]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/check-params/videos.ts
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Precisions and security enhancements to the production guide (#287)
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / videos.ts
1 /* tslint:disable:no-unused-expression */
2
3 import * as chai from 'chai'
4 import { omit } from 'lodash'
5 import 'mocha'
6 import { join } from 'path'
7 import { VideoPrivacy } from '../../../../shared/models/videos/video-privacy.enum'
8 import {
9 createUser, flushTests, getMyUserInformation, getVideo, getVideosList, immutableAssign, killallServers, makeDeleteRequest,
10 makeGetRequest, makePostUploadRequest, makePutBodyRequest, removeVideo, runServer, ServerInfo, setAccessTokensToServers, userLogin
11 } from '../../utils'
12 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
13
14 const expect = chai.expect
15
16 describe('Test videos API validator', function () {
17 const path = '/api/v1/videos/'
18 let server: ServerInfo
19 let channelId: number
20
21 // ---------------------------------------------------------------
22
23 before(async function () {
24 this.timeout(30000)
25
26 await flushTests()
27
28 server = await runServer(1)
29
30 await setAccessTokensToServers([ server ])
31
32 const res = await getMyUserInformation(server.url, server.accessToken)
33 channelId = res.body.videoChannels[0].id
34 })
35
36 describe('When listing a video', function () {
37 it('Should fail with a bad start pagination', async function () {
38 await checkBadStartPagination(server.url, path)
39 })
40
41 it('Should fail with a bad count pagination', async function () {
42 await checkBadCountPagination(server.url, path)
43 })
44
45 it('Should fail with an incorrect sort', async function () {
46 await checkBadSortPagination(server.url, path)
47 })
48 })
49
50 describe('When searching a video', function () {
51
52 it('Should fail with nothing', async function () {
53 await makeGetRequest({
54 url: server.url,
55 path: join(path, 'search'),
56 statusCodeExpected: 400
57 })
58 })
59
60 it('Should fail with a bad start pagination', async function () {
61 await checkBadStartPagination(server.url, join(path, 'search', 'test'))
62 })
63
64 it('Should fail with a bad count pagination', async function () {
65 await checkBadCountPagination(server.url, join(path, 'search', 'test'))
66 })
67
68 it('Should fail with an incorrect sort', async function () {
69 await checkBadSortPagination(server.url, join(path, 'search', 'test'))
70 })
71 })
72
73 describe('When listing my videos', function () {
74 const path = '/api/v1/users/me/videos'
75
76 it('Should fail with a bad start pagination', async function () {
77 await checkBadStartPagination(server.url, path, server.accessToken)
78 })
79
80 it('Should fail with a bad count pagination', async function () {
81 await checkBadCountPagination(server.url, path, server.accessToken)
82 })
83
84 it('Should fail with an incorrect sort', async function () {
85 await checkBadSortPagination(server.url, path, server.accessToken)
86 })
87 })
88
89 describe('When adding a video', function () {
90 let baseCorrectParams
91 const baseCorrectAttaches = {
92 'videofile': join(__dirname, '..', 'fixtures', 'video_short.webm')
93 }
94
95 before(function () {
96 // Put in before to have channelId
97 baseCorrectParams = {
98 name: 'my super name',
99 category: 5,
100 licence: 1,
101 language: 6,
102 nsfw: false,
103 commentsEnabled: true,
104 description: 'my super description',
105 tags: [ 'tag1', 'tag2' ],
106 privacy: VideoPrivacy.PUBLIC,
107 channelId
108 }
109 })
110
111 it('Should fail with nothing', async function () {
112 const fields = {}
113 const attaches = {}
114 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
115 })
116
117 it('Should fail without name', async function () {
118 const fields = omit(baseCorrectParams, 'name')
119 const attaches = baseCorrectAttaches
120
121 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
122 })
123
124 it('Should fail with a long name', async function () {
125 const fields = immutableAssign(baseCorrectParams, { name: 'super'.repeat(65) })
126 const attaches = baseCorrectAttaches
127
128 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
129 })
130
131 it('Should fail with a bad category', async function () {
132 const fields = immutableAssign(baseCorrectParams, { category: 125 })
133 const attaches = baseCorrectAttaches
134
135 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
136 })
137
138 it('Should fail with a bad licence', async function () {
139 const fields = immutableAssign(baseCorrectParams, { licence: 125 })
140 const attaches = baseCorrectAttaches
141
142 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
143 })
144
145 it('Should fail with a bad language', async function () {
146 const fields = immutableAssign(baseCorrectParams, { language: 125 })
147 const attaches = baseCorrectAttaches
148
149 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
150 })
151
152 it('Should fail without nsfw attribute', async function () {
153 const fields = omit(baseCorrectParams, 'nsfw')
154 const attaches = baseCorrectAttaches
155
156 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
157 })
158
159 it('Should fail with a bad nsfw attribute', async function () {
160 const fields = immutableAssign(baseCorrectParams, { nsfw: 2 })
161 const attaches = baseCorrectAttaches
162
163 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
164 })
165
166 it('Should fail without commentsEnabled attribute', async function () {
