X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fabuses.ts;h=7d8347412b077bef8cbb4c184742a630a7f270a3;hb=fd3c2e87051f5029cdec39d877b576a62f48e219;hp=ba7c0833f8ab78270ff22e0a2f4281efab0d43ed;hpb=57f6896f67cfc570cf3605dd94b0778101b2d9b9;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/api/check-params/abuses.ts b/server/tests/api/check-params/abuses.ts index ba7c0833f..7d8347412 100644 --- a/server/tests/api/check-params/abuses.ts +++ b/server/tests/api/check-params/abuses.ts @@ -1,54 +1,50 @@ /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ import 'mocha' -import { AbuseCreate, AbuseState } from '@shared/models' +import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared' +import { AbuseCreate, AbuseState, HttpStatusCode } from '@shared/models' import { + AbusesCommand, cleanupTests, - createUser, - deleteAbuse, - flushAndRunServer, + createSingleServer, + doubleFollow, makeGetRequest, makePostBodyRequest, - ServerInfo, + PeerTubeServer, setAccessTokensToServers, - updateAbuse, - uploadVideo, - userLogin -} from '../../../../shared/extra-utils' -import { - checkBadCountPagination, - checkBadSortPagination, - checkBadStartPagination -} from '../../../../shared/extra-utils/requests/check-api-params' - -// FIXME: deprecated in 2.3. Remove this controller + waitJobs +} from '@shared/server-commands' -describe('Test video abuses API validators', function () { +describe('Test abuses API validators', function () { const basePath = '/api/v1/abuses/' - let server: ServerInfo - let userAccessToken = '' + let server: PeerTubeServer + + let userToken = '' + let userToken2 = '' let abuseId: number + let messageId: number + + let command: AbusesCommand // --------------------------------------------------------------- before(async function () { this.timeout(30000) - server = await flushAndRunServer(1) + server = await createSingleServer(1) await setAccessTokensToServers([ server ]) - const username = 'user1' - const password = 'my super password' - await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password }) - userAccessToken = await userLogin(server, { username, password }) + userToken = await server.users.generateUserAndToken('user_1') + userToken2 = await server.users.generateUserAndToken('user_2') - const res = await uploadVideo(server.url, server.accessToken, {}) - server.video = res.body.video + server.store.videoCreated = await server.videos.upload() + + command = server.abuses }) - describe('When listing abuses', function () { + describe('When listing abuses for admins', function () { const path = basePath it('Should fail with a bad start pagination', async function () { @@ -67,7 +63,7 @@ describe('Test video abuses API validators', function () { await makeGetRequest({ url: server.url, path, - statusCodeExpected: 401 + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) @@ -75,8 +71,8 @@ describe('Test video abuses API validators', function () { await makeGetRequest({ url: server.url, path, - token: userAccessToken, - statusCodeExpected: 403 + token: userToken, + expectedStatus: HttpStatusCode.FORBIDDEN_403 }) }) @@ -111,7 +107,49 @@ describe('Test video abuses API validators', function () { videoIs: 'deleted' } - await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: 200 }) + await makeGetRequest({ url: server.url, path, token: server.accessToken, query, expectedStatus: HttpStatusCode.OK_200 }) + }) + }) + + describe('When listing abuses for users', function () { + const path = '/api/v1/users/me/abuses' + + it('Should fail with a bad start pagination', async function () { + await checkBadStartPagination(server.url, path, userToken) + }) + + it('Should fail with a bad count pagination', async function () { + await checkBadCountPagination(server.url, path, userToken) + }) + + it('Should fail with an incorrect sort', async function () { + await checkBadSortPagination(server.url, path, userToken) + }) + + it('Should fail with a non authenticated user', async function () { + await makeGetRequest({ + url: server.url, + path, + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a bad id filter', async function () { + await makeGetRequest({ url: server.url, path, token: userToken, query: { id: 'toto' } }) + }) + + it('Should fail with a bad state filter', async function () { + await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 'toto' } }) + await makeGetRequest({ url: server.url, path, token: userToken, query: { state: 0 } }) + }) + + it('Should succeed with the correct params', async function () { + const query = { + id: 13, + state: 2 + } + + await makeGetRequest({ url: server.url, path, token: userToken, query, expectedStatus: HttpStatusCode.OK_200 }) }) }) @@ -120,91 +158,121 @@ describe('Test video abuses API validators', function () { it('Should fail with nothing', async function () { const fields = {} - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields }) }) it('Should fail with a wrong video', async function () { const fields = { video: { id: 'blabla' }, reason: 'my super reason' } - await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields }) }) it('Should fail with an unknown video', async function () { const fields = { video: { id: 42 }, reason: 'my super reason' } - await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 }) + await makePostBodyRequest({ + url: server.url, + path, + token: