server/tests/api/check-params/video-blacklist.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import { expect } from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   BlacklistCommand,
   8   checkBadCountPagination,
   9   checkBadSortPagination,
  10   checkBadStartPagination,
  11   cleanupTests,
  12   createUser,
  13   doubleFollow,
  14   flushAndRunMultipleServers,
  15   getVideo,
  16   getVideoWithToken,
  17   makePostBodyRequest,
  18   makePutBodyRequest,
  19   ServerInfo,
  20   setAccessTokensToServers,
  21   uploadVideo,
  22   userLogin,
  23   waitJobs
  24 } from '@shared/extra-utils'
  25 import { VideoBlacklistType, VideoDetails } from '@shared/models'
  26
  27 describe('Test video blacklist API validators', function () {
  28   let servers: ServerInfo[]
  29   let notBlacklistedVideoId: number
  30   let remoteVideoUUID: string
  31   let userAccessToken1 = ''
  32   let userAccessToken2 = ''
  33   let command: BlacklistCommand
  34
  35   // ---------------------------------------------------------------
  36
  37   before(async function () {
  38     this.timeout(120000)
  39
  40     servers = await flushAndRunMultipleServers(2)
  41
  42     await setAccessTokensToServers(servers)
  43     await doubleFollow(servers[0], servers[1])
  44
  45     {
  46       const username = 'user1'
  47       const password = 'my super password'
  48       await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
  49       userAccessToken1 = await userLogin(servers[0], { username, password })
  50     }
  51
  52     {
  53       const username = 'user2'
  54       const password = 'my super password'
  55       await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: username, password: password })
  56       userAccessToken2 = await userLogin(servers[0], { username, password })
  57     }
  58
  59     {
  60       const res = await uploadVideo(servers[0].url, userAccessToken1, {})
  61       servers[0].video = res.body.video
  62     }
  63
  64     {
  65       const res = await uploadVideo(servers[0].url, servers[0].accessToken, {})
  66       notBlacklistedVideoId = res.body.video.uuid
  67     }
  68
  69     {
  70       const res = await uploadVideo(servers[1].url, servers[1].accessToken, {})
  71       remoteVideoUUID = res.body.video.uuid
  72     }
  73
  74     await waitJobs(servers)
  75
  76     command = servers[0].blacklistCommand
  77   })
  78
  79   describe('When adding a video in blacklist', function () {
  80     const basePath = '/api/v1/videos/'
  81
  82     it('Should fail with nothing', async function () {
  83       const path = basePath + servers[0].video + '/blacklist'
  84       const fields = {}
  85       await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
  86     })
  87
  88     it('Should fail with a wrong video', async function () {
  89       const wrongPath = '/api/v1/videos/blabla/blacklist'
  90       const fields = {}
  91       await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
  92     })
  93
  94     it('Should fail with a non authenticated user', async function () {
  95       const path = basePath + servers[0].video + '/blacklist'
  96       const fields = {}
  97       await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
  98     })
  99
 100     it('Should fail with a non admin user', async function () {
 101       const path = basePath + servers[0].video + '/blacklist'
 102       const fields = {}
 103       await makePostBodyRequest({
 104         url: servers[0].url,
 105         path,
 106         token: userAccessToken2,
 107         fields,
 108         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 109       })
 110     })
 111
 112     it('Should fail with an invalid reason', async function () {
 113       const path = basePath + servers[0].video.uuid + '/blacklist'
 114       const fields = { reason: 'a'.repeat(305) }
 115
 116       await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
 117     })
 118
 119     it('Should fail to unfederate a remote video', async function () {
 120       const path = basePath + remoteVideoUUID + '/blacklist'
 121       const fields = { unfederate: true }
 122
 123       await makePostBodyRequest({
 124         url: servers[0].url,
 125         path,
 126         token: servers[0].accessToken,
 127         fields,
 128         statusCodeExpected: HttpStatusCode.CONFLICT_409
 129       })
 130     })
 131
 132     it('Should succeed with the correct params', async function () {
 133       const path = basePath + servers[0].video.uuid + '/blacklist'
 134       const fields = {}
 135
 136       await makePostBodyRequest({
 137         url: servers[0].url,
 138         path,
 139         token: servers[0].accessToken,
 140         fields,
 141         statusCodeExpected: HttpStatusCode.NO_CONTENT_204
 142       })
 143     })
 144   })
 145
 146   describe('When updating a video in blacklist', function () {
 147     const basePath = '/api/v1/videos/'
 148
 149     it('Should fail with a wrong video', async function () {
 150       const wrongPath = '/api/v1/videos/blabla/blacklist'
 151       const fields = {}
 152       await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
 153     })
 154
 155     it('Should fail with a video not blacklisted', async function () {
 156       const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
 157       const fields = {}
