server/tests/api/check-params/video-comments.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import 'mocha'
   4 import * as chai from 'chai'
   5 import { HttpStatusCode } from '@shared/core-utils'
   6 import {
   7   checkBadCountPagination,
   8   checkBadSortPagination,
   9   checkBadStartPagination,
  10   cleanupTests,
  11   createUser,
  12   flushAndRunServer,
  13   makeDeleteRequest,
  14   makeGetRequest,
  15   makePostBodyRequest,
  16   ServerInfo,
  17   setAccessTokensToServers,
  18   uploadVideo
  19 } from '@shared/extra-utils'
  20 import { VideoCreateResult } from '@shared/models'
  21
  22 const expect = chai.expect
  23
  24 describe('Test video comments API validator', function () {
  25   let pathThread: string
  26   let pathComment: string
  27   let server: ServerInfo
  28   let video: VideoCreateResult
  29   let userAccessToken: string
  30   let userAccessToken2: string
  31   let commentId: number
  32
  33   // ---------------------------------------------------------------
  34
  35   before(async function () {
  36     this.timeout(30000)
  37
  38     server = await flushAndRunServer(1)
  39
  40     await setAccessTokensToServers([ server ])
  41
  42     {
  43       const res = await uploadVideo(server.url, server.accessToken, {})
  44       video = res.body.video
  45       pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
  46     }
  47
  48     {
  49       const created = await server.commentsCommand.createThread({ videoId: video.uuid, text: 'coucou' })
  50       commentId = created.id
  51       pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
  52     }
  53
  54     {
  55       const user = { username: 'user1', password: 'my super password' }
  56       await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
  57       userAccessToken = await server.loginCommand.getAccessToken(user)
  58     }
  59
  60     {
  61       const user = { username: 'user2', password: 'my super password' }
  62       await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
  63       userAccessToken2 = await server.loginCommand.getAccessToken(user)
  64     }
  65   })
  66
  67   describe('When listing video comment threads', function () {
  68     it('Should fail with a bad start pagination', async function () {
  69       await checkBadStartPagination(server.url, pathThread, server.accessToken)
  70     })
  71
  72     it('Should fail with a bad count pagination', async function () {
  73       await checkBadCountPagination(server.url, pathThread, server.accessToken)
  74     })
  75
  76     it('Should fail with an incorrect sort', async function () {
  77       await checkBadSortPagination(server.url, pathThread, server.accessToken)
  78     })
  79
  80     it('Should fail with an incorrect video', async function () {
  81       await makeGetRequest({
  82         url: server.url,
  83         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
  84         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
  85       })
  86     })
  87   })
  88
  89   describe('When listing comments of a thread', function () {
  90     it('Should fail with an incorrect video', async function () {
  91       await makeGetRequest({
  92         url: server.url,
  93         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
  94         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
  95       })
  96     })
  97
  98     it('Should fail with an incorrect thread id', async function () {
  99       await makeGetRequest({
 100         url: server.url,
 101         path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
 102         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 103       })
 104     })
 105
 106     it('Should success with the correct params', async function () {
 107       await makeGetRequest({
 108         url: server.url,
 109         path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
 110         statusCodeExpected: HttpStatusCode.OK_200
 111       })
 112     })
 113   })
 114
 115   describe('When adding a video thread', function () {
 116
 117     it('Should fail with a non authenticated user', async function () {
 118       const fields = {
 119         text: 'text'
 120       }
 121       await makePostBodyRequest({
 122         url: server.url,
 123         path: pathThread,
 124         token: 'none',
 125         fields,
 126         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 127       })
 128     })
 129
 130     it('Should fail with nothing', async function () {
 131       const fields = {}
 132       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 133     })
 134
 135     it('Should fail with a short comment', async function () {
 136       const fields = {
 137         text: ''
 138       }
 139       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 140     })
 141
 142     it('Should fail with a long comment', async function () {
 143       const fields = {
 144         text: 'h'.repeat(10001)
 145       }
 146       await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
 147     })
 148
 149     it('Should fail with an incorrect video', async function () {
 150       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
 151       const fields = {
 152         text: 'super comment'
 153       }
 154       await makePostBodyRequest({
 155         url: server.url,
 156         path,
 157         token: server.accessToken,
 158         fields,
 159         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 160       })
 161     })
 162
 163     it('Should succeed with the correct parameters', async function () {
 164       const fields = {
 165         text: 'super comment'
 166       }
 167       await makePostBodyRequest({
 168         url: server.url,
 169         path: pathThread,
 170         token: server.accessToken,
 171         fields,
 172         statusCodeExpected: HttpStatusCode.OK_200
 173       })
 174     })
 175   })
 176
 177   describe('When adding a comment to a thread', function () {
 178     it('Should fail with a non authenticated user', async function () {
 179       const fields = {
 180         text: 'text'
 181       }
 182       await makePostBodyRequest({
 183         url: server.url,
 184         path: pathComment,
 185         token: 'none',
 186         fields,
 187         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 188       })
 189     })
 190
 191     it('Should fail with nothing', async function () {
 192       const fields = {}
 193       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 194     })
 195
 196     it('Should fail with a short comment', async function () {
 197       const fields = {
 198         text: ''
 199       }
 200       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 201     })
 202
 203     it('Should fail with a long comment', async function () {
 204       const fields = {
 205         text: 'h'.repeat(10001)
 206       }
