X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fblocklist.ts;h=f745b9088137c8a2ca76cf53826ae65eea5d7605;hb=91a4893063402d7beabb3104f9b989b8f88b6038;hp=d24d9323fefcb6af0320d2e71fc6eebadf82ff3d;hpb=af5767ffae41b2d5604e41ba9a7225c623dd6735;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/api/check-params/blocklist.ts b/server/tests/api/check-params/blocklist.ts index d24d9323f..f745b9088 100644 --- a/server/tests/api/check-params/blocklist.ts +++ b/server/tests/api/check-params/blocklist.ts @@ -1,37 +1,35 @@ -/* tslint:disable:no-unused-expression */ - -import 'mocha' +/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ +import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared' +import { HttpStatusCode } from '@shared/models' import { - createUser, + cleanupTests, + createMultipleServers, doubleFollow, - flushAndRunMultipleServers, - flushTests, - killallServers, makeDeleteRequest, makeGetRequest, makePostBodyRequest, - ServerInfo, + PeerTubeServer, setAccessTokensToServers -} from '../../utils' -import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params' +} from '@shared/server-commands' describe('Test blocklist API validators', function () { - let servers: ServerInfo[] - let server: ServerInfo + let servers: PeerTubeServer[] + let server: PeerTubeServer + let userAccessToken: string before(async function () { this.timeout(60000) - await flushTests() - - servers = await flushAndRunMultipleServers(2) + servers = await createMultipleServers(2) await setAccessTokensToServers(servers) server = servers[0] const user = { username: 'user1', password: 'password' } - await createUser(server.url, server.accessToken, user.username, user.password) + await server.users.create({ username: user.username, password: user.password }) + + userAccessToken = await server.login.getAccessToken(user) await doubleFollow(servers[0], servers[1]) }) @@ -39,16 +37,16 @@ describe('Test blocklist API validators', function () { // --------------------------------------------------------------- describe('When managing user blocklist', function () { - const path = '/api/v1/users/me/blocklist/accounts' describe('When managing user accounts blocklist', function () { + const path = '/api/v1/users/me/blocklist/accounts' describe('When listing blocked accounts', function () { it('Should fail with an unauthenticated user', async function () { await makeGetRequest({ url: server.url, path, - statusCodeExpected: 401 + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) @@ -71,7 +69,7 @@ describe('Test blocklist API validators', function () { url: server.url, path, fields: { accountName: 'user1' }, - statusCodeExpected: 401 + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) @@ -81,7 +79,7 @@ describe('Test blocklist API validators', function () { token: server.accessToken, path, fields: { accountName: 'user2' }, - statusCodeExpected: 404 + expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) @@ -91,7 +89,7 @@ describe('Test blocklist API validators', function () { token: server.accessToken, path, fields: { accountName: 'root' }, - statusCodeExpected: 409 + expectedStatus: HttpStatusCode.CONFLICT_409 }) }) @@ -101,7 +99,7 @@ describe('Test blocklist API validators', function () { token: server.accessToken, path, fields: { accountName: 'user1' }, - statusCodeExpected: 204 + expectedStatus: HttpStatusCode.NO_CONTENT_204 }) }) }) @@ -111,7 +109,7 @@ describe('Test blocklist API validators', function () { await makeDeleteRequest({ url: server.url, path: path + '/user1', - statusCodeExpected: 401 + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) @@ -120,7 +118,7 @@ describe('Test blocklist API validators', function () { url: server.url, path: path + '/user2', token: server.accessToken, - statusCodeExpected: 404 + expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) @@ -129,7 +127,7 @@ describe('Test blocklist API validators', function () { url: server.url, path: path + '/user1', token: server.accessToken, - statusCodeExpected: 204 + expectedStatus: HttpStatusCode.NO_CONTENT_204 }) }) }) @@ -143,7 +141,7 @@ describe('Test blocklist API validators', function () { await makeGetRequest({ url: server.url, path, - statusCodeExpected: 401 + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) @@ -166,17 +164,17 @@ describe('Test blocklist API validators', function () { url: server.url, path, fields: { host: 'localhost:9002' }, - statusCodeExpected: 401 + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) - it('Should fail with an unknown server', async function () { + it('Should succeed with an unknown server', async function () { await makePostBodyRequest({ url: server.url, token: server.accessToken, path, fields: { host: 'localhost:9003' }, - statusCodeExpected: 404 + expectedStatus: