1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import * as chai from 'chai'
6 checkBadCountPagination,
7 checkBadSortPagination,
8 checkBadStartPagination,
15 setAccessTokensToServers
16 } from '@shared/extra-utils'
17 import { HttpStatusCode, VideoCreateResult } from '@shared/models'
19 const expect = chai.expect
21 describe('Test video comments API validator', function () {
22 let pathThread: string
23 let pathComment: string
24 let server: PeerTubeServer
25 let video: VideoCreateResult
26 let userAccessToken: string
27 let userAccessToken2: string
30 // ---------------------------------------------------------------
32 before(async function () {
35 server = await createSingleServer(1)
37 await setAccessTokensToServers([ server ])
40 video = await server.videos.upload({ attributes: {} })
41 pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
45 const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
46 commentId = created.id
47 pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
51 const user = { username: 'user1', password: 'my super password' }
52 await server.users.create({ username: user.username, password: user.password })
53 userAccessToken = await server.login.getAccessToken(user)
57 const user = { username: 'user2', password: 'my super password' }
58 await server.users.create({ username: user.username, password: user.password })
59 userAccessToken2 = await server.login.getAccessToken(user)
63 describe('When listing video comment threads', function () {
64 it('Should fail with a bad start pagination', async function () {
65 await checkBadStartPagination(server.url, pathThread, server.accessToken)
68 it('Should fail with a bad count pagination', async function () {
69 await checkBadCountPagination(server.url, pathThread, server.accessToken)
72 it('Should fail with an incorrect sort', async function () {
73 await checkBadSortPagination(server.url, pathThread, server.accessToken)
76 it('Should fail with an incorrect video', async function () {
77 await makeGetRequest({
79 path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
80 expectedStatus: HttpStatusCode.NOT_FOUND_404
85 describe('When listing comments of a thread', function () {
86 it('Should fail with an incorrect video', async function () {
87 await makeGetRequest({
89 path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
90 expectedStatus: HttpStatusCode.NOT_FOUND_404
94 it('Should fail with an incorrect thread id', async function () {
95 await makeGetRequest({
97 path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
98 expectedStatus: HttpStatusCode.NOT_FOUND_404
102 it('Should success with the correct params', async function () {
103 await makeGetRequest({
105 path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
106 expectedStatus: HttpStatusCode.OK_200
111 describe('When adding a video thread', function () {
113 it('Should fail with a non authenticated user', async function () {
117 await makePostBodyRequest({
122 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
126 it('Should fail with nothing', async function () {
128 await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
131 it('Should fail with a short comment', async function () {
135 await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
138 it('Should fail with a long comment', async function () {
140 text: 'h'.repeat(10001)
142 await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
145 it('Should fail with an incorrect video', async function () {
146 const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
148 text: 'super comment'
150 await makePostBodyRequest({
153 token: server.accessToken,
155 expectedStatus: HttpStatusCode.NOT_FOUND_404
159 it('Should succeed with the correct parameters', async function () {
161 text: 'super comment'
163 await makePostBodyRequest({
166 token: server.accessToken,
168 expectedStatus: HttpStatusCode.OK_200
173 describe('When adding a comment to a thread', function () {
174 it('Should fail with a non authenticated user', async function () {
178 await makePostBodyRequest({
183 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
187 it('Should fail with nothing', async function () {
189 await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
192 it('Should fail with a short comment', async function () {
196 await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
199 it('Should fail with a long comment', async function () {
201 text: 'h'.repeat(10001)
203 await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
206 it('Should fail with an incorrect video', async function () {
207 const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
209 text: 'super comment'
211 await makePostBodyRequest({
214 token: server.accessToken,
216 expectedStatus: HttpStatusCode.NOT_FOUND_404
220 it('Should fail with an incorrect comment', async function () {
221 const path = '/api/v1/videos/' + video.uuid + '/comments/124'
223 text: 'super comment'
225 await makePostBodyRequest({
228 token: server.accessToken,
230 expectedStatus: HttpStatusCode.NOT_FOUND_404
234 it('Should succeed with the correct parameters', async function () {
236 text: 'super comment'
238 await makePostBodyRequest({
241 token: server.accessToken,
243 expectedStatus: HttpStatusCode.OK_200
248 describe('When removing video comments', function () {
249 it('Should fail with a non authenticated user', async function () {
250 await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
253 it('Should fail with another user', async function () {
254 await makeDeleteRequest({
257 token: userAccessToken,
258 expectedStatus: HttpStatusCode.FORBIDDEN_403
262 it('Should fail with an incorrect video', async function () {
263 const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
264 await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
267 it('Should fail with an incorrect comment', async function () {
268 const path = '/api/v1/videos/' + video.uuid + '/comments/124'
269 await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
272 it('Should succeed with the same user', async function () {
273 let commentToDelete: number
276 const created = await server.comments.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
277 commentToDelete = created.id
280 const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
282 await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
283 await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
286 it('Should succeed with the owner of the video', async function () {
287 let commentToDelete: number
288 let anotherVideoUUID: string
291 const { uuid } = await server.videos.upload({ token: userAccessToken, attributes: { name: 'video' } })
292 anotherVideoUUID = uuid
296 const created = await server.comments.createThread({ videoId: anotherVideoUUID, text: 'hello' })
297 commentToDelete = created.id
300 const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
302 await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
303 await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
306 it('Should succeed with the correct parameters', async function () {
307 await makeDeleteRequest({
310 token: server.accessToken,
311 expectedStatus: HttpStatusCode.NO_CONTENT_204
316 describe('When a video has comments disabled', function () {
317 before(async function () {
318 video = await server.videos.upload({ attributes: { commentsEnabled: false } })
319 pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
322 it('Should return an empty thread list', async function () {
323 const res = await makeGetRequest({
326 expectedStatus: HttpStatusCode.OK_200
328 expect(res.body.total).to.equal(0)
329 expect(res.body.data).to.have.lengthOf(0)
332 it('Should return an thread comments list')
334 it('Should return conflict on thread add', async function () {
336 text: 'super comment'
338 await makePostBodyRequest({
341 token: server.accessToken,
343 expectedStatus: HttpStatusCode.CONFLICT_409
347 it('Should return conflict on comment thread add')
350 describe('When listing admin comments threads', function () {
351 const path = '/api/v1/videos/comments'
353 it('Should fail with a bad start pagination', async function () {
354 await checkBadStartPagination(server.url, path, server.accessToken)
357 it('Should fail with a bad count pagination', async function () {
358 await checkBadCountPagination(server.url, path, server.accessToken)
361 it('Should fail with an incorrect sort', async function () {
362 await checkBadSortPagination(server.url, path, server.accessToken)
365 it('Should fail with a non authenticated user', async function () {
366 await makeGetRequest({
369 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
373 it('Should fail with a non admin user', async function () {
374 await makeGetRequest({
377 token: userAccessToken,
378 expectedStatus: HttpStatusCode.FORBIDDEN_403
382 it('Should succeed with the correct params', async function () {
383 await makeGetRequest({
386 token: server.accessToken,
390 searchAccount: 'toto',
393 expectedStatus: HttpStatusCode.OK_200
398 after(async function () {
399 await cleanupTests([ server ])