aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api/check-params.js
diff options
context:
space:
mode:
Diffstat (limited to 'server/tests/api/check-params.js')
-rw-r--r--server/tests/api/check-params.js660
1 files changed, 660 insertions, 0 deletions
diff --git a/server/tests/api/check-params.js b/server/tests/api/check-params.js
new file mode 100644
index 000000000..882948fac
--- /dev/null
+++ b/server/tests/api/check-params.js
@@ -0,0 +1,660 @@
1'use strict'
2
3const chai = require('chai')
4const expect = chai.expect
5const pathUtils = require('path')
6const request = require('supertest')
7const series = require('async/series')
8
9const loginUtils = require('../utils/login')
10const requestsUtils = require('../utils/requests')
11const serversUtils = require('../utils/servers')
12const usersUtils = require('../utils/users')
13
14describe('Test parameters validator', function () {
15 let server = null
16
17 // ---------------------------------------------------------------
18
19 before(function (done) {
20 this.timeout(20000)
21
22 series([
23 function (next) {
24 serversUtils.flushTests(next)
25 },
26 function (next) {
27 serversUtils.runServer(1, function (server1) {
28 server = server1
29
30 next()
31 })
32 },
33 function (next) {
34 loginUtils.loginAndGetAccessToken(server, function (err, token) {
35 if (err) throw err
36 server.accessToken = token
37
38 next()
39 })
40 }
41 ], done)
42 })
43
44 describe('Of the pods API', function () {
45 const path = '/api/v1/pods/'
46
47 describe('When adding a pod', function () {
48 it('Should fail with nothing', function (done) {
49 const data = {}
50 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
51 })
52
53 it('Should fail without public key', function (done) {
54 const data = {
55 url: 'http://coucou.com'
56 }
57 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
58 })
59
60 it('Should fail without an url', function (done) {
61 const data = {
62 publicKey: 'mysuperpublickey'
63 }
64 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
65 })
66
67 it('Should fail with an incorrect url', function (done) {
68 const data = {
69 url: 'coucou.com',
70 publicKey: 'mysuperpublickey'
71 }
72 requestsUtils.makePostBodyRequest(server.url, path, null, data, function () {
73 data.url = 'http://coucou'
74 requestsUtils.makePostBodyRequest(server.url, path, null, data, function () {
75 data.url = 'coucou'
76 requestsUtils.makePostBodyRequest(server.url, path, null, data, done)
77 })
78 })
79 })
80
81 it('Should succeed with the correct parameters', function (done) {
82 const data = {
83 url: 'http://coucou.com',
84 publicKey: 'mysuperpublickey'
85 }
86 requestsUtils.makePostBodyRequest(server.url, path, null, data, done, 200)
87 })
88 })
89
90 describe('For the friends API', function () {
91 let userAccessToken = null
92
93 before(function (done) {
94 usersUtils.createUser(server.url, server.accessToken, 'user1', 'password', function () {
95 server.user = {
96 username: 'user1',
97 password: 'password'
98 }
99
100 loginUtils.loginAndGetAccessToken(server, function (err, accessToken) {
101 if (err) throw err
102
103 userAccessToken = accessToken
104
105 done()
106 })
107 })
108 })
109
110 describe('When making friends', function () {
111 it('Should fail with a invalid token', function (done) {
112 request(server.url)
113 .get(path + '/makefriends')
114 .query({ start: 'hello' })
115 .set('Authorization', 'Bearer faketoken')
116 .set('Accept', 'application/json')
117 .expect(401, done)
118 })
119
120 it('Should fail if the user is not an administrator', function (done) {
121 request(server.url)
122 .get(path + '/makefriends')
123 .query({ start: 'hello' })
124 .set('Authorization', 'Bearer ' + userAccessToken)
125 .set('Accept', 'application/json')
126 .expect(403, done)
127 })
128 })
129
130 describe('When quitting friends', function () {
131 it('Should fail with a invalid token', function (done) {
132 request(server.url)
133 .get(path + '/quitfriends')
134 .query({ start: 'hello' })
135 .set('Authorization', 'Bearer faketoken')
136 .set('Accept', 'application/json')
137 .expect(401, done)
138 })
139
140 it('Should fail if the user is not an administrator', function (done) {
141 request(server.url)
142 .get(path + '/quitfriends')
143 .query({ start: 'hello' })
144 .set('Authorization', 'Bearer ' + userAccessToken)
145 .set('Accept', 'application/json')
146 .expect(403, done)
147 })
148 })
149 })
150 })
151
152 describe('Of the videos API', function () {
153 const path = '/api/v1/videos/'
154
155 describe('When listing a video', function () {
156 it('Should fail with a bad start pagination', function (done) {
157 request(server.url)
158 .get(path)
159 .query({ start: 'hello' })
160 .set('Accept', 'application/json')
161 .expect(400, done)
162 })
163
164 it('Should fail with a bad count pagination', function (done) {
