]>
Commit | Line | Data |
---|---|---|
0e1dc3e7 C |
1 | /* tslint:disable:no-unused-expression */ |
2 | ||
26d21b78 | 3 | import { omit } from 'lodash' |
0e1dc3e7 | 4 | import 'mocha' |
47564bbe | 5 | import { join } from 'path' |
187501f8 | 6 | import { UserRole, VideoImport, VideoImportState } from '../../../../shared' |
0e1dc3e7 C |
7 | |
8 | import { | |
e590b4a5 | 9 | addVideoChannel, |
42e1ec25 | 10 | blockUser, |
7c3b7976 | 11 | cleanupTests, |
42e1ec25 C |
12 | createUser, |
13 | deleteMe, | |
14 | flushAndRunServer, | |
15 | getMyUserInformation, | |
16 | getMyUserVideoRating, | |
17 | getUsersList, | |
18 | immutableAssign, | |
42e1ec25 C |
19 | makeGetRequest, |
20 | makePostBodyRequest, | |
21 | makePutBodyRequest, | |
22 | makeUploadRequest, | |
23 | registerUser, | |
24 | removeUser, | |
25 | ServerInfo, | |
26 | setAccessTokensToServers, | |
27 | unblockUser, | |
28 | updateUser, | |
29 | uploadVideo, | |
30 | userLogin | |
94565d52 | 31 | } from '../../../../shared/extra-utils' |
9639bd17 | 32 | import { |
33 | checkBadCountPagination, | |
34 | checkBadSortPagination, | |
35 | checkBadStartPagination | |
94565d52 C |
36 | } from '../../../../shared/extra-utils/requests/check-api-params' |
37 | import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../../../shared/extra-utils/videos/video-imports' | |
187501f8 | 38 | import { VideoPrivacy } from '../../../../shared/models/videos' |
94565d52 | 39 | import { waitJobs } from '../../../../shared/extra-utils/server/jobs' |
187501f8 | 40 | import { expect } from 'chai' |
1eddc9a7 | 41 | import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' |
0e1dc3e7 C |
42 | |
43 | describe('Test users API validators', function () { | |
44 | const path = '/api/v1/users/' | |
45 | let userId: number | |
46 | let rootId: number | |
47 | let videoId: number | |
48 | let server: ServerInfo | |
49 | let serverWithRegistrationDisabled: ServerInfo | |
50 | let userAccessToken = '' | |
187501f8 | 51 | let channelId: number |
f8b8c36b C |
52 | const user = { |
53 | username: 'user1', | |
54 | password: 'my super password' | |
55 | } | |
0e1dc3e7 C |
56 | |
57 | // --------------------------------------------------------------- | |
58 | ||
59 | before(async function () { | |
e212f887 | 60 | this.timeout(30000) |
0e1dc3e7 | 61 | |
210feb6c C |
62 | server = await flushAndRunServer(1) |
63 | serverWithRegistrationDisabled = await flushAndRunServer(2) | |
0e1dc3e7 C |
64 | |
65 | await setAccessTokensToServers([ server ]) | |
66 | ||
26d21b78 | 67 | const videoQuota = 42000000 |
1eddc9a7 C |
68 | await createUser({ |
69 | url: server.url, | |
70 | accessToken: server.accessToken, | |
71 | username: user.username, | |
72 | password: user.password, | |
73 | videoQuota: videoQuota | |
74 | }) | |
eec63bbc | 75 | userAccessToken = await userLogin(server, user) |
26d21b78 | 76 | |
187501f8 C |
77 | { |
78 | const res = await getMyUserInformation(server.url, server.accessToken) | |
79 | channelId = res.body.videoChannels[ 0 ].id | |
80 | } | |
81 | ||
82 | { | |
83 | const res = await uploadVideo(server.url, server.accessToken, {}) | |
84 | videoId = res.body.video.id | |
85 | } | |
0e1dc3e7 C |
86 | }) |
87 | ||
88 | describe('When listing users', function () { | |
89 | it('Should fail with a bad start pagination', async function () { | |
26d21b78 | 90 | await checkBadStartPagination(server.url, path, server.accessToken) |
0e1dc3e7 C |
91 | }) |
92 | ||
93 | it('Should fail with a bad count pagination', async function () { | |
26d21b78 | 94 | await checkBadCountPagination(server.url, path, server.accessToken) |
0e1dc3e7 C |
95 | }) |
96 | ||
97 | it('Should fail with an incorrect sort', async function () { | |
26d21b78 | 98 | await checkBadSortPagination(server.url, path, server.accessToken) |
0e1dc3e7 | 99 | }) |
86d13ec2 C |
100 | |
101 | it('Should fail with a non authenticated user', async function () { | |
26d21b78 C |
102 | await makeGetRequest({ |
103 | url: server.url, | |
104 | path, | |
105 | statusCodeExpected: 401 | |
106 | }) | |
86d13ec2 C |
107 | }) |
108 | ||
109 | it('Should fail with a non admin user', async function () { | |
26d21b78 C |
110 | await makeGetRequest({ |
111 | url: server.url, | |
112 | path, | |
113 | token: userAccessToken, | |
114 | statusCodeExpected: 403 | |
115 | }) | |
86d13ec2 | 116 | }) |
0e1dc3e7 C |
117 | }) |
118 | ||
119 | describe('When adding a new user', function () { | |
26d21b78 C |
120 | const baseCorrectParams = { |
121 | username: 'user2', | |
122 | email: 'test@example.com', | |
123 | password: 'my super password', | |
124 | videoQuota: -1, | |
