Add ability to mute a user/instance by server in server api

author: Chocobozzz <me@florianbigard.com> 2018-10-15 13:03:04 +0200
committer: Chocobozzz <me@florianbigard.com> 2018-10-16 16:41:36 +0200
commit: b44164bb567fe7c9f65f1ac2908d44990a8ccc8e (patch)
tree: 37baa0346293e1ed30f8a43270dfd54a4791c6f0 /server/tests/api/check-params/blocklist.ts
parent: af5767ffae41b2d5604e41ba9a7225c623dd6735 (diff)
download: PeerTube-b44164bb567fe7c9f65f1ac2908d44990a8ccc8e.tar.gz
PeerTube-b44164bb567fe7c9f65f1ac2908d44990a8ccc8e.tar.zst
PeerTube-b44164bb567fe7c9f65f1ac2908d44990a8ccc8e.zip
1 files changed, 254 insertions, 2 deletions
diff --git a/server/tests/api/check-params/blocklist.ts b/server/tests/api/check-params/blocklist.ts
index d24d9323f..c745ac975 100644
--- a/server/tests/api/check-params/blocklist.ts
+++ b/server/tests/api/check-params/blocklist.ts
@@ -12,13 +12,14 @@ import {
  makeGetRequest,
  makePostBodyRequest,
  ServerInfo,
-  setAccessTokensToServers
+  setAccessTokensToServers, userLogin
 } from '../../utils'
 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
 describe('Test blocklist API validators', function () {
  let servers: ServerInfo[]
  let server: ServerInfo
+  let userAccessToken: string
  before(async function () {
    this.timeout(60000)
@@ -33,15 +34,17 @@ describe('Test blocklist API validators', function () {
    const user = { username: 'user1', password: 'password' }
    await createUser(server.url, server.accessToken, user.username, user.password)
+    userAccessToken = await userLogin(server, user)
    await doubleFollow(servers[0], servers[1])
  })
  // ---------------------------------------------------------------
  describe('When managing user blocklist', function () {
-    const path = '/api/v1/users/me/blocklist/accounts'
    describe('When managing user accounts blocklist', function () {
+      const path = '/api/v1/users/me/blocklist/accounts'
      describe('When listing blocked accounts', function () {
        it('Should fail with an unauthenticated user', async function () {
@@ -231,6 +234,255 @@ describe('Test blocklist API validators', function () {
    })
  })
+  describe('When managing server blocklist', function () {
+    describe('When managing server accounts blocklist', function () {
+      const path = '/api/v1/server/blocklist/accounts'
+      describe('When listing blocked accounts', function () {
+        it('Should fail with an unauthenticated user', async function () {
+          await makeGetRequest({
+            url: server.url,
+            path,
+            statusCodeExpected: 401
+          })
+        })
+        it('Should fail with a user without the appropriate rights', async function () {
+          await makeGetRequest({
+            url: server.url,
+            token: userAccessToken,
+            path,
+            statusCodeExpected: 403
+          })
+        })
+        it('Should fail with a bad start pagination', async function () {
+          await checkBadStartPagination(server.url, path, server.accessToken)
+        })
+        it('Should fail with a bad count pagination', async function () {
+          await checkBadCountPagination(server.url, path, server.accessToken)
+        })
+        it('Should fail with an incorrect sort', async function () {
+          await checkBadSortPagination(server.url, path, server.accessToken)
+        })
+      })
+      describe('When blocking an account', function () {
+        it('Should fail with an unauthenticated user', async function () {
+          await makePostBodyRequest({
+            url: server.url,
+            path,
+            fields: { accountName: 'user1' },
+            statusCodeExpected: 401
+          })
+        })
+        it('Should fail with a user without the appropriate rights', async function () {
+          await makePostBodyRequest({
+            url: server.url,
+            token: userAccessToken,
+            path,
+            fields: { accountName: 'user1' },
+            statusCodeExpected: 403
+          })
+        })
+        it('Should fail with an unknown account', async function () {
