Server: add video abuse support

author: Chocobozzz <florian.bigard@gmail.com> 2017-01-04 20:59:23 +0100
committer: Chocobozzz <florian.bigard@gmail.com> 2017-01-04 21:05:13 +0100
commit: 55fa55a9be566cca2ba95322f2ae23b434aed62a (patch)
tree: f51ef35c120ce8a928917a659418079538cdb8dc /server/tests/api/check-params
parent: a6fd2b30bf717eec14972a2175354781f5f43e77 (diff)
download: PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.tar.gz
PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.tar.zst
PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.zip
3 files changed, 185 insertions, 0 deletions
diff --git a/server/tests/api/check-params/index.js b/server/tests/api/check-params/index.js
index 3d6f09267..d0824f08a 100644
--- a/server/tests/api/check-params/index.js
+++ b/server/tests/api/check-params/index.js
@@ -6,3 +6,4 @@ require('./remotes')
 require('./users')
 require('./requests')
 require('./videos')
+require('./video-abuses')
diff --git a/server/tests/api/check-params/remotes.js b/server/tests/api/check-params/remotes.js
index 30ba3b697..c1ab9fb2b 100644
--- a/server/tests/api/check-params/remotes.js
+++ b/server/tests/api/check-params/remotes.js
@@ -47,6 +47,10 @@ describe('Test remote videos API validators', function () {
    it('Should check when removing a video')
  })
+  describe('When reporting abuse on a video', function () {
+    it('Should check when reporting a video abuse')
+  })
  after(function (done) {
    process.kill(-server.app.pid)
diff --git a/server/tests/api/check-params/video-abuses.js b/server/tests/api/check-params/video-abuses.js
new file mode 100644
index 000000000..8cb4ccdc1
--- /dev/null
+++ b/server/tests/api/check-params/video-abuses.js
@@ -0,0 +1,180 @@
+'use strict'
+const request = require('supertest')
+const series = require('async/series')
+const loginUtils = require('../../utils/login')
+const requestsUtils = require('../../utils/requests')
+const serversUtils = require('../../utils/servers')
+const usersUtils = require('../../utils/users')
+const videosUtils = require('../../utils/videos')
+describe('Test video abuses API validators', function () {
+  let server = null
+  let userAccessToken = null
+  // ---------------------------------------------------------------
+  before(function (done) {
+    this.timeout(20000)
+    series([
+      function (next) {
+        serversUtils.flushTests(next)
+      },
+      function (next) {
+        serversUtils.runServer(1, function (server1) {
+          server = server1
+          next()
+        })
+      },
+      function (next) {
+        loginUtils.loginAndGetAccessToken(server, function (err, token) {
+          if (err) throw err
+          server.accessToken = token
+          next()
+        })
+      },
+      function (next) {
+        const username = 'user1'
+        const password = 'my super password'
+        usersUtils.createUser(server.url, server.accessToken, username, password, next)
+      },
+      function (next) {
+        const user = {
+          username: 'user1',
+          password: 'my super password'
+        }
+        loginUtils.getUserAccessToken(server, user, function (err, accessToken) {
+          if (err) throw err
+          userAccessToken = accessToken
+          next()
+        })
+      },
+      // Upload some videos on each pods
+      function (next) {
+        const name = 'my super name for pod'
+        const description = 'my super description for pod'
+        const tags = [ 'tag' ]
+        const file = 'video_short2.webm'
+        videosUtils.uploadVideo(server.url, server.accessToken, name, description, tags, file, next)
+      },
+      function (next) {
+        videosUtils.getVideosList(server.url, function (err, res) {
+          if (err) throw err
+          const videos = res.body.data
+          server.video = videos[0]
+          next()
+        })
+      }
+    ], done)
+  })
+  describe('When listing video abuses', function () {
+    const path = '/api/v1/videos/abuse'
+    it('Should fail with a bad start pagination', function (done) {
+      request(server.url)
+        .get(path)
+        .query({ start: 'hello' })
+        .set('Authorization', 'Bearer ' + server.accessToken)
+        .set('Accept', 'application/json')
+        .expect(400, done)
+    })
+    it('Should fail with a bad count pagination', function (done) {
+      request(server.url)
+        .get(path)
+        .query({ count: 'hello' })
+        .set('Accept', 'application/json')
+        .set('Authorization', 'Bearer ' + server.accessToken)
+        .expect(400, done)
+    })
+    it('Should fail with an incorrect sort', function (done) {
+      request(server.url)
+        .get(path)
+        .query({ sort: 'hello' })
+        .set('Accept', 'application/json')
