]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blame - server/tests/api/check-params/users.ts
projects / github / Chocobozzz / PeerTube.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix comments deleted display
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts
CommitLineData
a1587156 1/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
0e1dc3e7 2
26d21b78 3import { omit } from 'lodash'
0e1dc3e7 4import 'mocha'
47564bbe 5import { join } from 'path'
a95a4cc8 6import { User, UserRole, VideoImport, VideoImportState } from '../../../../shared'
0e1dc3e7
C		 7
8import {
e590b4a5 9 addVideoChannel,
42e1ec25 10 blockUser,
7c3b7976 11 cleanupTests,
42e1ec25
C		 12 createUser,
13 deleteMe,
14 flushAndRunServer,
15 getMyUserInformation,
16 getMyUserVideoRating,
17 getUsersList,
18 immutableAssign,
45f1bd72 19 killallServers,
42e1ec25
C		 20 makeGetRequest,
21 makePostBodyRequest,
22 makePutBodyRequest,
23 makeUploadRequest,
24 registerUser,
25 removeUser,
45f1bd72 26 reRunServer,
42e1ec25
C		 27 ServerInfo,
28 setAccessTokensToServers,
29 unblockUser,
30 updateUser,
31 uploadVideo,
32 userLogin
94565d52 33} from '../../../../shared/extra-utils'
9639bd17 34import {
35 checkBadCountPagination,
36 checkBadSortPagination,
37 checkBadStartPagination
94565d52
C		 38} from '../../../../shared/extra-utils/requests/check-api-params'
39import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../../../shared/extra-utils/videos/video-imports'
187501f8 40import { VideoPrivacy } from '../../../../shared/models/videos'
94565d52 41import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
187501f8 42import { expect } from 'chai'
1eddc9a7 43import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
45f1bd72 44import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email'
0e1dc3e7
C		 45
46describe('Test users API validators', function () {
47 const path = '/api/v1/users/'
48 let userId: number
49 let rootId: number
a95a4cc8 50 let moderatorId: number
0e1dc3e7
C		 51 let videoId: number
52 let server: ServerInfo
53 let serverWithRegistrationDisabled: ServerInfo
54 let userAccessToken = ''
a95a4cc8 55 let moderatorAccessToken = ''
45f1bd72
JL		 56 let emailPort: number
57 let overrideConfig: Object
a1587156 58 // eslint-disable-next-line @typescript-eslint/no-unused-vars
187501f8 59 let channelId: number
0e1dc3e7
C		 60
61 // ---------------------------------------------------------------
62
63 before(async function () {
e212f887 64 this.timeout(30000)
0e1dc3e7 65
45f1bd72
JL		 66 const emails: object[] = []
67 emailPort = await MockSmtpServer.Instance.collectEmails(emails)
68
69 overrideConfig = { signup: { limit: 8 } }
70
a95a4cc8
C		 71 {
72 const res = await Promise.all([
45f1bd72 73 flushAndRunServer(1, overrideConfig),
a95a4cc8
C		 74 flushAndRunServer(2)
75 ])
0e1dc3e7 76
a95a4cc8
C		 77 server = res[0]
78 serverWithRegistrationDisabled = res[1]
0e1dc3e7 79
a95a4cc8
C		 80 await setAccessTokensToServers([ server ])
81 }
82
83 {
84 const user = {
85 username: 'user1',
86 password: 'my super password'
87 }
88
89 const videoQuota = 42000000
90 await createUser({
91 url: server.url,
92 accessToken: server.accessToken,
93 username: user.username,
94 password: user.password,
95 videoQuota: videoQuota
96 })
97 userAccessToken = await userLogin(server, user)
98 }
99
100 {
101 const moderator = {
102 username: 'moderator1',
103 password: 'super password'
104 }
105
106 await createUser({
107 url: server.url,
108 accessToken: server.accessToken,
109 username: moderator.username,
110 password: moderator.password,
111 role: UserRole.MODERATOR
112 })
113
114 moderatorAccessToken = await userLogin(server, moderator)
115 }
116
117 {
118 const moderator = {
119 username: 'moderator2',
120 password: 'super password'
121 }
122
123 await createUser({
124 url: server.url,
125 accessToken: server.accessToken,
126 username: moderator.username,
127 password: moderator.password,
128 role: UserRole.MODERATOR
129 })
130 }
26d21b78 131
187501f8
C		 132 {
133 const res = await getMyUserInformation(server.url, server.accessToken)
a1587156 134 channelId = res.body.videoChannels[0].id
187501f8
C		 135 }
136
137 {
138 const res = await uploadVideo(server.url, server.accessToken, {})
139 videoId = res.body.video.id
140 }
a95a4cc8
C		 141
142 {
143 const res = await getUsersList(server.url, server.accessToken)
144 const users: User[] = res.body.data
145
146 userId = users.find(u => u.username === 'user1').id
147 rootId = users.find(u => u.username === 'root').id
148 moderatorId = users.find(u => u.username === 'moderator2').id
149 }
0e1dc3e7
C		 150 })
151
152 describe('When listing users', function () {
153 it('Should fail with a bad start pagination', async function () {
