1 files changed, 271 insertions, 0 deletions
diff --git a/server/tests/api/check-params/abuses.ts b/server/tests/api/check-params/abuses.ts
new file mode 100644
index 000000000..ba7c0833f
--- /dev/null
+++ b/server/tests/api/check-params/abuses.ts
@@ -0,0 +1,271 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+import 'mocha'
+import { AbuseCreate, AbuseState } from '@shared/models'
+import {
+  cleanupTests,
+  createUser,
+  deleteAbuse,
+  flushAndRunServer,
+  makeGetRequest,
+  makePostBodyRequest,
+  ServerInfo,
+  setAccessTokensToServers,
+  updateAbuse,
+  uploadVideo,
+  userLogin
+} from '../../../../shared/extra-utils'
+import {
+  checkBadCountPagination,
+  checkBadSortPagination,
+  checkBadStartPagination
+} from '../../../../shared/extra-utils/requests/check-api-params'
+// FIXME: deprecated in 2.3. Remove this controller
+describe('Test video abuses API validators', function () {
+  const basePath = '/api/v1/abuses/'
+  let server: ServerInfo
+  let userAccessToken = ''
+  let abuseId: number
+  // ---------------------------------------------------------------
+  before(async function () {
+    this.timeout(30000)
+    server = await flushAndRunServer(1)
+    await setAccessTokensToServers([ server ])
+    const username = 'user1'
+    const password = 'my super password'
+    await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
+    userAccessToken = await userLogin(server, { username, password })
+    const res = await uploadVideo(server.url, server.accessToken, {})
+    server.video = res.body.video
+  })
+  describe('When listing abuses', function () {
+    const path = basePath
+    it('Should fail with a bad start pagination', async function () {
+      await checkBadStartPagination(server.url, path, server.accessToken)
+    })
+    it('Should fail with a bad count pagination', async function () {
+      await checkBadCountPagination(server.url, path, server.accessToken)
+    })
+    it('Should fail with an incorrect sort', async function () {
+      await checkBadSortPagination(server.url, path, server.accessToken)
+    })
+    it('Should fail with a non authenticated user', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path,
+        statusCodeExpected: 401
+      })
+    })
+    it('Should fail with a non admin user', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path,
+        token: userAccessToken,
+        statusCodeExpected: 403
+      })
+    })
+    it('Should fail with a bad id filter', async function () {
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
+    })
+    it('Should fail with a bad filter', async function () {
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
+    })
+    it('Should fail with bad predefined reason', async function () {
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
+    })
+    it('Should fail with a bad state filter', async function () {
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
+    })
+    it('Should fail with a bad videoIs filter', async function () {
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
+    })
+    it('Should succeed with the correct params', async function () {
+      const query = {
+        id: 13,
+        predefinedReason: 'violentOrRepulsive',
+        filter: 'comment',
+        state: 2,
+        videoIs: 'deleted'
+      }
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: 200 })
+    })
+  })
+  describe('When reporting an abuse', function () {
+    const path = basePath
+    it('Should fail with nothing', async function () {
+      const fields = {}
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should fail with a wrong video', async function () {
+      const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
+    })
+    it('Should fail with an unknown video', async function () {
+      const fields = { video: { id: 42 }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
+    })
+    it('Should fail with a wrong comment', async function () {
+      const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
+    })
+    it('Should fail with an unknown comment', async function () {
+      const fields = { comment: { id: 42 }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
+    })
+    it('Should fail with a wrong account', async function () {
+      const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
+    })
+    it('Should fail with an unknown account', async function () {
+      const fields = { account: { id: 42 }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
+    })
+    it('Should fail with not account, comment or video', async function () {
+      const fields = { reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 400 })
+    })
+    it('Should fail with a non authenticated user', async function () {
+      const fields = { video: { id: server.video.id }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: 401 })
+    })
+    it('Should fail with a reason too short', async function () {
+      const fields = { video: { id: server.video.id }, reason: 'h' }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should fail with a too big reason', async function () {
+      const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should succeed with the correct parameters (basic)', async function () {
+      const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' }
+      const res = await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
+      abuseId = res.body.abuse.id
+    })
+    it('Should fail with a wrong predefined reason', async function () {
+      const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should fail with negative timestamps', async function () {
