2018-10-15 14:37:21 -07:00
|
|
|
process.env.NODE_ENV = 'test';
|
|
|
|
|
|
2019-04-07 05:50:36 -07:00
|
|
|
import * as assert from 'assert';
|
2023-06-25 18:09:12 -07:00
|
|
|
import { signup, api, startServer, successfulApiCall, failedApiCall } from '../utils.js';
|
2023-03-02 18:13:12 -08:00
|
|
|
import type { INestApplicationContext } from '@nestjs/common';
|
2023-06-24 16:34:18 -07:00
|
|
|
import type * as misskey from 'misskey-js';
|
2018-10-15 14:37:21 -07:00
|
|
|
|
|
|
|
|
describe('API', () => {
|
2023-03-12 04:57:01 -07:00
|
|
|
let app: INestApplicationContext;
|
2023-06-24 16:34:18 -07:00
|
|
|
let alice: misskey.entities.MeSignup;
|
|
|
|
|
let bob: misskey.entities.MeSignup;
|
|
|
|
|
let carol: misskey.entities.MeSignup;
|
2019-04-07 05:50:36 -07:00
|
|
|
|
2022-09-17 11:27:08 -07:00
|
|
|
beforeAll(async () => {
|
2023-03-12 04:57:01 -07:00
|
|
|
app = await startServer();
|
2022-02-18 21:05:32 -08:00
|
|
|
alice = await signup({ username: 'alice' });
|
|
|
|
|
bob = await signup({ username: 'bob' });
|
|
|
|
|
carol = await signup({ username: 'carol' });
|
2023-03-02 18:13:12 -08:00
|
|
|
}, 1000 * 60 * 2);
|
2018-10-15 14:37:21 -07:00
|
|
|
|
2022-09-17 11:27:08 -07:00
|
|
|
afterAll(async () => {
|
2023-03-12 04:57:01 -07:00
|
|
|
await app.close();
|
2019-01-22 20:35:22 -08:00
|
|
|
});
|
|
|
|
|
|
2022-02-18 21:05:32 -08:00
|
|
|
describe('General validation', () => {
|
2023-03-02 18:13:12 -08:00
|
|
|
test('wrong type', async () => {
|
|
|
|
|
const res = await api('/test', {
|
2022-02-18 21:05:32 -08:00
|
|
|
required: true,
|
|
|
|
|
string: 42,
|
2018-10-15 14:37:21 -07:00
|
|
|
});
|
2019-04-07 05:50:36 -07:00
|
|
|
assert.strictEqual(res.status, 400);
|
2023-03-02 18:13:12 -08:00
|
|
|
});
|
2018-10-15 14:37:21 -07:00
|
|
|
|
2023-03-02 18:13:12 -08:00
|
|
|
test('missing require param', async () => {
|
|
|
|
|
const res = await api('/test', {
|
2022-02-18 21:05:32 -08:00
|
|
|
string: 'a',
|
2018-10-15 14:37:21 -07:00
|
|
|
});
|
2019-04-07 05:50:36 -07:00
|
|
|
assert.strictEqual(res.status, 400);
|
2023-03-02 18:13:12 -08:00
|
|
|
});
|
2018-10-15 14:37:21 -07:00
|
|
|
|
2023-03-02 18:13:12 -08:00
|
|
|
test('invalid misskey:id (empty string)', async () => {
|
|
|
|
|
const res = await api('/test', {
|
2022-02-18 21:05:32 -08:00
|
|
|
required: true,
|
|
|
|
|
id: '',
|
2018-10-15 14:37:21 -07:00
|
|
|
});
|
2019-04-07 05:50:36 -07:00
|
|
|
assert.strictEqual(res.status, 400);
|
2023-03-02 18:13:12 -08:00
|
|
|
});
|
2018-10-15 14:37:21 -07:00
|
|
|
|
2023-03-02 18:13:12 -08:00
|
|
|
test('valid misskey:id', async () => {
|
|
|
|
|
const res = await api('/test', {
|
2022-02-18 21:05:32 -08:00
|
|
|
required: true,
|
|
|
|
|
id: '8wvhjghbxu',
|
2018-10-15 14:37:21 -07:00
|
|
|
});
|
2019-04-07 05:50:36 -07:00
|
|
|
assert.strictEqual(res.status, 200);
|
