PeerTube/server/tests/api/check-params/video-comments.ts

485 lines
15 KiB
TypeScript
Raw Normal View History

2020-01-31 09:56:52 -06:00
/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2017-12-27 03:12:18 -06:00
2022-08-17 08:44:32 -05:00
import { expect } from 'chai'
import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '@server/tests/shared'
import { HttpStatusCode, VideoCreateResult, VideoPrivacy } from '@shared/models'
2017-12-28 09:26:28 -06:00
import {
2019-04-24 08:10:37 -05:00
cleanupTests,
2021-07-16 02:47:51 -05:00
createSingleServer,
2019-04-24 05:02:04 -05:00
makeDeleteRequest,
makeGetRequest,
makePostBodyRequest,
2021-07-16 02:47:51 -05:00
PeerTubeServer,
2021-07-15 03:02:54 -05:00
setAccessTokensToServers
} from '@shared/server-commands'
2017-12-27 03:12:18 -06:00
describe('Test video comments API validator', function () {
let pathThread: string
let pathComment: string
2021-07-16 02:47:51 -05:00
let server: PeerTubeServer
let video: VideoCreateResult
2018-01-04 04:19:16 -06:00
let userAccessToken: string
let userAccessToken2: string
2017-12-27 03:12:18 -06:00
let commentId: number
let privateCommentId: number
let privateVideo: VideoCreateResult
2017-12-27 03:12:18 -06:00
// ---------------------------------------------------------------
before(async function () {
2018-01-18 11:10:45 -06:00
this.timeout(30000)
2017-12-27 03:12:18 -06:00
2021-07-16 02:47:51 -05:00
server = await createSingleServer(1)
2017-12-27 03:12:18 -06:00
await setAccessTokensToServers([ server ])
{
2021-07-16 03:20:44 -05:00
video = await server.videos.upload({ attributes: {} })
pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
2017-12-27 03:12:18 -06:00
}
{
privateVideo = await server.videos.upload({ attributes: { privacy: VideoPrivacy.PRIVATE } })
}
2017-12-27 03:12:18 -06:00
{
2021-07-16 02:04:35 -05:00
const created = await server.comments.createThread({ videoId: video.uuid, text: 'coucou' })
2021-07-09 07:15:11 -05:00
commentId = created.id
pathComment = '/api/v1/videos/' + video.uuid + '/comments/' + commentId
2017-12-27 03:12:18 -06:00
}
2018-01-04 04:19:16 -06:00
{
const created = await server.comments.createThread({ videoId: privateVideo.uuid, text: 'coucou' })
privateCommentId = created.id
}
2018-01-04 04:19:16 -06:00
{
const user = { username: 'user1', password: 'my super password' }
2021-07-16 02:04:35 -05:00
await server.users.create({ username: user.username, password: user.password })
userAccessToken = await server.login.getAccessToken(user)
2018-01-04 04:19:16 -06:00
}
{
const user = { username: 'user2', password: 'my super password' }
2021-07-16 02:04:35 -05:00
await server.users.create({ username: user.username, password: user.password })
userAccessToken2 = await server.login.getAccessToken(user)
}
2017-12-27 03:12:18 -06:00
})
describe('When listing video comment threads', function () {
it('Should fail with a bad start pagination', async function () {
2017-12-28 09:26:28 -06:00
await checkBadStartPagination(server.url, pathThread, server.accessToken)
2017-12-27 03:12:18 -06:00
})
it('Should fail with a bad count pagination', async function () {
2017-12-28 09:26:28 -06:00
await checkBadCountPagination(server.url, pathThread, server.accessToken)
2017-12-27 03:12:18 -06:00
})
it('Should fail with an incorrect sort', async function () {
2017-12-28 09:26:28 -06:00
await checkBadSortPagination(server.url, pathThread, server.accessToken)
2017-12-27 03:12:18 -06:00
})
it('Should fail with an incorrect video', async function () {
2017-12-28 09:26:28 -06:00
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads',
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.NOT_FOUND_404
2017-12-28 09:26:28 -06:00
})
2017-12-27 03:12:18 -06:00
})
it('Should fail with a private video without token', async function () {
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
expectedStatus: HttpStatusCode.UNAUTHORIZED_401
})
})
it('Should fail with another user token', async function () {
await makeGetRequest({
url: server.url,
token: userAccessToken,
path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
expectedStatus: HttpStatusCode.FORBIDDEN_403
})
})
it('Should succeed with the correct params', async function () {
await makeGetRequest({
url: server.url,
token: server.accessToken,
path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
expectedStatus: HttpStatusCode.OK_200
})
})
2017-12-27 03:12:18 -06:00
})
describe('When listing comments of a thread', function () {
it('Should fail with an incorrect video', async function () {
2017-12-28 09:26:28 -06:00
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads/' + commentId,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.NOT_FOUND_404
2017-12-28 09:26:28 -06:00
})
2017-12-27 03:12:18 -06:00
})
it('Should fail with an incorrect thread id', async function () {
2017-12-28 09:26:28 -06:00
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/156',
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.NOT_FOUND_404
2017-12-28 09:26:28 -06:00
})
2017-12-27 03:12:18 -06:00
})
it('Should fail with a private video without token', async function () {
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
