X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=server%2Ftests%2Fapi%2Fcheck-params.js;h=9aecc372077c69daab3fd3640d14c18e3788e2c9;hb=7920c273a204e2469416a30b752b12ccd3160102;hp=882948facf9a398d6140186252ea78a39b85b300;hpb=28f7d2020fe3ffbe5ba8a0083386f616b0186a91;p=github%2FChocobozzz%2FPeerTube.git diff --git a/server/tests/api/check-params.js b/server/tests/api/check-params.js index 882948fac..9aecc3720 100644 --- a/server/tests/api/check-params.js +++ b/server/tests/api/check-params.js @@ -13,6 +13,7 @@ const usersUtils = require('../utils/users') describe('Test parameters validator', function () { let server = null + let userAccessToken = null // --------------------------------------------------------------- @@ -44,50 +45,7 @@ describe('Test parameters validator', function () { describe('Of the pods API', function () { const path = '/api/v1/pods/' - describe('When adding a pod', function () { - it('Should fail with nothing', function (done) { - const data = {} - requestsUtils.makePostBodyRequest(server.url, path, null, data, done) - }) - - it('Should fail without public key', function (done) { - const data = { - url: 'http://coucou.com' - } - requestsUtils.makePostBodyRequest(server.url, path, null, data, done) - }) - - it('Should fail without an url', function (done) { - const data = { - publicKey: 'mysuperpublickey' - } - requestsUtils.makePostBodyRequest(server.url, path, null, data, done) - }) - - it('Should fail with an incorrect url', function (done) { - const data = { - url: 'coucou.com', - publicKey: 'mysuperpublickey' - } - requestsUtils.makePostBodyRequest(server.url, path, null, data, function () { - data.url = 'http://coucou' - requestsUtils.makePostBodyRequest(server.url, path, null, data, function () { - data.url = 'coucou' - requestsUtils.makePostBodyRequest(server.url, path, null, data, done) - }) - }) - }) - - it('Should succeed with the correct parameters', function (done) { - const data = { - url: 'http://coucou.com', - publicKey: 'mysuperpublickey' - } - requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 200) - }) - }) - - describe('For the friends API', function () { + describe('When making friends', function () { let userAccessToken = null before(function (done) { @@ -108,10 +66,58 @@ describe('Test parameters validator', function () { }) describe('When making friends', function () { + const body = { + hosts: [ 'localhost:9002' ] + } + + it('Should fail without hosts', function (done) { + request(server.url) + .post(path + '/makefriends') + .set('Authorization', 'Bearer ' + server.accessToken) + .set('Accept', 'application/json') + .expect(400, done) + }) + + it('Should fail if hosts is not an array', function (done) { + request(server.url) + .post(path + '/makefriends') + .send({ hosts: 'localhost:9002' }) + .set('Authorization', 'Bearer ' + server.accessToken) + .set('Accept', 'application/json') + .expect(400, done) + }) + + it('Should fail if the array is not composed by hosts', function (done) { + request(server.url) + .post(path + '/makefriends') + .send({ hosts: [ 'localhost:9002', 'localhost:coucou' ] }) + .set('Authorization', 'Bearer ' + server.accessToken) + .set('Accept', 'application/json') + .expect(400, done) + }) + + it('Should fail if the array is composed with http schemes', function (done) { + request(server.url) + .post(path + '/makefriends') + .send({ hosts: [ 'localhost:9002', 'http://localhost:9003' ] }) + .set('Authorization', 'Bearer ' + server.accessToken) + .set('Accept', 'application/json') + .expect(400, done) + }) + + it('Should fail if hosts are not unique', function (done) { + request(server.url) + .post(path + '/makefriends') + .send({ urls: [ 'localhost:9002', 'localhost:9002' ] }) + .set('Authorization', 'Bearer ' + server.accessToken) + .set('Accept', 'application/json') + .expect(400, done) + }) + it('Should fail with a invalid token', function (done) { request(server.url) - .get(path + '/makefriends') - .query({ start: 'hello' }) + .post(path + '/makefriends') + .send(body) .set('Authorization', 'Bearer faketoken') .set('Accept', 'application/json') .expect(401, done) @@ -119,8 +125,8 @@ describe('Test parameters validator', function () { it('Should fail if the user is not an administrator', function (done) { request(server.url) - .get(path + '/makefriends') - .query({ start: 'hello' }) + .post(path + '/makefriends') + .send(body) .set('Authorization', 'Bearer ' + userAccessToken) .set('Accept', 'application/json') .expect(403, done) @@ -147,6 +153,49 @@ describe('Test parameters validator', function () { }) }) }) + + describe('When adding a pod', function () { + it('Should fail with nothing', function (done) { + const data = {} + requestsUtils.makePostBodyRequest(server.url, path, null, data, done) + }) + + it('Should fail without public key', function (done) { + const data = { + host: 'coucou.com' + } + requestsUtils.makePostBodyRequest(server.url, path, null, data, done) + }) + + it('Should fail without an host', function (done) { + const data = { + publicKey: 'mysuperpublickey' + } + requestsUtils.makePostBodyRequest(server.url, path, null, data, done) + }) + + it('Should fail with an incorrect host', function (done) { + const data = { + host: 'http://coucou.com', + publicKey: 