[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts

/* tslint:disable:no-unused-expression */

import { omit } from 'lodash'
import 'mocha'
import { join } from 'path'
import { UserRole } from '../../../../shared'

import {
  createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
  makePostBodyRequest, makePostUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
  updateUser, uploadVideo, userLogin
} from '../../utils'
import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'

describe('Test users API validators', function () {
  const path = '/api/v1/users/'
  let userId: number
  let rootId: number
  let videoId: number
  let server: ServerInfo
  let serverWithRegistrationDisabled: ServerInfo
  let userAccessToken = ''

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(20000)

    await flushTests()

    server = await runServer(1)
    serverWithRegistrationDisabled = await runServer(2)

    await setAccessTokensToServers([ server ])

    const user = {
      username: 'user1',
      password: 'my super password'
    }
    const videoQuota = 42000000
    await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
    userAccessToken = await userLogin(server, user)

    const res = await uploadVideo(server.url, server.accessToken, {})
    videoId = res.body.video.id
  })

  describe('When listing users', function () {
    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, server.accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: 401
      })
    })

    it('Should fail with a non admin user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: userAccessToken,
        statusCodeExpected: 403
      })
    })
  })

  describe('When adding a new user', function () {
    const baseCorrectParams = {
      username: 'user2',
      email: 'test@example.com',
      password: 'my super password',
      videoQuota: -1,
      role: UserRole.USER
    }

    it('Should fail with a too small username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'fi' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a too long username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a not lowercase username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an incorrect username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'my username' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a missing email', async function () {
      const fields = omit(baseCorrectParams, 'email')

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an invalid email', async function () {
      const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a too small password', async function () {
      const fields = immutableAssign(baseCorrectParams, { password: 'bla' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a too long password', async function () {
      const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an non authenticated user', async function () {
      await makePostBodyRequest({
        url: server.url,
        path,
        token: 'super token',
        fields: baseCorrectParams,
        statusCodeExpected: 401
      })
    })

    it('Should fail if we add a user with the same username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'user1' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
    })

    it('Should fail if we add a user with the same email', async function () {
      const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
    })

    it('Should fail without a videoQuota', async function () {
      const fields = omit(baseCorrectParams, 'videoQuota')

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an invalid videoQuota', async function () {
      const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail without a user role', async function () {
      const fields = omit(baseCorrectParams, 'role')

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an invalid user role', async function () {
      const fields = immutableAssign(baseCorrectParams, { role: 88989 })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should succeed with the correct params', async function () {
      await makePostBodyRequest({
        url: server.url,
        path,
        token: server.accessToken,
        fields: baseCorrectParams,
        statusCodeExpected: 204
      })
    })

    it('Should fail with a non admin user', async function () {
      const user = {
        username: 'user1',
        password: 'my super password'
      }
      userAccessToken = await userLogin(server, user)

      const fields = {
        username: 'user3',
        email: 'test@example.com',
        password: 'my super password',
        videoQuota: 42000000
      }
      await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
    })
  })

  describe('When updating my account', function () {
    it('Should fail with an invalid email attribute', async function () {
      const fields = {
        email: 'blabla'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
    })

    it('Should fail with a too small password', async function () {
      const fields = {
        password: 'bla'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with a too long password', async function () {
      const fields = {
        password: 'super'.repeat(61)
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with an invalid display NSFW attribute', async function () {
      const fields = {
        displayNSFW: -1
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with an invalid autoPlayVideo attribute', async function () {
      const fields = {
        autoPlayVideo: -1
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with an non authenticated user', async function () {
      const fields = {
        password: 'my super password'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
    })

    it('Should succeed with the correct params', async function () {
      const fields = {
        password: 'my super password',
        displayNSFW: true,
        autoPlayVideo: false,
        email: 'super_email@example.com'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
    })
  })

  describe('When updating my avatar', function () {
    it('Should fail without an incorrect input file', async function () {
      const fields = {}
      const attaches = {
        'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
      }
      await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
    })

    it('Should fail with a big file', async function () {
      const fields = {}
      const attaches = {
        'avatarfile': join(__dirname, '..', 'fixtures', 'avatar-big.png')
      }
      await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
    })

    it('Should succeed with the correct params', async function () {
      const fields = {}
      const attaches = {
        'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
      }
      await makePostUploadRequest({
        url: server.url,
        path: path + '/me/avatar/pick',
        token: server.accessToken,
        fields,
        attaches,
        statusCodeExpected: 200
      })
    })
  })

