server/tests/api/check-params/video-blacklist.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import { expect } from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   BlacklistCommand,
   8   checkBadCountPagination,
   9   checkBadSortPagination,
  10   checkBadStartPagination,
  11   cleanupTests,
  12   doubleFollow,
  13   createMultipleServers,
  14   makePostBodyRequest,
  15   makePutBodyRequest,
  16   PeerTubeServer,
  17   setAccessTokensToServers,
  18   waitJobs
  19 } from '@shared/extra-utils'
  20 import { VideoBlacklistType } from '@shared/models'
  21
  22 describe('Test video blacklist API validators', function () {
  23   let servers: PeerTubeServer[]
  24   let notBlacklistedVideoId: string
  25   let remoteVideoUUID: string
  26   let userAccessToken1 = ''
  27   let userAccessToken2 = ''
  28   let command: BlacklistCommand
  29
  30   // ---------------------------------------------------------------
  31
  32   before(async function () {
  33     this.timeout(120000)
  34
  35     servers = await createMultipleServers(2)
  36
  37     await setAccessTokensToServers(servers)
  38     await doubleFollow(servers[0], servers[1])
  39
  40     {
  41       const username = 'user1'
  42       const password = 'my super password'
  43       await servers[0].users.create({ username: username, password: password })
  44       userAccessToken1 = await servers[0].login.getAccessToken({ username, password })
  45     }
  46
  47     {
  48       const username = 'user2'
  49       const password = 'my super password'
  50       await servers[0].users.create({ username: username, password: password })
  51       userAccessToken2 = await servers[0].login.getAccessToken({ username, password })
  52     }
  53
  54     {
  55       servers[0].store.video = await servers[0].videos.upload({ token: userAccessToken1 })
  56     }
  57
  58     {
  59       const { uuid } = await servers[0].videos.upload()
  60       notBlacklistedVideoId = uuid
  61     }
  62
  63     {
  64       const { uuid } = await servers[1].videos.upload()
  65       remoteVideoUUID = uuid
  66     }
  67
  68     await waitJobs(servers)
  69
  70     command = servers[0].blacklist
  71   })
  72
  73   describe('When adding a video in blacklist', function () {
  74     const basePath = '/api/v1/videos/'
  75
  76     it('Should fail with nothing', async function () {
  77       const path = basePath + servers[0].store.video + '/blacklist'
  78       const fields = {}
  79       await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
  80     })
  81
  82     it('Should fail with a wrong video', async function () {
  83       const wrongPath = '/api/v1/videos/blabla/blacklist'
  84       const fields = {}
  85       await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
  86     })
  87
  88     it('Should fail with a non authenticated user', async function () {
  89       const path = basePath + servers[0].store.video + '/blacklist'
  90       const fields = {}
  91       await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
  92     })
  93
  94     it('Should fail with a non admin user', async function () {
  95       const path = basePath + servers[0].store.video + '/blacklist'
  96       const fields = {}
  97       await makePostBodyRequest({
  98         url: servers[0].url,
  99         path,
 100         token: userAccessToken2,
 101         fields,
 102         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 103       })
 104     })
 105
 106     it('Should fail with an invalid reason', async function () {
 107       const path = basePath + servers[0].store.video.uuid + '/blacklist'
 108       const fields = { reason: 'a'.repeat(305) }
 109
 110       await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
 111     })
 112
 113     it('Should fail to unfederate a remote video', async function () {
 114       const path = basePath + remoteVideoUUID + '/blacklist'
 115       const fields = { unfederate: true }
 116
 117       await makePostBodyRequest({
 118         url: servers[0].url,
 119         path,
 120         token: servers[0].accessToken,
 121         fields,
 122         statusCodeExpected: HttpStatusCode.CONFLICT_409
 123       })
 124     })
 125
 126     it('Should succeed with the correct params', async function () {
 127       const path = basePath + servers[0].store.video.uuid + '/blacklist'
 128       const fields = {}
 129
 130       await makePostBodyRequest({
 131         url: servers[0].url,
 132         path,
 133         token: servers[0].accessToken,
 134         fields,
 135         statusCodeExpected: HttpStatusCode.NO_CONTENT_204
 136       })
 137     })
 138   })
 139
 140   describe('When updating a video in blacklist', function () {
 141     const basePath = '/api/v1/videos/'
 142
 143     it('Should fail with a wrong video', async function () {
 144       const wrongPath = '/api/v1/videos/blabla/blacklist'
 145       const fields = {}
 146       await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields })
 147     })
 148
 149     it('Should fail with a video not blacklisted', async function () {
 150       const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist'
 151       const fields = {}
 152       await makePutBodyRequest({
 153         url: servers[0].url,
 154         path,
