]>
Commit | Line | Data |
---|---|---|
0e1dc3e7 C |
1 | /* tslint:disable:no-unused-expression */ |
2 | ||
3 | import * as request from 'supertest' | |
4 | import 'mocha' | |
5 | ||
6 | import { | |
7 | ServerInfo, | |
8 | flushTests, | |
9 | runServer, | |
10 | uploadVideo, | |
11 | getVideosList, | |
12 | makePutBodyRequest, | |
13 | createUser, | |
14 | loginAndGetAccessToken, | |
15 | getUsersList, | |
16 | registerUser, | |
17 | setAccessTokensToServers, | |
18 | killallServers, | |
19 | makePostBodyRequest, | |
20 | getUserAccessToken | |
21 | } from '../../utils' | |
22 | ||
23 | describe('Test users API validators', function () { | |
24 | const path = '/api/v1/users/' | |
25 | let userId: number | |
26 | let rootId: number | |
27 | let videoId: number | |
28 | let server: ServerInfo | |
29 | let serverWithRegistrationDisabled: ServerInfo | |
30 | let userAccessToken = '' | |
31 | ||
32 | // --------------------------------------------------------------- | |
33 | ||
34 | before(async function () { | |
35 | this.timeout(120000) | |
36 | ||
37 | await flushTests() | |
38 | ||
39 | server = await runServer(1) | |
40 | serverWithRegistrationDisabled = await runServer(2) | |
41 | ||
42 | await setAccessTokensToServers([ server ]) | |
43 | ||
44 | const username = 'user1' | |
45 | const password = 'my super password' | |
77a5501f C |
46 | const videoQuota = 42000000 |
47 | await createUser(server.url, server.accessToken, username, password, videoQuota) | |
0e1dc3e7 C |
48 | |
49 | const videoAttributes = {} | |
50 | await uploadVideo(server.url, server.accessToken, videoAttributes) | |
51 | ||
52 | const res = await getVideosList(server.url) | |
53 | const videos = res.body.data | |
54 | videoId = videos[0].id | |
55 | ||
56 | const user = { | |
57 | username: 'user1', | |
58 | password: 'my super password' | |
59 | } | |
60 | userAccessToken = await getUserAccessToken(server, user) | |
61 | }) | |
62 | ||
63 | describe('When listing users', function () { | |
64 | it('Should fail with a bad start pagination', async function () { | |
65 | await request(server.url) | |
66 | .get(path) | |
67 | .query({ start: 'hello' }) | |
68 | .set('Accept', 'application/json') | |
69 | .expect(400) | |
70 | }) | |
71 | ||
72 | it('Should fail with a bad count pagination', async function () { | |
73 | await request(server.url) | |
74 | .get(path) | |
75 | .query({ count: 'hello' }) | |
76 | .set('Accept', 'application/json') | |
77 | .expect(400) | |
78 | }) | |
79 | ||
80 | it('Should fail with an incorrect sort', async function () { | |
81 | await request(server.url) | |
82 | .get(path) | |
83 | .query({ sort: 'hello' }) | |
84 | .set('Accept', 'application/json') | |
85 | .expect(400) | |
86 | }) | |
87 | }) | |
88 | ||
89 | describe('When adding a new user', function () { | |
90 | it('Should fail with a too small username', async function () { | |
91 | const fields = { | |
92 | username: 'ji', | |
93 | email: 'test@example.com', | |
77a5501f C |
94 | password: 'my_super_password', |
95 | videoQuota: 42000000 | |
0e1dc3e7 C |
96 | } |
97 | ||
98 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
99 | }) | |
100 | ||
101 | it('Should fail with a too long username', async function () { | |
102 | const fields = { | |
103 | username: 'my_super_username_which_is_very_long', | |
104 | email: 'test@example.com', | |
77a5501f C |
105 | password: 'my_super_password', |
106 | videoQuota: 42000000 | |
0e1dc3e7 C |
107 | } |
108 | ||
109 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
110 | }) | |
111 | ||
112 | it('Should fail with an incorrect username', async function () { | |
113 | const fields = { | |
114 | username: 'my username', | |
115 | email: 'test@example.com', | |
77a5501f C |
116 | password: 'my_super_password', |
117 | videoQuota: 42000000 | |
0e1dc3e7 C |
118 | } |
119 | ||
120 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
121 | }) | |
122 | ||
123 | it('Should fail with a missing email', async function () { | |
124 | const fields = { | |
125 | username: 'ji', | |
77a5501f C |
126 | password: 'my_super_password', |
127 | videoQuota: 42000000 | |
0e1dc3e7 C |
128 | } |
129 | ||
130 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
131 | }) | |
132 | ||
