server/tests/api/check-params/video-comments.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   checkBadCountPagination,
   8   checkBadSortPagination,
   9   checkBadStartPagination,
  10   cleanupTests,
  11   createUser,
  12   flushAndRunServer,
  13   makeDeleteRequest,
  14   makeGetRequest,
  15   makePostBodyRequest,
  16   ServerInfo,
  17   setAccessTokensToServers,
  18   uploadVideo,
  19   userLogin
  20 } from '@shared/extra-utils'
  21 import { VideoCreateResult } from '@shared/models'
  22
  23 const expect = chai.expect
  24
  25 describe('Test video comments API validator', function () {
  26   let pathThread: string
  27   let pathComment: string
  28   let server: ServerInfo
  29   let video: VideoCreateResult
  30   let userAccessToken: string
  31   let userAccessToken2: string
  32   let commentId: number
  33
  34   // ---------------------------------------------------------------
  35
  36   before(async function () {
  37     this.timeout(30000)
  38
  39     server = await flushAndRunServer(1)
  40
  41     await setAccessTokensToServers([ server ])
  42
  43     {
  44       const res = await uploadVideo(server.url, server.accessToken, {})
  45       video = res.body.video
  46       pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
  47     }
  48
  49     {
  50       const created = await server.commentsCommand.createThread({ videoId: video.uuid, text: 'coucou' })
  51       commentId = created.id
  52       pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
  53     }
  54
  55     {
  56       const user = { username: 'user1', password: 'my super password' }
  57       await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
  58       userAccessToken = await userLogin(server, user)
  59     }
  60
  61     {
  62       const user = { username: 'user2', password: 'my super password' }
  63       await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
  64       userAccessToken2 = await userLogin(server, user)
  65     }
  66   })
  67
  68   describe('When listing video comment threads', function () {
  69     it('Should fail with a bad start pagination', async function () {
  70       await checkBadStartPagination(server.url, pathThread, server.accessToken)
  71     })
  72
  73     it('Should fail with a bad count pagination', async function () {
  74       await checkBadCountPagination(server.url, pathThread, server.accessToken)
  75     })
  76
  77     it('Should fail with an incorrect sort', async function () {
  78       await checkBadSortPagination(server.url, pathThread, server.accessToken)
  79     })
  80
  81     it('Should fail with an incorrect video', async function () {
  82       await makeGetRequest({
  83         url: server.url,
  84         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
  85         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
  86       })
  87     })
  88   })
  89
  90   describe('When listing comments of a thread', function () {
  91     it('Should fail with an incorrect video', async function () {
  92       await makeGetRequest({
  93         url: server.url,
  94         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
  95         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
  96       })
  97     })
  98
  99     it('Should fail with an incorrect thread id', async function () {
 100       await makeGetRequest({
 101         url: server.url,
 102         path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
 103         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 104       })
 105     })
 106
 107     it('Should success with the correct params', async function () {
 108       await makeGetRequest({
 109         url: server.url,
 110         path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
 111         statusCodeExpected: HttpStatusCode.OK_200
 112       })
 113     })
 114   })
 115
 116   describe('When adding a video thread', function () {
 117
 118     it('Should fail with a non authenticated user', async function () {
 119       const fields = {
 120         text: 'text'
 121       }
 122       await makePostBodyRequest({
 123         url: server.url,
 124         path: pathThread,
 125         token: 'none',
 126         fields,
 127         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 128       })
 129     })
 130
 131     it('Should fail with nothing', async function () {
 132       const fields = {}
 133       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 134     })
 135
 136     it('Should fail with a short comment', async function () {
 137       const fields = {
 138         text: ''
 139       }
 140       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 141     })
 142
 143     it('Should fail with a long comment', async function () {
 144       const fields = {
 145         text: 'h'.repeat(10001)
 146       }
 147       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 148     })
 149
 150     it('Should fail with an incorrect video', async function () {
 151       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
 152       const fields = {
 153         text: 'super comment'
 154       }
 155       await makePostBodyRequest({
 156         url: server.url,
 157         path,
 158         token: server.accessToken,
 159         fields,
 160         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 161       })
 162     })
 163
 164     it('Should succeed with the correct parameters', async function () {
 165       const fields = {
 166         text: 'super comment'
 167       }
 168       await makePostBodyRequest({
 169         url: server.url,
 170         path: pathThread,
 171         token: server.accessToken,
 172         fields,
 173         statusCodeExpected: HttpStatusCode.OK_200
 174       })
 175     })
 176   })
 177
 178   describe('When adding a comment to a thread', function () {
 179     it('Should fail with a non authenticated user', async function () {
 180       const fields = {
 181         text: 'text'
 182       }
 183       await makePostBodyRequest({
 184         url: server.url,
 185         path: pathComment,
 186         token: 'none',
 187         fields,
 188         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 189       })
 190     })
 191
 192     it('Should fail with nothing', async function () {
 193       const fields = {}
 194       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 195     })
 196
 197     it('Should fail with a short comment', async function () {
 198       const fields = {
 199         text: ''
 200       }
 201       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 202     })
 203
 204     it('Should fail with a long comment', async function () {
 205       const fields = {
 206         text: 'h'.repeat(10001)
 207       }
 208       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 209     })
