aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api/check-params.js
diff options
context:
space:
mode:
Diffstat (limited to 'server/tests/api/check-params.js')
-rw-r--r--server/tests/api/check-params.js746
1 files changed, 746 insertions, 0 deletions
diff --git a/server/tests/api/check-params.js b/server/tests/api/check-params.js
new file mode 100644
index 000000000..57b5ca024
--- /dev/null
+++ b/server/tests/api/check-params.js
@@ -0,0 +1,746 @@
1'use strict'
2
3const chai = require('chai')
4const expect = chai.expect
5const pathUtils = require('path')
6const request = require('supertest')
7const series = require('async/series')
8
9const loginUtils = require('../utils/login')
10const requestsUtils = require('../utils/requests')
11const serversUtils = require('../utils/servers')
12const usersUtils = require('../utils/users')
13
14describe('Test parameters validator', function () {
15 let server = null
16 let userAccessToken = null
17
18 // ---------------------------------------------------------------
19
20 before(function (done) {
21 this.timeout(20000)
22
23 series([
24 function (next) {
25 serversUtils.flushTests(next)
26 },
27 function (next) {
28 serversUtils.runServer(1, function (server1) {
29 server = server1
30
31 next()
32 })
33 },
34 function (next) {
35 loginUtils.loginAndGetAccessToken(server, function (err, token) {
36 if (err) throw err
37 server.accessToken = token
38
39 next()
40 })
41 }
42 ], done)
43 })
44
45 describe('Of the pods API', function () {
46 const path = '/api/v1/pods/'
47
48 describe('When making friends', function () {
49 let userAccessToken = null
50
51 before(function (done) {
52 usersUtils.createUser(server.url, server.accessToken, 'user1', 'password', function () {
53 server.user = {
54 username: 'user1',
55 password: 'password'
56 }
57
58 loginUtils.loginAndGetAccessToken(server, function (err, accessToken) {
59 if (err) throw err
60
61 userAccessToken = accessToken
62
63 done()
64 })
65 })
66 })
67
68 describe('When making friends', function () {
69 const body = {
70 urls: [ 'http://localhost:9002' ]
71 }
72
73 it('Should fail without urls', function (done) {
74 request(server.url)
75 .post(path + '/makefriends')
76 .set('Authorization', 'Bearer ' + server.accessToken)
77 .set('Accept', 'application/json')
78 .expect(400, done)
79 })
80
81 it('Should fail with urls is not an array', function (done) {
82 request(server.url)
83 .post(path + '/makefriends')
84 .send({ urls: 'http://localhost:9002' })
85 .set('Authorization', 'Bearer ' + server.accessToken)
86 .set('Accept', 'application/json')
87 .expect(400, done)
88 })
89
90 it('Should fail if the array is not composed by urls', function (done) {
91 request(server.url)
92 .post(path + '/makefriends')
93 .send({ urls: [ 'http://localhost:9002', 'localhost:coucou' ] })
94 .set('Authorization', 'Bearer ' + server.accessToken)
95 .set('Accept', 'application/json')
96 .expect(400, done)
97 })
98
99 it('Should fail if urls are not unique', function (done) {
100 request(server.url)
101 .post(path + '/makefriends')
102 .send({ urls: [ 'http://localhost:9002', 'http://localhost:9002' ] })
103 .set('Authorization', 'Bearer ' + server.accessToken)
104 .set('Accept', 'application/json')
105 .expect(400, done)
106 })
107
108 it('Should fail with a invalid token', function (done) {
109 request(server.url)
110 .post(path + '/makefriends')
111 .send(body)
112 .set('Authorization', 'Bearer faketoken')
113 .set('Accept', 'application/json')
114 .expect(401, done)
115 })
116
117 it('Should fail if the user is not an administrator', function (done) {
118 request(server.url)
119 .post(path + '/makefriends')
120 .send(body)
121 .set('Authorization', 'Bearer ' + userAccessToken)
122 .set('Accept', 'application/json')
123 .expect(403, done)
124 })
125 })
126
127 describe('When quitting friends', function () {
128 it('Should fail with a invalid token', function (done) {
129 request(server.url)
130 .get(path + '/quitfriends')
131 .query({ start: 'hello' })
132 .set('Authorization', 'Bearer faketoken')
133 .set('Accept', 'application/json')
134 .expect(401, done)
135 })
136
137 it('Should fail if the user is not an administrator', function (done) {
138 request(server.url)
139 .get(path + '/quitfriends')
140 .query({ start: 'hello' })
141 .set('Authorization', 'Bearer ' + userAccessToken)