bee0abff | 125 | videoQuotaDaily: -1, |
1eddc9a7 C |
126 | role: UserRole.USER, |
127 | adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST | |
26d21b78 C |
128 | } |
129 | ||
0e1dc3e7 | 130 | it('Should fail with a too small username', async function () { |
d0ce42c1 | 131 | const fields = immutableAssign(baseCorrectParams, { username: '' }) |
0e1dc3e7 C |
132 | |
133 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
134 | }) | |
135 | ||
136 | it('Should fail with a too long username', async function () { | |
9f7a1953 | 137 | const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) }) |
0e1dc3e7 C |
138 | |
139 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
140 | }) | |
141 | ||
563d032e | 142 | it('Should fail with a not lowercase username', async function () { |
26d21b78 | 143 | const fields = immutableAssign(baseCorrectParams, { username: 'Toto' }) |
563d032e C |
144 | |
145 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
146 | }) | |
147 | ||
0e1dc3e7 | 148 | it('Should fail with an incorrect username', async function () { |
26d21b78 | 149 | const fields = immutableAssign(baseCorrectParams, { username: 'my username' }) |
0e1dc3e7 C |
150 | |
151 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
152 | }) | |
153 | ||
154 | it('Should fail with a missing email', async function () { | |
26d21b78 | 155 | const fields = omit(baseCorrectParams, 'email') |
0e1dc3e7 C |
156 | |
157 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
158 | }) | |
159 | ||
160 | it('Should fail with an invalid email', async function () { | |
26d21b78 | 161 | const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' }) |
0e1dc3e7 C |
162 | |
163 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
164 | }) | |
165 | ||
166 | it('Should fail with a too small password', async function () { | |
26d21b78 | 167 | const fields = immutableAssign(baseCorrectParams, { password: 'bla' }) |
0e1dc3e7 C |
168 | |
169 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
170 | }) | |
171 | ||
172 | it('Should fail with a too long password', async function () { | |
26d21b78 | 173 | const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) }) |
0e1dc3e7 C |
174 | |
175 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
176 | }) | |
177 | ||
1eddc9a7 C |
178 | it('Should fail with invalid admin flags', async function () { |
179 | const fields = immutableAssign(baseCorrectParams, { adminFlags: 'toto' }) | |
180 | ||
181 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
182 | }) | |
183 | ||
0e1dc3e7 | 184 | it('Should fail with an non authenticated user', async function () { |
26d21b78 C |
185 | await makePostBodyRequest({ |
186 | url: server.url, | |
187 | path, | |
188 | token: 'super token', | |
189 | fields: baseCorrectParams, | |
190 | statusCodeExpected: 401 | |
191 | }) | |
0e1dc3e7 C |
192 | }) |
193 | ||
194 | it('Should fail if we add a user with the same username', async function () { | |
26d21b78 | 195 | const fields = immutableAssign(baseCorrectParams, { username: 'user1' }) |
0e1dc3e7 C |
196 | |
197 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
198 | }) | |
199 | ||
200 | it('Should fail if we add a user with the same email', async function () { | |
26d21b78 | 201 | const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' }) |
0e1dc3e7 C |
202 | |
203 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
204 | }) | |
205 | ||
77a5501f | 206 | it('Should fail without a videoQuota', async function () { |
26d21b78 | 207 | const fields = omit(baseCorrectParams, 'videoQuota') |
77a5501f C |
208 | |
209 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
210 | }) | |
211 | ||
bee0abff FA |
212 | it('Should fail without a videoQuotaDaily', async function () { |
213 | const fields = omit(baseCorrectParams, 'videoQuotaDaily') | |
214 | ||
215 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
216 | }) | |
217 | ||
77a5501f | 218 | it('Should fail with an invalid videoQuota', async function () { |
26d21b78 | 219 | const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 }) |
757f0da3 C |
220 | |
221 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
222 | }) | |
223 | ||
bee0abff FA |
224 | it('Should fail with an invalid videoQuotaDaily', async function () { |
225 | const fields = immutableAssign(baseCorrectParams, { videoQuotaDaily: -7 }) | |
226 | ||
227 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
228 | }) | |
229 | ||
757f0da3 | 230 | it('Should fail without a user role', async function () { |
26d21b78 | 231 | const fields = omit(baseCorrectParams, 'role') |
757f0da3 C |
232 | |
