Optimize signature verification

author: Chocobozzz <florian.bigard@gmail.com> 2017-11-17 15:20:42 +0100
committer: Chocobozzz <florian.bigard@gmail.com> 2017-11-27 19:40:52 +0100
commit: 9a27cdc27c900feaae5f6db4315c4ccdfc0c4493 (patch)
tree: f91fcfa0fa1a2e45aae1c5333ef2f7ec60e56ef0 /server/tests/api/check-params/follows.ts
parent: 975e6e0e44e2f2b25f804cd48a62e2a8d9e8117a (diff)
download: PeerTube-9a27cdc27c900feaae5f6db4315c4ccdfc0c4493.tar.gz
PeerTube-9a27cdc27c900feaae5f6db4315c4ccdfc0c4493.tar.zst
PeerTube-9a27cdc27c900feaae5f6db4315c4ccdfc0c4493.zip
1 files changed, 222 insertions, 0 deletions
diff --git a/server/tests/api/check-params/follows.ts b/server/tests/api/check-params/follows.ts
new file mode 100644
index 000000000..d742200c1
--- /dev/null
+++ b/server/tests/api/check-params/follows.ts
@@ -0,0 +1,222 @@
+/* tslint:disable:no-unused-expression */
+import * as request from 'supertest'
+import 'mocha'
+import {
+  ServerInfo,
+  flushTests,
+  runServer,
+  createUser,
+  loginAndGetAccessToken,
+  setAccessTokensToServers,
+  killallServers,
+  makePostBodyRequest
+} from '../../utils'
+describe('Test server follows API validators', function () {
+  let server: ServerInfo
+  // ---------------------------------------------------------------
+  before(async function () {
+    this.timeout(45000)
+    await flushTests()
+    server = await runServer(1)
+    await setAccessTokensToServers([ server ])
+  })
+  describe('When managing following', function () {
+    let userAccessToken = null
+    before(async function () {
+      await createUser(server.url, server.accessToken, 'user1', 'password')
+      server.user = {
+        username: 'user1',
+        password: 'password'
+      }
+      userAccessToken = await loginAndGetAccessToken(server)
+    })
+    describe('When adding follows', function () {
+      const path = '/api/v1/server/following'
+      const body = {
+        hosts: [ 'localhost:9002' ]
+      }
+      it('Should fail without hosts', async function () {
+        await request(server.url)
+                .post(path)
+                .set('Authorization', 'Bearer ' + server.accessToken)
+                .set('Accept', 'application/json')
+                .expect(400)
+      })
+      it('Should fail if hosts is not an array', async function () {
+        await request(server.url)
+                .post(path)
+                .send({ hosts: 'localhost:9002' })
+                .set('Authorization', 'Bearer ' + server.accessToken)
+                .set('Accept', 'application/json')
+                .expect(400)
+      })
+      it('Should fail if the array is not composed by hosts', async function () {
+        await request(server.url)
+                .post(path)
+                .send({ hosts: [ 'localhost:9002', 'localhost:coucou' ] })
+                .set('Authorization', 'Bearer ' + server.accessToken)
+                .set('Accept', 'application/json')
+                .expect(400)
+      })
+      it('Should fail if the array is composed with http schemes', async function () {
+        await request(server.url)
+                .post(path)
+                .send({ hosts: [ 'localhost:9002', 'http://localhost:9003' ] })
+                .set('Authorization', 'Bearer ' + server.accessToken)
+                .set('Accept', 'application/json')
+                .expect(400)
+      })
+      it('Should fail if hosts are not unique', async function () {
+        await request(server.url)
+                .post(path)
+                .send({ urls: [ 'localhost:9002', 'localhost:9002' ] })
+                .set('Authorization', 'Bearer ' + server.accessToken)
+                .set('Accept', 'application/json')
+                .expect(400)
+      })
+      it('Should fail with an invalid token', async function () {