26d21b78 154 await checkBadStartPagination(server.url, path, server.accessToken)
0e1dc3e7
C		 155 })
156
157 it('Should fail with a bad count pagination', async function () {
26d21b78 158 await checkBadCountPagination(server.url, path, server.accessToken)
0e1dc3e7
C		 159 })
160
161 it('Should fail with an incorrect sort', async function () {
26d21b78 162 await checkBadSortPagination(server.url, path, server.accessToken)
0e1dc3e7 163 })
86d13ec2
C		 164
165 it('Should fail with a non authenticated user', async function () {
26d21b78
C		 166 await makeGetRequest({
167 url: server.url,
168 path,
169 statusCodeExpected: 401
170 })
86d13ec2
C		 171 })
172
173 it('Should fail with a non admin user', async function () {
26d21b78
C		 174 await makeGetRequest({
175 url: server.url,
176 path,
177 token: userAccessToken,
178 statusCodeExpected: 403
179 })
86d13ec2 180 })
0e1dc3e7
C		 181 })
182
183 describe('When adding a new user', function () {
26d21b78
C		 184 const baseCorrectParams = {
185 username: 'user2',
186 email: 'test@example.com',
187 password: 'my super password',
188 videoQuota: -1,
bee0abff 189 videoQuotaDaily: -1,
1eddc9a7
C		 190 role: UserRole.USER,
191 adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
26d21b78
C		 192 }
193
0e1dc3e7 194 it('Should fail with a too small username', async function () {
d0ce42c1 195 const fields = immutableAssign(baseCorrectParams, { username: '' })
0e1dc3e7
C		 196
197 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
198 })
199
200 it('Should fail with a too long username', async function () {
9f7a1953 201 const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
0e1dc3e7
C		 202
203 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
204 })
205
563d032e 206 it('Should fail with a not lowercase username', async function () {
26d21b78 207 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
563d032e
C		 208
209 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
210 })
211
0e1dc3e7 212 it('Should fail with an incorrect username', async function () {
26d21b78 213 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
0e1dc3e7
C		 214
215 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
216 })
217
218 it('Should fail with a missing email', async function () {
26d21b78 219 const fields = omit(baseCorrectParams, 'email')
0e1dc3e7
C		 220
221 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
222 })
223
224 it('Should fail with an invalid email', async function () {
26d21b78 225 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
0e1dc3e7
C		 226
227 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
228 })
229
230 it('Should fail with a too small password', async function () {
26d21b78 231 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
0e1dc3e7
C		 232
233 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
234 })
235
236 it('Should fail with a too long password', async function () {
26d21b78 237 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
0e1dc3e7
C		 238
239 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
240 })
241
45f1bd72
JL		 242 it('Should fail with empty password and no smtp configured', async function () {
243 const fields = immutableAssign(baseCorrectParams, { password: '' })
244
245 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
246 })
247
248 it('Should succeed with no password on a server with smtp enabled', async function () {
249 this.timeout(10000)
250
251 killallServers([ server ])
252
253 const config = immutableAssign(overrideConfig, {
254 smtp: {
255 hostname: 'localhost',
256 port: emailPort
257 }
258 })
259 await reRunServer(server, config)
260
261 const fields = immutableAssign(baseCorrectParams, {
262 password: '',
263 username: 'create_password',
264 email: 'create_password@example.com'
265 })
266
267 await makePostBodyRequest({
268 url: server.url,
269 path: path,
270 token: server.accessToken,
271 fields,
272 statusCodeExpected: 200
273 })
274 })
275
1eddc9a7
C		 276 it('Should fail with invalid admin flags', async function () {
277 const fields = immutableAssign(baseCorrectParams, { adminFlags: 'toto' })
278
279 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
280 })
281
0e1dc3e7 282 it('Should fail with an non authenticated user', async function () {
26d21b78
C		 283 await makePostBodyRequest({
284 url: server.url,
285 path,
286 token: 'super token',
287 fields: baseCorrectParams,
288 statusCodeExpected: 401
289 })
0e1dc3e7
C		 290 })
291
292 it('Should fail if we add a user with the same username', async function () {
26d21b78 293 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
0e1dc3e7
C		 294
295 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
296 })
297
298 it('Should fail if we add a user with the same email', async function () {
