]>
Commit | Line | Data |
---|---|---|
906f46d0 C |
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ |
2 | ||
c55e3d72 C |
3 | import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination, MockSmtpServer } from '@server/tests/shared' |
4 | import { buildAbsoluteFixturePath } from '@shared/core-utils' | |
5 | import { HttpStatusCode, UserRole, VideoCreateResult } from '@shared/models' | |
906f46d0 | 6 | import { |
906f46d0 C |
7 | cleanupTests, |
8 | createSingleServer, | |
9 | makeGetRequest, | |
10 | makePutBodyRequest, | |
11 | makeUploadRequest, | |
906f46d0 C |
12 | PeerTubeServer, |
13 | setAccessTokensToServers, | |
14 | UsersCommand | |
bf54587a | 15 | } from '@shared/server-commands' |
906f46d0 C |
16 | |
17 | describe('Test my user API validators', function () { | |
18 | const path = '/api/v1/users/' | |
19 | let userId: number | |
20 | let rootId: number | |
21 | let moderatorId: number | |
22 | let video: VideoCreateResult | |
23 | let server: PeerTubeServer | |
24 | let userToken = '' | |
25 | let moderatorToken = '' | |
26 | ||
27 | // --------------------------------------------------------------- | |
28 | ||
29 | before(async function () { | |
30 | this.timeout(30000) | |
31 | ||
32 | { | |
33 | server = await createSingleServer(1) | |
34 | await setAccessTokensToServers([ server ]) | |
35 | } | |
36 | ||
37 | { | |
38 | const result = await server.users.generate('user1') | |
39 | userToken = result.token | |
40 | userId = result.userId | |
41 | } | |
42 | ||
43 | { | |
44 | const result = await server.users.generate('moderator1', UserRole.MODERATOR) | |
45 | moderatorToken = result.token | |
46 | } | |
47 | ||
48 | { | |
49 | const result = await server.users.generate('moderator2', UserRole.MODERATOR) | |
50 | moderatorId = result.userId | |
51 | } | |
52 | ||
53 | { | |
54 | video = await server.videos.upload() | |
55 | } | |
56 | }) | |
57 | ||
58 | describe('When updating my account', function () { | |
59 | ||
60 | it('Should fail with an invalid email attribute', async function () { | |
61 | const fields = { | |
62 | email: 'blabla' | |
63 | } | |
64 | ||
65 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields }) | |
66 | }) | |
67 | ||
68 | it('Should fail with a too small password', async function () { | |
69 | const fields = { | |
70 | currentPassword: 'password', | |
71 | password: 'bla' | |
72 | } | |
73 | ||
74 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
75 | }) | |
76 | ||
77 | it('Should fail with a too long password', async function () { | |
78 | const fields = { | |
79 | currentPassword: 'password', | |
80 | password: 'super'.repeat(61) | |
81 | } | |
82 | ||
83 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
84 | }) | |
85 | ||
86 | it('Should fail without the current password', async function () { | |
87 | const fields = { | |
88 | currentPassword: 'password', | |
89 | password: 'super'.repeat(61) | |
90 | } | |
91 | ||
92 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
93 | }) | |
94 | ||
95 | it('Should fail with an invalid current password', async function () { | |
96 | const fields = { | |
97 | currentPassword: 'my super password fail', | |
98 | password: 'super'.repeat(61) | |
99 | } | |
100 | ||
101 | await makePutBodyRequest({ | |
102 | url: server.url, | |
103 | path: path + 'me', | |
104 | token: userToken, | |
105 | fields, | |
106 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | |
107 | }) | |
108 | }) | |
109 | ||
110 | it('Should fail with an invalid NSFW policy attribute', async function () { | |
111 | const fields = { | |
112 | nsfwPolicy: 'hello' | |
113 | } | |
114 | ||
115 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
116 | }) | |
117 | ||
118 | it('Should fail with an invalid autoPlayVideo attribute', async function () { | |
119 | const fields = { | |
120 | autoPlayVideo: -1 | |
121 | } | |
122 | ||
123 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
124 | }) | |
125 | ||
126 | it('Should fail with an invalid autoPlayNextVideo attribute', async function () { | |
127 | const fields = { | |
128 | autoPlayNextVideo: -1 | |
129 | } | |
130 | ||
131 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
132 | }) | |
133 | ||
134 | it('Should fail with an invalid videosHistoryEnabled attribute', async function () { | |
135 | const fields = { | |
136 | videosHistoryEnabled: -1 | |
137 | } | |
138 | ||