  describe('When updating a user', function () {

    before(async function () {
      const res = await getUsersList(server.url, server.accessToken)

      userId = res.body.data[1].id
      rootId = res.body.data[2].id
    })

    it('Should fail with an invalid email attribute', async function () {
      const fields = {
        email: 'blabla'
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
    })

    it('Should fail with an invalid videoQuota attribute', async function () {
      const fields = {
        videoQuota: -90
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
    })

    it('Should fail with an invalid user role attribute', async function () {
      const fields = {
        role: 54878
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
    })

    it('Should fail with an non authenticated user', async function () {
      const fields = {
        videoQuota: 42
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
    })

    it('Should succeed with the correct params', async function () {
      const fields = {
        email: 'email@example.com',
        videoQuota: 42,
        role: UserRole.MODERATOR
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
    })
  })

  describe('When getting my information', function () {
    it('Should fail with a non authenticated user', async function () {
      await getMyUserInformation(server.url, 'fake_token', 401)
    })

    it('Should success with the correct parameters', async function () {
      await getMyUserInformation(server.url, userAccessToken)
    })
  })

  describe('When getting my video rating', function () {
    it('Should fail with a non authenticated user', async function () {
      await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
    })

    it('Should fail with an incorrect video uuid', async function () {
      await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
    })

    it('Should fail with an unknown video', async function () {
      await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
    })

    it('Should succeed with the correct parameters', async function () {
      await getMyUserVideoRating(server.url, server.accessToken, videoId)
    })
  })

  describe('When removing an user', function () {
    it('Should fail with an incorrect id', async function () {
      await removeUser(server.url, 'blabla', server.accessToken, 400)
    })

    it('Should fail with the root user', async function () {
      await removeUser(server.url, rootId, server.accessToken, 400)
    })

    it('Should return 404 with a non existing id', async function () {
      await removeUser(server.url, 4545454, server.accessToken, 404)
    })
  })

  describe('When register a new user', function () {
    const registrationPath = path + '/register'
    const baseCorrectParams = {
      username: 'user3',
      email: 'test3@example.com',
      password: 'my super password'
    }

    it('Should fail with a too small username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'ji' })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a too long username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with an incorrect username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'my username' })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a missing email', async function () {
      const fields = omit(baseCorrectParams, 'email')

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with an invalid email', async function () {
      const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a too small password', async function () {
      const fields = immutableAssign(baseCorrectParams, { password: 'bla' })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a too long password', async function () {
      const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail if we register a user with the same username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'root' })

      await makePostBodyRequest({
        url: server.url,
        path: registrationPath,
        token: server.accessToken,
        fields,
        statusCodeExpected: 409
      })
    })

    it('Should fail if we register a user with the same email', async function () {
      const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })

      await makePostBodyRequest({
        url: server.url,
        path: registrationPath,
        token: server.accessToken,
        fields,
        statusCodeExpected: 409
      })
    })

    it('Should succeed with the correct params', async function () {
      await makePostBodyRequest({
        url: server.url,
        path: registrationPath,
        token: server.accessToken,
        fields: baseCorrectParams,
        statusCodeExpected: 204
      })
    })

    it('Should fail on a server with registration disabled', async function () {
      const fields = {
        username: 'user4',
        email: 'test4@example.com',
        password: 'my super password 4'
      }

      await makePostBodyRequest({
        url: serverWithRegistrationDisabled.url,
        path: registrationPath,
        token: serverWithRegistrationDisabled.accessToken,
        fields,
        statusCodeExpected: 403
      })
    })
  })

  describe('When registering multiple users on a server with users limit', function () {
    it('Should fail when after 3 registrations', async function () {
      await registerUser(server.url, 'user42', 'super password', 403)
    })
  })

  describe('When having a video quota', function () {
    it('Should fail with a user having too many video', async function () {
      await updateUser({
        url: server.url,
        userId: rootId,
        accessToken: server.accessToken,
        videoQuota: 42
      })

      await uploadVideo(server.url, server.accessToken, {}, 403)
    })

    it('Should fail with a registered user having too many video', async function () {
      this.timeout(10000)

      const user = {
        username: 'user3',
        password: 'my super password'
      }
      userAccessToken = await userLogin(server, user)

      const videoAttributes = { fixture: 'video_short2.webm' }
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
    })
  })

  after(async function () {
    killallServers([ server, serverWithRegistrationDisabled ])

