X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fvideo-blacklist.ts;h=1f926d227574149c4c57f6f63f22c43cc5be171d;hb=d17d743051c5716e1e08cd8870d718cfd6a57f0c;hp=80e6f8011dcdff26a5d3109a5dca57979d0e696b;hpb=792dbaf07f83fbe3f1d209cd9edf190442c7d2f3;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/api/check-params/video-blacklist.ts b/server/tests/api/check-params/video-blacklist.ts index 80e6f8011..1f926d227 100644 --- a/server/tests/api/check-params/video-blacklist.ts +++ b/server/tests/api/check-params/video-blacklist.ts @@ -1,195 +1,295 @@ -/* tslint:disable:no-unused-expression */ +/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ import 'mocha' -import * as request from 'supertest' - +import { expect } from 'chai' import { - ServerInfo, - flushTests, - runServer, - uploadVideo, - getVideosList, - createUser, - setAccessTokensToServers, - killallServers, + BlacklistCommand, + checkBadCountPagination, + checkBadSortPagination, + checkBadStartPagination, + cleanupTests, + createMultipleServers, + doubleFollow, makePostBodyRequest, - getUserAccessToken -} from '../../utils' + makePutBodyRequest, + PeerTubeServer, + setAccessTokensToServers, + waitJobs +} from '@shared/extra-utils' +import { HttpStatusCode, VideoBlacklistType } from '@shared/models' describe('Test video blacklist API validators', function () { - let server: ServerInfo - let userAccessToken = '' + let servers: PeerTubeServer[] + let notBlacklistedVideoId: string + let remoteVideoUUID: string + let userAccessToken1 = '' + let userAccessToken2 = '' + let command: BlacklistCommand // --------------------------------------------------------------- before(async function () { this.timeout(120000) - await flushTests() + servers = await createMultipleServers(2) - server = await runServer(1) + await setAccessTokensToServers(servers) + await doubleFollow(servers[0], servers[1]) - await setAccessTokensToServers([ server ]) + { + const username = 'user1' + const password = 'my super password' + await servers[0].users.create({ username: username, password: password }) + userAccessToken1 = await servers[0].login.getAccessToken({ username, password }) + } - const username = 'user1' - const password = 'my super password' - await createUser(server.url, server.accessToken, username, password) - userAccessToken = await getUserAccessToken(server, { username, password }) + { + const username = 'user2' + const password = 'my super password' + await servers[0].users.create({ username: username, password: password }) + userAccessToken2 = await servers[0].login.getAccessToken({ username, password }) + } - // Upload a video - const videoAttributes = {} - await uploadVideo(server.url, server.accessToken, videoAttributes) + { + servers[0].store.videoCreated = await servers[0].videos.upload({ token: userAccessToken1 }) + } + + { + const { uuid } = await servers[0].videos.upload() + notBlacklistedVideoId = uuid + } - const res = await getVideosList(server.url) + { + const { uuid } = await servers[1].videos.upload() + remoteVideoUUID = uuid + } - const videos = res.body.data - server.video = videos[0] + await waitJobs(servers) + + command = servers[0].blacklist }) describe('When adding a video in blacklist', function () { const basePath = '/api/v1/videos/' it('Should fail with nothing', async function () { - const path = basePath + server.video + '/blacklist' + const path = basePath + servers[0].store.videoCreated + '/blacklist' const fields = {} - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) + await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields }) }) it('Should fail with a wrong video', async function () { const wrongPath = '/api/v1/videos/blabla/blacklist' const fields = {} - await makePostBodyRequest({ url: server.url, path: wrongPath, token: server.accessToken, fields }) + await makePostBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields }) }) it('Should fail with a non authenticated user', async function () { + const path = basePath + servers[0].store.videoCreated + '/blacklist' const fields = {} - const path = basePath + server.video + '/blacklist' - await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: 401 }) + await makePostBodyRequest({ url: servers[0].url, path, token: 'hello', fields, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with a non admin user', async function () { + const path = basePath + servers[0].store.videoCreated + '/blacklist' const fields = {} - const path = basePath + server.video + '/blacklist' - await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) + await makePostBodyRequest({ + url: servers[0].url, + path, + token: userAccessToken2, + fields, + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should fail with an invalid reason', async function () { + const path = basePath + servers[0].store.videoCreated.uuid + '/blacklist' + const fields = { reason: 'a'.repeat(305) } + + await makePostBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields }) }) - it('Should fail with a local video', async function () { + it('Should fail to unfederate a remote video', async function () { + const path = basePath + remoteVideoUUID + '/blacklist' + const fields = { unfederate: true } + + await makePostBodyRequest({ + url: servers[0].url, + path, + token: servers[0].accessToken, + fields, + expectedStatus: HttpStatusCode.CONFLICT_409 + }) + }) + + it('Should succeed with the correct params', async function () { + const path = basePath + servers[0].store.videoCreated.uuid + '/blacklist' const fields = {} - const path = basePath + server.video.id + '/blacklist' - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 403 }) + + await makePostBodyRequest({ + url: servers[0].url, + path, + token: servers[0].accessToken, + fields, + expectedStatus: HttpStatusCode.NO_CONTENT_204 + }) }) }) - describe('When removing a video in blacklist', function () { - const basePath = '/api/v1/blacklist/' + describe('When updating a video in blacklist', function () { + const basePath = '/api/v1/videos/' - it('Should fail with a non authenticated user', async function () { - const path = basePath + server.video.id + it('Should fail with a wrong video', async function () { + const wrongPath = '/api/v1/videos/blabla/blacklist' + const fields = {} + await makePutBodyRequest({ url: servers[0].url, path: wrongPath, token: servers[0].accessToken, fields }) + }) + + it('Should fail with a video not blacklisted', async function () { + const path = '/api/v1/videos/' + notBlacklistedVideoId + '/blacklist' + const fields = {} + await makePutBodyRequest({ + url: servers[0].url, + path, + token: servers[0].accessToken, + fields, + expectedStatus: HttpStatusCode.NOT_FOUND_404 + }) + }) - await request(server.url) - .delete(path) - .set('Authorization', 'Bearer ' + 'fake token') - .set('Accept', 'application/json') - .expect(401) + it('Should fail with a non authenticated user', async function () { + const path = basePath + servers[0].store.videoCreated + '/blacklist' + const fields = {} + await makePutBodyRequest({ url: servers[0].url, path, token: 'hello', fields, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with a non admin user', async function () { - const path = basePath + server.video.id + const path = basePath + servers[0].store.videoCreated + '/blacklist' + const fields = {} + await makePutBodyRequest({ + url: servers[0].url, + path, + token: userAccessToken2, + fields, + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should fail with an invalid reason', async function () { + const path = basePath + servers[0].store.videoCreated.uuid + '/blacklist' + const fields = { reason: 'a'.repeat(305) } - await request(server.url) - .delete(path) - .set('Authorization', 'Bearer ' + userAccessToken) - .set('Accept', 'application/json') - .expect(403) + await makePutBodyRequest({ url: servers[0].url, path, token: servers[0].accessToken, fields }) }) - it('Should fail with an incorrect id', async function () { - const path = basePath + 'foobar' + it('Should succeed with the correct params', async function () { + const path = basePath + servers[0].store.videoCreated.shortUUID + '/blacklist' + const fields = { reason: 'hello' } + + await makePutBodyRequest({ + url: servers[0].url, + path, + token: servers[0].accessToken, + fields, + expectedStatus: HttpStatusCode.NO_CONTENT_204 + }) + }) + }) + + describe('When getting blacklisted video', function () { + + it('Should fail with a non authenticated user', async function () { + await servers[0].videos.get({ id: servers[0].store.videoCreated.uuid, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) + }) + + it('Should fail with another user', async function () { + await servers[0].videos.getWithToken({ + token: userAccessToken2, + id: servers[0].store.videoCreated.uuid, + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should