-/* tslint:disable:no-unused-expression */
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
import 'mocha'
-import * as request from 'supertest'
-import { flushTests, killallServers, makePostBodyRequest, runServer, ServerInfo, setAccessTokensToServers, uploadVideo } from '../../utils'
-import { addVideoCommentThread } from '../../utils/video-comments'
+import * as chai from 'chai'
+import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
+import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models'
+import {
+ cleanupTests,
+ createSingleServer,
+ makeDeleteRequest,
+ makeGetRequest,
+ makePostBodyRequest,
+ PeerTubeServer,
+ setAccessTokensToServers
+} from '@shared/server-commands'
+
+const expect = chai.expect
describe('Test video comments API validator', function () {
let pathThread: string
let pathComment: string
- let server: ServerInfo
- let videoUUID: string
+
+ let server: PeerTubeServer
+
+ let video: VideoCreateResult
+
+ let userAccessToken: string
+ let userAccessToken2: string
+
let commentId: number
+ let privateCommentId: number
+ let privateVideo: VideoCreateResult
// ---------------------------------------------------------------
before(async function () {
- this.timeout(20000)
+ this.timeout(30000)
- await flushTests()
-
- server = await runServer(1)
+ server = await createSingleServer(1)
await setAccessTokensToServers([ server ])
{
- const res = await uploadVideo(server.url, server.accessToken, {})
- videoUUID = res.body.video.uuid
- pathThread = '/api/v1/videos/' + videoUUID + '/comment-threads'
+ video = await server.videos.upload({ attributes: {} })
+ pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
+ }
+
+ {
+ privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
+ }
+
+ {
+ const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
+ commentId = created.id
+ pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
+ }
+
+ {
+ const created = await server.comments.createThread({ videoId: privateVideo.uuid, text: 'coucou' })
+ privateCommentId = created.id
+ }
+
+ {
+ const user = { username: 'user1', password: 'my super password' }
+ await server.users.create({ username: user.username, password: user.password })
+ userAccessToken = await server.login.getAccessToken(user)
}
{
- const res = await addVideoCommentThread(server.url, server.accessToken, videoUUID, 'coucou')
- commentId = res.body.comment.id
- pathComment = '/api/v1/videos/' + videoUUID + '/comments/' + commentId
+ const user = { username: 'user2', password: 'my super password' }
+ await server.users.create({ username: user.username, password: user.password })
+ userAccessToken2 = await server.login.getAccessToken(user)
}
})
describe('When listing video comment threads', function () {
it('Should fail with a bad start pagination', async function () {
- await request(server.url)
- .get(pathThread)
- .query({ start: 'hello' })
- .set('Accept', 'application/json')
- .expect(400)
+ await checkBadStartPagination(server.url, pathThread, server.accessToken)
})
it('Should fail with a bad count pagination', async function () {
- await request(server.url)
- .get(pathThread)
- .query({ count: 'hello' })
- .set('Accept', 'application/json')
- .expect(400)
+ await checkBadCountPagination(server.url, pathThread, server.accessToken)
})
it('Should fail with an incorrect sort', async function () {
- await request(server.url)
- .get(pathThread)
- .query({ sort: 'hello' })
- .set('Accept', 'application/json')
- .expect(400)
+ await checkBadSortPagination(server.url, pathThread, server.accessToken)
})
it('Should fail with an incorrect video', async function () {
- await request(server.url)
- .get('/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads')
- .set('Accept', 'application/json')
- .expect(404)
+ await makeGetRequest({
+ url: server.url,
+ path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
+ })
+ })
+
+ it('Should fail with a private video without token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+ })
+ })
+
+ it('Should fail with another user token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: userAccessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
+ })
+
+ it('Should succeed with the correct params', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: server.accessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ expectedStatus: HttpStatusCode.OK_200
+ })
})
})
describe('When listing comments of a thread', function () {
it('Should fail with an incorrect video', async function () {
- await request(server.url)
- .get('/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId)
- .set('Accept', 'application/json')
- .expect(404)
+ await makeGetRequest({
+ url: server.url,
+ path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
+ })
})
it('Should fail with an incorrect thread id', async function () {