+          await makePostBodyRequest({
+            url: server.url,
+            token: server.accessToken,
+            path,
+            fields: { accountName: 'user2' },
+            statusCodeExpected: 404
+          })
+        })
+        it('Should fail to block ourselves', async function () {
+          await makePostBodyRequest({
+            url: server.url,
+            token: server.accessToken,
+            path,
+            fields: { accountName: 'root' },
+            statusCodeExpected: 409
+          })
+        })
+        it('Should succeed with the correct params', async function () {
+          await makePostBodyRequest({
+            url: server.url,
+            token: server.accessToken,
+            path,
+            fields: { accountName: 'user1' },
+            statusCodeExpected: 204
+          })
+        })
+      })
+      describe('When unblocking an account', function () {
+        it('Should fail with an unauthenticated user', async function () {
+          await makeDeleteRequest({
+            url: server.url,
+            path: path + '/user1',
+            statusCodeExpected: 401
+          })
+        })
+        it('Should fail with a user without the appropriate rights', async function () {
+          await makeDeleteRequest({
+            url: server.url,
+            path: path + '/user1',
+            token: userAccessToken,
+            statusCodeExpected: 403
+          })
+        })
+        it('Should fail with an unknown account block', async function () {
+          await makeDeleteRequest({
+            url: server.url,
+            path: path + '/user2',
+            token: server.accessToken,
+            statusCodeExpected: 404
+          })
+        })
+        it('Should succeed with the correct params', async function () {
+          await makeDeleteRequest({
+            url: server.url,
+            path: path + '/user1',
+            token: server.accessToken,
+            statusCodeExpected: 204
+          })
+        })
+      })
+    })
+    describe('When managing server servers blocklist', function () {
+      const path = '/api/v1/server/blocklist/servers'
+      describe('When listing blocked servers', function () {
+        it('Should fail with an unauthenticated user', async function () {
+          await makeGetRequest({
+            url: server.url,
+            path,
+            statusCodeExpected: 401
+          })
+        })
+        it('Should fail with a user without the appropriate rights', async function () {
+          await makeGetRequest({
+            url: server.url,
+            token: userAccessToken,
+            path,
+            statusCodeExpected: 403
+          })
+        })
+        it('Should fail with a bad start pagination', async function () {
+          await checkBadStartPagination(server.url, path, server.accessToken)
+        })
+        it('Should fail with a bad count pagination', async function () {
+          await checkBadCountPagination(server.url, path, server.accessToken)
+        })
+        it('Should fail with an incorrect sort', async function () {
+          await checkBadSortPagination(server.url, path, server.accessToken)
+        })
+      })
+      describe('When blocking a server', function () {
+        it('Should fail with an unauthenticated user', async function () {
+          await makePostBodyRequest({
+            url: server.url,
+            path,
+            fields: { host: 'localhost:9002' },
+            statusCodeExpected: 401
+          })
+        })
+        it('Should fail with a user without the appropriate rights', async function () {
+          await makePostBodyRequest({
+            url: server.url,
+            token: userAccessToken,
+            path,
+            fields: { host: 'localhost:9002' },
+            statusCodeExpected: 403
+          })
+        })
+        it('Should fail with an unknown server', async function () {
+          await makePostBodyRequest({
+            url: server.url,
+            token: server.accessToken,
