]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blobdiff - server/tests/api/check-params/video-comments.ts
projects / github / Chocobozzz / PeerTube.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add ability to delete history element
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / video-comments.ts
diff --git a/server/tests/api/check-params/video-comments.ts b/server/tests/api/check-params/video-comments.ts
index 92c29da0e796a1dc596e73c538a5f2dbd3627053..829f3c8b12f38bbd905f20de43b8b280474038c9 100644 (file)
--- a/server/tests/api/check-params/video-comments.ts
+++ b/server/tests/api/check-params/video-comments.ts
@@ -2,11 +2,9 @@
 
 import 'mocha'
 import * as chai from 'chai'
-import { HttpStatusCode } from '@shared/core-utils'
+import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
+import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models'
 import {
-  checkBadCountPagination,
-  checkBadSortPagination,
-  checkBadStartPagination,
   cleanupTests,
   createSingleServer,
   makeDeleteRequest,
@@ -14,8 +12,7 @@ import {
   makePostBodyRequest,
   PeerTubeServer,
   setAccessTokensToServers
-} from '@shared/extra-utils'
-import { VideoCreateResult } from '@shared/models'
+} from '@shared/server-commands'
 
 const expect = chai.expect
 
@@ -27,6 +24,8 @@ describe('Test video comments API validator', function () {
   let userAccessToken: string
   let userAccessToken2: string
   let commentId: number
+  let privateCommentId: number
+  let privateVideo: VideoCreateResult
 
   // ---------------------------------------------------------------
 
@@ -42,12 +41,21 @@ describe('Test video comments API validator', function () {
       pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
     }
 
+    {
+      privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
+    }
+
     {
       const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
       commentId = created.id
       pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
     }
 
+    {
+      const created = await server.comments.createThread({ videoId: privateVideo.uuid, text: 'coucou' })
+      privateCommentId = created.id
+    }
+
     {
       const user = { username: 'user1', password: 'my super password' }
       await server.users.create({ username: user.username, password: user.password })
@@ -78,7 +86,33 @@ describe('Test video comments API validator', function () {
       await makeGetRequest({
         url: server.url,
         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
-        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+
+    it('Should fail with a private video without token', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+      })
+    })
+
+    it('Should fail with another user token', async function () {
+      await makeGetRequest({
+        url: server.url,
+        token: userAccessToken,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+
+    it('Should succeed with the correct params', async function () {
+      await makeGetRequest({
+        url: server.url,
+        token: server.accessToken,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+        expectedStatus: HttpStatusCode.OK_200
       })
     })
   })
@@ -88,7 +122,7 @@ describe('Test video comments API validator', function () {
       await makeGetRequest({
         url: server.url,
         path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
-        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
       })
     })
 
@@ -96,15 +130,39 @@ describe('Test video comments API validator', function () {
       await makeGetRequest({
         url: server.url,
         path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
-        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+
+    it('Should fail with a private video without token', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+      })
+    })
+
+    it('Should fail with another user token', async function () {
+      await makeGetRequest({
+        url: server.url,
+        token: userAccessToken,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
       })
     })
 
     it('Should success with the correct params', async function () {
+      await makeGetRequest({
+        url: server.url,
+        token: server.accessToken,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+        expectedStatus: HttpStatusCode.OK_200
+      })
+
       await makeGetRequest({
         url: server.url,
         path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
-        statusCodeExpected: HttpStatusCode.OK_200
+        expectedStatus: HttpStatusCode.OK_200
       })
     })
   })
@@ -120,7 +178,7 @@ describe('Test video comments API validator', function () {
         path: pathThread,
         token: 'none',
         fields,
-        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
       })
     })
 
@@ -153,7 +211,7 @@ describe('Test video comments API validator', function () {
         path,
         token: server.accessToken,
         fields,
-        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
       })
     })
 
