[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts

/* tslint:disable:no-unused-expression */

import { omit } from 'lodash'
import 'mocha'
import { join } from "path"
import { UserRole } from '../../../../shared'

import {
  createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
  makePostBodyRequest, makePostUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
  updateUser,
  uploadVideo, userLogin
} from '../../utils'
import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'

describe('Test users API validators', function () {
  const path = '/api/v1/users/'
  let userId: number
  let rootId: number
  let videoId: number
  let server: ServerInfo
  let serverWithRegistrationDisabled: ServerInfo
  let userAccessToken = ''

  // ---------------------------------------------------------------

  before(async function () {
    this.timeout(120000)

    await flushTests()

    server = await runServer(1)
    serverWithRegistrationDisabled = await runServer(2)

    await setAccessTokensToServers([ server ])

    const user = {
      username: 'user1',
      password: 'my super password'
    }
    const videoQuota = 42000000
    await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
    userAccessToken = await userLogin(server, user)

    const res = await uploadVideo(server.url, server.accessToken, {})
    videoId = res.body.video.id
  })

  describe('When listing users', function () {
    it('Should fail with a bad start pagination', async function () {
      await checkBadStartPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a bad count pagination', async function () {
      await checkBadCountPagination(server.url, path, server.accessToken)
    })

    it('Should fail with an incorrect sort', async function () {
      await checkBadSortPagination(server.url, path, server.accessToken)
    })

    it('Should fail with a non authenticated user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        statusCodeExpected: 401
      })
    })

    it('Should fail with a non admin user', async function () {
      await makeGetRequest({
        url: server.url,
        path,
        token: userAccessToken,
        statusCodeExpected: 403
      })
    })
  })

  describe('When adding a new user', function () {
    const baseCorrectParams = {
      username: 'user2',
      email: 'test@example.com',
      password: 'my super password',
      videoQuota: -1,
      role: UserRole.USER
    }

    it('Should fail with a too small username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'fi' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a too long username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a not lowercase username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an incorrect username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'my username' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a missing email', async function () {
      const fields = omit(baseCorrectParams, 'email')

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an invalid email', async function () {
      const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a too small password', async function () {
      const fields = immutableAssign(baseCorrectParams, { password: 'bla' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with a too long password', async function () {
      const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an non authenticated user', async function () {
      await makePostBodyRequest({
        url: server.url,
        path,
        token: 'super token',
        fields: baseCorrectParams,
        statusCodeExpected: 401
      })
    })

    it('Should fail if we add a user with the same username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'user1' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
    })

    it('Should fail if we add a user with the same email', async function () {
      const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
    })

    it('Should fail without a videoQuota', async function () {
      const fields = omit(baseCorrectParams, 'videoQuota')

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an invalid videoQuota', async function () {
      const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail without a user role', async function () {
      const fields = omit(baseCorrectParams, 'role')

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should fail with an invalid user role', async function () {
      const fields = immutableAssign(baseCorrectParams, { role: 88989 })

      await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
    })

    it('Should succeed with the correct params', async function () {
      await makePostBodyRequest({
        url: server.url,
        path,
        token: server.accessToken,
        fields: baseCorrectParams,
        statusCodeExpected: 204
      })
    })

    it('Should fail with a non admin user', async function () {
      const user = {
        username: 'user1',
        password: 'my super password'
      }
      userAccessToken = await userLogin(server, user)

      const fields = {
        username: 'user3',
        email: 'test@example.com',
        password: 'my super password',
        videoQuota: 42000000
      }
      await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
    })
  })

  describe('When updating my account', function () {
    it('Should fail with an invalid email attribute', async function () {
      const fields = {
        email: 'blabla'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
    })

    it('Should fail with a too small password', async function () {
      const fields = {
        password: 'bla'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with a too long password', async function () {
      const fields = {
        password: 'super'.repeat(61)
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with an invalid display NSFW attribute', async function () {
      const fields = {
        displayNSFW: -1
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with an invalid autoPlayVideo attribute', async function () {
      const fields = {
        autoPlayVideo: -1
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
    })

    it('Should fail with an non authenticated user', async function () {
      const fields = {
        password: 'my super password'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
    })

    it('Should succeed with the correct params', async function () {
      const fields = {
        password: 'my super password',
        displayNSFW: true,
        autoPlayVideo: false,
        email: 'super_email@example.com'
      }

