]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blame - server/tests/api/users/users.ts
projects / github / Chocobozzz / PeerTube.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add change user password from CLI documentation
[github/Chocobozzz/PeerTube.git] / server / tests / api / users / users.ts
CommitLineData
0e1dc3e7 1/* tslint:disable:no-unused-expression */
86d13ec2 2
0e1dc3e7 3import * as chai from 'chai'
afffe988 4import 'mocha'
a76138ff 5import { User, UserRole } from '../../../../shared/index'
0e1dc3e7 6import {
a890d1e0
C		 7 blockUser,
8 createUser,
9 deleteMe,
10 flushTests,
c100a614 11 getAccountRatings,
a890d1e0
C		 12 getBlacklistedVideosList,
13 getMyUserInformation,
14 getMyUserVideoQuotaUsed,
15 getMyUserVideoRating,
16 getUserInformation,
17 getUsersList,
18 getUsersListPaginationAndSort,
19 getVideosList,
20 killallServers,
21 login,
22 makePutBodyRequest,
23 rateVideo,
24 registerUser,
25 removeUser,
26 removeVideo,
27 runServer,
28 ServerInfo,
29 testImage,
30 unblockUser,
31 updateMyAvatar,
32 updateMyUser,
33 updateUser,
34 uploadVideo,
35 userLogin
c100a614 36} from '../../../../shared/utils'
9639bd17 37import { follow } from '../../../../shared/utils/server/follows'
38import { setAccessTokensToServers } from '../../../../shared/utils/users/login'
39import { getMyVideos } from '../../../../shared/utils/videos/videos'
0e1dc3e7 40
afffe988
C		 41const expect = chai.expect
42
0e1dc3e7
C		 43describe('Test users', function () {
44 let server: ServerInfo
45 let accessToken: string
46 let accessTokenUser: string
47 let videoId: number
48 let userId: number
f8b8c36b
C		 49 const user = {
50 username: 'user_1',
51 password: 'super password'
52 }
0e1dc3e7
C		 53
54 before(async function () {
e212f887 55 this.timeout(30000)
0e1dc3e7
C		 56
57 await flushTests()
58 server = await runServer(1)
86d13ec2
C		 59
60 await setAccessTokensToServers([ server ])
0e1dc3e7
C		 61 })
62
63 it('Should create a new client')
64
65 it('Should return the first client')
66
67 it('Should remove the last client')
68
69 it('Should not login with an invalid client id', async function () {
70 const client = { id: 'client', secret: server.client.secret }
71 const res = await login(server.url, client, server.user, 400)
72
e6921918 73 expect(res.body.error).to.contain('client is invalid')
0e1dc3e7
C		 74 })
75
76 it('Should not login with an invalid client secret', async function () {
77 const client = { id: server.client.id, secret: 'coucou' }
78 const res = await login(server.url, client, server.user, 400)
79
e6921918 80 expect(res.body.error).to.contain('client is invalid')
0e1dc3e7
C		 81 })
82
83 it('Should not login with an invalid username', async function () {
84 const user = { username: 'captain crochet', password: server.user.password }
85 const res = await login(server.url, server.client, user, 400)
86
e6921918 87 expect(res.body.error).to.contain('credentials are invalid')
0e1dc3e7
C		 88 })
89
90 it('Should not login with an invalid password', async function () {
5f04dd2f 91 const user = { username: server.user.username, password: 'mew_three' }
0e1dc3e7
C		 92 const res = await login(server.url, server.client, user, 400)
93
e6921918 94 expect(res.body.error).to.contain('credentials are invalid')
0e1dc3e7
C		 95 })
96
97 it('Should not be able to upload a video', async function () {
98 accessToken = 'my_super_token'
99
100 const videoAttributes = {}
101 await uploadVideo(server.url, accessToken, videoAttributes, 401)
102 })
103
afffe988 104 it('Should not be able to follow', async function () {
0e1dc3e7 105 accessToken = 'my_super_token'
afffe988 106 await follow(server.url, [ 'http://example.com' ], accessToken, 401)
0e1dc3e7
C		 107 })
108
afffe988 109 it('Should not be able to unfollow')
0e1dc3e7
C		 110
111 it('Should be able to login', async function () {
112 const res = await login(server.url, server.client, server.user, 200)
113
114 accessToken = res.body.access_token
115 })
116
117 it('Should upload the video with the correct token', async function () {
118 const videoAttributes = {}
