import { expect } from 'chai'
import { decode } from 'magnet-uri'
-import { expectStartWith } from '@server/tests/shared'
+import { checkVideoFileTokenReinjection, expectStartWith, parseTorrentVideo } from '@server/tests/shared'
import { getAllFiles, wait } from '@shared/core-utils'
import { HttpStatusCode, LiveVideo, VideoDetails, VideoPrivacy } from '@shared/models'
import {
createSingleServer,
findExternalSavedVideo,
makeRawRequest,
- parseTorrentVideo,
PeerTubeServer,
sendRTMPStream,
setAccessTokensToServers,
function runSuite () {
- async function checkPrivateWebTorrentFiles (uuid: string) {
+ async function checkPrivateFiles (uuid: string) {
const video = await server.videos.getWithToken({ id: uuid })
for (const file of video.files) {
}
}
- async function checkPublicWebTorrentFiles (uuid: string) {
+ async function checkPublicFiles (uuid: string) {
const video = await server.videos.get({ id: uuid })
for (const file of getAllFiles(video)) {
const { uuid } = await server.videos.quickUpload({ name: 'video', privacy })
await waitJobs([ server ])
- await checkPrivateWebTorrentFiles(uuid)
+ await checkPrivateFiles(uuid)
}
})
await server.videos.update({ id: uuid, attributes: { privacy } })
await waitJobs([ server ])
- await checkPrivateWebTorrentFiles(uuid)
+ await checkPrivateFiles(uuid)
}
})
await server.videos.update({ id: uuid, attributes: { privacy: VideoPrivacy.UNLISTED } })
await waitJobs([ server ])
- await checkPublicWebTorrentFiles(uuid)
+ await checkPublicFiles(uuid)
})
it('Should upload an internal video and update it to public to have a public static path', async function () {
await server.videos.update({ id: uuid, attributes: { privacy: VideoPrivacy.PUBLIC } })
await waitJobs([ server ])
- await checkPublicWebTorrentFiles(uuid)
+ await checkPublicFiles(uuid)
})
it('Should upload an internal video and schedule a public publish', async function () {
await waitJobs([ server ])
- await checkPublicWebTorrentFiles(uuid)
+ await checkPublicFiles(uuid)
})
}
await checkVideoFiles({ id: uuid, expectedStatus: HttpStatusCode.OK_200, token: server.accessToken, videoFileToken })
})
+ it('Should reinject video file token', async function () {
+ this.timeout(120000)
+
+ const { uuid } = await server.videos.quickUpload({ name: 'video', privacy: VideoPrivacy.PRIVATE })
+
+ const videoFileToken = await server.videoToken.getVideoFileToken({ videoId: uuid })
+ await waitJobs([ server ])
+
+ {
+ const video = await server.videos.getWithToken({ id: uuid })
+ const hls = video.streamingPlaylists[0]
+ const query = { videoFileToken }
+ const { text } = await makeRawRequest({ url: hls.playlistUrl, query, expectedStatus: HttpStatusCode.OK_200 })
+
+ expect(text).to.not.include(videoFileToken)
+ }
+
+ {
+ await checkVideoFileTokenReinjection({
+ server,
+ videoUUID: uuid,
+ videoFileToken,
+ resolutions: [ 240, 720 ],
+ isLive: false
+ })
+ }
+ })
+
it('Should be able to access a private video of another user with an admin OAuth token or file token', async function () {
this.timeout(120000)
})
{
- const { video, live } = await server.live.quickCreate({ saveReplay: true, permanentLive: false, privacy: VideoPrivacy.PRIVATE })
+ const { video, live } = await server.live.quickCreate({
+ saveReplay: true,
+ permanentLive: false,
+ privacy: VideoPrivacy.PRIVATE
+ })
normalLiveId = video.uuid
normalLive = live
}
{
- const { video, live } = await server.live.quickCreate({ saveReplay: true, permanentLive: true, privacy: VideoPrivacy.PRIVATE })
+ const { video, live } = await server.live.quickCreate({
+ saveReplay: true,
+ permanentLive: true,
+ privacy: VideoPrivacy.PRIVATE
+ })
permanentLiveId = video.uuid
permanentLive = live
}
await checkLiveFiles(permanentLive, permanentLiveId)
})
+ it('Should reinject video file token on permanent live', async function () {
+ this.timeout(240000)
+
+ const ffmpegCommand = sendRTMPStream({ rtmpBaseUrl: permanentLive.rtmpUrl, streamKey: permanentLive.streamKey })
+ await server.live.waitUntilPublished({ videoId: permanentLiveId })
+
+ const video = await server.videos.getWithToken({ id: permanentLiveId })
+ const videoFileToken = await server.videoToken.getVideoFileToken({ videoId: video.uuid })
+ const hls = video.streamingPlaylists[0]
+
+ {
+ const query = { videoFileToken }
+ const { text } = await makeRawRequest({ url: hls.playlistUrl, query, expectedStatus: HttpStatusCode.OK_200 })
+
+ expect(text).to.not.include(videoFileToken)
+ }
+
+ {
+ await checkVideoFileTokenReinjection({
+ server,
+ videoUUID: permanentLiveId,
+ videoFileToken,
+ resolutions: [ 720 ],
+ isLive: true
+ })
+ }
+
+ await stopFfmpeg(ffmpegCommand)
+ })
+
it('Should have created a replay of the normal live with a private static path', async function () {
this.timeout(240000)
})
})
+ describe('With static file right check disabled', function () {
+ let videoUUID: string
+
+ before(async function () {
+ this.timeout(240000)
+
+ await server.kill()
+
+ await server.run({
+ static_files: {
+ private_files_require_auth: false
+ }
+ })
+
+ const { uuid } = await server.videos.quickUpload({ name: 'video', privacy: VideoPrivacy.INTERNAL })
+ videoUUID = uuid
+
+ await waitJobs([ server ])
+ })
+
+ it('Should not check auth for private static files', async function () {
+ const video = await server.videos.getWithToken({ id: videoUUID })
+
+ for (const file of getAllFiles(video)) {
+ await makeRawRequest({ url: file.fileUrl, expectedStatus: HttpStatusCode.OK_200 })
+ }
+
+ const hls = video.streamingPlaylists[0]
+ await makeRawRequest({ url: hls.playlistUrl, expectedStatus: HttpStatusCode.OK_200 })
+ await makeRawRequest({ url: hls.segmentsSha256Url, expectedStatus: HttpStatusCode.OK_200 })
+ })
+ })
+
after(async function () {
await cleanupTests([ server ])
})