233 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
234 | }) | |
235 | ||
236 | it('Should fail with an invalid user role', async function () { | |
26d21b78 | 237 | const fields = immutableAssign(baseCorrectParams, { role: 88989 }) |
77a5501f C |
238 | |
239 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
240 | }) | |
241 | ||
2ef6a063 C |
242 | it('Should fail with a "peertube" username', async function () { |
243 | const fields = immutableAssign(baseCorrectParams, { username: 'peertube' }) | |
244 | ||
245 | await makePostBodyRequest({ | |
246 | url: server.url, | |
247 | path, | |
248 | token: server.accessToken, | |
249 | fields, | |
250 | statusCodeExpected: 409 | |
251 | }) | |
252 | }) | |
253 | ||
0e1dc3e7 | 254 | it('Should succeed with the correct params', async function () { |
26d21b78 C |
255 | await makePostBodyRequest({ |
256 | url: server.url, | |
257 | path, | |
258 | token: server.accessToken, | |
259 | fields: baseCorrectParams, | |
f05a1c30 | 260 | statusCodeExpected: 200 |
26d21b78 | 261 | }) |
0e1dc3e7 C |
262 | }) |
263 | ||
264 | it('Should fail with a non admin user', async function () { | |
26d21b78 | 265 | const user = { |
0e1dc3e7 | 266 | username: 'user1', |
0e1dc3e7 C |
267 | password: 'my super password' |
268 | } | |
26d21b78 | 269 | userAccessToken = await userLogin(server, user) |
0e1dc3e7 | 270 | |
0e1dc3e7 C |
271 | const fields = { |
272 | username: 'user3', | |
273 | email: 'test@example.com', | |
77a5501f C |
274 | password: 'my super password', |
275 | videoQuota: 42000000 | |
0e1dc3e7 C |
276 | } |
277 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) | |
278 | }) | |
279 | }) | |
280 | ||
77a5501f C |
281 | describe('When updating my account', function () { |
282 | it('Should fail with an invalid email attribute', async function () { | |
283 | const fields = { | |
284 | email: 'blabla' | |
285 | } | |
0e1dc3e7 | 286 | |
77a5501f | 287 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields }) |
0e1dc3e7 C |
288 | }) |
289 | ||
290 | it('Should fail with a too small password', async function () { | |
291 | const fields = { | |
a890d1e0 | 292 | currentPassword: 'my super password', |
0e1dc3e7 C |
293 | password: 'bla' |
294 | } | |
295 | ||
77a5501f | 296 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
0e1dc3e7 C |
297 | }) |
298 | ||
299 | it('Should fail with a too long password', async function () { | |
300 | const fields = { | |
a890d1e0 | 301 | currentPassword: 'my super password', |
26d21b78 | 302 | password: 'super'.repeat(61) |
0e1dc3e7 C |
303 | } |
304 | ||
77a5501f | 305 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
0e1dc3e7 C |
306 | }) |
307 | ||
a890d1e0 C |
308 | it('Should fail without the current password', async function () { |
309 | const fields = { | |
310 | currentPassword: 'my super password', | |
311 | password: 'super'.repeat(61) | |
312 | } | |
313 | ||
314 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
315 | }) | |
316 | ||
317 | it('Should fail with an invalid current password', async function () { | |
318 | const fields = { | |
319 | currentPassword: 'my super password fail', | |
320 | password: 'super'.repeat(61) | |
321 | } | |
322 | ||
323 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 }) | |
324 | }) | |
325 | ||
0883b324 | 326 | it('Should fail with an invalid NSFW policy attribute', async function () { |
0e1dc3e7 | 327 | const fields = { |
0883b324 | 328 | nsfwPolicy: 'hello' |
0e1dc3e7 C |
329 | } |
330 | ||
77a5501f | 331 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
0e1dc3e7 C |
332 | }) |
333 | ||
7efe153b AL |
334 | it('Should fail with an invalid autoPlayVideo attribute', async function () { |
335 | const fields = { | |
336 | autoPlayVideo: -1 | |
337 | } | |
338 | ||
339 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
340 | }) | |
341 | ||
8b9a525a C |
342 | it('Should fail with an invalid videosHistoryEnabled attribute', async function () { |
343 | const fields = { | |
344 | videosHistoryEnabled: -1 | |
345 | } | |
346 | ||
347 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
348 | }) | |
349 | ||
0e1dc3e7 C |
350 | it('Should fail with an non authenticated user', async function () { |
351 | const fields = { | |
a890d1e0 | 352 | currentPassword: 'my super password', |
0e1dc3e7 C |
353 | password: 'my super password' |
354 | } | |
355 | ||
77a5501f | 356 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 }) |
0e1dc3e7 C |
357 | }) |
358 | ||
2422c46b C |
359 | it('Should fail with a too long description', async function () { |
360 | const fields = { | |
d23e6a1c | 361 | description: 'super'.repeat(201) |
