]>
Commit | Line | Data |
---|---|---|
0e1dc3e7 C |
1 | /* tslint:disable:no-unused-expression */ |
2 | ||
26d21b78 | 3 | import { omit } from 'lodash' |
0e1dc3e7 | 4 | import 'mocha' |
26d21b78 | 5 | import { UserRole } from '../../../../shared' |
0e1dc3e7 C |
6 | |
7 | import { | |
26d21b78 C |
8 | createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest, |
9 | makePostBodyRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers, updateUser, | |
10 | uploadVideo, userLogin | |
0e1dc3e7 | 11 | } from '../../utils' |
26d21b78 | 12 | import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params' |
0e1dc3e7 C |
13 | |
14 | describe('Test users API validators', function () { | |
15 | const path = '/api/v1/users/' | |
16 | let userId: number | |
17 | let rootId: number | |
18 | let videoId: number | |
19 | let server: ServerInfo | |
20 | let serverWithRegistrationDisabled: ServerInfo | |
21 | let userAccessToken = '' | |
22 | ||
23 | // --------------------------------------------------------------- | |
24 | ||
25 | before(async function () { | |
26 | this.timeout(120000) | |
27 | ||
28 | await flushTests() | |
29 | ||
30 | server = await runServer(1) | |
31 | serverWithRegistrationDisabled = await runServer(2) | |
32 | ||
33 | await setAccessTokensToServers([ server ]) | |
34 | ||
0e1dc3e7 C |
35 | const user = { |
36 | username: 'user1', | |
37 | password: 'my super password' | |
38 | } | |
26d21b78 C |
39 | const videoQuota = 42000000 |
40 | await createUser(server.url, server.accessToken, user.username, user.password, videoQuota) | |
eec63bbc | 41 | userAccessToken = await userLogin(server, user) |
26d21b78 C |
42 | |
43 | const res = await uploadVideo(server.url, server.accessToken, {}) | |
44 | videoId = res.body.video.id | |
0e1dc3e7 C |
45 | }) |
46 | ||
47 | describe('When listing users', function () { | |
48 | it('Should fail with a bad start pagination', async function () { | |
26d21b78 | 49 | await checkBadStartPagination(server.url, path, server.accessToken) |
0e1dc3e7 C |
50 | }) |
51 | ||
52 | it('Should fail with a bad count pagination', async function () { | |
26d21b78 | 53 | await checkBadCountPagination(server.url, path, server.accessToken) |
0e1dc3e7 C |
54 | }) |
55 | ||
56 | it('Should fail with an incorrect sort', async function () { | |
26d21b78 | 57 | await checkBadSortPagination(server.url, path, server.accessToken) |
0e1dc3e7 | 58 | }) |
86d13ec2 C |
59 | |
60 | it('Should fail with a non authenticated user', async function () { | |
26d21b78 C |
61 | await makeGetRequest({ |
62 | url: server.url, | |
63 | path, | |
64 | statusCodeExpected: 401 | |
65 | }) | |
86d13ec2 C |
66 | }) |
67 | ||
68 | it('Should fail with a non admin user', async function () { | |
26d21b78 C |
69 | await makeGetRequest({ |
70 | url: server.url, | |
71 | path, | |
72 | token: userAccessToken, | |
73 | statusCodeExpected: 403 | |
74 | }) | |
86d13ec2 | 75 | }) |
0e1dc3e7 C |
76 | }) |
77 | ||
78 | describe('When adding a new user', function () { | |
26d21b78 C |
79 | const baseCorrectParams = { |
80 | username: 'user2', | |
81 | email: 'test@example.com', | |
82 | password: 'my super password', | |
83 | videoQuota: -1, | |
84 | role: UserRole.USER | |
85 | } | |
86 | ||
0e1dc3e7 | 87 | it('Should fail with a too small username', async function () { |
26d21b78 | 88 | const fields = immutableAssign(baseCorrectParams, { username: 'fi' }) |
0e1dc3e7 C |
89 | |
90 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
91 | }) | |
92 | ||
93 | it('Should fail with a too long username', async function () { | |
26d21b78 | 94 | const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' }) |
0e1dc3e7 C |
95 | |
96 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
97 | }) | |
98 | ||
563d032e | 99 | it('Should fail with a not lowercase username', async function () { |
26d21b78 | 100 | const fields = immutableAssign(baseCorrectParams, { username: 'Toto' }) |
