1 files changed, 86 insertions, 0 deletions
diff --git a/packages/tests/src/api/check-params/bulk.ts b/packages/tests/src/api/check-params/bulk.ts
new file mode 100644
index 000000000..def0c38eb
--- /dev/null
+++ b/packages/tests/src/api/check-params/bulk.ts
@@ -0,0 +1,86 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+import { HttpStatusCode } from '@peertube/peertube-models'
+import {
+  cleanupTests,
+  createSingleServer,
+  makePostBodyRequest,
+  PeerTubeServer,
+  setAccessTokensToServers
+} from '@peertube/peertube-server-commands'
+describe('Test bulk API validators', function () {
+  let server: PeerTubeServer
+  let userAccessToken: string
+  // ---------------------------------------------------------------
+  before(async function () {
+    this.timeout(120000)
+    server = await createSingleServer(1)
+    await setAccessTokensToServers([ server ])
+    const user = { username: 'user1', password: 'password' }
+    await server.users.create({ username: user.username, password: user.password })
+    userAccessToken = await server.login.getAccessToken(user)
+  })
+  describe('When removing comments of', function () {
+    const path = '/api/v1/bulk/remove-comments-of'
+    it('Should fail with an unauthenticated user', async function () {
+      await makePostBodyRequest({
+        url: server.url,
+        path,
+        fields: { accountName: 'user1', scope: 'my-videos' },
+        expectedStatus: HttpStatusCode.UNAUTHORIZED_401
+      })
+    })
+    it('Should fail with an unknown account', async function () {
+      await makePostBodyRequest({
+        url: server.url,
+        token: server.accessToken,
+        path,
+        fields: { accountName: 'user2', scope: 'my-videos' },
+        expectedStatus: HttpStatusCode.NOT_FOUND_404
+      })
+    })
+    it('Should fail with an invalid scope', async function () {
+      await makePostBodyRequest({
+        url: server.url,
+        token: server.accessToken,
+        path,
+        fields: { accountName: 'user1', scope: 'my-videoss' },
+        expectedStatus: HttpStatusCode.BAD_REQUEST_400
+      })
+    })
+    it('Should fail to delete comments of the instance without the appropriate rights', async function () {
+      await makePostBodyRequest({
+        url: server.url,
+        token: userAccessToken,
+        path,
+        fields: { accountName: 'user1', scope: 'instance' },
+        expectedStatus: HttpStatusCode.FORBIDDEN_403
+      })
+    })
+    it('Should succeed with the correct params', async function () {
+      await makePostBodyRequest({
+        url: server.url,
+        token: server.accessToken,
+        path,
+        fields: { accountName: 'user1', scope: 'instance' },
+        expectedStatus: HttpStatusCode.NO_CONTENT_204
+      })
+    })
+  })
+  after(async function () {
+    await cleanupTests([ server ])
+  })
+})

diff --git a/packages/tests/src/api/check-params/bulk.ts b/packages/tests/src/api/check-params/bulk.ts new file mode 100644 index 000000000..def0c38eb --- /dev/null +++ b/packages/tests/src/api/check-params/bulk.ts
@@ -0,0 +1,86 @@
	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import { HttpStatusCode } from '@peertube/peertube-models'
	4	import {
	5	cleanupTests,
	6	createSingleServer,
	7	makePostBodyRequest,
	8	PeerTubeServer,
	9	setAccessTokensToServers
	10	} from '@peertube/peertube-server-commands'
	11
	12	describe('Test bulk API validators', function () {
	13	let server: PeerTubeServer
	14	let userAccessToken: string
	15
	16	// ---------------------------------------------------------------
	17
	18	before(async function () {
	19	this.timeout(120000)
	20
	21	server = await createSingleServer(1)
	22	await setAccessTokensToServers([ server ])
	23
	24	const user = { username: 'user1', password: 'password' }
	25	await server.users.create({ username: user.username, password: user.password })
	26
	27	userAccessToken = await server.login.getAccessToken(user)
	28	})
	29
	30	describe('When removing comments of', function () {
	31	const path = '/api/v1/bulk/remove-comments-of'
	32
	33	it('Should fail with an unauthenticated user', async function () {
	34	await makePostBodyRequest({
	35	url: server.url,
	36	path,
	37	fields: { accountName: 'user1', scope: 'my-videos' },
	38	expectedStatus: HttpStatusCode.UNAUTHORIZED_401
	39	})
	40	})
	41
	42	it('Should fail with an unknown account', async function () {
	43	await makePostBodyRequest({
	44	url: server.url,
	45	token: server.accessToken,
	46	path,
	47	fields: { accountName: 'user2', scope: 'my-videos' },
	48	expectedStatus: HttpStatusCode.NOT_FOUND_404
	49	})
	50	})
	51
	52	it('Should fail with an invalid scope', async function () {
	53	await makePostBodyRequest({
	54	url: server.url,
	55	token: server.accessToken,
	56	path,
	57	fields: { accountName: 'user1', scope: 'my-videoss' },
	58	expectedStatus: HttpStatusCode.BAD_REQUEST_400
	59	})
	60	})
	61
	62	it('Should fail to delete comments of the instance without the appropriate rights', async function () {
	63	await makePostBodyRequest({
	64	url: server.url,
	65	token: userAccessToken,
	66	path,
	67	fields: { accountName: 'user1', scope: 'instance' },
	68	expectedStatus: HttpStatusCode.FORBIDDEN_403
	69	})
	70	})
	71
	72	it('Should succeed with the correct params', async function () {
	73	await makePostBodyRequest({
	74	url: server.url,
	75	token: server.accessToken,
	76	path,
	77	fields: { accountName: 'user1', scope: 'instance' },
	78	expectedStatus: HttpStatusCode.NO_CONTENT_204
	79	})
	80	})
	81	})
	82
	83	after(async function () {
	84	await cleanupTests([ server ])
	85	})
	86	})