2422c46b C |
362 | } |
363 | ||
364 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
365 | }) | |
366 | ||
a890d1e0 | 367 | it('Should succeed to change password with the correct params', async function () { |
0e1dc3e7 | 368 | const fields = { |
a890d1e0 | 369 | currentPassword: 'my super password', |
0e1dc3e7 | 370 | password: 'my super password', |
0883b324 | 371 | nsfwPolicy: 'blur', |
7efe153b | 372 | autoPlayVideo: false, |
77a5501f | 373 | email: 'super_email@example.com' |
0e1dc3e7 C |
374 | } |
375 | ||
77a5501f C |
376 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) |
377 | }) | |
a890d1e0 C |
378 | |
379 | it('Should succeed without password change with the correct params', async function () { | |
380 | const fields = { | |
381 | nsfwPolicy: 'blur', | |
382 | autoPlayVideo: false, | |
383 | email: 'super_email@example.com' | |
384 | } | |
385 | ||
386 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) | |
387 | }) | |
77a5501f C |
388 | }) |
389 | ||
c5911fd3 C |
390 | describe('When updating my avatar', function () { |
391 | it('Should fail without an incorrect input file', async function () { | |
392 | const fields = {} | |
393 | const attaches = { | |
99d10301 | 394 | 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'video_short.mp4') |
c5911fd3 | 395 | } |
ac81d1a0 | 396 | await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches }) |
c5911fd3 C |
397 | }) |
398 | ||
01de67b9 C |
399 | it('Should fail with a big file', async function () { |
400 | const fields = {} | |
401 | const attaches = { | |
99d10301 | 402 | 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar-big.png') |
01de67b9 | 403 | } |
ac81d1a0 | 404 | await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches }) |
01de67b9 C |
405 | }) |
406 | ||
4bbfc6c6 C |
407 | it('Should fail with an unauthenticated user', async function () { |
408 | const fields = {} | |
409 | const attaches = { | |
410 | 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar.png') | |
411 | } | |
412 | await makeUploadRequest({ | |
413 | url: server.url, | |
414 | path: path + '/me/avatar/pick', | |
415 | fields, | |
416 | attaches, | |
417 | statusCodeExpected: 401 | |
418 | }) | |
419 | }) | |
420 | ||
c5911fd3 C |
421 | it('Should succeed with the correct params', async function () { |
422 | const fields = {} | |
423 | const attaches = { | |
99d10301 | 424 | 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar.png') |
c5911fd3 | 425 | } |
ac81d1a0 | 426 | await makeUploadRequest({ |
47564bbe C |
427 | url: server.url, |
428 | path: path + '/me/avatar/pick', | |
429 | token: server.accessToken, | |
430 | fields, | |
431 | attaches, | |
432 | statusCodeExpected: 200 | |
433 | }) | |
c5911fd3 C |
434 | }) |
435 | }) | |
436 | ||
94ff4c23 C |
437 | describe('When getting a user', function () { |
438 | before(async function () { | |
439 | const res = await getUsersList(server.url, server.accessToken) | |
440 | ||
441 | userId = res.body.data[1].id | |
442 | }) | |
443 | ||
444 | it('Should fail with an non authenticated user', async function () { | |
445 | await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 }) | |
446 | }) | |
447 | ||
448 | it('Should fail with a non admin user', async function () { | |
449 | await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 }) | |
450 | }) | |
451 | ||
452 | it('Should succeed with the correct params', async function () { | |
453 | await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 }) | |
454 | }) | |
455 | }) | |
456 | ||
77a5501f C |
457 | describe('When updating a user', function () { |
458 | ||
459 | before(async function () { | |
86d13ec2 | 460 | const res = await getUsersList(server.url, server.accessToken) |
77a5501f C |
461 | |
462 | userId = res.body.data[1].id | |
463 | rootId = res.body.data[2].id | |
464 | }) | |
465 | ||
466 | it('Should fail with an invalid email attribute', async function () { | |
467 | const fields = { | |
468 | email: 'blabla' | |
469 | } | |
470 | ||
471 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
472 | }) | |
473 | ||
fc2ec87a JM |
474 | it('Should fail with an invalid emailVerified attribute', async function () { |
475 | const fields = { | |
476 | emailVerified: 'yes' | |
477 | } | |
478 | ||
479 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
480 | }) | |
481 | ||
77a5501f C |
482 | it('Should fail with an invalid videoQuota attribute', async function () { |
483 | const fields = { | |
484 | videoQuota: -90 | |
485 | } | |
486 | ||
487 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
488 | }) | |
489 | ||