139 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
140 | }) | |
141 | ||
142 | it('Should fail with an non authenticated user', async function () { | |
143 | const fields = { | |
144 | currentPassword: 'password', | |
145 | password: 'my super password' | |
146 | } | |
147 | ||
148 | await makePutBodyRequest({ | |
149 | url: server.url, | |
150 | path: path + 'me', | |
151 | token: 'super token', | |
152 | fields, | |
153 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | |
154 | }) | |
155 | }) | |
156 | ||
157 | it('Should fail with a too long description', async function () { | |
158 | const fields = { | |
159 | description: 'super'.repeat(201) | |
160 | } | |
161 | ||
162 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
163 | }) | |
164 | ||
165 | it('Should fail with an invalid videoLanguages attribute', async function () { | |
166 | { | |
167 | const fields = { | |
168 | videoLanguages: 'toto' | |
169 | } | |
170 | ||
171 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
172 | } | |
173 | ||
174 | { | |
175 | const languages = [] | |
176 | for (let i = 0; i < 1000; i++) { | |
177 | languages.push('fr') | |
178 | } | |
179 | ||
180 | const fields = { | |
181 | videoLanguages: languages | |
182 | } | |
183 | ||
184 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
185 | } | |
186 | }) | |
187 | ||
188 | it('Should fail with an invalid theme', async function () { | |
189 | const fields = { theme: 'invalid' } | |
190 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
191 | }) | |
192 | ||
193 | it('Should fail with an unknown theme', async function () { | |
194 | const fields = { theme: 'peertube-theme-unknown' } | |
195 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
196 | }) | |
197 | ||
198 | it('Should fail with invalid no modal attributes', async function () { | |
199 | const keys = [ | |
200 | 'noInstanceConfigWarningModal', | |
201 | 'noAccountSetupWarningModal', | |
202 | 'noWelcomeModal' | |
203 | ] | |
204 | ||
205 | for (const key of keys) { | |
206 | const fields = { | |
207 | [key]: -1 | |
208 | } | |
209 | ||
210 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields }) | |
211 | } | |
212 | }) | |
213 | ||
214 | it('Should succeed to change password with the correct params', async function () { | |
215 | const fields = { | |
216 | currentPassword: 'password', | |
217 | password: 'my super password', | |
218 | nsfwPolicy: 'blur', | |
219 | autoPlayVideo: false, | |
220 | email: 'super_email@example.com', | |
221 | theme: 'default', | |
222 | noInstanceConfigWarningModal: true, | |
223 | noWelcomeModal: true, | |
224 | noAccountSetupWarningModal: true | |
225 | } | |
226 | ||
227 | await makePutBodyRequest({ | |
228 | url: server.url, | |
229 | path: path + 'me', | |
230 | token: userToken, | |
231 | fields, | |
232 | expectedStatus: HttpStatusCode.NO_CONTENT_204 | |
233 | }) | |
234 | }) | |
235 | ||
236 | it('Should succeed without password change with the correct params', async function () { | |
237 | const fields = { | |
238 | nsfwPolicy: 'blur', | |
239 | autoPlayVideo: false | |
240 | } | |
241 | ||
242 | await makePutBodyRequest({ | |
243 | url: server.url, | |
244 | path: path + 'me', | |
245 | token: userToken, | |
246 | fields, | |
247 | expectedStatus: HttpStatusCode.NO_CONTENT_204 | |
248 | }) | |
249 | }) | |
250 | }) | |
251 | ||
252 | describe('When updating my avatar', function () { | |
253 | it('Should fail without an incorrect input file', async function () { | |
254 | const fields = {} | |
255 | const attaches = { | |
256 | avatarfile: buildAbsoluteFixturePath('video_short.mp4') | |
257 | } | |
258 | await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches }) | |
259 | }) | |
260 | ||
261 | it('Should fail with a big file', async function () { | |
262 | const fields = {} | |
263 | const attaches = { | |
264 | avatarfile: buildAbsoluteFixturePath('avatar-big.png') | |
265 | } | |
266 | await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches }) | |
267 | }) | |
268 | ||
269 | it('Should fail with an unauthenticated user', async function () { | |
270 | const fields = {} | |
271 | const attaches = { | |
272 | avatarfile: buildAbsoluteFixturePath('avatar.png') | |
273 | } | |
274 | await makeUploadRequest({ | |
275 | url: server.url, | |
276 | path: path + '/me/avatar/pick', | |
277 | fields, | |
278 | attaches, | |
