]>
git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/checkParams.js
3 const chai
= require('chai')
4 const expect
= chai
.expect
5 const pathUtils
= require('path')
6 const request
= require('supertest')
7 const series
= require('async/series')
9 const utils
= require('./utils')
11 describe('Test parameters validator', function () {
14 function makePostRequest (path
, token
, fields
, attaches
, done
, statusCodeExpected
) {
15 if (!statusCodeExpected
) statusCodeExpected
= 400
17 const req
= request(server
.url
)
19 .set('Accept', 'application/json')
21 if (token
) req
.set('Authorization', 'Bearer ' + token
)
23 Object
.keys(fields
).forEach(function (field
) {
24 const value
= fields
[field
]
26 if (Array
.isArray(value
)) {
27 for (let i
= 0; i
< value
.length
; i
++) {
28 req
.field(field
+ '[' + i
+ ']', value
[i
])
31 req
.field(field
, value
)
35 Object
.keys(attaches
).forEach(function (attach
) {
36 const value
= attaches
[attach
]
37 req
.attach(attach
, value
)
40 req
.expect(statusCodeExpected
, done
)
43 function makePostBodyRequest (path
, token
, fields
, done
, statusCodeExpected
) {
44 if (!statusCodeExpected
) statusCodeExpected
= 400
46 const req
= request(server
.url
)
48 .set('Accept', 'application/json')
50 if (token
) req
.set('Authorization', 'Bearer ' + token
)
52 req
.send(fields
).expect(statusCodeExpected
, done
)
55 function makePutBodyRequest (path
, token
, fields
, done
, statusCodeExpected
) {
56 if (!statusCodeExpected
) statusCodeExpected
= 400
58 const req
= request(server
.url
)
60 .set('Accept', 'application/json')
62 if (token
) req
.set('Authorization', 'Bearer ' + token
)
64 req
.send(fields
).expect(statusCodeExpected
, done
)
67 // ---------------------------------------------------------------
69 before(function (done
) {
74 utils
.flushTests(next
)
77 utils
.runServer(1, function (server1
) {
84 utils
.loginAndGetAccessToken(server
, function (err
, token
) {
86 server
.accessToken
= token
94 describe('Of the pods API', function () {
95 const path
= '/api/v1/pods/'
97 describe('When adding a pod', function () {
98 it('Should fail with nothing', function (done
) {
100 makePostBodyRequest(path
, null, data
, done
)
103 it('Should fail without public key', function (done
) {
105 url: 'http://coucou.com'
107 makePostBodyRequest(path
, null, data
, done
)
110 it('Should fail without an url', function (done
) {
112 publicKey: 'mysuperpublickey'
114 makePostBodyRequest(path
, null, data
, done
)
117 it('Should fail with an incorrect url', function (done
) {
120 publicKey: 'mysuperpublickey'
122 makePostBodyRequest(path
, null, data
, function () {
123 data
.url
= 'http://coucou'
124 makePostBodyRequest(path
, null, data
, function () {
126 makePostBodyRequest(path
, null, data
, done
)
131 it('Should succeed with the correct parameters', function (done
) {
133 url: 'http://coucou.com',
134 publicKey: 'mysuperpublickey'
136 makePostBodyRequest(path
, null, data
, done
, 200)
140 describe('For the friends API', function () {
141 let userAccessToken
= null
143 before(function (done
) {
144 utils
.createUser(server
.url
, server
.accessToken
, 'user1', 'password', function () {
150 utils
.loginAndGetAccessToken(server
, function (err
, accessToken
) {
153 userAccessToken
= accessToken
160 describe('When making friends', function () {
161 it('Should fail with a invalid token', function (done
) {
163 .get(path
+ '/makefriends')
164 .query({ start: 'hello' })
165 .set('Authorization', 'Bearer faketoken')
166 .set('Accept', 'application/json')
170 it('Should fail if the user is not an administrator', function (done
) {
172 .get(path
+ '/makefriends')
173 .query({ start: 'hello' })
174 .set('Authorization', 'Bearer ' + userAccessToken
)
175 .set('Accept', 'application/json')
180 describe('When quitting friends', function () {
181 it('Should fail with a invalid token', function (done
) {
183 .get(path
+ '/quitfriends')
184 .query({ start: 'hello' })
185 .set('Authorization', 'Bearer faketoken')
186 .set('Accept', 'application/json')
190 it('Should fail if the user is not an administrator', function (done
) {
192 .get(path
+ '/quitfriends')
193 .query({ start: 'hello' })
194 .set('Authorization', 'Bearer ' + userAccessToken
)
195 .set('Accept', 'application/json')
202 describe('Of the videos API', function () {
203 const path
= '/api/v1/videos/'
205 describe('When listing a video', function () {
206 it('Should fail with a bad start pagination', function (done
) {
209 .query({ start: 'hello' })
210 .set('Accept', 'application/json')
214 it('Should fail with a bad count pagination', function (done
) {
217 .query({ count: 'hello' })
218 .set('Accept', 'application/json')
222 it('Should fail with an incorrect sort', function (done
) {
225 .query({ sort: 'hello' })
226 .set('Accept', 'application/json')
231 describe('When searching a video', function () {
232 it('Should fail with nothing', function (done
) {
234 .get(pathUtils
.join(path
, 'search'))
235 .set('Accept', 'application/json')
239 it('Should fail with a bad start pagination', function (done
) {
241 .get(pathUtils
.join(path
, 'search', 'test'))
242 .query({ start: 'hello' })
243 .set('Accept', 'application/json')
247 it('Should fail with a bad count pagination', function (done
) {
249 .get(pathUtils
.join(path
, 'search', 'test'))
250 .query({ count: 'hello' })