133 | it('Should fail with an invalid email', async function () { | |
134 | const fields = { | |
135 | username: 'my_super_username_which_is_very_long', | |
136 | email: 'test_example.com', | |
77a5501f C |
137 | password: 'my_super_password', |
138 | videoQuota: 42000000 | |
0e1dc3e7 C |
139 | } |
140 | ||
141 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
142 | }) | |
143 | ||
144 | it('Should fail with a too small password', async function () { | |
145 | const fields = { | |
146 | username: 'my_username', | |
147 | email: 'test@example.com', | |
77a5501f C |
148 | password: 'bla', |
149 | videoQuota: 42000000 | |
0e1dc3e7 C |
150 | } |
151 | ||
152 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
153 | }) | |
154 | ||
155 | it('Should fail with a too long password', async function () { | |
156 | const fields = { | |
157 | username: 'my_username', | |
158 | email: 'test@example.com', | |
159 | password: 'my super long password which is very very very very very very very very very very very very very very' + | |
160 | 'very very very very very very very very very very very very very very very veryv very very very very' + | |
77a5501f C |
161 | 'very very very very very very very very very very very very very very very very very very very very long', |
162 | videoQuota: 42000000 | |
0e1dc3e7 C |
163 | } |
164 | ||
165 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
166 | }) | |
167 | ||
168 | it('Should fail with an non authenticated user', async function () { | |
169 | const fields = { | |
170 | username: 'my_username', | |
171 | email: 'test@example.com', | |
77a5501f C |
172 | password: 'my super password', |
173 | videoQuota: 42000000 | |
0e1dc3e7 C |
174 | } |
175 | ||
176 | await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 }) | |
177 | }) | |
178 | ||
179 | it('Should fail if we add a user with the same username', async function () { | |
180 | const fields = { | |
181 | username: 'user1', | |
182 | email: 'test@example.com', | |
77a5501f C |
183 | password: 'my super password', |
184 | videoQuota: 42000000 | |
0e1dc3e7 C |
185 | } |
186 | ||
187 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
188 | }) | |
189 | ||
190 | it('Should fail if we add a user with the same email', async function () { | |
191 | const fields = { | |
192 | username: 'my_username', | |
193 | email: 'user1@example.com', | |
77a5501f C |
194 | password: 'my super password', |
195 | videoQuota: 42000000 | |
0e1dc3e7 C |
196 | } |
197 | ||
198 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
199 | }) | |
200 | ||
77a5501f C |
201 | it('Should fail without a videoQuota', async function () { |
202 | const fields = { | |
203 | username: 'my_username', | |
204 | email: 'user1@example.com', | |
205 | password: 'my super password' | |
206 | } | |
207 | ||
208 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
209 | }) | |
210 | ||
211 | it('Should fail with an invalid videoQuota', async function () { | |
212 | const fields = { | |
213 | username: 'my_username', | |
214 | email: 'user1@example.com', | |
215 | password: 'my super password', | |
216 | videoQuota: -5 | |
217 | } | |
218 | ||
219 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
220 | }) | |
221 | ||
0e1dc3e7 C |
222 | it('Should succeed with the correct params', async function () { |
223 | const fields = { | |
224 | username: 'user2', | |
225 | email: 'test@example.com', | |
77a5501f C |
226 | password: 'my super password', |
227 | videoQuota: -1 | |
0e1dc3e7 C |
228 | } |
229 | ||
230 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
231 | }) | |
232 | ||
233 | it('Should fail with a non admin user', async function () { | |
234 | server.user = { | |
235 | username: 'user1', | |
236 | email: 'test@example.com', | |
237 | password: 'my super password' | |
238 | } | |
239 | ||
240 | userAccessToken = await loginAndGetAccessToken(server) | |
241 | const fields = { | |
242 | username: 'user3', | |
243 | email: 'test@example.com', | |
77a5501f C |
244 | password: 'my super password', |
245 | videoQuota: 42000000 | |
0e1dc3e7 C |
246 | } |
247 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) | |
248 | }) | |
249 | }) | |
250 | ||
77a5501f C |
251 | describe('When updating my account', function () { |
252 | it('Should fail with an invalid email attribute', async function () { | |