165 request(server.url)
166 .get(path)
167 .query({ count: 'hello' })
168 .set('Accept', 'application/json')
169 .expect(400, done)
170 })
171
172 it('Should fail with an incorrect sort', function (done) {
173 request(server.url)
174 .get(path)
175 .query({ sort: 'hello' })
176 .set('Accept', 'application/json')
177 .expect(400, done)
178 })
179 })
180
181 describe('When searching a video', function () {
182 it('Should fail with nothing', function (done) {
183 request(server.url)
184 .get(pathUtils.join(path, 'search'))
185 .set('Accept', 'application/json')
186 .expect(400, done)
187 })
188
189 it('Should fail with a bad start pagination', function (done) {
190 request(server.url)
191 .get(pathUtils.join(path, 'search', 'test'))
192 .query({ start: 'hello' })
193 .set('Accept', 'application/json')
194 .expect(400, done)
195 })
196
197 it('Should fail with a bad count pagination', function (done) {
198 request(server.url)
199 .get(pathUtils.join(path, 'search', 'test'))
200 .query({ count: 'hello' })
201 .set('Accept', 'application/json')
202 .expect(400, done)
203 })
204
205 it('Should fail with an incorrect sort', function (done) {
206 request(server.url)
207 .get(pathUtils.join(path, 'search', 'test'))
208 .query({ sort: 'hello' })
209 .set('Accept', 'application/json')
210 .expect(400, done)
211 })
212 })
213
214 describe('When adding a video', function () {
215 it('Should fail with nothing', function (done) {
216 const data = {}
217 const attach = {}
218 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
219 })
220
221 it('Should fail without name', function (done) {
222 const data = {
223 description: 'my super description',
224 tags: [ 'tag1', 'tag2' ]
225 }
226 const attach = {
227 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
228 }
229 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
230 })
231
232 it('Should fail with a long name', function (done) {
233 const data = {
234 name: 'My very very very very very very very very very very very very very very very very long name',
235 description: 'my super description',
236 tags: [ 'tag1', 'tag2' ]
237 }
238 const attach = {
239 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
240 }
241 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
242 })
243
244 it('Should fail without description', function (done) {
245 const data = {
246 name: 'my super name',
247 tags: [ 'tag1', 'tag2' ]
248 }
249 const attach = {
250 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
251 }
252 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
253 })
254
255 it('Should fail with a long description', function (done) {
256 const data = {
257 name: 'my super name',
258 description: 'my super description which is very very very very very very very very very very very very very very' +
259 'very very very very very very very very very very very very very very very very very very very very very' +
260 'very very very very very very very very very very very very very very very long',
261 tags: [ 'tag1', 'tag2' ]
262 }
263 const attach = {
264 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
265 }
266 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
267 })
268
269 it('Should fail without tags', function (done) {
270 const data = {
271 name: 'my super name',
272 description: 'my super description'
273 }
274 const attach = {
275 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
276 }
277 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
278 })
279
280 it('Should fail with too many tags', function (done) {
281 const data = {
282 name: 'my super name',
283 description: 'my super description',
284 tags: [ 'tag1', 'tag2', 'tag3', 'tag4' ]
285 }
286 const attach = {
287 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
288 }
289 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
290 })
291
292 it('Should fail with not enough tags', function (done) {
293 const data = {
294 name: 'my super name',
295 description: 'my super description',
296 tags: [ ]
297 }
298 const attach = {
299 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
300 }
301 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
302 })
303
304 it('Should fail with a tag length too low', function (done) {
305 const data = {
306 name: 'my super name',
307 description: 'my super description',
308 tags: [ 'tag1', 't' ]
309 }
310 const attach = {
311 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
312 }
313 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
314 })
315
316 it('Should fail with a tag length too big', function (done) {
317 const data = {
318 name: 'my super name',
319 description: 'my super description',
320 tags: [ 'mysupertagtoolong', 'tag1' ]
321 }
322 const attach = {
323 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
324 }
325 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
