'use strict'
-const async = require('async')
const chai = require('chai')
const expect = chai.expect
const pathUtils = require('path')
const request = require('supertest')
+const series = require('async/series')
-const utils = require('./utils')
+const loginUtils = require('../utils/login')
+const serversUtils = require('../utils/servers')
+const usersUtils = require('../utils/users')
describe('Test parameters validator', function () {
let server = null
- function makePostRequest (path, token, fields, attaches, done, fail) {
- let statusCode = 400
- if (fail !== undefined && fail === false) statusCode = 204
+ function makePostRequest (path, token, fields, attaches, done, statusCodeExpected) {
+ if (!statusCodeExpected) statusCodeExpected = 400
const req = request(server.url)
.post(path)
req.attach(attach, value)
})
- req.expect(statusCode, done)
+ req.expect(statusCodeExpected, done)
}
- function makePostBodyRequest (path, fields, done, fail) {
- let statusCode = 400
- if (fail !== undefined && fail === false) statusCode = 200
+ function makePostBodyRequest (path, token, fields, done, statusCodeExpected) {
+ if (!statusCodeExpected) statusCodeExpected = 400
- request(server.url)
+ const req = request(server.url)
.post(path)
.set('Accept', 'application/json')
- .send(fields)
- .expect(statusCode, done)
+
+ if (token) req.set('Authorization', 'Bearer ' + token)
+
+ req.send(fields).expect(statusCodeExpected, done)
+ }
+
+ function makePutBodyRequest (path, token, fields, done, statusCodeExpected) {
+ if (!statusCodeExpected) statusCodeExpected = 400
+
+ const req = request(server.url)
+ .put(path)
+ .set('Accept', 'application/json')
+
+ if (token) req.set('Authorization', 'Bearer ' + token)
+
+ req.send(fields).expect(statusCodeExpected, done)
}
// ---------------------------------------------------------------
before(function (done) {
this.timeout(20000)
- async.series([
+ series([
function (next) {
- utils.flushTests(next)
+ serversUtils.flushTests(next)
},
function (next) {
- utils.runServer(1, function (server1) {
+ serversUtils.runServer(1, function (server1) {
server = server1
next()
})
},
function (next) {
- utils.loginAndGetAccessToken(server, function (err, token) {
+ loginUtils.loginAndGetAccessToken(server, function (err, token) {
if (err) throw err
server.accessToken = token
describe('When adding a pod', function () {
it('Should fail with nothing', function (done) {
const data = {}
- makePostBodyRequest(path, data, done)
+ makePostBodyRequest(path, null, data, done)
})
it('Should fail without public key', function (done) {
const data = {
url: 'http://coucou.com'
}
- makePostBodyRequest(path, data, done)
+ makePostBodyRequest(path, null, data, done)
})
it('Should fail without an url', function (done) {
const data = {
publicKey: 'mysuperpublickey'
}
- makePostBodyRequest(path, data, done)
+ makePostBodyRequest(path, null, data, done)
})
it('Should fail with an incorrect url', function (done) {
url: 'coucou.com',
publicKey: 'mysuperpublickey'
}
- makePostBodyRequest(path, data, function () {
+ makePostBodyRequest(path, null, data, function () {
data.url = 'http://coucou'
- makePostBodyRequest(path, data, function () {
+ makePostBodyRequest(path, null, data, function () {
data.url = 'coucou'
- makePostBodyRequest(path, data, done)
+ makePostBodyRequest(path, null, data, done)
})
})
})
url: 'http://coucou.com',
publicKey: 'mysuperpublickey'
}
- makePostBodyRequest(path, data, done, false)
+ makePostBodyRequest(path, null, data, done, 200)
+ })
+ })
+
+ describe('For the friends API', function () {
+ let userAccessToken = null
+
+ before(function (done) {
+ usersUtils.createUser(server.url, server.accessToken, 'user1', 'password', function () {
+ server.user = {
+ username: 'user1',
+ password: 'password'
+ }
+
+ loginUtils.loginAndGetAccessToken(server, function (err, accessToken) {
+ if (err) throw err
+
+ userAccessToken = accessToken
+
+ done()
+ })
+ })
+ })
+
+ describe('When making friends', function () {
+ it('Should fail with a invalid token', function (done) {
+ request(server.url)
+ .get(path + '/makefriends')
+ .query({ start: 'hello' })
+ .set('Authorization', 'Bearer faketoken')
+ .set('Accept', 'application/json')
+ .expect(401, done)
+ })
+
+ it('Should fail if the user is not an administrator', function (done) {
+ request(server.url)
+ .get(path + '/makefriends')
+ .query({ start: 'hello' })
+ .set('Authorization', 'Bearer ' + userAccessToken)
+ .set('Accept', 'application/json')
+ .expect(403, done)
+ })
+ })
+
+ describe('When quitting friends', function () {
+ it('Should fail with a invalid token', function (done) {
+ request(server.url)
+ .get(path + '/quitfriends')
+ .query({ start: 'hello' })
+ .set('Authorization', 'Bearer faketoken')
+ .set('Accept', 'application/json')
+ .expect(401, done)
+ })
+
+ it('Should fail if the user is not an administrator', function (done) {
+ request(server.url)
+ .get(path + '/quitfriends')
+ .query({ start: 'hello' })
+ .set('Authorization', 'Bearer ' + userAccessToken)
+ .set('Accept', 'application/json')
+ .expect(403, done)
+ })
})
})
})
attach.videofile = pathUtils.join(__dirname, 'fixtures', 'video_short.mp4')
makePostRequest(path, server.accessToken, data, attach, function () {
attach.videofile = pathUtils.join(__dirname, 'fixtures', 'video_short.ogv')
- makePostRequest(path, server.accessToken, data, attach, done, false)