26d21b78 299 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
0e1dc3e7
C		 300
301 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
302 })
303
77a5501f 304 it('Should fail without a videoQuota', async function () {
26d21b78 305 const fields = omit(baseCorrectParams, 'videoQuota')
77a5501f
C		 306
307 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
308 })
309
bee0abff
FA		 310 it('Should fail without a videoQuotaDaily', async function () {
311 const fields = omit(baseCorrectParams, 'videoQuotaDaily')
312
313 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
314 })
315
77a5501f 316 it('Should fail with an invalid videoQuota', async function () {
26d21b78 317 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
757f0da3
C		 318
319 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
320 })
321
bee0abff
FA		 322 it('Should fail with an invalid videoQuotaDaily', async function () {
323 const fields = immutableAssign(baseCorrectParams, { videoQuotaDaily: -7 })
324
325 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
326 })
327
757f0da3 328 it('Should fail without a user role', async function () {
26d21b78 329 const fields = omit(baseCorrectParams, 'role')
757f0da3
C		 330
331 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
332 })
333
334 it('Should fail with an invalid user role', async function () {
26d21b78 335 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
77a5501f
C		 336
337 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
338 })
339
2ef6a063
C		 340 it('Should fail with a "peertube" username', async function () {
341 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
342
343 await makePostBodyRequest({
344 url: server.url,
345 path,
346 token: server.accessToken,
347 fields,
348 statusCodeExpected: 409
349 })
350 })
351
a95a4cc8
C		 352 it('Should fail to create a moderator or an admin with a moderator', async function () {
353 for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
354 const fields = immutableAssign(baseCorrectParams, { role })
355
356 await makePostBodyRequest({
357 url: server.url,
358 path,
359 token: moderatorAccessToken,
360 fields,
361 statusCodeExpected: 403
362 })
363 }
364 })
365
366 it('Should succeed to create a user with a moderator', async function () {
367 const fields = immutableAssign(baseCorrectParams, { username: 'a4656', email: 'a4656@example.com', role: UserRole.USER })
368
369 await makePostBodyRequest({
370 url: server.url,
371 path,
372 token: moderatorAccessToken,
373 fields,
374 statusCodeExpected: 200
375 })
376 })
377
0e1dc3e7 378 it('Should succeed with the correct params', async function () {
26d21b78
C		 379 await makePostBodyRequest({
380 url: server.url,
381 path,
382 token: server.accessToken,
383 fields: baseCorrectParams,
f05a1c30 384 statusCodeExpected: 200
26d21b78 385 })
0e1dc3e7
C		 386 })
387
388 it('Should fail with a non admin user', async function () {
26d21b78 389 const user = {
0e1dc3e7 390 username: 'user1',
0e1dc3e7
C		 391 password: 'my super password'
392 }
26d21b78 393 userAccessToken = await userLogin(server, user)
0e1dc3e7 394
0e1dc3e7
C		 395 const fields = {
396 username: 'user3',
397 email: 'test@example.com',
77a5501f
C		 398 password: 'my super password',
399 videoQuota: 42000000
0e1dc3e7
C		 400 }
401 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
402 })
403 })
404
77a5501f
C		 405 describe('When updating my account', function () {
406 it('Should fail with an invalid email attribute', async function () {
407 const fields = {
408 email: 'blabla'
409 }
0e1dc3e7 410
77a5501f 411 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
0e1dc3e7
C		 412 })
413
414 it('Should fail with a too small password', async function () {
415 const fields = {
a890d1e0 416 currentPassword: 'my super password',
0e1dc3e7
C		 417 password: 'bla'
418 }
419
77a5501f 420 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7
C		 421 })
422
423 it('Should fail with a too long password', async function () {
424 const fields = {
a890d1e0 425 currentPassword: 'my super password',
26d21b78 426 password: 'super'.repeat(61)
0e1dc3e7
C		 427 }
428
77a5501f 429 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7
C		 430 })
431
a890d1e0
C		 432 it('Should fail without the current password', async function () {
433 const fields = {
434 currentPassword: 'my super password',
435 password: 'super'.repeat(61)
436 }
437
438 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
439 })
440
441 it('Should fail with an invalid current password', async function () {
442 const fields = {
443 currentPassword: 'my super password fail',
444 password: 'super'.repeat(61)
445 }
446
447 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 })