251 .set('Accept', 'application/json')
255 it('Should fail with an incorrect sort', function (done
) {
257 .get(pathUtils
.join(path
, 'search', 'test'))
258 .query({ sort: 'hello' })
259 .set('Accept', 'application/json')
264 describe('When adding a video', function () {
265 it('Should fail with nothing', function (done
) {
268 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
271 it('Should fail without name', function (done
) {
273 description: 'my super description',
274 tags: [ 'tag1', 'tag2' ]
277 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
279 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
282 it('Should fail with a long name', function (done
) {
284 name: 'My very very very very very very very very very very very very very very very very long name',
285 description: 'my super description',
286 tags: [ 'tag1', 'tag2' ]
289 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
291 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
294 it('Should fail without description', function (done
) {
296 name: 'my super name',
297 tags: [ 'tag1', 'tag2' ]
300 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
302 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
305 it('Should fail with a long description', function (done
) {
307 name: 'my super name',
308 description: 'my super description which is very very very very very very very very very very very very very very' +
309 'very very very very very very very very very very very very very very very very very very very very very' +
310 'very very very very very very very very very very very very very very very long',
311 tags: [ 'tag1', 'tag2' ]
314 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
316 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
319 it('Should fail without tags', function (done
) {
321 name: 'my super name',
322 description: 'my super description'
325 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
327 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
330 it('Should fail with too many tags', function (done
) {
332 name: 'my super name',
333 description: 'my super description',
334 tags: [ 'tag1', 'tag2', 'tag3', 'tag4' ]
337 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
339 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
342 it('Should fail with not enough tags', function (done
) {
344 name: 'my super name',
345 description: 'my super description',
349 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
351 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
354 it('Should fail with a tag length too low', function (done
) {
356 name: 'my super name',
357 description: 'my super description',
358 tags: [ 'tag1', 't' ]
361 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
363 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
366 it('Should fail with a tag length too big', function (done
) {
368 name: 'my super name',
369 description: 'my super description',
370 tags: [ 'mysupertagtoolong', 'tag1' ]
373 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
375 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
378 it('Should fail with malformed tags', function (done
) {
380 name: 'my super name',
381 description: 'my super description',
385 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
387 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
390 it('Should fail without an input file', function (done
) {
392 name: 'my super name',
393 description: 'my super description',
394 tags: [ 'tag1', 'tag2' ]
397 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
400 it('Should fail without an incorrect input file', function (done
) {
402 name: 'my super name',
403 description: 'my super description',
404 tags: [ 'tag1', 'tag2' ]
407 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short_fake.webm')
409 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
412 it('Should fail with a too big duration', function (done
) {
414 name: 'my super name',
415 description: 'my super description',
416 tags: [ 'tag1', 'tag2' ]
419 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_too_long.webm')
421 makePostRequest(path
, server
.accessToken
, data
, attach
, done
)
424 it('Should succeed with the correct parameters', function (done
) {
426 name: 'my super name',
427 description: 'my super description',
428 tags: [ 'tag1', 'tag2' ]
431 'videofile': pathUtils
.join(__dirname
, 'fixtures', 'video_short.webm')
433 makePostRequest(path
, server
.accessToken
, data
, attach
, function () {
434 attach
.videofile
= pathUtils
.join(__dirname
, 'fixtures', 'video_short.mp4')
435 makePostRequest(path
, server
.accessToken
, data
, attach
, function () {
436 attach
.videofile
= pathUtils
.join(__dirname
, 'fixtures', 'video_short.ogv')
437 makePostRequest(path
, server
.accessToken
, data
, attach
, done
, 204)
443 describe('When getting a video', function () {
444 it('Should return the list of the videos with nothing', function (done
) {
447 .set('Accept', 'application/json')
449 .expect('Content-Type', /json/)
450 .end(function (err
, res
) {
453 expect(res
.body
.data
).to
.be
.an('array')
454 expect(res
.body
.data
.length
).to
.equal(3)
460 it('Should fail without a mongodb id', function (done
) {
462 .get(path
+ 'coucou')
463 .set('Accept', 'application/json')
467 it('Should return 404 with an incorrect video', function (done
) {
469 .get(path
