]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blame - server/tests/api/check-params/users.ts
projects / github / Chocobozzz / PeerTube.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Implement support field in video and video channel
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts
CommitLineData
0e1dc3e7
C		 1/* tslint:disable:no-unused-expression */
2
26d21b78 3import { omit } from 'lodash'
0e1dc3e7 4import 'mocha'
47564bbe 5import { join } from 'path'
26d21b78 6import { UserRole } from '../../../../shared'
0e1dc3e7
C		 7
8import {
26d21b78 9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
ac81d1a0 10 makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
47564bbe 11 updateUser, uploadVideo, userLogin
0e1dc3e7 12} from '../../utils'
26d21b78 13import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
0e1dc3e7
C		 14
15describe('Test users API validators', function () {
16 const path = '/api/v1/users/'
17 let userId: number
18 let rootId: number
19 let videoId: number
20 let server: ServerInfo
21 let serverWithRegistrationDisabled: ServerInfo
22 let userAccessToken = ''
f8b8c36b
C		 23 const user = {
24 username: 'user1',
25 password: 'my super password'
26 }
0e1dc3e7
C		 27
28 // ---------------------------------------------------------------
29
30 before(async function () {
e212f887 31 this.timeout(30000)
0e1dc3e7
C		 32
33 await flushTests()
34
35 server = await runServer(1)
36 serverWithRegistrationDisabled = await runServer(2)
37
38 await setAccessTokensToServers([ server ])
39
26d21b78
C		 40 const videoQuota = 42000000
41 await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
eec63bbc 42 userAccessToken = await userLogin(server, user)
26d21b78
C		 43
44 const res = await uploadVideo(server.url, server.accessToken, {})
45 videoId = res.body.video.id
0e1dc3e7
C		 46 })
47
48 describe('When listing users', function () {
49 it('Should fail with a bad start pagination', async function () {
26d21b78 50 await checkBadStartPagination(server.url, path, server.accessToken)
0e1dc3e7
C		 51 })
52
53 it('Should fail with a bad count pagination', async function () {
26d21b78 54 await checkBadCountPagination(server.url, path, server.accessToken)
0e1dc3e7
C		 55 })
56
57 it('Should fail with an incorrect sort', async function () {
26d21b78 58 await checkBadSortPagination(server.url, path, server.accessToken)
0e1dc3e7 59 })
86d13ec2
C		 60
61 it('Should fail with a non authenticated user', async function () {
26d21b78
C		 62 await makeGetRequest({
63 url: server.url,
64 path,
65 statusCodeExpected: 401
66 })
86d13ec2
C		 67 })
68
69 it('Should fail with a non admin user', async function () {
26d21b78
C		 70 await makeGetRequest({
71 url: server.url,
72 path,
73 token: userAccessToken,
74 statusCodeExpected: 403
75 })
86d13ec2 76 })
0e1dc3e7
C		 77 })
78
79 describe('When adding a new user', function () {
26d21b78
C		 80 const baseCorrectParams = {
81 username: 'user2',
82 email: 'test@example.com',
83 password: 'my super password',
84 videoQuota: -1,
85 role: UserRole.USER
86 }
87
0e1dc3e7 88 it('Should fail with a too small username', async function () {
26d21b78 89 const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
0e1dc3e7
C		 90
91 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
92 })
93
94 it('Should fail with a too long username', async function () {
26d21b78 95 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
0e1dc3e7
C		 96
97 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
98 })
99
563d032e 100 it('Should fail with a not lowercase username', async function () {
26d21b78 101 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
563d032e
C		 102
103 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
104 })
105
0e1dc3e7 106 it('Should fail with an incorrect username', async function () {
26d21b78 107 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
0e1dc3e7
C		 108
109 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
110 })
111
112 it('Should fail with a missing email', async function () {
26d21b78 113 const fields = omit(baseCorrectParams, 'email')
0e1dc3e7
C		 114
115 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
116 })
117
118 it('Should fail with an invalid email', async function () {
26d21b78 119 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
0e1dc3e7
C		 120
121 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
122 })
123
124 it('Should fail with a too small password', async function () {
26d21b78 125 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
0e1dc3e7
C		 126
127 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
128 })
129
130 it('Should fail with a too long password', async function () {
26d21b78 131 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
0e1dc3e7
C		 132
133 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