userToken, + fields, + expectedStatus: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should fail with a wrong comment', async function () { const fields = { comment: { id: 'blabla' }, reason: 'my super reason' } - await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields }) }) it('Should fail with an unknown comment', async function () { const fields = { comment: { id: 42 }, reason: 'my super reason' } - await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 }) + await makePostBodyRequest({ + url: server.url, + path, + token: userToken, + fields, + expectedStatus: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should fail with a wrong account', async function () { const fields = { account: { id: 'blabla' }, reason: 'my super reason' } - await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields }) }) it('Should fail with an unknown account', async function () { const fields = { account: { id: 42 }, reason: 'my super reason' } - await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 }) + await makePostBodyRequest({ + url: server.url, + path, + token: userToken, + fields, + expectedStatus: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should fail with not account, comment or video', async function () { const fields = { reason: 'my super reason' } - await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 400 }) + await makePostBodyRequest({ + url: server.url, + path, + token: userToken, + fields, + expectedStatus: HttpStatusCode.BAD_REQUEST_400 + }) }) it('Should fail with a non authenticated user', async function () { - const fields = { video: { id: server.video.id }, reason: 'my super reason' } + const fields = { video: { id: server.store.videoCreated.id }, reason: 'my super reason' } - await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: 401 }) + await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with a reason too short', async function () { - const fields = { video: { id: server.video.id }, reason: 'h' } + const fields = { video: { id: server.store.videoCreated.id }, reason: 'h' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields }) }) it('Should fail with a too big reason', async function () { - const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) } + const fields = { video: { id: server.store.videoCreated.id }, reason: 'super'.repeat(605) } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields }) }) it('Should succeed with the correct parameters (basic)', async function () { - const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' } + const fields: AbuseCreate = { video: { id: server.store.videoCreated.shortUUID }, reason: 'my super reason' } - const res = await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 }) + const res = await makePostBodyRequest({ + url: server.url, + path, + token: userToken, + fields, + expectedStatus: HttpStatusCode.OK_200 + }) abuseId = res.body.abuse.id }) it('Should fail with a wrong predefined reason', async function () { - const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] } + const fields = { video: server.store.videoCreated, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields }) }) it('Should fail with negative timestamps', async function () { - const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' } + const fields = { video: { id: server.store.videoCreated.id, startAt: -1 }, reason: 'my super reason' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields }) }) it('Should fail mith misordered startAt/endAt', async function () { - const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' } + const fields = { video: { id: server.store.videoCreated.id, startAt: 5, endAt: 1 }, reason: 'my super reason' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields }) }) - it('Should succeed with the corret parameters (advanced)', async function () { + it('Should succeed with the correct parameters (advanced)', async function () { const fields: AbuseCreate = { video: { - id: server.video.id, + id: server.store.videoCreated.id, startAt: 1, endAt: 5 }, @@ -212,56 +280,156 @@ describe('Test video abuses API validators', function () { predefinedReasons: [ 'serverRules' ] } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 }) + await makePostBodyRequest({ url: server.url, path, token: userToken, fields, expectedStatus: HttpStatusCode.OK_200 }) }) }) describe('When updating an abuse', function () { it('Should fail with a non authenticated user', async function () { - await updateAbuse(server.url, 'blabla', abuseId, {}, 401) + await command.update({ token: 'blabla', abuseId, body: {}, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with a non admin user', async function () { - await updateAbuse(server.url, userAccessToken, abuseId, {}, 403) + await command.update({ token: userToken, abuseId, body: {}, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) }) it('Should fail with a bad abuse id', async function () { - await updateAbuse(server.url, server.accessToken, 45, {}, 404) + await command.update({ abuseId: 45, body: {}, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) it('Should fail with a bad state', async function () { const body = { state: 5 } - await updateAbuse(server.url, server.accessToken, abuseId, body, 400) + await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) }) it('Should fail with a bad moderation comment', async function () { const