1 files changed, 269 insertions, 0 deletions
diff --git a/server/tests/api/check-params/abuses.ts b/server/tests/api/check-params/abuses.ts
new file mode 100644
index 000000000..8964c0ab2
--- /dev/null
+++ b/server/tests/api/check-params/abuses.ts
@@ -0,0 +1,269 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
+import 'mocha'
+import { AbuseCreate, AbuseState } from '@shared/models'
+import {
+  cleanupTests,
+  createUser,
+  deleteAbuse,
+  flushAndRunServer,
+  makeGetRequest,
+  makePostBodyRequest,
+  ServerInfo,
+  setAccessTokensToServers,
+  updateAbuse,
+  uploadVideo,
+  userLogin
+} from '../../../../shared/extra-utils'
+import {
+  checkBadCountPagination,
+  checkBadSortPagination,
+  checkBadStartPagination
+} from '../../../../shared/extra-utils/requests/check-api-params'
+describe('Test abuses API validators', function () {
+  const basePath = '/api/v1/abuses/'
+  let server: ServerInfo
+  let userAccessToken = ''
+  let abuseId: number
+  // ---------------------------------------------------------------
+  before(async function () {
+    this.timeout(30000)
+    server = await flushAndRunServer(1)
+    await setAccessTokensToServers([ server ])
+    const username = 'user1'
+    const password = 'my super password'
+    await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
+    userAccessToken = await userLogin(server, { username, password })
+    const res = await uploadVideo(server.url, server.accessToken, {})
+    server.video = res.body.video
+  })
+  describe('When listing abuses', function () {
+    const path = basePath
+    it('Should fail with a bad start pagination', async function () {
+      await checkBadStartPagination(server.url, path, server.accessToken)
+    })
+    it('Should fail with a bad count pagination', async function () {
+      await checkBadCountPagination(server.url, path, server.accessToken)
+    })
+    it('Should fail with an incorrect sort', async function () {
+      await checkBadSortPagination(server.url, path, server.accessToken)
+    })
+    it('Should fail with a non authenticated user', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path,
+        statusCodeExpected: 401
+      })
+    })
+    it('Should fail with a non admin user', async function () {
+      await makeGetRequest({
+        url: server.url,
+        path,
+        token: userAccessToken,
+        statusCodeExpected: 403
+      })
+    })
+    it('Should fail with a bad id filter', async function () {
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
+    })
+    it('Should fail with a bad filter', async function () {
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
+    })
+    it('Should fail with bad predefined reason', async function () {
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
+    })
+    it('Should fail with a bad state filter', async function () {
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
+    })
+    it('Should fail with a bad videoIs filter', async function () {
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
+    })
+    it('Should succeed with the correct params', async function () {
+      const query = {
+        id: 13,
+        predefinedReason: 'violentOrRepulsive',
+        filter: 'comment',
+        state: 2,
+        videoIs: 'deleted'
+      }
+      await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: 200 })
+    })
+  })
+  describe('When reporting an abuse', function () {
+    const path = basePath
+    it('Should fail with nothing', async function () {
+      const fields = {}
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should fail with a wrong video', async function () {
+      const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
+    })
+    it('Should fail with an unknown video', async function () {
+      const fields = { video: { id: 42 }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
+    })
+    it('Should fail with a wrong comment', async function () {
+      const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
+    })
+    it('Should fail with an unknown comment', async function () {
+      const fields = { comment: { id: 42 }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
+    })
+    it('Should fail with a wrong account', async function () {
+      const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
+    })
+    it('Should fail with an unknown account', async function () {
+      const fields = { account: { id: 42 }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
+    })
+    it('Should fail with not account, comment or video', async function () {
+      const fields = { reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 400 })
+    })
+    it('Should fail with a non authenticated user', async function () {
+      const fields = { video: { id: server.video.id }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: 401 })
+    })
+    it('Should fail with a reason too short', async function () {
+      const fields = { video: { id: server.video.id }, reason: 'h' }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should fail with a too big reason', async function () {
+      const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should succeed with the correct parameters (basic)', async function () {
+      const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' }
+      const res = await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
+      abuseId = res.body.abuse.id
+    })
+    it('Should fail with a wrong predefined reason', async function () {
+      const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should fail with negative timestamps', async function () {
+      const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should fail mith misordered startAt/endAt', async function () {