      await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
    })
  })

  describe('When updating my avatar', function () {
    it('Should fail without an incorrect input file', async function () {
      const fields = {}
      const attaches = {
        'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
      }
      await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
    })

    it('Should succeed with the correct params', async function () {
      const fields = {}
      const attaches = {
        'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
      }
      await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
    })
  })

  describe('When updating a user', function () {

    before(async function () {
      const res = await getUsersList(server.url, server.accessToken)

      userId = res.body.data[1].id
      rootId = res.body.data[2].id
    })

    it('Should fail with an invalid email attribute', async function () {
      const fields = {
        email: 'blabla'
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
    })

    it('Should fail with an invalid videoQuota attribute', async function () {
      const fields = {
        videoQuota: -90
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
    })

    it('Should fail with an invalid user role attribute', async function () {
      const fields = {
        role: 54878
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
    })

    it('Should fail with an non authenticated user', async function () {
      const fields = {
        videoQuota: 42
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
    })

    it('Should succeed with the correct params', async function () {
      const fields = {
        email: 'email@example.com',
        videoQuota: 42,
        role: UserRole.MODERATOR
      }

      await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
    })
  })

  describe('When getting my information', function () {
    it('Should fail with a non authenticated user', async function () {
      await getMyUserInformation(server.url, 'fake_token', 401)
    })

    it('Should success with the correct parameters', async function () {
      await getMyUserInformation(server.url, userAccessToken)
    })
  })

  describe('When getting my video rating', function () {
    it('Should fail with a non authenticated user', async function () {
      await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
    })

    it('Should fail with an incorrect video uuid', async function () {
      await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
    })

    it('Should fail with an unknown video', async function () {
      await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
    })

    it('Should succeed with the correct parameters', async function () {
      await getMyUserVideoRating(server.url, server.accessToken, videoId)
    })
  })

  describe('When removing an user', function () {
    it('Should fail with an incorrect id', async function () {
      await removeUser(server.url, 'blabla', server.accessToken, 400)
    })

    it('Should fail with the root user', async function () {
      await removeUser(server.url, rootId, server.accessToken, 400)
    })

    it('Should return 404 with a non existing id', async function () {
      await removeUser(server.url, 4545454, server.accessToken, 404)
    })
  })

  describe('When register a new user', function () {
    const registrationPath = path + '/register'
    const baseCorrectParams = {
      username: 'user3',
      email: 'test3@example.com',
      password: 'my super password'
    }

    it('Should fail with a too small username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'ji' })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a too long username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with an incorrect username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'my username' })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a missing email', async function () {
      const fields = omit(baseCorrectParams, 'email')

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with an invalid email', async function () {
      const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a too small password', async function () {
      const fields = immutableAssign(baseCorrectParams, { password: 'bla' })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail with a too long password', async function () {
      const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })

      await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
    })

    it('Should fail if we register a user with the same username', async function () {
      const fields = immutableAssign(baseCorrectParams, { username: 'root' })

      await makePostBodyRequest({
        url: server.url,
        path: registrationPath,
        token: server.accessToken,
        fields,
        statusCodeExpected: 409
      })
    })

    it('Should fail if we register a user with the same email', async function () {
      const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })

      await makePostBodyRequest({
        url: server.url,
        path: registrationPath,
        token: server.accessToken,
        fields,
        statusCodeExpected: 409
      })
    })

    it('Should succeed with the correct params', async function () {
      await makePostBodyRequest({
        url: server.url,
        path: registrationPath,
        token: server.accessToken,
        fields: baseCorrectParams,
        statusCodeExpected: 204
      })
    })

    it('Should fail on a server with registration disabled', async function () {
      const fields = {
        username: 'user4',
        email: 'test4@example.com',
        password: 'my super password 4'
      }

      await makePostBodyRequest({
        url: serverWithRegistrationDisabled.url,
        path: registrationPath,
        token: serverWithRegistrationDisabled.accessToken,
        fields,
        statusCodeExpected: 403
      })
    })
  })

  describe('When registering multiple users on a server with users limit', function () {
    it('Should fail when after 3 registrations', async function () {
      await registerUser(server.url, 'user42', 'super password', 403)
    })
  })

  describe('When having a video quota', function () {
    it('Should fail with a user having too many video', async function () {
      await updateUser({
        url: server.url,
        userId: rootId,
        accessToken: server.accessToken,
        videoQuota: 42
      })

      await uploadVideo(server.url, server.accessToken, {}, 403)
    })

    it('Should fail with a registered user having too many video', async function () {
      this.timeout(10000)

      const user = {
        username: 'user3',
        password: 'my super password'
      }
      userAccessToken = await userLogin(server, user)

      const videoAttributes = { fixture: 'video_short2.webm' }
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes)
      await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
    })
  })

  after(async function () {
    killallServers([ server, serverWithRegistrationDisabled ])

