X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params%2Fvideo-comments.ts;h=b7656a17661be4b05f772b4db600f7806a090a65;hb=7926c5f9b3ffcabb1ffb0dcfa5e48b8e0b88fbc0;hp=5112274f0f8372b12ee1c7c0eda955682d93f207;hpb=e2e22e40f91018cfaf244e0df9a4a93e4f6d0502;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/api/check-params/video-comments.ts b/server/tests/api/check-params/video-comments.ts index 5112274f0..b7656a176 100644 --- a/server/tests/api/check-params/video-comments.ts +++ b/server/tests/api/check-params/video-comments.ts @@ -1,108 +1,113 @@ -/* tslint:disable:no-unused-expression */ +/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ import 'mocha' -import * as request from 'supertest' +import * as chai from 'chai' +import { HttpStatusCode } from '@shared/core-utils' import { - createUser, flushTests, getUserAccessToken, killallServers, makePostBodyRequest, runServer, ServerInfo, setAccessTokensToServers, + checkBadCountPagination, + checkBadSortPagination, + checkBadStartPagination, + cleanupTests, + flushAndRunServer, + makeDeleteRequest, + makeGetRequest, + makePostBodyRequest, + ServerInfo, + setAccessTokensToServers, uploadVideo -} from '../../utils' -import { addVideoCommentThread } from '../../utils/video-comments' +} from '@shared/extra-utils' +import { VideoCreateResult } from '@shared/models' + +const expect = chai.expect describe('Test video comments API validator', function () { let pathThread: string let pathComment: string let server: ServerInfo - let accessTokenUser: string - let videoUUID: string + let video: VideoCreateResult + let userAccessToken: string + let userAccessToken2: string let commentId: number // --------------------------------------------------------------- before(async function () { - this.timeout(20000) - - await flushTests() + this.timeout(30000) - server = await runServer(1) + server = await flushAndRunServer(1) await setAccessTokensToServers([ server ]) { - const user = { - username: 'fake', - password: 'fake_password' - } - await createUser(server.url, server.accessToken, user.username, user.password) + const res = await uploadVideo(server.url, server.accessToken, {}) + video = res.body.video + pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads' + } - accessTokenUser = await getUserAccessToken(server, user) + { + const created = await server.commentsCommand.createThread({ videoId: video.uuid, text: 'coucou' }) + commentId = created.id + pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId } { - const res = await uploadVideo(server.url, server.accessToken, {}) - videoUUID = res.body.video.uuid - pathThread = '/api/v1/videos/' + videoUUID + '/comment-threads' + const user = { username: 'user1', password: 'my super password' } + await server.usersCommand.create({ username: user.username, password: user.password }) + userAccessToken = await server.loginCommand.getAccessToken(user) } { - const res = await addVideoCommentThread(server.url, server.accessToken, videoUUID, 'coucou') - commentId = res.body.comment.id - pathComment = '/api/v1/videos/' + videoUUID + '/comments/' + commentId + const user = { username: 'user2', password: 'my super password' } + await server.usersCommand.create({ username: user.username, password: user.password }) + userAccessToken2 = await server.loginCommand.getAccessToken(user) } }) describe('When listing video comment threads', function () { it('Should fail with a bad start pagination', async function () { - await request(server.url) - .get(pathThread) - .query({ start: 'hello' }) - .set('Accept', 'application/json') - .expect(400) + await checkBadStartPagination(server.url, pathThread, server.accessToken) }) it('Should fail with a bad count pagination', async function () { - await request(server.url) - .get(pathThread) - .query({ count: 'hello' }) - .set('Accept', 'application/json') - .expect(400) + await checkBadCountPagination(server.url, pathThread, server.accessToken) }) it('Should fail with an incorrect sort', async function () { - await request(server.url) - .get(pathThread) - .query({ sort: 'hello' }) - .set('Accept', 'application/json') - .expect(400) + await checkBadSortPagination(server.url, pathThread, server.accessToken) }) it('Should fail with an incorrect video', async function () { - await request(server.url) - .get('/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads') - .set('Accept', 'application/json') - .expect(404) + await makeGetRequest({ + url: server.url, + path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads', + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + }) }) }) describe('When listing comments of a thread', function () { it('Should fail with an incorrect video', async function () { - await request(server.url) - .get('/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId) - .set('Accept', 'application/json') - .expect(404) + await makeGetRequest({ + url: server.url, + path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId, + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should fail with an incorrect thread id', async function () { - await request(server.url) - .get('/api/v1/videos/' + videoUUID + '/comment-threads/156') - .set('Accept', 'application/json') - .expect(404) + await makeGetRequest({ + url: server.url, + path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156', + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should success with the correct params', async function () { - await request(server.url) - .get('/api/v1/videos/' + videoUUID + '/comment-threads/' + commentId) - .set('Accept', 'application/json') - .expect(200) + await makeGetRequest({ + url: server.url, + path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId, + statusCodeExpected: HttpStatusCode.OK_200 + }) }) }) @@ -112,7 +117,13 @@ describe('Test video comments API validator', function () { const fields = { text: 'text' } - await makePostBodyRequest({ url: server.url, path: pathThread, token: 'none', fields, statusCodeExpected: 401 }) + await makePostBodyRequest({ + url: server.url, + path: pathThread, + token: 'none', + fields, + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + }) }) it('Should fail with nothing', async function () { @@ -122,14 +133,14 @@ describe('Test video comments API validator', function () { it('Should fail with a short comment', async function () { const fields = { - text: 'h'.repeat(3001) + text: '' } await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields }) }) it('Should fail with a long comment', async function () { const fields = { - text: 'h'.repeat(3001) + text: 'h'.repeat(10001) } await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields }) }) @@ -139,14 +150,26 @@ describe('Test video comments API validator', function () { const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 404 }) + await makePostBodyRequest({ + url: server.url, + path, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should succeed with the correct parameters', async function () { const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields, statusCodeExpected: 200 }) + await makePostBodyRequest({ + url: server.url, + path: pathThread, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.OK_200 + }) }) }) @@ -155,7 +178,13 @@ describe('Test video comments API validator', function () { const fields = { text: 'text' } - await makePostBodyRequest({ url: server.url, path: pathComment, token: 'none', fields, statusCodeExpected: 401 }) + await makePostBodyRequest({ + url: server.url, + path: pathComment, + token: 'none', + fields, + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + }) }) it('Should fail with nothing', async function () { @@ -165,14 +194,14 @@ describe('Test video comments API validator', function () { it('Should fail with a short comment', async function () { const fields = { - text: 'h'.repeat(3001) + text: '' } await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields }) }) it('Should fail with a long comment', async function () { const fields = { - text: 'h'.repeat(3001) + text: 'h'.repeat(10001) } await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields }) }) @@ -182,31 +211,195 @@ describe('Test video comments API validator', function () { const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 404 }) + await makePostBodyRequest({ + url: server.url, + path, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should fail with an incorrect comment', async function () { - const path = '/api/v1/videos/' + videoUUID + '/comments/124' + const path = '/api/v1/videos/' + video.uuid + '/comments/124' const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 404 }) + await makePostBodyRequest({ + url: server.url, + path, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.NOT_FOUND_404 + }) }) it('Should succeed with the correct parameters', async function () { const fields = { text: 'super comment' } - await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields, statusCodeExpected: 200 }) + await makePostBodyRequest({ + url: server.url, + path: pathComment, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.OK_200 + }) }) }) - after(async function () { - killallServers([ server ]) + describe('When removing video comments', function () { + it('Should fail with a non authenticated user', async function () { + await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 }) + }) - // Keep the logs if the test failed - if (this['ok']) { - await flushTests() - } + it('Should fail with another user', async function () { + await makeDeleteRequest({ + url: server.url, + path: pathComment, + token: userAccessToken, + statusCodeExpected: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should fail with an incorrect video', async function () { + const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId + await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 }) + }) + + it('Should fail with an incorrect comment', async function () { + const path = '/api/v1/videos/' + video.uuid + '/comments/124' + await makeDeleteRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.NOT_FOUND_404 }) + }) + + it('Should succeed with the same user', async function () { + let commentToDelete: number + + { + const created = await server.commentsCommand.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' }) + commentToDelete = created.id + } + + const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete + + await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) + await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 }) + }) + + it('Should succeed with the owner of the video', async function () { + let commentToDelete: number + let anotherVideoUUID: string + + { + const res = await uploadVideo(server.url, userAccessToken, { name: 'video' }) + anotherVideoUUID = res.body.video.uuid + } + + { + const created = await server.commentsCommand.createThread({ videoId: anotherVideoUUID, text: 'hello' }) + commentToDelete = created.id + } + + const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete + + await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 }) + await makeDeleteRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: HttpStatusCode.NO_CONTENT_204 }) + }) + + it('Should succeed with the correct parameters', async function () { + await makeDeleteRequest({ + url: server.url, + path: pathComment, + token: server.accessToken, + statusCodeExpected: HttpStatusCode.NO_CONTENT_204 + }) + }) + }) + + describe('When a video has comments disabled', function () { + before(async function () { + const res = await uploadVideo(server.url, server.accessToken, { commentsEnabled: false }) + video = res.body.video + pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads' + }) + + it('Should return an empty thread list', async function () { + const res = await makeGetRequest({ + url: server.url, + path: pathThread, + statusCodeExpected: HttpStatusCode.OK_200 + }) + expect(res.body.total).to.equal(0) + expect(res.body.data).to.have.lengthOf(0) + }) + + it('Should return an thread comments list') + + it('Should return conflict on thread add', async function () { + const fields = { + text: 'super comment' + } + await makePostBodyRequest({ + url: server.url, + path: pathThread, + token: server.accessToken, + fields, + statusCodeExpected: HttpStatusCode.CONFLICT_409 + }) + }) + + it('Should return conflict on comment thread add') + }) + + describe('When listing admin comments threads', function () { + const path = '/api/v1/videos/comments' + + it('Should fail with a bad start pagination', async function () { + await checkBadStartPagination(server.url, path, server.accessToken) + }) + + it('Should fail with a bad count pagination', async function () { + await checkBadCountPagination(server.url, path, server.accessToken) + }) + + it('Should fail with an incorrect sort', async function () { + await checkBadSortPagination(server.url, path, server.accessToken) + }) + + it('Should fail with a non authenticated user', async function () { + await makeGetRequest({ + url: server.url, + path, + statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 + }) + }) + + it('Should fail with a non admin user', async function () { + await makeGetRequest({ + url: server.url, + path, + token: userAccessToken, + statusCodeExpected: HttpStatusCode.FORBIDDEN_403 + }) + }) + + it('Should succeed with the correct params', async function () { + await makeGetRequest({ + url: server.url, + path, + token: server.accessToken, + query: { + isLocal: false, + search: 'toto', + searchAccount: 'toto', + searchVideo: 'toto' + }, + statusCodeExpected: HttpStatusCode.OK_200 + }) + }) + }) + + after(async function () { + await cleanupTests([ server ]) }) })