+      const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
+    })
+    it('Should succeed with the corret parameters (advanced)', async function () {
+      const fields: AbuseCreate = {
+        video: {
+          id: server.video.id,
+          startAt: 1,
+          endAt: 5
+        },
+        reason: 'my super reason',
+        predefinedReasons: [ 'serverRules' ]
+      }
+      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
+    })
+  })
+  describe('When updating an abuse', function () {
+    it('Should fail with a non authenticated user', async function () {
+      await updateAbuse(server.url, 'blabla', abuseId, {}, 401)
+    })
+    it('Should fail with a non admin user', async function () {
+      await updateAbuse(server.url, userAccessToken, abuseId, {}, 403)
+    })
+    it('Should fail with a bad abuse id', async function () {
+      await updateAbuse(server.url, server.accessToken, 45, {}, 404)
+    })
+    it('Should fail with a bad state', async function () {
+      const body = { state: 5 }
+      await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
+    })
+    it('Should fail with a bad moderation comment', async function () {
+      const body = { moderationComment: 'b'.repeat(3001) }
+      await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
+    })
+    it('Should succeed with the correct params', async function () {
+      const body = { state: AbuseState.ACCEPTED }
+      await updateAbuse(server.url, server.accessToken, abuseId, body)
+    })
+  })
+  describe('When deleting a video abuse', function () {
+    it('Should fail with a non authenticated user', async function () {
+      await deleteAbuse(server.url, 'blabla', abuseId, 401)
+    })
+    it('Should fail with a non admin user', async function () {
+      await deleteAbuse(server.url, userAccessToken, abuseId, 403)
+    })
+    it('Should fail with a bad abuse id', async function () {
+      await deleteAbuse(server.url, server.accessToken, 45, 404)
+    })
+    it('Should succeed with the correct params', async function () {
+      await deleteAbuse(server.url, server.accessToken, abuseId)
+    })
+  })
+  after(async function () {
+    await cleanupTests([ server ])
+  })
+})

diff --git a/server/tests/api/check-params/abuses.ts b/server/tests/api/check-params/abuses.ts new file mode 100644 index 000000000..8964c0ab2 --- /dev/null +++ b/server/tests/api/check-params/abuses.ts
@@ -0,0 +1,269 @@
	1	/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
	2
	3	import 'mocha'
	4	import { AbuseCreate, AbuseState } from '@shared/models'
	5	import {
	6	cleanupTests,
	7	createUser,
	8	deleteAbuse,
	9	flushAndRunServer,
	10	makeGetRequest,
	11	makePostBodyRequest,
	12	ServerInfo,
	13	setAccessTokensToServers,
	14	updateAbuse,
	15	uploadVideo,
	16	userLogin
	17	} from '../../../../shared/extra-utils'
	18	import {
	19	checkBadCountPagination,
	20	checkBadSortPagination,
	21	checkBadStartPagination
	22	} from '../../../../shared/extra-utils/requests/check-api-params'
	23
	24	describe('Test abuses API validators', function () {
	25	const basePath = '/api/v1/abuses/'
	26
	27	let server: ServerInfo
	28	let userAccessToken = ''
	29	let abuseId: number
	30
	31	// ---------------------------------------------------------------
	32
	33	before(async function () {
	34	this.timeout(30000)
	35
	36	server = await flushAndRunServer(1)
	37
	38	await setAccessTokensToServers([ server ])
	39
	40	const username = 'user1'
	41	const password = 'my super password'
	42	await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password })
	43	userAccessToken = await userLogin(server, { username, password })
	44
	45	const res = await uploadVideo(server.url, server.accessToken, {})
	46	server.video = res.body.video
	47	})
	48
	49	describe('When listing abuses', function () {
	50	const path = basePath
	51
	52	it('Should fail with a bad start pagination', async function () {
	53	await checkBadStartPagination(server.url, path, server.accessToken)
	54	})
	55
	56	it('Should fail with a bad count pagination', async function () {
	57	await checkBadCountPagination(server.url, path, server.accessToken)
	58	})
	59
	60	it('Should fail with an incorrect sort', async function () {
	61	await checkBadSortPagination(server.url, path, server.accessToken)
	62	})
	63
	64	it('Should fail with a non authenticated user', async function () {
	65	await makeGetRequest({
	66	url: server.url,
	67	path,
	68	statusCodeExpected: 401
	69	})
	70	})
	71
	72	it('Should fail with a non admin user', async function () {
	73	await makeGetRequest({
	74	url: server.url,
	75	path,
	76	token: userAccessToken,
	77	statusCodeExpected: 403
	78	})
	79	})
	80
	81	it('Should fail with a bad id filter', async function () {
	82	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { id: 'toto' } })
	83	})
	84
	85	it('Should fail with a bad filter', async function () {
	86	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'toto' } })
	87	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { filter: 'videos' } })
	88	})
	89
	90	it('Should fail with bad predefined reason', async function () {
	91	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { predefinedReason: 'violentOrRepulsives' } })
	92	})
	93
	94	it('Should fail with a bad state filter', async function () {
	95	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 'toto' } })
	96	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { state: 0 } })
	97	})
	98
	99	it('Should fail with a bad videoIs filter', async function () {
	100	await makeGetRequest({ url: server.url, path, token: server.accessToken, query: { videoIs: 'toto' } })
	101	})
	102
	103	it('Should succeed with the correct params', async function () {
	104	const query = {
	105	id: 13,