+      const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should fail mith misordered startAt/endAt', async function () {
+      const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should succeed with the corret parameters (advanced)', async function () {
+      const fields: AbuseCreate = {
+        video: {
+          id: server.video.id,
+          startAt: 1,
+          endAt: 5
+        },
+        reason: 'my super reason',
+        predefinedReasons: [ 'serverRules' ]
+      }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
+    })
+  })
+  describe('When updating an abuse', function () {
+    it('Should fail with a non authenticated user', async function () {
+      await updateAbuse(server.url, 'blabla', abuseId, {}, 401)
+    })
+    it('Should fail with a non admin user', async function () {
+      await updateAbuse(server.url, userAccessToken, abuseId, {}, 403)
+    })
+    it('Should fail with a bad abuse id', async function () {
+      await updateAbuse(server.url, server.accessToken, 45, {}, 404)
+    })
+    it('Should fail with a bad state', async function () {
+      const body = { state: 5 }
+      await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
+    })
+    it('Should fail with a bad moderation comment', async function () {
+      const body = { moderationComment: 'b'.repeat(3001) }
+      await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
+    })
+    it('Should succeed with the correct params', async function () {
+      const body = { state: AbuseState.ACCEPTED }
+      await updateAbuse(server.url, server.accessToken, abuseId, body)
+    })
+  })
+  describe('When deleting a video abuse', function () {
+    it('Should fail with a non authenticated user', async function () {
+      await deleteAbuse(server.url, 'blabla', abuseId, 401)
+    })
+    it('Should fail with a non admin user', async function () {
+      await deleteAbuse(server.url, userAccessToken, abuseId, 403)
+    })
+    it('Should fail with a bad abuse id', async function () {
+      await deleteAbuse(server.url, server.accessToken, 45, 404)
+    })
+    it('Should succeed with the correct params', async function () {
+      await deleteAbuse(server.url, server.accessToken, abuseId)
+    })
+  })
+  after(async function () {
+    await cleanupTests([ server ])
+  })
+})

diff --git a/server/tests/api/check-params/abuses.ts b/server/tests/api/check-params/abuses.ts new file mode 100644 index 000000000..ba7c0833f --- /dev/null +++ b/server/tests/api/check-params/abuses.ts
@@ -0,0 +1,271 @@
	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import 'mocha'
	4	import { AbuseCreate, AbuseState } from '@shared/models'
	5	import {
	6	cleanupTests,
	7	createUser,
	8	deleteAbuse,
	9	flushAndRunServer,
	10	makeGetRequest,
	11	makePostBodyRequest,
	12	ServerInfo,
	13	setAccessTokensToServers,
	14	updateAbuse,
	15	uploadVideo,
	16	userLogin
	17	} from '../../../../shared/extra-utils'
	18	import {
	19	checkBadCountPagination,
	20	checkBadSortPagination,
	21	checkBadStartPagination
	22	} from '../../../../shared/extra-utils/requests/check-api-params'
	23
	24	// FIXME: deprecated in 2.3. Remove this controller
	25
	26	describe('Test video abuses API validators', function () {
	27	const basePath = '/api/v1/abuses/'
	28
	29	let server: ServerInfo
	30	let userAccessToken = ''
	31	let abuseId: number
	32
	33	// ---------------------------------------------------------------
	34
	35	before(async function () {
	36	this.timeout(30000)
	37
	38	server = await flushAndRunServer(1)
	39
	40	await setAccessTokensToServers([ server ])
	41
	42	const username = 'user1'
	43	const password = 'my super password'
	44	await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
	45	userAccessToken = await userLogin(server, { username, password })
	46
	47	const res = await uploadVideo(server.url, server.accessToken, {})
	48	server.video = res.body.video
	49	})
	50
	51	describe('When listing abuses', function () {
	52	const path = basePath
	53
	54	it('Should fail with a bad start pagination', async function () {
	55	await checkBadStartPagination(server.url, path, server.accessToken)
	56	})
	57
	58	it('Should fail with a bad count pagination', async function () {
	59	await checkBadCountPagination(server.url, path, server.accessToken)
	60	})
	61
	62	it('Should fail with an incorrect sort', async function () {
	63	await checkBadSortPagination(server.url, path, server.accessToken)
	64	})
	65
	66	it('Should fail with a non authenticated user', async function () {
	67	await makeGetRequest({
	68	url: server.url,
	69	path,
	70	statusCodeExpected: 401
	71	})
	72	})
	73
	74	it('Should fail with a non admin user', async function () {
	75	await makeGetRequest({
	76	url: server.url,
	77	path,
	78	token: userAccessToken,
	79	statusCodeExpected: 403
	80	})
	81	})
	82
	83	it('Should fail with a bad id filter', async function () {
	84	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
	85	})
	86
	87	it('Should fail with a bad filter', async function () {
	88	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
	89	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
	90	})
	91
	92	it('Should fail with bad predefined reason', async function () {
	93	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
	94	})
	95
	96	it('Should fail with a bad state filter', async function () {
	97	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
	98	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
	99	})
	100
	101	it('Should fail with a bad videoIs filter', async function () {
	102	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
	103	})
	104
	105	it('Should succeed with the correct params', async function () {