expectedStatus: HttpStatusCode.UNAUTHORIZED_401
})
})
it('Should fail with another user token', async function () {
await makeGetRequest({
url: server.url,
token: userAccessToken,
path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
expectedStatus: HttpStatusCode.FORBIDDEN_403
})
})
2017-12-27 03:12:18 -06:00
it('Should success with the correct params', async function () {
await makeGetRequest({
url: server.url,
token: server.accessToken,
path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads/' + privateCommentId,
expectedStatus: HttpStatusCode.OK_200
})
2017-12-28 09:26:28 -06:00
await makeGetRequest({
url: server.url,
path: '/api/v1/videos/' + video.shortUUID + '/comment-threads/' + commentId,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.OK_200
2017-12-28 09:26:28 -06:00
})
2017-12-27 03:12:18 -06:00
})
})
describe('When adding a video thread', function () {
it('Should fail with a non authenticated user', async function () {
const fields = {
text: 'text'
}
await makePostBodyRequest({
url: server.url,
path: pathThread,
token: 'none',
fields,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.UNAUTHORIZED_401
})
2017-12-27 03:12:18 -06:00
})
it('Should fail with nothing', async function () {
const fields = {}
await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
})
it('Should fail with a short comment', async function () {
const fields = {
2018-03-26 02:48:10 -05:00
text: ''
2017-12-27 03:12:18 -06:00
}
await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
})
it('Should fail with a long comment', async function () {
const fields = {
2020-05-05 09:48:30 -05:00
text: 'h'.repeat(10001)
2017-12-27 03:12:18 -06:00
}
await makePostBodyRequest({ url: server.url, path: pathThread, token: server.accessToken, fields })
})
it('Should fail with an incorrect video', async function () {
const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comment-threads'
const fields = { text: 'super comment' }
await makePostBodyRequest({
url: server.url,
path,
token: server.accessToken,
fields,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.NOT_FOUND_404
})
2017-12-27 03:12:18 -06:00
})
it('Should fail with a private video of another user', async function () {
const fields = { text: 'super comment' }
await makePostBodyRequest({
url: server.url,
path: '/api/v1/videos/' + privateVideo.shortUUID + '/comment-threads',
token: userAccessToken,
fields,
expectedStatus: HttpStatusCode.FORBIDDEN_403
})
})
2017-12-27 03:12:18 -06:00
it('Should succeed with the correct parameters', async function () {
const fields = { text: 'super comment' }
await makePostBodyRequest({
url: server.url,
path: pathThread,
token: server.accessToken,
fields,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.OK_200
})
2017-12-27 03:12:18 -06:00
})
})
describe('When adding a comment to a thread', function () {
2017-12-27 03:12:18 -06:00
it('Should fail with a non authenticated user', async function () {
const fields = {
text: 'text'
}
await makePostBodyRequest({
url: server.url,
path: pathComment,
token: 'none',
fields,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.UNAUTHORIZED_401
})
2017-12-27 03:12:18 -06:00
})
it('Should fail with nothing', async function () {
const fields = {}
await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
})
it('Should fail with a short comment', async function () {
const fields = {
2018-03-26 02:48:10 -05:00
text: ''
2017-12-27 03:12:18 -06:00
}
await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
})
it('Should fail with a long comment', async function () {
const fields = {
2020-05-05 09:48:30 -05:00
text: 'h'.repeat(10001)
2017-12-27 03:12:18 -06:00
}
await makePostBodyRequest({ url: server.url, path: pathComment, token: server.accessToken, fields })
})
it('Should fail with an incorrect video', async function () {
const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
const fields = {
text: 'super comment'
}
await makePostBodyRequest({
url: server.url,
path,
token: server.accessToken,
fields,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.NOT_FOUND_404
})
2017-12-27 03:12:18 -06:00
})
it('Should fail with a private video of another user', async function () {
const fields = { text: 'super comment' }
await makePostBodyRequest({
url: server.url,
path: '/api/v1/videos/' + privateVideo.uuid + '/comments/' + privateCommentId,
token: userAccessToken,
fields,
expectedStatus: HttpStatusCode.FORBIDDEN_403
})
})
2017-12-27 03:12:18 -06:00
it('Should fail with an incorrect comment', async function () {
const path = '/api/v1/videos/' + video.uuid + '/comments/124'
2017-12-27 03:12:18 -06:00
const fields = {
text: 'super comment'
}
await makePostBodyRequest({
url: server.url,
path,
token: server.accessToken,
fields,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.NOT_FOUND_404
})
2017-12-27 03:12:18 -06:00
})
it('Should succeed with the correct parameters', async function () {
const fields = {
text: 'super comment'
}
await makePostBodyRequest({
url: server.url,
path: pathComment,
token: server.accessToken,
fields,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.OK_200
})
2017-12-27 03:12:18 -06:00
})
})