+            path,
+            fields: { host: 'localhost:9003' },
+            statusCodeExpected: 404
+          })
+        })
+        it('Should fail with our own server', async function () {
+          await makePostBodyRequest({
+            url: server.url,
+            token: server.accessToken,
+            path,
+            fields: { host: 'localhost:9001' },
+            statusCodeExpected: 409
+          })
+        })
+        it('Should succeed with the correct params', async function () {
+          await makePostBodyRequest({
+            url: server.url,
+            token: server.accessToken,
+            path,
+            fields: { host: 'localhost:9002' },
+            statusCodeExpected: 204
+          })
+        })
+      })
+      describe('When unblocking a server', function () {
+        it('Should fail with an unauthenticated user', async function () {
+          await makeDeleteRequest({
+            url: server.url,
+            path: path + '/localhost:9002',
+            statusCodeExpected: 401
+          })
+        })
+        it('Should fail with a user without the appropriate rights', async function () {
+          await makeDeleteRequest({
+            url: server.url,
+            path: path + '/localhost:9002',
+            token: userAccessToken,
+            statusCodeExpected: 403
+          })
+        })
+        it('Should fail with an unknown server block', async function () {
+          await makeDeleteRequest({
+            url: server.url,
+            path: path + '/localhost:9003',
+            token: server.accessToken,
+            statusCodeExpected: 404
+          })
+        })
+        it('Should succeed with the correct params', async function () {
+          await makeDeleteRequest({
+            url: server.url,
+            path: path + '/localhost:9002',
+            token: server.accessToken,
+            statusCodeExpected: 204
+          })
+        })
+      })
+    })
+  })
  after(async function () {
    killallServers(servers)
author	Chocobozzz <me@florianbigard.com>	2018-10-15 13:03:04 +0200
committer	Chocobozzz <me@florianbigard.com>	2018-10-16 16:41:36 +0200
commit	b44164bb567fe7c9f65f1ac2908d44990a8ccc8e (patch)
tree	37baa0346293e1ed30f8a43270dfd54a4791c6f0 /server/tests/api/check-params/blocklist.ts
parent	af5767ffae41b2d5604e41ba9a7225c623dd6735 (diff)
download	PeerTube-b44164bb567fe7c9f65f1ac2908d44990a8ccc8e.tar.gz PeerTube-b44164bb567fe7c9f65f1ac2908d44990a8ccc8e.tar.zst PeerTube-b44164bb567fe7c9f65f1ac2908d44990a8ccc8e.zip

diff --git a/server/tests/api/check-params/blocklist.ts b/server/tests/api/check-params/blocklist.ts index d24d9323f..c745ac975 100644 --- a/server/tests/api/check-params/blocklist.ts +++ b/server/tests/api/check-params/blocklist.ts
@@ -12,13 +12,14 @@ import {
12	makeGetRequest,	12	makeGetRequest,
13	makePostBodyRequest,	13	makePostBodyRequest,
14	ServerInfo,	14	ServerInfo,
15	setAccessTokensToServers	15	setAccessTokensToServers, userLogin
16	} from '../../utils'	16	} from '../../utils'
17	import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'	17	import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
18		18
19	describe('Test blocklist API validators', function () {	19	describe('Test blocklist API validators', function () {
20	let servers: ServerInfo[]	20	let servers: ServerInfo[]
21	let server: ServerInfo	21	let server: ServerInfo
		22	let userAccessToken: string
22		23
23	before(async function () {	24	before(async function () {
24	this.timeout(60000)	25	this.timeout(60000)
@@ -33,15 +34,17 @@ describe('Test blocklist API validators', function () {
33	const user = { username: 'user1', password: 'password' }	34	const user = { username: 'user1', password: 'password' }
34	await createUser(server.url, server.accessToken, user.username, user.password)	35	await createUser(server.url, server.accessToken, user.username, user.password)
35		36
		37	userAccessToken = await userLogin(server, user)
		38
36	await doubleFollow(servers[0], servers[1])	39	await doubleFollow(servers[0], servers[1])