563d032e C |
101 | |
102 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
103 | }) | |
104 | ||
0e1dc3e7 | 105 | it('Should fail with an incorrect username', async function () { |
26d21b78 | 106 | const fields = immutableAssign(baseCorrectParams, { username: 'my username' }) |
0e1dc3e7 C |
107 | |
108 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
109 | }) | |
110 | ||
111 | it('Should fail with a missing email', async function () { | |
26d21b78 | 112 | const fields = omit(baseCorrectParams, 'email') |
0e1dc3e7 C |
113 | |
114 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
115 | }) | |
116 | ||
117 | it('Should fail with an invalid email', async function () { | |
26d21b78 | 118 | const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' }) |
0e1dc3e7 C |
119 | |
120 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
121 | }) | |
122 | ||
123 | it('Should fail with a too small password', async function () { | |
26d21b78 | 124 | const fields = immutableAssign(baseCorrectParams, { password: 'bla' }) |
0e1dc3e7 C |
125 | |
126 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
127 | }) | |
128 | ||
129 | it('Should fail with a too long password', async function () { | |
26d21b78 | 130 | const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) }) |
0e1dc3e7 C |
131 | |
132 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
133 | }) | |
134 | ||
135 | it('Should fail with an non authenticated user', async function () { | |
26d21b78 C |
136 | await makePostBodyRequest({ |
137 | url: server.url, | |
138 | path, | |
139 | token: 'super token', | |
140 | fields: baseCorrectParams, | |
141 | statusCodeExpected: 401 | |
142 | }) | |
0e1dc3e7 C |
143 | }) |
144 | ||
145 | it('Should fail if we add a user with the same username', async function () { | |
26d21b78 | 146 | const fields = immutableAssign(baseCorrectParams, { username: 'user1' }) |
0e1dc3e7 C |
147 | |
148 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
149 | }) | |
150 | ||
151 | it('Should fail if we add a user with the same email', async function () { | |
26d21b78 | 152 | const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' }) |
0e1dc3e7 C |
153 | |
154 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
155 | }) | |
156 | ||
77a5501f | 157 | it('Should fail without a videoQuota', async function () { |
26d21b78 | 158 | const fields = omit(baseCorrectParams, 'videoQuota') |
77a5501f C |
159 | |
160 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
161 | }) | |
162 | ||
163 | it('Should fail with an invalid videoQuota', async function () { | |
26d21b78 | 164 | const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 }) |
757f0da3 C |
165 | |
166 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
167 | }) | |
168 | ||
169 | it('Should fail without a user role', async function () { | |
26d21b78 | 170 | const fields = omit(baseCorrectParams, 'role') |
757f0da3 C |
171 | |
172 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
173 | }) | |
174 | ||
175 | it('Should fail with an invalid user role', async function () { | |
26d21b78 | 176 | const fields = immutableAssign(baseCorrectParams, { role: 88989 }) |
77a5501f C |
177 | |
178 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
179 | }) | |
180 | ||
0e1dc3e7 | 181 | it('Should succeed with the correct params', async function () { |
26d21b78 C |
182 | await makePostBodyRequest({ |
183 | url: server.url, | |
184 | path, | |
185 | token: server.accessToken, | |
186 | fields: baseCorrectParams, | |
187 | statusCodeExpected: 204 | |
188 | }) | |
0e1dc3e7 C |
189 | }) |
190 | ||
191 | it('Should fail with a non admin user', async function () { | |
26d21b78 | 192 | const user = { |
0e1dc3e7 | 193 | username: 'user1', |
0e1dc3e7 C |
194 | password: 'my super password' |
195 | } | |
26d21b78 | 196 | userAccessToken = await userLogin(server, user) |
