Merge branch 'feature/esm-and-nx' into develop

author: Chocobozzz <me@florianbigard.com> 2023-08-17 08:59:21 +0200
committer: Chocobozzz <me@florianbigard.com> 2023-08-17 08:59:21 +0200
commit: c380e3928517eb5311b38cf257816642617d7a33 (patch)
tree: 2ea9b70ebca16b5d109bcce98fe7f944dad89319 /packages/tests/src/api/check-params/video-comments.ts
parent: a8ca6190fb462bf6eb5685cfc1d8ae444164a487 (diff)
parent: 3a4992633ee62d5edfbb484d9c6bcb3cf158489d (diff)
download: PeerTube-c380e3928517eb5311b38cf257816642617d7a33.tar.gz
PeerTube-c380e3928517eb5311b38cf257816642617d7a33.tar.zst
PeerTube-c380e3928517eb5311b38cf257816642617d7a33.zip
1 files changed, 484 insertions, 0 deletions
diff --git a/packages/tests/src/api/check-params/video-comments.ts b/packages/tests/src/api/check-params/video-comments.ts
new file mode 100644
index 000000000..177361606
--- /dev/null
+++ b/packages/tests/src/api/check-params/video-comments.ts
@@ -0,0 +1,484 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+import { expect } from 'chai'
+import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@tests/shared/checks.js'
+import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@peertube/peertube-models'
+import {
+  cleanupTests,
+  createSingleServer,
+  makeDeleteRequest,
+  makeGetRequest,
+  makePostBodyRequest,
+  PeerTubeServer,
+  setAccessTokensToServers
+} from '@peertube/peertube-server-commands'
+describe('Test video comments API validator', function () {
+  let pathThread: string
+  let pathComment: string
+  let server: PeerTubeServer
+  let video: VideoCreateResult
+  let userAccessToken: string
+  let userAccessToken2: string
+  let commentId: number
+  let privateCommentId: number
+  let privateVideo: VideoCreateResult
+  // ---------------------------------------------------------------
+  before(async function () {
+    this.timeout(120000)
+    server = await createSingleServer(1)
+    await setAccessTokensToServers([ server ])
+    {
+      video = await server.videos.upload({ attributes: {} })
+      pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
+    }
+    {
+      privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
+    }
+    {
+      const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
+      commentId = created.id
+      pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
+    }
+    {
+      const created = await server.comments.createThread({ videoId: privateVideo.uuid, text: 'coucou' })
+      privateCommentId = created.id
+    }
+    {
+      const user = { username: 'user1', password: 'my super password' }
+      await server.users.create({ username: user.username, password: user.password })
+      userAccessToken = await server.login.getAccessToken(user)
+    }
+    {
+      const user = { username: 'user2', password: 'my super password' }
+      await server.users.create({ username: user.username, password: user.password })
+      userAccessToken2 = await server.login.getAccessToken(user)
+    }
+  })
+  describe('When listing video comment threads', function () {
+    it('Should fail with a bad start pagination', async function () {
+      await checkBadStartPagination(server.url, pathThread, server.accessToken)
+    })
+    it('Should fail with a bad count pagination', async function () {
+      await checkBadCountPagination(server.url, pathThread, server.accessToken)
+    })
+    it('Should fail with an incorrect sort', async function () {
+      await checkBadSortPagination(server.url, pathThread, server.accessToken)
+    })
+    it('Should fail with an incorrect video', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+    it('Should fail with a private video without token', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+      })
+    })
+    it('Should fail with another user token', async function () {
+      await makeGetRequest({
+        url: server.url,
+        token: userAccessToken,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+    it('Should succeed with the correct params', async function () {
+      await makeGetRequest({
+        url: server.url,
+        token: server.accessToken,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+        expectedStatus: HttpStatusCode.OK_200
+      })
+    })
+  })
+  describe('When listing comments of a thread', function () {
+    it('Should fail with an incorrect video', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+    it('Should fail with an incorrect thread id', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+    it('Should fail with a private video without token', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+      })
+    })
+    it('Should fail with another user token', async function () {
+      await makeGetRequest({
+        url: server.url,
+        token: userAccessToken,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+    it('Should success with the correct params', async function () {
