server/tests/api/check-params/video-comments.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   checkBadCountPagination,
   8   checkBadSortPagination,
   9   checkBadStartPagination,
  10   cleanupTests,
  11   flushAndRunServer,
  12   makeDeleteRequest,
  13   makeGetRequest,
  14   makePostBodyRequest,
  15   ServerInfo,
  16   setAccessTokensToServers,
  17   uploadVideo
  18 } from '@shared/extra-utils'
  19 import { VideoCreateResult } from '@shared/models'
  20
  21 const expect = chai.expect
  22
  23 describe('Test video comments API validator', function () {
  24   let pathThread: string
  25   let pathComment: string
  26   let server: ServerInfo
  27   let video: VideoCreateResult
  28   let userAccessToken: string
  29   let userAccessToken2: string
  30   let commentId: number
  31
  32   // ---------------------------------------------------------------
  33
  34   before(async function () {
  35     this.timeout(30000)
  36
  37     server = await flushAndRunServer(1)
  38
  39     await setAccessTokensToServers([ server ])
  40
  41     {
  42       const res = await uploadVideo(server.url, server.accessToken, {})
  43       video = res.body.video
  44       pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
  45     }
  46
  47     {
  48       const created = await server.commentsCommand.createThread({ videoId: video.uuid, text: 'coucou' })
  49       commentId = created.id
  50       pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
  51     }
  52
  53     {
  54       const user = { username: 'user1', password: 'my super password' }
  55       await server.usersCommand.create({ username: user.username, password: user.password })
  56       userAccessToken = await server.loginCommand.getAccessToken(user)
  57     }
  58
  59     {
  60       const user = { username: 'user2', password: 'my super password' }
  61       await server.usersCommand.create({ username: user.username, password: user.password })
  62       userAccessToken2 = await server.loginCommand.getAccessToken(user)
  63     }
  64   })
  65
  66   describe('When listing video comment threads', function () {
  67     it('Should fail with a bad start pagination', async function () {
  68       await checkBadStartPagination(server.url, pathThread, server.accessToken)
  69     })
  70
  71     it('Should fail with a bad count pagination', async function () {
  72       await checkBadCountPagination(server.url, pathThread, server.accessToken)
  73     })
  74
  75     it('Should fail with an incorrect sort', async function () {
  76       await checkBadSortPagination(server.url, pathThread, server.accessToken)
  77     })
  78
  79     it('Should fail with an incorrect video', async function () {
  80       await makeGetRequest({
  81         url: server.url,
  82         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
  83         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
  84       })
  85     })
  86   })
  87
  88   describe('When listing comments of a thread', function () {
  89     it('Should fail with an incorrect video', async function () {
  90       await makeGetRequest({
  91         url: server.url,
  92         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
  93         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
  94       })
  95     })
  96
  97     it('Should fail with an incorrect thread id', async function () {
  98       await makeGetRequest({
  99         url: server.url,
 100         path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
 101         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 102       })
 103     })
 104
 105     it('Should success with the correct params', async function () {
 106       await makeGetRequest({
 107         url: server.url,
 108         path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
 109         statusCodeExpected: HttpStatusCode.OK_200
 110       })
 111     })
 112   })
 113
 114   describe('When adding a video thread', function () {
 115
 116     it('Should fail with a non authenticated user', async function () {
 117       const fields = {
 118         text: 'text'
 119       }
 120       await makePostBodyRequest({
 121         url: server.url,
 122         path: pathThread,
 123         token: 'none',
 124         fields,
 125         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 126       })
 127     })
 128
 129     it('Should fail with nothing', async function () {
 130       const fields = {}
 131       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 132     })
 133
 134     it('Should fail with a short comment', async function () {
 135       const fields = {
 136         text: ''
 137       }
 138       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 139     })
 140
 141     it('Should fail with a long comment', async function () {
 142       const fields = {
 143         text: 'h'.repeat(10001)
 144       }
 145       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 146     })
 147
 148     it('Should fail with an incorrect video', async function () {
 149       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
 150       const fields = {
 151         text: 'super comment'
 152       }
 153       await makePostBodyRequest({
 154         url: server.url,
 155         path,
 156         token: server.accessToken,
 157         fields,
 158         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 159       })
 160     })
 161
 162     it('Should succeed with the correct parameters', async function () {
 163       const fields = {
 164         text: 'super comment'
 165       }
 166       await makePostBodyRequest({
 167         url: server.url,
 168         path: pathThread,
 169         token: server.accessToken,
 170         fields,
 171         statusCodeExpected: HttpStatusCode.OK_200
 172       })
 173     })
 174   })
 175
 176   describe('When adding a comment to a thread', function () {
 177     it('Should fail with a non authenticated user', async function () {
 178       const fields = {
 179         text: 'text'
 180       }
 181       await makePostBodyRequest({
 182         url: server.url,
 183         path: pathComment,
 184         token: 'none',
 185         fields,
 186         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 187       })
 188     })
 189
 190     it('Should fail with nothing', async function () {
 191       const fields = {}
 192       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 193     })
 194
 195     it('Should fail with a short comment', async function () {
 196       const fields = {
 197         text: ''
 198       }
 199       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 200     })
 201
 202     it('Should fail with a long comment', async function () {
 203       const fields = {
 204         text: 'h'.repeat(10001)
 205       }
 206       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 207     })
