X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fvideo-comments.ts;h=659a10c413bd614f92a72bd058e6c019cc03bf5f;hb=a786d8a08bf99f339bf16808f46e160404497ae2;hp=e67cc01fa42c4b0cd926b9046153e967a6920530;hpb=818c449b3c34e9f324ac744120c8774e724ab25e;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/api/check-params/video-comments.ts b/server/tests/api/check-params/video-comments.ts index e67cc01fa..659a10c41 100644 --- a/server/tests/api/check-params/video-comments.ts +++ b/server/tests/api/check-params/video-comments.ts @@ -20,6 +20,7 @@ import { checkBadStartPagination } from '../../../../shared/extra-utils/requests/check-api-params' import { addVideoCommentThread } from '../../../../shared/extra-utils/videos/video-comments' +import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' const expect = chai.expect @@ -29,6 +30,7 @@ describe('Test video comments API validator', function () { let server: ServerInfo let videoUUID: string let userAccessToken: string + let userAccessToken2: string let commentId: number // --------------------------------------------------------------- @@ -53,13 +55,16 @@ describe('Test video comments API validator', function () { } { - const user = { - username: 'user1', - password: 'my super password' - } + const user = { username: 'user1', password: 'my super password' } await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password }) userAccessToken = await userLogin(server, user) } + + { + const user = { username: 'user2', password: 'my super password' } + await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password }) + userAccessToken2 = await userLogin(server, user) + } }) describe('When listing video comment threads', function () { @@ -79,7 +84,7 @@ describe('Test video comments API validator', function () { await makeGetRequest({ url: server.url, path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads', - statusCodeExpected: 404 + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 }) }) }) @@ -89,7 +94,7 @@ describe('Test video comments API validator', function () { await makeGetRequest({ url: server.url, path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId, - statusCodeExpected: 404 + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 }) }) @@ -97,7 +102,7 @@ describe('Test video comments API validator', function () { await makeGetRequest({ url: server.url, path: '/api/v1/videos/' + videoUUID + '/comment-threads/156', - statusCodeExpected: 404 + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 }) }) @@ -105,7 +110,7 @@ describe('Test video comments API validator', function () { await makeGetRequest({ url: server.url, path: '/api/v1/videos/' + videoUUID + '/comment-threads/' + commentId, - statusCodeExpected: 200 + statusCodeExpected: HttpStatusCode.OK_200 }) }) }) @@ -116,7 +121,13 @@ describe('Test video comments API validator', function () { const fields = { text: 'text' } - await makePostBodyRequest({ url: server.url, path: pathThread, token: 'none', fields, statusCodeExpected: 401 }) + await makePostBodyRequest({ + url: server.url, + path: pathThread, + token: 'none', + fields, + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + }) }) it('Should fail with nothing', async function () { @@ -133,7 +144,7 @@ describe('Test video comments API validator', function () { it('Should fail with a long comment', async function () { const fields = { - text: 'h'.repeat(3001) + text: 'h'.repeat(10001) } await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields }) }) @@ -143,14 +154,26 @@ describe('Test video comments API validator', function () { const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 404 }) + await makePostBodyRequest({ + url: server.url, + path, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should succeed with the correct parameters', async function () { const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields, statusCodeExpected: 200 }) + await makePostBodyRequest({ + url: server.url, + path: pathThread, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.OK_200 + }) }) }) @@ -159,7 +182,13 @@ describe('Test video comments API validator', function () { const fields = { text: 'text' } - await makePostBodyRequest({ url: server.url, path: pathComment, token: 'none', fields, statusCodeExpected: 401 }) + await makePostBodyRequest({ + url: server.url, + path: pathComment, + token: 'none', + fields, + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + }) }) it('Should fail with nothing', async function () { @@ -176,7 +205,7 @@ describe('Test video comments API validator', function () { it('Should fail with a long comment', async function () { const fields = { - text: 'h'.repeat(3001) + text: 'h'.repeat(10001) } await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields }) }) @@ -186,7 +215,13 @@ describe('Test video comments API validator', function () { const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 404 }) + await makePostBodyRequest({ + url: server.url, + path, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should