    // Keep the logs if the test failed
    if (this['ok']) {
      await flushTests()
    }
  })
})
Commit	Line	Data
0e1dc3e7 C	1	/* tslint:disable:no-unused-expression */
0e1dc3e7 C	2
26d21b78	3	import { omit } from 'lodash'
0e1dc3e7	4	import 'mocha'
47564bbe	5	import { join } from 'path'
26d21b78	6	import { UserRole } from '../../../../shared'
0e1dc3e7 C	7
0e1dc3e7 C	8	import {
26d21b78	9	createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
c5911fd3	10	makePostBodyRequest, makePostUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
47564bbe	11	updateUser, uploadVideo, userLogin
0e1dc3e7	12	} from '../../utils'
26d21b78	13	import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
0e1dc3e7 C	14
	15	describe('Test users API validators', function () {
	16	const path = '/api/v1/users/'
	17	let userId: number
	18	let rootId: number
	19	let videoId: number
	20	let server: ServerInfo
	21	let serverWithRegistrationDisabled: ServerInfo
	22	let userAccessToken = ''
	23
	24	// ---------------------------------------------------------------
	25
	26	before(async function () {
47564bbe	27	this.timeout(20000)
0e1dc3e7 C	28
	29	await flushTests()
	30
	31	server = await runServer(1)
	32	serverWithRegistrationDisabled = await runServer(2)
	33
	34	await setAccessTokensToServers([ server ])
	35
0e1dc3e7 C	36	const user = {
	37	username: 'user1',
	38	password: 'my super password'
	39	}
26d21b78 C	40	const videoQuota = 42000000
26d21b78 C	41	await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
eec63bbc	42	userAccessToken = await userLogin(server, user)
26d21b78 C	43
	44	const res = await uploadVideo(server.url, server.accessToken, {})
	45	videoId = res.body.video.id
0e1dc3e7 C	46	})
	47
	48	describe('When listing users', function () {
	49	it('Should fail with a bad start pagination', async function () {
26d21b78	50	await checkBadStartPagination(server.url, path, server.accessToken)
0e1dc3e7 C	51	})
	52
	53	it('Should fail with a bad count pagination', async function () {
26d21b78	54	await checkBadCountPagination(server.url, path, server.accessToken)
0e1dc3e7 C	55	})
	56
	57	it('Should fail with an incorrect sort', async function () {
26d21b78	58	await checkBadSortPagination(server.url, path, server.accessToken)
0e1dc3e7	59	})
86d13ec2 C	60
86d13ec2 C	61	it('Should fail with a non authenticated user', async function () {
26d21b78 C	62	await makeGetRequest({
	63	url: server.url,
	64	path,
	65	statusCodeExpected: 401
	66	})
86d13ec2 C	67	})
	68
	69	it('Should fail with a non admin user', async function () {
26d21b78 C	70	await makeGetRequest({
	71	url: server.url,
	72	path,
	73	token: userAccessToken,
	74	statusCodeExpected: 403
	75	})
86d13ec2	76	})
0e1dc3e7 C	77	})
	78
	79	describe('When adding a new user', function () {
26d21b78 C	80	const baseCorrectParams = {
	81	username: 'user2',
	82	email: 'test@example.com',
	83	password: 'my super password',
	84	videoQuota: -1,
	85	role: UserRole.USER
	86	}
	87
0e1dc3e7	88	it('Should fail with a too small username', async function () {
26d21b78	89	const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
0e1dc3e7 C	90
	91	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	92	})
	93
	94	it('Should fail with a too long username', async function () {
26d21b78	95	const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
0e1dc3e7 C	96
	97	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	98	})
	99
563d032e	100	it('Should fail with a not lowercase username', async function () {
26d21b78	101	const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
563d032e C	102
	103	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	104	})
	105
0e1dc3e7	106	it('Should fail with an incorrect username', async function () {
26d21b78	107	const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
0e1dc3e7 C	108
	109	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	110	})
	111
	112	it('Should fail with a missing email', async function () {
26d21b78	113	const fields = omit(baseCorrectParams, 'email')
0e1dc3e7 C	114
	115	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	116	})
	117
	118	it('Should fail with an invalid email', async function () {
26d21b78	119	const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
0e1dc3e7 C	120
	121	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	122	})
	123
	124	it('Should fail with a too small password', async function () {
26d21b78	125	const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
0e1dc3e7 C	126
	127	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	128	})
	129