body = { moderationComment: 'b'.repeat(3001) } - await updateAbuse(server.url, server.accessToken, abuseId, body, 400) + await command.update({ abuseId, body, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) }) it('Should succeed with the correct params', async function () { const body = { state: AbuseState.ACCEPTED } - await updateAbuse(server.url, server.accessToken, abuseId, body) + await command.update({ abuseId, body }) + }) + }) + + describe('When creating an abuse message', function () { + const message = 'my super message' + + it('Should fail with an invalid abuse id', async function () { + await command.addMessage({ token: userToken2, abuseId: 888, message, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) + }) + + it('Should fail with a non authenticated user', async function () { + await command.addMessage({ token: 'fake_token', abuseId, message, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) + }) + + it('Should fail with an invalid logged in user', async function () { + await command.addMessage({ token: userToken2, abuseId, message, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) + }) + + it('Should fail with an invalid message', async function () { + await command.addMessage({ token: userToken, abuseId, message: 'a'.repeat(5000), expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) + }) + + it('Should succeed with the correct params', async function () { + const res = await command.addMessage({ token: userToken, abuseId, message }) + messageId = res.body.abuseMessage.id + }) + }) + + describe('When listing abuse messages', function () { + + it('Should fail with an invalid abuse id', async function () { + await command.listMessages({ token: userToken, abuseId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) + }) + + it('Should fail with a non authenticated user', async function () { + await command.listMessages({ token: 'fake_token', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) + }) + + it('Should fail with an invalid logged in user', async function () { + await command.listMessages({ token: userToken2, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) + }) + + it('Should succeed with the correct params', async function () { + await command.listMessages({ token: userToken, abuseId }) + }) + }) + + describe('When deleting an abuse message', function () { + it('Should fail with an invalid abuse id', async function () { + await command.deleteMessage({ token: userToken, abuseId: 888, messageId, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) + }) + + it('Should fail with an invalid message id', async function () { + await command.deleteMessage({ token: userToken, abuseId, messageId: 888, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) + }) + + it('Should fail with a non authenticated user', async function () { + await command.deleteMessage({ token: 'fake_token', abuseId, messageId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) + }) + + it('Should fail with an invalid logged in user', async function () { + await command.deleteMessage({ token: userToken2, abuseId, messageId, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) + }) + + it('Should succeed with the correct params', async function () { + await command.deleteMessage({ token: userToken, abuseId, messageId }) }) }) describe('When deleting a video abuse', function () { it('Should fail with a non authenticated user', async function () { - await deleteAbuse(server.url, 'blabla', abuseId, 401) + await command.delete({ token: 'blabla', abuseId, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with a non admin user', async function () { - await deleteAbuse(server.url, userAccessToken, abuseId, 403) + await command.delete({ token: userToken, abuseId, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) }) it('Should fail with a bad abuse id', async function () { - await deleteAbuse(server.url, server.accessToken, 45, 404) + await command.delete({ abuseId: 45, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) it('Should succeed with the correct params', async function () { - await deleteAbuse(server.url, server.accessToken, abuseId) + await command.delete({ abuseId }) + }) + }) + + describe('When trying to manage messages of a remote abuse', function () { + let remoteAbuseId: number + let anotherServer: PeerTubeServer + + before(async function () { + this.timeout(50000) + + anotherServer = await createSingleServer(2) + await setAccessTokensToServers([ anotherServer ]) + + await doubleFollow(anotherServer, server) + + const server2VideoId = await anotherServer.videos.getId({ uuid: server.store.videoCreated.uuid }) + await anotherServer.abuses.report({ reason: 'remote server', videoId: server2VideoId }) + + await waitJobs([ server, anotherServer ]) + + const body = await command.getAdminList({ sort: '-createdAt' }) + remoteAbuseId = body.data[0].id + }) + + it('Should fail when listing abuse messages of a remote abuse', async function () { + await command.listMessages({ abuseId: remoteAbuseId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) + }) + + it('Should fail when creating abuse message of a remote abuse', async function () { + await command.addMessage({ abuseId: remoteAbuseId, message: 'message', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) + }) + + after(async function () { + await cleanupTests([ anotherServer ]) }) })