owncast/test/automated/api/chatusers.test.js
Meisam a7080a1fc1
validate response of federation APIs (#2408)
* validate json responses

* update deps

* tmp disable header check

* log all the webfinger fails

refactor and filter more malformed requests

* don't set incorrect serverURL strings

* test failing through admin api

* fix server url in fedi tests

* check response.text

* validate json/xml response of all apis

test Content-Type of api response and cleanup

* improve logs

* fix rebase

* cleanup json parser in api tests

* mark the api tests performed by admin

* Separate check for reading and format of serverURL

* test /federation/user/ with wrong username in ci
2022-12-10 21:10:10 -08:00

172 lines
No EOL
5 KiB
JavaScript

const { test } = require('@jest/globals');
var request = require('supertest');
request = request('http://127.0.0.1:8080');
const WebSocket = require('ws');
const fs = require('fs');
const registerChat = require('./lib/chat').registerChat;
const sendChatMessage = require('./lib/chat').sendChatMessage;
const sendAdminRequest = require('./lib/admin').sendAdminRequest;
const sendAdminPayload = require('./lib/admin').sendAdminPayload;
const getAdminResponse = require('./lib/admin').getAdminResponse;
const localIPAddressV4 = '127.0.0.1';
const localIPAddressV6 = '::1';
const testVisibilityMessage = {
body: 'message ' + Math.floor(Math.random() * 100),
type: 'CHAT',
};
var userId;
var accessToken;
test('register a user', async (done) => {
const registration = await registerChat();
userId = registration.id;
accessToken = registration.accessToken;
done();
});
test('send a chat message', async (done) => {
sendChatMessage(testVisibilityMessage, accessToken, done);
});
test('set the user as moderator', async (done) => {
const res = await sendAdminPayload('chat/users/setmoderator', { userId: userId, isModerator: true });
done();
});
test('verify user is a moderator', async (done) => {
const response = await getAdminResponse('chat/users/moderators');
const tokenCheck = response.body.filter((user) => user.id === userId);
expect(tokenCheck).toHaveLength(1);
done();
});
test('verify user list is populated', async (done) => {
const ws = new WebSocket(
`ws://localhost:8080/ws?accessToken=${accessToken}`,
{
origin: 'http://localhost:8080',
}
);
ws.on('open', async function open() {
const response = await getAdminResponse('chat/clients');
expect(response.body.length).toBeGreaterThan(0);
// Optionally, if GeoIP is configured, check the location property.
if (fs.existsSync('../../../data/GeoLite2-City.mmdb')) {
expect(response.body[0].geo.regionName).toBe('Localhost');
}
ws.close();
});
ws.on('error', function incoming(data) {
console.error(data);
ws.close();
});
ws.on('close', function incoming(data) {
done();
});
});
test('disable a user by admin', async (done) => {
// To allow for visually being able to see the test hiding the
// message add a short delay.
await new Promise((r) => setTimeout(r, 1500));
const ws = new WebSocket(
`ws://localhost:8080/ws?accessToken=${accessToken}`,
{
origin: 'http://localhost:8080',
}
);
const res = await sendAdminPayload('chat/users/setenabled', { userId: userId, enabled: false });
await new Promise((r) => setTimeout(r, 1500));
done();
});
test('verify user is disabled', async (done) => {
const response = await getAdminResponse('chat/users/disabled');
const tokenCheck = response.body.filter((user) => user.id === userId);
expect(tokenCheck).toHaveLength(1);
done();
});
test('verify messages from user are hidden', async (done) => {
const response = await getAdminResponse('chat/messages');
const message = response.body.filter((obj) => {
return obj.user.id === userId;
});
expect(message[0].user.disabledAt).toBeTruthy();
done();
});
test('re-enable a user by admin', async (done) => {
const res = await sendAdminPayload('chat/users/setenabled', { userId: userId, enabled: true });
done();
});
test('verify user is enabled', async (done) => {
const response = await getAdminResponse('chat/users/disabled');
const tokenCheck = response.body.filter((user) => user.id === userId);
expect(tokenCheck).toHaveLength(0);
done();
});
test('ban an ip address by admin', async (done) => {
const resIPv4 = await sendAdminRequest('chat/users/ipbans/create', localIPAddressV4);
const resIPv6 = await sendAdminRequest('chat/users/ipbans/create', localIPAddressV6);
done();
});
test('verify IP address is blocked from the ban', async (done) => {
const response = await getAdminResponse('chat/users/ipbans');
expect(response.body).toHaveLength(2);
expect(onlyLocalIPAddress(response.body)).toBe(true);
done();
});
test('verify access is denied', async (done) => {
await request.get(`/api/chat?accessToken=${accessToken}`).expect(401);
done();
});
test('remove an ip address ban by admin', async (done) => {
const resIPv4 = await sendAdminRequest('chat/users/ipbans/remove', localIPAddressV4);
const resIPv6 = await sendAdminRequest('chat/users/ipbans/remove', localIPAddressV6);
done();
});
test('verify IP address is no longer banned', async (done) => {
const response = await getAdminResponse('chat/users/ipbans');
expect(response.body).toHaveLength(0);
done();
});
test('verify access is allowed after unban', async (done) => {
await request.get(`/api/chat?accessToken=${accessToken}`).expect(200);
done();
});
// This function expects the local address to be localIPAddressV4 & localIPAddressV6
function onlyLocalIPAddress(banInfo) {
for (let i = 0; i < banInfo.length; i++) {
if ((banInfo[i].ipAddress != localIPAddressV4) && (banInfo[i].ipAddress != localIPAddressV6)) {
return false
}
}
return true
}