    // Keep the logs if the test failed
    if (this['ok']) {
      await flushTests()
    }
  })
})
Commit	Line	Data
0e1dc3e7 C	1	/* tslint:disable:no-unused-expression */
0e1dc3e7 C	2
26d21b78	3	import { omit } from 'lodash'
0e1dc3e7	4	import 'mocha'
c5911fd3	5	import { join } from "path"
26d21b78	6	import { UserRole } from '../../../../shared'
0e1dc3e7 C	7
0e1dc3e7 C	8	import {
26d21b78	9	createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
c5911fd3 C	10	makePostBodyRequest, makePostUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
c5911fd3 C	11	updateUser,
26d21b78	12	uploadVideo, userLogin
0e1dc3e7	13	} from '../../utils'
26d21b78	14	import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
0e1dc3e7 C	15
	16	describe('Test users API validators', function () {
	17	const path = '/api/v1/users/'
	18	let userId: number
	19	let rootId: number
	20	let videoId: number
	21	let server: ServerInfo
	22	let serverWithRegistrationDisabled: ServerInfo
	23	let userAccessToken = ''
	24
	25	// ---------------------------------------------------------------
	26
	27	before(async function () {
	28	this.timeout(120000)
	29
	30	await flushTests()
	31
	32	server = await runServer(1)
	33	serverWithRegistrationDisabled = await runServer(2)
	34
	35	await setAccessTokensToServers([ server ])
	36
0e1dc3e7 C	37	const user = {
	38	username: 'user1',
	39	password: 'my super password'
	40	}
26d21b78 C	41	const videoQuota = 42000000
26d21b78 C	42	await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
eec63bbc	43	userAccessToken = await userLogin(server, user)
26d21b78 C	44
	45	const res = await uploadVideo(server.url, server.accessToken, {})
	46	videoId = res.body.video.id
0e1dc3e7 C	47	})
	48
	49	describe('When listing users', function () {
	50	it('Should fail with a bad start pagination', async function () {
26d21b78	51	await checkBadStartPagination(server.url, path, server.accessToken)
0e1dc3e7 C	52	})
	53
	54	it('Should fail with a bad count pagination', async function () {
26d21b78	55	await checkBadCountPagination(server.url, path, server.accessToken)
0e1dc3e7 C	56	})
	57
	58	it('Should fail with an incorrect sort', async function () {
26d21b78	59	await checkBadSortPagination(server.url, path, server.accessToken)
0e1dc3e7	60	})
86d13ec2 C	61
86d13ec2 C	62	it('Should fail with a non authenticated user', async function () {
26d21b78 C	63	await makeGetRequest({
	64	url: server.url,
	65	path,
	66	statusCodeExpected: 401
	67	})
86d13ec2 C	68	})
	69
	70	it('Should fail with a non admin user', async function () {
26d21b78 C	71	await makeGetRequest({
	72	url: server.url,
	73	path,
	74	token: userAccessToken,
	75	statusCodeExpected: 403
	76	})
86d13ec2	77	})
0e1dc3e7 C	78	})
	79
	80	describe('When adding a new user', function () {
26d21b78 C	81	const baseCorrectParams = {
	82	username: 'user2',
	83	email: 'test@example.com',
	84	password: 'my super password',
	85	videoQuota: -1,
	86	role: UserRole.USER
	87	}
	88
0e1dc3e7	89	it('Should fail with a too small username', async function () {
26d21b78	90	const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
0e1dc3e7 C	91
	92	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	93	})
	94
	95	it('Should fail with a too long username', async function () {
26d21b78	96	const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
0e1dc3e7 C	97
	98	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	99	})
	100
563d032e	101	it('Should fail with a not lowercase username', async function () {
26d21b78	102	const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
563d032e C	103
	104	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	105	})
	106
0e1dc3e7	107	it('Should fail with an incorrect username', async function () {
26d21b78	108	const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
0e1dc3e7 C	109
	110	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	111	})
	112
	113	it('Should fail with a missing email', async function () {
26d21b78	114	const fields = omit(baseCorrectParams, 'email')
0e1dc3e7 C	115
	116	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	117	})
	118
	119	it('Should fail with an invalid email', async function () {
26d21b78	120	const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
0e1dc3e7 C	121
	122	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	123	})
	124
	125	it('Should fail with a too small password', async function () {
26d21b78	126	const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