253 | const fields = { | |
254 | email: 'blabla' | |
255 | } | |
0e1dc3e7 | 256 | |
77a5501f | 257 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields }) |
0e1dc3e7 C |
258 | }) |
259 | ||
260 | it('Should fail with a too small password', async function () { | |
261 | const fields = { | |
262 | password: 'bla' | |
263 | } | |
264 | ||
77a5501f | 265 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
0e1dc3e7 C |
266 | }) |
267 | ||
268 | it('Should fail with a too long password', async function () { | |
269 | const fields = { | |
270 | password: 'my super long password which is very very very very very very very very very very very very very very' + | |
271 | 'very very very very very very very very very very very very very very very veryv very very very very' + | |
272 | 'very very very very very very very very very very very very very very very very very very very very long' | |
273 | } | |
274 | ||
77a5501f | 275 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
0e1dc3e7 C |
276 | }) |
277 | ||
278 | it('Should fail with an invalid display NSFW attribute', async function () { | |
279 | const fields = { | |
280 | displayNSFW: -1 | |
281 | } | |
282 | ||
77a5501f | 283 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) |
0e1dc3e7 C |
284 | }) |
285 | ||
286 | it('Should fail with an non authenticated user', async function () { | |
287 | const fields = { | |
288 | password: 'my super password' | |
289 | } | |
290 | ||
77a5501f | 291 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 }) |
0e1dc3e7 C |
292 | }) |
293 | ||
294 | it('Should succeed with the correct params', async function () { | |
295 | const fields = { | |
296 | password: 'my super password', | |
77a5501f C |
297 | displayNSFW: true, |
298 | email: 'super_email@example.com' | |
0e1dc3e7 C |
299 | } |
300 | ||
77a5501f C |
301 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) |
302 | }) | |
303 | }) | |
304 | ||
305 | describe('When updating a user', function () { | |
306 | ||
307 | before(async function () { | |
308 | const res = await getUsersList(server.url) | |
309 | ||
310 | userId = res.body.data[1].id | |
311 | rootId = res.body.data[2].id | |
312 | }) | |
313 | ||
314 | it('Should fail with an invalid email attribute', async function () { | |
315 | const fields = { | |
316 | email: 'blabla' | |
317 | } | |
318 | ||
319 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
320 | }) | |
321 | ||
322 | it('Should fail with an invalid videoQuota attribute', async function () { | |
323 | const fields = { | |
324 | videoQuota: -90 | |
325 | } | |
326 | ||
327 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
328 | }) | |
329 | ||
330 | it('Should fail with an non authenticated user', async function () { | |
331 | const fields = { | |
332 | videoQuota: 42 | |
333 | } | |
334 | ||
335 | await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) | |
336 | }) | |
337 | ||
338 | it('Should succeed with the correct params', async function () { | |
339 | const fields = { | |
340 | email: 'email@example.com', | |
341 | videoQuota: 42 | |
342 | } | |
343 | ||
344 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
0e1dc3e7 C |
345 | }) |
346 | }) | |
347 | ||
348 | describe('When getting my information', function () { | |
349 | it('Should fail with a non authenticated user', async function () { | |
350 | await request(server.url) | |
351 | .get(path + 'me') | |
352 | .set('Authorization', 'Bearer fake_token') | |
353 | .set('Accept', 'application/json') | |
354 | .expect(401) | |
355 | }) | |
356 | ||
357 | it('Should success with the correct parameters', async function () { | |
358 | await request(server.url) | |
359 | .get(path + 'me') | |
360 | .set('Authorization', 'Bearer ' + userAccessToken) | |
361 | .set('Accept', 'application/json') | |
362 | .expect(200) | |
363 | }) | |
364 | }) | |
365 | ||
366 | describe('When getting my video rating', function () { | |
367 | it('Should fail with a non authenticated user', async function () { | |
368 | await request(server.url) | |
369 | .get(path + 'me/videos/' + videoId + '/rating') | |
370 | .set('Authorization', 'Bearer fake_token') | |
371 | .set('Accept', 'application/json') | |
372 | .expect(401) | |
373 | }) | |