167 const fields = omit(baseCorrectParams, 'commentsEnabled')
168 const attaches = baseCorrectAttaches
169
170 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
171 })
172
173 it('Should fail with a bad commentsEnabled attribute', async function () {
174 const fields = immutableAssign(baseCorrectParams, { commentsEnabled: 2 })
175 const attaches = baseCorrectAttaches
176
177 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
178 })
179
180 it('Should fail with a long description', async function () {
181 const fields = immutableAssign(baseCorrectParams, { description: 'super'.repeat(1500) })
182 const attaches = baseCorrectAttaches
183
184 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
185 })
186
187 it('Should fail without a channel', async function () {
188 const fields = omit(baseCorrectParams, 'channelId')
189 const attaches = baseCorrectAttaches
190
191 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
192 })
193
194 it('Should fail with a bad channel', async function () {
195 const fields = immutableAssign(baseCorrectParams, { channelId: 545454 })
196 const attaches = baseCorrectAttaches
197
198 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
199 })
200
201 it('Should fail with another user channel', async function () {
202 const user = {
203 username: 'fake',
204 password: 'fake_password'
205 }
206 await createUser(server.url, server.accessToken, user.username, user.password)
207
208 const accessTokenUser = await userLogin(server, user)
209 const res = await getMyUserInformation(server.url, accessTokenUser)
210 const customChannelId = res.body.videoChannels[0].id
211
212 const fields = immutableAssign(baseCorrectParams, { channelId: customChannelId })
213 const attaches = baseCorrectAttaches
214
215 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
216 })
217
218 it('Should fail with too many tags', async function () {
219 const fields = immutableAssign(baseCorrectParams, { tags: [ 'tag1', 'tag2', 'tag3', 'tag4', 'tag5', 'tag6' ] })
220 const attaches = baseCorrectAttaches
221
222 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
223 })
224
225 it('Should fail with a tag length too low', async function () {
226 const fields = immutableAssign(baseCorrectParams, { tags: [ 'tag1', 't' ] })
227 const attaches = baseCorrectAttaches
228
229 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
230 })
231
232 it('Should fail with a tag length too big', async function () {
233 const fields = immutableAssign(baseCorrectParams, { tags: [ 'tag1', 'my_super_tag_too_long_long_long_long_long_long' ] })
234 const attaches = baseCorrectAttaches
235
236 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
237 })
238
239 it('Should fail without an input file', async function () {
240 const fields = baseCorrectParams
241 const attaches = {}
242 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
243 })
244
245 it('Should fail without an incorrect input file', async function () {
246 const fields = baseCorrectParams
247 const attaches = {
248 'videofile': join(__dirname, '..', 'fixtures', 'video_short_fake.webm')
249 }
250 await makePostUploadRequest({ url: server.url, path: path + '/upload', token: server.accessToken, fields, attaches })
251 })
252
253 it('Should succeed with the correct parameters', async function () {
254 this.timeout(10000)
255
256 const fields = baseCorrectParams
257
258 {
259 const attaches = baseCorrectAttaches
260 await makePostUploadRequest({
261 url: server.url,
262 path: path + '/upload',
263 token: server.accessToken,
264 fields,
265 attaches,
266 statusCodeExpected: 200
267 })
268 }
269
270 {
271 const attaches = immutableAssign(baseCorrectAttaches, {
272 videofile: join(__dirname, '..', 'fixtures', 'video_short.mp4')
273 })
274
275 await makePostUploadRequest({
276 url: server.url,
277 path: path + '/upload',
278 token: server.accessToken,
279 fields,
280 attaches,
281 statusCodeExpected: 200
282 })
283 }
284
285 {
286 const attaches = immutableAssign(baseCorrectAttaches, {
287 videofile: join(__dirname, '..', 'fixtures', 'video_short.ogv')
288 })
289
290 await makePostUploadRequest({
291 url: server.url,
292 path: path + '/upload',
293 token: server.accessToken,
294 fields,
295 attaches,
296 statusCodeExpected: 200
297 })
298 }
299 })
300 })
301
302 describe('When updating a video', function () {
303 const baseCorrectParams = {
304 name: 'my super name',
305 category: 5,
306 licence: 2,
307 language: 6,
308 nsfw: false,
309 commentsEnabled: false,
310 description: 'my super description',
311 privacy: VideoPrivacy.PUBLIC,
312 tags: [ 'tag1', 'tag2' ]
313 }
314 let videoId
315
316 before(async function () {
317 const res = await getVideosList(server.url)
318 videoId = res.body.data[0].id
319 })
320
321 it('Should fail with nothing', async function () {
322 const fields = {}
323 await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
324 })
325
326 it('Should fail without a valid uuid', async function () {
327 const fields = baseCorrectParams
328 await makePutBodyRequest({ url: server.url, path: path + 'blabla', token: server.accessToken, fields })
329 })
330
331 it('Should fail with an unknown id', async function () {
332 const fields = baseCorrectParams
333
334 await makePutBodyRequest({
335 url: server.url,
336 path: path + '4da6fde3-88f7-4d16-b119-108df5630b06',
337 token: server.accessToken,
338 fields,
339 statusCodeExpected: 404
340 })
341 })
342
343 it('Should fail with a long name', async function () {
344 const fields = immutableAssign(baseCorrectParams, { name: 'super'.repeat(65) })
