X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fvideo-comments.ts;h=8d63fe70c7bb1505f24a66ea81474bf3b96f0eed;hb=84c8d9866890f479faf0168c29be5eb7816ccc8e;hp=659a10c413bd614f92a72bd058e6c019cc03bf5f;hpb=2d53be0267acc49cda46707b885096193a1f4e9c;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/api/check-params/video-comments.ts b/server/tests/api/check-params/video-comments.ts index 659a10c41..8d63fe70c 100644 --- a/server/tests/api/check-params/video-comments.ts +++ b/server/tests/api/check-params/video-comments.ts @@ -1,69 +1,73 @@ /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ -import * as chai from 'chai' import 'mocha' +import * as chai from 'chai' import { + checkBadCountPagination, + checkBadSortPagination, + checkBadStartPagination, cleanupTests, - createUser, - flushAndRunServer, + createSingleServer, makeDeleteRequest, makeGetRequest, makePostBodyRequest, - ServerInfo, - setAccessTokensToServers, - uploadVideo, - userLogin -} from '../../../../shared/extra-utils' -import { - checkBadCountPagination, - checkBadSortPagination, - checkBadStartPagination -} from '../../../../shared/extra-utils/requests/check-api-params' -import { addVideoCommentThread } from '../../../../shared/extra-utils/videos/video-comments' -import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' + PeerTubeServer, + setAccessTokensToServers +} from '@shared/extra-utils' +import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models' const expect = chai.expect describe('Test video comments API validator', function () { let pathThread: string let pathComment: string - let server: ServerInfo - let videoUUID: string + let server: PeerTubeServer + let video: VideoCreateResult let userAccessToken: string let userAccessToken2: string let commentId: number + let privateCommentId: number + let privateVideo: VideoCreateResult // --------------------------------------------------------------- before(async function () { this.timeout(30000) - server = await flushAndRunServer(1) + server = await createSingleServer(1) await setAccessTokensToServers([ server ]) { - const res = await uploadVideo(server.url, server.accessToken, {}) - videoUUID = res.body.video.uuid - pathThread = '/api/v1/videos/' + videoUUID + '/comment-threads' + video = await server.videos.upload({ attributes: {} }) + pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads' + } + + { + privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } }) + } + + { + const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' }) + commentId = created.id + pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId } { - const res = await addVideoCommentThread(server.url, server.accessToken, videoUUID, 'coucou') - commentId = res.body.comment.id - pathComment = '/api/v1/videos/' + videoUUID + '/comments/' + commentId + const created = await server.comments.createThread({ videoId: privateVideo.uuid, text: 'coucou' }) + privateCommentId = created.id } { const user = { username: 'user1', password: 'my super password' } - await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password }) - userAccessToken = await userLogin(server, user) + await server.users.create({ username: user.username, password: user.password }) + userAccessToken = await server.login.getAccessToken(user) } { const user = { username: 'user2', password: 'my super password' } - await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password }) - userAccessToken2 = await userLogin(server, user) + await server.users.create({ username: user.username, password: user.password }) + userAccessToken2 = await server.login.getAccessToken(user) } }) @@ -84,7 +88,33 @@ describe('Test video comments API validator', function () { await makeGetRequest({ url: server.url, path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads', - statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + expectedStatus: HttpStatusCode.NOT_FOUND_404 + }) + }) + + it('Should fail with a private video without token', async function () { + await makeGetRequest({ + url: server.url, + path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads', + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with another user token', async function () { + await makeGetRequest({ + url: server.url, + token: userAccessToken, + path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads', + expectedStatus: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should succeed with the correct params', async function () { + await makeGetRequest({ + url: server.url, + token: server.accessToken, + path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads', + expectedStatus: HttpStatusCode.OK_200 }) }) }) @@ -94,23 +124,47 @@ describe('Test video comments API validator', function () { await makeGetRequest({ url: server.url, path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId, - statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) it('Should fail with an incorrect thread id', async function () { await makeGetRequest({ url: server.url, - path: '/api/v1/videos/' + videoUUID + '/comment-threads/156', - statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156', + expectedStatus: HttpStatusCode.NOT_FOUND_404 + }) + }) + + it('Should fail with a private video without token', async function () { + await makeGetRequest({ + url: server.url, + path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId, + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with another user token', async function () { + await makeGetRequest({ + url: server.url, + token: userAccessToken, + path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId, + expectedStatus: HttpStatusCode.FORBIDDEN_403 }) }) it('Should success with the correct params', async function () { await makeGetRequest({ url: server.url, - path: '/api/v1/videos/' + videoUUID + '/comment-threads/' + commentId, - statusCodeExpected: HttpStatusCode.OK_200 + token: server.accessToken, + path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId, + expectedStatus: HttpStatusCode.OK_200 + }) + + await makeGetRequest({ + url: server.url, + path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId, + expectedStatus: HttpStatusCode.OK_200 }) }) }) @@ -126,7 +180,7 @@ describe('Test video comments API validator', function () { path: pathThread, token: 