448 })
449
0883b324 450 it('Should fail with an invalid NSFW policy attribute', async function () {
0e1dc3e7 451 const fields = {
0883b324 452 nsfwPolicy: 'hello'
0e1dc3e7
C		 453 }
454
77a5501f 455 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7
C		 456 })
457
7efe153b
AL		 458 it('Should fail with an invalid autoPlayVideo attribute', async function () {
459 const fields = {
460 autoPlayVideo: -1
461 }
462
463 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
464 })
465
6aa54148
L		 466 it('Should fail with an invalid autoPlayNextVideo attribute', async function () {
467 const fields = {
468 autoPlayNextVideo: -1
469 }
470
471 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
472 })
473
8b9a525a
C		 474 it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
475 const fields = {
476 videosHistoryEnabled: -1
477 }
478
479 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
480 })
481
0e1dc3e7
C		 482 it('Should fail with an non authenticated user', async function () {
483 const fields = {
a890d1e0 484 currentPassword: 'my super password',
0e1dc3e7
C		 485 password: 'my super password'
486 }
487
77a5501f 488 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
0e1dc3e7
C		 489 })
490
2422c46b
C		 491 it('Should fail with a too long description', async function () {
492 const fields = {
d23e6a1c 493 description: 'super'.repeat(201)
2422c46b
C		 494 }
495
496 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
497 })
498
3caf77d3
C		 499 it('Should fail with an invalid videoLanguages attribute', async function () {
500 {
501 const fields = {
502 videoLanguages: 'toto'
503 }
504
505 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
506 }
507
508 {
509 const languages = []
510 for (let i = 0; i < 1000; i++) {
511 languages.push('fr')
512 }
513
514 const fields = {
515 videoLanguages: languages
516 }
517
518 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
519 }
520 })
521
9b474844
C		 522 it('Should fail with an invalid theme', async function () {
523 const fields = { theme: 'invalid' }
524 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
525 })
526
527 it('Should fail with an unknown theme', async function () {
528 const fields = { theme: 'peertube-theme-unknown' }
529 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
530 })
531
43d0ea7f
C		 532 it('Should fail with an invalid noInstanceConfigWarningModal attribute', async function () {
533 const fields = {
534 noInstanceConfigWarningModal: -1
535 }
536
537 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
538 })
539
540 it('Should fail with an invalid noWelcomeModal attribute', async function () {
541 const fields = {
542 noWelcomeModal: -1
543 }
544
545 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
546 })
547
a890d1e0 548 it('Should succeed to change password with the correct params', async function () {
0e1dc3e7 549 const fields = {
a890d1e0 550 currentPassword: 'my super password',
0e1dc3e7 551 password: 'my super password',
0883b324 552 nsfwPolicy: 'blur',
7efe153b 553 autoPlayVideo: false,
9b474844 554 email: 'super_email@example.com',
43d0ea7f
C		 555 theme: 'default',
556 noInstanceConfigWarningModal: true,
557 noWelcomeModal: true
0e1dc3e7
C		 558 }
559
77a5501f
C		 560 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
561 })
a890d1e0
C		 562
563 it('Should succeed without password change with the correct params', async function () {
564 const fields = {
565 nsfwPolicy: 'blur',
5efab546 566 autoPlayVideo: false
a890d1e0
C		 567 }
568
569 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
570 })
77a5501f
C		 571 })
572
c5911fd3
C		 573 describe('When updating my avatar', function () {
574 it('Should fail without an incorrect input file', async function () {
575 const fields = {}
576 const attaches = {
a1587156 577 avatarfile: join(__dirname, '..', '..', 'fixtures', 'video_short.mp4')
c5911fd3 578 }
ac81d1a0 579 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
c5911fd3
C		 580 })
581
01de67b9
C		 582 it('Should fail with a big file', async function () {
583 const fields = {}
584 const attaches = {
a1587156 585 avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar-big.png')
01de67b9 586 }
ac81d1a0 587 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
01de67b9
C		 588 })
589
4bbfc6c6
C		 590 it('Should fail with an unauthenticated user', async function () {
591 const fields = {}
592 const attaches = {
a1587156 593 avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png')
4bbfc6c6
C		 594 }
595 await makeUploadRequest({
596 url: server.url,
597 path: path + '/me/avatar/pick',
598 fields,
599 attaches,
600 statusCodeExpected: 401
601 })
602 })
603
c5911fd3
C		 604 it('Should succeed with the correct params', async function () {