	130	it('Should fail with a too long password', async function () {
26d21b78	131	const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
0e1dc3e7 C	132
	133	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	134	})
	135
	136	it('Should fail with an non authenticated user', async function () {
26d21b78 C	137	await makePostBodyRequest({
	138	url: server.url,
	139	path,
	140	token: 'super token',
	141	fields: baseCorrectParams,
	142	statusCodeExpected: 401
	143	})
0e1dc3e7 C	144	})
	145
	146	it('Should fail if we add a user with the same username', async function () {
26d21b78	147	const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
0e1dc3e7 C	148
	149	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
	150	})
	151
	152	it('Should fail if we add a user with the same email', async function () {
26d21b78	153	const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
0e1dc3e7 C	154
	155	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
	156	})
	157
77a5501f	158	it('Should fail without a videoQuota', async function () {
26d21b78	159	const fields = omit(baseCorrectParams, 'videoQuota')
77a5501f C	160
	161	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	162	})
	163
	164	it('Should fail with an invalid videoQuota', async function () {
26d21b78	165	const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
757f0da3 C	166
	167	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	168	})
	169
	170	it('Should fail without a user role', async function () {
26d21b78	171	const fields = omit(baseCorrectParams, 'role')
757f0da3 C	172
	173	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	174	})
	175
	176	it('Should fail with an invalid user role', async function () {
26d21b78	177	const fields = immutableAssign(baseCorrectParams, { role: 88989 })
77a5501f C	178
	179	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	180	})
	181
0e1dc3e7	182	it('Should succeed with the correct params', async function () {
26d21b78 C	183	await makePostBodyRequest({
	184	url: server.url,
	185	path,
	186	token: server.accessToken,
	187	fields: baseCorrectParams,
	188	statusCodeExpected: 204
	189	})
0e1dc3e7 C	190	})
	191
	192	it('Should fail with a non admin user', async function () {
26d21b78	193	const user = {
0e1dc3e7	194	username: 'user1',
0e1dc3e7 C	195	password: 'my super password'
0e1dc3e7 C	196	}
26d21b78	197	userAccessToken = await userLogin(server, user)
0e1dc3e7	198
0e1dc3e7 C	199	const fields = {
	200	username: 'user3',
	201	email: 'test@example.com',
77a5501f C	202	password: 'my super password',
77a5501f C	203	videoQuota: 42000000
0e1dc3e7 C	204	}
	205	await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
	206	})
	207	})
	208
77a5501f C	209	describe('When updating my account', function () {
	210	it('Should fail with an invalid email attribute', async function () {
	211	const fields = {
	212	email: 'blabla'
	213	}
0e1dc3e7	214
77a5501f	215	await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
0e1dc3e7 C	216	})
	217
	218	it('Should fail with a too small password', async function () {
	219	const fields = {
	220	password: 'bla'
	221	}
	222
77a5501f	223	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7 C	224	})
	225
	226	it('Should fail with a too long password', async function () {
	227	const fields = {
26d21b78	228	password: 'super'.repeat(61)
0e1dc3e7 C	229	}
0e1dc3e7 C	230
77a5501f	231	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7 C	232	})
	233
	234	it('Should fail with an invalid display NSFW attribute', async function () {
	235	const fields = {
	236	displayNSFW: -1
	237	}
	238
77a5501f	239	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7 C	240	})
0e1dc3e7 C	241
7efe153b AL	242	it('Should fail with an invalid autoPlayVideo attribute', async function () {
	243	const fields = {
	244	autoPlayVideo: -1
	245	}
	246
	247	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
	248	})
	249
0e1dc3e7 C	250	it('Should fail with an non authenticated user', async function () {
	251	const fields = {
	252	password: 'my super password'
	253	}
	254
77a5501f	255	await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
0e1dc3e7 C	256	})
	257
	258	it('Should succeed with the correct params', async function () {
	259	const fields = {
	260	password: 'my super password',
77a5501f	261	displayNSFW: true,
7efe153b	262	autoPlayVideo: false,
77a5501f	263	email: 'super_email@example.com'
0e1dc3e7 C	264	}
0e1dc3e7 C	265
77a5501f C	266	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
	267	})
	268	})
	269
c5911fd3 C	270	describe('When updating my avatar', function () {
