diff options
Diffstat (limited to 'server/tests/api/check-params/blocklist.ts')
-rw-r--r-- | server/tests/api/check-params/blocklist.ts | 498 |
1 files changed, 498 insertions, 0 deletions
diff --git a/server/tests/api/check-params/blocklist.ts b/server/tests/api/check-params/blocklist.ts new file mode 100644 index 000000000..c20453c16 --- /dev/null +++ b/server/tests/api/check-params/blocklist.ts | |||
@@ -0,0 +1,498 @@ | |||
1 | /* tslint:disable:no-unused-expression */ | ||
2 | |||
3 | import 'mocha' | ||
4 | |||
5 | import { | ||
6 | createUser, | ||
7 | doubleFollow, | ||
8 | flushAndRunMultipleServers, | ||
9 | flushTests, | ||
10 | killallServers, | ||
11 | makeDeleteRequest, | ||
12 | makeGetRequest, | ||
13 | makePostBodyRequest, | ||
14 | ServerInfo, | ||
15 | setAccessTokensToServers, userLogin | ||
16 | } from '../../../../shared/utils' | ||
17 | import { | ||
18 | checkBadCountPagination, | ||
19 | checkBadSortPagination, | ||
20 | checkBadStartPagination | ||
21 | } from '../../../../shared/utils/requests/check-api-params' | ||
22 | |||
23 | describe('Test blocklist API validators', function () { | ||
24 | let servers: ServerInfo[] | ||
25 | let server: ServerInfo | ||
26 | let userAccessToken: string | ||
27 | |||
28 | before(async function () { | ||
29 | this.timeout(60000) | ||
30 | |||
31 | await flushTests() | ||
32 | |||
33 | servers = await flushAndRunMultipleServers(2) | ||
34 | await setAccessTokensToServers(servers) | ||
35 | |||
36 | server = servers[0] | ||
37 | |||
38 | const user = { username: 'user1', password: 'password' } | ||
39 | await createUser(server.url, server.accessToken, user.username, user.password) | ||
40 | |||
41 | userAccessToken = await userLogin(server, user) | ||
42 | |||
43 | await doubleFollow(servers[0], servers[1]) | ||
44 | }) | ||
45 | |||
46 | // --------------------------------------------------------------- | ||
47 | |||
48 | describe('When managing user blocklist', function () { | ||
49 | |||
50 | describe('When managing user accounts blocklist', function () { | ||
51 | const path = '/api/v1/users/me/blocklist/accounts' | ||
52 | |||
53 | describe('When listing blocked accounts', function () { | ||
54 | it('Should fail with an unauthenticated user', async function () { | ||
55 | await makeGetRequest({ | ||
56 | url: server.url, | ||
57 | path, | ||
58 | statusCodeExpected: 401 | ||
59 | }) | ||
60 | }) | ||
61 | |||
62 | it('Should fail with a bad start pagination', async function () { | ||
63 | await checkBadStartPagination(server.url, path, server.accessToken) | ||
64 | }) | ||
65 | |||
66 | it('Should fail with a bad count pagination', async function () { | ||
67 | await checkBadCountPagination(server.url, path, server.accessToken) | ||
68 | }) | ||
69 | |||
70 | it('Should fail with an incorrect sort', async function () { | ||
71 | await checkBadSortPagination(server.url, path, server.accessToken) | ||
72 | }) | ||
73 | }) | ||
74 | |||
75 | describe('When blocking an account', function () { | ||
76 | it('Should fail with an unauthenticated user', async function () { | ||
77 | await makePostBodyRequest({ | ||
78 | url: server.url, | ||
79 | path, | ||
80 | fields: { accountName: 'user1' }, | ||
81 | statusCodeExpected: 401 | ||
82 | }) | ||
83 | }) | ||
84 | |||
85 | it('Should fail with an unknown account', async function () { | ||
86 | await makePostBodyRequest({ | ||