2018-01-04 04:19:16 -06:00
describe('When removing video comments', function () {
it('Should fail with a non authenticated user', async function () {
2021-07-16 03:42:24 -05:00
await makeDeleteRequest({ url: server.url, path: pathComment, token: 'none', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
2018-01-04 04:19:16 -06:00
})
it('Should fail with another user', async function () {
await makeDeleteRequest({
url: server.url,
path: pathComment,
token: userAccessToken,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.FORBIDDEN_403
})
2018-01-04 04:19:16 -06:00
})
it('Should fail with an incorrect video', async function () {
const path = '/api/v1/videos/ba708d62-e3d7-45d9-9d73-41b9097cc02d/comments/' + commentId
2021-07-16 03:42:24 -05:00
await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
2018-01-04 04:19:16 -06:00
})
it('Should fail with an incorrect comment', async function () {
const path = '/api/v1/videos/' + video.uuid + '/comments/124'
2021-07-16 03:42:24 -05:00
await makeDeleteRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.NOT_FOUND_404 })
2018-01-04 04:19:16 -06:00
})
it('Should succeed with the same user', async function () {
let commentToDelete: number
{
2021-07-16 02:04:35 -05:00
const created = await server.comments.createThread({ videoId: video.uuid, token: userAccessToken, text: 'hello' })
2021-07-09 07:15:11 -05:00
commentToDelete = created.id
}
const path = '/api/v1/videos/' + video.uuid + '/comments/' + commentToDelete
2021-07-16 03:42:24 -05:00
await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
})
it('Should succeed with the owner of the video', async function () {
let commentToDelete: number
let anotherVideoUUID: string
{
2021-07-16 02:04:35 -05:00
const { uuid } = await server.videos.upload({ token: userAccessToken, attributes: { name: 'video' } })
2021-07-15 03:02:54 -05:00
anotherVideoUUID = uuid
}
{
2021-07-16 02:04:35 -05:00
const created = await server.comments.createThread({ videoId: anotherVideoUUID, text: 'hello' })
2021-07-09 07:15:11 -05:00
commentToDelete = created.id
}
const path = '/api/v1/videos/' + anotherVideoUUID + '/comments/' + commentToDelete
2021-07-16 03:42:24 -05:00
await makeDeleteRequest({ url: server.url, path, token: userAccessToken2, expectedStatus: HttpStatusCode.FORBIDDEN_403 })
await makeDeleteRequest({ url: server.url, path, token: userAccessToken, expectedStatus: HttpStatusCode.NO_CONTENT_204 })
})
2018-01-04 04:19:16 -06:00
it('Should succeed with the correct parameters', async function () {
await makeDeleteRequest({
url: server.url,
path: pathComment,
token: server.accessToken,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.NO_CONTENT_204
})
2018-01-04 04:19:16 -06:00
})
})
2018-01-03 03:12:36 -06:00
describe('When a video has comments disabled', function () {
before(async function () {
2021-07-16 02:04:35 -05:00
video = await server.videos.upload({ attributes: { commentsEnabled: false } })
pathThread = '/api/v1/videos/' + video.uuid + '/comment-threads'
2018-01-03 03:12:36 -06:00
})
it('Should return an empty thread list', async function () {
const res = await makeGetRequest({
url: server.url,
path: pathThread,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.OK_200
2018-01-03 03:12:36 -06:00
})
expect(res.body.total).to.equal(0)
expect(res.body.data).to.have.lengthOf(0)
})
it('Should return an thread comments list')
it('Should return conflict on thread add', async function () {
const fields = {
text: 'super comment'
}
await makePostBodyRequest({
url: server.url,
path: pathThread,
token: server.accessToken,
fields,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.CONFLICT_409
})
2018-01-03 03:12:36 -06:00
})
it('Should return conflict on comment thread add')
})
2020-11-16 04:55:17 -06:00
describe('When listing admin comments threads', function () {
const path = '/api/v1/videos/comments'
it('Should fail with a bad start pagination', async function () {
await checkBadStartPagination(server.url, path, server.accessToken)
})
it('Should fail with a bad count pagination', async function () {
await checkBadCountPagination(server.url, path, server.accessToken)
})
it('Should fail with an incorrect sort', async function () {
await checkBadSortPagination(server.url, path, server.accessToken)
})
it('Should fail with a non authenticated user', async function () {
await makeGetRequest({
url: server.url,
path,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.UNAUTHORIZED_401
2020-11-16 04:55:17 -06:00
})
})
it('Should fail with a non admin user', async function () {
await makeGetRequest({
url: server.url,
path,
token: userAccessToken,
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.FORBIDDEN_403
2020-11-16 04:55:17 -06:00
})
})
it('Should succeed with the correct params', async function () {
await makeGetRequest({
url: server.url,
path,
token: server.accessToken,
query: {
isLocal: false,
search: 'toto',
searchAccount: 'toto',
searchVideo: 'toto'
},
2021-07-16 03:42:24 -05:00
expectedStatus: HttpStatusCode.OK_200
2020-11-16 04:55:17 -06:00
})
})
})
2019-04-24 08:10:37 -05:00
after(async function () {
await cleanupTests([ server ])
2017-12-27 03:12:18 -06:00
})
})