import 'mocha'
import * as chai from 'chai'
-import { HttpStatusCode } from '@shared/core-utils'
+import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
+import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models'
import {
- checkBadCountPagination,
- checkBadSortPagination,
- checkBadStartPagination,
cleanupTests,
- createUser,
- flushAndRunServer,
+ createSingleServer,
makeDeleteRequest,
makeGetRequest,
makePostBodyRequest,
- ServerInfo,
- setAccessTokensToServers,
- uploadVideo
-} from '@shared/extra-utils'
-import { VideoCreateResult } from '@shared/models'
+ PeerTubeServer,
+ setAccessTokensToServers
+} from '@shared/server-commands'
const expect = chai.expect
describe('Test video comments API validator', function () {
let pathThread: string
let pathComment: string
- let server: ServerInfo
+
+ let server: PeerTubeServer
+
let video: VideoCreateResult
+
let userAccessToken: string
let userAccessToken2: string
+
let commentId: number
+ let privateCommentId: number
+ let privateVideo: VideoCreateResult
// ---------------------------------------------------------------
before(async function () {
this.timeout(30000)
- server = await flushAndRunServer(1)
+ server = await createSingleServer(1)
await setAccessTokensToServers([ server ])
{
- const res = await uploadVideo(server.url, server.accessToken, {})
- video = res.body.video
+ video = await server.videos.upload({ attributes: {} })
pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
}
{
- const created = await server.commentsCommand.createThread({ videoId: video.uuid, text: 'coucou' })
+ privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
+ }
+
+ {
+ const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
commentId = created.id
pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
}
+ {
+ const created = await server.comments.createThread({ videoId: privateVideo.uuid, text: 'coucou' })
+ privateCommentId = created.id
+ }
+
{
const user = { username: 'user1', password: 'my super password' }
- await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
- userAccessToken = await server.loginCommand.getAccessToken(user)
+ await server.users.create({ username: user.username, password: user.password })
+ userAccessToken = await server.login.getAccessToken(user)
}
{
const user = { username: 'user2', password: 'my super password' }
- await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
- userAccessToken2 = await server.loginCommand.getAccessToken(user)
+ await server.users.create({ username: user.username, password: user.password })
+ userAccessToken2 = await server.login.getAccessToken(user)
}
})
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
- statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
+ })
+ })
+
+ it('Should fail with a private video without token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+ })
+ })
+
+ it('Should fail with another user token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: userAccessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
+ })
+
+ it('Should succeed with the correct params', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: server.accessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ expectedStatus: HttpStatusCode.OK_200
})
})
})
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
- statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
})
})
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
- statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
+ })
+ })
+
+ it('Should fail with a private video without token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+ })
+ })
+
+ it('Should fail with another user token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: userAccessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
})
})
it('Should success with the correct params', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: server.accessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+ expectedStatus: HttpStatusCode.OK_200
+ })
+
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
- statusCodeExpected: HttpStatusCode.OK_200
+ expectedStatus: HttpStatusCode.OK_200
})
})
})
path: pathThread,
token: 'none',
fields,
- statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
})
})
it('Should fail with an incorrect video', async function () {
const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
- const fields = {
- text: 'super comment'
- }
+ const fields = { text: 'super comment' }
+
await makePostBodyRequest({
url: server.url,
path,
token: server.accessToken,
fields,
- statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
+ })
+ })
+
+ it('Should fail with a private video of another user', async function () {
+ const fields = { text: 'super comment' }
+
+ await makePostBodyRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ token: userAccessToken,
+ fields,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
})
})
it('Should succeed with the correct parameters', async function () {
- const fields = {
- text: 'super comment'
- }
+ const fields = { text: 'super comment' }
+
await makePostBodyRequest({
url: server.url,
path: pathThread,
token: server.accessToken,
fields,
- statusCodeExpected: HttpStatusCode.OK_200
+ expectedStatus: HttpStatusCode.OK_200
})
})
})
describe('When adding a comment to a thread', function () {
+
it('Should fail with a non authenticated user', async function () {
const fields = {
text: 'text'
path: pathComment,
token: 'none',
fields,
- statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
})
})
path,
token: server.accessToken,
fields,
- statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
+ })
+ })
+
+ it('Should fail with a private video of another user', async function () {
+ const fields = { text: 'super comment' }
+
+ await makePostBodyRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.uuid + '/comments/' + privateCommentId,
+ token: userAccessToken,
+ fields,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
})
})
path,
token: server.accessToken,
fields,
- statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
})
})
path: pathComment,
token: server.accessToken,
fields,
- statusCodeExpected: HttpStatusCode.OK_200
+ expectedStatus: HttpStatusCode.OK_200
})
})
})
describe('When removing video comments', function () {
it('Should fail with a non authenticated user', async function () {
- await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
+ await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
})
it('Should fail with another user', async function () {
url: server.url,
path: pathComment,
token: userAccessToken,
- statusCodeExpected: HttpStatusCode.FORBIDDEN_403
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
})
})
it('Should fail with an incorrect video', async function () {
const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
- await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
+ await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
})
it('Should fail with an incorrect comment', async function () {
const path = '/api/v1/videos/' + video.uuid + '/comments/124'
- await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
+ await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
})
it('Should succeed with the same user', async function () {
let commentToDelete: number
{
- const created = await server.commentsCommand.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
+ const created = await server.comments.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
commentToDelete = created.id
}
const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
- await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
- await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
+ await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+ await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
})
it('Should succeed with the owner of the video', async function () {
let anotherVideoUUID: string
{
- const res = await uploadVideo(server.url, userAccessToken, { name: 'video' })
- anotherVideoUUID = res.body.video.uuid
+ const { uuid } = await server.videos.upload({ token: userAccessToken, attributes: { name: 'video' } })
+ anotherVideoUUID = uuid
}
{
- const created = await server.commentsCommand.createThread({ videoId: anotherVideoUUID, text: 'hello' })
+ const created = await server.comments.createThread({ videoId: anotherVideoUUID, text: 'hello' })
commentToDelete = created.id
}
const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
- await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
- await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
+ await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+ await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
})
it('Should succeed with the correct parameters', async function () {
url: server.url,
path: pathComment,
token: server.accessToken,
- statusCodeExpected: HttpStatusCode.NO_CONTENT_204
+ expectedStatus: HttpStatusCode.NO_CONTENT_204
})
})
})
describe('When a video has comments disabled', function () {
before(async function () {
- const res = await uploadVideo(server.url, server.accessToken, { commentsEnabled: false })
- video = res.body.video
+ video = await server.videos.upload({ attributes: { commentsEnabled: false } })
pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
})
const res = await makeGetRequest({
url: server.url,
path: pathThread,
- statusCodeExpected: HttpStatusCode.OK_200
+ expectedStatus: HttpStatusCode.OK_200
})
expect(res.body.total).to.equal(0)
expect(res.body.data).to.have.lengthOf(0)
path: pathThread,
token: server.accessToken,
fields,
- statusCodeExpected: HttpStatusCode.CONFLICT_409
+ expectedStatus: HttpStatusCode.CONFLICT_409
})
})
await makeGetRequest({
url: server.url,
path,
- statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
})
})
url: server.url,
path,
token: userAccessToken,
- statusCodeExpected: HttpStatusCode.FORBIDDEN_403
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
})
})
searchAccount: 'toto',
searchVideo: 'toto'
},
- statusCodeExpected: HttpStatusCode.OK_200
+ expectedStatus: HttpStatusCode.OK_200
})
})
})
projects / github / Chocobozzz / PeerTube.git / blobdiff