87 | url: server.url, | ||
88 | token: server.accessToken, | ||
89 | path, | ||
90 | fields: { accountName: 'user2' }, | ||
91 | statusCodeExpected: 404 | ||
92 | }) | ||
93 | }) | ||
94 | |||
95 | it('Should fail to block ourselves', async function () { | ||
96 | await makePostBodyRequest({ | ||
97 | url: server.url, | ||
98 | token: server.accessToken, | ||
99 | path, | ||
100 | fields: { accountName: 'root' }, | ||
101 | statusCodeExpected: 409 | ||
102 | }) | ||
103 | }) | ||
104 | |||
105 | it('Should succeed with the correct params', async function () { | ||
106 | await makePostBodyRequest({ | ||
107 | url: server.url, | ||
108 | token: server.accessToken, | ||
109 | path, | ||
110 | fields: { accountName: 'user1' }, | ||
111 | statusCodeExpected: 204 | ||
112 | }) | ||
113 | }) | ||
114 | }) | ||
115 | |||
116 | describe('When unblocking an account', function () { | ||
117 | it('Should fail with an unauthenticated user', async function () { | ||
118 | await makeDeleteRequest({ | ||
119 | url: server.url, | ||
120 | path: path + '/user1', | ||
121 | statusCodeExpected: 401 | ||
122 | }) | ||
123 | }) | ||
124 | |||
125 | it('Should fail with an unknown account block', async function () { | ||
126 | await makeDeleteRequest({ | ||
127 | url: server.url, | ||
128 | path: path + '/user2', | ||
129 | token: server.accessToken, | ||
130 | statusCodeExpected: 404 | ||
131 | }) | ||
132 | }) | ||
133 | |||
134 | it('Should succeed with the correct params', async function () { | ||
135 | await makeDeleteRequest({ | ||
136 | url: server.url, | ||
137 | path: path + '/user1', | ||
138 | token: server.accessToken, | ||
139 | statusCodeExpected: 204 | ||
140 | }) | ||
141 | }) | ||
142 | }) | ||
143 | }) | ||
144 | |||
145 | describe('When managing user servers blocklist', function () { | ||
146 | const path = '/api/v1/users/me/blocklist/servers' | ||
147 | |||
148 | describe('When listing blocked servers', function () { | ||
149 | it('Should fail with an unauthenticated user', async function () { | ||
150 | await makeGetRequest({ | ||
151 | url: server.url, | ||
152 | path, | ||
153 | statusCodeExpected: 401 | ||
154 | }) | ||
155 | }) | ||
156 | |||
157 | it('Should fail with a bad start pagination', async function () { | ||
158 | await checkBadStartPagination(server.url, path, server.accessToken) | ||
159 | }) | ||
160 | |||
161 | it('Should fail with a bad count pagination', async function () { | ||
162 | await checkBadCountPagination(server.url, path, server.accessToken) | ||
163 | }) | ||
164 | |||
165 | it('Should fail with an incorrect sort', async function () { | ||
166 | await checkBadSortPagination(server.url, path, server.accessToken) | ||
167 | }) | ||
168 | }) | ||
169 | |||
170 | describe('When blocking a server', function () { | ||
171 | it('Should fail with an unauthenticated user', async function () { | ||
172 | await makePostBodyRequest({ | ||
173 | url: server.url, | ||
174 | path, | ||
175 | fields: { host: 'localhost:9002' }, | ||
176 | statusCodeExpected: 401 | ||
177 | }) | ||
178 | }) | ||
179 | |||
180 | it('Should fail with an unknown server', async function () { | ||
181 | await makePostBodyRequest({ | ||
182 | url: server.url, | ||
183 | token: server.accessToken, | ||
184 | path, | ||
185 | fields: { host: 'localhost:9003' }, | ||
186 | statusCodeExpected: 404 | ||
187 | }) | ||
188 | }) | ||
189 | |||
