1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
4 import * as chai from 'chai'
10 setAccessTokensToServers,
13 } from '@shared/extra-utils'
14 import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models'
16 const expect = chai.expect
18 describe('Test video privacy', function () {
19 const servers: PeerTubeServer[] = []
20 let anotherUserToken: string
22 let privateVideoId: number
23 let privateVideoUUID: string
25 let internalVideoId: number
26 let internalVideoUUID: string
28 let unlistedVideo: VideoCreateResult
29 let nonFederatedUnlistedVideoUUID: string
33 const dontFederateUnlistedConfig = {
36 federate_unlisted: false
41 before(async function () {
45 servers.push(await createSingleServer(1, dontFederateUnlistedConfig))
46 servers.push(await createSingleServer(2))
48 // Get the access tokens
49 await setAccessTokensToServers(servers)
51 // Server 1 and server 2 follow each other
52 await doubleFollow(servers[0], servers[1])
55 describe('Private and internal videos', function () {
57 it('Should upload a private and internal videos on server 1', async function () {
60 for (const privacy of [ VideoPrivacy.PRIVATE, VideoPrivacy.INTERNAL ]) {
61 const attributes = { privacy }
62 await servers[0].videos.upload({ attributes })
65 await waitJobs(servers)
68 it('Should not have these private and internal videos on server 2', async function () {
69 const { total, data } = await servers[1].videos.list()
71 expect(total).to.equal(0)
72 expect(data).to.have.lengthOf(0)
75 it('Should not list the private and internal videos for an unauthenticated user on server 1', async function () {
76 const { total, data } = await servers[0].videos.list()
78 expect(total).to.equal(0)
79 expect(data).to.have.lengthOf(0)
82 it('Should not list the private video and list the internal video for an authenticated user on server 1', async function () {
83 const { total, data } = await servers[0].videos.listWithToken()
85 expect(total).to.equal(1)
86 expect(data).to.have.lengthOf(1)
88 expect(data[0].privacy.id).to.equal(VideoPrivacy.INTERNAL)
91 it('Should list my (private and internal) videos', async function () {
92 const { total, data } = await servers[0].videos.listMyVideos()
94 expect(total).to.equal(2)
95 expect(data).to.have.lengthOf(2)
97 const privateVideo = data.find(v => v.privacy.id === VideoPrivacy.PRIVATE)
98 privateVideoId = privateVideo.id
99 privateVideoUUID = privateVideo.uuid
101 const internalVideo = data.find(v => v.privacy.id === VideoPrivacy.INTERNAL)
102 internalVideoId = internalVideo.id
103 internalVideoUUID = internalVideo.uuid
106 it('Should not be able to watch the private/internal video with non authenticated user', async function () {
107 await servers[0].videos.get({ id: privateVideoUUID, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
108 await servers[0].videos.get({ id: internalVideoUUID, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
111 it('Should not be able to watch the private video with another user', async function () {
116 password: 'super password'
118 await servers[0].users.create({ username: user.username, password: user.password })
120 anotherUserToken = await servers[0].login.getAccessToken(user)
122 await servers[0].videos.getWithToken({
123 token: anotherUserToken,
124 id: privateVideoUUID,
125 expectedStatus: HttpStatusCode.FORBIDDEN_403
129 it('Should be able to watch the internal video with another user', async function () {
130 await servers[0].videos.getWithToken({ token: anotherUserToken, id: internalVideoUUID })
133 it('Should be able to watch the private video with the correct user', async function () {
134 await servers[0].videos.getWithToken({ id: privateVideoUUID })
138 describe('Unlisted videos', function () {
140 it('Should upload an unlisted video on server 2', async function () {
144 name: 'unlisted video',
145 privacy: VideoPrivacy.UNLISTED
147 await servers[1].videos.upload({ attributes })
149 // Server 2 has transcoding enabled
150 await waitJobs(servers)
153 it('Should not have this unlisted video listed on server 1 and 2', async function () {
154 for (const server of servers) {
