server/tests/api/check-params/video-comments.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import * as chai from 'chai'
   4 import 'mocha'
   5 import {
   6   cleanupTests,
   7   createUser,
   8   flushAndRunServer,
   9   makeDeleteRequest,
  10   makeGetRequest,
  11   makePostBodyRequest,
  12   ServerInfo,
  13   setAccessTokensToServers,
  14   uploadVideo,
  15   userLogin
  16 } from '../../../../shared/extra-utils'
  17 import {
  18   checkBadCountPagination,
  19   checkBadSortPagination,
  20   checkBadStartPagination
  21 } from '../../../../shared/extra-utils/requests/check-api-params'
  22 import { addVideoCommentThread } from '../../../../shared/extra-utils/videos/video-comments'
  23 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
  24
  25 const expect = chai.expect
  26
  27 describe('Test video comments API validator', function () {
  28   let pathThread: string
  29   let pathComment: string
  30   let server: ServerInfo
  31   let videoUUID: string
  32   let userAccessToken: string
  33   let userAccessToken2: string
  34   let commentId: number
  35
  36   // ---------------------------------------------------------------
  37
  38   before(async function () {
  39     this.timeout(30000)
  40
  41     server = await flushAndRunServer(1)
  42
  43     await setAccessTokensToServers([ server ])
  44
  45     {
  46       const res = await uploadVideo(server.url, server.accessToken, {})
  47       videoUUID = res.body.video.uuid
  48       pathThread = '/api/v1/videos/' + videoUUID + '/comment-threads'
  49     }
  50
  51     {
  52       const res = await addVideoCommentThread(server.url, server.accessToken, videoUUID, 'coucou')
  53       commentId = res.body.comment.id
  54       pathComment = '/api/v1/videos/' + videoUUID + '/comments/' + commentId
  55     }
  56
  57     {
  58       const user = { username: 'user1', password: 'my super password' }
  59       await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
  60       userAccessToken = await userLogin(server, user)
  61     }
  62
  63     {
  64       const user = { username: 'user2', password: 'my super password' }
  65       await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
  66       userAccessToken2 = await userLogin(server, user)
  67     }
  68   })
  69
  70   describe('When listing video comment threads', function () {
  71     it('Should fail with a bad start pagination', async function () {
  72       await checkBadStartPagination(server.url, pathThread, server.accessToken)
  73     })
  74
  75     it('Should fail with a bad count pagination', async function () {
  76       await checkBadCountPagination(server.url, pathThread, server.accessToken)
  77     })
  78
  79     it('Should fail with an incorrect sort', async function () {
  80       await checkBadSortPagination(server.url, pathThread, server.accessToken)
  81     })
  82
  83     it('Should fail with an incorrect video', async function () {
  84       await makeGetRequest({
  85         url: server.url,
  86         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
  87         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
  88       })
  89     })
  90   })
  91
  92   describe('When listing comments of a thread', function () {
  93     it('Should fail with an incorrect video', async function () {
  94       await makeGetRequest({
  95         url: server.url,
  96         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
  97         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
  98       })
  99     })
 100
 101     it('Should fail with an incorrect thread id', async function () {
 102       await makeGetRequest({
 103         url: server.url,
 104         path: '/api/v1/videos/' + videoUUID + '/comment-threads/156',
 105         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 106       })
 107     })
 108
 109     it('Should success with the correct params', async function () {
 110       await makeGetRequest({
 111         url: server.url,
 112         path: '/api/v1/videos/' + videoUUID + '/comment-threads/' + commentId,
 113         statusCodeExpected: HttpStatusCode.OK_200
 114       })
 115     })
 116   })
 117
 118   describe('When adding a video thread', function () {
 119
 120     it('Should fail with a non authenticated user', async function () {
 121       const fields = {
 122         text: 'text'
 123       }
 124       await makePostBodyRequest({
 125         url: server.url,
 126         path: pathThread,
 127         token: 'none',
 128         fields,
 129         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 130       })
 131     })
 132
 133     it('Should fail with nothing', async function () {
 134       const fields = {}
 135       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 136     })
 137
 138     it('Should fail with a short comment', async function () {
 139       const fields = {
 140         text: ''
 141       }
 142       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 143     })
 144
 145     it('Should fail with a long comment', async function () {
 146       const fields = {
 147         text: 'h'.repeat(10001)
 148       }
 149       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 150     })
 151
 152     it('Should fail with an incorrect video', async function () {
 153       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
 154       const fields = {
 155         text: 'super comment'
 156       }
 157       await makePostBodyRequest({
 158         url: server.url,
 159         path,
 160         token: server.accessToken,
 161         fields,
 162         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 163       })
 164     })
 165
 166     it('Should succeed with the correct parameters', async function () {
 167       const fields = {
 168         text: 'super comment'
 169       }
 170       await makePostBodyRequest({
 171         url: server.url,
 172         path: pathThread,
 173         token: server.accessToken,
 174         fields,
 175         statusCodeExpected: HttpStatusCode.OK_200
 176       })
 177     })
 178   })
 179
 180   describe('When adding a comment to a thread', function () {
 181     it('Should fail with a non authenticated user', async function () {
 182       const fields = {
 183         text: 'text'
 184       }
 185       await makePostBodyRequest({
 186         url: server.url,
 187         path: pathComment,
 188         token: 'none',
 189         fields,
 190         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 191       })
 192     })
 193
 194     it('Should fail with nothing', async function () {
 195       const fields = {}
 196       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 197     })
 198
 199     it('Should fail with a short comment', async function () {
 200       const fields = {
 201         text: ''
 202       }
 203       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 204     })
 205
 206     it('Should fail with a long comment', async function () {