 208
 209     it('Should fail with an incorrect video', async function () {
 210       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
 211       const fields = {
 212         text: 'super comment'
 213       }
 214       await makePostBodyRequest({
 215         url: server.url,
 216         path,
 217         token: server.accessToken,
 218         fields,
 219         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 220       })
 221     })
 222
 223     it('Should fail with an incorrect comment', async function () {
 224       const path = '/api/v1/videos/' + video.uuid + '/comments/124'
 225       const fields = {
 226         text: 'super comment'
 227       }
 228       await makePostBodyRequest({
 229         url: server.url,
 230         path,
 231         token: server.accessToken,
 232         fields,
 233         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 234       })
 235     })
 236
 237     it('Should succeed with the correct parameters', async function () {
 238       const fields = {
 239         text: 'super comment'
 240       }
 241       await makePostBodyRequest({
 242         url: server.url,
 243         path: pathComment,
 244         token: server.accessToken,
 245         fields,
 246         statusCodeExpected: HttpStatusCode.OK_200
 247       })
 248     })
 249   })
 250
 251   describe('When removing video comments', function () {
 252     it('Should fail with a non authenticated user', async function () {
 253       await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
 254     })
 255
 256     it('Should fail with another user', async function () {
 257       await makeDeleteRequest({
 258         url: server.url,
 259         path: pathComment,
 260         token: userAccessToken,
 261         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 262       })
 263     })
 264
 265     it('Should fail with an incorrect video', async function () {
 266       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
 267       await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
 268     })
 269
 270     it('Should fail with an incorrect comment', async function () {
 271       const path = '/api/v1/videos/' + video.uuid + '/comments/124'
 272       await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
 273     })
 274
 275     it('Should succeed with the same user', async function () {
 276       let commentToDelete: number
 277
 278       {
 279         const created = await server.commentsCommand.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
 280         commentToDelete = created.id
 281       }
 282
 283       const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
 284
 285       await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
 286       await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
 287     })
 288
 289     it('Should succeed with the owner of the video', async function () {
 290       let commentToDelete: number
 291       let anotherVideoUUID: string
 292
 293       {
 294         const res = await uploadVideo(server.url, userAccessToken, { name: 'video' })
 295         anotherVideoUUID = res.body.video.uuid
 296       }
 297
 298       {
 299         const created = await server.commentsCommand.createThread({ videoId: anotherVideoUUID, text: 'hello' })
 300         commentToDelete = created.id
 301       }
 302
 303       const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
 304
 305       await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
 306       await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
 307     })
 308
 309     it('Should succeed with the correct parameters', async function () {
 310       await makeDeleteRequest({
 311         url: server.url,
 312         path: pathComment,
 313         token: server.accessToken,
 314         statusCodeExpected: HttpStatusCode.NO_CONTENT_204
 315       })
 316     })
 317   })
 318
 319   describe('When a video has comments disabled', function () {
 320     before(async function () {
 321       const res = await uploadVideo(server.url, server.accessToken, { commentsEnabled: false })
 322       video = res.body.video
 323       pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
 324     })
 325
 326     it('Should return an empty thread list', async function () {
 327       const res = await makeGetRequest({
 328         url: server.url,
 329         path: pathThread,
 330         statusCodeExpected: HttpStatusCode.OK_200
 331       })
 332       expect(res.body.total).to.equal(0)
 333       expect(res.body.data).to.have.lengthOf(0)
 334     })
 335
 336     it('Should return an thread comments list')
 337
 338     it('Should return conflict on thread add', async function () {
 339       const fields = {
 340         text: 'super comment'
 341       }
 342       await makePostBodyRequest({
 343         url: server.url,
 344         path: pathThread,
 345         token: server.accessToken,
 346         fields,
 347         statusCodeExpected: HttpStatusCode.CONFLICT_409
 348       })
 349     })
 350
 351     it('Should return conflict on comment thread add')
 352   })
 353
 354   describe('When listing admin comments threads', function () {
 355     const path = '/api/v1/videos/comments'
 356
 357     it('Should fail with a bad start pagination', async function () {
 358       await checkBadStartPagination(server.url, path, server.accessToken)
 359     })
 360
 361     it('Should fail with a bad count pagination', async function () {
 362       await checkBadCountPagination(server.url, path, server.accessToken)
 363     })
 364
 365     it('Should fail with an incorrect sort', async function () {
 366       await checkBadSortPagination(server.url, path, server.accessToken)
 367     })
 368
 369     it('Should fail with a non authenticated user', async function () {
 370       await makeGetRequest({
 371         url: server.url,
 372         path,
 373         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 374       })
 375     })
 376
 377     it('Should fail with a non admin user', async function () {
 378       await makeGetRequest({
 379         url: server.url,
 380         path,
 381         token: userAccessToken,
 382         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 383       })
 384     })
 385
 386     it('Should succeed with the correct params', async function () {
 387       await makeGetRequest({
 388         url: server.url,
 389         path,
 390         token: server.accessToken,
 391         query: {
 392           isLocal: false,
 393           search: 'toto',
 394           searchAccount: 'toto',
 395           searchVideo: 'toto'
 396         },
 397         statusCodeExpected: HttpStatusCode.OK_200
 398       })
 399     })
 400   })
 401
 402   after(async function () {
 403     await cleanupTests([ server ])
 404   })
 405 })