+        await request(server.url)
+                .post(path)
+                .send(body)
+                .set('Authorization', 'Bearer fake_token')
+                .set('Accept', 'application/json')
+                .expect(401)
+      })
+      it('Should fail if the user is not an administrator', async function () {
+        await request(server.url)
+                .post(path)
+                .send(body)
+                .set('Authorization', 'Bearer ' + userAccessToken)
+                .set('Accept', 'application/json')
+                .expect(403)
+      })
+    })
+    describe('When listing followings', function () {
+      const path = '/api/v1/server/following'
+      it('Should fail with a bad start pagination', async function () {
+        await request(server.url)
+          .get(path)
+          .query({ start: 'hello' })
+          .set('Accept', 'application/json')
+          .expect(400)
+      })
+      it('Should fail with a bad count pagination', async function () {
+        await request(server.url)
+          .get(path)
+          .query({ count: 'hello' })
+          .set('Accept', 'application/json')
+          .expect(400)
+      })
+      it('Should fail with an incorrect sort', async function () {
+        await request(server.url)
+          .get(path)
+          .query({ sort: 'hello' })
+          .set('Accept', 'application/json')
+          .expect(400)
+      })
+    })
+    describe('When listing followers', function () {
+      const path = '/api/v1/server/followers'
+      it('Should fail with a bad start pagination', async function () {
+        await request(server.url)
+          .get(path)
+          .query({ start: 'hello' })
+          .set('Accept', 'application/json')
+          .expect(400)
+      })
+      it('Should fail with a bad count pagination', async function () {
+        await request(server.url)
+          .get(path)
+          .query({ count: 'hello' })
+          .set('Accept', 'application/json')
+          .expect(400)
+      })
+      it('Should fail with an incorrect sort', async function () {
+        await request(server.url)
+          .get(path)
+          .query({ sort: 'hello' })
+          .set('Accept', 'application/json')
+          .expect(400)
+      })
+    })
+    describe('When removing following', function () {
+      // it('Should fail with an invalid token', async function () {
+      //        await request(server.url)
+      //           .delete(path + '/1')
+      //           .set('Authorization', 'Bearer faketoken')
+      //           .set('Accept', 'application/json')
+      //           .expect(401)
+      // })
+      //
+      // it('Should fail if the user is not an administrator', async function () {
+      //        await request(server.url)
+      //           .delete(path + '/1')
+      //           .set('Authorization', 'Bearer ' + userAccessToken)
+      //           .set('Accept', 'application/json')
+      //           .expect(403)
+      // })
+      //
+      // it('Should fail with an undefined id', async function () {
+      //   await request(server.url)
+      //           .delete(path + '/' + undefined)
+      //           .set('Authorization', 'Bearer ' + server.accessToken)
+      //           .set('Accept', 'application/json')
+      //           .expect(400)
+      // })
+      //
+      // it('Should fail with an invalid id', async function () {
+             //  await request(server.url)
+      //           .delete(path + '/foobar')
+      //           .set('Authorization', 'Bearer ' + server.accessToken)
+      //           .set('Accept', 'application/json')
+      //           .expect(400)
+      // })
+      //
+      // it('Should fail we do not follow this server', async function () {