757f0da3 C |
490 | it('Should fail with an invalid user role attribute', async function () { |
491 | const fields = { | |
492 | role: 54878 | |
493 | } | |
494 | ||
495 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
496 | }) | |
497 | ||
b426edd4 C |
498 | it('Should fail with a too small password', async function () { |
499 | const fields = { | |
500 | currentPassword: 'my super password', | |
501 | password: 'bla' | |
502 | } | |
503 | ||
504 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
505 | }) | |
506 | ||
507 | it('Should fail with a too long password', async function () { | |
508 | const fields = { | |
509 | currentPassword: 'my super password', | |
510 | password: 'super'.repeat(61) | |
511 | } | |
512 | ||
513 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
514 | }) | |
515 | ||
77a5501f C |
516 | it('Should fail with an non authenticated user', async function () { |
517 | const fields = { | |
518 | videoQuota: 42 | |
519 | } | |
520 | ||
521 | await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) | |
522 | }) | |
523 | ||
f8b8c36b C |
524 | it('Should fail when updating root role', async function () { |
525 | const fields = { | |
526 | role: UserRole.MODERATOR | |
527 | } | |
528 | ||
529 | await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields }) | |
1eddc9a7 C |
530 | }) |
531 | ||
532 | it('Should fail with invalid admin flags', async function () { | |
533 | const fields = { adminFlags: 'toto' } | |
534 | ||
535 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
f8b8c36b C |
536 | }) |
537 | ||
77a5501f C |
538 | it('Should succeed with the correct params', async function () { |
539 | const fields = { | |
540 | email: 'email@example.com', | |
fc2ec87a | 541 | emailVerified: true, |
757f0da3 | 542 | videoQuota: 42, |
2f1548fd | 543 | role: UserRole.USER |
77a5501f C |
544 | } |
545 | ||
546 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
0e1dc3e7 C |
547 | }) |
548 | }) | |
549 | ||
550 | describe('When getting my information', function () { | |
551 | it('Should fail with a non authenticated user', async function () { | |
26d21b78 | 552 | await getMyUserInformation(server.url, 'fake_token', 401) |
0e1dc3e7 C |
553 | }) |
554 | ||
555 | it('Should success with the correct parameters', async function () { | |
26d21b78 | 556 | await getMyUserInformation(server.url, userAccessToken) |
0e1dc3e7 C |
557 | }) |
558 | }) | |
559 | ||
560 | describe('When getting my video rating', function () { | |
561 | it('Should fail with a non authenticated user', async function () { | |
26d21b78 | 562 | await getMyUserVideoRating(server.url, 'fake_token', videoId, 401) |
0e1dc3e7 C |
563 | }) |
564 | ||
565 | it('Should fail with an incorrect video uuid', async function () { | |
26d21b78 | 566 | await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400) |
0e1dc3e7 C |
567 | }) |
568 | ||
569 | it('Should fail with an unknown video', async function () { | |
26d21b78 | 570 | await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404) |
0e1dc3e7 C |
571 | }) |
572 | ||
26d21b78 C |
573 | it('Should succeed with the correct parameters', async function () { |
574 | await getMyUserVideoRating(server.url, server.accessToken, videoId) | |
0e1dc3e7 C |
575 | }) |
576 | }) | |
577 | ||
22834691 C |
578 | describe('When retrieving my global ratings', function () { |
579 | const path = '/api/v1/accounts/user1/ratings' | |
580 | ||
581 | it('Should fail with a bad start pagination', async function () { | |
582 | await checkBadStartPagination(server.url, path, userAccessToken) | |
583 | }) | |
584 | ||
585 | it('Should fail with a bad count pagination', async function () { | |
586 | await checkBadCountPagination(server.url, path, userAccessToken) | |
587 | }) | |
588 | ||
589 | it('Should fail with an incorrect sort', async function () { | |
590 | await checkBadSortPagination(server.url, path, userAccessToken) | |
591 | }) | |
592 | ||
593 | it('Should fail with a unauthenticated user', async function () { | |
594 | await makeGetRequest({ url: server.url, path, statusCodeExpected: 401 }) | |
595 | }) | |
596 | ||
597 | it('Should fail with a another user', async function () { | |
598 | await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 403 }) | |
599 | }) | |
600 | ||
601 | it('Should fail with a bad type', async function () { | |
602 | await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { rating: 'toto ' }, statusCodeExpected: 400 }) | |
603 | }) | |
604 | ||
605 | it('Should succeed with the correct params', async function () { | |
606 | await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 200 }) | |