0e1dc3e7 | 197 | |
0e1dc3e7 C |
198 | const fields = { |
199 | username: 'user3', | |
200 | email: 'test@example.com', | |
77a5501f C |
201 | password: 'my super password', |
202 | videoQuota: 42000000 | |
0e1dc3e7 C |
203 | } |
204 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) | |
205 | }) | |
206 | }) | |
207 | ||
77a5501f C |
208 | describe('When updating my account', function () { |
209 | it('Should fail with an invalid email attribute', async function () { | |
210 | const fields = { | |
211 | email: 'blabla' | |
212 | } | |
0e1dc3e7 | 213 | |
77a5501f | 214 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields }) |
0e1dc3e7 C |
215 | }) |
216 | ||
217 | it('Should fail with a too small password', async function () { | |
218 | const fields = { | |
219 | password: 'bla' | |
220 | } | |
221 | ||
77a5501f | 222 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
0e1dc3e7 C |
223 | }) |
224 | ||
225 | it('Should fail with a too long password', async function () { | |
226 | const fields = { | |
26d21b78 | 227 | password: 'super'.repeat(61) |
0e1dc3e7 C |
228 | } |
229 | ||
77a5501f | 230 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
0e1dc3e7 C |
231 | }) |
232 | ||
233 | it('Should fail with an invalid display NSFW attribute', async function () { | |
234 | const fields = { | |
235 | displayNSFW: -1 | |
236 | } | |
237 | ||
77a5501f | 238 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
0e1dc3e7 C |
239 | }) |
240 | ||
7efe153b AL |
241 | it('Should fail with an invalid autoPlayVideo attribute', async function () { |
242 | const fields = { | |
243 | autoPlayVideo: -1 | |
244 | } | |
245 | ||
246 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
247 | }) | |
248 | ||
0e1dc3e7 C |
249 | it('Should fail with an non authenticated user', async function () { |
250 | const fields = { | |
251 | password: 'my super password' | |
252 | } | |
253 | ||
77a5501f | 254 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 }) |
0e1dc3e7 C |
255 | }) |
256 | ||
257 | it('Should succeed with the correct params', async function () { | |
258 | const fields = { | |
259 | password: 'my super password', | |
77a5501f | 260 | displayNSFW: true, |
7efe153b | 261 | autoPlayVideo: false, |
77a5501f | 262 | email: 'super_email@example.com' |
0e1dc3e7 C |
263 | } |
264 | ||
77a5501f C |
265 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) |
266 | }) | |
267 | }) | |
268 | ||
269 | describe('When updating a user', function () { | |
270 | ||
271 | before(async function () { | |
86d13ec2 | 272 | const res = await getUsersList(server.url, server.accessToken) |
77a5501f C |
273 | |
274 | userId = res.body.data[1].id | |
275 | rootId = res.body.data[2].id | |
276 | }) | |
277 | ||
278 | it('Should fail with an invalid email attribute', async function () { | |
279 | const fields = { | |
280 | email: 'blabla' | |
281 | } | |
282 | ||
283 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
284 | }) | |
285 | ||
286 | it('Should fail with an invalid videoQuota attribute', async function () { | |
287 | const fields = { | |
288 | videoQuota: -90 | |
289 | } | |
290 | ||
291 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
292 | }) | |
293 | ||
757f0da3 C |
294 | it('Should fail with an invalid user role attribute', async function () { |
295 | const fields = { | |
296 | role: 54878 | |
297 | } | |
298 | ||
299 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
300 | }) | |
301 | ||
77a5501f C |
302 | it('Should fail with an non authenticated user', async function () { |
303 | const fields = { | |
304 | videoQuota: 42 | |
305 | } | |
306 | ||
307 | await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) | |
308 | }) | |
309 | ||
310 | it('Should succeed with the correct params', async function () { | |
311 | const fields = { | |
312 | email: 'email@example.com', | |
757f0da3 C |
313 | videoQuota: 42, |