+             //  await request(server.url)
+      //           .delete(path + '/-1')
+      //           .set('Authorization', 'Bearer ' + server.accessToken)
+      //           .set('Accept', 'application/json')
+      //           .expect(404)
+      // })
+      //
+      // it('Should succeed with the correct parameters')
+    })
+  })
+  after(async function () {
+    killallServers([ server ])
+    // Keep the logs if the test failed
+    if (this['ok']) {
+      await flushTests()
+    }
+  })
+})
author	Chocobozzz <florian.bigard@gmail.com>	2017-11-17 15:20:42 +0100
committer	Chocobozzz <florian.bigard@gmail.com>	2017-11-27 19:40:52 +0100
commit	9a27cdc27c900feaae5f6db4315c4ccdfc0c4493 (patch)
tree	f91fcfa0fa1a2e45aae1c5333ef2f7ec60e56ef0 /server/tests/api/check-params/follows.ts
parent	975e6e0e44e2f2b25f804cd48a62e2a8d9e8117a (diff)
download	PeerTube-9a27cdc27c900feaae5f6db4315c4ccdfc0c4493.tar.gz PeerTube-9a27cdc27c900feaae5f6db4315c4ccdfc0c4493.tar.zst PeerTube-9a27cdc27c900feaae5f6db4315c4ccdfc0c4493.zip

diff --git a/server/tests/api/check-params/follows.ts b/server/tests/api/check-params/follows.ts new file mode 100644 index 000000000..d742200c1 --- /dev/null +++ b/server/tests/api/check-params/follows.ts
@@ -0,0 +1,222 @@
	1	/* tslint:disable:no-unused-expression */
	2
	3	import * as request from 'supertest'
	4	import 'mocha'
	5
	6	import {
	7	ServerInfo,
	8	flushTests,
	9	runServer,
	10	createUser,
	11	loginAndGetAccessToken,
	12	setAccessTokensToServers,
	13	killallServers,
	14	makePostBodyRequest
	15	} from '../../utils'
	16
	17	describe('Test server follows API validators', function () {
	18	let server: ServerInfo
	19
	20	// ---------------------------------------------------------------
	21
	22	before(async function () {
	23	this.timeout(45000)
	24
	25	await flushTests()
	26	server = await runServer(1)
	27
	28	await setAccessTokensToServers([ server ])
	29	})
	30
	31	describe('When managing following', function () {
	32	let userAccessToken = null
	33
	34	before(async function () {
	35	await createUser(server.url, server.accessToken, 'user1', 'password')
	36	server.user = {
	37	username: 'user1',
	38	password: 'password'
	39	}
	40
	41	userAccessToken = await loginAndGetAccessToken(server)
	42	})
	43
	44	describe('When adding follows', function () {
	45	const path = '/api/v1/server/following'
	46	const body = {
	47	hosts: [ 'localhost:9002' ]
	48	}
	49
	50	it('Should fail without hosts', async function () {
	51	await request(server.url)
	52	.post(path)
	53	.set('Authorization', 'Bearer ' + server.accessToken)
	54	.set('Accept', 'application/json')
	55	.expect(400)
	56	})
	57
	58	it('Should fail if hosts is not an array', async function () {
	59	await request(server.url)
	60	.post(path)
	61	.send({ hosts: 'localhost:9002' })
	62	.set('Authorization', 'Bearer ' + server.accessToken)
	63	.set('Accept', 'application/json')
	64	.expect(400)
	65	})
	66
	67	it('Should fail if the array is not composed by hosts', async function () {
	68	await request(server.url)
	69	.post(path)
	70	.send({ hosts: [ 'localhost:9002', 'localhost:coucou' ] })
	71	.set('Authorization', 'Bearer ' + server.accessToken)
	72	.set('Accept', 'application/json')
	73	.expect(400)
	74	})
	75
	76	it('Should fail if the array is composed with http schemes', async function () {
	77	await request(server.url)
	78	.post(path)
	79	.send({ hosts: [ 'localhost:9002', 'http://localhost:9003' ] })
	80	.set('Authorization', 'Bearer ' + server.accessToken)
	81	.set('Accept', 'application/json')
	82	.expect(400)
	83	})
	84
	85	it('Should fail if hosts are not unique', async function () {
	86	await request(server.url)
	87	.post(path)
	88	.send({ urls: [ 'localhost:9002', 'localhost:9002' ] })
	89	.set('Authorization', 'Bearer ' + server.accessToken)
	90	.set('Accept', 'application/json')