607 | }) | |
608 | }) | |
609 | ||
e6921918 | 610 | describe('When blocking/unblocking/removing user', function () { |
0e1dc3e7 | 611 | it('Should fail with an incorrect id', async function () { |
26d21b78 | 612 | await removeUser(server.url, 'blabla', server.accessToken, 400) |
e6921918 C |
613 | await blockUser(server.url, 'blabla', server.accessToken, 400) |
614 | await unblockUser(server.url, 'blabla', server.accessToken, 400) | |
0e1dc3e7 C |
615 | }) |
616 | ||
617 | it('Should fail with the root user', async function () { | |
26d21b78 | 618 | await removeUser(server.url, rootId, server.accessToken, 400) |
e6921918 C |
619 | await blockUser(server.url, rootId, server.accessToken, 400) |
620 | await unblockUser(server.url, rootId, server.accessToken, 400) | |
0e1dc3e7 C |
621 | }) |
622 | ||
623 | it('Should return 404 with a non existing id', async function () { | |
26d21b78 | 624 | await removeUser(server.url, 4545454, server.accessToken, 404) |
e6921918 C |
625 | await blockUser(server.url, 4545454, server.accessToken, 404) |
626 | await unblockUser(server.url, 4545454, server.accessToken, 404) | |
627 | }) | |
628 | ||
629 | it('Should fail with a non admin user', async function () { | |
630 | await removeUser(server.url, userId, userAccessToken, 403) | |
631 | await blockUser(server.url, userId, userAccessToken, 403) | |
632 | await unblockUser(server.url, userId, userAccessToken, 403) | |
0e1dc3e7 C |
633 | }) |
634 | }) | |
635 | ||
92b9d60c C |
636 | describe('When deleting our account', function () { |
637 | it('Should fail with with the root account', async function () { | |
638 | await deleteMe(server.url, server.accessToken, 400) | |
639 | }) | |
640 | }) | |
641 | ||
e590b4a5 | 642 | describe('When registering a new user', function () { |
0e1dc3e7 | 643 | const registrationPath = path + '/register' |
26d21b78 C |
644 | const baseCorrectParams = { |
645 | username: 'user3', | |
1f20622f | 646 | displayName: 'super user', |
26d21b78 C |
647 | email: 'test3@example.com', |
648 | password: 'my super password' | |
649 | } | |
0e1dc3e7 C |
650 | |
651 | it('Should fail with a too small username', async function () { | |
d0ce42c1 | 652 | const fields = immutableAssign(baseCorrectParams, { username: '' }) |
0e1dc3e7 C |
653 | |
654 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
655 | }) | |
656 | ||
657 | it('Should fail with a too long username', async function () { | |
9f7a1953 | 658 | const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) }) |
0e1dc3e7 C |
659 | |
660 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
661 | }) | |
662 | ||
663 | it('Should fail with an incorrect username', async function () { | |
26d21b78 | 664 | const fields = immutableAssign(baseCorrectParams, { username: 'my username' }) |
0e1dc3e7 C |
665 | |
666 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
667 | }) | |
668 | ||
669 | it('Should fail with a missing email', async function () { | |
26d21b78 | 670 | const fields = omit(baseCorrectParams, 'email') |
0e1dc3e7 C |
671 | |
672 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
673 | }) | |
674 | ||
675 | it('Should fail with an invalid email', async function () { | |
26d21b78 | 676 | const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' }) |
0e1dc3e7 C |
677 | |
678 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
679 | }) | |
680 | ||
681 | it('Should fail with a too small password', async function () { | |
26d21b78 | 682 | const fields = immutableAssign(baseCorrectParams, { password: 'bla' }) |
0e1dc3e7 C |
683 | |
684 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
685 | }) | |
686 | ||
687 | it('Should fail with a too long password', async function () { | |
26d21b78 | 688 | const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) }) |
0e1dc3e7 C |
689 | |
690 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
691 | }) | |
692 | ||
693 | it('Should fail if we register a user with the same username', async function () { | |
26d21b78 | 694 | const fields = immutableAssign(baseCorrectParams, { username: 'root' }) |
0e1dc3e7 | 695 | |
26d21b78 C |
696 | await makePostBodyRequest({ |
697 | url: server.url, | |
698 | path: registrationPath, | |
699 | token: server.accessToken, | |
700 | fields, | |
701 | statusCodeExpected: 409 | |
702 | }) | |
0e1dc3e7 C |
703 | }) |
704 | ||
2ef6a063 C |
705 | it('Should fail with a "peertube" username', async function () { |
706 | const fields = immutableAssign(baseCorrectParams, { username: 'peertube' }) | |
707 | ||
708 | await makePostBodyRequest({ | |
709 | url: server.url, | |
