[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts

/* tslint:disable:no-unused-expression */

import * as request from 'supertest'
import 'mocha'

import {
  ServerInfo,
  flushTests,
  runServer,
  uploadVideo,
  getVideosList,
  makePutBodyRequest,
  createUser,
  loginAndGetAccessToken,
  getUsersList,
  registerUser,
  setAccessTokensToServers,
  killallServers,
  makePostBodyRequest,
  getUserAccessToken
} from '../../utils'

describe('Test users API validators', function () {
  const path = '/api/v1/users/'
  let userId: number
  let rootId: number
  let videoId: number
  let server: ServerInfo
  let serverWithRegistrationDisabled: ServerInfo
  let userAccessToken = ''

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(120000)

    await flushTests()

    server = await runServer(1)
    serverWithRegistrationDisabled = await runServer(2)

    await setAccessTokensToServers([ server ])

    const username = 'user1'
    const password = 'my super password'
    const videoQuota = 42000000
    await createUser(server.url, server.accessToken, username, password, videoQuota)

    const videoAttributes = {}
    await uploadVideo(server.url, server.accessToken, videoAttributes)

    const res = await getVideosList(server.url)
    const videos = res.body.data
    videoId = videos[0].id

    const user = {
      username: 'user1',
      password: 'my super password'
    }
    userAccessToken = await getUserAccessToken(server, user)
  })

  describe('When listing users', function () {
    it('Should fail with a bad start pagination', async function () {
      await request(server.url)
              .get(path)
              .query({ start: 'hello' })
              .set('Accept', 'application/json')
              .expect(400)
    })

    it('Should fail with a bad count pagination', async function () {
      await request(server.url)
              .get(path)
              .query({ count: 'hello' })
              .set('Accept', 'application/json')
              .expect(400)
    })

    it('Should fail with an incorrect sort', async function () {
      await request(server.url)
              .get(path)
              .query({ sort: 'hello' })
              .set('Accept', 'application/json')
              .expect(400)
    })
  })

  describe('When adding a new user', function () {
    it('Should fail with a too small username', async function () {
      const fields = {
        username: 'ji',
        email: 'test@example.com',
        password: 'my_super_password',
        videoQuota: 42000000
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a too long username', async function () {
      const fields = {
        username: 'my_super_username_which_is_very_long',
        email: 'test@example.com',
        password: 'my_super_password',
        videoQuota: 42000000
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an incorrect username', async function () {
      const fields = {
        username: 'my username',
        email: 'test@example.com',
        password: 'my_super_password',
        videoQuota: 42000000
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a missing email', async function () {
      const fields = {
        username: 'ji',
        password: 'my_super_password',
        videoQuota: 42000000
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an invalid email', async function () {
      const fields = {
        username: 'my_super_username_which_is_very_long',
        email: 'test_example.com',
        password: 'my_super_password',
        videoQuota: 42000000
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a too small password', async function () {
      const fields = {
        username: 'my_username',
        email: 'test@example.com',
        password: 'bla',
        videoQuota: 42000000
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a too long password', async function () {
      const fields = {
        username: 'my_username',
        email: 'test@example.com',
        password: 'my super long password which is very very very very very very very very very very very very very very' +
                  'very very very very very very very very very very very very very very very veryv very very very very' +
                  'very very very very very very very very very very very very very very very very very very very very long',
        videoQuota: 42000000
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an non authenticated user', async function () {
      const fields = {
        username: 'my_username',
        email: 'test@example.com',
        password: 'my super password',
        videoQuota: 42000000
      }

      await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 })
    })

    it('Should fail if we add a user with the same username', async function () {
      const fields = {
        username: 'user1',
        email: 'test@example.com',
        password: 'my super password',
        videoQuota: 42000000
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
    })

    it('Should fail if we add a user with the same email', async function () {
      const fields = {
        username: 'my_username',
        email: 'user1@example.com',
        password: 'my super password',
        videoQuota: 42000000
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
    })

    it('Should fail without a videoQuota', async function () {
      const fields = {
        username: 'my_username',
        email: 'user1@example.com',
        password: 'my super password'
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an invalid videoQuota', async function () {
      const fields = {
        username: 'my_username',
        email: 'user1@example.com',
        password: 'my super password',
        videoQuota: -5
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should succeed with the correct params', async function () {
      const fields = {
        username: 'user2',
        email: 'test@example.com',
        password: 'my super password',
        videoQuota: -1
      }