+      await makeGetRequest({
+        url: server.url,
+        token: server.accessToken,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
+        expectedStatus: HttpStatusCode.OK_200
+      })
+      await makeGetRequest({
+        url: server.url,
+        path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
+        expectedStatus: HttpStatusCode.OK_200
+      })
+    })
+  })
+  describe('When adding a video thread', function () {
+    it('Should fail with a non authenticated user', async function () {
+      const fields = {
+        text: 'text'
+      }
+      await makePostBodyRequest({
+        url: server.url,
+        path: pathThread,
+        token: 'none',
+        fields,
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+      })
+    })
+    it('Should fail with nothing', async function () {
+      const fields = {}
+      await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
+    })
+    it('Should fail with a short comment', async function () {
+      const fields = {
+        text: ''
+      }
+      await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
+    })
+    it('Should fail with a long comment', async function () {
+      const fields = {
+        text: 'h'.repeat(10001)
+      }
+      await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
+    })
+    it('Should fail with an incorrect video', async function () {
+      const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
+      const fields = { text: 'super comment' }
+      await makePostBodyRequest({
+        url: server.url,
+        path,
+        token: server.accessToken,
+        fields,
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+    it('Should fail with a private video of another user', async function () {
+      const fields = { text: 'super comment' }
+      await makePostBodyRequest({
+        url: server.url,
+        path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
+        token: userAccessToken,
+        fields,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+    it('Should succeed with the correct parameters', async function () {
+      const fields = { text: 'super comment' }
+      await makePostBodyRequest({
+        url: server.url,
+        path: pathThread,
+        token: server.accessToken,
+        fields,
+        expectedStatus: HttpStatusCode.OK_200
+      })
+    })
+  })
+  describe('When adding a comment to a thread', function () {
+    it('Should fail with a non authenticated user', async function () {
+      const fields = {
+        text: 'text'
+      }
+      await makePostBodyRequest({
+        url: server.url,
+        path: pathComment,
+        token: 'none',
+        fields,
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+      })
+    })
+    it('Should fail with nothing', async function () {
+      const fields = {}
+      await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
+    })
+    it('Should fail with a short comment', async function () {
+      const fields = {
+        text: ''
+      }
+      await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
+    })
+    it('Should fail with a long comment', async function () {
+      const fields = {
+        text: 'h'.repeat(10001)
+      }
+      await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
+    })
+    it('Should fail with an incorrect video', async function () {
+      const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
+      const fields = {
+        text: 'super comment'
+      }
+      await makePostBodyRequest({
+        url: server.url,
+        path,
+        token: server.accessToken,
+        fields,
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+    it('Should fail with a private video of another user', async function () {
+      const fields = { text: 'super comment' }
+      await makePostBodyRequest({
+        url: server.url,
+        path: '/api/v1/videos/' + privateVideo.uuid + '/comments/' + privateCommentId,
+        token: userAccessToken,
+        fields,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+    it('Should fail with an incorrect comment', async function () {
+      const path = '/api/v1/videos/' + video.uuid + '/comments/124'
+      const fields = {
+        text: 'super comment'
+      }
+      await makePostBodyRequest({
+        url: server.url,
+        path,
+        token: server.accessToken,
+        fields,
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+    it('Should succeed with the correct parameters', async function () {
+      const fields = {
+        text: 'super comment'
+      }
+      await makePostBodyRequest({
+        url: server.url,
+        path: pathComment,
+        token: server.accessToken,
+        fields,
+        expectedStatus: HttpStatusCode.OK_200
+      })
+    })
+  })
+  describe('When removing video comments', function () {
+    it('Should fail with a non authenticated user', async function () {