- await request(server.url)
- .get('/api/v1/videos/' + videoUUID + '/comment-threads/156')
- .set('Accept', 'application/json')
- .expect(404)
+ await makeGetRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
+ })
+ })
+
+ it('Should fail with a private video without token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+ })
+ })
+
+ it('Should fail with another user token', async function () {
+ await makeGetRequest({
+ url: server.url,
+ token: userAccessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
})
it('Should success with the correct params', async function () {
- await request(server.url)
- .get('/api/v1/videos/' + videoUUID + '/comment-threads/' + commentId)
- .set('Accept', 'application/json')
- .expect(200)
+ await makeGetRequest({
+ url: server.url,
+ token: server.accessToken,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+ expectedStatus: HttpStatusCode.OK_200
+ })
+
+ await makeGetRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
+ expectedStatus: HttpStatusCode.OK_200
+ })
})
})
const fields = {
text: 'text'
}
- await makePostBodyRequest({ url: server.url, path: pathThread, token: 'none', fields, statusCodeExpected: 401 })
+ await makePostBodyRequest({
+ url: server.url,
+ path: pathThread,
+ token: 'none',
+ fields,
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+ })
})
it('Should fail with nothing', async function () {
it('Should fail with a short comment', async function () {
const fields = {
- text: 'h'.repeat(3001)
+ text: ''
}
await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
})
it('Should fail with a long comment', async function () {
const fields = {
- text: 'h'.repeat(3001)
+ text: 'h'.repeat(10001)
}
await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
})
it('Should fail with an incorrect video', async function () {
const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
- const fields = {
- text: 'super comment'
- }
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 404 })
+ const fields = { text: 'super comment' }
+
+ await makePostBodyRequest({
+ url: server.url,
+ path,
+ token: server.accessToken,
+ fields,
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
+ })
+ })
+
+ it('Should fail with a private video of another user', async function () {
+ const fields = { text: 'super comment' }
+
+ await makePostBodyRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+ token: userAccessToken,
+ fields,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
})
it('Should succeed with the correct parameters', async function () {
- const fields = {
- text: 'super comment'
- }
- await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields, statusCodeExpected: 200 })
+ const fields = { text: 'super comment' }
+
+ await makePostBodyRequest({
+ url: server.url,
+ path: pathThread,
+ token: server.accessToken,
+ fields,
+ expectedStatus: HttpStatusCode.OK_200
+ })
})
})
describe('When adding a comment to a thread', function () {
+
it('Should fail with a non authenticated user', async function () {
const fields = {
text: 'text'
}
- await makePostBodyRequest({ url: server.url, path: pathComment, token: 'none', fields, statusCodeExpected: 401 })
+ await makePostBodyRequest({
+ url: server.url,
+ path: pathComment,
+ token: 'none',
+ fields,
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+ })
})
it('Should fail with nothing', async function () {
it('Should fail with a short comment', async function () {
const fields = {
- text: 'h'.repeat(3001)
+ text: ''
}
await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
})
it('Should fail with a long comment', async function () {
const fields = {
- text: 'h'.repeat(3001)
+ text: 'h'.repeat(10001)
}
await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
})
const fields = {
text: 'super comment'
}
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 404 })
+ await makePostBodyRequest({
+ url: server.url,
+ path,
+ token: server.accessToken,
+ fields,
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
+ })
+ })
+
+ it('Should fail with a private video of another user', async function () {
+ const fields = { text: 'super comment' }
+
+ await makePostBodyRequest({
+ url: server.url,
+ path: '/api/v1/videos/' + privateVideo.uuid + '/comments/' + privateCommentId,
+ token: userAccessToken,
+ fields,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
})
it('Should fail with an incorrect comment', async function () {
- const path = '/api/v1/videos/' + videoUUID + '/comments/124'
+ const path = '/api/v1/videos/' + video.uuid + '/comments/124'
const fields = {
text: 'super comment'
}
- await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 404 })
+ await makePostBodyRequest({
+ url: server.url,
+ path,
+ token: server.accessToken,
+ fields,