710 | path: registrationPath, | |
711 | token: server.accessToken, | |
712 | fields, | |
713 | statusCodeExpected: 409 | |
714 | }) | |
715 | }) | |
716 | ||
0e1dc3e7 | 717 | it('Should fail if we register a user with the same email', async function () { |
7c3b7976 | 718 | const fields = immutableAssign(baseCorrectParams, { email: 'admin' + server.internalServerNumber + '@example.com' }) |
0e1dc3e7 | 719 | |
26d21b78 C |
720 | await makePostBodyRequest({ |
721 | url: server.url, | |
722 | path: registrationPath, | |
723 | token: server.accessToken, | |
724 | fields, | |
725 | statusCodeExpected: 409 | |
726 | }) | |
0e1dc3e7 C |
727 | }) |
728 | ||
1f20622f C |
729 | it('Should fail with a bad display name', async function () { |
730 | const fields = immutableAssign(baseCorrectParams, { displayName: 'a'.repeat(150) }) | |
731 | ||
732 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
733 | }) | |
734 | ||
e590b4a5 C |
735 | it('Should fail with a bad channel name', async function () { |
736 | const fields = immutableAssign(baseCorrectParams, { channel: { name: '[]azf', displayName: 'toto' } }) | |
737 | ||
738 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
739 | }) | |
740 | ||
741 | it('Should fail with a bad channel display name', async function () { | |
742 | const fields = immutableAssign(baseCorrectParams, { channel: { name: 'toto', displayName: '' } }) | |
743 | ||
744 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
745 | }) | |
746 | ||
1d5342ab C |
747 | it('Should fail with a channel name that is the same than user username', async function () { |
748 | const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } } | |
749 | const fields = immutableAssign(baseCorrectParams, source) | |
750 | ||
751 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
752 | }) | |
753 | ||
e590b4a5 C |
754 | it('Should fail with an existing channel', async function () { |
755 | const videoChannelAttributesArg = { name: 'existing_channel', displayName: 'hello', description: 'super description' } | |
756 | await addVideoChannel(server.url, server.accessToken, videoChannelAttributesArg) | |
757 | ||
758 | const fields = immutableAssign(baseCorrectParams, { channel: { name: 'existing_channel', displayName: 'toto' } }) | |
759 | ||
760 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
761 | }) | |
762 | ||
0e1dc3e7 | 763 | it('Should succeed with the correct params', async function () { |
e590b4a5 C |
764 | const fields = immutableAssign(baseCorrectParams, { channel: { name: 'super_channel', displayName: 'toto' } }) |
765 | ||
26d21b78 C |
766 | await makePostBodyRequest({ |
767 | url: server.url, | |
768 | path: registrationPath, | |
769 | token: server.accessToken, | |
e590b4a5 | 770 | fields: fields, |
26d21b78 C |
771 | statusCodeExpected: 204 |
772 | }) | |
0e1dc3e7 C |
773 | }) |
774 | ||
775 | it('Should fail on a server with registration disabled', async function () { | |
776 | const fields = { | |
777 | username: 'user4', | |
778 | email: 'test4@example.com', | |
779 | password: 'my super password 4' | |
780 | } | |
781 | ||
782 | await makePostBodyRequest({ | |
783 | url: serverWithRegistrationDisabled.url, | |
784 | path: registrationPath, | |
785 | token: serverWithRegistrationDisabled.accessToken, | |
786 | fields, | |
787 | statusCodeExpected: 403 | |
788 | }) | |
789 | }) | |
790 | }) | |
791 | ||
792 | describe('When registering multiple users on a server with users limit', function () { | |
793 | it('Should fail when after 3 registrations', async function () { | |
794 | await registerUser(server.url, 'user42', 'super password', 403) | |
795 | }) | |
796 | }) | |
797 | ||
77a5501f | 798 | describe('When having a video quota', function () { |
bee0abff | 799 | it('Should fail with a user having too many videos', async function () { |
26d21b78 C |
800 | await updateUser({ |
801 | url: server.url, | |
802 | userId: rootId, | |
803 | accessToken: server.accessToken, | |
77a5501f | 804 | videoQuota: 42 |
26d21b78 | 805 | }) |
77a5501f | 806 | |
26d21b78 | 807 | await uploadVideo(server.url, server.accessToken, {}, 403) |
77a5501f C |
808 | }) |
809 | ||
bee0abff | 810 | it('Should fail with a registered user having too many videos', async function () { |
adc236fe | 811 | this.timeout(30000) |
77a5501f | 812 | |
26d21b78 | 813 | const user = { |
77a5501f | 814 | username: 'user3', |
77a5501f C |
815 | password: 'my super password' |
816 | } | |
26d21b78 | 817 | userAccessToken = await userLogin(server, user) |
77a5501f C |
818 | |
819 | const videoAttributes = { fixture: 'video_short2.webm' } | |