+      await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
+    })
+    it('Should fail with another user', async function () {
+      await makeDeleteRequest({
+        url: server.url,
+        path: pathComment,
+        token: userAccessToken,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+    it('Should fail with an incorrect video', async function () {
+      const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
+      await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
+    })
+    it('Should fail with an incorrect comment', async function () {
+      const path = '/api/v1/videos/' + video.uuid + '/comments/124'
+      await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
+    })
+    it('Should succeed with the same user', async function () {
+      let commentToDelete: number
+      {
+        const created = await server.comments.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
+        commentToDelete = created.id
+      }
+      const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
+      await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+      await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
+    })
+    it('Should succeed with the owner of the video', async function () {
+      let commentToDelete: number
+      let anotherVideoUUID: string
+      {
+        const { uuid } = await server.videos.upload({ token: userAccessToken, attributes: { name: 'video' } })
+        anotherVideoUUID = uuid
+      }
+      {
+        const created = await server.comments.createThread({ videoId: anotherVideoUUID, text: 'hello' })
+        commentToDelete = created.id
+      }
+      const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
+      await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
+      await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
+    })
+    it('Should succeed with the correct parameters', async function () {
+      await makeDeleteRequest({
+        url: server.url,
+        path: pathComment,
+        token: server.accessToken,
+        expectedStatus: HttpStatusCode.NO_CONTENT_204
+      })
+    })
+  })
+  describe('When a video has comments disabled', function () {
+    before(async function () {
+      video = await server.videos.upload({ attributes: { commentsEnabled: false } })
+      pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
+    })
+    it('Should return an empty thread list', async function () {
+      const res = await makeGetRequest({
+        url: server.url,
+        path: pathThread,
+        expectedStatus: HttpStatusCode.OK_200
+      })
+      expect(res.body.total).to.equal(0)
+      expect(res.body.data).to.have.lengthOf(0)
+    })
+    it('Should return an thread comments list')
+    it('Should return conflict on thread add', async function () {
+      const fields = {
+        text: 'super comment'
+      }
+      await makePostBodyRequest({
+        url: server.url,
+        path: pathThread,
+        token: server.accessToken,
+        fields,
+        expectedStatus: HttpStatusCode.CONFLICT_409
+      })
+    })
+    it('Should return conflict on comment thread add')
+  })
+  describe('When listing admin comments threads', function () {
+    const path = '/api/v1/videos/comments'
+    it('Should fail with a bad start pagination', async function () {
+      await checkBadStartPagination(server.url, path, server.accessToken)
+    })
+    it('Should fail with a bad count pagination', async function () {
+      await checkBadCountPagination(server.url, path, server.accessToken)
+    })
+    it('Should fail with an incorrect sort', async function () {
+      await checkBadSortPagination(server.url, path, server.accessToken)
+    })
+    it('Should fail with a non authenticated user', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path,
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+      })
+    })
+    it('Should fail with a non admin user', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path,
+        token: userAccessToken,
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+    it('Should succeed with the correct params', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path,
+        token: server.accessToken,
+        query: {
+          isLocal: false,
+          search: 'toto',
+          searchAccount: 'toto',
+          searchVideo: 'toto'
+        },
+        expectedStatus: HttpStatusCode.OK_200
+      })
+    })
+  })
+  after(async function () {
+    await cleanupTests([ server ])
+  })
+})
author	Chocobozzz <me@florianbigard.com>	2023-08-17 08:59:21 +0200
committer	Chocobozzz <me@florianbigard.com>	2023-08-17 08:59:21 +0200
commit	c380e3928517eb5311b38cf257816642617d7a33 (patch)
tree	2ea9b70ebca16b5d109bcce98fe7f944dad89319 /packages/tests/src/api/check-params/video-comments.ts
parent	a8ca6190fb462bf6eb5685cfc1d8ae444164a487 (diff)