+ expectedStatus: HttpStatusCode.NOT_FOUND_404
+ })
})
it('Should succeed with the correct parameters', async function () {
const fields = {
text: 'super comment'
}
- await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields, statusCodeExpected: 200 })
+ await makePostBodyRequest({
+ url: server.url,
+ path: pathComment,
+ token: server.accessToken,
+ fields,
+ expectedStatus: HttpStatusCode.OK_200
+ })
})
})
- after(async function () {
- killallServers([ server ])
+ describe('When removing video comments', function () {
+ it('Should fail with a non authenticated user', async function () {
+ await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
+ })
- // Keep the logs if the test failed
- if (this['ok']) {
- await flushTests()
- }
+ it('Should fail with another user', async function () {
+ await makeDeleteRequest({
+ url: server.url,
+ path: pathComment,
+ token: userAccessToken,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
+ })
+
+ it('Should fail with an incorrect video', async function () {
+ const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
+ await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
+ })
+
+ it('Should fail with an incorrect comment', async function () {
+ const path = '/api/v1/videos/' + video.uuid + '/comments/124'
+ await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
+ })
+
+ it('Should succeed with the same user', async function () {
+ let commentToDelete: number
+
+ {
+ const created = await server.comments.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
+ commentToDelete = created.id
+ }
+
+ const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
+
+ await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+ await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
+ })
+
+ it('Should succeed with the owner of the video', async function () {
+ let commentToDelete: number
+ let anotherVideoUUID: string
+
+ {
+ const { uuid } = await server.videos.upload({ token: userAccessToken, attributes: { name: 'video' } })
+ anotherVideoUUID = uuid
+ }
+
+ {
+ const created = await server.comments.createThread({ videoId: anotherVideoUUID, text: 'hello' })
+ commentToDelete = created.id
+ }
+
+ const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
+
+ await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+ await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
+ })
+
+ it('Should succeed with the correct parameters', async function () {
+ await makeDeleteRequest({
+ url: server.url,
+ path: pathComment,
+ token: server.accessToken,
+ expectedStatus: HttpStatusCode.NO_CONTENT_204
+ })
+ })
+ })
+
+ describe('When a video has comments disabled', function () {
+ before(async function () {
+ video = await server.videos.upload({ attributes: { commentsEnabled: false } })
+ pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
+ })
+
+ it('Should return an empty thread list', async function () {
+ const res = await makeGetRequest({
+ url: server.url,
+ path: pathThread,
+ expectedStatus: HttpStatusCode.OK_200
+ })
+ expect(res.body.total).to.equal(0)
+ expect(res.body.data).to.have.lengthOf(0)
+ })
+
+ it('Should return an thread comments list')
+
+ it('Should return conflict on thread add', async function () {
+ const fields = {
+ text: 'super comment'
+ }
+ await makePostBodyRequest({
+ url: server.url,
+ path: pathThread,
+ token: server.accessToken,
+ fields,
+ expectedStatus: HttpStatusCode.CONFLICT_409
+ })
+ })
+
+ it('Should return conflict on comment thread add')
+ })
+
+ describe('When listing admin comments threads', function () {
+ const path = '/api/v1/videos/comments'
+
+ it('Should fail with a bad start pagination', async function () {
+ await checkBadStartPagination(server.url, path, server.accessToken)
+ })
+
+ it('Should fail with a bad count pagination', async function () {
+ await checkBadCountPagination(server.url, path, server.accessToken)
+ })
+
+ it('Should fail with an incorrect sort', async function () {
+ await checkBadSortPagination(server.url, path, server.accessToken)
+ })
+
+ it('Should fail with a non authenticated user', async function () {
+ await makeGetRequest({
+ url: server.url,
+ path,
+ expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+ })
+ })
+
+ it('Should fail with a non admin user', async function () {
+ await makeGetRequest({
+ url: server.url,
+ path,
+ token: userAccessToken,
+ expectedStatus: HttpStatusCode.FORBIDDEN_403
+ })
+ })
+
+ it('Should succeed with the correct params', async function () {
+ await makeGetRequest({
+ url: server.url,
+ path,
+ token: server.accessToken,
+ query: {
+ isLocal: false,
+ search: 'toto',
+ searchAccount: 'toto',
+ searchVideo: 'toto'
+ },
+ expectedStatus: HttpStatusCode.OK_200
+ })
+ })
+ })
+
+ after(async function () {
+ await cleanupTests([ server ])
})
})