aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/tests/api/check-params
diff options
context:
space:
mode:
Diffstat (limited to 'server/tests/api/check-params')
-rw-r--r--server/tests/api/check-params/video-captions.ts28
-rw-r--r--server/tests/api/check-params/video-imports.ts28
2 files changed, 55 insertions, 1 deletions
diff --git a/server/tests/api/check-params/video-captions.ts b/server/tests/api/check-params/video-captions.ts
index 8a8840793..9881df80c 100644
--- a/server/tests/api/check-params/video-captions.ts
+++ b/server/tests/api/check-params/video-captions.ts
@@ -2,7 +2,7 @@
2 2
3import 'mocha' 3import 'mocha'
4import { buildAbsoluteFixturePath } from '@shared/core-utils' 4import { buildAbsoluteFixturePath } from '@shared/core-utils'
5import { HttpStatusCode, VideoCreateResult } from '@shared/models' 5import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models'
6import { 6import {
7 cleanupTests, 7 cleanupTests,
8 createSingleServer, 8 createSingleServer,
@@ -19,6 +19,7 @@ describe('Test video captions API validator', function () {
19 let server: PeerTubeServer 19 let server: PeerTubeServer
20 let userAccessToken: string 20 let userAccessToken: string
21 let video: VideoCreateResult 21 let video: VideoCreateResult
22 let privateVideo: VideoCreateResult
22 23
23 // --------------------------------------------------------------- 24 // ---------------------------------------------------------------
24 25
@@ -30,6 +31,7 @@ describe('Test video captions API validator', function () {
30 await setAccessTokensToServers([ server ]) 31 await setAccessTokensToServers([ server ])
31 32
32 video = await server.videos.upload() 33 video = await server.videos.upload()
34 privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
33 35
34 { 36 {
35 const user = { 37 const user = {
@@ -204,8 +206,32 @@ describe('Test video captions API validator', function () {
204 }) 206 })
205 }) 207 })
206 208
209 it('Should fail with a private video without token', async function () {
210 await makeGetRequest({
211 url: server.url,
212 path: path + privateVideo.shortUUID + '/captions',
213 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
214 })
215 })
216
217 it('Should fail with another user token', async function () {
218 await makeGetRequest({
219 url: server.url,
220 token: userAccessToken,
221 path: path + privateVideo.shortUUID + '/captions',
222 expectedStatus: HttpStatusCode.FORBIDDEN_403
223 })
224 })
225
207 it('Should success with the correct parameters', async function () { 226 it('Should success with the correct parameters', async function () {
208 await makeGetRequest({ url: server.url, path: path + video.shortUUID + '/captions', expectedStatus: HttpStatusCode.OK_200 }) 227 await makeGetRequest({ url: server.url, path: path + video.shortUUID + '/captions', expectedStatus: HttpStatusCode.OK_200 })
228
229 await makeGetRequest({
230 url: server.url,
231 path: path + privateVideo.shortUUID + '/captions',
232 token: server.accessToken,
233 expectedStatus: HttpStatusCode.OK_200
234 })
209 }) 235 })
210 }) 236 })
211 237
diff --git a/server/tests/api/check-params/video-imports.ts b/server/tests/api/check-params/video-imports.ts
index ddea68db4..da05793a0 100644
--- a/server/tests/api/check-params/video-imports.ts
+++ b/server/tests/api/check-params/video-imports.ts
@@ -105,6 +105,34 @@ describe('Test video imports API validator', function () {
105 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 105 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
106 }) 106 })
107 107
108 it('Should fail with localhost', async function () {
109 const fields = { ...baseCorrectParams, targetUrl: 'http://localhost:8000' }
110
111 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
112 })
113
114 it('Should fail with a private IP target urls', async function () {
115 const targetUrls = [
116 'http://127.0.0.1:8000',
117 'http://127.0.0.1',
118 'http://127.0.0.1/hello',
119 'https://192.168.1.42',
120 'http://192.168.1.42'
121 ]
122
123 for (const targetUrl of targetUrls) {
124 const fields = { ...baseCorrectParams, targetUrl }
125
126 await makePostBodyRequest({
127 url: server.url,
128 path,
129 token: server.accessToken,
130 fields,
131 expectedStatus: HttpStatusCode.FORBIDDEN_403
132 })
133 }
134 })
135
108 it('Should fail with a long name', async function () { 136 it('Should fail with a long name', async function () {
109 const fields = { ...baseCorrectParams, name: 'super'.repeat(65) } 137 const fields = { ...baseCorrectParams, name: 'super'.repeat(65) }
110 138