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
    })

    it('Should fail with a non admin user', async function () {
      server.user = {
        username: 'user1',
        email: 'test@example.com',
        password: 'my super password'
      }

      userAccessToken = await loginAndGetAccessToken(server)
      const fields = {
        username: 'user3',
        email: 'test@example.com',
        password: 'my super password',
        videoQuota: 42000000
      }
      await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
    })
  })

  describe('When updating my account', function () {
    it('Should fail with an invalid email attribute', async function () {
      const fields = {
        email: 'blabla'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
    })

    it('Should fail with a too small password', async function () {
      const fields = {
        password: 'bla'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with a too long password', async function () {
      const fields = {
        password: 'my super long password which is very very very very very very very very very very very very very very' +
                  'very very very very very very very very very very very very very very very veryv very very very very' +
                  'very very very very very very very very very very very very very very very very very very very very long'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with an invalid display NSFW attribute', async function () {
      const fields = {
        displayNSFW: -1
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with an non authenticated user', async function () {
      const fields = {
        password: 'my super password'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
    })

    it('Should succeed with the correct params', async function () {
      const fields = {
        password: 'my super password',
        displayNSFW: true,
        email: 'super_email@example.com'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
    })
  })

  describe('When updating a user', function () {

    before(async function () {
      const res = await getUsersList(server.url)

      userId = res.body.data[1].id
      rootId = res.body.data[2].id
    })

    it('Should fail with an invalid email attribute', async function () {
      const fields = {
        email: 'blabla'
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
    })

    it('Should fail with an invalid videoQuota attribute', async function () {
      const fields = {
        videoQuota: -90
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
    })

    it('Should fail with an non authenticated user', async function () {
      const fields = {
        videoQuota: 42
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
    })

    it('Should succeed with the correct params', async function () {
      const fields = {
        email: 'email@example.com',
        videoQuota: 42
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
    })
  })

  describe('When getting my information', function () {
    it('Should fail with a non authenticated user', async function () {
      await request(server.url)
              .get(path + 'me')
              .set('Authorization', 'Bearer fake_token')
              .set('Accept', 'application/json')
              .expect(401)
    })

    it('Should success with the correct parameters', async function () {
      await request(server.url)
              .get(path + 'me')
              .set('Authorization', 'Bearer ' + userAccessToken)
              .set('Accept', 'application/json')
              .expect(200)
    })
  })

  describe('When getting my video rating', function () {
    it('Should fail with a non authenticated user', async function () {
      await request(server.url)
              .get(path + 'me/videos/' + videoId + '/rating')
              .set('Authorization', 'Bearer fake_token')
              .set('Accept', 'application/json')
              .expect(401)
    })

    it('Should fail with an incorrect video uuid', async function () {
      await request(server.url)
              .get(path + 'me/videos/blabla/rating')
              .set('Authorization', 'Bearer ' + userAccessToken)
              .set('Accept', 'application/json')
              .expect(400)
    })

    it('Should fail with an unknown video', async function () {
      await request(server.url)
              .get(path + 'me/videos/4da6fde3-88f7-4d16-b119-108df5630b06/rating')
              .set('Authorization', 'Bearer ' + userAccessToken)
              .set('Accept', 'application/json')
              .expect(404)
    })

    it('Should success with the correct parameters', async function () {
      await request(server.url)
              .get(path + 'me/videos/' + videoId + '/rating')
              .set('Authorization', 'Bearer ' + userAccessToken)
              .set('Accept', 'application/json')
              .expect(200)
    })
  })

  describe('When removing an user', function () {
    it('Should fail with an incorrect id', async function () {
      await request(server.url)
              .delete(path + 'bla-bla')
              .set('Authorization', 'Bearer ' + server.accessToken)
              .expect(400)
    })

    it('Should fail with the root user', async function () {
      await request(server.url)
              .delete(path + rootId)
              .set('Authorization', 'Bearer ' + server.accessToken)
              .expect(400)
    })

    it('Should return 404 with a non existing id', async function () {
      await request(server.url)
              .delete(path + '45')
              .set('Authorization', 'Bearer ' + server.accessToken)
              .expect(404)
    })
  })