345
346 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields })
347 })
348
349 it('Should fail with a bad category', async function () {
350 const fields = immutableAssign(baseCorrectParams, { category: 125 })
351
352 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields })
353 })
354
355 it('Should fail with a bad licence', async function () {
356 const fields = immutableAssign(baseCorrectParams, { licence: 125 })
357
358 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields })
359 })
360
361 it('Should fail with a bad language', async function () {
362 const fields = immutableAssign(baseCorrectParams, { language: 125 })
363
364 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields })
365 })
366
367 it('Should fail with a bad nsfw attribute', async function () {
368 const fields = immutableAssign(baseCorrectParams, { nsfw: 2 })
369
370 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields })
371 })
372
373 it('Should fail with a bad commentsEnabled attribute', async function () {
374 const fields = immutableAssign(baseCorrectParams, { commentsEnabled: 2 })
375
376 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields })
377 })
378
379 it('Should fail with a long description', async function () {
380 const fields = immutableAssign(baseCorrectParams, { description: 'super'.repeat(1500) })
381
382 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields })
383 })
384
385 it('Should fail with too many tags', async function () {
386 const fields = immutableAssign(baseCorrectParams, { tags: [ 'tag1', 'tag2', 'tag3', 'tag4', 'tag5', 'tag6' ] })
387
388 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields })
389 })
390
391 it('Should fail with a tag length too low', async function () {
392 const fields = immutableAssign(baseCorrectParams, { tags: [ 'tag1', 't' ] })
393
394 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields })
395 })
396
397 it('Should fail with a tag length too big', async function () {
398 const fields = immutableAssign(baseCorrectParams, { tags: [ 'tag1', 'my_super_tag_too_long_long_long_long_long_long' ] })
399
400 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields })
401 })
402
403 it('Should fail with a video of another user')
404
405 it('Should fail with a video of another server')
406
407 it('Should succeed with the correct parameters', async function () {
408 const fields = baseCorrectParams
409
410 await makePutBodyRequest({ url: server.url, path: path + videoId, token: server.accessToken, fields, statusCodeExpected: 204 })
411 })
412 })
413
414 describe('When getting a video', function () {
415 it('Should return the list of the videos with nothing', async function () {
416 const res = await makeGetRequest({
417 url: server.url,
418 path,
419 statusCodeExpected: 200
420 })
421
422 expect(res.body.data).to.be.an('array')
423 expect(res.body.data.length).to.equal(3)
424 })
425
426 it('Should fail without a correct uuid', async function () {
427 await getVideo(server.url, 'coucou', 400)
428 })
429
430 it('Should return 404 with an incorrect video', async function () {
431 await getVideo(server.url, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
432 })
433
434 it('Should succeed with the correct parameters')
435 })
436
437 describe('When rating a video', function () {
438 let videoId
439
440 before(async function () {
441 const res = await getVideosList(server.url)
442 videoId = res.body.data[0].id
443 })
444
445 it('Should fail without a valid uuid', async function () {
446 const fields = {
447 rating: 'like'
448 }
449 await makePutBodyRequest({ url: server.url, path: path + 'blabla/rate', token: server.accessToken, fields })
450 })
451
452 it('Should fail with an unknown id', async function () {
453 const fields = {
454 rating: 'like'
455 }
456 await makePutBodyRequest({
457 url: server.url,
458 path: path + '4da6fde3-88f7-4d16-b119-108df5630b06/rate',
459 token: server.accessToken,
460 fields,
461 statusCodeExpected: 404
462 })
463 })
464
465 it('Should fail with a wrong rating', async function () {
466 const fields = {
467 rating: 'likes'
468 }
469 await makePutBodyRequest({ url: server.url, path: path + videoId + '/rate', token: server.accessToken, fields })
470 })
471
472 it('Should succeed with the correct parameters', async function () {
473 const fields = {
474 rating: 'like'
475 }
476 await makePutBodyRequest({
477 url: server.url,
478 path: path + videoId + '/rate',
479 token: server.accessToken,
480 fields,
481 statusCodeExpected: 204
482 })
483 })
484 })
485
486 describe('When removing a video', function () {
487 it('Should have 404 with nothing', async function () {
488 await makeDeleteRequest({
489 url: server.url,
490 path,
491 statusCodeExpected: 400
492 })
493 })
494
495 it('Should fail without a correct uuid', async function () {
496 await removeVideo(server.url, server.accessToken, 'hello', 400)
497 })
498
499 it('Should fail with a video which does not exist', async function () {
500 await removeVideo(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
501 })
502
503 it('Should fail with a video of another user')
504
505 it('Should fail with a video of another server')
506
507 it('Should succeed with the correct parameters')
508 })
509
510 after(async function () {
511 killallServers([ server ])
512
513 // Keep the logs if the test failed
514 if (this['ok']) {
515 await flushTests()
516 }
517 })
518 })
ActivityPub-federated video streaming platform using P2P directly in your web browser