fail with an incorrect comment', async function () { @@ -194,38 +229,94 @@ describe('Test video comments API validator', function () { const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 404 }) + await makePostBodyRequest({ + url: server.url, + path, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should succeed with the correct parameters', async function () { const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields, statusCodeExpected: 200 }) + await makePostBodyRequest({ + url: server.url, + path: pathComment, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.OK_200 + }) }) }) describe('When removing video comments', function () { it('Should fail with a non authenticated user', async function () { - await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: 401 }) + await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with another user', async function () { - await makeDeleteRequest({ url: server.url, path: pathComment, token: userAccessToken, statusCodeExpected: 403 }) + await makeDeleteRequest({ + url: server.url, + path: pathComment, + token: userAccessToken, + statusCodeExpected: HttpStatusCode.FORBIDDEN_403 + }) }) it('Should fail with an incorrect video', async function () { const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId - await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 404 }) + await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 }) }) it('Should fail with an incorrect comment', async function () { const path = '/api/v1/videos/' + videoUUID + '/comments/124' - await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 404 }) + await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 }) + }) + + it('Should succeed with the same user', async function () { + let commentToDelete: number + + { + const res = await addVideoCommentThread(server.url, userAccessToken, videoUUID, 'hello') + commentToDelete = res.body.comment.id + } + + const path = '/api/v1/videos/' + videoUUID + '/comments/' + commentToDelete + + await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) + await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 }) + }) + + it('Should succeed with the owner of the video', async function () { + let commentToDelete: number + let anotherVideoUUID: string + + { + const res = await uploadVideo(server.url, userAccessToken, { name: 'video' }) + anotherVideoUUID = res.body.video.uuid + } + + { + const res = await addVideoCommentThread(server.url, server.accessToken, anotherVideoUUID, 'hello') + commentToDelete = res.body.comment.id + } + + const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete + + await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) + await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 }) }) it('Should succeed with the correct parameters', async function () { - await makeDeleteRequest({ url: server.url, path: pathComment, token: server.accessToken, statusCodeExpected: 204 }) + await makeDeleteRequest({ + url: server.url, + path: pathComment, + token: server.accessToken, + statusCodeExpected: HttpStatusCode.NO_CONTENT_204 + }) }) }) @@ -240,7 +331,7 @@ describe('Test video comments API validator', function () { const res = await makeGetRequest({ url: server.url, path: pathThread, - statusCodeExpected: 200 + statusCodeExpected: HttpStatusCode.OK_200 }) expect(res.body.total).to.equal(0) expect(res.body.data).to.have.lengthOf(0) @@ -252,12 +343,66 @@ describe('Test video comments API validator', function () { const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields, statusCodeExpected: 409 }) + await makePostBodyRequest({ + url: server.url, + path: pathThread, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.CONFLICT_409 + }) }) it('Should return conflict on comment thread add') }) + describe('When listing admin comments threads', function () { + const path = '/api/v1/videos/comments' + + it('Should fail with a bad start pagination', async function () { + await checkBadStartPagination(server.url, path, server.accessToken) + }) + + it('Should fail with a bad count pagination', async function () { + await checkBadCountPagination(server.url, path, server.accessToken) + }) + + it('Should fail with an incorrect sort', async function () { + await checkBadSortPagination(server.url, path, server.accessToken) + }) + + it('Should fail with a non authenticated user', async function () { + await makeGetRequest({ + url: server.url, + path, + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a non admin user', async function () { + await makeGetRequest({ + url: server.url, + path, + token: userAccessToken, + statusCodeExpected: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should succeed with the correct params', async function () { + await makeGetRequest({ + url: server.url, + path, + token: server.accessToken, + query: { + isLocal: false, + search: 'toto', + searchAccount: 'toto', + searchVideo: 'toto' + }, + statusCodeExpected: HttpStatusCode.OK_200 + }) + }) + }) + after(async function () { await cleanupTests([ server ]) })