server/tests/api/videos/video-privacy.ts

   1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
   2
   3 import * as chai from 'chai'
   4 import 'mocha'
   5 import { VideoPrivacy } from '../../../../shared/models/videos/video-privacy.enum'
   6 import {
   7   cleanupTests,
   8   flushAndRunServer,
   9   getVideosList,
  10   getVideosListWithToken,
  11   ServerInfo,
  12   setAccessTokensToServers,
  13   uploadVideo
  14 } from '../../../../shared/extra-utils/index'
  15 import { doubleFollow } from '../../../../shared/extra-utils/server/follows'
  16 import { userLogin } from '../../../../shared/extra-utils/users/login'
  17 import { createUser } from '../../../../shared/extra-utils/users/users'
  18 import { getMyVideos, getVideo, getVideoWithToken, updateVideo } from '../../../../shared/extra-utils/videos/videos'
  19 import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
  20 import { Video } from '@shared/models'
  21 import { HttpStatusCode } from '@shared/core-utils/miscs/http-error-codes'
  22
  23 const expect = chai.expect
  24
  25 describe('Test video privacy', function () {
  26   const servers: ServerInfo[] = []
  27   let anotherUserToken: string
  28
  29   let privateVideoId: number
  30   let privateVideoUUID: string
  31
  32   let internalVideoId: number
  33   let internalVideoUUID: string
  34
  35   let unlistedVideoUUID: string
  36   let nonFederatedUnlistedVideoUUID: string
  37
  38   let now: number
  39
  40   const dontFederateUnlistedConfig = {
  41     federation: {
  42       videos: {
  43         federate_unlisted: false
  44       }
  45     }
  46   }
  47
  48   before(async function () {
  49     this.timeout(50000)
  50
  51     // Run servers
  52     servers.push(await flushAndRunServer(1, dontFederateUnlistedConfig))
  53     servers.push(await flushAndRunServer(2))
  54
  55     // Get the access tokens
  56     await setAccessTokensToServers(servers)
  57
  58     // Server 1 and server 2 follow each other
  59     await doubleFollow(servers[0], servers[1])
  60   })
  61
  62   it('Should upload a private and internal videos on server 1', async function () {
  63     this.timeout(10000)
  64
  65     for (const privacy of [ VideoPrivacy.PRIVATE, VideoPrivacy.INTERNAL ]) {
  66       const attributes = { privacy }
  67       await uploadVideo(servers[0].url, servers[0].accessToken, attributes)
  68     }
  69
  70     await waitJobs(servers)
  71   })
  72
  73   it('Should not have these private and internal videos on server 2', async function () {
  74     const res = await getVideosList(servers[1].url)
  75
  76     expect(res.body.total).to.equal(0)
  77     expect(res.body.data).to.have.lengthOf(0)
  78   })
  79
  80   it('Should not list the private and internal videos for an unauthenticated user on server 1', async function () {
  81     const res = await getVideosList(servers[0].url)
  82
  83     expect(res.body.total).to.equal(0)
  84     expect(res.body.data).to.have.lengthOf(0)
  85   })
  86
  87   it('Should not list the private video and list the internal video for an authenticated user on server 1', async function () {
  88     const res = await getVideosListWithToken(servers[0].url, servers[0].accessToken)
  89
  90     expect(res.body.total).to.equal(1)
  91     expect(res.body.data).to.have.lengthOf(1)
  92
  93     expect(res.body.data[0].privacy.id).to.equal(VideoPrivacy.INTERNAL)
  94   })
  95
  96   it('Should list my (private and internal) videos', async function () {
  97     const res = await getMyVideos(servers[0].url, servers[0].accessToken, 0, 10)
  98
  99     expect(res.body.total).to.equal(2)
 100     expect(res.body.data).to.have.lengthOf(2)
 101
 102     const videos: Video[] = res.body.data
 103
 104     const privateVideo = videos.find(v => v.privacy.id === VideoPrivacy.PRIVATE)
 105     privateVideoId = privateVideo.id
 106     privateVideoUUID = privateVideo.uuid
 107
 108     const internalVideo = videos.find(v => v.privacy.id === VideoPrivacy.INTERNAL)
 109     internalVideoId = internalVideo.id
 110     internalVideoUUID = internalVideo.uuid
 111   })
 112
 113   it('Should not be able to watch the private/internal video with non authenticated user', async function () {
 114     await getVideo(servers[0].url, privateVideoUUID, HttpStatusCode.UNAUTHORIZED_401)
 115     await getVideo(servers[0].url, internalVideoUUID, HttpStatusCode.UNAUTHORIZED_401)
 116   })
 117
 118   it('Should not be able to watch the private video with another user', async function () {
 119     this.timeout(10000)
 120
 121     const user = {
 122       username: 'hello',
 123       password: 'super password'
 124     }
 125     await createUser({ url: servers[0].url, accessToken: servers[0].accessToken, username: user.username, password: user.password })
 126
 127     anotherUserToken = await userLogin(servers[0], user)
 128     await getVideoWithToken(servers[0].url, anotherUserToken, privateVideoUUID, HttpStatusCode.FORBIDDEN_403)
 129   })
 130
 131   it('Should be able to watch the internal video with another user', async function () {
 132     await getVideoWithToken(servers[0].url, anotherUserToken, internalVideoUUID, HttpStatusCode.OK_200)
 133   })
 134
 135   it('Should be able to watch the private video with the correct user', async function () {
 136     await getVideoWithToken(servers[0].url, servers[0].accessToken, privateVideoUUID, HttpStatusCode.OK_200)
 137   })
 138
 139   it('Should upload an unlisted video on server 2', async function () {
 140     this.timeout(60000)
 141
 142     const attributes = {