314 | role: UserRole.MODERATOR | |
77a5501f C |
315 | } |
316 | ||
317 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
0e1dc3e7 C |
318 | }) |
319 | }) | |
320 | ||
321 | describe('When getting my information', function () { | |
322 | it('Should fail with a non authenticated user', async function () { | |
26d21b78 | 323 | await getMyUserInformation(server.url, 'fake_token', 401) |
0e1dc3e7 C |
324 | }) |
325 | ||
326 | it('Should success with the correct parameters', async function () { | |
26d21b78 | 327 | await getMyUserInformation(server.url, userAccessToken) |
0e1dc3e7 C |
328 | }) |
329 | }) | |
330 | ||
331 | describe('When getting my video rating', function () { | |
332 | it('Should fail with a non authenticated user', async function () { | |
26d21b78 | 333 | await getMyUserVideoRating(server.url, 'fake_token', videoId, 401) |
0e1dc3e7 C |
334 | }) |
335 | ||
336 | it('Should fail with an incorrect video uuid', async function () { | |
26d21b78 | 337 | await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400) |
0e1dc3e7 C |
338 | }) |
339 | ||
340 | it('Should fail with an unknown video', async function () { | |
26d21b78 | 341 | await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404) |
0e1dc3e7 C |
342 | }) |
343 | ||
26d21b78 C |
344 | it('Should succeed with the correct parameters', async function () { |
345 | await getMyUserVideoRating(server.url, server.accessToken, videoId) | |
0e1dc3e7 C |
346 | }) |
347 | }) | |
348 | ||
349 | describe('When removing an user', function () { | |
350 | it('Should fail with an incorrect id', async function () { | |
26d21b78 | 351 | await removeUser(server.url, 'blabla', server.accessToken, 400) |
0e1dc3e7 C |
352 | }) |
353 | ||
354 | it('Should fail with the root user', async function () { | |
26d21b78 | 355 | await removeUser(server.url, rootId, server.accessToken, 400) |
0e1dc3e7 C |
356 | }) |
357 | ||
358 | it('Should return 404 with a non existing id', async function () { | |
26d21b78 | 359 | await removeUser(server.url, 4545454, server.accessToken, 404) |
0e1dc3e7 C |
360 | }) |
361 | }) | |
362 | ||
363 | describe('When register a new user', function () { | |
364 | const registrationPath = path + '/register' | |
26d21b78 C |
365 | const baseCorrectParams = { |
366 | username: 'user3', | |
367 | email: 'test3@example.com', | |
368 | password: 'my super password' | |
369 | } | |
0e1dc3e7 C |
370 | |
371 | it('Should fail with a too small username', async function () { | |
26d21b78 | 372 | const fields = immutableAssign(baseCorrectParams, { username: 'ji' }) |
0e1dc3e7 C |
373 | |
374 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
375 | }) | |
376 | ||
377 | it('Should fail with a too long username', async function () { | |
26d21b78 | 378 | const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' }) |
0e1dc3e7 C |
379 | |
380 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
381 | }) | |
382 | ||
383 | it('Should fail with an incorrect username', async function () { | |
26d21b78 | 384 | const fields = immutableAssign(baseCorrectParams, { username: 'my username' }) |
0e1dc3e7 C |
385 | |
386 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
387 | }) | |
388 | ||
389 | it('Should fail with a missing email', async function () { | |
26d21b78 | 390 | const fields = omit(baseCorrectParams, 'email') |
0e1dc3e7 C |
391 | |
392 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
393 | }) | |
394 | ||
395 | it('Should fail with an invalid email', async function () { | |
26d21b78 | 396 | const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' }) |
0e1dc3e7 C |
397 | |
398 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
399 | }) | |
400 | ||
401 | it('Should fail with a too small password', async function () { | |
26d21b78 | 402 | const fields = immutableAssign(baseCorrectParams, { password: 'bla' }) |
0e1dc3e7 C |
403 | |
404 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