326 })
327
328 it('Should fail with malformed tags', function (done) {
329 const data = {
330 name: 'my super name',
331 description: 'my super description',
332 tags: [ 'my tag' ]
333 }
334 const attach = {
335 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
336 }
337 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
338 })
339
340 it('Should fail without an input file', function (done) {
341 const data = {
342 name: 'my super name',
343 description: 'my super description',
344 tags: [ 'tag1', 'tag2' ]
345 }
346 const attach = {}
347 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
348 })
349
350 it('Should fail without an incorrect input file', function (done) {
351 const data = {
352 name: 'my super name',
353 description: 'my super description',
354 tags: [ 'tag1', 'tag2' ]
355 }
356 const attach = {
357 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short_fake.webm')
358 }
359 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
360 })
361
362 it('Should fail with a too big duration', function (done) {
363 const data = {
364 name: 'my super name',
365 description: 'my super description',
366 tags: [ 'tag1', 'tag2' ]
367 }
368 const attach = {
369 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_too_long.webm')
370 }
371 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done)
372 })
373
374 it('Should succeed with the correct parameters', function (done) {
375 const data = {
376 name: 'my super name',
377 description: 'my super description',
378 tags: [ 'tag1', 'tag2' ]
379 }
380 const attach = {
381 'videofile': pathUtils.join(__dirname, 'fixtures', 'video_short.webm')
382 }
383 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, function () {
384 attach.videofile = pathUtils.join(__dirname, 'fixtures', 'video_short.mp4')
385 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, function () {
386 attach.videofile = pathUtils.join(__dirname, 'fixtures', 'video_short.ogv')
387 requestsUtils.makePostUploadRequest(server.url, path, server.accessToken, data, attach, done, 204)
388 }, false)
389 }, false)
390 })
391 })
392
393 describe('When getting a video', function () {
394 it('Should return the list of the videos with nothing', function (done) {
395 request(server.url)
396 .get(path)
397 .set('Accept', 'application/json')
398 .expect(200)
399 .expect('Content-Type', /json/)
400 .end(function (err, res) {
401 if (err) throw err
402
403 expect(res.body.data).to.be.an('array')
404 expect(res.body.data.length).to.equal(3)
405
406 done()
407 })
408 })
409
410 it('Should fail without a mongodb id', function (done) {
411 request(server.url)
412 .get(path + 'coucou')
413 .set('Accept', 'application/json')
414 .expect(400, done)
415 })
416
417 it('Should return 404 with an incorrect video', function (done) {
418 request(server.url)
419 .get(path + '123456789012345678901234')
420 .set('Accept', 'application/json')
421 .expect(404, done)
422 })
423
424 it('Should succeed with the correct parameters')
425 })
426
427 describe('When removing a video', function () {
428 it('Should have 404 with nothing', function (done) {
429 request(server.url)
430 .delete(path)
431 .set('Authorization', 'Bearer ' + server.accessToken)
432 .expect(400, done)
433 })
434
435 it('Should fail without a mongodb id', function (done) {
436 request(server.url)
437 .delete(path + 'hello')
438 .set('Authorization', 'Bearer ' + server.accessToken)
439 .expect(400, done)
440 })
441
442 it('Should fail with a video which does not exist', function (done) {
443 request(server.url)
444 .delete(path + '123456789012345678901234')
445 .set('Authorization', 'Bearer ' + server.accessToken)
446 .expect(404, done)
447 })
448
449 it('Should fail with a video of another user')
450
451 it('Should fail with a video of another pod')
452
453 it('Should succeed with the correct parameters')
454 })
455 })
456
457 describe('Of the users API', function () {
458 const path = '/api/v1/users/'
459 let userId = null
460 let userAccessToken = null
461
462 describe('When adding a new user', function () {
463 it('Should fail with a too small username', function (done) {
464 const data = {
465 username: 'ji',
466 password: 'mysuperpassword'
467 }
468
469 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
470 })
471
472 it('Should fail with a too long username', function (done) {
473 const data = {
474 username: 'mysuperusernamewhichisverylong',
475 password: 'mysuperpassword'
476 }
477
478 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
479 })
480
481 it('Should fail with an incorrect username', function (done) {
482 const data = {
483 username: 'my username',
484 password: 'mysuperpassword'
485 }
486
487 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
488 })
489
490 it('Should fail with a too small password', function (done) {
491 const data = {
492 username: 'myusername',