605 const fields = {}
606 const attaches = {
a1587156 607 avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png')
c5911fd3 608 }
ac81d1a0 609 await makeUploadRequest({
47564bbe
C		 610 url: server.url,
611 path: path + '/me/avatar/pick',
612 token: server.accessToken,
613 fields,
614 attaches,
615 statusCodeExpected: 200
616 })
c5911fd3
C		 617 })
618 })
619
94ff4c23 620 describe('When getting a user', function () {
94ff4c23
C		 621
622 it('Should fail with an non authenticated user', async function () {
623 await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
624 })
625
626 it('Should fail with a non admin user', async function () {
627 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
628 })
629
630 it('Should succeed with the correct params', async function () {
631 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
632 })
633 })
634
77a5501f
C		 635 describe('When updating a user', function () {
636
77a5501f
C		 637 it('Should fail with an invalid email attribute', async function () {
638 const fields = {
639 email: 'blabla'
640 }
641
642 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
643 })
644
fc2ec87a
JM		 645 it('Should fail with an invalid emailVerified attribute', async function () {
646 const fields = {
647 emailVerified: 'yes'
648 }
649
650 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
651 })
652
77a5501f
C		 653 it('Should fail with an invalid videoQuota attribute', async function () {
654 const fields = {
655 videoQuota: -90
656 }
657
658 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
659 })
660
757f0da3
C		 661 it('Should fail with an invalid user role attribute', async function () {
662 const fields = {
663 role: 54878
664 }
665
666 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
667 })
668
b426edd4
C		 669 it('Should fail with a too small password', async function () {
670 const fields = {
671 currentPassword: 'my super password',
672 password: 'bla'
673 }
674
675 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
676 })
677
678 it('Should fail with a too long password', async function () {
679 const fields = {
680 currentPassword: 'my super password',
681 password: 'super'.repeat(61)
682 }
683
684 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
685 })
686
77a5501f
C		 687 it('Should fail with an non authenticated user', async function () {
688 const fields = {
689 videoQuota: 42
690 }
691
692 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
693 })
694
f8b8c36b
C		 695 it('Should fail when updating root role', async function () {
696 const fields = {
697 role: UserRole.MODERATOR
698 }
699
700 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
1eddc9a7
C		 701 })
702
703 it('Should fail with invalid admin flags', async function () {
704 const fields = { adminFlags: 'toto' }
705
a95a4cc8
C		 706 await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
707 })
708
709 it('Should fail to update an admin with a moderator', async function () {
710 const fields = {
711 videoQuota: 42
712 }
713
714 await makePutBodyRequest({
715 url: server.url,
716 path: path + moderatorId,
717 token: moderatorAccessToken,
718 fields,
719 statusCodeExpected: 403
720 })
721 })
722
723 it('Should succeed to update a user with a moderator', async function () {
724 const fields = {
725 videoQuota: 42
726 }
727
728 await makePutBodyRequest({
729 url: server.url,
730 path: path + userId,
731 token: moderatorAccessToken,
732 fields,
733 statusCodeExpected: 204
734 })
f8b8c36b
C		 735 })
736
77a5501f
C		 737 it('Should succeed with the correct params', async function () {
738 const fields = {
739 email: 'email@example.com',
fc2ec87a 740 emailVerified: true,
757f0da3 741 videoQuota: 42,
2f1548fd 742 role: UserRole.USER
77a5501f
C		 743 }
744
745 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
0e1dc3e7
C		 746 })
747 })
748
749 describe('When getting my information', function () {
750 it('Should fail with a non authenticated user', async function () {
26d21b78 751 await getMyUserInformation(server.url, 'fake_token', 401)
0e1dc3e7
C		 752 })
753
754 it('Should success with the correct parameters', async function () {
26d21b78 755 await getMyUserInformation(server.url, userAccessToken)
0e1dc3e7
C		 756 })
757 })
758
759 describe('When getting my video rating', function () {
760 it('Should fail with a non authenticated user', async function () {
26d21b78 761 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
0e1dc3e7
C		 762 })
763
764 it('Should fail with an incorrect video uuid', async function () {
26d21b78 765 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
0e1dc3e7
C		 766 })
767
768 it('Should fail with an unknown video', async function () {
26d21b78 769 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