parent	3a4992633ee62d5edfbb484d9c6bcb3cf158489d (diff)
download	PeerTube-c380e3928517eb5311b38cf257816642617d7a33.tar.gz PeerTube-c380e3928517eb5311b38cf257816642617d7a33.tar.zst PeerTube-c380e3928517eb5311b38cf257816642617d7a33.zip

diff --git a/packages/tests/src/api/check-params/video-comments.ts b/packages/tests/src/api/check-params/video-comments.ts new file mode 100644 index 000000000..177361606 --- /dev/null +++ b/packages/tests/src/api/check-params/video-comments.ts
@@ -0,0 +1,484 @@
	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import { expect } from 'chai'
	4	import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@tests/shared/checks.js'
	5	import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@peertube/peertube-models'
	6	import {
	7	cleanupTests,
	8	createSingleServer,
	9	makeDeleteRequest,
	10	makeGetRequest,
	11	makePostBodyRequest,
	12	PeerTubeServer,
	13	setAccessTokensToServers
	14	} from '@peertube/peertube-server-commands'
	15
	16	describe('Test video comments API validator', function () {
	17	let pathThread: string
	18	let pathComment: string
	19
	20	let server: PeerTubeServer
	21
	22	let video: VideoCreateResult
	23
	24	let userAccessToken: string
	25	let userAccessToken2: string
	26
	27	let commentId: number
	28	let privateCommentId: number
	29	let privateVideo: VideoCreateResult
	30
	31	// ---------------------------------------------------------------
	32
	33	before(async function () {
	34	this.timeout(120000)
	35
	36	server = await createSingleServer(1)
	37
	38	await setAccessTokensToServers([ server ])
	39
	40	{
	41	video = await server.videos.upload({ attributes: {} })
	42	pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
	43	}
	44
	45	{
	46	privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
	47	}
	48
	49	{
	50	const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
	51	commentId = created.id
	52	pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
	53	}
	54
	55	{
	56	const created = await server.comments.createThread({ videoId: privateVideo.uuid, text: 'coucou' })
	57	privateCommentId = created.id
	58	}
	59
	60	{
	61	const user = { username: 'user1', password: 'my super password' }
	62	await server.users.create({ username: user.username, password: user.password })
	63	userAccessToken = await server.login.getAccessToken(user)
	64	}
	65
	66	{
	67	const user = { username: 'user2', password: 'my super password' }
	68	await server.users.create({ username: user.username, password: user.password })
	69	userAccessToken2 = await server.login.getAccessToken(user)
	70	}
	71	})
	72
	73	describe('When listing video comment threads', function () {
	74	it('Should fail with a bad start pagination', async function () {
	75	await checkBadStartPagination(server.url, pathThread, server.accessToken)
	76	})
	77
	78	it('Should fail with a bad count pagination', async function () {
	79	await checkBadCountPagination(server.url, pathThread, server.accessToken)
	80	})
	81
	82	it('Should fail with an incorrect sort', async function () {
	83	await checkBadSortPagination(server.url, pathThread, server.accessToken)
	84	})
	85
	86	it('Should fail with an incorrect video', async function () {
	87	await makeGetRequest({
	88	url: server.url,
	89	path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
	90	expectedStatus: HttpStatusCode.NOT_FOUND_404
	91	})
	92	})
	93
	94	it('Should fail with a private video without token', async function () {
	95	await makeGetRequest({
	96	url: server.url,
	97	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
	98	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
	99	})
	100	})
	101
	102	it('Should fail with another user token', async function () {
	103	await makeGetRequest({
	104	url: server.url,
	105	token: userAccessToken,
	106	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
	107	expectedStatus: HttpStatusCode.FORBIDDEN_403
	108	})
	109	})
	110
	111	it('Should succeed with the correct params', async function () {
	112	await makeGetRequest({
	113	url: server.url,
	114	token: server.accessToken,
	115	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
	116	expectedStatus: HttpStatusCode.OK_200
	117	})
	118	})
	119	})
	120
	121	describe('When listing comments of a thread', function () {
	122	it('Should fail with an incorrect video', async function () {
	123	await makeGetRequest({
	124	url: server.url,
	125	path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
	126	expectedStatus: HttpStatusCode.NOT_FOUND_404
	127	})
	128	})
	129
	130	it('Should fail with an incorrect thread id', async function () {
	131	await makeGetRequest({
	132	url: server.url,
	133	path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
	134	expectedStatus: HttpStatusCode.NOT_FOUND_404
	135	})
	136	})
	137
	138	it('Should fail with a private video without token', async function () {
	139	await makeGetRequest({
	140	url: server.url,
	141	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