 210
 211     it('Should fail with an incorrect video', async function () {
 212       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
 213       const fields = {
 214         text: 'super comment'
 215       }
 216       await makePostBodyRequest({
 217         url: server.url,
 218         path,
 219         token: server.accessToken,
 220         fields,
 221         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 222       })
 223     })
 224
 225     it('Should fail with an incorrect comment', async function () {
 226       const path = '/api/v1/videos/' + video.uuid + '/comments/124'
 227       const fields = {
 228         text: 'super comment'
 229       }
 230       await makePostBodyRequest({
 231         url: server.url,
 232         path,
 233         token: server.accessToken,
 234         fields,
 235         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 236       })
 237     })
 238
 239     it('Should succeed with the correct parameters', async function () {
 240       const fields = {
 241         text: 'super comment'
 242       }
 243       await makePostBodyRequest({
 244         url: server.url,
 245         path: pathComment,
 246         token: server.accessToken,
 247         fields,
 248         statusCodeExpected: HttpStatusCode.OK_200
 249       })
 250     })
 251   })
 252
 253   describe('When removing video comments', function () {
 254     it('Should fail with a non authenticated user', async function () {
 255       await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
 256     })
 257
 258     it('Should fail with another user', async function () {
 259       await makeDeleteRequest({
 260         url: server.url,
 261         path: pathComment,
 262         token: userAccessToken,
 263         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 264       })
 265     })
 266
 267     it('Should fail with an incorrect video', async function () {
 268       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
 269       await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
 270     })
 271
 272     it('Should fail with an incorrect comment', async function () {
 273       const path = '/api/v1/videos/' + video.uuid + '/comments/124'
 274       await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
 275     })
 276
 277     it('Should succeed with the same user', async function () {
 278       let commentToDelete: number
 279
 280       {
 281         const created = await server.commentsCommand.createThread({ videoId: video.uuid, text: 'hello' })
 282         commentToDelete = created.id
 283       }
 284
 285       const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
 286
 287       await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
 288       await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
 289     })
 290
 291     it('Should succeed with the owner of the video', async function () {
 292       let commentToDelete: number
 293       let anotherVideoUUID: string
 294
 295       {
 296         const res = await uploadVideo(server.url, userAccessToken, { name: 'video' })
 297         anotherVideoUUID = res.body.video.uuid
 298       }
 299
 300       {
 301         const created = await server.commentsCommand.createThread({ videoId: anotherVideoUUID, text: 'hello' })
 302         commentToDelete = created.id
 303       }
 304
 305       const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
 306
 307       await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
 308       await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
 309     })
 310
 311     it('Should succeed with the correct parameters', async function () {
 312       await makeDeleteRequest({
 313         url: server.url,
 314         path: pathComment,
 315         token: server.accessToken,
 316         statusCodeExpected: HttpStatusCode.NO_CONTENT_204
 317       })
 318     })
 319   })
 320
 321   describe('When a video has comments disabled', function () {
 322     before(async function () {
 323       const res = await uploadVideo(server.url, server.accessToken, { commentsEnabled: false })
 324       video = res.body.video
 325       pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
 326     })
 327
 328     it('Should return an empty thread list', async function () {
 329       const res = await makeGetRequest({
 330         url: server.url,
 331         path: pathThread,
 332         statusCodeExpected: HttpStatusCode.OK_200
 333       })
 334       expect(res.body.total).to.equal(0)
 335       expect(res.body.data).to.have.lengthOf(0)
 336     })
 337
 338     it('Should return an thread comments list')
 339
 340     it('Should return conflict on thread add', async function () {
 341       const fields = {
 342         text: 'super comment'
 343       }
 344       await makePostBodyRequest({
 345         url: server.url,
 346         path: pathThread,
 347         token: server.accessToken,
 348         fields,
 349         statusCodeExpected: HttpStatusCode.CONFLICT_409
 350       })
 351     })
 352
 353     it('Should return conflict on comment thread add')
 354   })
 355
 356   describe('When listing admin comments threads', function () {
 357     const path = '/api/v1/videos/comments'
 358
 359     it('Should fail with a bad start pagination', async function () {
 360       await checkBadStartPagination(server.url, path, server.accessToken)
 361     })
 362
 363     it('Should fail with a bad count pagination', async function () {
 364       await checkBadCountPagination(server.url, path, server.accessToken)
 365     })
 366
 367     it('Should fail with an incorrect sort', async function () {
 368       await checkBadSortPagination(server.url, path, server.accessToken)
 369     })
 370
 371     it('Should fail with a non authenticated user', async function () {
 372       await makeGetRequest({
 373         url: server.url,
 374         path,
 375         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 376       })
 377     })
 378
 379     it('Should fail with a non admin user', async function () {
 380       await makeGetRequest({
 381         url: server.url,
 382         path,
 383         token: userAccessToken,
 384         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 385       })
 386     })
 387
 388     it('Should succeed with the correct params', async function () {
 389       await makeGetRequest({
 390         url: server.url,
 391         path,
 392         token: server.accessToken,
 393         query: {
 394           isLocal: false,
 395           search: 'toto',
 396           searchAccount: 'toto',
 397           searchVideo: 'toto'
 398         },
 399         statusCodeExpected: HttpStatusCode.OK_200
 400       })
 401     })
 402   })
 403
 404   after(async function () {
 405     await cleanupTests([ server ])
 406   })
 407 })