]>
Commit | Line | Data |
---|---|---|
0e1dc3e7 C |
1 | /* tslint:disable:no-unused-expression */ |
2 | ||
3 | import * as request from 'supertest' | |
4 | import 'mocha' | |
5 | ||
6 | import { | |
7 | ServerInfo, | |
8 | flushTests, | |
9 | runServer, | |
10 | uploadVideo, | |
11 | getVideosList, | |
12 | makePutBodyRequest, | |
13 | createUser, | |
14 | loginAndGetAccessToken, | |
15 | getUsersList, | |
16 | registerUser, | |
17 | setAccessTokensToServers, | |
18 | killallServers, | |
19 | makePostBodyRequest, | |
20 | getUserAccessToken | |
21 | } from '../../utils' | |
22 | ||
23 | describe('Test users API validators', function () { | |
24 | const path = '/api/v1/users/' | |
25 | let userId: number | |
26 | let rootId: number | |
27 | let videoId: number | |
28 | let server: ServerInfo | |
29 | let serverWithRegistrationDisabled: ServerInfo | |
30 | let userAccessToken = '' | |
31 | ||
32 | // --------------------------------------------------------------- | |
33 | ||
34 | before(async function () { | |
35 | this.timeout(120000) | |
36 | ||
37 | await flushTests() | |
38 | ||
39 | server = await runServer(1) | |
40 | serverWithRegistrationDisabled = await runServer(2) | |
41 | ||
42 | await setAccessTokensToServers([ server ]) | |
43 | ||
44 | const username = 'user1' | |
45 | const password = 'my super password' | |
46 | await createUser(server.url, server.accessToken, username, password) | |
47 | ||
48 | const videoAttributes = {} | |
49 | await uploadVideo(server.url, server.accessToken, videoAttributes) | |
50 | ||
51 | const res = await getVideosList(server.url) | |
52 | const videos = res.body.data | |
53 | videoId = videos[0].id | |
54 | ||
55 | const user = { | |
56 | username: 'user1', | |
57 | password: 'my super password' | |
58 | } | |
59 | userAccessToken = await getUserAccessToken(server, user) | |
60 | }) | |
61 | ||
62 | describe('When listing users', function () { | |
63 | it('Should fail with a bad start pagination', async function () { | |
64 | await request(server.url) | |
65 | .get(path) | |
66 | .query({ start: 'hello' }) | |
67 | .set('Accept', 'application/json') | |
68 | .expect(400) | |
69 | }) | |
70 | ||
71 | it('Should fail with a bad count pagination', async function () { | |
72 | await request(server.url) | |
73 | .get(path) | |
74 | .query({ count: 'hello' }) | |
75 | .set('Accept', 'application/json') | |
76 | .expect(400) | |
77 | }) | |
78 | ||
79 | it('Should fail with an incorrect sort', async function () { | |
80 | await request(server.url) | |
81 | .get(path) | |
82 | .query({ sort: 'hello' }) | |
83 | .set('Accept', 'application/json') | |
84 | .expect(400) | |
85 | }) | |
86 | }) | |
87 | ||
88 | describe('When adding a new user', function () { | |
89 | it('Should fail with a too small username', async function () { | |
90 | const fields = { | |
91 | username: 'ji', | |
92 | email: 'test@example.com', | |
93 | password: 'my_super_password' | |
94 | } | |
95 | ||
96 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
97 | }) | |
98 | ||
99 | it('Should fail with a too long username', async function () { | |
100 | const fields = { | |
101 | username: 'my_super_username_which_is_very_long', | |
102 | email: 'test@example.com', | |
103 | password: 'my_super_password' | |
104 | } | |
105 | ||
106 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
107 | }) | |
108 | ||
109 | it('Should fail with an incorrect username', async function () { | |
110 | const fields = { | |
111 | username: 'my username', | |
112 | email: 'test@example.com', | |
113 | password: 'my_super_password' | |
114 | } | |
115 | ||
116 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
117 | }) | |
118 | ||
119 | it('Should fail with a missing email', async function () { | |
120 | const fields = { | |
121 | username: 'ji', | |
122 | password: 'my_super_password' | |
123 | } | |
124 | ||
125 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
126 | }) | |
127 | ||
128 | it('Should fail with an invalid email', async function () { | |
129 | const fields = { | |
130 | username: 'my_super_username_which_is_very_long', | |
131 | email: 'test_example.com', | |
132 | password: 'my_super_password' | |
133 | } | |
134 | ||
135 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
136 | }) | |
137 | ||