+ '123456789012345678901234')
470 .set('Accept', 'application/json')
474 it('Should succeed with the correct parameters')
477 describe('When removing a video', function () {
478 it('Should have 404 with nothing', function (done
) {
481 .set('Authorization', 'Bearer ' + server
.accessToken
)
485 it('Should fail without a mongodb id', function (done
) {
487 .delete(path
+ 'hello')
488 .set('Authorization', 'Bearer ' + server
.accessToken
)
492 it('Should fail with a video which does not exist', function (done
) {
494 .delete(path
+ '123456789012345678901234')
495 .set('Authorization', 'Bearer ' + server
.accessToken
)
499 it('Should fail with a video of another pod')
501 it('Should succeed with the correct parameters')
505 describe('Of the users API', function () {
506 const path
= '/api/v1/users/'
508 let userAccessToken
= null
510 describe('When adding a new user', function () {
511 it('Should fail with a too small username', function (done
) {
514 password: 'mysuperpassword'
517 makePostBodyRequest(path
, server
.accessToken
, data
, done
)
520 it('Should fail with a too long username', function (done
) {
522 username: 'mysuperusernamewhichisverylong',
523 password: 'mysuperpassword'
526 makePostBodyRequest(path
, server
.accessToken
, data
, done
)
529 it('Should fail with an incorrect username', function (done
) {
531 username: 'my username',
532 password: 'mysuperpassword'
535 makePostBodyRequest(path
, server
.accessToken
, data
, done
)
538 it('Should fail with a too small password', function (done
) {
540 username: 'myusername',
544 makePostBodyRequest(path
, server
.accessToken
, data
, done
)
547 it('Should fail with a too long password', function (done
) {
549 username: 'myusername',
550 password: 'my super long password which is very very very very very very very very very very very very very very' +
551 'very very very very very very very very very very very very very very very veryv very very very very' +
552 'very very very very very very very very very very very very very very very very very very very very long'
555 makePostBodyRequest(path
, server
.accessToken
, data
, done
)
558 it('Should fail with an non authenticated user', function (done
) {
560 username: 'myusername',
561 password: 'my super password'
564 makePostBodyRequest(path
, 'super token', data
, done
, 401)
567 it('Should succeed with the correct params', function (done
) {
570 password: 'my super password'
573 makePostBodyRequest(path
, server
.accessToken
, data
, done
, 204)
576 it('Should fail with a non admin user', function (done
) {
579 password: 'my super password'
582 utils
.loginAndGetAccessToken(server
, function (err
, accessToken
) {
585 userAccessToken
= accessToken
589 password: 'my super password'
592 makePostBodyRequest(path
, userAccessToken
, data
, done
, 403)
597 describe('When updating a user', function () {
598 before(function (done
) {
599 utils
.getUsersList(server
.url
, function (err
, res
) {
602 userId
= res
.body
.data
[1].id
607 it('Should fail with a too small password', function (done
) {
612 makePutBodyRequest(path
+ userId
, userAccessToken
, data
, done
)
615 it('Should fail with a too long password', function (done
) {
617 password: 'my super long password which is very very very very very very very very very very very very very very' +
618 'very very very very very very very very very very very very very very very veryv very very very very' +
619 'very very very very very very very very very very very very very very very very very very very very long'
622 makePutBodyRequest(path
+ userId
, userAccessToken
, data
, done
)
625 it('Should fail with an non authenticated user', function (done
) {
627 password: 'my super password'
630 makePutBodyRequest(path
+ userId
, 'super token', data
, done
, 401)
633 it('Should succeed with the correct params', function (done
) {
635 password: 'my super password'
638 makePutBodyRequest(path
+ userId
, userAccessToken
, data
, done
, 204)
642 describe('When getting my information', function () {
643 it('Should fail with a non authenticated user', function (done
) {
646 .set('Authorization', 'Bearer faketoken')
647 .set('Accept', 'application/json')
651 it('Should success with the correct parameters', function (done
) {
654 .set('Authorization', 'Bearer ' + userAccessToken
)
655 .set('Accept', 'application/json')
660 describe('When removing an user', function () {
661 it('Should fail with an incorrect username', function (done
) {
663 .delete(path
+ 'bla-bla')
664 .set('Authorization', 'Bearer ' + server
.accessToken
)
668 it('Should return 404 with a non existing username', function (done
) {
670 .delete(path
+ 'qzzerg')
671 .set('Authorization', 'Bearer ' + server
.accessToken
)
675 it('Should success with the correct parameters', function (done
) {
677 .delete(path
+ 'user1')
678 .set('Authorization', 'Bearer ' + server
.accessToken
)
684 describe('Of the remote videos API', function () {
685 describe('When making a secure request', function () {
686 it('Should check a secure request')
689 describe('When adding a video', function () {
690 it('Should check when adding a video')
693 describe('When removing a video', function () {
694 it('Should check when removing a video')
698 after(function (done
) {
699 process
.kill(-server
.app
.pid
)
701 // Keep the logs if the test failed
703 utils
.flushTests(done
)