405 | }) | |
406 | ||
407 | it('Should fail with a too long password', async function () { | |
26d21b78 | 408 | const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) }) |
0e1dc3e7 C |
409 | |
410 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
411 | }) | |
412 | ||
413 | it('Should fail if we register a user with the same username', async function () { | |
26d21b78 | 414 | const fields = immutableAssign(baseCorrectParams, { username: 'root' }) |
0e1dc3e7 | 415 | |
26d21b78 C |
416 | await makePostBodyRequest({ |
417 | url: server.url, | |
418 | path: registrationPath, | |
419 | token: server.accessToken, | |
420 | fields, | |
421 | statusCodeExpected: 409 | |
422 | }) | |
0e1dc3e7 C |
423 | }) |
424 | ||
425 | it('Should fail if we register a user with the same email', async function () { | |
26d21b78 | 426 | const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' }) |
0e1dc3e7 | 427 | |
26d21b78 C |
428 | await makePostBodyRequest({ |
429 | url: server.url, | |
430 | path: registrationPath, | |
431 | token: server.accessToken, | |
432 | fields, | |
433 | statusCodeExpected: 409 | |
434 | }) | |
0e1dc3e7 C |
435 | }) |
436 | ||
437 | it('Should succeed with the correct params', async function () { | |
26d21b78 C |
438 | await makePostBodyRequest({ |
439 | url: server.url, | |
440 | path: registrationPath, | |
441 | token: server.accessToken, | |
442 | fields: baseCorrectParams, | |
443 | statusCodeExpected: 204 | |
444 | }) | |
0e1dc3e7 C |
445 | }) |
446 | ||
447 | it('Should fail on a server with registration disabled', async function () { | |
448 | const fields = { | |
449 | username: 'user4', | |
450 | email: 'test4@example.com', | |
451 | password: 'my super password 4' | |
452 | } | |
453 | ||
454 | await makePostBodyRequest({ | |
455 | url: serverWithRegistrationDisabled.url, | |
456 | path: registrationPath, | |
457 | token: serverWithRegistrationDisabled.accessToken, | |
458 | fields, | |
459 | statusCodeExpected: 403 | |
460 | }) | |
461 | }) | |
462 | }) | |
463 | ||
464 | describe('When registering multiple users on a server with users limit', function () { | |
465 | it('Should fail when after 3 registrations', async function () { | |
466 | await registerUser(server.url, 'user42', 'super password', 403) | |
467 | }) | |
468 | }) | |
469 | ||
77a5501f C |
470 | describe('When having a video quota', function () { |
471 | it('Should fail with a user having too many video', async function () { | |
26d21b78 C |
472 | await updateUser({ |
473 | url: server.url, | |
474 | userId: rootId, | |
475 | accessToken: server.accessToken, | |
77a5501f | 476 | videoQuota: 42 |
26d21b78 | 477 | }) |
77a5501f | 478 | |
26d21b78 | 479 | await uploadVideo(server.url, server.accessToken, {}, 403) |
77a5501f C |
480 | }) |
481 | ||
482 | it('Should fail with a registered user having too many video', async function () { | |
483 | this.timeout(10000) | |
484 | ||
26d21b78 | 485 | const user = { |
77a5501f | 486 | username: 'user3', |
77a5501f C |
487 | password: 'my super password' |
488 | } | |
26d21b78 | 489 | userAccessToken = await userLogin(server, user) |
77a5501f C |
490 | |
491 | const videoAttributes = { fixture: 'video_short2.webm' } | |
492 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
493 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
494 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
495 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
496 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
497 | await uploadVideo(server.url, userAccessToken, videoAttributes, 403) | |
498 | }) | |
499 | }) | |
500 | ||
0e1dc3e7 C |
501 | after(async function () { |
502 | killallServers([ server, serverWithRegistrationDisabled ]) | |
503 | ||
504 | // Keep the logs if the test failed | |
505 | if (this['ok']) { | |
506 | await flushTests() | |
507 | } | |
508 | }) | |
509 | }) |