820 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
821 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
822 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
823 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
824 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
825 | await uploadVideo(server.url, userAccessToken, videoAttributes, 403) | |
826 | }) | |
187501f8 C |
827 | |
828 | it('Should fail to import with HTTP/Torrent/magnet', async function () { | |
a031ab0b | 829 | this.timeout(120000) |
187501f8 C |
830 | |
831 | const baseAttributes = { | |
832 | channelId: 1, | |
833 | privacy: VideoPrivacy.PUBLIC | |
834 | } | |
835 | await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { targetUrl: getYoutubeVideoUrl() })) | |
836 | await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { magnetUri: getMagnetURI() })) | |
3e17515e | 837 | await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { torrentfile: 'video-720p.torrent' })) |
187501f8 C |
838 | |
839 | await waitJobs([ server ]) | |
840 | ||
841 | const res = await getMyVideoImports(server.url, server.accessToken) | |
842 | ||
843 | expect(res.body.total).to.equal(3) | |
844 | const videoImports: VideoImport[] = res.body.data | |
845 | expect(videoImports).to.have.lengthOf(3) | |
846 | ||
847 | for (const videoImport of videoImports) { | |
848 | expect(videoImport.state.id).to.equal(VideoImportState.FAILED) | |
849 | expect(videoImport.error).not.to.be.undefined | |
850 | expect(videoImport.error).to.contain('user video quota is exceeded') | |
851 | } | |
852 | }) | |
77a5501f C |
853 | }) |
854 | ||
bee0abff FA |
855 | describe('When having a daily video quota', function () { |
856 | it('Should fail with a user having too many videos', async function () { | |
857 | await updateUser({ | |
858 | url: server.url, | |
859 | userId: rootId, | |
860 | accessToken: server.accessToken, | |
861 | videoQuotaDaily: 42 | |
862 | }) | |
863 | ||
864 | await uploadVideo(server.url, server.accessToken, {}, 403) | |
865 | }) | |
866 | }) | |
867 | ||
868 | describe('When having an absolute and daily video quota', function () { | |
869 | it('Should fail if exceeding total quota', async function () { | |
870 | await updateUser({ | |
871 | url: server.url, | |
872 | userId: rootId, | |
873 | accessToken: server.accessToken, | |
874 | videoQuota: 42, | |
875 | videoQuotaDaily: 1024 * 1024 * 1024 | |
876 | }) | |
877 | ||
878 | await uploadVideo(server.url, server.accessToken, {}, 403) | |
879 | }) | |
880 | ||
881 | it('Should fail if exceeding daily quota', async function () { | |
882 | await updateUser({ | |
883 | url: server.url, | |
884 | userId: rootId, | |
885 | accessToken: server.accessToken, | |
886 | videoQuota: 1024 * 1024 * 1024, | |
887 | videoQuotaDaily: 42 | |
888 | }) | |
889 | ||
890 | await uploadVideo(server.url, server.accessToken, {}, 403) | |
891 | }) | |
892 | }) | |
893 | ||
f076daa7 C |
894 | describe('When asking a password reset', function () { |
895 | const path = '/api/v1/users/ask-reset-password' | |
896 | ||
897 | it('Should fail with a missing email', async function () { | |
898 | const fields = {} | |
899 | ||
900 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
901 | }) | |
902 | ||
903 | it('Should fail with an invalid email', async function () { | |
904 | const fields = { email: 'hello' } | |
905 | ||
906 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
907 | }) | |
908 | ||
909 | it('Should success with the correct params', async function () { | |
910 | const fields = { email: 'admin@example.com' } | |
911 | ||
912 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
913 | }) | |
914 | }) | |
915 | ||
d9eaee39 JM |
916 | describe('When asking for an account verification email', function () { |
917 | const path = '/api/v1/users/ask-send-verify-email' | |
918 | ||
919 | it('Should fail with a missing email', async function () { | |
920 | const fields = {} | |
921 | ||
922 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
923 | }) | |
924 | ||
925 | it('Should fail with an invalid email', async function () { | |
926 | const fields = { email: 'hello' } | |
927 | ||
928 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
929 | }) | |
930 | ||
931 | it('Should succeed with the correct params', async function () { | |
932 | const fields = { email: 'admin@example.com' } | |
933 | ||
934 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
935 | }) | |
936 | }) | |
937 | ||
7c3b7976 C |
938 | after(async function () { |
939 | await cleanupTests([ server, serverWithRegistrationDisabled ]) | |
0e1dc3e7 C |
940 | }) |
941 | }) |