0e1dc3e7 C	127
	128	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	129	})
	130
	131	it('Should fail with a too long password', async function () {
26d21b78	132	const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
0e1dc3e7 C	133
	134	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	135	})
	136
	137	it('Should fail with an non authenticated user', async function () {
26d21b78 C	138	await makePostBodyRequest({
	139	url: server.url,
	140	path,
	141	token: 'super token',
	142	fields: baseCorrectParams,
	143	statusCodeExpected: 401
	144	})
0e1dc3e7 C	145	})
	146
	147	it('Should fail if we add a user with the same username', async function () {
26d21b78	148	const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
0e1dc3e7 C	149
	150	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
	151	})
	152
	153	it('Should fail if we add a user with the same email', async function () {
26d21b78	154	const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
0e1dc3e7 C	155
	156	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
	157	})
	158
77a5501f	159	it('Should fail without a videoQuota', async function () {
26d21b78	160	const fields = omit(baseCorrectParams, 'videoQuota')
77a5501f C	161
	162	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	163	})
	164
	165	it('Should fail with an invalid videoQuota', async function () {
26d21b78	166	const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
757f0da3 C	167
	168	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	169	})
	170
	171	it('Should fail without a user role', async function () {
26d21b78	172	const fields = omit(baseCorrectParams, 'role')
757f0da3 C	173
	174	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	175	})
	176
	177	it('Should fail with an invalid user role', async function () {
26d21b78	178	const fields = immutableAssign(baseCorrectParams, { role: 88989 })
77a5501f C	179
	180	await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
	181	})
	182
0e1dc3e7	183	it('Should succeed with the correct params', async function () {
26d21b78 C	184	await makePostBodyRequest({
	185	url: server.url,
	186	path,
	187	token: server.accessToken,
	188	fields: baseCorrectParams,
	189	statusCodeExpected: 204
	190	})
0e1dc3e7 C	191	})
	192
	193	it('Should fail with a non admin user', async function () {
26d21b78	194	const user = {
0e1dc3e7	195	username: 'user1',
0e1dc3e7 C	196	password: 'my super password'
0e1dc3e7 C	197	}
26d21b78	198	userAccessToken = await userLogin(server, user)
0e1dc3e7	199
0e1dc3e7 C	200	const fields = {
	201	username: 'user3',
	202	email: 'test@example.com',
77a5501f C	203	password: 'my super password',
77a5501f C	204	videoQuota: 42000000
0e1dc3e7 C	205	}
	206	await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
	207	})
	208	})
	209
77a5501f C	210	describe('When updating my account', function () {
	211	it('Should fail with an invalid email attribute', async function () {
	212	const fields = {
	213	email: 'blabla'
	214	}
0e1dc3e7	215
77a5501f	216	await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
0e1dc3e7 C	217	})
	218
	219	it('Should fail with a too small password', async function () {
	220	const fields = {
	221	password: 'bla'
	222	}
	223
77a5501f	224	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7 C	225	})
	226
	227	it('Should fail with a too long password', async function () {
	228	const fields = {
26d21b78	229	password: 'super'.repeat(61)
0e1dc3e7 C	230	}
0e1dc3e7 C	231
77a5501f	232	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7 C	233	})
	234
	235	it('Should fail with an invalid display NSFW attribute', async function () {
	236	const fields = {
	237	displayNSFW: -1
	238	}
	239
77a5501f	240	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
0e1dc3e7 C	241	})
0e1dc3e7 C	242
7efe153b AL	243	it('Should fail with an invalid autoPlayVideo attribute', async function () {
	244	const fields = {
	245	autoPlayVideo: -1
	246	}
	247
	248	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
	249	})
	250
0e1dc3e7 C	251	it('Should fail with an non authenticated user', async function () {
	252	const fields = {
	253	password: 'my super password'
	254	}
	255
77a5501f	256	await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
0e1dc3e7 C	257	})
	258
	259	it('Should succeed with the correct params', async function () {
	260	const fields = {
	261	password: 'my super password',
77a5501f	262	displayNSFW: true,
7efe153b	263	autoPlayVideo: false,
77a5501f	264	email: 'super_email@example.com'