  describe('When removing an user', function () {
    it('Should fail with an incorrect id', async function () {
      await request(server.url)
              .delete(path + 'bla-bla')
              .set('Authorization', 'Bearer ' + server.accessToken)
              .expect(400)
    })

    it('Should fail with the root user', async function () {
      await request(server.url)
              .delete(path + rootId)
              .set('Authorization', 'Bearer ' + server.accessToken)
              .expect(400)
    })

    it('Should return 404 with a non existing id', async function () {
      await request(server.url)
              .delete(path + '45')
              .set('Authorization', 'Bearer ' + server.accessToken)
              .expect(404)
    })
  })

  describe('When register a new user', function () {
    const registrationPath = path + '/register'

    it('Should fail with a too small username', async function () {
      const fields = {
        username: 'ji',
        email: 'test@example.com',
        password: 'my_super_password'
      }

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a too long username', async function () {
      const fields = {
        username: 'my_super_username_which_is_very_long',
        email: 'test@example.com',
        password: 'my_super_password'
      }

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with an incorrect username', async function () {
      const fields = {
        username: 'my username',
        email: 'test@example.com',
        password: 'my_super_password'
      }

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a missing email', async function () {
      const fields = {
        username: 'ji',
        password: 'my_super_password'
      }

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with an invalid email', async function () {
      const fields = {
        username: 'my_super_username_which_is_very_long',
        email: 'test_example.com',
        password: 'my_super_password'
      }

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a too small password', async function () {
      const fields = {
        username: 'my_username',
        email: 'test@example.com',
        password: 'bla'
      }

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a too long password', async function () {
      const fields = {
        username: 'my_username',
        email: 'test@example.com',
        password: 'my super long password which is very very very very very very very very very very very very very very' +
                  'very very very very very very very very very very very very very very very veryv very very very very' +
                  'very very very very very very very very very very very very very very very very very very very very long'
      }

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail if we register a user with the same username', async function () {
      const fields = {
        username: 'root',
        email: 'test@example.com',
        password: 'my super password'
      }

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
    })

    it('Should fail if we register a user with the same email', async function () {
      const fields = {
        username: 'my_username',
        email: 'admin1@example.com',
        password: 'my super password'
      }

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
    })

    it('Should succeed with the correct params', async function () {
      const fields = {
        username: 'user3',
        email: 'test3@example.com',
        password: 'my super password'
      }

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 204 })
    })

    it('Should fail on a server with registration disabled', async function () {
      const fields = {
        username: 'user4',
        email: 'test4@example.com',
        password: 'my super password 4'
      }

      await makePostBodyRequest({
        url: serverWithRegistrationDisabled.url,
        path: registrationPath,
        token: serverWithRegistrationDisabled.accessToken,
        fields,
        statusCodeExpected: 403
      })
    })
  })

  describe('When registering multiple users on a server with users limit', function () {
    it('Should fail when after 3 registrations', async function () {
      await registerUser(server.url, 'user42', 'super password', 403)
    })
  })

  describe('When having a video quota', function () {
    it('Should fail with a user having too many video', async function () {
      const fields = {
        videoQuota: 42
      }

      await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields, statusCodeExpected: 204 })

      const videoAttributes = {}
      await uploadVideo(server.url, server.accessToken, videoAttributes, 403)
    })

    it('Should fail with a registered user having too many video', async function () {
      this.timeout(10000)

      server.user = {
        username: 'user3',
        email: 'test3@example.com',
        password: 'my super password'
      }
      userAccessToken = await loginAndGetAccessToken(server)

      const videoAttributes = { fixture: 'video_short2.webm' }
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
    })
  })

  after(async function () {
    killallServers([ server, serverWithRegistrationDisabled ])