	271	it('Should fail without an incorrect input file', async function () {
	272	const fields = {}
	273	const attaches = {
	274	'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
	275	}
	276	await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
	277	})
	278
01de67b9 C	279	it('Should fail with a big file', async function () {
	280	const fields = {}
	281	const attaches = {
	282	'avatarfile': join(__dirname, '..', 'fixtures', 'avatar-big.png')
	283	}
	284	await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
	285	})
	286
c5911fd3 C	287	it('Should succeed with the correct params', async function () {
	288	const fields = {}
	289	const attaches = {
	290	'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
	291	}
47564bbe C	292	await makePostUploadRequest({
	293	url: server.url,
	294	path: path + '/me/avatar/pick',
	295	token: server.accessToken,
	296	fields,
	297	attaches,
	298	statusCodeExpected: 200
	299	})
c5911fd3 C	300	})
	301	})
	302
77a5501f C	303	describe('When updating a user', function () {
	304
	305	before(async function () {
86d13ec2	306	const res = await getUsersList(server.url, server.accessToken)
77a5501f C	307
	308	userId = res.body.data[1].id
	309	rootId = res.body.data[2].id
	310	})
	311
	312	it('Should fail with an invalid email attribute', async function () {
	313	const fields = {
	314	email: 'blabla'
	315	}
	316
	317	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
	318	})
	319
	320	it('Should fail with an invalid videoQuota attribute', async function () {
	321	const fields = {
	322	videoQuota: -90
	323	}
	324
	325	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
	326	})
	327
757f0da3 C	328	it('Should fail with an invalid user role attribute', async function () {
	329	const fields = {
	330	role: 54878
	331	}
	332
	333	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
	334	})
	335
77a5501f C	336	it('Should fail with an non authenticated user', async function () {
	337	const fields = {
	338	videoQuota: 42
	339	}
	340
	341	await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
	342	})
	343
	344	it('Should succeed with the correct params', async function () {
	345	const fields = {
	346	email: 'email@example.com',
757f0da3 C	347	videoQuota: 42,
757f0da3 C	348	role: UserRole.MODERATOR
77a5501f C	349	}
	350
	351	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
0e1dc3e7 C	352	})
	353	})
	354
	355	describe('When getting my information', function () {
	356	it('Should fail with a non authenticated user', async function () {
26d21b78	357	await getMyUserInformation(server.url, 'fake_token', 401)
0e1dc3e7 C	358	})
	359
	360	it('Should success with the correct parameters', async function () {
26d21b78	361	await getMyUserInformation(server.url, userAccessToken)
0e1dc3e7 C	362	})
	363	})
	364
	365	describe('When getting my video rating', function () {
	366	it('Should fail with a non authenticated user', async function () {
26d21b78	367	await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
0e1dc3e7 C	368	})
	369
	370	it('Should fail with an incorrect video uuid', async function () {
26d21b78	371	await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
0e1dc3e7 C	372	})
	373
	374	it('Should fail with an unknown video', async function () {
26d21b78	375	await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
0e1dc3e7 C	376	})
0e1dc3e7 C	377
26d21b78 C	378	it('Should succeed with the correct parameters', async function () {
26d21b78 C	379	await getMyUserVideoRating(server.url, server.accessToken, videoId)
0e1dc3e7 C	380	})
	381	})
	382
	383	describe('When removing an user', function () {
	384	it('Should fail with an incorrect id', async function () {
26d21b78	385	await removeUser(server.url, 'blabla', server.accessToken, 400)
0e1dc3e7 C	386	})
	387
	388	it('Should fail with the root user', async function () {
26d21b78	389	await removeUser(server.url, rootId, server.accessToken, 400)
0e1dc3e7 C	390	})
	391
	392	it('Should return 404 with a non existing id', async function () {
26d21b78	393	await removeUser(server.url, 4545454, server.accessToken, 404)
0e1dc3e7 C	394	})
	395	})
	396
	397	describe('When register a new user', function () {
	398	const registrationPath = path + '/register'
26d21b78 C	399	const baseCorrectParams = {
	400	username: 'user3',
	401	email: 'test3@example.com',
	402	password: 'my super password'
	403	}
0e1dc3e7 C	404
0e1dc3e7 C	405	it('Should fail with a too small username', async function () {
26d21b78	406	const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
0e1dc3e7 C	407
	408	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	409	})
