server/tests/api/check-params/video-comments.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { VideoCreateResult } from '@shared/models'
   6 import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
   7 import {
   8   cleanupTests,
   9   createUser,
  10   flushAndRunServer,
  11   makeDeleteRequest,
  12   makeGetRequest,
  13   makePostBodyRequest,
  14   ServerInfo,
  15   setAccessTokensToServers,
  16   uploadVideo,
  17   userLogin
  18 } from '../../../../shared/extra-utils'
  19 import {
  20   checkBadCountPagination,
  21   checkBadSortPagination,
  22   checkBadStartPagination
  23 } from '../../../../shared/extra-utils/requests/check-api-params'
  24 import { addVideoCommentThread } from '../../../../shared/extra-utils/videos/video-comments'
  25
  26 const expect = chai.expect
  27
  28 describe('Test video comments API validator', function () {
  29   let pathThread: string
  30   let pathComment: string
  31   let server: ServerInfo
  32   let video: VideoCreateResult
  33   let userAccessToken: string
  34   let userAccessToken2: string
  35   let commentId: number
  36
  37   // ---------------------------------------------------------------
  38
  39   before(async function () {
  40     this.timeout(30000)
  41
  42     server = await flushAndRunServer(1)
  43
  44     await setAccessTokensToServers([ server ])
  45
  46     {
  47       const res = await uploadVideo(server.url, server.accessToken, {})
  48       video = res.body.video
  49       pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
  50     }
  51
  52     {
  53       const res = await addVideoCommentThread(server.url, server.accessToken, video.uuid, 'coucou')
  54       commentId = res.body.comment.id
  55       pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
  56     }
  57
  58     {
  59       const user = { username: 'user1', password: 'my super password' }
  60       await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
  61       userAccessToken = await userLogin(server, user)
  62     }
  63
  64     {
  65       const user = { username: 'user2', password: 'my super password' }
  66       await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
  67       userAccessToken2 = await userLogin(server, user)
  68     }
  69   })
  70
  71   describe('When listing video comment threads', function () {
  72     it('Should fail with a bad start pagination', async function () {
  73       await checkBadStartPagination(server.url, pathThread, server.accessToken)
  74     })
  75
  76     it('Should fail with a bad count pagination', async function () {
  77       await checkBadCountPagination(server.url, pathThread, server.accessToken)
  78     })
  79
  80     it('Should fail with an incorrect sort', async function () {
  81       await checkBadSortPagination(server.url, pathThread, server.accessToken)
  82     })
  83
  84     it('Should fail with an incorrect video', async function () {
  85       await makeGetRequest({
  86         url: server.url,
  87         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
  88         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
  89       })
  90     })
  91   })
  92
  93   describe('When listing comments of a thread', function () {
  94     it('Should fail with an incorrect video', async function () {
  95       await makeGetRequest({
  96         url: server.url,
  97         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
  98         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
  99       })
 100     })
 101
 102     it('Should fail with an incorrect thread id', async function () {
 103       await makeGetRequest({
 104         url: server.url,
 105         path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
 106         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 107       })
 108     })
 109
 110     it('Should success with the correct params', async function () {
 111       await makeGetRequest({
 112         url: server.url,
 113         path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
 114         statusCodeExpected: HttpStatusCode.OK_200
 115       })
 116     })
 117   })
 118
 119   describe('When adding a video thread', function () {
 120
 121     it('Should fail with a non authenticated user', async function () {
 122       const fields = {
 123         text: 'text'
 124       }
 125       await makePostBodyRequest({
 126         url: server.url,
 127         path: pathThread,
 128         token: 'none',
 129         fields,
 130         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 131       })
 132     })
 133
 134     it('Should fail with nothing', async function () {
 135       const fields = {}
 136       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 137     })
 138
 139     it('Should fail with a short comment', async function () {
 140       const fields = {
 141         text: ''
 142       }
 143       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 144     })
 145
 146     it('Should fail with a long comment', async function () {
 147       const fields = {
 148         text: 'h'.repeat(10001)
 149       }
 150       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 151     })
 152
 153     it('Should fail with an incorrect video', async function () {
 154       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
 155       const fields = {
 156         text: 'super comment'
 157       }
 158       await makePostBodyRequest({
 159         url: server.url,
 160         path,
 161         token: server.accessToken,
 162         fields,
 163         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 164       })
 165     })
 166
 167     it('Should succeed with the correct parameters', async function () {
 168       const fields = {
 169         text: 'super comment'
 170       }
 171       await makePostBodyRequest({
 172         url: server.url,
 173         path: pathThread,
 174         token: server.accessToken,
 175         fields,
 176         statusCodeExpected: HttpStatusCode.OK_200
 177       })
 178     })
 179   })
 180
 181   describe('When adding a comment to a thread', function () {
 182     it('Should fail with a non authenticated user', async function () {
 183       const fields = {
 184         text: 'text'
 185       }
 186       await makePostBodyRequest({
 187         url: server.url,
 188         path: pathComment,
 189         token: 'none',
 190         fields,
 191         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 192       })
 193     })
 194
 195     it('Should fail with nothing', async function () {
 196       const fields = {}
 197       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 198     })
 199
 200     it('Should fail with a short comment', async function () {
 201       const fields = {
 202         text: ''
 203       }
 204       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 205     })
 206
 207     it('Should fail with a long comment', async function () {