374 | ||
375 | it('Should fail with an incorrect video uuid', async function () { | |
376 | await request(server.url) | |
377 | .get(path + 'me/videos/blabla/rating') | |
378 | .set('Authorization', 'Bearer ' + userAccessToken) | |
379 | .set('Accept', 'application/json') | |
380 | .expect(400) | |
381 | }) | |
382 | ||
383 | it('Should fail with an unknown video', async function () { | |
384 | await request(server.url) | |
385 | .get(path + 'me/videos/4da6fde3-88f7-4d16-b119-108df5630b06/rating') | |
386 | .set('Authorization', 'Bearer ' + userAccessToken) | |
387 | .set('Accept', 'application/json') | |
388 | .expect(404) | |
389 | }) | |
390 | ||
391 | it('Should success with the correct parameters', async function () { | |
392 | await request(server.url) | |
393 | .get(path + 'me/videos/' + videoId + '/rating') | |
394 | .set('Authorization', 'Bearer ' + userAccessToken) | |
395 | .set('Accept', 'application/json') | |
396 | .expect(200) | |
397 | }) | |
398 | }) | |
399 | ||
400 | describe('When removing an user', function () { | |
401 | it('Should fail with an incorrect id', async function () { | |
402 | await request(server.url) | |
403 | .delete(path + 'bla-bla') | |
404 | .set('Authorization', 'Bearer ' + server.accessToken) | |
405 | .expect(400) | |
406 | }) | |
407 | ||
408 | it('Should fail with the root user', async function () { | |
409 | await request(server.url) | |
410 | .delete(path + rootId) | |
411 | .set('Authorization', 'Bearer ' + server.accessToken) | |
412 | .expect(400) | |
413 | }) | |
414 | ||
415 | it('Should return 404 with a non existing id', async function () { | |
416 | await request(server.url) | |
417 | .delete(path + '45') | |
418 | .set('Authorization', 'Bearer ' + server.accessToken) | |
419 | .expect(404) | |
420 | }) | |
421 | }) | |
422 | ||
423 | describe('When removing an user', function () { | |
424 | it('Should fail with an incorrect id', async function () { | |
425 | await request(server.url) | |
426 | .delete(path + 'bla-bla') | |
427 | .set('Authorization', 'Bearer ' + server.accessToken) | |
428 | .expect(400) | |
429 | }) | |
430 | ||
431 | it('Should fail with the root user', async function () { | |
432 | await request(server.url) | |
433 | .delete(path + rootId) | |
434 | .set('Authorization', 'Bearer ' + server.accessToken) | |
435 | .expect(400) | |
436 | }) | |
437 | ||
438 | it('Should return 404 with a non existing id', async function () { | |
439 | await request(server.url) | |
440 | .delete(path + '45') | |
441 | .set('Authorization', 'Bearer ' + server.accessToken) | |
442 | .expect(404) | |
443 | }) | |
444 | }) | |
445 | ||
446 | describe('When register a new user', function () { | |
447 | const registrationPath = path + '/register' | |
448 | ||
449 | it('Should fail with a too small username', async function () { | |
450 | const fields = { | |
451 | username: 'ji', | |
452 | email: 'test@example.com', | |
453 | password: 'my_super_password' | |
454 | } | |
455 | ||
456 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
457 | }) | |
458 | ||
459 | it('Should fail with a too long username', async function () { | |
460 | const fields = { | |
461 | username: 'my_super_username_which_is_very_long', | |
462 | email: 'test@example.com', | |
463 | password: 'my_super_password' | |
464 | } | |
465 | ||
466 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
467 | }) | |
468 | ||
469 | it('Should fail with an incorrect username', async function () { | |
470 | const fields = { | |
471 | username: 'my username', | |
472 | email: 'test@example.com', | |
473 | password: 'my_super_password' | |
474 | } | |
475 | ||
476 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
477 | }) | |
478 | ||
479 | it('Should fail with a missing email', async function () { | |
480 | const fields = { | |
481 | username: 'ji', | |
482 | password: 'my_super_password' | |
483 | } | |
484 | ||
485 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
486 | }) | |
487 | ||
488 | it('Should fail with an invalid email', async function () { | |
489 | const fields = { | |
490 | username: 'my_super_username_which_is_very_long', | |
491 | email: 'test_example.com', | |
492 | password: 'my_super_password' | |
493 | } | |
494 | ||
495 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
