diff --git a/server/controllers/api/accounts.ts b/server/controllers/api/accounts.ts index aa01ea1ebb0..8d4db1e7537 100644 --- a/server/controllers/api/accounts.ts +++ b/server/controllers/api/accounts.ts @@ -1,22 +1,22 @@ import * as express from 'express' import { getFormattedObjects, getServerActor } from '../../helpers/utils' import { - authenticate, asyncMiddleware, + authenticate, commonVideosFiltersValidator, - videoRatingValidator, optionalAuthenticate, paginationValidator, setDefaultPagination, setDefaultSort, videoPlaylistsSortValidator, - videoRatesSortValidator + videoRatesSortValidator, + videoRatingValidator } from '../../middlewares' import { accountNameWithHostGetValidator, accountsSortValidator, - videosSortValidator, - ensureAuthUserOwnsAccountValidator + ensureAuthUserOwnsAccountValidator, + videosSortValidator } from '../../middlewares/validators' import { AccountModel } from '../../models/account/account' import { AccountVideoRateModel } from '../../models/account/account-video-rate' diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts index 35f41c450f4..eceded1c427 100644 --- a/server/middlewares/validators/users.ts +++ b/server/middlewares/validators/users.ts @@ -22,7 +22,6 @@ import { logger } from '../../helpers/logger' import { isSignupAllowed, isSignupAllowedForCurrentIP } from '../../helpers/signup' import { Redis } from '../../lib/redis' import { UserModel } from '../../models/account/user' -import { AccountModel } from '../../models/account/account' import { areValidationErrors } from './utils' import { ActorModel } from '../../models/activitypub/actor' diff --git a/server/middlewares/validators/videos/video-rates.ts b/server/middlewares/validators/videos/video-rates.ts index e79d80e975c..204b4a78de1 100644 --- a/server/middlewares/validators/videos/video-rates.ts +++ b/server/middlewares/validators/videos/video-rates.ts @@ -1,7 +1,7 @@ import * as express from 'express' import 'express-validator' import { body, param, query } from 'express-validator/check' -import { isIdOrUUIDValid, isIdValid } from '../../../helpers/custom-validators/misc' +import { isIdOrUUIDValid } from '../../../helpers/custom-validators/misc' import { isRatingValid } from '../../../helpers/custom-validators/video-rates' import { doesVideoExist, isVideoRatingTypeValid } from '../../../helpers/custom-validators/videos' import { logger } from '../../../helpers/logger' diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts index 13be8b46046..f3ee99e8586 100644 --- a/server/tests/api/check-params/users.ts +++ b/server/tests/api/check-params/users.ts @@ -538,6 +538,38 @@ describe('Test users API validators', function () { }) }) + describe('When retrieving my global ratings', function () { + const path = '/api/v1/accounts/user1/ratings' + + it('Should fail with a bad start pagination', async function () { + await checkBadStartPagination(server.url, path, userAccessToken) + }) + + it('Should fail with a bad count pagination', async function () { + await checkBadCountPagination(server.url, path, userAccessToken) + }) + + it('Should fail with an incorrect sort', async function () { + await checkBadSortPagination(server.url, path, userAccessToken) + }) + + it('Should fail with a unauthenticated user', async function () { + await makeGetRequest({ url: server.url, path, statusCodeExpected: 401 }) + }) + + it('Should fail with a another user', async function () { + await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 403 }) + }) + + it('Should fail with a bad type', async function () { + await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { rating: 'toto ' }, statusCodeExpected: 400 }) + }) + + it('Should succeed with the correct params', async function () { + await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 200 }) + }) + }) + describe('When blocking/unblocking/removing user', function () { it('Should fail with an incorrect id', async function () { await removeUser(server.url, 'blabla', server.accessToken, 400) diff --git a/server/tests/api/users/users.ts b/server/tests/api/users/users.ts index bc069a7bea5..6e7de9c3853 100644 --- a/server/tests/api/users/users.ts +++ b/server/tests/api/users/users.ts @@ -140,31 +140,27 @@ describe('Test users', function () { it('Should retrieve ratings list', async function () { await rateVideo(server.url, accessToken, videoId, 'like') - const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 200) + + const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200) const ratings = res.body + expect(ratings.total).to.equal(1) expect(ratings.data[0].video.id).to.equal(videoId) expect(ratings.data[0].rating).to.equal('like') }) it('Should retrieve ratings list by rating type', async function () { - await rateVideo(server.url, accessToken, videoId, 'like') - let res = await getAccountRatings(server.url, server.user.username, server.accessToken, 200, { rating: 'like' }) - let ratings = res.body - expect(ratings.data.length).to.equal(1) - res = await getAccountRatings(server.url, server.user.username, server.accessToken, 200, { rating: 'dislike' }) - ratings = res.body - expect(ratings.data.length).to.equal(0) - await getAccountRatings(server.url, server.user.username, server.accessToken, 400, { rating: 'invalid' }) - }) - - it('Should not access ratings list if not logged with correct user', async function () { - const user = { username: 'anuragh', password: 'passbyme' } - const resUser = await createUser(server.url, server.accessToken, user.username, user.password) - const userId = resUser.body.user.id - const userAccessToken = await userLogin(server, user) - await getAccountRatings(server.url, server.user.username, userAccessToken, 403) - await removeUser(server.url, userId, server.accessToken) + { + const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like') + const ratings = res.body + expect(ratings.data.length).to.equal(1) + } + + { + const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike') + const ratings = res.body + expect(ratings.data.length).to.equal(0) + } }) it('Should not be able to remove the video with an incorrect token', async function () { diff --git a/shared/utils/users/accounts.ts b/shared/utils/users/accounts.ts index 54d66ac2a42..f64a2dbad64 100644 --- a/shared/utils/users/accounts.ts +++ b/shared/utils/users/accounts.ts @@ -7,6 +7,7 @@ import { join } from 'path' import { Account } from '../../models/actors' import { root } from '../miscs/miscs' import { makeGetRequest } from '../requests/requests' +import { VideoRateType } from '../../models/videos' function getAccountsList (url: string, sort = '-createdAt', statusCodeExpected = 200) { const path = '/api/v1/accounts' @@ -54,9 +55,11 @@ async function checkActorFilesWereRemoved (actorUUID: string, serverNumber: numb } } -function getAccountRatings (url: string, accountName: string, accessToken: string, statusCodeExpected = 200, query = {}) { +function getAccountRatings (url: string, accountName: string, accessToken: string, rating?: VideoRateType, statusCodeExpected = 200) { const path = '/api/v1/accounts/' + accountName + '/ratings' + const query = rating ? { rating } : {} + return request(url) .get(path) .query(query)