138 | it('Should fail with a too small password', async function () { | |
139 | const fields = { | |
140 | username: 'my_username', | |
141 | email: 'test@example.com', | |
142 | password: 'bla' | |
143 | } | |
144 | ||
145 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
146 | }) | |
147 | ||
148 | it('Should fail with a too long password', async function () { | |
149 | const fields = { | |
150 | username: 'my_username', | |
151 | email: 'test@example.com', | |
152 | password: 'my super long password which is very very very very very very very very very very very very very very' + | |
153 | 'very very very very very very very very very very very very very very very veryv very very very very' + | |
154 | 'very very very very very very very very very very very very very very very very very very very very long' | |
155 | } | |
156 | ||
157 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
158 | }) | |
159 | ||
160 | it('Should fail with an non authenticated user', async function () { | |
161 | const fields = { | |
162 | username: 'my_username', | |
163 | email: 'test@example.com', | |
164 | password: 'my super password' | |
165 | } | |
166 | ||
167 | await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 }) | |
168 | }) | |
169 | ||
170 | it('Should fail if we add a user with the same username', async function () { | |
171 | const fields = { | |
172 | username: 'user1', | |
173 | email: 'test@example.com', | |
174 | password: 'my super password' | |
175 | } | |
176 | ||
177 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
178 | }) | |
179 | ||
180 | it('Should fail if we add a user with the same email', async function () { | |
181 | const fields = { | |
182 | username: 'my_username', | |
183 | email: 'user1@example.com', | |
184 | password: 'my super password' | |
185 | } | |
186 | ||
187 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
188 | }) | |
189 | ||
190 | it('Should succeed with the correct params', async function () { | |
191 | const fields = { | |
192 | username: 'user2', | |
193 | email: 'test@example.com', | |
194 | password: 'my super password' | |
195 | } | |
196 | ||
197 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
198 | }) | |
199 | ||
200 | it('Should fail with a non admin user', async function () { | |
201 | server.user = { | |
202 | username: 'user1', | |
203 | email: 'test@example.com', | |
204 | password: 'my super password' | |
205 | } | |
206 | ||
207 | userAccessToken = await loginAndGetAccessToken(server) | |
208 | const fields = { | |
209 | username: 'user3', | |
210 | email: 'test@example.com', | |
211 | password: 'my super password' | |
212 | } | |
213 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) | |
214 | }) | |
215 | }) | |
216 | ||
217 | describe('When updating a user', function () { | |
218 | before(async function () { | |
219 | const res = await getUsersList(server.url) | |
220 | ||
221 | userId = res.body.data[1].id | |
222 | rootId = res.body.data[2].id | |
223 | }) | |
224 | ||
225 | it('Should fail with a too small password', async function () { | |
226 | const fields = { | |
227 | password: 'bla' | |
228 | } | |
229 | ||
230 | await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) | |
231 | }) | |
232 | ||
233 | it('Should fail with a too long password', async function () { | |
234 | const fields = { | |
235 | password: 'my super long password which is very very very very very very very very very very very very very very' + | |
236 | 'very very very very very very very very very very very very very very very veryv very very very very' + | |
237 | 'very very very very very very very very very very very very very very very very very very very very long' | |
238 | } | |
239 | ||
240 | await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) | |
241 | }) | |
242 | ||
243 | it('Should fail with an invalid display NSFW attribute', async function () { | |
244 | const fields = { | |
245 | displayNSFW: -1 | |
246 | } | |
247 | ||
248 | await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields }) | |
249 | }) | |
250 | ||
251 | it('Should fail with an non authenticated user', async function () { | |
252 | const fields = { | |
253 | password: 'my super password' | |
254 | } | |
255 | ||
256 | await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) | |
257 | }) | |
258 | ||