134 })
135
136 it('Should fail with an non authenticated user', async function () {
26d21b78
C		 137 await makePostBodyRequest({
138 url: server.url,
139 path,
140 token: 'super token',
141 fields: baseCorrectParams,
142 statusCodeExpected: 401
143 })
0e1dc3e7
C		 144 })
145
146 it('Should fail if we add a user with the same username', async function () {
26d21b78 147 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
0e1dc3e7
C		 148
149 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
150 })
151
152 it('Should fail if we add a user with the same email', async function () {
26d21b78 153 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
0e1dc3e7
C		 154
155 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
156 })
157
77a5501f 158 it('Should fail without a videoQuota', async function () {
26d21b78 159 const fields = omit(baseCorrectParams, 'videoQuota')
77a5501f
C		 160
161 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
162 })
163
164 it('Should fail with an invalid videoQuota', async function () {
26d21b78 165 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
757f0da3
C		 166
167 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
168 })
169
170 it('Should fail without a user role', async function () {
26d21b78 171 const fields = omit(baseCorrectParams, 'role')
757f0da3
C		 172
173 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
174 })
175
176 it('Should fail with an invalid user role', async function () {
26d21b78 177 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
77a5501f
C		 178
179 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
180 })
181
0e1dc3e7 182 it('Should succeed with the correct params', async function () {
26d21b78
C		 183 await makePostBodyRequest({
184 url: server.url,
185 path,
186 token: server.accessToken,
187 fields: baseCorrectParams,
f05a1c30 188 statusCodeExpected: 200
26d21b78 189 })
0e1dc3e7
C		 190 })
191
192 it('Should fail with a non admin user', async function () {
26d21b78 193 const user = {
0e1dc3e7 194 username: 'user1',
0e1dc3e7
C		 195 password: 'my super password'
196 }
26d21b78 197 userAccessToken = await userLogin(server, user)
0e1dc3e7 198
0e1dc3e7
C		 199 const fields = {
200 username: 'user3',
201 email: 'test@example.com',
77a5501f
C		 202 password: 'my super password',
203 videoQuota: 42000000
0e1dc3e7
C		 204 }
205 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
206 })
207 })
208
77a5501f
C		 209 describe('When updating my account', function () {
210 it('Should fail with an invalid email attribute', async function () {
211 const fields = {
212 email: 'blabla'
213 }
0e1dc3e7 214
77a5501f 215 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
0e1dc3e7
C		 216 })
217
218 it('Should fail with a too small password', async function () {
219 const fields = {
220 password: 'bla'
221 }
222
77a5501f 223 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7
C		 224 })
225
226 it('Should fail with a too long password', async function () {
227 const fields = {
26d21b78 228 password: 'super'.repeat(61)
0e1dc3e7
C		 229 }
230
77a5501f 231 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7
C		 232 })
233
234 it('Should fail with an invalid display NSFW attribute', async function () {
235 const fields = {
236 displayNSFW: -1
237 }
238
77a5501f 239 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7
C		 240 })
241
7efe153b
AL		 242 it('Should fail with an invalid autoPlayVideo attribute', async function () {
243 const fields = {
244 autoPlayVideo: -1
245 }
246
247 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
248 })
249
0e1dc3e7
C		 250 it('Should fail with an non authenticated user', async function () {
251 const fields = {
252 password: 'my super password'
253 }
254
77a5501f 255 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
0e1dc3e7
C		 256 })
257
2422c46b
C		 258 it('Should fail with a too long description', async function () {
259 const fields = {
260 description: 'super'.repeat(60)
261 }
262
263 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
264 })
265
0e1dc3e7
C		 266 it('Should succeed with the correct params', async function () {
267 const fields = {
268 password: 'my super password',
77a5501f 269 displayNSFW: true,
7efe153b 270 autoPlayVideo: false,
77a5501f 271 email: 'super_email@example.com'
0e1dc3e7
C		 272 }
273
77a5501f
C		 274 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
275 })
276 })
277
c5911fd3
C		 278 describe('When updating my avatar', function () {
279 it('Should fail without an incorrect input file', async function () {
280 const fields = {}
281 const attaches = {
282 'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
283 }
ac81d1a0 284 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
c5911fd3
C		 285 })
286
01de67b9
C		 287 it('Should fail with a big file', async function () {
