diff options
Diffstat (limited to 'server/tests/api/check-params')
-rw-r--r-- | server/tests/api/check-params/abuses.ts | 153 |
1 files changed, 136 insertions, 17 deletions
diff --git a/server/tests/api/check-params/abuses.ts b/server/tests/api/check-params/abuses.ts index 8964c0ab2..5e1d66c25 100644 --- a/server/tests/api/check-params/abuses.ts +++ b/server/tests/api/check-params/abuses.ts | |||
@@ -13,7 +13,11 @@ import { | |||
13 | setAccessTokensToServers, | 13 | setAccessTokensToServers, |
14 | updateAbuse, | 14 | updateAbuse, |
15 | uploadVideo, | 15 | uploadVideo, |
16 | userLogin | 16 | userLogin, |
17 | generateUserAccessToken, | ||
18 | addAbuseMessage, | ||
19 | listAbuseMessages, | ||
20 | deleteAbuseMessage | ||
17 | } from '../../../../shared/extra-utils' | 21 | } from '../../../../shared/extra-utils' |
18 | import { | 22 | import { |
19 | checkBadCountPagination, | 23 | checkBadCountPagination, |
@@ -26,7 +30,9 @@ describe('Test abuses API validators', function () { | |||
26 | 30 | ||
27 | let server: ServerInfo | 31 | let server: ServerInfo |
28 | let userAccessToken = '' | 32 | let userAccessToken = '' |
33 | let userAccessToken2 = '' | ||
29 | let abuseId: number | 34 | let abuseId: number |
35 | let messageId: number | ||
30 | 36 | ||
31 | // --------------------------------------------------------------- | 37 | // --------------------------------------------------------------- |
32 | 38 | ||
@@ -42,11 +48,15 @@ describe('Test abuses API validators', function () { | |||
42 | await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password }) | 48 | await createUser({ url: server.url, accessToken: server.accessToken, username: username, password: password }) |
43 | userAccessToken = await userLogin(server, { username, password }) | 49 | userAccessToken = await userLogin(server, { username, password }) |
44 | 50 | ||
51 | { | ||
52 | userAccessToken2 = await generateUserAccessToken(server, 'user_2') | ||
53 | } | ||
54 | |||
45 | const res = await uploadVideo(server.url, server.accessToken, {}) | 55 | const res = await uploadVideo(server.url, server.accessToken, {}) |
46 | server.video = res.body.video | 56 | server.video = res.body.video |
47 | }) | 57 | }) |
48 | 58 | ||
49 | describe('When listing abuses', function () { | 59 | describe('When listing abuses for admins', function () { |
50 | const path = basePath | 60 | const path = basePath |
51 | 61 | ||
52 | it('Should fail with a bad start pagination', async function () { | 62 | it('Should fail with a bad start pagination', async function () { |
@@ -113,47 +123,89 @@ describe('Test abuses API validators', function () { | |||
113 | }) | 123 | }) |
114 | }) | 124 | }) |
115 | 125 | ||
126 | describe('When listing abuses for users', function () { | ||
127 | const path = '/api/v1/users/me/abuses' | ||
128 | |||
129 | it('Should fail with a bad start pagination', async function () { | ||
130 | await checkBadStartPagination(server.url, path, userAccessToken) | ||
131 | }) | ||
132 | |||
133 | it('Should fail with a bad count pagination', async function () { | ||
134 | await checkBadCountPagination(server.url, path, userAccessToken) | ||
135 | }) | ||
136 | |||
137 | it('Should fail with an incorrect sort', async function () { | ||
138 | await checkBadSortPagination(server.url, path, userAccessToken) | ||
139 | }) | ||
140 | |||
141 | it('Should fail with a non authenticated user', async function () { | ||
142 | await makeGetRequest({ | ||
143 | url: server.url, | ||
144 | path, | ||
145 | statusCodeExpected: 401 | ||
146 | }) | ||
147 | }) | ||
148 | |||
149 | it('Should fail with a bad id filter', async function () { | ||
150 | await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { id: 'toto' } }) | ||
151 | }) | ||
152 | |||
153 | it('Should fail with a bad state filter', async function () { | ||
154 | await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { state: 'toto' } }) | ||
155 | await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { state: 0 } }) | ||
156 | }) | ||
157 | |||
158 | it('Should succeed with the correct params', async function () { | ||
159 | const query = { | ||
160 | id: 13, | ||
161 | state: 2 | ||
162 | } | ||
163 | |||
164 | await makeGetRequest({ url: server.url, path, token: userAccessToken, query, statusCodeExpected: 200 }) | ||
165 | }) | ||
166 | }) | ||
167 | |||
116 | describe('When reporting an abuse', function () { | 168 | describe('When reporting an abuse', function () { |
117 | const path = basePath | 169 | const path = basePath |
118 | 170 | ||
119 | it('Should fail with nothing', async function () { | 171 | it('Should fail with nothing', async function () { |
120 | const fields = {} | 172 | const fields = {} |
121 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 173 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields }) |
122 | }) | 174 | }) |
123 | 175 | ||
124 | it('Should fail with a wrong video', async function () { | 176 | it('Should fail with a wrong video', async function () { |
125 | const fields = { video: { id: 'blabla' }, reason: 'my super reason' } | 177 | const fields = { video: { id: 'blabla' }, reason: 'my super reason' } |