04e0fc48 119 await uploadVideo(server.url, accessToken, videoAttributes)
0e1dc3e7 120 const res = await getVideosList(server.url)
afffe988 121 const video = res.body.data[ 0 ]
0e1dc3e7 122
b64c950a 123 expect(video.account.name).to.equal('root')
0e1dc3e7
C		 124 videoId = video.id
125 })
126
127 it('Should upload the video again with the correct token', async function () {
128 const videoAttributes = {}
04e0fc48 129 await uploadVideo(server.url, accessToken, videoAttributes)
0e1dc3e7
C		 130 })
131
132 it('Should retrieve a video rating', async function () {
133 await rateVideo(server.url, accessToken, videoId, 'like')
26d21b78 134 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
0e1dc3e7
C		 135 const rating = res.body
136
a7ba16b6
C		 137 expect(rating.videoId).to.equal(videoId)
138 expect(rating.rating).to.equal('like')
0e1dc3e7
C		 139 })
140
c100a614
YB		 141 it('Should retrieve ratings list', async function () {
142 await rateVideo(server.url, accessToken, videoId, 'like')
22834691
C		 143
144 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, 200)
c100a614
YB		 145 const ratings = res.body
146
22834691 147 expect(ratings.total).to.equal(1)
c100a614
YB		 148 expect(ratings.data[0].video.id).to.equal(videoId)
149 expect(ratings.data[0].rating).to.equal('like')
150 })
151
152 it('Should retrieve ratings list by rating type', async function () {
22834691
C		 153 {
154 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like')
155 const ratings = res.body
156 expect(ratings.data.length).to.equal(1)
157 }
158
159 {
160 const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike')
161 const ratings = res.body
162 expect(ratings.data.length).to.equal(0)
163 }
c100a614
YB		 164 })
165
0e1dc3e7
C		 166 it('Should not be able to remove the video with an incorrect token', async function () {
167 await removeVideo(server.url, 'bad_token', videoId, 401)
168 })
169
170 it('Should not be able to remove the video with the token of another account')
171
172 it('Should be able to remove the video with the correct token', async function () {
173 await removeVideo(server.url, accessToken, videoId)
174 })
175
176 it('Should logout (revoke token)')
177
178 it('Should not be able to get the user information')
179
180 it('Should not be able to upload a video')
181
182 it('Should not be able to remove a video')
183
184 it('Should not be able to rate a video', async function () {
185 const path = '/api/v1/videos/'
186 const data = {
187 rating: 'likes'
188 }
189
190 const options = {
191 url: server.url,
192 path: path + videoId,
193 token: 'wrong token',
194 fields: data,
195 statusCodeExpected: 401
196 }
197 await makePutBodyRequest(options)
198 })
199
200 it('Should be able to login again')
201
202 it('Should have an expired access token')
203
204 it('Should refresh the token')
205
206 it('Should be able to upload a video again')
207
208 it('Should be able to create a new user', async function () {
24b9417c 209 await createUser(server.url, accessToken, user.username, user.password, 2 * 1024 * 1024)
0e1dc3e7
C		 210 })
211
212 it('Should be able to login with this user', async function () {
f8b8c36b 213 accessTokenUser = await userLogin(server, user)
0e1dc3e7
C		 214 })
215
216 it('Should be able to get the user information', async function () {
5c98d3bf 217 const res = await getMyUserInformation(server.url, accessTokenUser)
0e1dc3e7
C		 218 const user = res.body
219
a7ba16b6
C		 220 expect(user.username).to.equal('user_1')
221 expect(user.email).to.equal('user_1@example.com')
0883b324 222 expect(user.nsfwPolicy).to.equal('display')
a7ba16b6
C		 223 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
224 expect(user.roleLabel).to.equal('User')
225 expect(user.id).to.be.a('number')
ed56ad11 226 expect(user.account.displayName).to.equal('user_1')
2422c46b 227 expect(user.account.description).to.be.null
0e1dc3e7
C		 228 })
229
230 it('Should be able to upload a video with this user', async function () {
231 this.timeout(5000)
232
11474c3c 233 const videoAttributes = {
ce5496d6
C		 234 name: 'super user video',
235 fixture: 'video_short.webm'