HttpStatusCode.NO_CONTENT_204 }) }) @@ -185,8 +183,8 @@ describe('Test blocklist API validators', function () { url: server.url, token: server.accessToken, path, - fields: { host: 'localhost:9001' }, - statusCodeExpected: 409 + fields: { host: 'localhost:' + server.port }, + expectedStatus: HttpStatusCode.CONFLICT_409 }) }) @@ -195,8 +193,8 @@ describe('Test blocklist API validators', function () { url: server.url, token: server.accessToken, path, - fields: { host: 'localhost:9002' }, - statusCodeExpected: 204 + fields: { host: 'localhost:' + servers[1].port }, + expectedStatus: HttpStatusCode.NO_CONTENT_204 }) }) }) @@ -205,38 +203,354 @@ describe('Test blocklist API validators', function () { it('Should fail with an unauthenticated user', async function () { await makeDeleteRequest({ url: server.url, - path: path + '/localhost:9002', - statusCodeExpected: 401 + path: path + '/localhost:' + servers[1].port, + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with an unknown server block', async function () { await makeDeleteRequest({ url: server.url, - path: path + '/localhost:9003', + path: path + '/localhost:9004', token: server.accessToken, - statusCodeExpected: 404 + expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) it('Should succeed with the correct params', async function () { await makeDeleteRequest({ url: server.url, - path: path + '/localhost:9002', + path: path + '/localhost:' + servers[1].port, token: server.accessToken, - statusCodeExpected: 204 + expectedStatus: HttpStatusCode.NO_CONTENT_204 }) }) }) }) }) - after(async function () { - killallServers(servers) + describe('When managing server blocklist', function () { + + describe('When managing server accounts blocklist', function () { + const path = '/api/v1/server/blocklist/accounts' + + describe('When listing blocked accounts', function () { + it('Should fail with an unauthenticated user', async function () { + await makeGetRequest({ + url: server.url, + path, + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a user without the appropriate rights', async function () { + await makeGetRequest({ + url: server.url, + token: userAccessToken, + path, + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should fail with a bad start pagination', async function () { + await checkBadStartPagination(server.url, path, server.accessToken) + }) + + it('Should fail with a bad count pagination', async function () { + await checkBadCountPagination(server.url, path, server.accessToken) + }) + + it('Should fail with an incorrect sort', async function () { + await checkBadSortPagination(server.url, path, server.accessToken) + }) + }) + + describe('When blocking an account', function () { + it('Should fail with an unauthenticated user', async function () { + await makePostBodyRequest({ + url: server.url, + path, + fields: { accountName: 'user1' }, + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a user without the appropriate rights', async function () { + await makePostBodyRequest({ + url: server.url, + token: userAccessToken, + path, + fields: { accountName: 'user1' }, + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should fail with an unknown account', async function () { + await makePostBodyRequest({ + url: server.url, + token: server.accessToken, + path, + fields: { accountName: 'user2' }, + expectedStatus: HttpStatusCode.NOT_FOUND_404 + }) + }) + + it('Should fail to block ourselves', async function () { + await makePostBodyRequest({ + url: server.url, + token: server.accessToken, + path, + fields: { accountName: 'root' }, + expectedStatus: HttpStatusCode.CONFLICT_409 + }) + }) + + it('Should succeed with the correct params', async function () { + await makePostBodyRequest({ + url: server.url, + token: server.accessToken, + path, + fields: { accountName: 'user1' }, + expectedStatus: HttpStatusCode.NO_CONTENT_204 + }) + }) + }) + + describe('When unblocking an account', function () { + it('Should fail with an unauthenticated user', async function () { + await makeDeleteRequest({ + url: server.url, + path: path + '/user1', + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a user without the appropriate rights', async function () { + await makeDeleteRequest({ + url: server.url, + path: path + '/user1', + token: userAccessToken, + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should fail with an unknown account block', async function () { + await makeDeleteRequest({ + url: server.url, + path: path + '/user2', + token: server.accessToken, + expectedStatus: HttpStatusCode.NOT_FOUND_404 + }) + }) + + it('Should succeed with the correct params', async function () { + await makeDeleteRequest({ + url: server.url, + path: path + '/user1', + token: server.accessToken, + expectedStatus: HttpStatusCode.NO_CONTENT_204 + }) + }) + }) + }) + + describe('When managing server servers blocklist', function () { + const path = '/api/v1/server/blocklist/servers' + + describe('When listing blocked servers', function () { + it('Should fail with an unauthenticated user', async function () { + await makeGetRequest({ + url: server.url, + path, + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a user without the appropriate rights', async function () { + await makeGetRequest({ + url: server.url, + token: userAccessToken, + path, + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should fail with a bad start pagination', async function () { + await checkBadStartPagination(server.url, path, server.accessToken) + }) - // Keep the logs if the test failed - if (this['ok']) { - await flushTests() - } + it('Should fail with a bad count pagination', async function () { + await checkBadCountPagination(server.url, path, server.accessToken) + }) + + it('Should fail with an incorrect sort', async function () { + await checkBadSortPagination(server.url, path, server.accessToken) + }) + }) + + describe('When blocking a server', function () { + it('Should fail with an unauthenticated user', async function () { + await makePostBodyRequest({ + url: server.url, + path, + fields: { host: 'localhost:' + servers[1].port }, + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a user without the appropriate rights', async function () { + await makePostBodyRequest({ + url: server.url, + token: userAccessToken, + path, + fields: { host: 'localhost:' + servers[1].port }, + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should succeed with an unknown server', async function () { + await makePostBodyRequest({ + url: server.url, + token: server.accessToken, + path, + fields: { host: 'localhost:9003' }, + expectedStatus: HttpStatusCode.NO_CONTENT_204 + }) + }) + + it('Should fail with our own server', async function () { + await makePostBodyRequest({ + url: server.url, + token: server.accessToken, + path, + fields: { host: 'localhost:' + server.port }, + expectedStatus: HttpStatusCode.CONFLICT_409 + }) + }) + + it('Should succeed with the correct params', async function () { + await makePostBodyRequest({ + url: server.url, + token: server.accessToken, + path, + fields: { host: 'localhost:' + servers[1].port }, + expectedStatus: HttpStatusCode.NO_CONTENT_204 + }) + }) + }) + + describe('When unblocking a server', function () { + it('Should fail with an unauthenticated user', async function () { + await makeDeleteRequest({ + url: server.url, + path: path + '/localhost:' + servers[1].port, + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a user without the appropriate rights', async function () { + await makeDeleteRequest({ + url: server.url, + path: path + '/localhost:' + servers[1].port, + token: userAccessToken, + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should fail with an unknown server block', async function () { + await makeDeleteRequest({ + url: server.url, + path: path + '/localhost:9004', + token: server.accessToken, + expectedStatus: HttpStatusCode.NOT_FOUND_404 + }) + }) + + it('Should succeed with the correct params', async function () { + await makeDeleteRequest({ + url: server.url, + path: path + '/localhost:' + servers[1].port, + token: server.accessToken, + expectedStatus: HttpStatusCode.NO_CONTENT_204 + }) + }) + }) + }) + }) + + describe('When getting blocklist status', function () { + const path = '/api/v1/blocklist/status' + + it('Should fail with a bad token', async function () { + await makeGetRequest({ + url: server.url, + path, + token: 'false', + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a bad accounts field', async function () { + await makeGetRequest({ + url: server.url, + path, + query: { + accounts: 1 + }, + expectedStatus: HttpStatusCode.BAD_REQUEST_400 + }) + + await makeGetRequest({ + url: server.url, + path, + query: { + accounts: [ 1 ] + }, + expectedStatus: HttpStatusCode.BAD_REQUEST_400 + }) + }) + + it('Should fail with a bad hosts field', async function () { + await makeGetRequest({ + url: server.url, + path, + query: { + hosts: 1 + }, + expectedStatus: HttpStatusCode.BAD_REQUEST_400 + }) + + await makeGetRequest({ + url: server.url, + path, + query: { + hosts: [ 1 ] + }, + expectedStatus: HttpStatusCode.BAD_REQUEST_400 + }) + }) + + it('Should succeed with the correct parameters', async function () { + await makeGetRequest({ + url: server.url, + path, + query: {}, + expectedStatus: HttpStatusCode.OK_200 + }) + + await makeGetRequest({ + url: server.url, + path, + query: { + hosts: [ 'example.com' ], + accounts: [ 'john@example.com' ] + }, + expectedStatus: HttpStatusCode.OK_200 + }) + }) + }) + + after(async function () { + await cleanupTests(servers) }) })