	142	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
	143	})
	144	})
	145
	146	it('Should fail with another user token', async function () {
	147	await makeGetRequest({
	148	url: server.url,
	149	token: userAccessToken,
	150	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
	151	expectedStatus: HttpStatusCode.FORBIDDEN_403
	152	})
	153	})
	154
	155	it('Should success with the correct params', async function () {
	156	await makeGetRequest({
	157	url: server.url,
	158	token: server.accessToken,
	159	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
	160	expectedStatus: HttpStatusCode.OK_200
	161	})
	162
	163	await makeGetRequest({
	164	url: server.url,
	165	path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
	166	expectedStatus: HttpStatusCode.OK_200
	167	})
	168	})
	169	})
	170
	171	describe('When adding a video thread', function () {
	172
	173	it('Should fail with a non authenticated user', async function () {
	174	const fields = {
	175	text: 'text'
	176	}
	177	await makePostBodyRequest({
	178	url: server.url,
	179	path: pathThread,
	180	token: 'none',
	181	fields,
	182	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
	183	})
	184	})
	185
	186	it('Should fail with nothing', async function () {
	187	const fields = {}
	188	await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
	189	})
	190
	191	it('Should fail with a short comment', async function () {
	192	const fields = {
	193	text: ''
	194	}
	195	await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
	196	})
	197
	198	it('Should fail with a long comment', async function () {
	199	const fields = {
	200	text: 'h'.repeat(10001)
	201	}
	202	await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
	203	})
	204
	205	it('Should fail with an incorrect video', async function () {
	206	const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
	207	const fields = { text: 'super comment' }
	208
	209	await makePostBodyRequest({
	210	url: server.url,
	211	path,
	212	token: server.accessToken,
	213	fields,
	214	expectedStatus: HttpStatusCode.NOT_FOUND_404
	215	})
	216	})
	217
	218	it('Should fail with a private video of another user', async function () {
	219	const fields = { text: 'super comment' }
	220
	221	await makePostBodyRequest({
	222	url: server.url,
	223	path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
	224	token: userAccessToken,
	225	fields,
	226	expectedStatus: HttpStatusCode.FORBIDDEN_403
	227	})
	228	})
	229
	230	it('Should succeed with the correct parameters', async function () {
	231	const fields = { text: 'super comment' }
	232
	233	await makePostBodyRequest({
	234	url: server.url,
	235	path: pathThread,
	236	token: server.accessToken,
	237	fields,
	238	expectedStatus: HttpStatusCode.OK_200
	239	})
	240	})
	241	})
	242
	243	describe('When adding a comment to a thread', function () {
	244
	245	it('Should fail with a non authenticated user', async function () {
	246	const fields = {
	247	text: 'text'
	248	}
	249	await makePostBodyRequest({
	250	url: server.url,
	251	path: pathComment,
	252	token: 'none',
	253	fields,
	254	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
	255	})
	256	})
	257
	258	it('Should fail with nothing', async function () {
	259	const fields = {}
	260	await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
	261	})
	262
	263	it('Should fail with a short comment', async function () {
	264	const fields = {
	265	text: ''
	266	}
	267	await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
	268	})
	269
	270	it('Should fail with a long comment', async function () {
	271	const fields = {
	272	text: 'h'.repeat(10001)
	273	}
	274	await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
	275	})
	276
	277	it('Should fail with an incorrect video', async function () {
	278	const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
	279	const fields = {
	280	text: 'super comment'
	281	}
	282	await makePostBodyRequest({
	283	url: server.url,
	284	path,
	285	token: server.accessToken,
	286	fields,
	287	expectedStatus: HttpStatusCode.NOT_FOUND_404
	288	})
	289	})
	290
	291	it('Should fail with a private video of another user', async function () {
	292	const fields = { text: 'super comment' }
	293
	294	await makePostBodyRequest({
	295	url: server.url,
	296	path: '/api/v1/videos/' + privateVideo.uuid + '/comments/' + privateCommentId,
	297	token: userAccessToken,
	298	fields,
	299	expectedStatus: HttpStatusCode.FORBIDDEN_403
	300	})
	301	})
	302
	303	it('Should fail with an incorrect comment', async function () {
	304	const path = '/api/v1/videos/' + video.uuid + '/comments/124'
	305	const fields = {
	306	text: 'super comment'
	307	}
	308	await makePostBodyRequest({
	309	url: server.url,
	310	path,
	311	token: server.accessToken,
	312	fields,
	313	expectedStatus: HttpStatusCode.NOT_FOUND_404
	314	})
	315	})
	316
	317	it('Should succeed with the correct parameters', async function () {
	318	const fields = {
	319	text: 'super comment'
