From 5f23fdd590e69685c26943286900fb6d4148478e Mon Sep 17 00:00:00 2001 From: Joe Dowd Date: Sun, 30 Aug 2020 21:47:02 +0100 Subject: [PATCH] Added tests and finished no-segments interface. --- src/routes/postSkipSegments.js | 9 +- ...{postNoSegments.js => noSegmentRecords.js} | 103 +++++++++++++++++- 2 files changed, 107 insertions(+), 5 deletions(-) rename test/cases/{postNoSegments.js => noSegmentRecords.js} (67%) diff --git a/src/routes/postSkipSegments.js b/src/routes/postSkipSegments.js index 15ab309..08380fc 100644 --- a/src/routes/postSkipSegments.js +++ b/src/routes/postSkipSegments.js @@ -187,8 +187,7 @@ module.exports = async function postSkipSegments(req, res) { //hash the ip 5000 times so no one can get it from the database let hashedIP = getHash(getIP(req) + config.globalSalt); - let noSegmentList = db.prepare('all', 'SELECT category from noSegments where videoID = ?', [videoID]); - + let noSegmentList = db.prepare('all', 'SELECT category from noSegments where videoID = ?', [videoID]).map((list) => { return list.category }); // Check if all submissions are correct for (let i = 0; i < segments.length; i++) { if (segments[i] === undefined || segments[i].segment === undefined || segments[i].category === undefined) { @@ -200,7 +199,11 @@ module.exports = async function postSkipSegments(req, res) { // Reject segemnt if it's in the no segments list if (noSegmentList.indexOf(segments[i].category) !== -1) { // TODO: Do something about the fradulent submission - res.sendStatus(403); + logger.warn("Caught a no-segment submission. userID: '" + userID + "', videoID: '" + videoID + "', category: '" + segments[i].category + "'"); + res.status(403).send( + "Request rejected by auto moderator: This video has been reported as not containing any segments with the category '" + + segments[i].category + "'. If you believe this is incorrect, contact someone on Discord." + ); return; } diff --git a/test/cases/postNoSegments.js b/test/cases/noSegmentRecords.js similarity index 67% rename from test/cases/postNoSegments.js rename to test/cases/noSegmentRecords.js index 8489f61..d902478 100644 --- a/test/cases/postNoSegments.js +++ b/test/cases/noSegmentRecords.js @@ -4,9 +4,10 @@ var utils = require('../utils.js'); const getHash = require('../../src/utils/getHash.js'); var databases = require('../../src/databases/databases.js'); +const logger = require('../../src/utils/logger.js'); var db = databases.db; -describe('postNoSegments', () => { +describe('noSegmentRecords', () => { before(() => { db.exec("INSERT INTO vipUsers (userID) VALUES ('" + getHash("VIPUser-noSegments") + "')"); @@ -15,9 +16,10 @@ describe('postNoSegments', () => { db.exec("INSERT INTO noSegments (userID, videoID, category) VALUES ('" + getHash("VIPUser-noSegments") + "', 'no-segments-video-id-1', 'sponsor')"); db.exec("INSERT INTO noSegments (userID, videoID, category) VALUES ('" + getHash("VIPUser-noSegments") + "', 'no-segments-video-id-1', 'intro')"); + db.exec("INSERT INTO noSegments (userID, videoID, category) VALUES ('" + getHash("VIPUser-noSegments") + "', 'noSubmitVideo', 'sponsor')"); }); - it('should update the database version when starting the application', (done) => { + it('Should update the database version when starting the application', (done) => { let version = db.prepare('get', 'SELECT key, value FROM config where key = ?', ['version']).value; if (version > 1) done(); else done('Version isn\'t greater that 1. Version is ' + version); @@ -223,4 +225,101 @@ describe('postNoSegments', () => { } }); }); + + /* + * Submission tests in this file do not check database records, only status codes. + * To test the submission code properly see ./test/cases/postSkipSegments.js + */ + + it('Should not be able to submit a segment to a video with a no-segment record (single submission)', (done) => { + request.post(utils.getbaseURL() + + "/api/postVideoSponsorTimes", { + json: { + userID: "testman42", + videoID: "noSubmitVideo", + segments: [{ + segment: [20, 40], + category: "sponsor" + }] + } + }, + (err, res, body) => { + if (err) done(err); + else if (res.statusCode === 403) { + done() + } else { + done("Status code was " + res.statusCode); + } + }); + }); + + it('Should not be able to submit segments to a video where any of the submissions with a no-segment record', (done) => { + request.post(utils.getbaseURL() + + "/api/postVideoSponsorTimes", { + json: { + userID: "testman42", + videoID: "noSubmitVideo", + segments: [{ + segment: [20, 40], + category: "sponsor" + },{ + segment: [50, 60], + category: "intro" + }] + } + }, + (err, res, body) => { + if (err) done(err); + else if (res.statusCode === 403) { + done() + } else { + done("Status code was " + res.statusCode); + } + }); + }); + + + it('Should be able to submit a segment to a video with a different no-segment record', (done) => { + request.post(utils.getbaseURL() + + "/api/postVideoSponsorTimes", { + json: { + userID: "testman42", + videoID: "noSubmitVideo", + segments: [{ + segment: [20, 40], + category: "intro" + }] + } + }, + (err, res, body) => { + if (err) done(err); + else if (res.statusCode === 200) { + done() + } else { + done("Status code was " + res.statusCode); + } + }); + }); + + it('Should be able to submit a segment to a video with no no-segment records', (done) => { + request.post(utils.getbaseURL() + + "/api/postVideoSponsorTimes", { + json: { + userID: "testman42", + videoID: "normalVideo", + segments: [{ + segment: [20, 40], + category: "intro" + }] + } + }, + (err, res, body) => { + if (err) done(err); + else if (res.statusCode === 200) { + done() + } else { + done("Status code was " + res.statusCode); + } + }); + }); }); \ No newline at end of file