 208       const fields = {
 209         text: 'h'.repeat(10001)
 210       }
 211       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 212     })
 213
 214     it('Should fail with an incorrect video', async function () {
 215       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
 216       const fields = {
 217         text: 'super comment'
 218       }
 219       await makePostBodyRequest({
 220         url: server.url,
 221         path,
 222         token: server.accessToken,
 223         fields,
 224         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 225       })
 226     })
 227
 228     it('Should fail with an incorrect comment', async function () {
 229       const path = '/api/v1/videos/' + video.uuid + '/comments/124'
 230       const fields = {
 231         text: 'super comment'
 232       }
 233       await makePostBodyRequest({
 234         url: server.url,
 235         path,
 236         token: server.accessToken,
 237         fields,
 238         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 239       })
 240     })
 241
 242     it('Should succeed with the correct parameters', async function () {
 243       const fields = {
 244         text: 'super comment'
 245       }
 246       await makePostBodyRequest({
 247         url: server.url,
 248         path: pathComment,
 249         token: server.accessToken,
 250         fields,
 251         statusCodeExpected: HttpStatusCode.OK_200
 252       })
 253     })
 254   })
 255
 256   describe('When removing video comments', function () {
 257     it('Should fail with a non authenticated user', async function () {
 258       await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
 259     })
 260
 261     it('Should fail with another user', async function () {
 262       await makeDeleteRequest({
 263         url: server.url,
 264         path: pathComment,
 265         token: userAccessToken,
 266         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 267       })
 268     })
 269
 270     it('Should fail with an incorrect video', async function () {
 271       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
 272       await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
 273     })
 274
 275     it('Should fail with an incorrect comment', async function () {
 276       const path = '/api/v1/videos/' + video.uuid + '/comments/124'
 277       await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
 278     })
 279
 280     it('Should succeed with the same user', async function () {
 281       let commentToDelete: number
 282
 283       {
 284         const res = await addVideoCommentThread(server.url, userAccessToken, video.uuid, 'hello')
 285         commentToDelete = res.body.comment.id
 286       }
 287
 288       const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
 289
 290       await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
 291       await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
 292     })
 293
 294     it('Should succeed with the owner of the video', async function () {
 295       let commentToDelete: number
 296       let anotherVideoUUID: string
 297
 298       {
 299         const res = await uploadVideo(server.url, userAccessToken, { name: 'video' })
 300         anotherVideoUUID = res.body.video.uuid
 301       }
 302
 303       {
 304         const res = await addVideoCommentThread(server.url, server.accessToken, anotherVideoUUID, 'hello')
 305         commentToDelete = res.body.comment.id
 306       }
 307
 308       const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
 309
 310       await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
 311       await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
 312     })
 313
 314     it('Should succeed with the correct parameters', async function () {
 315       await makeDeleteRequest({
 316         url: server.url,
 317         path: pathComment,
 318         token: server.accessToken,
 319         statusCodeExpected: HttpStatusCode.NO_CONTENT_204
 320       })
 321     })
 322   })
 323
 324   describe('When a video has comments disabled', function () {
 325     before(async function () {
 326       const res = await uploadVideo(server.url, server.accessToken, { commentsEnabled: false })
 327       video = res.body.video
 328       pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
 329     })
 330
 331     it('Should return an empty thread list', async function () {
 332       const res = await makeGetRequest({
 333         url: server.url,
 334         path: pathThread,
 335         statusCodeExpected: HttpStatusCode.OK_200
 336       })
 337       expect(res.body.total).to.equal(0)
 338       expect(res.body.data).to.have.lengthOf(0)
 339     })
 340
 341     it('Should return an thread comments list')
 342
 343     it('Should return conflict on thread add', async function () {
 344       const fields = {
 345         text: 'super comment'
 346       }
 347       await makePostBodyRequest({
 348         url: server.url,
 349         path: pathThread,
 350         token: server.accessToken,
 351         fields,
 352         statusCodeExpected: HttpStatusCode.CONFLICT_409
 353       })
 354     })
 355
 356     it('Should return conflict on comment thread add')
 357   })
 358
 359   describe('When listing admin comments threads', function () {
 360     const path = '/api/v1/videos/comments'
 361
 362     it('Should fail with a bad start pagination', async function () {
 363       await checkBadStartPagination(server.url, path, server.accessToken)
 364     })
 365
 366     it('Should fail with a bad count pagination', async function () {
 367       await checkBadCountPagination(server.url, path, server.accessToken)
 368     })
 369
 370     it('Should fail with an incorrect sort', async function () {
 371       await checkBadSortPagination(server.url, path, server.accessToken)
 372     })
 373
 374     it('Should fail with a non authenticated user', async function () {
 375       await makeGetRequest({
 376         url: server.url,
 377         path,
 378         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 379       })
 380     })
 381
 382     it('Should fail with a non admin user', async function () {
 383       await makeGetRequest({
 384         url: server.url,
 385         path,
 386         token: userAccessToken,
 387         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 388       })
 389     })
 390
 391     it('Should succeed with the correct params', async function () {
 392       await makeGetRequest({
 393         url: server.url,
 394         path,
 395         token: server.accessToken,
 396         query: {
 397           isLocal: false,
 398           search: 'toto',
 399           searchAccount: 'toto',
 400           searchVideo: 'toto'
 401         },
 402         statusCodeExpected: HttpStatusCode.OK_200
 403       })
 404     })
 405   })
 406
 407   after(async function () {
 408     await cleanupTests([ server ])
 409   })
 410 })