279 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | |
280 | }) | |
281 | }) | |
282 | ||
283 | it('Should succeed with the correct params', async function () { | |
284 | const fields = {} | |
285 | const attaches = { | |
286 | avatarfile: buildAbsoluteFixturePath('avatar.png') | |
287 | } | |
288 | await makeUploadRequest({ | |
289 | url: server.url, | |
290 | path: path + '/me/avatar/pick', | |
291 | token: server.accessToken, | |
292 | fields, | |
293 | attaches, | |
294 | expectedStatus: HttpStatusCode.OK_200 | |
295 | }) | |
296 | }) | |
297 | }) | |
298 | ||
299 | describe('When managing my scoped tokens', function () { | |
300 | ||
301 | it('Should fail to get my scoped tokens with an non authenticated user', async function () { | |
302 | await server.users.getMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
303 | }) | |
304 | ||
305 | it('Should fail to get my scoped tokens with a bad token', async function () { | |
306 | await server.users.getMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
307 | ||
308 | }) | |
309 | ||
310 | it('Should succeed to get my scoped tokens', async function () { | |
311 | await server.users.getMyScopedTokens() | |
312 | }) | |
313 | ||
314 | it('Should fail to renew my scoped tokens with an non authenticated user', async function () { | |
315 | await server.users.renewMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
316 | }) | |
317 | ||
318 | it('Should fail to renew my scoped tokens with a bad token', async function () { | |
319 | await server.users.renewMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
320 | }) | |
321 | ||
322 | it('Should succeed to renew my scoped tokens', async function () { | |
323 | await server.users.renewMyScopedTokens() | |
324 | }) | |
325 | }) | |
326 | ||
327 | describe('When getting my information', function () { | |
328 | it('Should fail with a non authenticated user', async function () { | |
329 | await server.users.getMyInfo({ token: 'fake_token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
330 | }) | |
331 | ||
332 | it('Should success with the correct parameters', async function () { | |
333 | await server.users.getMyInfo({ token: userToken }) | |
334 | }) | |
335 | }) | |
336 | ||
337 | describe('When getting my video rating', function () { | |
338 | let command: UsersCommand | |
339 | ||
340 | before(function () { | |
341 | command = server.users | |
342 | }) | |
343 | ||
344 | it('Should fail with a non authenticated user', async function () { | |
345 | await command.getMyRating({ token: 'fake_token', videoId: video.id, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
346 | }) | |
347 | ||
348 | it('Should fail with an incorrect video uuid', async function () { | |
349 | await command.getMyRating({ videoId: 'blabla', expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
350 | }) | |
351 | ||
352 | it('Should fail with an unknown video', async function () { | |
353 | await command.getMyRating({ videoId: '4da6fde3-88f7-4d16-b119-108df5630b06', expectedStatus: HttpStatusCode.NOT_FOUND_404 }) | |
354 | }) | |
355 | ||
356 | it('Should succeed with the correct parameters', async function () { | |
357 | await command.getMyRating({ videoId: video.id }) | |
358 | await command.getMyRating({ videoId: video.uuid }) | |
359 | await command.getMyRating({ videoId: video.shortUUID }) | |
360 | }) | |
361 | }) | |
362 | ||
363 | describe('When retrieving my global ratings', function () { | |
364 | const path = '/api/v1/accounts/user1/ratings' | |
365 | ||
366 | it('Should fail with a bad start pagination', async function () { | |
367 | await checkBadStartPagination(server.url, path, userToken) | |
368 | }) | |
369 | ||
370 | it('Should fail with a bad count pagination', async function () { | |
371 | await checkBadCountPagination(server.url, path, userToken) | |
372 | }) | |
373 | ||
374 | it('Should fail with an incorrect sort', async function () { | |
375 | await checkBadSortPagination(server.url, path, userToken) | |
376 | }) | |
377 | ||
378 | it('Should fail with a unauthenticated user', async function () { | |
379 | await makeGetRequest({ url: server.url, path, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
380 | }) | |
381 | ||
382 | it('Should fail with a another user', async function () { | |
383 | await makeGetRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | |
384 | }) | |