 155         token: servers[0].accessToken,
 156         fields,
 157         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 158       })
 159     })
 160
 161     it('Should fail with a non authenticated user', async function () {
 162       const path = basePath + servers[0].store.video + '/blacklist'
 163       const fields = {}
 164       await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
 165     })
 166
 167     it('Should fail with a non admin user', async function () {
 168       const path = basePath + servers[0].store.video + '/blacklist'
 169       const fields = {}
 170       await makePutBodyRequest({
 171         url: servers[0].url,
 172         path,
 173         token: userAccessToken2,
 174         fields,
 175         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 176       })
 177     })
 178
 179     it('Should fail with an invalid reason', async function () {
 180       const path = basePath + servers[0].store.video.uuid + '/blacklist'
 181       const fields = { reason: 'a'.repeat(305) }
 182
 183       await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields })
 184     })
 185
 186     it('Should succeed with the correct params', async function () {
 187       const path = basePath + servers[0].store.video.shortUUID + '/blacklist'
 188       const fields = { reason: 'hello' }
 189
 190       await makePutBodyRequest({
 191         url: servers[0].url,
 192         path,
 193         token: servers[0].accessToken,
 194         fields,
 195         statusCodeExpected: HttpStatusCode.NO_CONTENT_204
 196       })
 197     })
 198   })
 199
 200   describe('When getting blacklisted video', function () {
 201
 202     it('Should fail with a non authenticated user', async function () {
 203       await servers[0].videos.get({ id: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 204     })
 205
 206     it('Should fail with another user', async function () {
 207       await servers[0].videos.getWithToken({
 208         token: userAccessToken2,
 209         id: servers[0].store.video.uuid,
 210         expectedStatus: HttpStatusCode.FORBIDDEN_403
 211       })
 212     })
 213
 214     it('Should succeed with the owner authenticated user', async function () {
 215       const video = await servers[0].videos.getWithToken({ token: userAccessToken1, id: servers[0].store.video.uuid })
 216       expect(video.blacklisted).to.be.true
 217     })
 218
 219     it('Should succeed with an admin', async function () {
 220       const video = servers[0].store.video
 221
 222       for (const id of [ video.id, video.uuid, video.shortUUID ]) {
 223         const video = await servers[0].videos.getWithToken({ id, expectedStatus: HttpStatusCode.OK_200 })
 224         expect(video.blacklisted).to.be.true
 225       }
 226     })
 227   })
 228
 229   describe('When removing a video in blacklist', function () {
 230
 231     it('Should fail with a non authenticated user', async function () {
 232       await command.remove({ token: 'fake token', videoId: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 233     })
 234
 235     it('Should fail with a non admin user', async function () {
 236       await command.remove({ token: userAccessToken2, videoId: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
 237     })
 238
 239     it('Should fail with an incorrect id', async function () {
 240       await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 241     })
 242
 243     it('Should fail with a not blacklisted video', async function () {
 244       // The video was not added to the blacklist so it should fail
 245       await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
 246     })
 247
 248     it('Should succeed with the correct params', async function () {
 249       await command.remove({ videoId: servers[0].store.video.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
 250     })
 251   })
 252
 253   describe('When listing videos in blacklist', function () {
 254     const basePath = '/api/v1/videos/blacklist/'
 255
 256     it('Should fail with a non authenticated user', async function () {
 257       await servers[0].blacklist.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 258     })
 259
 260     it('Should fail with a non admin user', async function () {
 261       await servers[0].blacklist.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
 262     })
 263
 264     it('Should fail with a bad start pagination', async function () {
 265       await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken)
 266     })
 267
 268     it('Should fail with a bad count pagination', async function () {
 269       await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken)
 270     })
 271
 272     it('Should fail with an incorrect sort', async function () {
 273       await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken)
 274     })
 275
 276     it('Should fail with an invalid type', async function () {
 277       await servers[0].blacklist.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 278     })
 279
 280     it('Should succeed with the correct parameters', async function () {
 281       await servers[0].blacklist.list({ type: VideoBlacklistType.MANUAL })
 282     })
 283   })
 284
 285   after(async function () {
 286     await cleanupTests(servers)
 287   })
 288 })