	320	}
	321	await makePostBodyRequest({
	322	url: server.url,
	323	path: pathComment,
	324	token: server.accessToken,
	325	fields,
	326	expectedStatus: HttpStatusCode.OK_200
	327	})
	328	})
	329	})
	330
	331	describe('When removing video comments', function () {
	332	it('Should fail with a non authenticated user', async function () {
	333	await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
	334	})
	335
	336	it('Should fail with another user', async function () {
	337	await makeDeleteRequest({
	338	url: server.url,
	339	path: pathComment,
	340	token: userAccessToken,
	341	expectedStatus: HttpStatusCode.FORBIDDEN_403
	342	})
	343	})
	344
	345	it('Should fail with an incorrect video', async function () {
	346	const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
	347	await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
	348	})
	349
	350	it('Should fail with an incorrect comment', async function () {
	351	const path = '/api/v1/videos/' + video.uuid + '/comments/124'
	352	await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
	353	})
	354
	355	it('Should succeed with the same user', async function () {
	356	let commentToDelete: number
	357
	358	{
	359	const created = await server.comments.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
	360	commentToDelete = created.id
	361	}
	362
	363	const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
	364
	365	await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
	366	await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
	367	})
	368
	369	it('Should succeed with the owner of the video', async function () {
	370	let commentToDelete: number
	371	let anotherVideoUUID: string
	372
	373	{
	374	const { uuid } = await server.videos.upload({ token: userAccessToken, attributes: { name: 'video' } })
	375	anotherVideoUUID = uuid
	376	}
	377
	378	{
	379	const created = await server.comments.createThread({ videoId: anotherVideoUUID, text: 'hello' })
	380	commentToDelete = created.id
	381	}
	382
	383	const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
	384
	385	await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
	386	await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
	387	})
	388
	389	it('Should succeed with the correct parameters', async function () {
	390	await makeDeleteRequest({
	391	url: server.url,
	392	path: pathComment,
	393	token: server.accessToken,
	394	expectedStatus: HttpStatusCode.NO_CONTENT_204
	395	})
	396	})
	397	})
	398
	399	describe('When a video has comments disabled', function () {
	400	before(async function () {
	401	video = await server.videos.upload({ attributes: { commentsEnabled: false } })
	402	pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
	403	})
	404
	405	it('Should return an empty thread list', async function () {
	406	const res = await makeGetRequest({
	407	url: server.url,
	408	path: pathThread,
	409	expectedStatus: HttpStatusCode.OK_200
	410	})
	411	expect(res.body.total).to.equal(0)
	412	expect(res.body.data).to.have.lengthOf(0)
	413	})
	414
	415	it('Should return an thread comments list')
	416
	417	it('Should return conflict on thread add', async function () {
	418	const fields = {
	419	text: 'super comment'
	420	}
	421	await makePostBodyRequest({
	422	url: server.url,
	423	path: pathThread,
	424	token: server.accessToken,
	425	fields,
	426	expectedStatus: HttpStatusCode.CONFLICT_409
	427	})
	428	})
	429
	430	it('Should return conflict on comment thread add')
	431	})
	432
	433	describe('When listing admin comments threads', function () {
	434	const path = '/api/v1/videos/comments'
	435
	436	it('Should fail with a bad start pagination', async function () {
	437	await checkBadStartPagination(server.url, path, server.accessToken)
	438	})
	439
	440	it('Should fail with a bad count pagination', async function () {
	441	await checkBadCountPagination(server.url, path, server.accessToken)
	442	})
	443
	444	it('Should fail with an incorrect sort', async function () {
	445	await checkBadSortPagination(server.url, path, server.accessToken)
	446	})
	447
	448	it('Should fail with a non authenticated user', async function () {
	449	await makeGetRequest({
	450	url: server.url,
	451	path,
	452	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
	453	})
	454	})
	455
	456	it('Should fail with a non admin user', async function () {
	457	await makeGetRequest({
	458	url: server.url,
	459	path,
	460	token: userAccessToken,
	461	expectedStatus: HttpStatusCode.FORBIDDEN_403
	462	})
	463	})
	464
	465	it('Should succeed with the correct params', async function () {
	466	await makeGetRequest({
	467	url: server.url,
	468	path,
	469	token: server.accessToken,
	470	query: {
	471	isLocal: false,
	472	search: 'toto',
	473	searchAccount: 'toto',
	474	searchVideo: 'toto'
	475	},
	476	expectedStatus: HttpStatusCode.OK_200
	477	})
	478	})
	479	})
	480
	481	after(async function () {
	482	await cleanupTests([ server ])
	483	})
	484	})