PeerTube/server/tests/api/check-params/follows.ts

/* tslint:disable:no-unused-expression */

import 'mocha'

import {
  cleanupTests,
  createUser,
  flushAndRunServer,
  makeDeleteRequest, makeGetRequest,
  makePostBodyRequest,
  ServerInfo,
  setAccessTokensToServers,
  userLogin
} from '../../../../shared/extra-utils'
import {
  checkBadCountPagination,
  checkBadSortPagination,
  checkBadStartPagination
} from '../../../../shared/extra-utils/requests/check-api-params'

describe('Test server follows API validators', function () {
  let server: ServerInfo

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(30000)

    server = await flushAndRunServer(1)

    await setAccessTokensToServers([ server ])
  })

  describe('When managing following', function () {
    let userAccessToken = null

    before(async function () {
      const user = {
        username: 'user1',
        password: 'password'
      }

      await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })
      userAccessToken = await userLogin(server, user)
    })

    describe('When adding follows', function () {
      const path = '/api/v1/server/following'

      it('Should fail without hosts', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if hosts is not an array', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          token: server.accessToken,
          fields: { hosts: 'localhost:9002' },
          statusCodeExpected: 400
        })
      })

      it('Should fail if the array is not composed by hosts', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if the array is composed with http schemes', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail if hosts are not unique', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002' ] },
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path,
          fields: { hosts: [ 'localhost:9002' ] },
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })
    })

    describe('When listing followings', function () {
      const path = '/api/v1/server/following'

      it('Should fail with a bad start pagination', async function () {
        await checkBadStartPagination(server.url, path)
      })

      it('Should fail with a bad count pagination', async function () {
        await checkBadCountPagination(server.url, path)
      })

      it('Should fail with an incorrect sort', async function () {
        await checkBadSortPagination(server.url, path)
      })

      it('Should fail with an incorrect state', async function () {
        await makeGetRequest({
          url: server.url,
          path,
          query: {
            state: 'blabla'
          }
        })
      })

      it('Should fail succeed with the correct params', async function () {
        await makeGetRequest({
          url: server.url,
          path,
          statusCodeExpected: 200,
          query: {
            state: 'accepted'
          }
        })
      })
    })

    describe('When listing followers', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with a bad start pagination', async function () {
        await checkBadStartPagination(server.url, path)
      })

      it('Should fail with a bad count pagination', async function () {
        await checkBadCountPagination(server.url, path)
      })

      it('Should fail with an incorrect sort', async function () {
        await checkBadSortPagination(server.url, path)
      })

      it('Should fail with an incorrect state', async function () {
        await makeGetRequest({
          url: server.url,
          path,
          query: {
            state: 'blabla'
          }
        })
      })

      it('Should fail succeed with the correct params', async function () {
        await makeGetRequest({
          url: server.url,
          path,
          statusCodeExpected: 200,
          query: {
            state: 'accepted'
          }
        })
      })
    })

    describe('When removing a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9002',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9002',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/toto@localhost:9003',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When accepting a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/accept',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/accept',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto/accept',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9003/accept',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When rejecting a follower', function () {
      const path = '/api/v1/server/followers'

      it('Should fail with an invalid token', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/reject',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9002/reject',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail with an invalid follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto/reject',
          token: server.accessToken,
          statusCodeExpected: 400
        })
      })

      it('Should fail with an unknown follower', async function () {
        await makePostBodyRequest({
          url: server.url,
          path: path + '/toto@localhost:9003/reject',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })

    describe('When removing following', function () {
      const path = '/api/v1/server/following'

      it('Should fail with an invalid token', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/localhost:9002',
          token: 'fake_token',
          statusCodeExpected: 401
        })
      })

      it('Should fail if the user is not an administrator', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/localhost:9002',
          token: userAccessToken,
          statusCodeExpected: 403
        })
      })

      it('Should fail if we do not follow this server', async function () {
        await makeDeleteRequest({
          url: server.url,
          path: path + '/example.com',
          token: server.accessToken,
          statusCodeExpected: 404
        })
      })
    })
  })

  after(async function () {
    await cleanupTests([ server ])
  })
})
Optimize signature verification 2017-11-17 15:20:42 +01:00			`/* tslint:disable:no-unused-expression */`

			`import 'mocha'`

			`import {`
Use test wrapper exit function 2019-04-24 15:10:37 +02:00			`cleanupTests,`
			`createUser,`
			`flushAndRunServer,`
Only display accepted followers/followings in about page 2019-11-28 11:37:32 +01:00			`makeDeleteRequest, makeGetRequest,`
Use test wrapper exit function 2019-04-24 15:10:37 +02:00			`makePostBodyRequest,`
			`ServerInfo,`
			`setAccessTokensToServers,`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`userLogin`
Shared utils -> extra-utils Because they need dev dependencies 2019-04-15 15:26:15 +02:00			`} from '../../../../shared/extra-utils'`
Move utils to /shared Move utils used by /server/tools/* & /server/tests/*/ into /shared folder. Issue: #1336 2018-10-29 17:48:31 +01:00			`import {`
			`checkBadCountPagination,`
			`checkBadSortPagination,`
			`checkBadStartPagination`
Shared utils -> extra-utils Because they need dev dependencies 2019-04-15 15:26:15 +02:00			`} from '../../../../shared/extra-utils/requests/check-api-params'`
Optimize signature verification 2017-11-17 15:20:42 +01:00
			`describe('Test server follows API validators', function () {`
			`let server: ServerInfo`