@@ -166,7 +224,7 @@ describe('Test video comments API validator', function () {
         path: pathThread,
         token: server.accessToken,
         fields,
-        statusCodeExpected: HttpStatusCode.OK_200
+        expectedStatus: HttpStatusCode.OK_200
       })
     })
   })
@@ -181,7 +239,7 @@ describe('Test video comments API validator', function () {
         path: pathComment,
         token: 'none',
         fields,
-        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
       })
     })
 
@@ -214,7 +272,7 @@ describe('Test video comments API validator', function () {
         path,
         token: server.accessToken,
         fields,
-        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
       })
     })
 
@@ -228,7 +286,7 @@ describe('Test video comments API validator', function () {
         path,
         token: server.accessToken,
         fields,
-        statusCodeExpected: HttpStatusCode.NOT_FOUND_404
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
       })
     })
 
@@ -241,14 +299,14 @@ describe('Test video comments API validator', function () {
         path: pathComment,
         token: server.accessToken,
         fields,
-        statusCodeExpected: HttpStatusCode.OK_200
+        expectedStatus: HttpStatusCode.OK_200
       })
     })
   })
 
   describe('When removing video comments', function () {
     it('Should fail with a non authenticated user', async function () {
-      await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
+      await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
     })
 
     it('Should fail with another user', async function () {
@@ -256,18 +314,18 @@ describe('Test video comments API validator', function () {
         url: server.url,
         path: pathComment,
         token: userAccessToken,
-        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
       })
     })
 
     it('Should fail with an incorrect video', async function () {
       const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
-      await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
+      await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
     })
 
     it('Should fail with an incorrect comment', async function () {
       const path = '/api/v1/videos/' + video.uuid + '/comments/124'
-      await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 })
+      await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
     })
 
     it('Should succeed with the same user', async function () {
@@ -280,8 +338,8 @@ describe('Test video comments API validator', function () {
 
       const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
 
-      await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
-      await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
+      await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+      await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
     })
 
     it('Should succeed with the owner of the video', async function () {
@@ -300,8 +358,8 @@ describe('Test video comments API validator', function () {
 
       const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
 
-      await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
-      await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 })
+      await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+      await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
     })
 
     it('Should succeed with the correct parameters', async function () {
@@ -309,7 +367,7 @@ describe('Test video comments API validator', function () {
         url: server.url,
         path: pathComment,
         token: server.accessToken,
-        statusCodeExpected: HttpStatusCode.NO_CONTENT_204
+        expectedStatus: HttpStatusCode.NO_CONTENT_204
       })
     })
   })
@@ -324,7 +382,7 @@ describe('Test video comments API validator', function () {
       const res = await makeGetRequest({
         url: server.url,
         path: pathThread,
-        statusCodeExpected: HttpStatusCode.OK_200
+        expectedStatus: HttpStatusCode.OK_200
       })
       expect(res.body.total).to.equal(0)
       expect(res.body.data).to.have.lengthOf(0)
@@ -341,7 +399,7 @@ describe('Test video comments API validator', function () {
         path: pathThread,
         token: server.accessToken,
         fields,
-        statusCodeExpected: HttpStatusCode.CONFLICT_409
+        expectedStatus: HttpStatusCode.CONFLICT_409
       })
     })
 
@@ -367,7 +425,7 @@ describe('Test video comments API validator', function () {
       await makeGetRequest({
         url: server.url,
         path,
-        statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
       })
     })
 
@@ -376,7 +434,7 @@ describe('Test video comments API validator', function () {
         url: server.url,
         path,
         token: userAccessToken,
-        statusCodeExpected: HttpStatusCode.FORBIDDEN_403
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
       })
     })
 
@@ -391,7 +449,7 @@ describe('Test video comments API validator', function () {
           searchAccount: 'toto',
           searchVideo: 'toto'
         },
-        statusCodeExpected: HttpStatusCode.OK_200
+        expectedStatus: HttpStatusCode.OK_200
       })
     })
   })
ActivityPub-federated video streaming platform using P2P directly in your web browser