    // Keep the logs if the test failed
    if (this['ok']) {
      await flushTests()
    }
  })
})
Commit	Line	Data
0e1dc3e7 C	1	/* tslint:disable:no-unused-expression */
	2
	3	import * as request from 'supertest'
	4	import 'mocha'
	5
	6	import {
	7	ServerInfo,
	8	flushTests,
	9	runServer,
	10	uploadVideo,
	11	getVideosList,
	12	makePutBodyRequest,
	13	createUser,
	14	loginAndGetAccessToken,
	15	getUsersList,
	16	registerUser,
	17	setAccessTokensToServers,
	18	killallServers,
	19	makePostBodyRequest,
	20	getUserAccessToken
	21	} from '../../utils'
	22
	23	describe('Test users API validators', function () {
	24	const path = '/api/v1/users/'
	25	let userId: number
	26	let rootId: number
	27	let videoId: number
	28	let server: ServerInfo
	29	let serverWithRegistrationDisabled: ServerInfo
	30	let userAccessToken = ''
	31
	32	// ---------------------------------------------------------------
	33
	34	before(async function () {
	35	this.timeout(120000)
	36
	37	await flushTests()
	38
	39	server = await runServer(1)
	40	serverWithRegistrationDisabled = await runServer(2)
	41
	42	await setAccessTokensToServers([ server ])
	43
	44	const username = 'user1'
	45	const password = 'my super password'
77a5501f C	46	const videoQuota = 42000000
77a5501f C	47	await createUser(server.url, server.accessToken, username, password, videoQuota)
0e1dc3e7 C	48
	49	const videoAttributes = {}
	50	await uploadVideo(server.url, server.accessToken, videoAttributes)
	51
	52	const res = await getVideosList(server.url)
	53	const videos = res.body.data
	54	videoId = videos[0].id
	55
	56	const user = {
	57	username: 'user1',
	58	password: 'my super password'
	59	}
	60	userAccessToken = await getUserAccessToken(server, user)
	61	})
	62
	63	describe('When listing users', function () {
	64	it('Should fail with a bad start pagination', async function () {
	65	await request(server.url)
	66	.get(path)
	67	.query({ start: 'hello' })
	68	.set('Accept', 'application/json')
	69	.expect(400)
	70	})
	71
	72	it('Should fail with a bad count pagination', async function () {
	73	await request(server.url)
	74	.get(path)
	75	.query({ count: 'hello' })
	76	.set('Accept', 'application/json')
	77	.expect(400)
	78	})
	79
	80	it('Should fail with an incorrect sort', async function () {
	81	await request(server.url)
	82	.get(path)
	83	.query({ sort: 'hello' })
	84	.set('Accept', 'application/json')
	85	.expect(400)
	86	})
	87	})
	88
	89	describe('When adding a new user', function () {
	90	it('Should fail with a too small username', async function () {
	91	const fields = {
	92	username: 'ji',
	93	email: 'test@example.com',
77a5501f C	94	password: 'my_super_password',
77a5501f C	95	videoQuota: 42000000
0e1dc3e7 C	96	}
	97
	98	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	99	})
	100
	101	it('Should fail with a too long username', async function () {
	102	const fields = {
	103	username: 'my_super_username_which_is_very_long',
	104	email: 'test@example.com',
77a5501f C	105	password: 'my_super_password',
77a5501f C	106	videoQuota: 42000000
0e1dc3e7 C	107	}
	108
	109	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	110	})
	111
	112	it('Should fail with an incorrect username', async function () {
	113	const fields = {
	114	username: 'my username',
	115	email: 'test@example.com',
77a5501f C	116	password: 'my_super_password',
77a5501f C	117	videoQuota: 42000000
0e1dc3e7 C	118	}
	119
	120	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	121	})
	122
	123	it('Should fail with a missing email', async function () {
	124	const fields = {
	125	username: 'ji',
77a5501f C	126	password: 'my_super_password',
77a5501f C	127	videoQuota: 42000000
0e1dc3e7 C	128	}
	129
	130	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	131	})
	132
	133	it('Should fail with an invalid email', async function () {
	134	const fields = {
	135	username: 'my_super_username_which_is_very_long',
	136	email: 'test_example.com',
77a5501f C	137	password: 'my_super_password',
77a5501f C	138	videoQuota: 42000000
0e1dc3e7 C	139	}
	140
	141	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	142	})
	143
	144	it('Should fail with a too small password', async function () {
	145	const fields = {
	146	username: 'my_username',
	147	email: 'test@example.com',
77a5501f C	148	password: 'bla',
77a5501f C	149	videoQuota: 42000000
0e1dc3e7 C	150	}
	151
	152	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	153	})
	154
	155	it('Should fail with a too long password', async function () {
	156	const fields = {
	157	username: 'my_username',
	158	email: 'test@example.com',
	159	password: 'my super long password which is very very very very very very very very very very very very very very' +