190 | it('Should fail with our own server', async function () { | ||
191 | await makePostBodyRequest({ | ||
192 | url: server.url, | ||
193 | token: server.accessToken, | ||
194 | path, | ||
195 | fields: { host: 'localhost:9001' }, | ||
196 | statusCodeExpected: 409 | ||
197 | }) | ||
198 | }) | ||
199 | |||
200 | it('Should succeed with the correct params', async function () { | ||
201 | await makePostBodyRequest({ | ||
202 | url: server.url, | ||
203 | token: server.accessToken, | ||
204 | path, | ||
205 | fields: { host: 'localhost:9002' }, | ||
206 | statusCodeExpected: 204 | ||
207 | }) | ||
208 | }) | ||
209 | }) | ||
210 | |||
211 | describe('When unblocking a server', function () { | ||
212 | it('Should fail with an unauthenticated user', async function () { | ||
213 | await makeDeleteRequest({ | ||
214 | url: server.url, | ||
215 | path: path + '/localhost:9002', | ||
216 | statusCodeExpected: 401 | ||
217 | }) | ||
218 | }) | ||
219 | |||
220 | it('Should fail with an unknown server block', async function () { | ||
221 | await makeDeleteRequest({ | ||
222 | url: server.url, | ||
223 | path: path + '/localhost:9003', | ||
224 | token: server.accessToken, | ||
225 | statusCodeExpected: 404 | ||
226 | }) | ||
227 | }) | ||
228 | |||
229 | it('Should succeed with the correct params', async function () { | ||
230 | await makeDeleteRequest({ | ||
231 | url: server.url, | ||
232 | path: path + '/localhost:9002', | ||
233 | token: server.accessToken, | ||
234 | statusCodeExpected: 204 | ||
235 | }) | ||
236 | }) | ||
237 | }) | ||
238 | }) | ||
239 | }) | ||
240 | |||
241 | describe('When managing server blocklist', function () { | ||
242 | |||
243 | describe('When managing server accounts blocklist', function () { | ||
244 | const path = '/api/v1/server/blocklist/accounts' | ||
245 | |||
246 | describe('When listing blocked accounts', function () { | ||
247 | it('Should fail with an unauthenticated user', async function () { | ||
248 | await makeGetRequest({ | ||
249 | url: server.url, | ||
250 | path, | ||
251 | statusCodeExpected: 401 | ||
252 | }) | ||
253 | }) | ||
254 | |||
255 | it('Should fail with a user without the appropriate rights', async function () { | ||
256 | await makeGetRequest({ | ||
257 | url: server.url, | ||
258 | token: userAccessToken, | ||
259 | path, | ||
260 | statusCodeExpected: 403 | ||
261 | }) | ||
262 | }) | ||
263 | |||
264 | it('Should fail with a bad start pagination', async function () { | ||
265 | await checkBadStartPagination(server.url, path, server.accessToken) | ||
266 | }) | ||
267 | |||
268 | it('Should fail with a bad count pagination', async function () { | ||
269 | await checkBadCountPagination(server.url, path, server.accessToken) | ||
270 | }) | ||
271 | |||
272 | it('Should fail with an incorrect sort', async function () { | ||
273 | await checkBadSortPagination(server.url, path, server.accessToken) | ||
274 | }) | ||
275 | }) | ||
276 | |||
277 | describe('When blocking an account', function () { | ||
278 | it('Should fail with an unauthenticated user', async function () { | ||
279 | await makePostBodyRequest({ | ||
280 | url: server.url, | ||
281 | path, | ||
282 | fields: { accountName: 'user1' }, | ||
283 | statusCodeExpected: 401 | ||
284 | }) | ||
285 | }) | ||
286 | |||
287 | it('Should fail with a user without the appropriate rights', async function () { | ||