37	})	40	})
38		41
39	// ---------------------------------------------------------------	42	// ---------------------------------------------------------------
40		43
41	describe('When managing user blocklist', function () {	44	describe('When managing user blocklist', function () {
42	const path = '/api/v1/users/me/blocklist/accounts'
43		45
44	describe('When managing user accounts blocklist', function () {	46	describe('When managing user accounts blocklist', function () {
		47	const path = '/api/v1/users/me/blocklist/accounts'
45		48
46	describe('When listing blocked accounts', function () {	49	describe('When listing blocked accounts', function () {
47	it('Should fail with an unauthenticated user', async function () {	50	it('Should fail with an unauthenticated user', async function () {
@@ -231,6 +234,255 @@ describe('Test blocklist API validators', function () {
231	})	234	})
232	})	235	})
233		236
		237	describe('When managing server blocklist', function () {
		238
		239	describe('When managing server accounts blocklist', function () {
		240	const path = '/api/v1/server/blocklist/accounts'
		241
		242	describe('When listing blocked accounts', function () {
		243	it('Should fail with an unauthenticated user', async function () {
		244	await makeGetRequest({
		245	url: server.url,
		246	path,
		247	statusCodeExpected: 401
		248	})
		249	})
		250
		251	it('Should fail with a user without the appropriate rights', async function () {
		252	await makeGetRequest({
		253	url: server.url,
		254	token: userAccessToken,
		255	path,
		256	statusCodeExpected: 403
		257	})
		258	})
		259
		260	it('Should fail with a bad start pagination', async function () {
		261	await checkBadStartPagination(server.url, path, server.accessToken)
		262	})
		263
		264	it('Should fail with a bad count pagination', async function () {
		265	await checkBadCountPagination(server.url, path, server.accessToken)
		266	})
		267
		268	it('Should fail with an incorrect sort', async function () {
		269	await checkBadSortPagination(server.url, path, server.accessToken)
		270	})
		271	})
		272
		273	describe('When blocking an account', function () {
		274	it('Should fail with an unauthenticated user', async function () {
		275	await makePostBodyRequest({
		276	url: server.url,
		277	path,
		278	fields: { accountName: 'user1' },
		279	statusCodeExpected: 401
		280	})
		281	})
		282
		283	it('Should fail with a user without the appropriate rights', async function () {
		284	await makePostBodyRequest({
		285	url: server.url,
		286	token: userAccessToken,
		287	path,
		288	fields: { accountName: 'user1' },
		289	statusCodeExpected: 403
		290	})
		291	})
		292
		293	it('Should fail with an unknown account', async function () {
		294	await makePostBodyRequest({
		295	url: server.url,
		296	token: server.accessToken,
		297	path,
		298	fields: { accountName: 'user2' },
		299	statusCodeExpected: 404
		300	})
		301	})
		302
		303	it('Should fail to block ourselves', async function () {
		304	await makePostBodyRequest({
		305	url: server.url,
		306	token: server.accessToken,
		307	path,
		308	fields: { accountName: 'root' },
		309	statusCodeExpected: 409
		310	})
		311	})
		312
		313	it('Should succeed with the correct params', async function () {
		314	await makePostBodyRequest({
		315	url: server.url,
		316	token: server.accessToken,
		317	path,
		318	fields: { accountName: 'user1' },
		319	statusCodeExpected: 204
		320	})
		321	})
		322	})
		323
		324	describe('When unblocking an account', function () {
		325	it('Should fail with an unauthenticated user', async function () {
		326	await makeDeleteRequest({
		327	url: server.url,
		328	path: path + '/user1',
		329	statusCodeExpected: 401
		330	})
		331	})
		332
		333	it('Should fail with a user without the appropriate rights', async function () {
		334	await makeDeleteRequest({
		335	url: server.url,
		336	path: path + '/user1',
		337	token: userAccessToken,
		338	statusCodeExpected: 403
		339	})
		340	})
		341
		342	it('Should fail with an unknown account block', async function () {
		343	await makeDeleteRequest({