0e1dc3e7 C	265	}
0e1dc3e7 C	266
77a5501f C	267	await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
	268	})
	269	})
	270
c5911fd3 C	271	describe('When updating my avatar', function () {
	272	it('Should fail without an incorrect input file', async function () {
	273	const fields = {}
	274	const attaches = {
	275	'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
	276	}
	277	await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
	278	})
	279
	280	it('Should succeed with the correct params', async function () {
	281	const fields = {}
	282	const attaches = {
	283	'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
	284	}
	285	await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
	286	})
	287	})
	288
77a5501f C	289	describe('When updating a user', function () {
	290
	291	before(async function () {
86d13ec2	292	const res = await getUsersList(server.url, server.accessToken)
77a5501f C	293
	294	userId = res.body.data[1].id
	295	rootId = res.body.data[2].id
	296	})
	297
	298	it('Should fail with an invalid email attribute', async function () {
	299	const fields = {
	300	email: 'blabla'
	301	}
	302
	303	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
	304	})
	305
	306	it('Should fail with an invalid videoQuota attribute', async function () {
	307	const fields = {
	308	videoQuota: -90
	309	}
	310
	311	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
	312	})
	313
757f0da3 C	314	it('Should fail with an invalid user role attribute', async function () {
	315	const fields = {
	316	role: 54878
	317	}
	318
	319	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
	320	})
	321
77a5501f C	322	it('Should fail with an non authenticated user', async function () {
	323	const fields = {
	324	videoQuota: 42
	325	}
	326
	327	await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
	328	})
	329
	330	it('Should succeed with the correct params', async function () {
	331	const fields = {
	332	email: 'email@example.com',
757f0da3 C	333	videoQuota: 42,
757f0da3 C	334	role: UserRole.MODERATOR
77a5501f C	335	}
	336
	337	await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
0e1dc3e7 C	338	})
	339	})
	340
	341	describe('When getting my information', function () {
	342	it('Should fail with a non authenticated user', async function () {
26d21b78	343	await getMyUserInformation(server.url, 'fake_token', 401)
0e1dc3e7 C	344	})
	345
	346	it('Should success with the correct parameters', async function () {
26d21b78	347	await getMyUserInformation(server.url, userAccessToken)
0e1dc3e7 C	348	})
	349	})
	350
	351	describe('When getting my video rating', function () {
	352	it('Should fail with a non authenticated user', async function () {
26d21b78	353	await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
0e1dc3e7 C	354	})
	355
	356	it('Should fail with an incorrect video uuid', async function () {
26d21b78	357	await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
0e1dc3e7 C	358	})
	359
	360	it('Should fail with an unknown video', async function () {
26d21b78	361	await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
0e1dc3e7 C	362	})
0e1dc3e7 C	363
26d21b78 C	364	it('Should succeed with the correct parameters', async function () {
26d21b78 C	365	await getMyUserVideoRating(server.url, server.accessToken, videoId)
0e1dc3e7 C	366	})
	367	})
	368
	369	describe('When removing an user', function () {
	370	it('Should fail with an incorrect id', async function () {
26d21b78	371	await removeUser(server.url, 'blabla', server.accessToken, 400)
0e1dc3e7 C	372	})
	373
	374	it('Should fail with the root user', async function () {
26d21b78	375	await removeUser(server.url, rootId, server.accessToken, 400)
0e1dc3e7 C	376	})
	377
	378	it('Should return 404 with a non existing id', async function () {
26d21b78	379	await removeUser(server.url, 4545454, server.accessToken, 404)
0e1dc3e7 C	380	})
	381	})
	382
	383	describe('When register a new user', function () {
	384	const registrationPath = path + '/register'
26d21b78 C	385	const baseCorrectParams = {
	386	username: 'user3',
	387	email: 'test3@example.com',
	388	password: 'my super password'
	389	}
0e1dc3e7 C	390
0e1dc3e7 C	391	it('Should fail with a too small username', async function () {
26d21b78	392	const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
0e1dc3e7 C	393
	394	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	395	})
	396
	397	it('Should fail with a too long username', async function () {