493 password: 'bla'
494 }
495
496 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
497 })
498
499 it('Should fail with a too long password', function (done) {
500 const data = {
501 username: 'myusername',
502 password: 'my super long password which is very very very very very very very very very very very very very very' +
503 'very very very very very very very very very very very very very very very veryv very very very very' +
504 'very very very very very very very very very very very very very very very very very very very very long'
505 }
506
507 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
508 })
509
510 it('Should fail with an non authenticated user', function (done) {
511 const data = {
512 username: 'myusername',
513 password: 'my super password'
514 }
515
516 requestsUtils.makePostBodyRequest(server.url, path, 'super token', data, done, 401)
517 })
518
519 it('Should succeed with the correct params', function (done) {
520 const data = {
521 username: 'user1',
522 password: 'my super password'
523 }
524
525 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 204)
526 })
527
528 it('Should fail with a non admin user', function (done) {
529 server.user = {
530 username: 'user1',
531 password: 'my super password'
532 }
533
534 loginUtils.loginAndGetAccessToken(server, function (err, accessToken) {
535 if (err) throw err
536
537 userAccessToken = accessToken
538
539 const data = {
540 username: 'user2',
541 password: 'my super password'
542 }
543
544 requestsUtils.makePostBodyRequest(server.url, path, userAccessToken, data, done, 403)
545 })
546 })
547 })
548
549 describe('When updating a user', function () {
550 before(function (done) {
551 usersUtils.getUsersList(server.url, function (err, res) {
552 if (err) throw err
553
554 userId = res.body.data[1].id
555 done()
556 })
557 })
558
559 it('Should fail with a too small password', function (done) {
560 const data = {
561 password: 'bla'
562 }
563
564 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
565 })
566
567 it('Should fail with a too long password', function (done) {
568 const data = {
569 password: 'my super long password which is very very very very very very very very very very very very very very' +
570 'very very very very very very very very very very very very very very very veryv very very very very' +
571 'very very very very very very very very very very very very very very very very very very very very long'
572 }
573
574 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
575 })
576
577 it('Should fail with an non authenticated user', function (done) {
578 const data = {
579 password: 'my super password'
580 }
581
582 requestsUtils.makePutBodyRequest(server.url, path + userId, 'super token', data, done, 401)
583 })
584
585 it('Should succeed with the correct params', function (done) {
586 const data = {
587 password: 'my super password'
588 }
589
590 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204)
591 })
592 })
593
594 describe('When getting my information', function () {
595 it('Should fail with a non authenticated user', function (done) {
596 request(server.url)
597 .get(path + 'me')
598 .set('Authorization', 'Bearer faketoken')
599 .set('Accept', 'application/json')
600 .expect(401, done)
601 })
602
603 it('Should success with the correct parameters', function (done) {
604 request(server.url)
605 .get(path + 'me')
606 .set('Authorization', 'Bearer ' + userAccessToken)
607 .set('Accept', 'application/json')
608 .expect(200, done)
609 })
610 })
611
612 describe('When removing an user', function () {
613 it('Should fail with an incorrect id', function (done) {
614 request(server.url)
615 .delete(path + 'bla-bla')
616 .set('Authorization', 'Bearer ' + server.accessToken)
617 .expect(400, done)
618 })
619
620 it('Should return 404 with a non existing id', function (done) {
621 request(server.url)
622 .delete(path + '579f982228c99c221d8092b8')
623 .set('Authorization', 'Bearer ' + server.accessToken)
624 .expect(404, done)
625 })
626
627 it('Should success with the correct parameters', function (done) {
628 request(server.url)
629 .delete(path + userId)
630 .set('Authorization', 'Bearer ' + server.accessToken)
631 .expect(204, done)
632 })
633 })
634 })
635
636 describe('Of the remote videos API', function () {
637 describe('When making a secure request', function () {
638 it('Should check a secure request')
639 })
640
641 describe('When adding a video', function () {
642 it('Should check when adding a video')
643 })
644
645 describe('When removing a video', function () {
646 it('Should check when removing a video')
647 })
648 })
649
650 after(function (done) {
651 process.kill(-server.app.pid)
652
653 // Keep the logs if the test failed
654 if (this.ok) {
655 serversUtils.flushTests(done)
656 } else {
657 done()
658 }
659 })
660})