadStartPagination(server.url, path)
 170       })
 171
 172       it('Should fail with a bad count pagination', async function () {
 173         await checkBadCountPagination(server.url, path)
 174       })
 175
 176       it('Should fail with an incorrect sort', async function () {
 177         await checkBadSortPagination(server.url, path)
 178       })
 179
 180       it('Should fail with an incorrect actor type', async function () {
 181         await makeGetRequest({
 182           url: server.url,
 183           path,
 184           query: {
 185             actorType: 'blabla'
 186           }
 187         })
 188       })
 189
 190       it('Should fail with an incorrect state', async function () {
 191         await makeGetRequest({
 192           url: server.url,
 193           path,
 194           query: {
 195             state: 'blabla',
 196             actorType: 'Application'
 197           }
 198         })
 199       })
 200
 201       it('Should fail succeed with the correct params', async function () {
 202         await makeGetRequest({
 203           url: server.url,
 204           path,
 205           expectedStatus: HttpStatusCode.OK_200,
 206           query: {
 207             state: 'accepted'
 208           }
 209         })
 210       })
 211     })
 212
 213     describe('When removing a follower', function () {
 214       const path = '/api/v1/server/followers'
 215
 216       it('Should fail with an invalid token', async function () {
 217         await makeDeleteRequest({
 218           url: server.url,
 219           path: path + '/toto@localhost:9002',
 220           token: 'fake_token',
 221           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 222         })
 223       })
 224
 225       it('Should fail if the user is not an administrator', async function () {
 226         await makeDeleteRequest({
 227           url: server.url,
 228           path: path + '/toto@localhost:9002',
 229           token: userAccessToken,
 230           expectedStatus: HttpStatusCode.FORBIDDEN_403
 231         })
 232       })
 233
 234       it('Should fail with an invalid follower', async function () {
 235         await makeDeleteRequest({
 236           url: server.url,
 237           path: path + '/toto',
 238           token: server.accessToken,
 239           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 240         })
 241       })
 242
 243       it('Should fail with an unknown follower', async function () {
 244         await makeDeleteRequest({
 245           url: server.url,
 246           path: path + '/toto@localhost:9003',
 247           token: server.accessToken,
 248           expectedStatus: HttpStatusCode.NOT_FOUND_404
 249         })
 250       })
 251     })
 252
 253     describe('When accepting a follower', function () {
 254       const path = '/api/v1/server/followers'
 255
 256       it('Should fail with an invalid token', async function () {
 257         await makePostBodyRequest({
 258           url: server.url,
 259           path: path + '/toto@localhost:9002/accept',
 260           token: 'fake_token',
 261           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 262         })
 263       })
 264
 265       it('Should fail if the user is not an administrator', async function () {
 266         await makePostBodyRequest({
 267           url: server.url,
 268           path: path + '/toto@localhost:9002/accept',
 269           token: userAccessToken,
 270           expectedStatus: HttpStatusCode.FORBIDDEN_403
 271         })
 272       })
 273
 274       it('Should fail with an invalid follower', async function () {
 275         await makePostBodyRequest({
 276           url: server.url,
 277           path: path + '/toto/accept',
 278           token: server.accessToken,
 279           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 280         })
 281       })
 282
 283       it('Should fail with an unknown follower', async function () {
 284         await makePostBodyRequest({
 285           url: server.url,
 286           path: path + '/toto@localhost:9003/accept',
 287           token: server.accessToken,
 288           expectedStatus: HttpStatusCode.NOT_FOUND_404
 289         })
 290       })
 291     })
 292
 293     describe('When rejecting a follower', function () {
 294       const path = '/api/v1/server/followers'
 295
 296       it('Should fail with an invalid token', async function () {
 297         await makePostBodyRequest({
 298           url: server.url,
 299           path: path + '/toto@localhost:9002/reject',
 300           token: 'fake_token',
 301           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 302         })
 303       })
 304
 305       it('Should fail if the user is not an administrator', async function () {
 306         await makePostBodyRequest({
 307           url: server.url,
 308           path: path + '/toto@localhost:9002/reject',
 309           token: userAccessToken,
 310           expectedStatus: HttpStatusCode.FORBIDDEN_403
 311         })
 312       })
 313
 314       it('Should fail with an invalid follower', async function () {
 315         await makePostBodyRequest({
 316           url: server.url,
 317           path: path + '/toto/reject',
 318           token: server.accessToken,
 319           expectedStatus: HttpStatusCode.BAD_REQUEST_400
 320         })
 321       })
 322
 323       it('Should fail with an unknown follower', async function () {
 324         await makePostBodyRequest({
 325           url: server.url,
 326           path: path + '/toto@localhost:9003/reject',
 327           token: server.accessToken,
 328           expectedStatus: HttpStatusCode.NOT_FOUND_404
 329         })
 330       })
 331     })
 332
 333     describe('When removing following', function () {
 334       const path = '/api/v1/server/following'
 335
 336       it('Should fail with an invalid token', async function () {
 337         await makeDeleteRequest({
 338           url: server.url,
 339           path: path + '/localhost:9002',
 340           token: 'fake_token',
 341           expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 342         })
 343       })
 344
 345       it('Should fail if the user is not an administrator', async function () {
 346         await makeDeleteRequest({
 347           url: server.url,
 348           path: path + '/localhost:9002',
 349           token: userAccessToken,
 350           expectedStatus: HttpStatusCode.FORBIDDEN_403
 351         })
 352       })
 353
 354       it('Should fail if we do not follow this server', async function () {
 355         await makeDeleteRequest({
 356           url: server.url,
 357           path: path + '/example.com',
 358           token: server.accessToken,
 359           expectedStatus: HttpStatusCode.NOT_FOUND_404
 360         })
 361       })
 362     })
 363   })
 364
 365   after(async function () {
 366     await cleanupTests([ server ])
 367   })
 368 })