'none', fields, - statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) @@ -159,7 +213,7 @@ describe('Test video comments API validator', function () { path, token: server.accessToken, fields, - statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) @@ -172,7 +226,7 @@ describe('Test video comments API validator', function () { path: pathThread, token: server.accessToken, fields, - statusCodeExpected: HttpStatusCode.OK_200 + expectedStatus: HttpStatusCode.OK_200 }) }) }) @@ -187,7 +241,7 @@ describe('Test video comments API validator', function () { path: pathComment, token: 'none', fields, - statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) @@ -220,12 +274,12 @@ describe('Test video comments API validator', function () { path, token: server.accessToken, fields, - statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) it('Should fail with an incorrect comment', async function () { - const path = '/api/v1/videos/' + videoUUID + '/comments/124' + const path = '/api/v1/videos/' + video.uuid + '/comments/124' const fields = { text: 'super comment' } @@ -234,7 +288,7 @@ describe('Test video comments API validator', function () { path, token: server.accessToken, fields, - statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) @@ -247,14 +301,14 @@ describe('Test video comments API validator', function () { path: pathComment, token: server.accessToken, fields, - statusCodeExpected: HttpStatusCode.OK_200 + expectedStatus: HttpStatusCode.OK_200 }) }) }) describe('When removing video comments', function () { it('Should fail with a non authenticated user', async function () { - await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 }) + await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) it('Should fail with another user', async function () { @@ -262,32 +316,32 @@ describe('Test video comments API validator', function () { url: server.url, path: pathComment, token: userAccessToken, - statusCodeExpected: HttpStatusCode.FORBIDDEN_403 + expectedStatus: HttpStatusCode.FORBIDDEN_403 }) }) it('Should fail with an incorrect video', async function () { const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId - await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 }) + await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) it('Should fail with an incorrect comment', async function () { - const path = '/api/v1/videos/' + videoUUID + '/comments/124' - await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 }) + const path = '/api/v1/videos/' + video.uuid + '/comments/124' + await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 }) }) it('Should succeed with the same user', async function () { let commentToDelete: number { - const res = await addVideoCommentThread(server.url, userAccessToken, videoUUID, 'hello') - commentToDelete = res.body.comment.id + const created = await server.comments.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' }) + commentToDelete = created.id } - const path = '/api/v1/videos/' + videoUUID + '/comments/' + commentToDelete + const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete - await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) - await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 }) + await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) + await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 }) }) it('Should succeed with the owner of the video', async function () { @@ -295,19 +349,19 @@ describe('Test video comments API validator', function () { let anotherVideoUUID: string { - const res = await uploadVideo(server.url, userAccessToken, { name: 'video' }) - anotherVideoUUID = res.body.video.uuid + const { uuid } = await server.videos.upload({ token: userAccessToken, attributes: { name: 'video' } }) + anotherVideoUUID = uuid } { - const res = await addVideoCommentThread(server.url, server.accessToken, anotherVideoUUID, 'hello') - commentToDelete = res.body.comment.id + const created = await server.comments.createThread({ videoId: anotherVideoUUID, text: 'hello' }) + commentToDelete = created.id } const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete - await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) - await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 }) + await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) + await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 }) }) it('Should succeed with the correct parameters', async function () { @@ -315,23 +369,22 @@ describe('Test video comments API validator', function () { url: server.url, path: pathComment, token: server.accessToken, - statusCodeExpected: HttpStatusCode.NO_CONTENT_204 + expectedStatus: HttpStatusCode.NO_CONTENT_204 }) }) }) describe('When a video has comments disabled', function () { before(async function () { - const res = await uploadVideo(server.url, server.accessToken, { commentsEnabled: false }) - videoUUID = res.body.video.uuid - pathThread = '/api/v1/videos/' + videoUUID + '/comment-threads' + video = await server.videos.upload({ attributes: { commentsEnabled: false } }) + pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads' }) it('Should return an empty thread list', async function () { const res = await makeGetRequest({ url: server.url, path: pathThread, - statusCodeExpected: HttpStatusCode.OK_200 + expectedStatus: HttpStatusCode.OK_200 }) expect(res.body.total).to.equal(0) expect(res.body.data).to.have.lengthOf(0) @@ -348,7 +401,7 @@ describe('Test video comments API validator', function () { path: pathThread, token: server.accessToken, fields, - statusCodeExpected: HttpStatusCode.CONFLICT_409 + expectedStatus: HttpStatusCode.CONFLICT_409 }) }) @@ -374,7 +427,7 @@ describe('Test video comments API validator', function () { await makeGetRequest({ url: server.url, path, - statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) }) @@ -383,7 +436,7 @@ describe('Test video comments API validator', function () { url: server.url, path, token: userAccessToken, - statusCodeExpected: HttpStatusCode.FORBIDDEN_403 + expectedStatus: HttpStatusCode.FORBIDDEN_403 }) }) @@ -398,7 +451,7 @@ describe('Test video comments API validator', function () { searchAccount: 'toto', searchVideo: 'toto' }, - statusCodeExpected: HttpStatusCode.OK_200 + expectedStatus: HttpStatusCode.OK_200 }) }) })