 158       await makePutBodyRequest({
 159         url: servers[0].url,
 160         path,
 161         token: servers[0].accessToken,
 162         fields,
 163         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 164       })
 165     })
 166
 167     it('Should fail with a non authenticated user', async function () {
 168       const path = basePath + servers[0].video + '/blacklist'
 169       const fields = {}
 170       await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
 171     })
 172
 173     it('Should fail with a non admin user', async function () {
 174       const path = basePath + servers[0].video + '/blacklist'
 175       const fields = {}
 176       await makePutBodyRequest({
 177         url: servers[0].url,
 178         path,
 179         token: userAccessToken2,
 180         fields,
 181         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 182       })
 183     })
 184
 185     it('Should fail with an invalid reason', async function () {
 186       const path = basePath + servers[0].video.uuid + '/blacklist'
 187       const fields = { reason: 'a'.repeat(305) }
 188
 189       await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
 190     })
 191
 192     it('Should succeed with the correct params', async function () {
 193       const path = basePath + servers[0].video.shortUUID + '/blacklist'
 194       const fields = { reason: 'hello' }
 195
 196       await makePutBodyRequest({
 197         url: servers[0].url,
 198         path,
 199         token: servers[0].accessToken,
 200         fields,
 201         statusCodeExpected: HttpStatusCode.NO_CONTENT_204
 202       })
 203     })
 204   })
 205
 206   describe('When getting blacklisted video', function () {
 207
 208     it('Should fail with a non authenticated user', async function () {
 209       await getVideo(servers[0].url, servers[0].video.uuid, HttpStatusCode.UNAUTHORIZED_401)
 210     })
 211
 212     it('Should fail with another user', async function () {
 213       await getVideoWithToken(servers[0].url, userAccessToken2, servers[0].video.uuid, HttpStatusCode.FORBIDDEN_403)
 214     })
 215
 216     it('Should succeed with the owner authenticated user', async function () {
 217       const res = await getVideoWithToken(servers[0].url, userAccessToken1, servers[0].video.uuid, HttpStatusCode.OK_200)
 218       const video: VideoDetails = res.body
 219
 220       expect(video.blacklisted).to.be.true
 221     })
 222
 223     it('Should succeed with an admin', async function () {
 224       const video = servers[0].video
 225
 226       for (const id of [ video.id, video.uuid, video.shortUUID ]) {
 227         const res = await getVideoWithToken(servers[0].url, servers[0].accessToken, id, HttpStatusCode.OK_200)
 228         const video: VideoDetails = res.body
 229
 230         expect(video.blacklisted).to.be.true
 231       }
 232     })
 233   })
 234
 235   describe('When removing a video in blacklist', function () {
 236
 237     it('Should fail with a non authenticated user', async function () {
 238       await command.remove({ token: 'fake token', videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 239     })
 240
 241     it('Should fail with a non admin user', async function () {
 242       await command.remove({ token: userAccessToken2, videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
 243     })
 244
 245     it('Should fail with an incorrect id', async function () {
 246       await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 247     })
 248
 249     it('Should fail with a not blacklisted video', async function () {
 250       // The video was not added to the blacklist so it should fail
 251       await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
 252     })
 253
 254     it('Should succeed with the correct params', async function () {
 255       await command.remove({ videoId: servers[0].video.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
 256     })
 257   })
 258
 259   describe('When listing videos in blacklist', function () {
 260     const basePath = '/api/v1/videos/blacklist/'
 261
 262     it('Should fail with a non authenticated user', async function () {
 263       await servers[0].blacklistCommand.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 264     })
 265
 266     it('Should fail with a non admin user', async function () {
 267       await servers[0].blacklistCommand.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
 268     })
 269
 270     it('Should fail with a bad start pagination', async function () {
 271       await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
 272     })
 273
 274     it('Should fail with a bad count pagination', async function () {
 275       await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
 276     })
 277
 278     it('Should fail with an incorrect sort', async function () {
 279       await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
 280     })
 281
 282     it('Should fail with an invalid type', async function () {
 283       await servers[0].blacklistCommand.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 284     })
 285
 286     it('Should succeed with the correct parameters', async function () {
 287       await servers[0].blacklistCommand.list({ type: VideoBlacklistType.MANUAL })
 288     })
 289   })
 290
 291   after(async function () {
 292     await cleanupTests(servers)
 293   })
 294 })