	160	'very very very very very very very very very very very very very very very veryv very very very very' +
77a5501f C	161	'very very very very very very very very very very very very very very very very very very very very long',
77a5501f C	162	videoQuota: 42000000
0e1dc3e7 C	163	}
	164
	165	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	166	})
	167
	168	it('Should fail with an non authenticated user', async function () {
	169	const fields = {
	170	username: 'my_username',
	171	email: 'test@example.com',
77a5501f C	172	password: 'my super password',
77a5501f C	173	videoQuota: 42000000
0e1dc3e7 C	174	}
	175
	176	await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 })
	177	})
	178
	179	it('Should fail if we add a user with the same username', async function () {
	180	const fields = {
	181	username: 'user1',
	182	email: 'test@example.com',
77a5501f C	183	password: 'my super password',
77a5501f C	184	videoQuota: 42000000
0e1dc3e7 C	185	}
	186
	187	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
	188	})
	189
	190	it('Should fail if we add a user with the same email', async function () {
	191	const fields = {
	192	username: 'my_username',
	193	email: 'user1@example.com',
77a5501f C	194	password: 'my super password',
77a5501f C	195	videoQuota: 42000000
0e1dc3e7 C	196	}
	197
	198	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
	199	})
	200
77a5501f C	201	it('Should fail without a videoQuota', async function () {
	202	const fields = {
	203	username: 'my_username',
	204	email: 'user1@example.com',
	205	password: 'my super password'
	206	}
	207
	208	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	209	})
	210
	211	it('Should fail with an invalid videoQuota', async function () {
	212	const fields = {
	213	username: 'my_username',
	214	email: 'user1@example.com',
	215	password: 'my super password',
	216	videoQuota: -5
	217	}
	218
	219	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	220	})
	221
0e1dc3e7 C	222	it('Should succeed with the correct params', async function () {
	223	const fields = {
	224	username: 'user2',
	225	email: 'test@example.com',
77a5501f C	226	password: 'my super password',
77a5501f C	227	videoQuota: -1
0e1dc3e7 C	228	}
	229
	230	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
	231	})
	232
	233	it('Should fail with a non admin user', async function () {
	234	server.user = {
	235	username: 'user1',
	236	email: 'test@example.com',
	237	password: 'my super password'
	238	}
	239
	240	userAccessToken = await loginAndGetAccessToken(server)
	241	const fields = {
	242	username: 'user3',
	243	email: 'test@example.com',
77a5501f C	244	password: 'my super password',
77a5501f C	245	videoQuota: 42000000
0e1dc3e7 C	246	}
	247	await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
	248	})
	249	})
	250
77a5501f C	251	describe('When updating my account', function () {
	252	it('Should fail with an invalid email attribute', async function () {
	253	const fields = {
	254	email: 'blabla'
	255	}
0e1dc3e7	256
77a5501f	257	await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
0e1dc3e7 C	258	})
	259
	260	it('Should fail with a too small password', async function () {
	261	const fields = {
	262	password: 'bla'
	263	}
	264
77a5501f	265	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7 C	266	})
	267
	268	it('Should fail with a too long password', async function () {
	269	const fields = {
	270	password: 'my super long password which is very very very very very very very very very very very very very very' +
	271	'very very very very very very very very very very very very very very very veryv very very very very' +
	272	'very very very very very very very very very very very very very very very very very very very very long'
	273	}
	274
77a5501f	275	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7 C	276	})
	277
	278	it('Should fail with an invalid display NSFW attribute', async function () {
	279	const fields = {
	280	displayNSFW: -1
	281	}
	282
77a5501f	283	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7 C	284	})
	285
	286	it('Should fail with an non authenticated user', async function () {
	287	const fields = {
	288	password: 'my super password'
	289	}
	290
77a5501f	291	await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
0e1dc3e7 C	292	})
	293
	294	it('Should succeed with the correct params', async function () {
	295	const fields = {
	296	password: 'my super password',
77a5501f C	297	displayNSFW: true,
77a5501f C	298	email: 'super_email@example.com'
0e1dc3e7 C	299	}
0e1dc3e7 C	300
77a5501f C	301	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
	302	})
	303	})
	304
	305	describe('When updating a user', function () {