	106	predefinedReason: 'violentOrRepulsive',
	107	filter: 'comment',
	108	state: 2,
	109	videoIs: 'deleted'
	110	}
	111
	112	await makeGetRequest({ url: server.url, path, token: server.accessToken, query, statusCodeExpected: 200 })
	113	})
	114	})
	115
	116	describe('When reporting an abuse', function () {
	117	const path = basePath
	118
	119	it('Should fail with nothing', async function () {
	120	const fields = {}
	121	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	122	})
	123
	124	it('Should fail with a wrong video', async function () {
	125	const fields = { video: { id: 'blabla' }, reason: 'my super reason' }
	126	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
	127	})
	128
	129	it('Should fail with an unknown video', async function () {
	130	const fields = { video: { id: 42 }, reason: 'my super reason' }
	131	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
	132	})
	133
	134	it('Should fail with a wrong comment', async function () {
	135	const fields = { comment: { id: 'blabla' }, reason: 'my super reason' }
	136	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
	137	})
	138
	139	it('Should fail with an unknown comment', async function () {
	140	const fields = { comment: { id: 42 }, reason: 'my super reason' }
	141	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
	142	})
	143
	144	it('Should fail with a wrong account', async function () {
	145	const fields = { account: { id: 'blabla' }, reason: 'my super reason' }
	146	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields })
	147	})
	148
	149	it('Should fail with an unknown account', async function () {
	150	const fields = { account: { id: 42 }, reason: 'my super reason' }
	151	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 })
	152	})
	153
	154	it('Should fail with not account, comment or video', async function () {
	155	const fields = { reason: 'my super reason' }
	156	await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 400 })
	157	})
	158
	159	it('Should fail with a non authenticated user', async function () {
	160	const fields = { video: { id: server.video.id }, reason: 'my super reason' }
	161
	162	await makePostBodyRequest({ url: server.url, path, token: 'hello', fields, statusCodeExpected: 401 })
	163	})
	164
	165	it('Should fail with a reason too short', async function () {
	166	const fields = { video: { id: server.video.id }, reason: 'h' }
	167
	168	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	169	})
	170
	171	it('Should fail with a too big reason', async function () {
	172	const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) }
	173
	174	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	175	})
	176
	177	it('Should succeed with the correct parameters (basic)', async function () {
	178	const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' }
	179
	180	const res = await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
	181	abuseId = res.body.abuse.id
	182	})
	183
	184	it('Should fail with a wrong predefined reason', async function () {
	185	const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] }
	186
	187	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	188	})
	189
	190	it('Should fail with negative timestamps', async function () {
	191	const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' }
	192
	193	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	194	})
	195
	196	it('Should fail mith misordered startAt/endAt', async function () {
	197	const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' }
	198
	199	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	200	})
	201
	202	it('Should succeed with the corret parameters (advanced)', async function () {
	203	const fields: AbuseCreate = {
	204	video: {
	205	id: server.video.id,
	206	startAt: 1,
	207	endAt: 5
	208	},
	209	reason: 'my super reason',
	210	predefinedReasons: [ 'serverRules' ]
	211	}
	212
	213	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 })
	214	})
	215	})
	216
	217	describe('When updating an abuse', function () {
	218
	219	it('Should fail with a non authenticated user', async function () {
	220	await updateAbuse(server.url, 'blabla', abuseId, {}, 401)
	221	})
	222
	223	it('Should fail with a non admin user', async function () {
	224	await updateAbuse(server.url, userAccessToken, abuseId, {}, 403)
	225	})
	226
	227	it('Should fail with a bad abuse id', async function () {
	228	await updateAbuse(server.url, server.accessToken, 45, {}, 404)
	229	})
	230
	231	it('Should fail with a bad state', async function () {
	232	const body = { state: 5 }
	233	await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
	234	})
	235
	236	it('Should fail with a bad moderation comment', async function () {
	237	const body = { moderationComment: 'b'.repeat(3001) }
	238	await updateAbuse(server.url, server.accessToken, abuseId, body, 400)
	239	})
	240
	241	it('Should succeed with the correct params', async function () {
	242	const body = { state: AbuseState.ACCEPTED }
	243	await updateAbuse(server.url, server.accessToken, abuseId, body)
	244	})
	245	})
	246
	247	describe('When deleting a video abuse', function () {
	248
	249	it('Should fail with a non authenticated user', async function () {
	250	await deleteAbuse(server.url, 'blabla', abuseId, 401)
	251	})
	252
	253	it('Should fail with a non admin user', async function () {
	254	await deleteAbuse(server.url, userAccessToken, abuseId, 403)
	255	})
	256
	257	it('Should fail with a bad abuse id', async function () {
	258	await deleteAbuse(server.url, server.accessToken, 45, 404)
	259	})
	260
	261	it('Should succeed with the correct params', async function () {
	262	await deleteAbuse(server.url, server.accessToken, abuseId)
	263	})
	264	})
	265
	266	after(async function () {
	267	await cleanupTests([ server ])
	268	})
	269	})