1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import * as chai from 'chai'
5 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
6 import { HttpStatusCode, VideoCreateResult } from '@shared/models'
14 setAccessTokensToServers
15 } from '@shared/server-commands'
17 const expect = chai.expect
19 describe('Test video comments API validator', function () {
20 let pathThread: string
21 let pathComment: string
22 let server: PeerTubeServer
23 let video: VideoCreateResult
24 let userAccessToken: string
25 let userAccessToken2: string
28 // ---------------------------------------------------------------
30 before(async function () {
33 server = await createSingleServer(1)
35 await setAccessTokensToServers([ server ])
38 video = await server.videos.upload({ attributes: {} })
39 pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
43 const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
44 commentId = created.id
45 pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
49 const user = { username: 'user1', password: 'my super password' }
50 await server.users.create({ username: user.username, password: user.password })
51 userAccessToken = await server.login.getAccessToken(user)
55 const user = { username: 'user2', password: 'my super password' }
56 await server.users.create({ username: user.username, password: user.password })
57 userAccessToken2 = await server.login.getAccessToken(user)
61 describe('When listing video comment threads', function () {
62 it('Should fail with a bad start pagination', async function () {
63 await checkBadStartPagination(server.url, pathThread, server.accessToken)
66 it('Should fail with a bad count pagination', async function () {
67 await checkBadCountPagination(server.url, pathThread, server.accessToken)
70 it('Should fail with an incorrect sort', async function () {
71 await checkBadSortPagination(server.url, pathThread, server.accessToken)
74 it('Should fail with an incorrect video', async function () {
75 await makeGetRequest({
77 path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
78 expectedStatus: HttpStatusCode.NOT_FOUND_404
83 describe('When listing comments of a thread', function () {
84 it('Should fail with an incorrect video', async function () {
85 await makeGetRequest({
87 path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
88 expectedStatus: HttpStatusCode.NOT_FOUND_404
92 it('Should fail with an incorrect thread id', async function () {
93 await makeGetRequest({
95 path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
96 expectedStatus: HttpStatusCode.NOT_FOUND_404
100 it('Should success with the correct params', async function () {
101 await makeGetRequest({
103 path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
104 expectedStatus: HttpStatusCode.OK_200
109 describe('When adding a video thread', function () {
111 it('Should fail with a non authenticated user', async function () {
115 await makePostBodyRequest({
120 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
124 it('Should fail with nothing', async function () {
126 await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
129 it('Should fail with a short comment', async function () {
133 await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
136 it('Should fail with a long comment', async function () {
138 text: 'h'.repeat(10001)
140 await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
143 it('Should fail with an incorrect video', async function () {
144 const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
146 text: 'super comment'
148 await makePostBodyRequest({
151 token: server.accessToken,
153 expectedStatus: HttpStatusCode.NOT_FOUND_404
157 it('Should succeed with the correct parameters', async function () {
159 text: 'super comment'
161 await makePostBodyRequest({
164 token: server.accessToken,
166 expectedStatus: HttpStatusCode.OK_200
171 describe('When adding a comment to a thread', function () {
172 it('Should fail with a non authenticated user', async function () {
176 await makePostBodyRequest({
181 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
185 it('Should fail with nothing', async function () {
187 await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
190 it('Should fail with a short comment', async function () {
194 await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
197 it('Should fail with a long comment', async function () {
199 text: 'h'.repeat(10001)
201 await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
204 it('Should fail with an incorrect video', async function () {
205 const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
207 text: 'super comment'
209 await makePostBodyRequest({
212 token: server.accessToken,
214 expectedStatus: HttpStatusCode.NOT_FOUND_404
218 it('Should fail with an incorrect comment', async function () {
219 const path = '/api/v1/videos/' + video.uuid + '/comments/124'
221 text: 'super comment'
223 await makePostBodyRequest({
226 token: server.accessToken,
228 expectedStatus: HttpStatusCode.NOT_FOUND_404
232 it('Should succeed with the correct parameters', async function () {
234 text: 'super comment'
236 await makePostBodyRequest({
239 token: server.accessToken,
241 expectedStatus: HttpStatusCode.OK_200
246 describe('When removing video comments', function () {
247 it('Should fail with a non authenticated user', async function () {
248 await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
251 it('Should fail with another user', async function () {
252 await makeDeleteRequest({
255 token: userAccessToken,
256 expectedStatus: HttpStatusCode.FORBIDDEN_403
260 it('Should fail with an incorrect video', async function () {
261 const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
262 await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
265 it('Should fail with an incorrect comment', async function () {
266 const path = '/api/v1/videos/' + video.uuid + '/comments/124'
267 await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
270 it('Should succeed with the same user', async function () {
271 let commentToDelete: number
274 const created = await server.comments.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
275 commentToDelete = created.id
278 const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
280 await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
281 await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
284 it('Should succeed with the owner of the video', async function () {
285 let commentToDelete: number
286 let anotherVideoUUID: string
289 const { uuid } = await server.videos.upload({ token: userAccessToken, attributes: { name: 'video' } })
290 anotherVideoUUID = uuid
294 const created = await server.comments.createThread({ videoId: anotherVideoUUID, text: 'hello' })
295 commentToDelete = created.id
298 const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
300 await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
301 await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
304 it('Should succeed with the correct parameters', async function () {
305 await makeDeleteRequest({
308 token: server.accessToken,
309 expectedStatus: HttpStatusCode.NO_CONTENT_204
314 describe('When a video has comments disabled', function () {
315 before(async function () {
316 video = await server.videos.upload({ attributes: { commentsEnabled: false } })
317 pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
320 it('Should return an empty thread list', async function () {
321 const res = await makeGetRequest({
324 expectedStatus: HttpStatusCode.OK_200
326 expect(res.body.total).to.equal(0)
327 expect(res.body.data).to.have.lengthOf(0)
330 it('Should return an thread comments list')
332 it('Should return conflict on thread add', async function () {
334 text: 'super comment'
336 await makePostBodyRequest({
339 token: server.accessToken,
341 expectedStatus: HttpStatusCode.CONFLICT_409
345 it('Should return conflict on comment thread add')
348 describe('When listing admin comments threads', function () {
349 const path = '/api/v1/videos/comments'
351 it('Should fail with a bad start pagination', async function () {
352 await checkBadStartPagination(server.url, path, server.accessToken)
355 it('Should fail with a bad count pagination', async function () {
356 await checkBadCountPagination(server.url, path, server.accessToken)
359 it('Should fail with an incorrect sort', async function () {
360 await checkBadSortPagination(server.url, path, server.accessToken)
363 it('Should fail with a non authenticated user', async function () {
364 await makeGetRequest({
367 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
371 it('Should fail with a non admin user', async function () {
372 await makeGetRequest({
375 token: userAccessToken,
376 expectedStatus: HttpStatusCode.FORBIDDEN_403
380 it('Should succeed with the correct params', async function () {
381 await makeGetRequest({
384 token: server.accessToken,
388 searchAccount: 'toto',
391 expectedStatus: HttpStatusCode.OK_200
396 after(async function () {
397 await cleanupTests([ server ])