26d21b78	398	const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
0e1dc3e7 C	399
	400	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	401	})
	402
	403	it('Should fail with an incorrect username', async function () {
26d21b78	404	const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
0e1dc3e7 C	405
	406	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	407	})
	408
	409	it('Should fail with a missing email', async function () {
26d21b78	410	const fields = omit(baseCorrectParams, 'email')
0e1dc3e7 C	411
	412	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	413	})
	414
	415	it('Should fail with an invalid email', async function () {
26d21b78	416	const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
0e1dc3e7 C	417
	418	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	419	})
	420
	421	it('Should fail with a too small password', async function () {
26d21b78	422	const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
0e1dc3e7 C	423
	424	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	425	})
	426
	427	it('Should fail with a too long password', async function () {
26d21b78	428	const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
0e1dc3e7 C	429
	430	await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
	431	})
	432
	433	it('Should fail if we register a user with the same username', async function () {
26d21b78	434	const fields = immutableAssign(baseCorrectParams, { username: 'root' })
0e1dc3e7	435
26d21b78 C	436	await makePostBodyRequest({
	437	url: server.url,
	438	path: registrationPath,
	439	token: server.accessToken,
	440	fields,
	441	statusCodeExpected: 409
	442	})
0e1dc3e7 C	443	})
	444
	445	it('Should fail if we register a user with the same email', async function () {
26d21b78	446	const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
0e1dc3e7	447
26d21b78 C	448	await makePostBodyRequest({
	449	url: server.url,
	450	path: registrationPath,
	451	token: server.accessToken,
	452	fields,
	453	statusCodeExpected: 409
	454	})
0e1dc3e7 C	455	})
	456
	457	it('Should succeed with the correct params', async function () {
26d21b78 C	458	await makePostBodyRequest({
	459	url: server.url,
	460	path: registrationPath,
	461	token: server.accessToken,
	462	fields: baseCorrectParams,
	463	statusCodeExpected: 204
	464	})
0e1dc3e7 C	465	})
	466
	467	it('Should fail on a server with registration disabled', async function () {
	468	const fields = {
	469	username: 'user4',
	470	email: 'test4@example.com',
	471	password: 'my super password 4'
	472	}
	473
	474	await makePostBodyRequest({
	475	url: serverWithRegistrationDisabled.url,
	476	path: registrationPath,
	477	token: serverWithRegistrationDisabled.accessToken,
	478	fields,
	479	statusCodeExpected: 403
	480	})
	481	})
	482	})
	483
	484	describe('When registering multiple users on a server with users limit', function () {
	485	it('Should fail when after 3 registrations', async function () {
	486	await registerUser(server.url, 'user42', 'super password', 403)
	487	})
	488	})
	489
77a5501f C	490	describe('When having a video quota', function () {
77a5501f C	491	it('Should fail with a user having too many video', async function () {
26d21b78 C	492	await updateUser({
	493	url: server.url,
	494	userId: rootId,
	495	accessToken: server.accessToken,
77a5501f	496	videoQuota: 42
26d21b78	497	})
77a5501f	498
26d21b78	499	await uploadVideo(server.url, server.accessToken, {}, 403)
77a5501f C	500	})
	501
	502	it('Should fail with a registered user having too many video', async function () {
	503	this.timeout(10000)
	504
26d21b78	505	const user = {
77a5501f	506	username: 'user3',
77a5501f C	507	password: 'my super password'
77a5501f C	508	}
26d21b78	509	userAccessToken = await userLogin(server, user)
77a5501f C	510
	511	const videoAttributes = { fixture: 'video_short2.webm' }
	512	await uploadVideo(server.url, userAccessToken, videoAttributes)
	513	await uploadVideo(server.url, userAccessToken, videoAttributes)
	514	await uploadVideo(server.url, userAccessToken, videoAttributes)
	515	await uploadVideo(server.url, userAccessToken, videoAttributes)
	516	await uploadVideo(server.url, userAccessToken, videoAttributes)
	517	await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
	518	})
	519	})
	520
0e1dc3e7 C	521	after(async function () {
	522	killallServers([ server, serverWithRegistrationDisabled ])
	523
	524	// Keep the logs if the test failed
	525	if (this['ok']) {
	526	await flushTests()
	527	}
	528	})
	529	})