288 const fields = {}
289 const attaches = {
290 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar-big.png')
291 }
ac81d1a0 292 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
01de67b9
C		 293 })
294
c5911fd3
C		 295 it('Should succeed with the correct params', async function () {
296 const fields = {}
297 const attaches = {
298 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
299 }
ac81d1a0 300 await makeUploadRequest({
47564bbe
C		 301 url: server.url,
302 path: path + '/me/avatar/pick',
303 token: server.accessToken,
304 fields,
305 attaches,
306 statusCodeExpected: 200
307 })
c5911fd3
C		 308 })
309 })
310
77a5501f
C		 311 describe('When updating a user', function () {
312
313 before(async function () {
86d13ec2 314 const res = await getUsersList(server.url, server.accessToken)
77a5501f
C		 315
316 userId = res.body.data[1].id
317 rootId = res.body.data[2].id
318 })
319
320 it('Should fail with an invalid email attribute', async function () {
321 const fields = {
322 email: 'blabla'
323 }
324
325 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
326 })
327
328 it('Should fail with an invalid videoQuota attribute', async function () {
329 const fields = {
330 videoQuota: -90
331 }
332
333 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
334 })
335
757f0da3
C		 336 it('Should fail with an invalid user role attribute', async function () {
337 const fields = {
338 role: 54878
339 }
340
341 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
342 })
343
77a5501f
C		 344 it('Should fail with an non authenticated user', async function () {
345 const fields = {
346 videoQuota: 42
347 }
348
349 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
350 })
351
f8b8c36b
C		 352 it('Should fail when updating root role', async function () {
353 const fields = {
354 role: UserRole.MODERATOR
355 }
356
357 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
358 })
359
77a5501f
C		 360 it('Should succeed with the correct params', async function () {
361 const fields = {
362 email: 'email@example.com',
757f0da3
C		 363 videoQuota: 42,
364 role: UserRole.MODERATOR
77a5501f
C		 365 }
366
367 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
f8b8c36b 368 userAccessToken = await userLogin(server, user)
0e1dc3e7
C		 369 })
370 })
371
372 describe('When getting my information', function () {
373 it('Should fail with a non authenticated user', async function () {
26d21b78 374 await getMyUserInformation(server.url, 'fake_token', 401)
0e1dc3e7
C		 375 })
376
377 it('Should success with the correct parameters', async function () {
26d21b78 378 await getMyUserInformation(server.url, userAccessToken)
0e1dc3e7
C		 379 })
380 })
381
382 describe('When getting my video rating', function () {
383 it('Should fail with a non authenticated user', async function () {
26d21b78 384 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
0e1dc3e7
C		 385 })
386
387 it('Should fail with an incorrect video uuid', async function () {
26d21b78 388 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
0e1dc3e7
C		 389 })
390
391 it('Should fail with an unknown video', async function () {
26d21b78 392 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
0e1dc3e7
C		 393 })
394
26d21b78
C		 395 it('Should succeed with the correct parameters', async function () {
396 await getMyUserVideoRating(server.url, server.accessToken, videoId)
0e1dc3e7
C		 397 })
398 })
399
400 describe('When removing an user', function () {
401 it('Should fail with an incorrect id', async function () {
26d21b78 402 await removeUser(server.url, 'blabla', server.accessToken, 400)
0e1dc3e7
C		 403 })
404
405 it('Should fail with the root user', async function () {
26d21b78 406 await removeUser(server.url, rootId, server.accessToken, 400)
0e1dc3e7
C		 407 })
408
409 it('Should return 404 with a non existing id', async function () {
26d21b78 410 await removeUser(server.url, 4545454, server.accessToken, 404)
0e1dc3e7
C		 411 })
412 })
413
414 describe('When register a new user', function () {
415 const registrationPath = path + '/register'
26d21b78
C		 416 const baseCorrectParams = {
417 username: 'user3',
418 email: 'test3@example.com',
419 password: 'my super password'
420 }
0e1dc3e7
C		 421
422 it('Should fail with a too small username', async function () {
26d21b78 423 const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
0e1dc3e7
C		 424
425 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
426 })
427
428 it('Should fail with a too long username', async function () {
26d21b78 429 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
0e1dc3e7
C		 430
431 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
432 })
433
434 it('Should fail with an incorrect username', async function () {
26d21b78 435 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
