server/tests/api/check-params/videos-common-filters.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import { HttpStatusCode, UserRole, VideoInclude, VideoPrivacy } from '@shared/models'
   4 import {
   5   cleanupTests,
   6   createSingleServer,
   7   makeGetRequest,
   8   PeerTubeServer,
   9   setAccessTokensToServers,
  10   setDefaultVideoChannel
  11 } from '@shared/server-commands'
  12
  13 describe('Test video filters validators', function () {
  14   let server: PeerTubeServer
  15   let userAccessToken: string
  16   let moderatorAccessToken: string
  17
  18   // ---------------------------------------------------------------
  19
  20   before(async function () {
  21     this.timeout(30000)
  22
  23     server = await createSingleServer(1)
  24
  25     await setAccessTokensToServers([ server ])
  26     await setDefaultVideoChannel([ server ])
  27
  28     const user = { username: 'user1', password: 'my super password' }
  29     await server.users.create({ username: user.username, password: user.password })
  30     userAccessToken = await server.login.getAccessToken(user)
  31
  32     const moderator = { username: 'moderator', password: 'my super password' }
  33     await server.users.create({ username: moderator.username, password: moderator.password, role: UserRole.MODERATOR })
  34
  35     moderatorAccessToken = await server.login.getAccessToken(moderator)
  36   })
  37
  38   describe('When setting a deprecated video filter', function () {
  39
  40     async function testEndpoints (token: string, filter: string, expectedStatus: HttpStatusCode) {
  41       const paths = [
  42         '/api/v1/video-channels/root_channel/videos',
  43         '/api/v1/accounts/root/videos',
  44         '/api/v1/videos',
  45         '/api/v1/search/videos',
  46         '/api/v1/users/me/subscriptions/videos'
  47       ]
  48
  49       for (const path of paths) {
  50         await makeGetRequest({
  51           url: server.url,
  52           path,
  53           token,
  54           query: {
  55             filter
  56           },
  57           expectedStatus
  58         })
  59       }
  60     }
  61
  62     it('Should fail with a bad filter', async function () {
  63       await testEndpoints(server.accessToken, 'bad-filter', HttpStatusCode.BAD_REQUEST_400)
  64     })
  65
  66     it('Should succeed with a good filter', async function () {
  67       await testEndpoints(server.accessToken, 'local', HttpStatusCode.OK_200)
  68     })
  69
  70     it('Should fail to list all-local/all with a simple user', async function () {
  71       await testEndpoints(userAccessToken, 'all-local', HttpStatusCode.UNAUTHORIZED_401)
  72       await testEndpoints(userAccessToken, 'all', HttpStatusCode.UNAUTHORIZED_401)
  73     })
  74
  75     it('Should succeed to list all-local/all with a moderator', async function () {
  76       await testEndpoints(moderatorAccessToken, 'all-local', HttpStatusCode.OK_200)
  77       await testEndpoints(moderatorAccessToken, 'all', HttpStatusCode.OK_200)
  78     })
  79
  80     it('Should succeed to list all-local/all with an admin', async function () {
  81       await testEndpoints(server.accessToken, 'all-local', HttpStatusCode.OK_200)
  82       await testEndpoints(server.accessToken, 'all', HttpStatusCode.OK_200)
  83     })
  84
  85     // Because we cannot authenticate the user on the RSS endpoint
  86     it('Should fail on the feeds endpoint with the all-local/all filter', async function () {
  87       for (const filter of [ 'all', 'all-local' ]) {
  88         await makeGetRequest({
  89           url: server.url,
  90           path: '/feeds/videos.json',
  91           expectedStatus: HttpStatusCode.UNAUTHORIZED_401,
  92           query: {
  93             filter
  94           }
  95         })
  96       }
  97     })
  98
  99     it('Should succeed on the feeds endpoint with the local filter', async function () {
 100       await makeGetRequest({
 101         url: server.url,
 102         path: '/feeds/videos.json',
 103         expectedStatus: HttpStatusCode.OK_200,
 104         query: {
 105           filter: 'local'
 106         }
 107       })
 108     })
 109   })
 110
 111   describe('When setting video filters', function () {
 112
 113     const validIncludes = [
 114       VideoInclude.NONE,
 115       VideoInclude.BLOCKED_OWNER,
 116       VideoInclude.NOT_PUBLISHED_STATE | VideoInclude.BLACKLISTED
 117     ]
 118
 119     async function testEndpoints (options: {
 120       token?: string