0e1dc3e7
C		 770 })
771
26d21b78
C		 772 it('Should succeed with the correct parameters', async function () {
773 await getMyUserVideoRating(server.url, server.accessToken, videoId)
0e1dc3e7
C		 774 })
775 })
776
22834691
C		 777 describe('When retrieving my global ratings', function () {
778 const path = '/api/v1/accounts/user1/ratings'
779
780 it('Should fail with a bad start pagination', async function () {
781 await checkBadStartPagination(server.url, path, userAccessToken)
782 })
783
784 it('Should fail with a bad count pagination', async function () {
785 await checkBadCountPagination(server.url, path, userAccessToken)
786 })
787
788 it('Should fail with an incorrect sort', async function () {
789 await checkBadSortPagination(server.url, path, userAccessToken)
790 })
791
792 it('Should fail with a unauthenticated user', async function () {
793 await makeGetRequest({ url: server.url, path, statusCodeExpected: 401 })
794 })
795
796 it('Should fail with a another user', async function () {
797 await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 403 })
798 })
799
800 it('Should fail with a bad type', async function () {
801 await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { rating: 'toto ' }, statusCodeExpected: 400 })
802 })
803
804 it('Should succeed with the correct params', async function () {
805 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 200 })
806 })
807 })
808
e6921918 809 describe('When blocking/unblocking/removing user', function () {
0e1dc3e7 810 it('Should fail with an incorrect id', async function () {
26d21b78 811 await removeUser(server.url, 'blabla', server.accessToken, 400)
e6921918
C		 812 await blockUser(server.url, 'blabla', server.accessToken, 400)
813 await unblockUser(server.url, 'blabla', server.accessToken, 400)
0e1dc3e7
C		 814 })
815
816 it('Should fail with the root user', async function () {
26d21b78 817 await removeUser(server.url, rootId, server.accessToken, 400)
e6921918
C		 818 await blockUser(server.url, rootId, server.accessToken, 400)
819 await unblockUser(server.url, rootId, server.accessToken, 400)
0e1dc3e7
C		 820 })
821
822 it('Should return 404 with a non existing id', async function () {
26d21b78 823 await removeUser(server.url, 4545454, server.accessToken, 404)
e6921918
C		 824 await blockUser(server.url, 4545454, server.accessToken, 404)
825 await unblockUser(server.url, 4545454, server.accessToken, 404)
826 })
827
828 it('Should fail with a non admin user', async function () {
829 await removeUser(server.url, userId, userAccessToken, 403)
830 await blockUser(server.url, userId, userAccessToken, 403)
831 await unblockUser(server.url, userId, userAccessToken, 403)
0e1dc3e7 832 })
a95a4cc8
C		 833
834 it('Should fail on a moderator with a moderator', async function () {
835 await removeUser(server.url, moderatorId, moderatorAccessToken, 403)
836 await blockUser(server.url, moderatorId, moderatorAccessToken, 403)
837 await unblockUser(server.url, moderatorId, moderatorAccessToken, 403)
838 })
839
840 it('Should succeed on a user with a moderator', async function () {
841 await blockUser(server.url, userId, moderatorAccessToken)
842 await unblockUser(server.url, userId, moderatorAccessToken)
843 })
0e1dc3e7
C		 844 })
845
92b9d60c
C		 846 describe('When deleting our account', function () {
847 it('Should fail with with the root account', async function () {
848 await deleteMe(server.url, server.accessToken, 400)
849 })
850 })
851
e590b4a5 852 describe('When registering a new user', function () {
0e1dc3e7 853 const registrationPath = path + '/register'
26d21b78
C		 854 const baseCorrectParams = {
855 username: 'user3',
1f20622f 856 displayName: 'super user',
26d21b78
C		 857 email: 'test3@example.com',
858 password: 'my super password'
859 }
0e1dc3e7
C		 860
861 it('Should fail with a too small username', async function () {
d0ce42c1 862 const fields = immutableAssign(baseCorrectParams, { username: '' })
0e1dc3e7
C		 863
864 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
865 })
866
867 it('Should fail with a too long username', async function () {
9f7a1953 868 const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
0e1dc3e7
C		 869
870 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
871 })
872
873 it('Should fail with an incorrect username', async function () {
26d21b78 874 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
0e1dc3e7
C		 875
876 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
877 })
878
879 it('Should fail with a missing email', async function () {
26d21b78 880 const fields = omit(baseCorrectParams, 'email')
0e1dc3e7
C		 881
882 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
883 })
884