			`// ---------------------------------------------------------------`

			`before(async function () {`
Increase tests timeout 2018-01-18 18:10:45 +01:00			`this.timeout(30000)`
Optimize signature verification 2017-11-17 15:20:42 +01:00
Cleanup tests 2019-04-24 10:53:40 +02:00			`server = await flushAndRunServer(1)`
Optimize signature verification 2017-11-17 15:20:42 +01:00
			`await setAccessTokensToServers([ server ])`
			`})`

			`describe('When managing following', function () {`
			`let userAccessToken = null`

			`before(async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`const user = {`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`username: 'user1',`
			`password: 'password'`
			`}`

Add user adminFlags 2019-04-15 10:49:46 +02:00			`await createUser({ url: server.url, accessToken: server.accessToken, username: user.username, password: user.password })`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`userAccessToken = await userLogin(server, user)`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`describe('When adding follows', function () {`
			`const path = '/api/v1/server/following'`

			`it('Should fail without hosts', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await makePostBodyRequest({`
			`url: server.url,`
			`path,`
			`token: server.accessToken,`
			`statusCodeExpected: 400`
			`})`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`it('Should fail if hosts is not an array', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await makePostBodyRequest({`
			`url: server.url,`
			`path,`
			`token: server.accessToken,`
			`fields: { hosts: 'localhost:9002' },`
			`statusCodeExpected: 400`
			`})`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`it('Should fail if the array is not composed by hosts', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await makePostBodyRequest({`
			`url: server.url,`
			`path,`
			`fields: { hosts: [ 'localhost:9002', 'localhost:coucou' ] },`
			`token: server.accessToken,`
			`statusCodeExpected: 400`
			`})`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`it('Should fail if the array is composed with http schemes', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await makePostBodyRequest({`
			`url: server.url,`
			`path,`
			`fields: { hosts: [ 'localhost:9002', 'http://localhost:9003' ] },`
			`token: server.accessToken,`
			`statusCodeExpected: 400`
			`})`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`it('Should fail if hosts are not unique', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await makePostBodyRequest({`
			`url: server.url,`
			`path,`
			`fields: { urls: [ 'localhost:9002', 'localhost:9002' ] },`
			`token: server.accessToken,`
			`statusCodeExpected: 400`
			`})`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`it('Should fail with an invalid token', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await makePostBodyRequest({`
			`url: server.url,`
			`path,`
			`fields: { hosts: [ 'localhost:9002' ] },`
			`token: 'fake_token',`
			`statusCodeExpected: 401`
			`})`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`it('Should fail if the user is not an administrator', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await makePostBodyRequest({`
			`url: server.url,`
			`path,`
			`fields: { hosts: [ 'localhost:9002' ] },`
			`token: userAccessToken,`
			`statusCodeExpected: 403`
			`})`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`
			`})`

			`describe('When listing followings', function () {`
			`const path = '/api/v1/server/following'`

			`it('Should fail with a bad start pagination', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await checkBadStartPagination(server.url, path)`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`it('Should fail with a bad count pagination', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await checkBadCountPagination(server.url, path)`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`it('Should fail with an incorrect sort', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await checkBadSortPagination(server.url, path)`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`
Only display accepted followers/followings in about page 2019-11-28 11:37:32 +01:00
			`it('Should fail with an incorrect state', async function () {`
			`await makeGetRequest({`
			`url: server.url,`
			`path,`
			`query: {`
			`state: 'blabla'`
			`}`
			`})`
			`})`

			`it('Should fail succeed with the correct params', async function () {`
			`await makeGetRequest({`
			`url: server.url,`
			`path,`
			`statusCodeExpected: 200,`
			`query: {`
			`state: 'accepted'`
			`}`
			`})`
			`})`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`describe('When listing followers', function () {`
			`const path = '/api/v1/server/followers'`

			`it('Should fail with a bad start pagination', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await checkBadStartPagination(server.url, path)`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`it('Should fail with a bad count pagination', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await checkBadCountPagination(server.url, path)`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

			`it('Should fail with an incorrect sort', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await checkBadSortPagination(server.url, path)`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`
Only display accepted followers/followings in about page 2019-11-28 11:37:32 +01:00
			`it('Should fail with an incorrect state', async function () {`
			`await makeGetRequest({`
			`url: server.url,`
			`path,`
			`query: {`
			`state: 'blabla'`
			`}`
			`})`
			`})`

			`it('Should fail succeed with the correct params', async function () {`
			`await makeGetRequest({`
			`url: server.url,`
			`path,`
			`statusCodeExpected: 200,`
			`query: {`
			`state: 'accepted'`
			`}`
			`})`
			`})`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`