 207       const fields = {
 208         text: 'h'.repeat(10001)
 209       }
 210       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 211     })
 212
 213     it('Should fail with an incorrect video', async function () {
 214       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
 215       const fields = {
 216         text: 'super comment'
 217       }
 218       await makePostBodyRequest({
 219         url: server.url,
 220         path,
 221         token: server.accessToken,
 222         fields,
 223         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 224       })
 225     })
 226
 227     it('Should fail with an incorrect comment', async function () {
 228       const path = '/api/v1/videos/' + videoUUID + '/comments/124'
 229       const fields = {
 230         text: 'super comment'
 231       }
 232       await makePostBodyRequest({
 233         url: server.url,
 234         path,
 235         token: server.accessToken,
 236         fields,
 237         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 238       })
 239     })
 240
 241     it('Should succeed with the correct parameters', async function () {
 242       const fields = {
 243         text: 'super comment'
 244       }
 245       await makePostBodyRequest({
 246         url: server.url,
 247         path: pathComment,
 248         token: server.accessToken,
 249         fields,
 250         statusCodeExpected: HttpStatusCode.OK_200
 251       })
 252     })
 253   })
 254
 255   describe('When removing video comments', function () {
 256     it('Should fail with a non authenticated user', async function () {
 257       await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
 258     })
 259
 260     it('Should fail with another user', async function () {
 261       await makeDeleteRequest({
 262         url: server.url,
 263         path: pathComment,
 264         token: userAccessToken,
 265         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 266       })
 267     })
 268
 269     it('Should fail with an incorrect video', async function () {
 270       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
 271       await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
 272     })
 273
 274     it('Should fail with an incorrect comment', async function () {
 275       const path = '/api/v1/videos/' + videoUUID + '/comments/124'
 276       await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
 277     })
 278
 279     it('Should succeed with the same user', async function () {
 280       let commentToDelete: number
 281
 282       {
 283         const res = await addVideoCommentThread(server.url, userAccessToken, videoUUID, 'hello')
 284         commentToDelete = res.body.comment.id
 285       }
 286
 287       const path = '/api/v1/videos/' + videoUUID + '/comments/' + commentToDelete
 288
 289       await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
 290       await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
 291     })
 292
 293     it('Should succeed with the owner of the video', async function () {
 294       let commentToDelete: number
 295       let anotherVideoUUID: string
 296
 297       {
 298         const res = await uploadVideo(server.url, userAccessToken, { name: 'video' })
 299         anotherVideoUUID = res.body.video.uuid
 300       }
 301
 302       {
 303         const res = await addVideoCommentThread(server.url, server.accessToken, anotherVideoUUID, 'hello')
 304         commentToDelete = res.body.comment.id
 305       }
 306
 307       const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
 308
 309       await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
 310       await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
 311     })
 312
 313     it('Should succeed with the correct parameters', async function () {
 314       await makeDeleteRequest({
 315         url: server.url,
 316         path: pathComment,
 317         token: server.accessToken,
 318         statusCodeExpected: HttpStatusCode.NO_CONTENT_204
 319       })
 320     })
 321   })
 322
 323   describe('When a video has comments disabled', function () {
 324     before(async function () {
 325       const res = await uploadVideo(server.url, server.accessToken, { commentsEnabled: false })
 326       videoUUID = res.body.video.uuid
 327       pathThread = '/api/v1/videos/' + videoUUID + '/comment-threads'
 328     })
 329
 330     it('Should return an empty thread list', async function () {
 331       const res = await makeGetRequest({
 332         url: server.url,
 333         path: pathThread,
 334         statusCodeExpected: HttpStatusCode.OK_200
 335       })
 336       expect(res.body.total).to.equal(0)
 337       expect(res.body.data).to.have.lengthOf(0)
 338     })
 339
 340     it('Should return an thread comments list')
 341
 342     it('Should return conflict on thread add', async function () {
 343       const fields = {
 344         text: 'super comment'
 345       }
 346       await makePostBodyRequest({
 347         url: server.url,
 348         path: pathThread,
 349         token: server.accessToken,
 350         fields,
 351         statusCodeExpected: HttpStatusCode.CONFLICT_409
 352       })
 353     })
 354
 355     it('Should return conflict on comment thread add')
 356   })
 357
 358   describe('When listing admin comments threads', function () {
 359     const path = '/api/v1/videos/comments'
 360
 361     it('Should fail with a bad start pagination', async function () {
 362       await checkBadStartPagination(server.url, path, server.accessToken)
 363     })
 364
 365     it('Should fail with a bad count pagination', async function () {
 366       await checkBadCountPagination(server.url, path, server.accessToken)
 367     })
 368
 369     it('Should fail with an incorrect sort', async function () {
 370       await checkBadSortPagination(server.url, path, server.accessToken)
 371     })
 372
 373     it('Should fail with a non authenticated user', async function () {
 374       await makeGetRequest({
 375         url: server.url,
 376         path,
 377         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 378       })
 379     })
 380
 381     it('Should fail with a non admin user', async function () {
 382       await makeGetRequest({
 383         url: server.url,
 384         path,
 385         token: userAccessToken,
 386         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 387       })
 388     })
 389
 390     it('Should succeed with the correct params', async function () {
 391       await makeGetRequest({
 392         url: server.url,
 393         path,
 394         token: server.accessToken,
 395         query: {
 396           isLocal: false,
 397           search: 'toto',
 398           searchAccount: 'toto',
 399           searchVideo: 'toto'
 400         },
 401         statusCodeExpected: HttpStatusCode.OK_200
 402       })
 403     })
 404   })
 405
 406   after(async function () {
 407     await cleanupTests([ server ])
 408   })
 409 })