259 | it('Should succeed with the correct params', async function () { | |
260 | const fields = { | |
261 | password: 'my super password', | |
262 | displayNSFW: true | |
263 | } | |
264 | ||
265 | await makePutBodyRequest({ url: server.url, path: path + userId, token: userAccessToken, fields, statusCodeExpected: 204 }) | |
266 | }) | |
267 | }) | |
268 | ||
269 | describe('When getting my information', function () { | |
270 | it('Should fail with a non authenticated user', async function () { | |
271 | await request(server.url) | |
272 | .get(path + 'me') | |
273 | .set('Authorization', 'Bearer fake_token') | |
274 | .set('Accept', 'application/json') | |
275 | .expect(401) | |
276 | }) | |
277 | ||
278 | it('Should success with the correct parameters', async function () { | |
279 | await request(server.url) | |
280 | .get(path + 'me') | |
281 | .set('Authorization', 'Bearer ' + userAccessToken) | |
282 | .set('Accept', 'application/json') | |
283 | .expect(200) | |
284 | }) | |
285 | }) | |
286 | ||
287 | describe('When getting my video rating', function () { | |
288 | it('Should fail with a non authenticated user', async function () { | |
289 | await request(server.url) | |
290 | .get(path + 'me/videos/' + videoId + '/rating') | |
291 | .set('Authorization', 'Bearer fake_token') | |
292 | .set('Accept', 'application/json') | |
293 | .expect(401) | |
294 | }) | |
295 | ||
296 | it('Should fail with an incorrect video uuid', async function () { | |
297 | await request(server.url) | |
298 | .get(path + 'me/videos/blabla/rating') | |
299 | .set('Authorization', 'Bearer ' + userAccessToken) | |
300 | .set('Accept', 'application/json') | |
301 | .expect(400) | |
302 | }) | |
303 | ||
304 | it('Should fail with an unknown video', async function () { | |
305 | await request(server.url) | |
306 | .get(path + 'me/videos/4da6fde3-88f7-4d16-b119-108df5630b06/rating') | |
307 | .set('Authorization', 'Bearer ' + userAccessToken) | |
308 | .set('Accept', 'application/json') | |
309 | .expect(404) | |
310 | }) | |
311 | ||
312 | it('Should success with the correct parameters', async function () { | |
313 | await request(server.url) | |
314 | .get(path + 'me/videos/' + videoId + '/rating') | |
315 | .set('Authorization', 'Bearer ' + userAccessToken) | |
316 | .set('Accept', 'application/json') | |
317 | .expect(200) | |
318 | }) | |
319 | }) | |
320 | ||
321 | describe('When removing an user', function () { | |
322 | it('Should fail with an incorrect id', async function () { | |
323 | await request(server.url) | |
324 | .delete(path + 'bla-bla') | |
325 | .set('Authorization', 'Bearer ' + server.accessToken) | |
326 | .expect(400) | |
327 | }) | |
328 | ||
329 | it('Should fail with the root user', async function () { | |
330 | await request(server.url) | |
331 | .delete(path + rootId) | |
332 | .set('Authorization', 'Bearer ' + server.accessToken) | |
333 | .expect(400) | |
334 | }) | |
335 | ||
336 | it('Should return 404 with a non existing id', async function () { | |
337 | await request(server.url) | |
338 | .delete(path + '45') | |
339 | .set('Authorization', 'Bearer ' + server.accessToken) | |
340 | .expect(404) | |
341 | }) | |
342 | }) | |
343 | ||
344 | describe('When removing an user', function () { | |
345 | it('Should fail with an incorrect id', async function () { | |
346 | await request(server.url) | |
347 | .delete(path + 'bla-bla') | |
348 | .set('Authorization', 'Bearer ' + server.accessToken) | |
349 | .expect(400) | |
350 | }) | |
351 | ||
352 | it('Should fail with the root user', async function () { | |
353 | await request(server.url) | |
354 | .delete(path + rootId) | |
355 | .set('Authorization', 'Bearer ' + server.accessToken) | |
356 | .expect(400) | |
357 | }) | |
358 | ||
359 | it('Should return 404 with a non existing id', async function () { | |
360 | await request(server.url) | |
361 | .delete(path + '45') | |
362 | .set('Authorization', 'Bearer ' + server.accessToken) | |
363 | .expect(404) | |
364 | }) | |
365 | }) | |
366 | ||
367 | describe('When register a new user', function () { | |
368 | const registrationPath = path + '/register' | |
369 | ||
370 | it('Should fail with a too small username', async function () { | |
371 | const fields = { | |
372 | username: 'ji', | |
373 | email: 'test@example.com', | |
374 | password: 'my_super_password' | |