142 .set('Accept', 'application/json')
143 .expect(403, done)
144 })
145 })
146 })
147
148 describe('When adding a pod', function () {
149 it('Should fail with nothing', function (done) {
150 const data = {}
151 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
152 })
153
154 it('Should fail without public key', function (done) {
155 const data = {
156 url: 'http://coucou.com'
157 }
158 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
159 })
160
161 it('Should fail without an url', function (done) {
162 const data = {
163 publicKey: 'mysuperpublickey'
164 }
165 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
166 })
167
168 it('Should fail with an incorrect url', function (done) {
169 const data = {
170 url: 'coucou.com',
171 publicKey: 'mysuperpublickey'
172 }
173 requestsUtils.makePostBodyRequest(server.url, path, null, data, function () {
174 data.url = 'http://coucou'
175 requestsUtils.makePostBodyRequest(server.url, path, null, data, function () {
176 data.url = 'coucou'
177 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
178 })
179 })
180 })
181
182 it('Should succeed with the correct parameters', function (done) {
183 const data = {
184 url: 'http://coucou.com',
185 publicKey: 'mysuperpublickey'
186 }
187 requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 200)
188 })
189 })
190 })
191
192 describe('Of the videos API', function () {
193 const path = '/api/v1/videos/'
194
195 describe('When listing a video', function () {
196 it('Should fail with a bad start pagination', function (done) {
197 request(server.url)
198 .get(path)
199 .query({ start: 'hello' })
200 .set('Accept', 'application/json')
201 .expect(400, done)
202 })
203
204 it('Should fail with a bad count pagination', function (done) {
205 request(server.url)
206 .get(path)
207 .query({ count: 'hello' })
208 .set('Accept', 'application/json')
209 .expect(400, done)
210 })
211
212 it('Should fail with an incorrect sort', function (done) {
213 request(server.url)
214 .get(path)
215 .query({ sort: 'hello' })
216 .set('Accept', 'application/json')
217 .expect(400, done)
218 })
219 })
220
221 describe('When searching a video', function () {
222 it('Should fail with nothing', function (done) {
223 request(server.url)
224 .get(pathUtils.join(path, 'search'))
225 .set('Accept', 'application/json')
226 .expect(400, done)
227 })
228
229 it('Should fail with a bad start pagination', function (done) {
230 request(server.url)
231 .get(pathUtils.join(path, 'search', 'test'))
232 .query({ start: 'hello' })
233 .set('Accept', 'application/json')
234 .expect(400, done)
235 })
236
237 it('Should fail with a bad count pagination', function (done) {
238 request(server.url)
239 .get(pathUtils.join(path, 'search', 'test'))
240 .query({ count: 'hello' })
241 .set('Accept', 'application/json')
242 .expect(400, done)
243 })
244
245 it('Should fail with an incorrect sort', function (done) {
246 request(server.url)
247 .get(pathUtils.join(path, 'search', 'test'))
248 .query({ sort: 'hello' })
249 .set('Accept', 'application/json')
250 .expect(400, done)
251 })
252 })
253
254 describe('When adding a video', function () {
255 it('Should fail with nothing', function (done) {
256 const data = {}
257 const attach = {}
258 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
259 })
260
261 it('Should fail without name', function (done) {
262 const data = {
263 description: 'my super description',
264 tags: [ 'tag1', 'tag2' ]
265 }
266 const attach = {
267 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
268 }
269 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
270 })
271
272 it('Should fail with a long name', function (done) {
273 const data = {
274 name: 'My very very very very very very very very very very very very very very very very long name',
275 description: 'my super description',
276 tags: [ 'tag1', 'tag2' ]
277 }
278 const attach = {
279 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
280 }
281 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
282 })
283
284 it('Should fail without description', function (done) {
285 const data = {
286 name: 'my super name',
287 tags: [ 'tag1', 'tag2' ]
288 }
289 const attach = {
290 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
291 }
292 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
293 })
294
295 it('Should fail with a long description', function (done) {