 121       isLocal?: boolean
 122       include?: VideoInclude
 123       privacyOneOf?: VideoPrivacy[]
 124       expectedStatus: HttpStatusCode
 125       excludeAlreadyWatched?: boolean
 126       unauthenticatedUser?: boolean
 127     }) {
 128       const paths = [
 129         '/api/v1/video-channels/root_channel/videos',
 130         '/api/v1/accounts/root/videos',
 131         '/api/v1/videos',
 132         '/api/v1/search/videos'
 133       ]
 134
 135       for (const path of paths) {
 136         const token = options.unauthenticatedUser
 137           ? undefined
 138           : options.token || server.accessToken
 139
 140         await makeGetRequest({
 141           url: server.url,
 142           path,
 143           token,
 144           query: {
 145             isLocal: options.isLocal,
 146             privacyOneOf: options.privacyOneOf,
 147             include: options.include,
 148             excludeAlreadyWatched: options.excludeAlreadyWatched
 149           },
 150           expectedStatus: options.expectedStatus
 151         })
 152       }
 153     }
 154
 155     it('Should fail with a bad privacyOneOf', async function () {
 156       await testEndpoints({ privacyOneOf: [ 'toto' ] as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 157     })
 158
 159     it('Should succeed with a good privacyOneOf', async function () {
 160       await testEndpoints({ privacyOneOf: [ VideoPrivacy.INTERNAL ], expectedStatus: HttpStatusCode.OK_200 })
 161     })
 162
 163     it('Should fail to use privacyOneOf with a simple user', async function () {
 164       await testEndpoints({
 165         privacyOneOf: [ VideoPrivacy.INTERNAL ],
 166         token: userAccessToken,
 167         expectedStatus: HttpStatusCode.UNAUTHORIZED_401
 168       })
 169     })
 170
 171     it('Should fail with a bad include', async function () {
 172       await testEndpoints({ include: 'toto' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 173     })
 174
 175     it('Should succeed with a good include', async function () {
 176       for (const include of validIncludes) {
 177         await testEndpoints({ include, expectedStatus: HttpStatusCode.OK_200 })
 178       }
 179     })
 180
 181     it('Should fail to include more videos with a simple user', async function () {
 182       for (const include of validIncludes) {
 183         await testEndpoints({ token: userAccessToken, include, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
 184       }
 185     })
 186
 187     it('Should succeed to list all local/all with a moderator', async function () {
 188       for (const include of validIncludes) {
 189         await testEndpoints({ token: moderatorAccessToken, include, expectedStatus: HttpStatusCode.OK_200 })
 190       }
 191     })
 192
 193     it('Should succeed to list all local/all with an admin', async function () {
 194       for (const include of validIncludes) {
 195         await testEndpoints({ token: server.accessToken, include, expectedStatus: HttpStatusCode.OK_200 })
 196       }
 197     })
 198
 199     // Because we cannot authenticate the user on the RSS endpoint
 200     it('Should fail on the feeds endpoint with the all filter', async function () {
 201       for (const include of [ VideoInclude.NOT_PUBLISHED_STATE ]) {
 202         await makeGetRequest({
 203           url: server.url,
 204           path: '/feeds/videos.json',
 205           expectedStatus: HttpStatusCode.UNAUTHORIZED_401,
 206           query: {
 207             include
 208           }
 209         })
 210       }
 211     })
 212
 213     it('Should succeed on the feeds endpoint with the local filter', async function () {
 214       await makeGetRequest({
 215         url: server.url,
 216         path: '/feeds/videos.json',
 217         expectedStatus: HttpStatusCode.OK_200,
 218         query: {
 219           isLocal: true
 220         }
 221       })
 222     })
 223
 224     it('Should fail when trying to exclude already watched videos for an unlogged user', async function () {
 225       await testEndpoints({ excludeAlreadyWatched: true, unauthenticatedUser: true, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
 226     })
 227
 228     it('Should succeed when trying to exclude already watched videos for a logged user', async function () {
 229       await testEndpoints({ token: userAccessToken, excludeAlreadyWatched: true, expectedStatus: HttpStatusCode.OK_200 })
 230     })
 231   })
 232
 233   after(async function () {
 234     await cleanupTests([ server ])
 235   })
 236 })