288 | await makePostBodyRequest({ | ||
289 | url: server.url, | ||
290 | token: userAccessToken, | ||
291 | path, | ||
292 | fields: { accountName: 'user1' }, | ||
293 | statusCodeExpected: 403 | ||
294 | }) | ||
295 | }) | ||
296 | |||
297 | it('Should fail with an unknown account', async function () { | ||
298 | await makePostBodyRequest({ | ||
299 | url: server.url, | ||
300 | token: server.accessToken, | ||
301 | path, | ||
302 | fields: { accountName: 'user2' }, | ||
303 | statusCodeExpected: 404 | ||
304 | }) | ||
305 | }) | ||
306 | |||
307 | it('Should fail to block ourselves', async function () { | ||
308 | await makePostBodyRequest({ | ||
309 | url: server.url, | ||
310 | token: server.accessToken, | ||
311 | path, | ||
312 | fields: { accountName: 'root' }, | ||
313 | statusCodeExpected: 409 | ||
314 | }) | ||
315 | }) | ||
316 | |||
317 | it('Should succeed with the correct params', async function () { | ||
318 | await makePostBodyRequest({ | ||
319 | url: server.url, | ||
320 | token: server.accessToken, | ||
321 | path, | ||
322 | fields: { accountName: 'user1' }, | ||
323 | statusCodeExpected: 204 | ||
324 | }) | ||
325 | }) | ||
326 | }) | ||
327 | |||
328 | describe('When unblocking an account', function () { | ||
329 | it('Should fail with an unauthenticated user', async function () { | ||
330 | await makeDeleteRequest({ | ||
331 | url: server.url, | ||
332 | path: path + '/user1', | ||
333 | statusCodeExpected: 401 | ||
334 | }) | ||
335 | }) | ||
336 | |||
337 | it('Should fail with a user without the appropriate rights', async function () { | ||
338 | await makeDeleteRequest({ | ||
339 | url: server.url, | ||
340 | path: path + '/user1', | ||
341 | token: userAccessToken, | ||
342 | statusCodeExpected: 403 | ||
343 | }) | ||
344 | }) | ||
345 | |||
346 | it('Should fail with an unknown account block', async function () { | ||
347 | await makeDeleteRequest({ | ||
348 | url: server.url, | ||
349 | path: path + '/user2', | ||
350 | token: server.accessToken, | ||
351 | statusCodeExpected: 404 | ||
352 | }) | ||
353 | }) | ||
354 | |||
355 | it('Should succeed with the correct params', async function () { | ||
356 | await makeDeleteRequest({ | ||
357 | url: server.url, | ||
358 | path: path + '/user1', | ||
359 | token: server.accessToken, | ||
360 | statusCodeExpected: 204 | ||
361 | }) | ||
362 | }) | ||
363 | }) | ||
364 | }) | ||
365 | |||
366 | describe('When managing server servers blocklist', function () { | ||
367 | const path = '/api/v1/server/blocklist/servers' | ||
368 | |||
369 | describe('When listing blocked servers', function () { | ||
370 | it('Should fail with an unauthenticated user', async function () { | ||
371 | await makeGetRequest({ | ||
372 | url: server.url, | ||
373 | path, | ||
374 | statusCodeExpected: 401 | ||
375 | }) | ||
376 | }) | ||
377 | |||
378 | it('Should fail with a user without the appropriate rights', async function () { | ||
379 | await makeGetRequest({ | ||
380 | url: server.url, | ||
381 | token: userAccessToken, | ||
382 | path, | ||
383 | statusCodeExpected: 403 | ||
384 | }) | ||
385 | }) | ||
386 | |||
387 | it('Should fail with a bad start pagination', async function () { | ||
388 | await checkBadStartPagination(server.url, path, server.accessToken) | ||
389 | }) | ||
390 | |||
391 | it('Should fail with a bad count pagination', async function () { | ||