375 | } | |
376 | ||
377 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
378 | }) | |
379 | ||
380 | it('Should fail with a too long username', async function () { | |
381 | const fields = { | |
382 | username: 'my_super_username_which_is_very_long', | |
383 | email: 'test@example.com', | |
384 | password: 'my_super_password' | |
385 | } | |
386 | ||
387 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
388 | }) | |
389 | ||
390 | it('Should fail with an incorrect username', async function () { | |
391 | const fields = { | |
392 | username: 'my username', | |
393 | email: 'test@example.com', | |
394 | password: 'my_super_password' | |
395 | } | |
396 | ||
397 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
398 | }) | |
399 | ||
400 | it('Should fail with a missing email', async function () { | |
401 | const fields = { | |
402 | username: 'ji', | |
403 | password: 'my_super_password' | |
404 | } | |
405 | ||
406 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
407 | }) | |
408 | ||
409 | it('Should fail with an invalid email', async function () { | |
410 | const fields = { | |
411 | username: 'my_super_username_which_is_very_long', | |
412 | email: 'test_example.com', | |
413 | password: 'my_super_password' | |
414 | } | |
415 | ||
416 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
417 | }) | |
418 | ||
419 | it('Should fail with a too small password', async function () { | |
420 | const fields = { | |
421 | username: 'my_username', | |
422 | email: 'test@example.com', | |
423 | password: 'bla' | |
424 | } | |
425 | ||
426 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
427 | }) | |
428 | ||
429 | it('Should fail with a too long password', async function () { | |
430 | const fields = { | |
431 | username: 'my_username', | |
432 | email: 'test@example.com', | |
433 | password: 'my super long password which is very very very very very very very very very very very very very very' + | |
434 | 'very very very very very very very very very very very very very very very veryv very very very very' + | |
435 | 'very very very very very very very very very very very very very very very very very very very very long' | |
436 | } | |
437 | ||
438 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
439 | }) | |
440 | ||
441 | it('Should fail if we register a user with the same username', async function () { | |
442 | const fields = { | |
443 | username: 'root', | |
444 | email: 'test@example.com', | |
445 | password: 'my super password' | |
446 | } | |
447 | ||
448 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
449 | }) | |
450 | ||
451 | it('Should fail if we register a user with the same email', async function () { | |
452 | const fields = { | |
453 | username: 'my_username', | |
454 | email: 'admin1@example.com', | |
455 | password: 'my super password' | |
456 | } | |
457 | ||
458 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
459 | }) | |
460 | ||
461 | it('Should succeed with the correct params', async function () { | |
462 | const fields = { | |
463 | username: 'user3', | |
464 | email: 'test3@example.com', | |
465 | password: 'my super password' | |
466 | } | |
467 | ||
468 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
469 | }) | |
470 | ||
471 | it('Should fail on a server with registration disabled', async function () { | |
472 | const fields = { | |
473 | username: 'user4', | |
474 | email: 'test4@example.com', | |
475 | password: 'my super password 4' | |
476 | } | |
477 | ||
478 | await makePostBodyRequest({ | |
479 | url: serverWithRegistrationDisabled.url, | |
480 | path: registrationPath, | |
481 | token: serverWithRegistrationDisabled.accessToken, | |
482 | fields, | |
483 | statusCodeExpected: 403 | |
484 | }) | |
485 | }) | |
486 | }) | |
487 | ||
488 | describe('When registering multiple users on a server with users limit', function () { | |
489 | it('Should fail when after 3 registrations', async function () { | |
490 | await registerUser(server.url, 'user42', 'super password', 403) | |
491 | }) | |
492 | }) | |
493 | ||
494 | after(async function () { | |
495 | killallServers([ server, serverWithRegistrationDisabled ]) | |
496 | ||
497 | // Keep the logs if the test failed | |
498 | if (this['ok']) { | |
499 | await flushTests() | |
500 | } | |
501 | }) | |
502 | }) |