aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api/check-params/abuses.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server/tests/api/check-params/abuses.ts')
-rw-r--r--server/tests/api/check-params/abuses.ts153
1 files changed, 136 insertions, 17 deletions
diff --git a/server/tests/api/check-params/abuses.ts b/server/tests/api/check-params/abuses.ts
index 8964c0ab2..5e1d66c25 100644
--- a/server/tests/api/check-params/abuses.ts
+++ b/server/tests/api/check-params/abuses.ts
@@ -13,7 +13,11 @@ import {
13 setAccessTokensToServers, 13 setAccessTokensToServers,
14 updateAbuse, 14 updateAbuse,
15 uploadVideo, 15 uploadVideo,
16 userLogin 16 userLogin,
17 generateUserAccessToken,
18 addAbuseMessage,
19 listAbuseMessages,
20 deleteAbuseMessage
17} from '../../../../shared/extra-utils' 21} from '../../../../shared/extra-utils'
18import { 22import {
19 checkBadCountPagination, 23 checkBadCountPagination,
@@ -26,7 +30,9 @@ describe('Test abuses API validators', function () {
26 30
27 let server: ServerInfo 31 let server: ServerInfo
28 let userAccessToken = '' 32 let userAccessToken = ''
33 let userAccessToken2 = ''
29 let abuseId: number 34 let abuseId: number
35 let messageId: number
30 36
31 // --------------------------------------------------------------- 37 // ---------------------------------------------------------------
32 38
@@ -42,11 +48,15 @@ describe('Test abuses API validators', function () {
42 await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password }) 48 await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
43 userAccessToken = await userLogin(server, { username, password }) 49 userAccessToken = await userLogin(server, { username, password })
44 50
51 {
52 userAccessToken2 = await generateUserAccessToken(server, 'user_2')
53 }
54
45 const res = await uploadVideo(server.url, server.accessToken, {}) 55 const res = await uploadVideo(server.url, server.accessToken, {})
46 server.video = res.body.video 56 server.video = res.body.video
47 }) 57 })
48 58
49 describe('When listing abuses', function () { 59 describe('When listing abuses for admins', function () {
50 const path = basePath 60 const path = basePath
51 61
52 it('Should fail with a bad start pagination', async function () { 62 it('Should fail with a bad start pagination', async function () {
@@ -113,47 +123,89 @@ describe('Test abuses API validators', function () {
113 }) 123 })
114 }) 124 })
115 125
126 describe('When listing abuses for users', function () {
127 const path = '/api/v1/users/me/abuses'
128
129 it('Should fail with a bad start pagination', async function () {
130 await checkBadStartPagination(server.url, path, userAccessToken)
131 })
132
133 it('Should fail with a bad count pagination', async function () {
134 await checkBadCountPagination(server.url, path, userAccessToken)
135 })
136
137 it('Should fail with an incorrect sort', async function () {
138 await checkBadSortPagination(server.url, path, userAccessToken)
139 })
140
141 it('Should fail with a non authenticated user', async function () {
142 await makeGetRequest({
143 url: server.url,
144 path,
145 statusCodeExpected: 401
146 })
147 })
148
149 it('Should fail with a bad id filter', async function () {
150 await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { id: 'toto' } })
151 })
152
153 it('Should fail with a bad state filter', async function () {
154 await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { state: 'toto' } })
155 await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { state: 0 } })
156 })
157
158 it('Should succeed with the correct params', async function () {
159 const query = {
160 id: 13,
161 state: 2
162 }
163
164 await makeGetRequest({ url: server.url, path, token: userAccessToken, query, statusCodeExpected: 200 })
165 })
166 })
167
116 describe('When reporting an abuse', function () { 168 describe('When reporting an abuse', function () {
117 const path = basePath 169 const path = basePath
118 170
119 it('Should fail with nothing', async function () { 171 it('Should fail with nothing', async function () {
120 const fields = {} 172 const fields = {}
121 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 173 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
122 }) 174 })
123 175
124 it('Should fail with a wrong video', async function () { 176 it('Should fail with a wrong video', async function () {
125 const fields = { video: { id: 'blabla' }, reason: 'my super reason' } 177 const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
126 await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields }) 178 await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields })
127 }) 179 })
128 180
129 it('Should fail with an unknown video', async function () { 181 it('Should fail with an unknown video', async function () {
130 const fields = { video: { id: 42 }, reason: 'my super reason' } 182 const fields = { video: { id: 42 }, reason: 'my super reason' }
131 await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 }) 183 await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields, statusCodeExpected: 404 })
132 }) 184 })
133 185
134 it('Should fail with a wrong comment', async function () { 186 it('Should fail with a wrong comment', async function () {
135 const fields = { comment: { id: 'blabla' }, reason: 'my super reason' } 187 const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
136 await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields }) 188 await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields })
137 }) 189 })
138 190
139 it('Should fail with an unknown comment', async function () { 191 it('Should fail with an unknown comment', async function () {
140 const fields = { comment: { id: 42 }, reason: 'my super reason' } 192 const fields = { comment: { id: 42 }, reason: 'my super reason' }
141 await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 }) 193 await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields, statusCodeExpected: 404 })
142 }) 194 })
143 195
144 it('Should fail with a wrong account', async function () { 196 it('Should fail with a wrong account', async function () {
145 const fields = { account: { id: 'blabla' }, reason: 'my super reason' } 197 const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
146 await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields }) 198 await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields })
147 }) 199 })
148 200
149 it('Should fail with an unknown account', async function () { 201 it('Should fail with an unknown account', async function () {
150 const fields = { account: { id: 42 }, reason: 'my super reason' } 202 const fields = { account: { id: 42 }, reason: 'my super reason' }