392 | await checkBadCountPagination(server.url, path, server.accessToken) | ||
393 | }) | ||
394 | |||
395 | it('Should fail with an incorrect sort', async function () { | ||
396 | await checkBadSortPagination(server.url, path, server.accessToken) | ||
397 | }) | ||
398 | }) | ||
399 | |||
400 | describe('When blocking a server', function () { | ||
401 | it('Should fail with an unauthenticated user', async function () { | ||
402 | await makePostBodyRequest({ | ||
403 | url: server.url, | ||
404 | path, | ||
405 | fields: { host: 'localhost:9002' }, | ||
406 | statusCodeExpected: 401 | ||
407 | }) | ||
408 | }) | ||
409 | |||
410 | it('Should fail with a user without the appropriate rights', async function () { | ||
411 | await makePostBodyRequest({ | ||
412 | url: server.url, | ||
413 | token: userAccessToken, | ||
414 | path, | ||
415 | fields: { host: 'localhost:9002' }, | ||
416 | statusCodeExpected: 403 | ||
417 | }) | ||
418 | }) | ||
419 | |||
420 | it('Should fail with an unknown server', async function () { | ||
421 | await makePostBodyRequest({ | ||
422 | url: server.url, | ||
423 | token: server.accessToken, | ||
424 | path, | ||
425 | fields: { host: 'localhost:9003' }, | ||
426 | statusCodeExpected: 404 | ||
427 | }) | ||
428 | }) | ||
429 | |||
430 | it('Should fail with our own server', async function () { | ||
431 | await makePostBodyRequest({ | ||
432 | url: server.url, | ||
433 | token: server.accessToken, | ||
434 | path, | ||
435 | fields: { host: 'localhost:9001' }, | ||
436 | statusCodeExpected: 409 | ||
437 | }) | ||
438 | }) | ||
439 | |||
440 | it('Should succeed with the correct params', async function () { | ||
441 | await makePostBodyRequest({ | ||
442 | url: server.url, | ||
443 | token: server.accessToken, | ||
444 | path, | ||
445 | fields: { host: 'localhost:9002' }, | ||
446 | statusCodeExpected: 204 | ||
447 | }) | ||
448 | }) | ||
449 | }) | ||
450 | |||
451 | describe('When unblocking a server', function () { | ||
452 | it('Should fail with an unauthenticated user', async function () { | ||
453 | await makeDeleteRequest({ | ||
454 | url: server.url, | ||
455 | path: path + '/localhost:9002', | ||
456 | statusCodeExpected: 401 | ||
457 | }) | ||
458 | }) | ||
459 | |||
460 | it('Should fail with a user without the appropriate rights', async function () { | ||
461 | await makeDeleteRequest({ | ||
462 | url: server.url, | ||
463 | path: path + '/localhost:9002', | ||
464 | token: userAccessToken, | ||
465 | statusCodeExpected: 403 | ||
466 | }) | ||
467 | }) | ||
468 | |||
469 | it('Should fail with an unknown server block', async function () { | ||
470 | await makeDeleteRequest({ | ||
471 | url: server.url, | ||
472 | path: path + '/localhost:9003', | ||
473 | token: server.accessToken, | ||
474 | statusCodeExpected: 404 | ||
475 | }) | ||
476 | }) | ||
477 | |||
478 | it('Should succeed with the correct params', async function () { | ||
479 | await makeDeleteRequest({ | ||
480 | url: server.url, | ||
481 | path: path + '/localhost:9002', | ||
482 | token: server.accessToken, | ||
483 | statusCodeExpected: 204 | ||
484 | }) | ||
485 | }) | ||
486 | }) | ||
487 | }) | ||
488 | }) | ||
489 | |||
490 | after(async function () { | ||
491 | killallServers(servers) | ||
492 | |||
493 | // Keep the logs if the test failed | ||
494 | if (this['ok']) { | ||
495 | await flushTests() | ||
496 | } | ||
497 | }) | ||
498 | }) | ||