	410
	411	it('Should fail with a too long username', async function () {
26d21b78	412	const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
0e1dc3e7 C	413
	414	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	415	})
	416
	417	it('Should fail with an incorrect username', async function () {
26d21b78	418	const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
0e1dc3e7 C	419
	420	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	421	})
	422
	423	it('Should fail with a missing email', async function () {
26d21b78	424	const fields = omit(baseCorrectParams, 'email')
0e1dc3e7 C	425
	426	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	427	})
	428
	429	it('Should fail with an invalid email', async function () {
26d21b78	430	const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
0e1dc3e7 C	431
	432	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	433	})
	434
	435	it('Should fail with a too small password', async function () {
26d21b78	436	const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
0e1dc3e7 C	437
	438	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	439	})
	440
	441	it('Should fail with a too long password', async function () {
26d21b78	442	const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
0e1dc3e7 C	443
	444	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	445	})
	446
	447	it('Should fail if we register a user with the same username', async function () {
26d21b78	448	const fields = immutableAssign(baseCorrectParams, { username: 'root' })
0e1dc3e7	449
26d21b78 C	450	await makePostBodyRequest({
	451	url: server.url,
	452	path: registrationPath,
	453	token: server.accessToken,
	454	fields,
	455	statusCodeExpected: 409
	456	})
0e1dc3e7 C	457	})
	458
	459	it('Should fail if we register a user with the same email', async function () {
26d21b78	460	const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
0e1dc3e7	461
26d21b78 C	462	await makePostBodyRequest({
	463	url: server.url,
	464	path: registrationPath,
	465	token: server.accessToken,
	466	fields,
	467	statusCodeExpected: 409
	468	})
0e1dc3e7 C	469	})
	470
	471	it('Should succeed with the correct params', async function () {
26d21b78 C	472	await makePostBodyRequest({
	473	url: server.url,
	474	path: registrationPath,
	475	token: server.accessToken,
	476	fields: baseCorrectParams,
	477	statusCodeExpected: 204
	478	})
0e1dc3e7 C	479	})
	480
	481	it('Should fail on a server with registration disabled', async function () {
	482	const fields = {
	483	username: 'user4',
	484	email: 'test4@example.com',
	485	password: 'my super password 4'
	486	}
	487
	488	await makePostBodyRequest({
	489	url: serverWithRegistrationDisabled.url,
	490	path: registrationPath,
	491	token: serverWithRegistrationDisabled.accessToken,
	492	fields,
	493	statusCodeExpected: 403
	494	})
	495	})
	496	})
	497
	498	describe('When registering multiple users on a server with users limit', function () {
	499	it('Should fail when after 3 registrations', async function () {
	500	await registerUser(server.url, 'user42', 'super password', 403)
	501	})
	502	})
	503
77a5501f C	504	describe('When having a video quota', function () {
77a5501f C	505	it('Should fail with a user having too many video', async function () {
26d21b78 C	506	await updateUser({
	507	url: server.url,
	508	userId: rootId,
	509	accessToken: server.accessToken,
77a5501f	510	videoQuota: 42
26d21b78	511	})
77a5501f	512
26d21b78	513	await uploadVideo(server.url, server.accessToken, {}, 403)
77a5501f C	514	})
	515
	516	it('Should fail with a registered user having too many video', async function () {
	517	this.timeout(10000)
	518
26d21b78	519	const user = {
77a5501f	520	username: 'user3',
77a5501f C	521	password: 'my super password'
77a5501f C	522	}
26d21b78	523	userAccessToken = await userLogin(server, user)
77a5501f C	524
	525	const videoAttributes = { fixture: 'video_short2.webm' }
	526	await uploadVideo(server.url, userAccessToken, videoAttributes)
	527	await uploadVideo(server.url, userAccessToken, videoAttributes)
	528	await uploadVideo(server.url, userAccessToken, videoAttributes)
	529	await uploadVideo(server.url, userAccessToken, videoAttributes)
	530	await uploadVideo(server.url, userAccessToken, videoAttributes)
	531	await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
	532	})
	533	})
	534
0e1dc3e7 C	535	after(async function () {
	536	killallServers([ server, serverWithRegistrationDisabled ])
	537
	538	// Keep the logs if the test failed
	539	if (this['ok']) {
	540	await flushTests()
	541	}
	542	})
	543	})