/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
-import 'mocha'
-import * as chai from 'chai'
+import { expect } from 'chai'
import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
-import { HttpStatusCode, VideoCreateResult } from '@shared/models'
+import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models'
import {
cleanupTests,
createSingleServer,
setAccessTokensToServers
} from '@shared/server-commands'
-const expect = chai.expect
-
describe('Test video comments API validator', function () {
let pathThread: string
let pathComment: string
+
let server: PeerTubeServer
+
let video: VideoCreateResult
+
let userAccessToken: string
let userAccessToken2: string
+
let commentId: number
+ let privateCommentId: number
+ let privateVideo: VideoCreateResult
// ---------------------------------------------------------------
pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
}
+ {
+ privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
+ }
+
{
const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
commentId = created.id
pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
}
+ {
+ const created = await server.comments.createThread({ videoId: privateVideo.uuid, text: 'coucou' })
+ privateCommentId = created.id
+ }
+
{
const user = { username: 'user1', password: 'my super password' }
await server.users.create({ username: user.username, password: user.password })
expectedStatus: HttpStatusCode.NOT_FOUND_404
})
})
+
+ it('Should fail with a private video without token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+ })
+ })
+
+ it('Should fail with another user token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: userAccessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
+ })
+
+ it('Should succeed with the correct params', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: server.accessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ expectedStatus: HttpStatusCode.OK_200
+ })
+ })
})
describe('When listing comments of a thread', function () {
})
})
+ it('Should fail with a private video without token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+ })
+ })
+
+ it('Should fail with another user token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: userAccessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
+ })
+
it('Should success with the correct params', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: server.accessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+ expectedStatus: HttpStatusCode.OK_200
+ })
+
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
it('Should fail with an incorrect video', async function () {
const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
- const fields = {
- text: 'super comment'
- }
+ const fields = { text: 'super comment' }
+
await makePostBodyRequest({
url: server.url,
path,
})
})
+ it('Should fail with a private video of another user', async function () {
+ const fields = { text: 'super comment' }
+
+ await makePostBodyRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ token: userAccessToken,
+ fields,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
+ })
+
it('Should succeed with the correct parameters', async function () {
- const fields = {
- text: 'super comment'
- }
+ const fields = { text: 'super comment' }
+
await makePostBodyRequest({
url: server.url,
path: pathThread,
})
describe('When adding a comment to a thread', function () {
+
it('Should fail with a non authenticated user', async function () {
const fields = {
text: 'text'
})
})
+ it('Should fail with a private video of another user', async function () {
+ const fields = { text: 'super comment' }
+
+ await makePostBodyRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.uuid + '/comments/' + privateCommentId,
+ token: userAccessToken,
+ fields,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
+ })
+
it('Should fail with an incorrect comment', async function () {
const path = '/api/v1/videos/' + video.uuid + '/comments/124'
const fields = {
projects / github / Chocobozzz / PeerTube.git / blobdiff