126 | await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields }) | 178 | await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields }) |
127 | }) | 179 | }) |
128 | 180 | ||
129 | it('Should fail with an unknown video', async function () { | 181 | it('Should fail with an unknown video', async function () { |
130 | const fields = { video: { id: 42 }, reason: 'my super reason' } | 182 | const fields = { video: { id: 42 }, reason: 'my super reason' } |
131 | await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 }) | 183 | await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields, statusCodeExpected: 404 }) |
132 | }) | 184 | }) |
133 | 185 | ||
134 | it('Should fail with a wrong comment', async function () { | 186 | it('Should fail with a wrong comment', async function () { |
135 | const fields = { comment: { id: 'blabla' }, reason: 'my super reason' } | 187 | const fields = { comment: { id: 'blabla' }, reason: 'my super reason' } |
136 | await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields }) | 188 | await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields }) |
137 | }) | 189 | }) |
138 | 190 | ||
139 | it('Should fail with an unknown comment', async function () { | 191 | it('Should fail with an unknown comment', async function () { |
140 | const fields = { comment: { id: 42 }, reason: 'my super reason' } | 192 | const fields = { comment: { id: 42 }, reason: 'my super reason' } |
141 | await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 }) | 193 | await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields, statusCodeExpected: 404 }) |
142 | }) | 194 | }) |
143 | 195 | ||
144 | it('Should fail with a wrong account', async function () { | 196 | it('Should fail with a wrong account', async function () { |
145 | const fields = { account: { id: 'blabla' }, reason: 'my super reason' } | 197 | const fields = { account: { id: 'blabla' }, reason: 'my super reason' } |
146 | await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields }) | 198 | await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields }) |
147 | }) | 199 | }) |
148 | 200 | ||
149 | it('Should fail with an unknown account', async function () { | 201 | it('Should fail with an unknown account', async function () { |
150 | const fields = { account: { id: 42 }, reason: 'my super reason' } | 202 | const fields = { account: { id: 42 }, reason: 'my super reason' } |
151 | await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 404 }) | 203 | await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields, statusCodeExpected: 404 }) |
152 | }) | 204 | }) |
153 | 205 | ||
154 | it('Should fail with not account, comment or video', async function () { | 206 | it('Should fail with not account, comment or video', async function () { |
155 | const fields = { reason: 'my super reason' } | 207 | const fields = { reason: 'my super reason' } |
156 | await makePostBodyRequest({ url: server.url, path: path, token: server.accessToken, fields, statusCodeExpected: 400 }) | 208 | await makePostBodyRequest({ url: server.url, path: path, token: userAccessToken, fields, statusCodeExpected: 400 }) |
157 | }) | 209 | }) |
158 | 210 | ||
159 | it('Should fail with a non authenticated user', async function () { | 211 | it('Should fail with a non authenticated user', async function () { |
@@ -165,38 +217,38 @@ describe('Test abuses API validators', function () { | |||
165 | it('Should fail with a reason too short', async function () { | 217 | it('Should fail with a reason too short', async function () { |
166 | const fields = { video: { id: server.video.id }, reason: 'h' } | 218 | const fields = { video: { id: server.video.id }, reason: 'h' } |
167 | 219 | ||
168 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 220 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields }) |
169 | }) | 221 | }) |
170 | 222 | ||
171 | it('Should fail with a too big reason', async function () { | 223 | it('Should fail with a too big reason', async function () { |
172 | const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) } | 224 | const fields = { video: { id: server.video.id }, reason: 'super'.repeat(605) } |
173 | 225 | ||
174 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 226 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields }) |
175 | }) | 227 | }) |
176 | 228 | ||
177 | it('Should succeed with the correct parameters (basic)', async function () { | 229 | it('Should succeed with the correct parameters (basic)', async function () { |
178 | const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' } | 230 | const fields: AbuseCreate = { video: { id: server.video.id }, reason: 'my super reason' } |
179 | 231 | ||
180 | const res = await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 }) | 232 | const res = await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 200 }) |
181 | abuseId = res.body.abuse.id | 233 | abuseId = res.body.abuse.id |
182 | }) | 234 | }) |
183 | 235 | ||
184 | it('Should fail with a wrong predefined reason', async function () { | 236 | it('Should fail with a wrong predefined reason', async function () { |
185 | const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] } | 237 | const fields = { video: { id: server.video.id }, reason: 'my super reason', predefinedReasons: [ 'wrongPredefinedReason' ] } |