	306
	307	before(async function () {
	308	const res = await getUsersList(server.url)
	309
	310	userId = res.body.data[1].id
	311	rootId = res.body.data[2].id
	312	})
	313
	314	it('Should fail with an invalid email attribute', async function () {
	315	const fields = {
	316	email: 'blabla'
	317	}
	318
	319	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
	320	})
	321
	322	it('Should fail with an invalid videoQuota attribute', async function () {
	323	const fields = {
	324	videoQuota: -90
	325	}
	326
	327	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
	328	})
	329
	330	it('Should fail with an non authenticated user', async function () {
	331	const fields = {
	332	videoQuota: 42
	333	}
	334
	335	await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
	336	})
	337
	338	it('Should succeed with the correct params', async function () {
	339	const fields = {
	340	email: 'email@example.com',
	341	videoQuota: 42
	342	}
	343
	344	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
0e1dc3e7 C	345	})
	346	})
	347
	348	describe('When getting my information', function () {
	349	it('Should fail with a non authenticated user', async function () {
	350	await request(server.url)
	351	.get(path + 'me')
	352	.set('Authorization', 'Bearer fake_token')
	353	.set('Accept', 'application/json')
	354	.expect(401)
	355	})
	356
	357	it('Should success with the correct parameters', async function () {
	358	await request(server.url)
	359	.get(path + 'me')
	360	.set('Authorization', 'Bearer ' + userAccessToken)
	361	.set('Accept', 'application/json')
	362	.expect(200)
	363	})
	364	})
	365
	366	describe('When getting my video rating', function () {
	367	it('Should fail with a non authenticated user', async function () {
	368	await request(server.url)
	369	.get(path + 'me/videos/' + videoId + '/rating')
	370	.set('Authorization', 'Bearer fake_token')
	371	.set('Accept', 'application/json')
	372	.expect(401)
	373	})
	374
	375	it('Should fail with an incorrect video uuid', async function () {
	376	await request(server.url)
	377	.get(path + 'me/videos/blabla/rating')
	378	.set('Authorization', 'Bearer ' + userAccessToken)
	379	.set('Accept', 'application/json')
	380	.expect(400)
	381	})
	382
	383	it('Should fail with an unknown video', async function () {
	384	await request(server.url)
	385	.get(path + 'me/videos/4da6fde3-88f7-4d16-b119-108df5630b06/rating')
	386	.set('Authorization', 'Bearer ' + userAccessToken)
	387	.set('Accept', 'application/json')
	388	.expect(404)
	389	})
	390
	391	it('Should success with the correct parameters', async function () {
	392	await request(server.url)
	393	.get(path + 'me/videos/' + videoId + '/rating')
	394	.set('Authorization', 'Bearer ' + userAccessToken)
	395	.set('Accept', 'application/json')
	396	.expect(200)
	397	})
	398	})
	399
	400	describe('When removing an user', function () {
	401	it('Should fail with an incorrect id', async function () {
	402	await request(server.url)
	403	.delete(path + 'bla-bla')
	404	.set('Authorization', 'Bearer ' + server.accessToken)
	405	.expect(400)
	406	})
	407
	408	it('Should fail with the root user', async function () {
409	await request(server.url)
410	.delete(path + rootId)
411	.set('Authorization', 'Bearer ' + server.accessToken)
412	.expect(400)
413	})
414
415	it('Should return 404 with a non existing id', async function () {
416	await request(server.url)
417	.delete(path + '45')
418	.set('Authorization', 'Bearer ' + server.accessToken)
419	.expect(404)
420	})
421	})
422
423	describe('When removing an user', function () {
424	it('Should fail with an incorrect id', async function () {
425	await request(server.url)
426	.delete(path + 'bla-bla')
427	.set('Authorization', 'Bearer ' + server.accessToken)
428	.expect(400)
429	})
430
431	it('Should fail with the root user', async function () {
432	await request(server.url)
433	.delete(path + rootId)
434	.set('Authorization', 'Bearer ' + server.accessToken)
435	.expect(400)
436	})
437
438	it('Should return 404 with a non existing id', async function () {
439	await request(server.url)
440	.delete(path + '45')
441	.set('Authorization', 'Bearer ' + server.accessToken)
442	.expect(404)
443	})
444	})
445
446	describe('When register a new user', function () {
447	const registrationPath = path + '/register'
448
449	it('Should fail with a too small username', async function () {
450	const fields = {
451	username: 'ji',
452	email: 'test@example.com',
453	password: 'my_super_password'
454	}
455
456	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
457	})
458
459	it('Should fail with a too long username', async function () {
460	const fields = {
461	username: 'my_super_username_which_is_very_long',