885 it('Should fail with an invalid email', async function () {
26d21b78 886 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
0e1dc3e7
C		 887
888 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
889 })
890
891 it('Should fail with a too small password', async function () {
26d21b78 892 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
0e1dc3e7
C		 893
894 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
895 })
896
897 it('Should fail with a too long password', async function () {
26d21b78 898 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
0e1dc3e7
C		 899
900 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
901 })
902
903 it('Should fail if we register a user with the same username', async function () {
26d21b78 904 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
0e1dc3e7 905
26d21b78
C		 906 await makePostBodyRequest({
907 url: server.url,
908 path: registrationPath,
909 token: server.accessToken,
910 fields,
911 statusCodeExpected: 409
912 })
0e1dc3e7
C		 913 })
914
2ef6a063
C		 915 it('Should fail with a "peertube" username', async function () {
916 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
917
918 await makePostBodyRequest({
919 url: server.url,
920 path: registrationPath,
921 token: server.accessToken,
922 fields,
923 statusCodeExpected: 409
924 })
925 })
926
0e1dc3e7 927 it('Should fail if we register a user with the same email', async function () {
7c3b7976 928 const fields = immutableAssign(baseCorrectParams, { email: 'admin' + server.internalServerNumber + '@example.com' })
0e1dc3e7 929
26d21b78
C		 930 await makePostBodyRequest({
931 url: server.url,
932 path: registrationPath,
933 token: server.accessToken,
934 fields,
935 statusCodeExpected: 409
936 })
0e1dc3e7
C		 937 })
938
1f20622f
C		 939 it('Should fail with a bad display name', async function () {
940 const fields = immutableAssign(baseCorrectParams, { displayName: 'a'.repeat(150) })
941
942 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
943 })
944
e590b4a5
C		 945 it('Should fail with a bad channel name', async function () {
946 const fields = immutableAssign(baseCorrectParams, { channel: { name: '[]azf', displayName: 'toto' } })
947
948 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
949 })
950
951 it('Should fail with a bad channel display name', async function () {
952 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'toto', displayName: '' } })
953
954 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
955 })
956
32d7f2b7 957 it('Should fail with a channel name that is the same as username', async function () {
1d5342ab
C		 958 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
959 const fields = immutableAssign(baseCorrectParams, source)
960
961 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
962 })
963
e590b4a5
C		 964 it('Should fail with an existing channel', async function () {
965 const videoChannelAttributesArg = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
966 await addVideoChannel(server.url, server.accessToken, videoChannelAttributesArg)
967
968 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'existing_channel', displayName: 'toto' } })
969
970 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
971 })
972
0e1dc3e7 973 it('Should succeed with the correct params', async function () {
e590b4a5
C		 974 const fields = immutableAssign(baseCorrectParams, { channel: { name: 'super_channel', displayName: 'toto' } })
975
26d21b78
C		 976 await makePostBodyRequest({
977 url: server.url,
978 path: registrationPath,
979 token: server.accessToken,
e590b4a5 980 fields: fields,
26d21b78
C		 981 statusCodeExpected: 204
982 })
0e1dc3e7
C		 983 })
984
985 it('Should fail on a server with registration disabled', async function () {
986 const fields = {
987 username: 'user4',
988 email: 'test4@example.com',
989 password: 'my super password 4'
990 }
991
992 await makePostBodyRequest({
993 url: serverWithRegistrationDisabled.url,
994 path: registrationPath,
995 token: serverWithRegistrationDisabled.accessToken,
996 fields,
997 statusCodeExpected: 403
998 })
999 })
1000 })
1001
1002 describe('When registering multiple users on a server with users limit', function () {
1003 it('Should fail when after 3 registrations', async function () {
1004 await registerUser(server.url, 'user42', 'super password', 403)
1005 })
1006 })
1007
77a5501f 1008 describe('When having a video quota', function () {
bee0abff 1009 it('Should fail with a user having too many videos', async function () {
26d21b78
C		 1010 await updateUser({
1011 url: server.url,
1012 userId: rootId,
1013 accessToken: server.accessToken,
77a5501f 1014 videoQuota: 42
26d21b78 1015 })
77a5501f 1016
26d21b78 1017 await uploadVideo(server.url, server.accessToken, {}, 403)