		344	url: server.url,
		345	path: path + '/user2',
		346	token: server.accessToken,
		347	statusCodeExpected: 404
		348	})
		349	})
		350
		351	it('Should succeed with the correct params', async function () {
		352	await makeDeleteRequest({
		353	url: server.url,
		354	path: path + '/user1',
		355	token: server.accessToken,
		356	statusCodeExpected: 204
		357	})
		358	})
		359	})
		360	})
		361
		362	describe('When managing server servers blocklist', function () {
		363	const path = '/api/v1/server/blocklist/servers'
		364
		365	describe('When listing blocked servers', function () {
		366	it('Should fail with an unauthenticated user', async function () {
		367	await makeGetRequest({
		368	url: server.url,
		369	path,
		370	statusCodeExpected: 401
		371	})
		372	})
		373
		374	it('Should fail with a user without the appropriate rights', async function () {
		375	await makeGetRequest({
		376	url: server.url,
		377	token: userAccessToken,
		378	path,
		379	statusCodeExpected: 403
		380	})
		381	})
		382
		383	it('Should fail with a bad start pagination', async function () {
		384	await checkBadStartPagination(server.url, path, server.accessToken)
		385	})
		386
		387	it('Should fail with a bad count pagination', async function () {
		388	await checkBadCountPagination(server.url, path, server.accessToken)
		389	})
		390
		391	it('Should fail with an incorrect sort', async function () {
		392	await checkBadSortPagination(server.url, path, server.accessToken)
		393	})
		394	})
		395
		396	describe('When blocking a server', function () {
		397	it('Should fail with an unauthenticated user', async function () {
		398	await makePostBodyRequest({
		399	url: server.url,
		400	path,
		401	fields: { host: 'localhost:9002' },
		402	statusCodeExpected: 401
		403	})
		404	})
		405
		406	it('Should fail with a user without the appropriate rights', async function () {
		407	await makePostBodyRequest({
		408	url: server.url,
		409	token: userAccessToken,
		410	path,
		411	fields: { host: 'localhost:9002' },
		412	statusCodeExpected: 403
		413	})
		414	})
		415
		416	it('Should fail with an unknown server', async function () {
		417	await makePostBodyRequest({
		418	url: server.url,
		419	token: server.accessToken,
		420	path,
		421	fields: { host: 'localhost:9003' },
		422	statusCodeExpected: 404
		423	})
		424	})
		425
		426	it('Should fail with our own server', async function () {
		427	await makePostBodyRequest({
		428	url: server.url,
		429	token: server.accessToken,
		430	path,
		431	fields: { host: 'localhost:9001' },
		432	statusCodeExpected: 409
		433	})
		434	})
		435
		436	it('Should succeed with the correct params', async function () {
		437	await makePostBodyRequest({
		438	url: server.url,
		439	token: server.accessToken,
		440	path,
		441	fields: { host: 'localhost:9002' },
		442	statusCodeExpected: 204
		443	})
		444	})
		445	})
		446
		447	describe('When unblocking a server', function () {
		448	it('Should fail with an unauthenticated user', async function () {
		449	await makeDeleteRequest({
		450	url: server.url,
		451	path: path + '/localhost:9002',
		452	statusCodeExpected: 401
		453	})
		454	})
		455
		456	it('Should fail with a user without the appropriate rights', async function () {
		457	await makeDeleteRequest({
		458	url: server.url,
		459	path: path + '/localhost:9002',
		460	token: userAccessToken,
		461	statusCodeExpected: 403
		462	})
		463	})
		464
		465	it('Should fail with an unknown server block', async function () {
		466	await makeDeleteRequest({
		467	url: server.url,
		468	path: path + '/localhost:9003',
		469	token: server.accessToken,
		470	statusCodeExpected: 404
		471	})
		472	})
		473
		474	it('Should succeed with the correct params', async function () {
		475	await makeDeleteRequest({
		476	url: server.url,
		477	path: path + '/localhost:9002',
		478	token: server.accessToken,
		479	statusCodeExpected: 204
		480	})
		481	})
		482	})
		483	})
		484	})
		485
234	after(async function () {	486	after(async function () {
235	killallServers(servers)	487	killallServers(servers)
236		488