+ makePostRequest(path, server.accessToken, data, attach, done, 204)
}, false)
}, false)
})
.expect(404, done)
})
+ it('Should fail with a video of another user')
+
it('Should fail with a video of another pod')
it('Should succeed with the correct parameters')
})
})
+ describe('Of the users API', function () {
+ const path = '/api/v1/users/'
+ let userId = null
+ let userAccessToken = null
+
+ describe('When adding a new user', function () {
+ it('Should fail with a too small username', function (done) {
+ const data = {
+ username: 'ji',
+ password: 'mysuperpassword'
+ }
+
+ makePostBodyRequest(path, server.accessToken, data, done)
+ })
+
+ it('Should fail with a too long username', function (done) {
+ const data = {
+ username: 'mysuperusernamewhichisverylong',
+ password: 'mysuperpassword'
+ }
+
+ makePostBodyRequest(path, server.accessToken, data, done)
+ })
+
+ it('Should fail with an incorrect username', function (done) {
+ const data = {
+ username: 'my username',
+ password: 'mysuperpassword'
+ }
+
+ makePostBodyRequest(path, server.accessToken, data, done)
+ })
+
+ it('Should fail with a too small password', function (done) {
+ const data = {
+ username: 'myusername',
+ password: 'bla'
+ }
+
+ makePostBodyRequest(path, server.accessToken, data, done)
+ })
+
+ it('Should fail with a too long password', function (done) {
+ const data = {
+ username: 'myusername',
+ password: 'my super long password which is very very very very very very very very very very very very very very' +
+ 'very very very very very very very very very very very very very very very veryv very very very very' +
+ 'very very very very very very very very very very very very very very very very very very very very long'
+ }
+
+ makePostBodyRequest(path, server.accessToken, data, done)
+ })
+
+ it('Should fail with an non authenticated user', function (done) {
+ const data = {
+ username: 'myusername',
+ password: 'my super password'
+ }
+
+ makePostBodyRequest(path, 'super token', data, done, 401)
+ })
+
+ it('Should succeed with the correct params', function (done) {
+ const data = {
+ username: 'user1',
+ password: 'my super password'
+ }
+
+ makePostBodyRequest(path, server.accessToken, data, done, 204)
+ })
+
+ it('Should fail with a non admin user', function (done) {
+ server.user = {
+ username: 'user1',
+ password: 'my super password'
+ }
+
+ loginUtils.loginAndGetAccessToken(server, function (err, accessToken) {
+ if (err) throw err
+
+ userAccessToken = accessToken
+
+ const data = {
+ username: 'user2',
+ password: 'my super password'
+ }
+
+ makePostBodyRequest(path, userAccessToken, data, done, 403)
+ })
+ })
+ })
+
+ describe('When updating a user', function () {
+ before(function (done) {
+ usersUtils.getUsersList(server.url, function (err, res) {
+ if (err) throw err
+
+ userId = res.body.data[1].id
+ done()
+ })
+ })
+
+ it('Should fail with a too small password', function (done) {
+ const data = {
+ password: 'bla'
+ }
+
+ makePutBodyRequest(path + userId, userAccessToken, data, done)
+ })
+
+ it('Should fail with a too long password', function (done) {
+ const data = {
+ password: 'my super long password which is very very very very very very very very very very very very very very' +
+ 'very very very very very very very very very very very very very very very veryv very very very very' +
+ 'very very very very very very very very very very very very very very very very very very very very long'
+ }
+
+ makePutBodyRequest(path + userId, userAccessToken, data, done)
+ })
+
+ it('Should fail with an non authenticated user', function (done) {
+ const data = {
+ password: 'my super password'
+ }
+
+ makePutBodyRequest(path + userId, 'super token', data, done, 401)
+ })
+
+ it('Should succeed with the correct params', function (done) {
+ const data = {
+ password: 'my super password'
+ }
+
+ makePutBodyRequest(path + userId, userAccessToken, data, done, 204)
+ })
+ })
+
+ describe('When getting my information', function () {
+ it('Should fail with a non authenticated user', function (done) {
+ request(server.url)
+ .get(path + 'me')
+ .set('Authorization', 'Bearer faketoken')
+ .set('Accept', 'application/json')
+ .expect(401, done)
+ })
+
+ it('Should success with the correct parameters', function (done) {
+ request(server.url)
+ .get(path + 'me')
+ .set('Authorization', 'Bearer ' + userAccessToken)
+ .set('Accept', 'application/json')
+ .expect(200, done)
+ })
+ })
+
+ describe('When removing an user', function () {
+ it('Should fail with an incorrect username', function (done) {
+ request(server.url)
+ .delete(path + 'bla-bla')
+ .set('Authorization', 'Bearer ' + server.accessToken)
+ .expect(400, done)
+ })
+
+ it('Should return 404 with a non existing username', function (done) {
+ request(server.url)
+ .delete(path + 'qzzerg')
+ .set('Authorization', 'Bearer ' + server.accessToken)
+ .expect(404, done)
+ })
+
+ it('Should success with the correct parameters', function (done) {
+ request(server.url)
+ .delete(path + 'user1')
+ .set('Authorization', 'Bearer ' + server.accessToken)
+ .expect(204, done)
+ })
+ })
+ })
+
describe('Of the remote videos API', function () {
describe('When making a secure request', function () {
it('Should check a secure request')
// Keep the logs if the test failed
if (this.ok) {
- utils.flushTests(done)
+ serversUtils.flushTests(done)
} else {
done()
}
projects / github / Chocobozzz / PeerTube.git / blobdiff