155 const { total, data } = await server.videos.list()
157 expect(total).to.equal(0)
158 expect(data).to.have.lengthOf(0)
162 it('Should list my (unlisted) videos', async function () {
163 const { total, data } = await servers[1].videos.listMyVideos()
165 expect(total).to.equal(1)
166 expect(data).to.have.lengthOf(1)
168 unlistedVideo = data[0]
171 it('Should not be able to get this unlisted video using its id', async function () {
172 await servers[1].videos.get({ id: unlistedVideo.id, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
175 it('Should be able to get this unlisted video using its uuid/shortUUID', async function () {
176 for (const server of servers) {
177 for (const id of [ unlistedVideo.uuid, unlistedVideo.shortUUID ]) {
178 const video = await server.videos.get({ id })
180 expect(video.name).to.equal('unlisted video')
185 it('Should upload a non-federating unlisted video to server 1', async function () {
189 name: 'unlisted video',
190 privacy: VideoPrivacy.UNLISTED
192 await servers[0].videos.upload({ attributes })
194 await waitJobs(servers)
197 it('Should list my new unlisted video', async function () {
198 const { total, data } = await servers[0].videos.listMyVideos()
200 expect(total).to.equal(3)
201 expect(data).to.have.lengthOf(3)
203 nonFederatedUnlistedVideoUUID = data[0].uuid
206 it('Should be able to get non-federated unlisted video from origin', async function () {
207 const video = await servers[0].videos.get({ id: nonFederatedUnlistedVideoUUID })
209 expect(video.name).to.equal('unlisted video')
212 it('Should not be able to get non-federated unlisted video from federated server', async function () {
213 await servers[1].videos.get({ id: nonFederatedUnlistedVideoUUID, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
217 describe('Privacy update', function () {
219 it('Should update the private and internal videos to public on server 1', async function () {
226 name: 'private video becomes public',
227 privacy: VideoPrivacy.PUBLIC
230 await servers[0].videos.update({ id: privateVideoId, attributes })
235 name: 'internal video becomes public',
236 privacy: VideoPrivacy.PUBLIC
238 await servers[0].videos.update({ id: internalVideoId, attributes })
242 await waitJobs(servers)
245 it('Should have this new public video listed on server 1 and 2', async function () {
246 for (const server of servers) {
247 const { total, data } = await server.videos.list()
248 expect(total).to.equal(2)
249 expect(data).to.have.lengthOf(2)
251 const privateVideo = data.find(v => v.name === 'private video becomes public')
252 const internalVideo = data.find(v => v.name === 'internal video becomes public')
254 expect(privateVideo).to.not.be.undefined
255 expect(internalVideo).to.not.be.undefined
257 expect(new Date(privateVideo.publishedAt).getTime()).to.be.at.least(now)
258 // We don't change the publish date of internal videos
259 expect(new Date(internalVideo.publishedAt).getTime()).to.be.below(now)
261 expect(privateVideo.privacy.id).to.equal(VideoPrivacy.PUBLIC)
262 expect(internalVideo.privacy.id).to.equal(VideoPrivacy.PUBLIC)
266 it('Should set these videos as private and internal', async function () {
269 await servers[0].videos.update({ id: internalVideoId, attributes: { privacy: VideoPrivacy.PRIVATE } })
270 await servers[0].videos.update({ id: privateVideoId, attributes: { privacy: VideoPrivacy.INTERNAL } })
272 await waitJobs(servers)
274 for (const server of servers) {
275 const { total, data } = await server.videos.list()
277 expect(total).to.equal(0)
278 expect(data).to.have.lengthOf(0)
282 const { total, data } = await servers[0].videos.listMyVideos()
283 expect(total).to.equal(3)
284 expect(data).to.have.lengthOf(3)
286 const privateVideo = data.find(v => v.name === 'private video becomes public')
287 const internalVideo = data.find(v => v.name === 'internal video becomes public')
289 expect(privateVideo).to.not.be.undefined
290 expect(internalVideo).to.not.be.undefined
292 expect(privateVideo.privacy.id).to.equal(VideoPrivacy.INTERNAL)
293 expect(internalVideo.privacy.id).to.equal(VideoPrivacy.PRIVATE)
298 after(async function () {
299 await cleanupTests(servers)