77a5501f
C		 1018 })
1019
bee0abff 1020 it('Should fail with a registered user having too many videos', async function () {
adc236fe 1021 this.timeout(30000)
77a5501f 1022
26d21b78 1023 const user = {
77a5501f 1024 username: 'user3',
77a5501f
C		 1025 password: 'my super password'
1026 }
26d21b78 1027 userAccessToken = await userLogin(server, user)
77a5501f
C		 1028
1029 const videoAttributes = { fixture: 'video_short2.webm' }
1030 await uploadVideo(server.url, userAccessToken, videoAttributes)
1031 await uploadVideo(server.url, userAccessToken, videoAttributes)
1032 await uploadVideo(server.url, userAccessToken, videoAttributes)
1033 await uploadVideo(server.url, userAccessToken, videoAttributes)
1034 await uploadVideo(server.url, userAccessToken, videoAttributes)
1035 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
1036 })
187501f8
C		 1037
1038 it('Should fail to import with HTTP/Torrent/magnet', async function () {
a031ab0b 1039 this.timeout(120000)
187501f8
C		 1040
1041 const baseAttributes = {
1042 channelId: 1,
1043 privacy: VideoPrivacy.PUBLIC
1044 }
1045 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { targetUrl: getYoutubeVideoUrl() }))
1046 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { magnetUri: getMagnetURI() }))
9a7fd960 1047 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { torrentfile: 'video-720p.torrent' as any }))
187501f8
C		 1048
1049 await waitJobs([ server ])
1050
1051 const res = await getMyVideoImports(server.url, server.accessToken)
1052
1053 expect(res.body.total).to.equal(3)
1054 const videoImports: VideoImport[] = res.body.data
1055 expect(videoImports).to.have.lengthOf(3)
1056
1057 for (const videoImport of videoImports) {
1058 expect(videoImport.state.id).to.equal(VideoImportState.FAILED)
1059 expect(videoImport.error).not.to.be.undefined
1060 expect(videoImport.error).to.contain('user video quota is exceeded')
1061 }
1062 })
77a5501f
C		 1063 })
1064
bee0abff
FA		 1065 describe('When having a daily video quota', function () {
1066 it('Should fail with a user having too many videos', async function () {
1067 await updateUser({
1068 url: server.url,
1069 userId: rootId,
1070 accessToken: server.accessToken,
1071 videoQuotaDaily: 42
1072 })
1073
1074 await uploadVideo(server.url, server.accessToken, {}, 403)
1075 })
1076 })
1077
1078 describe('When having an absolute and daily video quota', function () {
1079 it('Should fail if exceeding total quota', async function () {
1080 await updateUser({
1081 url: server.url,
1082 userId: rootId,
1083 accessToken: server.accessToken,
1084 videoQuota: 42,
1085 videoQuotaDaily: 1024 * 1024 * 1024
1086 })
1087
1088 await uploadVideo(server.url, server.accessToken, {}, 403)
1089 })
1090
1091 it('Should fail if exceeding daily quota', async function () {
1092 await updateUser({
1093 url: server.url,
1094 userId: rootId,
1095 accessToken: server.accessToken,
1096 videoQuota: 1024 * 1024 * 1024,
1097 videoQuotaDaily: 42
1098 })
1099
1100 await uploadVideo(server.url, server.accessToken, {}, 403)
1101 })
1102 })
1103
f076daa7
C		 1104 describe('When asking a password reset', function () {
1105 const path = '/api/v1/users/ask-reset-password'
1106
1107 it('Should fail with a missing email', async function () {
1108 const fields = {}
1109
1110 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1111 })
1112
1113 it('Should fail with an invalid email', async function () {
1114 const fields = { email: 'hello' }
1115
1116 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1117 })
1118
1119 it('Should success with the correct params', async function () {
1120 const fields = { email: 'admin@example.com' }
1121
1122 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
1123 })
1124 })
1125
d9eaee39
JM		 1126 describe('When asking for an account verification email', function () {
1127 const path = '/api/v1/users/ask-send-verify-email'
1128
1129 it('Should fail with a missing email', async function () {
1130 const fields = {}
1131
1132 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1133 })
1134
1135 it('Should fail with an invalid email', async function () {
1136 const fields = { email: 'hello' }
1137
1138 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1139 })
1140
1141 it('Should succeed with the correct params', async function () {
1142 const fields = { email: 'admin@example.com' }
1143
1144 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
1145 })
1146 })
1147
7c3b7976 1148 after(async function () {
45f1bd72
JL		 1149 MockSmtpServer.Instance.kill()
1150
7c3b7976 1151 await cleanupTests([ server, serverWithRegistrationDisabled ])
0e1dc3e7
C		 1152 })
1153})
ActivityPub-federated video streaming platform using P2P directly in your web browser