succeed with the owner authenticated user', async function () { + const video = await servers[0].videos.getWithToken({ token: userAccessToken1, id: servers[0].store.videoCreated.uuid }) + expect(video.blacklisted).to.be.true + }) + + it('Should succeed with an admin', async function () { + const video = servers[0].store.videoCreated + + for (const id of [ video.id, video.uuid, video.shortUUID ]) { + const video = await servers[0].videos.getWithToken({ id, expectedStatus: HttpStatusCode.OK_200 }) + expect(video.blacklisted).to.be.true + } + }) + }) + + describe('When removing a video in blacklist', function () { + + it('Should fail with a non authenticated user', async function () { + await command.remove({ + token: 'fake token', + videoId: servers[0].store.videoCreated.uuid, + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a non admin user', async function () { + await command.remove({ + token: userAccessToken2, + videoId: servers[0].store.videoCreated.uuid, + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) - await request(server.url) - .delete(path) - .set('Authorization', 'Bearer ' + server.accessToken) - .set('Accept', 'application/json') - .expect(400) + it('Should fail with an incorrect id', async function () { + await command.remove({ videoId: 'hello', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) }) it('Should fail with a not blacklisted video', async function () { // The video was not added to the blacklist so it should fail - const path = basePath + server.video.id + await command.remove({ videoId: notBlacklistedVideoId, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) + }) - await request(server.url) - .delete(path) - .set('Authorization', 'Bearer ' + server.accessToken) - .set('Accept', 'application/json') - .expect(404) + it('Should succeed with the correct params', async function () { + await command.remove({ videoId: servers[0].store.videoCreated.uuid, expectedStatus: HttpStatusCode.NO_CONTENT_204 }) }) }) describe('When listing videos in blacklist', function () { - const basePath = '/api/v1/blacklist/' + const basePath = '/api/v1/videos/blacklist/' it('Should fail with a non authenticated user', async function () { - const path = basePath - - await request(server.url) - .get(path) - .query({ sort: 'createdAt' }) - .set('Accept', 'application/json') - .set('Authorization', 'Bearer ' + 'fake token') - .expect(401) + await servers[0].blacklist.list({ token: 'fake token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with a non admin user', async function () { - const path = basePath - - await request(server.url) - .get(path) - .query({ sort: 'createdAt' }) - .set('Authorization', 'Bearer ' + userAccessToken) - .set('Accept', 'application/json') - .expect(403) + await servers[0].blacklist.list({ token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) }) it('Should fail with a bad start pagination', async function () { - const path = basePath - - await request(server.url) - .get(path) - .query({ start: 'foobar' }) - .set('Accept', 'application/json') - .set('Authorization', 'Bearer ' + server.accessToken) - .expect(400) + await checkBadStartPagination(servers[0].url, basePath, servers[0].accessToken) }) it('Should fail with a bad count pagination', async function () { - const path = basePath - - await request(server.url) - .get(path) - .query({ count: 'foobar' }) - .set('Accept', 'application/json') - .set('Authorization', 'Bearer ' + server.accessToken) - .expect(400) + await checkBadCountPagination(servers[0].url, basePath, servers[0].accessToken) }) it('Should fail with an incorrect sort', async function () { - const path = basePath + await checkBadSortPagination(servers[0].url, basePath, servers[0].accessToken) + }) - await request(server.url) - .get(path) - .query({ sort: 'foobar' }) - .set('Accept', 'application/json') - .set('Authorization', 'Bearer ' + server.accessToken) - .expect(400) + it('Should fail with an invalid type', async function () { + await servers[0].blacklist.list({ type: 0, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) + }) + + it('Should succeed with the correct parameters', async function () { + await servers[0].blacklist.list({ type: VideoBlacklistType.MANUAL }) }) }) after(async function () { - killallServers([ server ]) - - // Keep the logs if the test failed - if (this['ok']) { - await flushTests() - } + await cleanupTests(servers) }) })