385 | ||
386 | it('Should fail with a bad type', async function () { | |
387 | await makeGetRequest({ | |
388 | url: server.url, | |
389 | path, | |
390 | token: userToken, | |
391 | query: { rating: 'toto ' }, | |
392 | expectedStatus: HttpStatusCode.BAD_REQUEST_400 | |
393 | }) | |
394 | }) | |
395 | ||
396 | it('Should succeed with the correct params', async function () { | |
397 | await makeGetRequest({ url: server.url, path, token: userToken, expectedStatus: HttpStatusCode.OK_200 }) | |
398 | }) | |
399 | }) | |
400 | ||
401 | describe('When getting my global followers', function () { | |
402 | const path = '/api/v1/accounts/user1/followers' | |
403 | ||
404 | it('Should fail with a bad start pagination', async function () { | |
405 | await checkBadStartPagination(server.url, path, userToken) | |
406 | }) | |
407 | ||
408 | it('Should fail with a bad count pagination', async function () { | |
409 | await checkBadCountPagination(server.url, path, userToken) | |
410 | }) | |
411 | ||
412 | it('Should fail with an incorrect sort', async function () { | |
413 | await checkBadSortPagination(server.url, path, userToken) | |
414 | }) | |
415 | ||
416 | it('Should fail with a unauthenticated user', async function () { | |
417 | await makeGetRequest({ url: server.url, path, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
418 | }) | |
419 | ||
420 | it('Should fail with a another user', async function () { | |
421 | await makeGetRequest({ url: server.url, path, token: server.accessToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }) | |
422 | }) | |
423 | ||
424 | it('Should succeed with the correct params', async function () { | |
425 | await makeGetRequest({ url: server.url, path, token: userToken, expectedStatus: HttpStatusCode.OK_200 }) | |
426 | }) | |
427 | }) | |
428 | ||
429 | describe('When blocking/unblocking/removing user', function () { | |
430 | ||
431 | it('Should fail with an incorrect id', async function () { | |
432 | const options = { userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } | |
433 | ||
434 | await server.users.remove(options) | |
435 | await server.users.banUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
436 | await server.users.unbanUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
437 | }) | |
438 | ||
439 | it('Should fail with the root user', async function () { | |
440 | const options = { userId: rootId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 } | |
441 | ||
442 | await server.users.remove(options) | |
443 | await server.users.banUser(options) | |
444 | await server.users.unbanUser(options) | |
445 | }) | |
446 | ||
447 | it('Should return 404 with a non existing id', async function () { | |
448 | const options = { userId: 4545454, expectedStatus: HttpStatusCode.NOT_FOUND_404 } | |
449 | ||
450 | await server.users.remove(options) | |
451 | await server.users.banUser(options) | |
452 | await server.users.unbanUser(options) | |
453 | }) | |
454 | ||
455 | it('Should fail with a non admin user', async function () { | |
456 | const options = { userId, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 } | |
457 | ||
458 | await server.users.remove(options) | |
459 | await server.users.banUser(options) | |
460 | await server.users.unbanUser(options) | |
461 | }) | |
462 | ||
463 | it('Should fail on a moderator with a moderator', async function () { | |
464 | const options = { userId: moderatorId, token: moderatorToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 } | |
465 | ||
466 | await server.users.remove(options) | |
467 | await server.users.banUser(options) | |
468 | await server.users.unbanUser(options) | |
469 | }) | |
470 | ||
471 | it('Should succeed on a user with a moderator', async function () { | |
472 | const options = { userId, token: moderatorToken } | |
473 | ||
474 | await server.users.banUser(options) | |
475 | await server.users.unbanUser(options) | |
476 | }) | |
477 | }) | |
478 | ||
479 | describe('When deleting our account', function () { | |
480 | ||
481 | it('Should fail with with the root account', async function () { | |
482 | await server.users.deleteMe({ expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
483 | }) | |
484 | }) | |
485 | ||
486 | after(async function () { | |
487 | MockSmtpServer.Instance.kill() | |
488 | ||
489 | await cleanupTests([ server ]) | |
490 | }) | |
491 | }) |