+        .set('Authorization', 'Bearer ' + server.accessToken)
+        .expect(400, done)
+    })
+    it('Should fail with a non authenticated user', function (done) {
+      request(server.url)
+        .get(path)
+        .query({ sort: 'hello' })
+        .set('Accept', 'application/json')
+        .expect(401, done)
+    })
+    it('Should fail with a non admin user', function (done) {
+      request(server.url)
+        .get(path)
+        .query({ sort: 'hello' })
+        .set('Accept', 'application/json')
+        .set('Authorization', 'Bearer ' + userAccessToken)
+        .expect(403, done)
+    })
+  })
+  describe('When reporting a video abuse', function () {
+    const basePath = '/api/v1/videos/'
+    it('Should fail with nothing', function (done) {
+      const path = basePath + server.video + '/abuse'
+      const data = {}
+      requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
+    })
+    it('Should fail with a wrong video', function (done) {
+      const wrongPath = '/api/v1/videos/blabla/abuse'
+      const data = {}
+      requestsUtils.makePostBodyRequest(server.url, wrongPath, server.accessToken, data, done)
+    })
+    it('Should fail with a non authenticated user', function (done) {
+      const data = {}
+      const path = basePath + server.video + '/abuse'
+      requestsUtils.makePostBodyRequest(server.url, path, 'hello', data, done, 401)
+    })
+    it('Should fail with a reason too short', function (done) {
+      const data = {
+        reason: 'h'
+      }
+      const path = basePath + server.video + '/abuse'
+      requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
+    })
+    it('Should fail with a reason too big', function (done) {
+      const data = {
+        reason: '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef' +
+                '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef' +
+                '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef' +
+                '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef'
+      }
+      const path = basePath + server.video + '/abuse'
+      requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
+    })
+  })
+  after(function (done) {
+    process.kill(-server.app.pid)
+    // Keep the logs if the test failed
+    if (this.ok) {
+      serversUtils.flushTests(done)
+    } else {
+      done()
+    }
+  })
+})
author	Chocobozzz <florian.bigard@gmail.com>	2017-01-04 20:59:23 +0100
committer	Chocobozzz <florian.bigard@gmail.com>	2017-01-04 21:05:13 +0100
commit	55fa55a9be566cca2ba95322f2ae23b434aed62a (patch)
tree	f51ef35c120ce8a928917a659418079538cdb8dc /server/tests/api/check-params
parent	a6fd2b30bf717eec14972a2175354781f5f43e77 (diff)
download	PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.tar.gz PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.tar.zst PeerTube-55fa55a9be566cca2ba95322f2ae23b434aed62a.zip

diff --git a/server/tests/api/check-params/index.js b/server/tests/api/check-params/index.js index 3d6f09267..d0824f08a 100644 --- a/server/tests/api/check-params/index.js +++ b/server/tests/api/check-params/index.js
@@ -6,3 +6,4 @@ require('./remotes')
6	require('./users')	6	require('./users')
7	require('./requests')	7	require('./requests')
8	require('./videos')	8	require('./videos')
		9	require('./video-abuses')


diff --git a/server/tests/api/check-params/remotes.js b/server/tests/api/check-params/remotes.js index 30ba3b697..c1ab9fb2b 100644 --- a/server/tests/api/check-params/remotes.js +++ b/server/tests/api/check-params/remotes.js
@@ -47,6 +47,10 @@ describe('Test remote videos API validators', function () {
47	it('Should check when removing a video')	47	it('Should check when removing a video')
48	})	48	})
49		49
		50	describe('When reporting abuse on a video', function () {
		51	it('Should check when reporting a video abuse')
		52	})
		53
50	after(function (done) {	54	after(function (done) {
51	process.kill(-server.app.pid)	55	process.kill(-server.app.pid)
52		56


diff --git a/server/tests/api/check-params/video-abuses.js b/server/tests/api/check-params/video-abuses.js new file mode 100644 index 000000000..8cb4ccdc1 --- /dev/null +++ b/server/tests/api/check-params/video-abuses.js
@@ -0,0 +1,180 @@
		1	'use strict'
		2
		3	const request = require('supertest')
		4	const series = require('async/series')
		5
		6	const loginUtils = require('../../utils/login')
		7	const requestsUtils = require('../../utils/requests')
		8	const serversUtils = require('../../utils/servers')
		9	const usersUtils = require('../../utils/users')
		10	const videosUtils = require('../../utils/videos')
		11
		12	describe('Test video abuses API validators', function () {
		13	let server = null
		14	let userAccessToken = null
		15
		16	// ---------------------------------------------------------------