296 const data = {
297 name: 'my super name',
298 description: 'my super description which is very very very very very very very very very very very very very very' +
299 'very very very very very very very very very very very very very very very very very very very very very' +
300 'very very very very very very very very very very very very very very very long',
301 tags: [ 'tag1', 'tag2' ]
302 }
303 const attach = {
304 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
305 }
306 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
307 })
308
309 it('Should fail without tags', function (done) {
310 const data = {
311 name: 'my super name',
312 description: 'my super description'
313 }
314 const attach = {
315 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
316 }
317 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
318 })
319
320 it('Should fail with too many tags', function (done) {
321 const data = {
322 name: 'my super name',
323 description: 'my super description',
324 tags: [ 'tag1', 'tag2', 'tag3', 'tag4' ]
325 }
326 const attach = {
327 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
328 }
329 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
330 })
331
332 it('Should fail with not enough tags', function (done) {
333 const data = {
334 name: 'my super name',
335 description: 'my super description',
336 tags: [ ]
337 }
338 const attach = {
339 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
340 }
341 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
342 })
343
344 it('Should fail with a tag length too low', function (done) {
345 const data = {
346 name: 'my super name',
347 description: 'my super description',
348 tags: [ 'tag1', 't' ]
349 }
350 const attach = {
351 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
352 }
353 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
354 })
355
356 it('Should fail with a tag length too big', function (done) {
357 const data = {
358 name: 'my super name',
359 description: 'my super description',
360 tags: [ 'mysupertagtoolong', 'tag1' ]
361 }
362 const attach = {
363 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
364 }
365 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
366 })
367
368 it('Should fail with malformed tags', function (done) {
369 const data = {
370 name: 'my super name',
371 description: 'my super description',
372 tags: [ 'my tag' ]
373 }
374 const attach = {
375 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
376 }
377 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
378 })
379
380 it('Should fail without an input file', function (done) {
381 const data = {
382 name: 'my super name',
383 description: 'my super description',
384 tags: [ 'tag1', 'tag2' ]
385 }
386 const attach = {}
387 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
388 })
389
390 it('Should fail without an incorrect input file', function (done) {
391 const data = {
392 name: 'my super name',
393 description: 'my super description',
394 tags: [ 'tag1', 'tag2' ]
395 }
396 const attach = {
397 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short_fake.webm')
398 }
399 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
400 })
401
402 it('Should fail with a too big duration', function (done) {
403 const data = {
404 name: 'my super name',
405 description: 'my super description',
406 tags: [ 'tag1', 'tag2' ]
407 }
408 const attach = {
409 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_too_long.webm')
410 }
411 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
412 })
413
414 it('Should succeed with the correct parameters', function (done) {
415 const data = {
416 name: 'my super name',
417 description: 'my super description',
418 tags: [ 'tag1', 'tag2' ]
419 }
420 const attach = {
421 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
422 }
423 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, function () {
424 attach.videofile = pathUtils.join(__dirname, 'fixtures', 'video_short.mp4')
425 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, function () {
426 attach.videofile = pathUtils.join(__dirname, 'fixtures', 'video_short.ogv')
427 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done, 204)
428 }, false)
429 }, false)
430 })
431 })
432
433 describe('When getting a video', function () {