2023-03-02 18:13:12 -08:00
|
|
|
});
|
2018-10-15 16:54:36 -07:00
|
|
|
|
2023-03-02 18:13:12 -08:00
|
|
|
test('default value', async () => {
|
|
|
|
|
const res = await api('/test', {
|
2022-02-18 21:05:32 -08:00
|
|
|
required: true,
|
|
|
|
|
string: 'a',
|
2018-10-15 17:45:36 -07:00
|
|
|
});
|
2019-04-07 05:50:36 -07:00
|
|
|
assert.strictEqual(res.status, 200);
|
2022-02-18 21:05:32 -08:00
|
|
|
assert.strictEqual(res.body.default, 'hello');
|
2023-03-02 18:13:12 -08:00
|
|
|
});
|
2018-10-15 17:45:36 -07:00
|
|
|
|
2023-03-02 18:13:12 -08:00
|
|
|
test('can set null even if it has default value', async () => {
|
|
|
|
|
const res = await api('/test', {
|
2022-02-18 21:05:32 -08:00
|
|
|
required: true,
|
|
|
|
|
nullableDefault: null,
|
2018-10-15 17:45:36 -07:00
|
|
|
});
|
2019-04-07 05:50:36 -07:00
|
|
|
assert.strictEqual(res.status, 200);
|
2022-02-18 21:05:32 -08:00
|
|
|
assert.strictEqual(res.body.nullableDefault, null);
|
2023-03-02 18:13:12 -08:00
|
|
|
});
|
2018-10-15 18:18:47 -07:00
|
|
|
|
2023-03-02 18:13:12 -08:00
|
|
|
test('cannot set undefined if it has default value', async () => {
|
|
|
|
|
const res = await api('/test', {
|
2022-02-18 21:05:32 -08:00
|
|
|
required: true,
|
|
|
|
|
nullableDefault: undefined,
|
2018-10-15 18:18:47 -07:00
|
|
|
});
|
2019-04-07 05:50:36 -07:00
|
|
|
assert.strictEqual(res.status, 200);
|
2022-02-18 21:05:32 -08:00
|
|
|
assert.strictEqual(res.body.nullableDefault, 'hello');
|
2023-03-02 18:13:12 -08:00
|
|
|
});
|
2019-01-24 17:58:39 -08:00
|
|
|
});
|
2023-06-25 18:09:12 -07:00
|
|
|
|
|
|
|
|
test('管理者専用のAPIのアクセス制限', async () => {
|
|
|
|
|
// aliceは管理者、APIを使える
|
|
|
|
|
await successfulApiCall({
|
|
|
|
|
endpoint: '/admin/get-index-stats',
|
|
|
|
|
parameters: {},
|
|
|
|
|
user: alice,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// bobは一般ユーザーだからダメ
|
|
|
|
|
await failedApiCall({
|
|
|
|
|
endpoint: '/admin/get-index-stats',
|
|
|
|
|
parameters: {},
|
|
|
|
|
user: bob,
|
|
|
|
|
}, {
|
|
|
|
|
status: 403,
|
|
|
|
|
code: 'ROLE_PERMISSION_DENIED',
|
|
|
|
|
id: 'c3d38592-54c0-429d-be96-5636b0431a61',
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// publicアクセスももちろんダメ
|
|
|
|
|
await failedApiCall({
|
|
|
|
|
endpoint: '/admin/get-index-stats',
|
|
|
|
|
parameters: {},
|
|
|
|
|
user: undefined,
|
|
|
|
|
}, {
|
|
|
|
|
status: 401,
|
|
|
|
|
code: 'CREDENTIAL_REQUIRED',
|
|
|
|
|
id: '1384574d-a912-4b81-8601-c7b1c4085df1',
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
// ごまがしもダメ
|
|
|
|
|
await failedApiCall({
|
|
|
|
|
endpoint: '/admin/get-index-stats',
|
|
|
|
|
parameters: {},
|
|
|
|
|
user: { token: 'tsukawasete' },
|
|
|
|
|
}, {
|
|
|
|
|
status: 401,
|
|
|
|
|
code: 'AUTHENTICATION_FAILED',
|
|
|
|
|
id: 'b0a7f5f8-dc2f-4171-b91f-de88ad238e14',
|
|
|
|
|
});
|
|
|
|
|
});
|
2018-10-15 14:37:21 -07:00
|
|
|
});
|
