aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/middlewares/validators/videos/videos.ts6
-rw-r--r--server/tests/api/users/users.ts18
2 files changed, 12 insertions, 12 deletions
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index fd0e543f1..64e09234e 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -252,7 +252,7 @@ async function checkVideoFollowConstraints (req: express.Request, res: express.R
252 252
253 return res.fail({ 253 return res.fail({
254 status: HttpStatusCode.FORBIDDEN_403, 254 status: HttpStatusCode.FORBIDDEN_403,
255 message: 'Cannot get this video regarding follow constraints.', 255 message: 'Cannot get this video regarding follow constraints',
256 type: ServerErrorCode.DOES_NOT_RESPECT_FOLLOW_CONSTRAINTS, 256 type: ServerErrorCode.DOES_NOT_RESPECT_FOLLOW_CONSTRAINTS,
257 data: { 257 data: {
258 originUrl: video.url 258 originUrl: video.url
@@ -285,11 +285,11 @@ const videosCustomGetValidator = (
285 285
286 const user = res.locals.oauth ? res.locals.oauth.token.User : null 286 const user = res.locals.oauth ? res.locals.oauth.token.User : null
287 287
288 // Only the owner or a user that have blacklist rights can see the video 288 // Only the owner or a user that have blocklist rights can see the video
289 if (!user || !user.canGetVideo(video)) { 289 if (!user || !user.canGetVideo(video)) {
290 return res.fail({ 290 return res.fail({
291 status: HttpStatusCode.FORBIDDEN_403, 291 status: HttpStatusCode.FORBIDDEN_403,
292 message: 'Cannot get this private/internal or blacklisted video.' 292 message: 'Cannot get this private/internal or blocklisted video'
293 }) 293 })
294 } 294 }
295 295
diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts
index 464c11d34..87ba775f6 100644
--- a/server/tests/api/users/users.ts
+++ b/server/tests/api/users/users.ts
@@ -3,7 +3,7 @@
3import 'mocha' 3import 'mocha'
4import * as chai from 'chai' 4import * as chai from 'chai'
5import { AbuseState, AbuseUpdate, MyUser, User, UserRole, Video, VideoPlaylistType } from '@shared/models' 5import { AbuseState, AbuseUpdate, MyUser, User, UserRole, Video, VideoPlaylistType } from '@shared/models'
6import { CustomConfig } from '@shared/models/server' 6import { CustomConfig, OAuth2ErrorCode } from '@shared/models/server'
7import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes' 7import { HttpStatusCode } from '../../../../shared/core-utils/miscs/http-error-codes'
8import { 8import {
9 addVideoCommentThread, 9 addVideoCommentThread,
@@ -93,20 +93,20 @@ describe('Test users', function () {
93 const client = { id: 'client', secret: server.client.secret } 93 const client = { id: 'client', secret: server.client.secret }
94 const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400) 94 const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
95 95
96 expect(res.body.code).to.equal('invalid_client') 96 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
97 expect(res.body.error).to.contain('client is invalid') 97 expect(res.body.error).to.contain('client is invalid')
98 expect(res.body.type.startsWith('https://')).to.be.true 98 expect(res.body.type.startsWith('https://')).to.be.true
99 expect(res.body.type).to.contain('invalid_client') 99 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
100 }) 100 })
101 101
102 it('Should not login with an invalid client secret', async function () { 102 it('Should not login with an invalid client secret', async function () {
103 const client = { id: server.client.id, secret: 'coucou' } 103 const client = { id: server.client.id, secret: 'coucou' }
104 const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400) 104 const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
105 105
106 expect(res.body.code).to.equal('invalid_client') 106 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
107 expect(res.body.error).to.contain('client is invalid') 107 expect(res.body.error).to.contain('client is invalid')
108 expect(res.body.type.startsWith('https://')).to.be.true 108 expect(res.body.type.startsWith('https://')).to.be.true
109 expect(res.body.type).to.contain('invalid_client') 109 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
110 }) 110 })
111 }) 111 })
112 112
@@ -116,20 +116,20 @@ describe('Test users', function () {
116 const user = { username: 'captain crochet', password: server.user.password } 116 const user = { username: 'captain crochet', password: server.user.password }
117 const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400) 117 const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
118 118
119 expect(res.body.code).to.equal('invalid_grant') 119 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
120 expect(res.body.error).to.contain('credentials are invalid') 120 expect(res.body.error).to.contain('credentials are invalid')
121 expect(res.body.type.startsWith('https://')).to.be.true 121 expect(res.body.type.startsWith('https://')).to.be.true
122 expect(res.body.type).to.contain('invalid_grant') 122 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
123 }) 123 })
124 124
125 it('Should not login with an invalid password', async function () { 125 it('Should not login with an invalid password', async function () {
126 const user = { username: server.user.username, password: 'mew_three' } 126 const user = { username: server.user.username, password: 'mew_three' }
127 const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400) 127 const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
128 128
129 expect(res.body.code).to.equal('invalid_grant') 129 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
130 expect(res.body.error).to.contain('credentials are invalid') 130 expect(res.body.error).to.contain('credentials are invalid')
131 expect(res.body.type.startsWith('https://')).to.be.true 131 expect(res.body.type.startsWith('https://')).to.be.true
132 expect(res.body.type).to.contain('invalid_grant') 132 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
133 }) 133 })
134 134
135 it('Should not be able to upload a video', async function () { 135 it('Should not be able to upload a video', async function () {