434 it('Should return the list of the videos with nothing', function (done) {
435 request(server.url)
436 .get(path)
437 .set('Accept', 'application/json')
438 .expect(200)
439 .expect('Content-Type', /json/)
440 .end(function (err, res) {
441 if (err) throw err
442
443 expect(res.body.data).to.be.an('array')
444 expect(res.body.data.length).to.equal(3)
445
446 done()
447 })
448 })
449
450 it('Should fail without a mongodb id', function (done) {
451 request(server.url)
452 .get(path + 'coucou')
453 .set('Accept', 'application/json')
454 .expect(400, done)
455 })
456
457 it('Should return 404 with an incorrect video', function (done) {
458 request(server.url)
459 .get(path + '123456789012345678901234')
460 .set('Accept', 'application/json')
461 .expect(404, done)
462 })
463
464 it('Should succeed with the correct parameters')
465 })
466
467 describe('When removing a video', function () {
468 it('Should have 404 with nothing', function (done) {
469 request(server.url)
470 .delete(path)
471 .set('Authorization', 'Bearer ' + server.accessToken)
472 .expect(400, done)
473 })
474
475 it('Should fail without a mongodb id', function (done) {
476 request(server.url)
477 .delete(path + 'hello')
478 .set('Authorization', 'Bearer ' + server.accessToken)
479 .expect(400, done)
480 })
481
482 it('Should fail with a video which does not exist', function (done) {
483 request(server.url)
484 .delete(path + '123456789012345678901234')
485 .set('Authorization', 'Bearer ' + server.accessToken)
486 .expect(404, done)
487 })
488
489 it('Should fail with a video of another user')
490
491 it('Should fail with a video of another pod')
492
493 it('Should succeed with the correct parameters')
494 })
495 })
496
497 describe('Of the users API', function () {
498 const path = '/api/v1/users/'
499 let userId = null
500
501 describe('When listing users', function () {
502 it('Should fail with a bad start pagination', function (done) {
503 request(server.url)
504 .get(path)
505 .query({ start: 'hello' })
506 .set('Accept', 'application/json')
507 .expect(400, done)
508 })
509
510 it('Should fail with a bad count pagination', function (done) {
511 request(server.url)
512 .get(path)
513 .query({ count: 'hello' })
514 .set('Accept', 'application/json')
515 .expect(400, done)
516 })
517
518 it('Should fail with an incorrect sort', function (done) {
519 request(server.url)
520 .get(path)
521 .query({ sort: 'hello' })
522 .set('Accept', 'application/json')
523 .expect(400, done)
524 })
525 })
526
527 describe('When adding a new user', function () {
528 it('Should fail with a too small username', function (done) {
529 const data = {
530 username: 'ji',
531 password: 'mysuperpassword'
532 }
533
534 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
535 })
536
537 it('Should fail with a too long username', function (done) {
538 const data = {
539 username: 'mysuperusernamewhichisverylong',
540 password: 'mysuperpassword'
541 }
542
543 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
544 })
545
546 it('Should fail with an incorrect username', function (done) {
547 const data = {
548 username: 'my username',
549 password: 'mysuperpassword'
550 }
551
552 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
553 })
554
555 it('Should fail with a too small password', function (done) {
556 const data = {
557 username: 'myusername',
558 password: 'bla'
559 }
560
561 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
562 })
563
564 it('Should fail with a too long password', function (done) {
565 const data = {
566 username: 'myusername',
567 password: 'my super long password which is very very very very very very very very very very very very very very' +
568 'very very very very very very very very very very very very very very very veryv very very very very' +
569 'very very very very very very very very very very very very very very very very very very very very long'
570 }
571
572 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
573 })
574
575 it('Should fail with an non authenticated user', function (done) {
576 const data = {
577 username: 'myusername',
578 password: 'my super password'
579 }
580
581 requestsUtils.makePostBodyRequest(server.url, path, 'super token', data, done, 401)
582 })
583
584 it('Should fail if we add a user with the same username', function (done) {
585 const data = {
586 username: 'user1',