 143       name: 'unlisted video',
 144       privacy: VideoPrivacy.UNLISTED
 145     }
 146     await uploadVideo(servers[1].url, servers[1].accessToken, attributes)
 147
 148     // Server 2 has transcoding enabled
 149     await waitJobs(servers)
 150   })
 151
 152   it('Should not have this unlisted video listed on server 1 and 2', async function () {
 153     for (const server of servers) {
 154       const res = await getVideosList(server.url)
 155
 156       expect(res.body.total).to.equal(0)
 157       expect(res.body.data).to.have.lengthOf(0)
 158     }
 159   })
 160
 161   it('Should list my (unlisted) videos', async function () {
 162     const res = await getMyVideos(servers[1].url, servers[1].accessToken, 0, 1)
 163
 164     expect(res.body.total).to.equal(1)
 165     expect(res.body.data).to.have.lengthOf(1)
 166
 167     unlistedVideoUUID = res.body.data[0].uuid
 168   })
 169
 170   it('Should be able to get this unlisted video', async function () {
 171     for (const server of servers) {
 172       const res = await getVideo(server.url, unlistedVideoUUID)
 173
 174       expect(res.body.name).to.equal('unlisted video')
 175     }
 176   })
 177
 178   it('Should upload a non-federating unlisted video to server 1', async function () {
 179     this.timeout(30000)
 180
 181     const attributes = {
 182       name: 'unlisted video',
 183       privacy: VideoPrivacy.UNLISTED
 184     }
 185     await uploadVideo(servers[0].url, servers[0].accessToken, attributes)
 186
 187     await waitJobs(servers)
 188   })
 189
 190   it('Should list my new unlisted video', async function () {
 191     const res = await getMyVideos(servers[0].url, servers[0].accessToken, 0, 3)
 192
 193     expect(res.body.total).to.equal(3)
 194     expect(res.body.data).to.have.lengthOf(3)
 195
 196     nonFederatedUnlistedVideoUUID = res.body.data[0].uuid
 197   })
 198
 199   it('Should be able to get non-federated unlisted video from origin', async function () {
 200     const res = await getVideo(servers[0].url, nonFederatedUnlistedVideoUUID)
 201
 202     expect(res.body.name).to.equal('unlisted video')
 203   })
 204
 205   it('Should not be able to get non-federated unlisted video from federated server', async function () {
 206     await getVideo(servers[1].url, nonFederatedUnlistedVideoUUID, HttpStatusCode.NOT_FOUND_404)
 207   })
 208
 209   it('Should update the private and internal videos to public on server 1', async function () {
 210     this.timeout(10000)
 211
 212     now = Date.now()
 213
 214     {
 215       const attribute = {
 216         name: 'private video becomes public',
 217         privacy: VideoPrivacy.PUBLIC
 218       }
 219
 220       await updateVideo(servers[0].url, servers[0].accessToken, privateVideoId, attribute)
 221     }
 222
 223     {
 224       const attribute = {
 225         name: 'internal video becomes public',
 226         privacy: VideoPrivacy.PUBLIC
 227       }
 228       await updateVideo(servers[0].url, servers[0].accessToken, internalVideoId, attribute)
 229     }
 230
 231     await waitJobs(servers)
 232   })
 233
 234   it('Should have this new public video listed on server 1 and 2', async function () {
 235     for (const server of servers) {
 236       const res = await getVideosList(server.url)
 237       expect(res.body.total).to.equal(2)
 238       expect(res.body.data).to.have.lengthOf(2)
 239
 240       const videos: Video[] = res.body.data
 241       const privateVideo = videos.find(v => v.name === 'private video becomes public')
 242       const internalVideo = videos.find(v => v.name === 'internal video becomes public')
 243
 244       expect(privateVideo).to.not.be.undefined
 245       expect(internalVideo).to.not.be.undefined
 246
 247       expect(new Date(privateVideo.publishedAt).getTime()).to.be.at.least(now)
 248       // We don't change the publish date of internal videos
 249       expect(new Date(internalVideo.publishedAt).getTime()).to.be.below(now)
 250
 251       expect(privateVideo.privacy.id).to.equal(VideoPrivacy.PUBLIC)
 252       expect(internalVideo.privacy.id).to.equal(VideoPrivacy.PUBLIC)
 253     }
 254   })
 255
 256   it('Should set these videos as private and internal', async function () {
 257     this.timeout(10000)
 258
 259     await updateVideo(servers[0].url, servers[0].accessToken, internalVideoId, { privacy: VideoPrivacy.PRIVATE })
 260     await updateVideo(servers[0].url, servers[0].accessToken, privateVideoId, { privacy: VideoPrivacy.INTERNAL })
 261
 262     await waitJobs(servers)
 263
 264     for (const server of servers) {
 265       const res = await getVideosList(server.url)
 266
 267       expect(res.body.total).to.equal(0)
 268       expect(res.body.data).to.have.lengthOf(0)
 269     }
 270
 271     {
 272       const res = await getMyVideos(servers[0].url, servers[0].accessToken, 0, 5)
 273       const videos = res.body.data
 274
 275       expect(res.body.total).to.equal(3)
 276       expect(videos).to.have.lengthOf(3)
 277
 278       const privateVideo = videos.find(v => v.name === 'private video becomes public')
 279       const internalVideo = videos.find(v => v.name === 'internal video becomes public')
 280
 281       expect(privateVideo).to.not.be.undefined
 282       expect(internalVideo).to.not.be.undefined
 283
 284       expect(privateVideo.privacy.id).to.equal(VideoPrivacy.INTERNAL)
 285       expect(internalVideo.privacy.id).to.equal(VideoPrivacy.PRIVATE)
 286     }
 287   })
 288
 289   after(async function () {
 290     await cleanupTests(servers)
 291   })
 292 })