462	email: 'test@example.com',
463	password: 'my_super_password'
464	}
465
466	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
467	})
468
469	it('Should fail with an incorrect username', async function () {
470	const fields = {
471	username: 'my username',
472	email: 'test@example.com',
473	password: 'my_super_password'
474	}
475
476	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
477	})
478
479	it('Should fail with a missing email', async function () {
480	const fields = {
481	username: 'ji',
482	password: 'my_super_password'
483	}
484
485	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
486	})
487
488	it('Should fail with an invalid email', async function () {
489	const fields = {
490	username: 'my_super_username_which_is_very_long',
491	email: 'test_example.com',
492	password: 'my_super_password'
493	}
494
495	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
496	})
497
498	it('Should fail with a too small password', async function () {
499	const fields = {
500	username: 'my_username',
501	email: 'test@example.com',
502	password: 'bla'
503	}
504
505	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
506	})
507
508	it('Should fail with a too long password', async function () {
509	const fields = {
510	username: 'my_username',
511	email: 'test@example.com',
512	password: 'my super long password which is very very very very very very very very very very very very very very' +
513	'very very very very very very very very very very very very very very very veryv very very very very' +
514	'very very very very very very very very very very very very very very very very very very very very long'
515	}
516
517	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
518	})
519
520	it('Should fail if we register a user with the same username', async function () {
521	const fields = {
522	username: 'root',
523	email: 'test@example.com',
524	password: 'my super password'
525	}
526
527	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
528	})
529
530	it('Should fail if we register a user with the same email', async function () {
531	const fields = {
532	username: 'my_username',
533	email: 'admin1@example.com',
534	password: 'my super password'
535	}
536
537	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
538	})
539
540	it('Should succeed with the correct params', async function () {
541	const fields = {
542	username: 'user3',
543	email: 'test3@example.com',
544	password: 'my super password'
545	}
546
547	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 204 })
548	})
549
550	it('Should fail on a server with registration disabled', async function () {
551	const fields = {
552	username: 'user4',
553	email: 'test4@example.com',
554	password: 'my super password 4'
555	}
556
557	await makePostBodyRequest({
558	url: serverWithRegistrationDisabled.url,
559	path: registrationPath,
560	token: serverWithRegistrationDisabled.accessToken,
561	fields,
562	statusCodeExpected: 403
563	})
564	})
565	})
566
567	describe('When registering multiple users on a server with users limit', function () {
568	it('Should fail when after 3 registrations', async function () {
569	await registerUser(server.url, 'user42', 'super password', 403)
570	})
571	})
572
77a5501f C	573	describe('When having a video quota', function () {
	574	it('Should fail with a user having too many video', async function () {
	575	const fields = {
	576	videoQuota: 42
	577	}
	578
	579	await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields, statusCodeExpected: 204 })
	580
	581	const videoAttributes = {}
	582	await uploadVideo(server.url, server.accessToken, videoAttributes, 403)
	583	})
	584
	585	it('Should fail with a registered user having too many video', async function () {
	586	this.timeout(10000)
	587
	588	server.user = {
	589	username: 'user3',
	590	email: 'test3@example.com',
	591	password: 'my super password'
	592	}
	593	userAccessToken = await loginAndGetAccessToken(server)
	594
	595	const videoAttributes = { fixture: 'video_short2.webm' }
	596	await uploadVideo(server.url, userAccessToken, videoAttributes)
	597	await uploadVideo(server.url, userAccessToken, videoAttributes)
	598	await uploadVideo(server.url, userAccessToken, videoAttributes)
	599	await uploadVideo(server.url, userAccessToken, videoAttributes)
	600	await uploadVideo(server.url, userAccessToken, videoAttributes)
	601	await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
	602	})
	603	})
	604
0e1dc3e7 C	605	after(async function () {
	606	killallServers([ server, serverWithRegistrationDisabled ])
	607
	608	// Keep the logs if the test failed
	609	if (this['ok']) {
	610	await flushTests()
	611	}
	612	})
	613	})