587 password: 'my super password'
588 }
589
590 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 409)
591 })
592
593 it('Should succeed with the correct params', function (done) {
594 const data = {
595 username: 'user2',
596 password: 'my super password'
597 }
598
599 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 204)
600 })
601
602 it('Should fail with a non admin user', function (done) {
603 server.user = {
604 username: 'user1',
605 password: 'password'
606 }
607
608 loginUtils.loginAndGetAccessToken(server, function (err, accessToken) {
609 if (err) throw err
610
611 userAccessToken = accessToken
612
613 const data = {
614 username: 'user3',
615 password: 'my super password'
616 }
617
618 requestsUtils.makePostBodyRequest(server.url, path, userAccessToken, data, done, 403)
619 })
620 })
621 })
622
623 describe('When updating a user', function () {
624 before(function (done) {
625 usersUtils.getUsersList(server.url, function (err, res) {
626 if (err) throw err
627
628 userId = res.body.data[1].id
629 done()
630 })
631 })
632
633 it('Should fail with a too small password', function (done) {
634 const data = {
635 password: 'bla'
636 }
637
638 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
639 })
640
641 it('Should fail with a too long password', function (done) {
642 const data = {
643 password: 'my super long password which is very very very very very very very very very very very very very very' +
644 'very very very very very very very very very very very very very very very veryv very very very very' +
645 'very very very very very very very very very very very very very very very very very very very very long'
646 }
647
648 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
649 })
650
651 it('Should fail with an non authenticated user', function (done) {
652 const data = {
653 password: 'my super password'
654 }
655
656 requestsUtils.makePutBodyRequest(server.url, path + userId, 'super token', data, done, 401)
657 })
658
659 it('Should succeed with the correct params', function (done) {
660 const data = {
661 password: 'my super password'
662 }
663
664 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204)
665 })
666 })
667
668 describe('When getting my information', function () {
669 it('Should fail with a non authenticated user', function (done) {
670 request(server.url)
671 .get(path + 'me')
672 .set('Authorization', 'Bearer faketoken')
673 .set('Accept', 'application/json')
674 .expect(401, done)
675 })
676
677 it('Should success with the correct parameters', function (done) {
678 request(server.url)
679 .get(path + 'me')
680 .set('Authorization', 'Bearer ' + userAccessToken)
681 .set('Accept', 'application/json')
682 .expect(200, done)
683 })
684 })
685
686 describe('When removing an user', function () {
687 it('Should fail with an incorrect id', function (done) {
688 request(server.url)
689 .delete(path + 'bla-bla')
690 .set('Authorization', 'Bearer ' + server.accessToken)
691 .expect(400, done)
692 })
693
694 it('Should return 404 with a non existing id', function (done) {
695 request(server.url)
696 .delete(path + '579f982228c99c221d8092b8')
697 .set('Authorization', 'Bearer ' + server.accessToken)
698 .expect(404, done)
699 })
700 })
701 })
702
703 describe('Of the remote videos API', function () {
704 describe('When making a secure request', function () {
705 it('Should check a secure request')
706 })
707
708 describe('When adding a video', function () {
709 it('Should check when adding a video')
710 })
711
712 describe('When removing a video', function () {
713 it('Should check when removing a video')
714 })
715 })
716
717 describe('Of the requests API', function () {
718 const path = '/api/v1/requests/stats'
719
720 it('Should fail with an non authenticated user', function (done) {
721 request(server.url)
722 .get(path)
723 .set('Accept', 'application/json')
724 .expect(401, done)
725 })
726
727 it('Should fail with a non admin user', function (done) {
728 request(server.url)
729 .get(path)
730 .set('Authorization', 'Bearer ' + userAccessToken)
731 .set('Accept', 'application/json')
732 .expect(403, done)
733 })
734 })
735
736 after(function (done) {
737 process.kill(-server.app.pid)
738
739 // Keep the logs if the test failed
740 if (this.ok) {
741 serversUtils.flushTests(done)
742 } else {
743 done()
744 }
745 })
746})