	91	.expect(400)
	92	})
	93
	94	it('Should fail with an invalid token', async function () {
	95	await request(server.url)
	96	.post(path)
	97	.send(body)
	98	.set('Authorization', 'Bearer fake_token')
	99	.set('Accept', 'application/json')
	100	.expect(401)
	101	})
	102
	103	it('Should fail if the user is not an administrator', async function () {
	104	await request(server.url)
	105	.post(path)
	106	.send(body)
	107	.set('Authorization', 'Bearer ' + userAccessToken)
	108	.set('Accept', 'application/json')
	109	.expect(403)
	110	})
	111	})
	112
	113	describe('When listing followings', function () {
	114	const path = '/api/v1/server/following'
	115
	116	it('Should fail with a bad start pagination', async function () {
	117	await request(server.url)
	118	.get(path)
	119	.query({ start: 'hello' })
	120	.set('Accept', 'application/json')
	121	.expect(400)
	122	})
	123
	124	it('Should fail with a bad count pagination', async function () {
	125	await request(server.url)
	126	.get(path)
	127	.query({ count: 'hello' })
	128	.set('Accept', 'application/json')
	129	.expect(400)
	130	})
	131
	132	it('Should fail with an incorrect sort', async function () {
	133	await request(server.url)
	134	.get(path)
	135	.query({ sort: 'hello' })
	136	.set('Accept', 'application/json')
	137	.expect(400)
	138	})
	139	})
	140
	141	describe('When listing followers', function () {
	142	const path = '/api/v1/server/followers'
	143
	144	it('Should fail with a bad start pagination', async function () {
	145	await request(server.url)
	146	.get(path)
	147	.query({ start: 'hello' })
	148	.set('Accept', 'application/json')
	149	.expect(400)
	150	})
	151
	152	it('Should fail with a bad count pagination', async function () {
	153	await request(server.url)
	154	.get(path)
	155	.query({ count: 'hello' })
	156	.set('Accept', 'application/json')
	157	.expect(400)
	158	})
	159
	160	it('Should fail with an incorrect sort', async function () {
	161	await request(server.url)
	162	.get(path)
	163	.query({ sort: 'hello' })
	164	.set('Accept', 'application/json')
	165	.expect(400)
	166	})
	167	})
	168
	169	describe('When removing following', function () {
	170	// it('Should fail with an invalid token', async function () {
	171	// await request(server.url)
	172	// .delete(path + '/1')
	173	// .set('Authorization', 'Bearer faketoken')
	174	// .set('Accept', 'application/json')
	175	// .expect(401)
	176	// })
	177	//
	178	// it('Should fail if the user is not an administrator', async function () {
	179	// await request(server.url)
	180	// .delete(path + '/1')
	181	// .set('Authorization', 'Bearer ' + userAccessToken)
	182	// .set('Accept', 'application/json')
	183	// .expect(403)
	184	// })
	185	//
	186	// it('Should fail with an undefined id', async function () {
	187	// await request(server.url)
	188	// .delete(path + '/' + undefined)
	189	// .set('Authorization', 'Bearer ' + server.accessToken)
	190	// .set('Accept', 'application/json')
	191	// .expect(400)
	192	// })
	193	//
	194	// it('Should fail with an invalid id', async function () {
	195	// await request(server.url)
	196	// .delete(path + '/foobar')
	197	// .set('Authorization', 'Bearer ' + server.accessToken)
	198	// .set('Accept', 'application/json')
	199	// .expect(400)
	200	// })
	201	//
	202	// it('Should fail we do not follow this server', async function () {
	203	// await request(server.url)
	204	// .delete(path + '/-1')
	205	// .set('Authorization', 'Bearer ' + server.accessToken)
	206	// .set('Accept', 'application/json')
	207	// .expect(404)
	208	// })
	209	//
	210	// it('Should succeed with the correct parameters')
	211	})
	212	})
	213
	214	after(async function () {
	215	killallServers([ server ])
	216
	217	// Keep the logs if the test failed
	218	if (this['ok']) {
	219	await flushTests()
	220	}
	221	})
	222	})