186 | 238 | ||
187 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 239 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields }) |
188 | }) | 240 | }) |
189 | 241 | ||
190 | it('Should fail with negative timestamps', async function () { | 242 | it('Should fail with negative timestamps', async function () { |
191 | const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' } | 243 | const fields = { video: { id: server.video.id, startAt: -1 }, reason: 'my super reason' } |
192 | 244 | ||
193 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 245 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields }) |
194 | }) | 246 | }) |
195 | 247 | ||
196 | it('Should fail mith misordered startAt/endAt', async function () { | 248 | it('Should fail mith misordered startAt/endAt', async function () { |
197 | const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' } | 249 | const fields = { video: { id: server.video.id, startAt: 5, endAt: 1 }, reason: 'my super reason' } |
198 | 250 | ||
199 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | 251 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields }) |
200 | }) | 252 | }) |
201 | 253 | ||
202 | it('Should succeed with the corret parameters (advanced)', async function () { | 254 | it('Should succeed with the corret parameters (advanced)', async function () { |
@@ -210,7 +262,7 @@ describe('Test abuses API validators', function () { | |||
210 | predefinedReasons: [ 'serverRules' ] | 262 | predefinedReasons: [ 'serverRules' ] |
211 | } | 263 | } |
212 | 264 | ||
213 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 200 }) | 265 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 200 }) |
214 | }) | 266 | }) |
215 | }) | 267 | }) |
216 | 268 | ||
@@ -244,6 +296,73 @@ describe('Test abuses API validators', function () { | |||
244 | }) | 296 | }) |
245 | }) | 297 | }) |
246 | 298 | ||
299 | describe('When creating an abuse message', function () { | ||
300 | const message = 'my super message' | ||
301 | |||
302 | it('Should fail with an invalid abuse id', async function () { | ||
303 | await addAbuseMessage(server.url, userAccessToken2, 888, message, 404) | ||
304 | }) | ||
305 | |||
306 | it('Should fail with a non authenticated user', async function () { | ||
307 | await addAbuseMessage(server.url, 'fake_token', abuseId, message, 401) | ||
308 | }) | ||
309 | |||
310 | it('Should fail with an invalid logged in user', async function () { | ||
311 | await addAbuseMessage(server.url, userAccessToken2, abuseId, message, 403) | ||
312 | }) | ||
313 | |||
314 | it('Should fail with an invalid message', async function () { | ||
315 | await addAbuseMessage(server.url, userAccessToken, abuseId, 'a'.repeat(5000), 400) | ||
316 | }) | ||
317 | |||
318 | it('Should suceed with the correct params', async function () { | ||
319 | const res = await addAbuseMessage(server.url, userAccessToken, abuseId, message) | ||
320 | messageId = res.body.abuseMessage.id | ||
321 | }) | ||
322 | }) | ||
323 | |||
324 | describe('When listing abuse message', function () { | ||
325 | |||
326 | it('Should fail with an invalid abuse id', async function () { | ||
327 | await listAbuseMessages(server.url, userAccessToken, 888, 404) | ||
328 | }) | ||
329 | |||
330 | it('Should fail with a non authenticated user', async function () { | ||
331 | await listAbuseMessages(server.url, 'fake_token', abuseId, 401) | ||
332 | }) | ||
333 | |||
334 | it('Should fail with an invalid logged in user', async function () { | ||
335 | await listAbuseMessages(server.url, userAccessToken2, abuseId, 403) | ||
336 | }) | ||
337 | |||
338 | it('Should succeed with the correct params', async function () { | ||
339 | await listAbuseMessages(server.url, userAccessToken, abuseId) | ||
340 | }) | ||
341 | }) | ||
342 | |||
343 | describe('When deleting an abuse message', function () { | ||
344 | |||
345 | it('Should fail with an invalid abuse id', async function () { | ||
346 | await deleteAbuseMessage(server.url, userAccessToken, 888, messageId, 404) | ||
347 | }) | ||
348 | |||
349 | it('Should fail with an invalid message id', async function () { | ||
350 | await deleteAbuseMessage(server.url, userAccessToken, abuseId, 888, 404) | ||
351 | }) | ||
352 | |||
353 | it('Should fail with a non authenticated user', async function () { | ||
354 | await deleteAbuseMessage(server.url, 'fake_token', abuseId, messageId, 401) | ||
355 | }) | ||
356 | |||
357 | it('Should fail with an invalid logged in user', async function () { | ||
358 | await deleteAbuseMessage(server.url, userAccessToken2, abuseId, messageId, 403) | ||
359 | }) | ||
360 | |||
361 | it('Should succeed with the correct params', async function () { | ||
362 | await deleteAbuseMessage(server.url, userAccessToken, abuseId, messageId) | ||
363 | }) | ||
364 | }) | ||
365 | |||
247 | describe('When deleting a video abuse', function () { | 366 | describe('When deleting a video abuse', function () { |
248 | 367 | ||
249 | it('Should fail with a non authenticated user', async function () { | 368 | it('Should fail with a non authenticated user', async function () { |