Add ability to forbid followers 2019-04-08 14:04:57 +02:00			`describe('When removing a follower', function () {`
			`const path = '/api/v1/server/followers'`

			`it('Should fail with an invalid token', async function () {`
			`await makeDeleteRequest({`
			`url: server.url,`
			`path: path + '/toto@localhost:9002',`
			`token: 'fake_token',`
			`statusCodeExpected: 401`
			`})`
			`})`

			`it('Should fail if the user is not an administrator', async function () {`
			`await makeDeleteRequest({`
			`url: server.url,`
			`path: path + '/toto@localhost:9002',`
			`token: userAccessToken,`
			`statusCodeExpected: 403`
			`})`
			`})`

			`it('Should fail with an invalid follower', async function () {`
			`await makeDeleteRequest({`
			`url: server.url,`
			`path: path + '/toto',`
			`token: server.accessToken,`
			`statusCodeExpected: 400`
			`})`
			`})`

			`it('Should fail with an unknown follower', async function () {`
			`await makeDeleteRequest({`
			`url: server.url,`
			`path: path + '/toto@localhost:9003',`
			`token: server.accessToken,`
			`statusCodeExpected: 404`
			`})`
			`})`
			`})`

Add ability to manually approves instance followers in REST API 2019-04-08 15:18:04 +02:00			`describe('When accepting a follower', function () {`
			`const path = '/api/v1/server/followers'`

			`it('Should fail with an invalid token', async function () {`
			`await makePostBodyRequest({`
			`url: server.url,`
			`path: path + '/toto@localhost:9002/accept',`
			`token: 'fake_token',`
			`statusCodeExpected: 401`
			`})`
			`})`

			`it('Should fail if the user is not an administrator', async function () {`
			`await makePostBodyRequest({`
			`url: server.url,`
			`path: path + '/toto@localhost:9002/accept',`
			`token: userAccessToken,`
			`statusCodeExpected: 403`
			`})`
			`})`

			`it('Should fail with an invalid follower', async function () {`
			`await makePostBodyRequest({`
			`url: server.url,`
			`path: path + '/toto/accept',`
			`token: server.accessToken,`
			`statusCodeExpected: 400`
			`})`
			`})`

			`it('Should fail with an unknown follower', async function () {`
			`await makePostBodyRequest({`
			`url: server.url,`
			`path: path + '/toto@localhost:9003/accept',`
			`token: server.accessToken,`
			`statusCodeExpected: 404`
			`})`
			`})`
			`})`

			`describe('When rejecting a follower', function () {`
			`const path = '/api/v1/server/followers'`

			`it('Should fail with an invalid token', async function () {`
			`await makePostBodyRequest({`
			`url: server.url,`
			`path: path + '/toto@localhost:9002/reject',`
			`token: 'fake_token',`
			`statusCodeExpected: 401`
			`})`
			`})`

			`it('Should fail if the user is not an administrator', async function () {`
			`await makePostBodyRequest({`
			`url: server.url,`
			`path: path + '/toto@localhost:9002/reject',`
			`token: userAccessToken,`
			`statusCodeExpected: 403`
			`})`
			`})`

			`it('Should fail with an invalid follower', async function () {`
			`await makePostBodyRequest({`
			`url: server.url,`
			`path: path + '/toto/reject',`
			`token: server.accessToken,`
			`statusCodeExpected: 400`
			`})`
			`})`

			`it('Should fail with an unknown follower', async function () {`
			`await makePostBodyRequest({`
			`url: server.url,`
			`path: path + '/toto@localhost:9003/reject',`
			`token: server.accessToken,`
			`statusCodeExpected: 404`
			`})`
			`})`
			`})`

Optimize signature verification 2017-11-17 15:20:42 +01:00			`describe('When removing following', function () {`
Add follow tests 2017-11-21 13:43:29 +01:00			`const path = '/api/v1/server/following'`

			`it('Should fail with an invalid token', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await makeDeleteRequest({`
			`url: server.url,`
			`path: path + '/localhost:9002',`
			`token: 'fake_token',`
			`statusCodeExpected: 401`
			`})`
Add follow tests 2017-11-21 13:43:29 +01:00			`})`

			`it('Should fail if the user is not an administrator', async function () {`
Improve check follow params tests 2017-12-28 14:29:57 +01:00			`await makeDeleteRequest({`
			`url: server.url,`
			`path: path + '/localhost:9002',`
			`token: userAccessToken,`
			`statusCodeExpected: 403`
			`})`
			`})`

			`it('Should fail if we do not follow this server', async function () {`
			`await makeDeleteRequest({`
			`url: server.url,`
			`path: path + '/example.com',`
			`token: server.accessToken,`
			`statusCodeExpected: 404`
			`})`
			`})`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`
			`})`

Use test wrapper exit function 2019-04-24 15:10:37 +02:00			`after(async function () {`
			`await cleanupTests([ server ])`
Optimize signature verification 2017-11-17 15:20:42 +01:00			`})`
			`})`