 207       await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
 208     })
 209
 210     it('Should fail with an incorrect video', async function () {
 211       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
 212       const fields = {
 213         text: 'super comment'
 214       }
 215       await makePostBodyRequest({
 216         url: server.url,
 217         path,
 218         token: server.accessToken,
 219         fields,
 220         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 221       })
 222     })
 223
 224     it('Should fail with an incorrect comment', async function () {
 225       const path = '/api/v1/videos/' + video.uuid + '/comments/124'
 226       const fields = {
 227         text: 'super comment'
 228       }
 229       await makePostBodyRequest({
 230         url: server.url,
 231         path,
 232         token: server.accessToken,
 233         fields,
 234         statusCodeExpected: HttpStatusCode.NOT_FOUND_404
 235       })
 236     })
 237
 238     it('Should succeed with the correct parameters', async function () {
 239       const fields = {
 240         text: 'super comment'
 241       }
 242       await makePostBodyRequest({
 243         url: server.url,
 244         path: pathComment,
 245         token: server.accessToken,
 246         fields,
 247         statusCodeExpected: HttpStatusCode.OK_200
 248       })
 249     })
 250   })
 251
 252   describe('When removing video comments', function () {
 253     it('Should fail with a non authenticated user', async function () {
 254       await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
 255     })
 256
 257     it('Should fail with another user', async function () {
 258       await makeDeleteRequest({
 259         url: server.url,
 260         path: pathComment,
 261         token: userAccessToken,
 262         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 263       })
 264     })
 265
 266     it('Should fail with an incorrect video', async function () {
 267       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
 268       await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
 269     })
 270
 271     it('Should fail with an incorrect comment', async function () {
 272       const path = '/api/v1/videos/' + video.uuid + '/comments/124'
 273       await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
 274     })
 275
 276     it('Should succeed with the same user', async function () {
 277       let commentToDelete: number
 278
 279       {
 280         const created = await server.commentsCommand.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
 281         commentToDelete = created.id
 282       }
 283
 284       const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
 285
 286       await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
 287       await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
 288     })
 289
 290     it('Should succeed with the owner of the video', async function () {
 291       let commentToDelete: number
 292       let anotherVideoUUID: string
 293
 294       {
 295         const res = await uploadVideo(server.url, userAccessToken, { name: 'video' })
 296         anotherVideoUUID = res.body.video.uuid
 297       }
 298
 299       {
 300         const created = await server.commentsCommand.createThread({ videoId: anotherVideoUUID, text: 'hello' })
 301         commentToDelete = created.id
 302       }
 303
 304       const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
 305
 306       await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
 307       await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
 308     })
 309
 310     it('Should succeed with the correct parameters', async function () {
 311       await makeDeleteRequest({
 312         url: server.url,
 313         path: pathComment,
 314         token: server.accessToken,
 315         statusCodeExpected: HttpStatusCode.NO_CONTENT_204
 316       })
 317     })
 318   })
 319
 320   describe('When a video has comments disabled', function () {
 321     before(async function () {
 322       const res = await uploadVideo(server.url, server.accessToken, { commentsEnabled: false })
 323       video = res.body.video
 324       pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
 325     })
 326
 327     it('Should return an empty thread list', async function () {
 328       const res = await makeGetRequest({
 329         url: server.url,
 330         path: pathThread,
 331         statusCodeExpected: HttpStatusCode.OK_200
 332       })
 333       expect(res.body.total).to.equal(0)
 334       expect(res.body.data).to.have.lengthOf(0)
 335     })
 336
 337     it('Should return an thread comments list')
 338
 339     it('Should return conflict on thread add', async function () {
 340       const fields = {
 341         text: 'super comment'
 342       }
 343       await makePostBodyRequest({
 344         url: server.url,
 345         path: pathThread,
 346         token: server.accessToken,
 347         fields,
 348         statusCodeExpected: HttpStatusCode.CONFLICT_409
 349       })
 350     })
 351
 352     it('Should return conflict on comment thread add')
 353   })
 354
 355   describe('When listing admin comments threads', function () {
 356     const path = '/api/v1/videos/comments'
 357
 358     it('Should fail with a bad start pagination', async function () {
 359       await checkBadStartPagination(server.url, path, server.accessToken)
 360     })
 361
 362     it('Should fail with a bad count pagination', async function () {
 363       await checkBadCountPagination(server.url, path, server.accessToken)
 364     })
 365
 366     it('Should fail with an incorrect sort', async function () {
 367       await checkBadSortPagination(server.url, path, server.accessToken)
 368     })
 369
 370     it('Should fail with a non authenticated user', async function () {
 371       await makeGetRequest({
 372         url: server.url,
 373         path,
 374         statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
 375       })
 376     })
 377
 378     it('Should fail with a non admin user', async function () {
 379       await makeGetRequest({
 380         url: server.url,
 381         path,
 382         token: userAccessToken,
 383         statusCodeExpected: HttpStatusCode.FORBIDDEN_403
 384       })
 385     })
 386
 387     it('Should succeed with the correct params', async function () {
 388       await makeGetRequest({
 389         url: server.url,
 390         path,
 391         token: server.accessToken,
 392         query: {
 393           isLocal: false,
 394           search: 'toto',
 395           searchAccount: 'toto',
 396           searchVideo: 'toto'
 397         },
 398         statusCodeExpected: HttpStatusCode.OK_200
 399       })
 400     })
 401   })
 402
 403   after(async function () {
 404     await cleanupTests([ server ])
 405   })
 406 })