	106	const query = {
	107	id: 13,
	108	predefinedReason: 'violentOrRepulsive',
	109	filter: 'comment',
	110	state: 2,
	111	videoIs: 'deleted'
	112	}
	113
	114	await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: 200 })
	115	})
	116	})
	117
	118	describe('When reporting an abuse', function () {
	119	const path = basePath
	120
	121	it('Should fail with nothing', async function () {
	122	const fields = {}
	123	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	124	})
	125
	126	it('Should fail with a wrong video', async function () {
	127	const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
	128	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
	129	})
	130
	131	it('Should fail with an unknown video', async function () {
	132	const fields = { video: { id: 42 }, reason: 'my super reason' }
	133	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
	134	})
	135
	136	it('Should fail with a wrong comment', async function () {
	137	const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
	138	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
	139	})
	140
	141	it('Should fail with an unknown comment', async function () {
	142	const fields = { comment: { id: 42 }, reason: 'my super reason' }
	143	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
	144	})
	145
	146	it('Should fail with a wrong account', async function () {
	147	const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
	148	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
	149	})
	150
	151	it('Should fail with an unknown account', async function () {
	152	const fields = { account: { id: 42 }, reason: 'my super reason' }
	153	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
	154	})
	155
	156	it('Should fail with not account, comment or video', async function () {
	157	const fields = { reason: 'my super reason' }
	158	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 400 })
	159	})
	160
	161	it('Should fail with a non authenticated user', async function () {
	162	const fields = { video: { id: server.video.id }, reason: 'my super reason' }
	163
	164	await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: 401 })
	165	})
	166
	167	it('Should fail with a reason too short', async function () {
	168	const fields = { video: { id: server.video.id }, reason: 'h' }
	169
	170	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	171	})
	172
	173	it('Should fail with a too big reason', async function () {
	174	const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
	175
	176	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	177	})
	178
	179	it('Should succeed with the correct parameters (basic)', async function () {
	180	const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' }
	181
	182	const res = await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
	183	abuseId = res.body.abuse.id
	184	})
	185
	186	it('Should fail with a wrong predefined reason', async function () {
	187	const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
	188
	189	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	190	})
	191
	192	it('Should fail with negative timestamps', async function () {
	193	const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
	194
	195	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	196	})
	197
	198	it('Should fail mith misordered startAt/endAt', async function () {
	199	const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
	200
	201	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	202	})
	203
	204	it('Should succeed with the corret parameters (advanced)', async function () {
	205	const fields: AbuseCreate = {
	206	video: {
	207	id: server.video.id,
	208	startAt: 1,
	209	endAt: 5
	210	},
	211	reason: 'my super reason',
	212	predefinedReasons: [ 'serverRules' ]
	213	}
	214
	215	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
	216	})
	217	})
	218
	219	describe('When updating an abuse', function () {
	220
	221	it('Should fail with a non authenticated user', async function () {
	222	await updateAbuse(server.url, 'blabla', abuseId, {}, 401)
	223	})
	224
	225	it('Should fail with a non admin user', async function () {
	226	await updateAbuse(server.url, userAccessToken, abuseId, {}, 403)
	227	})
	228
	229	it('Should fail with a bad abuse id', async function () {
	230	await updateAbuse(server.url, server.accessToken, 45, {}, 404)
	231	})
	232
	233	it('Should fail with a bad state', async function () {
	234	const body = { state: 5 }
	235	await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
	236	})
	237
	238	it('Should fail with a bad moderation comment', async function () {
	239	const body = { moderationComment: 'b'.repeat(3001) }
	240	await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
	241	})
	242
	243	it('Should succeed with the correct params', async function () {
	244	const body = { state: AbuseState.ACCEPTED }
	245	await updateAbuse(server.url, server.accessToken, abuseId, body)
	246	})
	247	})
	248
	249	describe('When deleting a video abuse', function () {
	250
	251	it('Should fail with a non authenticated user', async function () {
	252	await deleteAbuse(server.url, 'blabla', abuseId, 401)
	253	})
	254
	255	it('Should fail with a non admin user', async function () {
	256	await deleteAbuse(server.url, userAccessToken, abuseId, 403)
	257	})
	258
	259	it('Should fail with a bad abuse id', async function () {
	260	await deleteAbuse(server.url, server.accessToken, 45, 404)
	261	})
	262
	263	it('Should succeed with the correct params', async function () {
	264	await deleteAbuse(server.url, server.accessToken, abuseId)
	265	})
	266	})
	267
	268	after(async function () {
	269	await cleanupTests([ server ])
	270	})
	271	})