		17
		18	before(function (done) {
		19	this.timeout(20000)
		20
		21	series([
		22	function (next) {
		23	serversUtils.flushTests(next)
		24	},
		25	function (next) {
		26	serversUtils.runServer(1, function (server1) {
		27	server = server1
		28
		29	next()
		30	})
		31	},
		32	function (next) {
		33	loginUtils.loginAndGetAccessToken(server, function (err, token) {
		34	if (err) throw err
		35	server.accessToken = token
		36
		37	next()
		38	})
		39	},
		40	function (next) {
		41	const username = 'user1'
		42	const password = 'my super password'
		43
		44	usersUtils.createUser(server.url, server.accessToken, username, password, next)
		45	},
		46	function (next) {
		47	const user = {
		48	username: 'user1',
		49	password: 'my super password'
		50	}
		51
		52	loginUtils.getUserAccessToken(server, user, function (err, accessToken) {
		53	if (err) throw err
		54
		55	userAccessToken = accessToken
		56
		57	next()
		58	})
		59	},
		60	// Upload some videos on each pods
		61	function (next) {
		62	const name = 'my super name for pod'
		63	const description = 'my super description for pod'
		64	const tags = [ 'tag' ]
		65	const file = 'video_short2.webm'
		66	videosUtils.uploadVideo(server.url, server.accessToken, name, description, tags, file, next)
		67	},
		68	function (next) {
		69	videosUtils.getVideosList(server.url, function (err, res) {
		70	if (err) throw err
		71
		72	const videos = res.body.data
		73	server.video = videos[0]
		74
		75	next()
		76	})
		77	}
		78	], done)
		79	})
		80
		81	describe('When listing video abuses', function () {
		82	const path = '/api/v1/videos/abuse'
		83
		84	it('Should fail with a bad start pagination', function (done) {
		85	request(server.url)
		86	.get(path)
		87	.query({ start: 'hello' })
		88	.set('Authorization', 'Bearer ' + server.accessToken)
		89	.set('Accept', 'application/json')
		90	.expect(400, done)
		91	})
		92
		93	it('Should fail with a bad count pagination', function (done) {
		94	request(server.url)
		95	.get(path)
		96	.query({ count: 'hello' })
		97	.set('Accept', 'application/json')
		98	.set('Authorization', 'Bearer ' + server.accessToken)
		99	.expect(400, done)
		100	})
		101
		102	it('Should fail with an incorrect sort', function (done) {
		103	request(server.url)
		104	.get(path)
		105	.query({ sort: 'hello' })
		106	.set('Accept', 'application/json')
		107	.set('Authorization', 'Bearer ' + server.accessToken)
		108	.expect(400, done)
		109	})
		110
		111	it('Should fail with a non authenticated user', function (done) {
		112	request(server.url)
		113	.get(path)
		114	.query({ sort: 'hello' })
		115	.set('Accept', 'application/json')
		116	.expect(401, done)
		117	})
		118
		119	it('Should fail with a non admin user', function (done) {
		120	request(server.url)
		121	.get(path)
		122	.query({ sort: 'hello' })
		123	.set('Accept', 'application/json')
		124	.set('Authorization', 'Bearer ' + userAccessToken)
		125	.expect(403, done)
		126	})
		127	})
		128
		129	describe('When reporting a video abuse', function () {
		130	const basePath = '/api/v1/videos/'
		131
		132	it('Should fail with nothing', function (done) {
		133	const path = basePath + server.video + '/abuse'
		134	const data = {}
		135	requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
		136	})
		137
		138	it('Should fail with a wrong video', function (done) {
		139	const wrongPath = '/api/v1/videos/blabla/abuse'
		140	const data = {}
		141	requestsUtils.makePostBodyRequest(server.url, wrongPath, server.accessToken, data, done)
		142	})
		143
		144	it('Should fail with a non authenticated user', function (done) {
		145	const data = {}
		146	const path = basePath + server.video + '/abuse'
		147	requestsUtils.makePostBodyRequest(server.url, path, 'hello', data, done, 401)
		148	})
		149
		150	it('Should fail with a reason too short', function (done) {
		151	const data = {
		152	reason: 'h'
		153	}
		154	const path = basePath + server.video + '/abuse'
		155	requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
		156	})
		157
		158	it('Should fail with a reason too big', function (done) {
		159	const data = {
		160	reason: '0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef' +
		161	'0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef' +
		162	'0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef' +
		163	'0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef'
		164	}
		165	const path = basePath + server.video + '/abuse'
		166	requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
		167	})
		168	})
		169
		170	after(function (done) {
		171	process.kill(-server.app.pid)
		172
		173	// Keep the logs if the test failed
		174	if (this.ok) {
		175	serversUtils.flushTests(done)
		176	} else {
		177	done()
		178	}
		179	})
		180	})