0e1dc3e7
C		 436
437 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
438 })
439
440 it('Should fail with a missing email', async function () {
26d21b78 441 const fields = omit(baseCorrectParams, 'email')
0e1dc3e7
C		 442
443 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
444 })
445
446 it('Should fail with an invalid email', async function () {
26d21b78 447 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
0e1dc3e7
C		 448
449 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
450 })
451
452 it('Should fail with a too small password', async function () {
26d21b78 453 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
0e1dc3e7
C		 454
455 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
456 })
457
458 it('Should fail with a too long password', async function () {
26d21b78 459 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
0e1dc3e7
C		 460
461 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
462 })
463
464 it('Should fail if we register a user with the same username', async function () {
26d21b78 465 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
0e1dc3e7 466
26d21b78
C		 467 await makePostBodyRequest({
468 url: server.url,
469 path: registrationPath,
470 token: server.accessToken,
471 fields,
472 statusCodeExpected: 409
473 })
0e1dc3e7
C		 474 })
475
476 it('Should fail if we register a user with the same email', async function () {
26d21b78 477 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
0e1dc3e7 478
26d21b78
C		 479 await makePostBodyRequest({
480 url: server.url,
481 path: registrationPath,
482 token: server.accessToken,
483 fields,
484 statusCodeExpected: 409
485 })
0e1dc3e7
C		 486 })
487
488 it('Should succeed with the correct params', async function () {
26d21b78
C		 489 await makePostBodyRequest({
490 url: server.url,
491 path: registrationPath,
492 token: server.accessToken,
493 fields: baseCorrectParams,
494 statusCodeExpected: 204
495 })
0e1dc3e7
C		 496 })
497
498 it('Should fail on a server with registration disabled', async function () {
499 const fields = {
500 username: 'user4',
501 email: 'test4@example.com',
502 password: 'my super password 4'
503 }
504
505 await makePostBodyRequest({
506 url: serverWithRegistrationDisabled.url,
507 path: registrationPath,
508 token: serverWithRegistrationDisabled.accessToken,
509 fields,
510 statusCodeExpected: 403
511 })
512 })
513 })
514
515 describe('When registering multiple users on a server with users limit', function () {
516 it('Should fail when after 3 registrations', async function () {
517 await registerUser(server.url, 'user42', 'super password', 403)
518 })
519 })
520
77a5501f
C		 521 describe('When having a video quota', function () {
522 it('Should fail with a user having too many video', async function () {
26d21b78
C		 523 await updateUser({
524 url: server.url,
525 userId: rootId,
526 accessToken: server.accessToken,
77a5501f 527 videoQuota: 42
26d21b78 528 })
77a5501f 529
26d21b78 530 await uploadVideo(server.url, server.accessToken, {}, 403)
77a5501f
C		 531 })
532
533 it('Should fail with a registered user having too many video', async function () {
ba12e8b3 534 this.timeout(15000)
77a5501f 535
26d21b78 536 const user = {
77a5501f 537 username: 'user3',
77a5501f
C		 538 password: 'my super password'
539 }
26d21b78 540 userAccessToken = await userLogin(server, user)
77a5501f
C		 541
542 const videoAttributes = { fixture: 'video_short2.webm' }
543 await uploadVideo(server.url, userAccessToken, videoAttributes)
544 await uploadVideo(server.url, userAccessToken, videoAttributes)
545 await uploadVideo(server.url, userAccessToken, videoAttributes)
546 await uploadVideo(server.url, userAccessToken, videoAttributes)
547 await uploadVideo(server.url, userAccessToken, videoAttributes)
548 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
549 })
550 })
551
f076daa7
C		 552 describe('When asking a password reset', function () {
553 const path = '/api/v1/users/ask-reset-password'
554
555 it('Should fail with a missing email', async function () {
556 const fields = {}
557
558 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
559 })
560
561 it('Should fail with an invalid email', async function () {
562 const fields = { email: 'hello' }
563
564 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
565 })
566
567 it('Should success with the correct params', async function () {
568 const fields = { email: 'admin@example.com' }
569
570 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
571 })
572 })
573
0e1dc3e7
C		 574 after(async function () {
575 killallServers([ server, serverWithRegistrationDisabled ])
576
577 // Keep the logs if the test failed
578 if (this['ok']) {
579 await flushTests()
580 }
581 })
582})
ActivityPub-federated video streaming platform using P2P directly in your web browser