151 await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 }) 203 await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields, statusCodeExpected: 404 })
152 }) 204 })
153 205
154 it('Should fail with not account, comment or video', async function () { 206 it('Should fail with not account, comment or video', async function () {
155 const fields = { reason: 'my super reason' } 207 const fields = { reason: 'my super reason' }
156 await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 400 }) 208 await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields, statusCodeExpected: 400 })
157 }) 209 })
158 210
159 it('Should fail with a non authenticated user', async function () { 211 it('Should fail with a non authenticated user', async function () {
@@ -165,38 +217,38 @@ describe('Test abuses API validators', function () {
165 it('Should fail with a reason too short', async function () { 217 it('Should fail with a reason too short', async function () {
166 const fields = { video: { id: server.video.id }, reason: 'h' } 218 const fields = { video: { id: server.video.id }, reason: 'h' }
167 219
168 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 220 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
169 }) 221 })
170 222
171 it('Should fail with a too big reason', async function () { 223 it('Should fail with a too big reason', async function () {
172 const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) } 224 const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
173 225
174 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 226 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
175 }) 227 })
176 228
177 it('Should succeed with the correct parameters (basic)', async function () { 229 it('Should succeed with the correct parameters (basic)', async function () {
178 const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' } 230 const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' }
179 231
180 const res = await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 }) 232 const res = await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 200 })
181 abuseId = res.body.abuse.id 233 abuseId = res.body.abuse.id
182 }) 234 })
183 235
184 it('Should fail with a wrong predefined reason', async function () { 236 it('Should fail with a wrong predefined reason', async function () {
185 const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] } 237 const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
186 238
187 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 239 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
188 }) 240 })
189 241
190 it('Should fail with negative timestamps', async function () { 242 it('Should fail with negative timestamps', async function () {
191 const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' } 243 const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
192 244
193 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 245 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
194 }) 246 })
195 247
196 it('Should fail mith misordered startAt/endAt', async function () { 248 it('Should fail mith misordered startAt/endAt', async function () {
197 const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' } 249 const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
198 250
199 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 251 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields })
200 }) 252 })
201 253
202 it('Should succeed with the corret parameters (advanced)', async function () { 254 it('Should succeed with the corret parameters (advanced)', async function () {
@@ -210,7 +262,7 @@ describe('Test abuses API validators', function () {
210 predefinedReasons: [ 'serverRules' ] 262 predefinedReasons: [ 'serverRules' ]
211 } 263 }
212 264
213 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 }) 265 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 200 })
214 }) 266 })
215 }) 267 })
216 268
@@ -244,6 +296,73 @@ describe('Test abuses API validators', function () {
244 }) 296 })
245 }) 297 })
246 298
299 describe('When creating an abuse message', function () {
300 const message = 'my super message'
301
302 it('Should fail with an invalid abuse id', async function () {
303 await addAbuseMessage(server.url, userAccessToken2, 888, message, 404)
304 })
305
306 it('Should fail with a non authenticated user', async function () {
307 await addAbuseMessage(server.url, 'fake_token', abuseId, message, 401)
308 })
309
310 it('Should fail with an invalid logged in user', async function () {
311 await addAbuseMessage(server.url, userAccessToken2, abuseId, message, 403)
312 })
313
314 it('Should fail with an invalid message', async function () {
315 await addAbuseMessage(server.url, userAccessToken, abuseId, 'a'.repeat(5000), 400)
316 })
317
318 it('Should suceed with the correct params', async function () {
319 const res = await addAbuseMessage(server.url, userAccessToken, abuseId, message)
320 messageId = res.body.abuseMessage.id
321 })
322 })
323
324 describe('When listing abuse message', function () {
325
326 it('Should fail with an invalid abuse id', async function () {
327 await listAbuseMessages(server.url, userAccessToken, 888, 404)
328 })
329
330 it('Should fail with a non authenticated user', async function () {
331 await listAbuseMessages(server.url, 'fake_token', abuseId, 401)
332 })
333
334 it('Should fail with an invalid logged in user', async function () {
335 await listAbuseMessages(server.url, userAccessToken2, abuseId, 403)
336 })
337
338 it('Should succeed with the correct params', async function () {
339 await listAbuseMessages(server.url, userAccessToken, abuseId)
340 })
341 })
342
343 describe('When deleting an abuse message', function () {
344
345 it('Should fail with an invalid abuse id', async function () {
346 await deleteAbuseMessage(server.url, userAccessToken, 888, messageId, 404)
347 })
348
349 it('Should fail with an invalid message id', async function () {
350 await deleteAbuseMessage(server.url, userAccessToken, abuseId, 888, 404)
351 })
352
353 it('Should fail with a non authenticated user', async function () {
354 await deleteAbuseMessage(server.url, 'fake_token', abuseId, messageId, 401)
355 })
356
357 it('Should fail with an invalid logged in user', async function () {
358 await deleteAbuseMessage(server.url, userAccessToken2, abuseId, messageId, 403)
359 })
360
361 it('Should succeed with the correct params', async function () {
362 await deleteAbuseMessage(server.url, userAccessToken, abuseId, messageId)
363 })
364 })
365
247 describe('When deleting a video abuse', function () { 366 describe('When deleting a video abuse', function () {
248 367
249 it('Should fail with a non authenticated user', async function () { 368 it('Should fail with a non authenticated user', async function () {