496 | }) | |
497 | ||
498 | it('Should fail with a too small password', async function () { | |
499 | const fields = { | |
500 | username: 'my_username', | |
501 | email: 'test@example.com', | |
502 | password: 'bla' | |
503 | } | |
504 | ||
505 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
506 | }) | |
507 | ||
508 | it('Should fail with a too long password', async function () { | |
509 | const fields = { | |
510 | username: 'my_username', | |
511 | email: 'test@example.com', | |
512 | password: 'my super long password which is very very very very very very very very very very very very very very' + | |
513 | 'very very very very very very very very very very very very very very very veryv very very very very' + | |
514 | 'very very very very very very very very very very very very very very very very very very very very long' | |
515 | } | |
516 | ||
517 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
518 | }) | |
519 | ||
520 | it('Should fail if we register a user with the same username', async function () { | |
521 | const fields = { | |
522 | username: 'root', | |
523 | email: 'test@example.com', | |
524 | password: 'my super password' | |
525 | } | |
526 | ||
527 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
528 | }) | |
529 | ||
530 | it('Should fail if we register a user with the same email', async function () { | |
531 | const fields = { | |
532 | username: 'my_username', | |
533 | email: 'admin1@example.com', | |
534 | password: 'my super password' | |
535 | } | |
536 | ||
537 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
538 | }) | |
539 | ||
540 | it('Should succeed with the correct params', async function () { | |
541 | const fields = { | |
542 | username: 'user3', | |
543 | email: 'test3@example.com', | |
544 | password: 'my super password' | |
545 | } | |
546 | ||
547 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
548 | }) | |
549 | ||
550 | it('Should fail on a server with registration disabled', async function () { | |
551 | const fields = { | |
552 | username: 'user4', | |
553 | email: 'test4@example.com', | |
554 | password: 'my super password 4' | |
555 | } | |
556 | ||
557 | await makePostBodyRequest({ | |
558 | url: serverWithRegistrationDisabled.url, | |
559 | path: registrationPath, | |
560 | token: serverWithRegistrationDisabled.accessToken, | |
561 | fields, | |
562 | statusCodeExpected: 403 | |
563 | }) | |
564 | }) | |
565 | }) | |
566 | ||
567 | describe('When registering multiple users on a server with users limit', function () { | |
568 | it('Should fail when after 3 registrations', async function () { | |
569 | await registerUser(server.url, 'user42', 'super password', 403) | |
570 | }) | |
571 | }) | |
572 | ||
77a5501f C |
573 | describe('When having a video quota', function () { |
574 | it('Should fail with a user having too many video', async function () { | |
575 | const fields = { | |
576 | videoQuota: 42 | |
577 | } | |
578 | ||
579 | await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
580 | ||
581 | const videoAttributes = {} | |
582 | await uploadVideo(server.url, server.accessToken, videoAttributes, 403) | |
583 | }) | |
584 | ||
585 | it('Should fail with a registered user having too many video', async function () { | |
586 | this.timeout(10000) | |
587 | ||
588 | server.user = { | |
589 | username: 'user3', | |
590 | email: 'test3@example.com', | |
591 | password: 'my super password' | |
592 | } | |
593 | userAccessToken = await loginAndGetAccessToken(server) | |
594 | ||
595 | const videoAttributes = { fixture: 'video_short2.webm' } | |
596 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
597 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
598 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
599 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
600 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
601 | await uploadVideo(server.url, userAccessToken, videoAttributes, 403) | |
602 | }) | |
603 | }) | |
604 | ||
0e1dc3e7 C |
605 | after(async function () { |
606 | killallServers([ server, serverWithRegistrationDisabled ]) | |
607 | ||
608 | // Keep the logs if the test failed | |
609 | if (this['ok']) { | |
610 | await flushTests() | |
611 | } | |
612 | }) | |
613 | }) |