'mysuperpublickey' + } + requestsUtils.makePostBodyRequest(server.url, path, null, data, function () { + data.host = 'http://coucou' + requestsUtils.makePostBodyRequest(server.url, path, null, data, function () { + data.host = 'coucou' + requestsUtils.makePostBodyRequest(server.url, path, null, data, done) + }) + }) + }) + + it('Should succeed with the correct parameters', function (done) { + const data = { + host: 'coucou.com', + publicKey: 'mysuperpublickey' + } + requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 200) + }) + }) }) describe('Of the videos API', function () { @@ -407,7 +456,7 @@ describe('Test parameters validator', function () { }) }) - it('Should fail without a mongodb id', function (done) { + it('Should fail without a correct uuid', function (done) { request(server.url) .get(path + 'coucou') .set('Accept', 'application/json') @@ -416,7 +465,7 @@ describe('Test parameters validator', function () { it('Should return 404 with an incorrect video', function (done) { request(server.url) - .get(path + '123456789012345678901234') + .get(path + '4da6fde3-88f7-4d16-b119-108df5630b06') .set('Accept', 'application/json') .expect(404, done) }) @@ -432,7 +481,7 @@ describe('Test parameters validator', function () { .expect(400, done) }) - it('Should fail without a mongodb id', function (done) { + it('Should fail without a correct uuid', function (done) { request(server.url) .delete(path + 'hello') .set('Authorization', 'Bearer ' + server.accessToken) @@ -441,7 +490,7 @@ describe('Test parameters validator', function () { it('Should fail with a video which does not exist', function (done) { request(server.url) - .delete(path + '123456789012345678901234') + .delete(path + '4da6fde3-88f7-4d16-b119-108df5630b06') .set('Authorization', 'Bearer ' + server.accessToken) .expect(404, done) }) @@ -457,7 +506,33 @@ describe('Test parameters validator', function () { describe('Of the users API', function () { const path = '/api/v1/users/' let userId = null - let userAccessToken = null + let rootId = null + + describe('When listing users', function () { + it('Should fail with a bad start pagination', function (done) { + request(server.url) + .get(path) + .query({ start: 'hello' }) + .set('Accept', 'application/json') + .expect(400, done) + }) + + it('Should fail with a bad count pagination', function (done) { + request(server.url) + .get(path) + .query({ count: 'hello' }) + .set('Accept', 'application/json') + .expect(400, done) + }) + + it('Should fail with an incorrect sort', function (done) { + request(server.url) + .get(path) + .query({ sort: 'hello' }) + .set('Accept', 'application/json') + .expect(400, done) + }) + }) describe('When adding a new user', function () { it('Should fail with a too small username', function (done) { @@ -516,19 +591,28 @@ describe('Test parameters validator', function () { requestsUtils.makePostBodyRequest(server.url, path, 'super token', data, done, 401) }) - it('Should succeed with the correct params', function (done) { + it('Should fail if we add a user with the same username', function (done) { const data = { username: 'user1', password: 'my super password' } + requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 409) + }) + + it('Should succeed with the correct params', function (done) { + const data = { + username: 'user2', + password: 'my super password' + } + requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 204) }) it('Should fail with a non admin user', function (done) { server.user = { username: 'user1', - password: 'my super password' + password: 'password' } loginUtils.loginAndGetAccessToken(server, function (err, accessToken) { @@ -537,7 +621,7 @@ describe('Test parameters validator', function () { userAccessToken = accessToken const data = { - username: 'user2', + username: 'user3', password: 'my super password' } @@ -552,6 +636,7 @@ describe('Test parameters validator', function () { if (err) throw err userId = res.body.data[1].id + rootId = res.body.data[2].id done() }) }) @@ -617,18 +702,18 @@ describe('Test parameters validator', function () { .expect(400, done) }) - it('Should return 404 with a non existing id', function (done) { + it('Should fail with the root user', function (done) { request(server.url) - .delete(path + '579f982228c99c221d8092b8') + .delete(path + rootId) .set('Authorization', 'Bearer ' + server.accessToken) - .expect(404, done) + .expect(400, done) }) - it('Should success with the correct parameters', function (done) { + it('Should return 404 with a non existing id', function (done) { request(server.url) - .delete(path + userId) + .delete(path + '45') .set('Authorization', 'Bearer ' + server.accessToken) - .expect(204, done) + .expect(404, done) }) }) }) @@ -647,6 +732,25 @@ describe('Test parameters validator', function () { }) }) + describe('Of the requests API', function () { + const path = '/api/v1/requests/stats' + + it('Should fail with an non authenticated user', function (done) { + request(server.url) + .get(path) + .set('Accept', 'application/json') + .expect(401, done) + }) + + it('Should fail with a non admin user', function (done) { + request(server.url) + .get(path) + .set('Authorization', 'Bearer ' + userAccessToken) + .set('Accept', 'application/json') + .expect(403, done) + }) + }) + after(function (done) { process.kill(-server.app.pid)