11474c3c 236 }
0e1dc3e7
C		 237 await uploadVideo(server.url, accessTokenUser, videoAttributes)
238 })
239
ce5496d6
C		 240 it('Should have video quota updated', async function () {
241 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
242 const data = res.body
243
244 expect(data.videoQuotaUsed).to.equal(218910)
a76138ff
C		 245
246 const resUsers = await getUsersList(server.url, server.accessToken)
247
248 const users: User[] = resUsers.body.data
249 const tmpUser = users.find(u => u.username === user.username)
250 expect(tmpUser.videoQuotaUsed).to.equal(218910)
ce5496d6
C		 251 })
252
11474c3c
C		 253 it('Should be able to list my videos', async function () {
254 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
a7ba16b6 255 expect(res.body.total).to.equal(1)
11474c3c
C		 256
257 const videos = res.body.data
a7ba16b6 258 expect(videos).to.have.lengthOf(1)
11474c3c 259
a7ba16b6 260 expect(videos[ 0 ].name).to.equal('super user video')
11474c3c
C		 261 })
262
0e1dc3e7 263 it('Should list all the users', async function () {
86d13ec2 264 const res = await getUsersList(server.url, server.accessToken)
0e1dc3e7
C		 265 const result = res.body
266 const total = result.total
267 const users = result.data
268
a7ba16b6
C		 269 expect(total).to.equal(2)
270 expect(users).to.be.an('array')
271 expect(users.length).to.equal(2)
afffe988
C		 272
273 const user = users[ 0 ]
a7ba16b6
C		 274 expect(user.username).to.equal('user_1')
275 expect(user.email).to.equal('user_1@example.com')
0883b324 276 expect(user.nsfwPolicy).to.equal('display')
0e1dc3e7 277
afffe988 278 const rootUser = users[ 1 ]
a7ba16b6
C		 279 expect(rootUser.username).to.equal('root')
280 expect(rootUser.email).to.equal('admin1@example.com')
0883b324 281 expect(user.nsfwPolicy).to.equal('display')
0e1dc3e7
C		 282
283 userId = user.id
284 })
285
286 it('Should list only the first user by username asc', async function () {
86d13ec2 287 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
0e1dc3e7
C		 288
289 const result = res.body
290 const total = result.total
291 const users = result.data
292
a7ba16b6
C		 293 expect(total).to.equal(2)
294 expect(users.length).to.equal(1)
afffe988
C		 295
296 const user = users[ 0 ]
a7ba16b6
C		 297 expect(user.username).to.equal('root')
298 expect(user.email).to.equal('admin1@example.com')
299 expect(user.roleLabel).to.equal('Administrator')
0883b324 300 expect(user.nsfwPolicy).to.equal('display')
0e1dc3e7
C		 301 })
302
303 it('Should list only the first user by username desc', async function () {
86d13ec2 304 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
0e1dc3e7
C		 305 const result = res.body
306 const total = result.total
307 const users = result.data
308
a7ba16b6
C		 309 expect(total).to.equal(2)
310 expect(users.length).to.equal(1)
afffe988
C		 311
312 const user = users[ 0 ]
a7ba16b6
C		 313 expect(user.username).to.equal('user_1')
314 expect(user.email).to.equal('user_1@example.com')
0883b324 315 expect(user.nsfwPolicy).to.equal('display')
0e1dc3e7
C		 316 })
317
318 it('Should list only the second user by createdAt desc', async function () {
86d13ec2 319 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
0e1dc3e7
C		 320 const result = res.body
321 const total = result.total
322 const users = result.data
323
a7ba16b6
C		 324 expect(total).to.equal(2)
325 expect(users.length).to.equal(1)
afffe988
C		 326
327 const user = users[ 0 ]
a7ba16b6
C		 328 expect(user.username).to.equal('user_1')
329 expect(user.email).to.equal('user_1@example.com')
0883b324 330 expect(user.nsfwPolicy).to.equal('display')
0e1dc3e7
C		 331 })
332
333 it('Should list all the users by createdAt asc', async function () {
86d13ec2 334 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
0e1dc3e7
C		 335 const result = res.body
336 const total = result.total
337 const users = result.data
338
a7ba16b6
C		 339 expect(total).to.equal(2)
340 expect(users.length).to.equal(2)
341
342 expect(users[ 0 ].username).to.equal('root')
343 expect(users[ 0 ].email).to.equal('admin1@example.com')
0883b324 344 expect(users[ 0 ].nsfwPolicy).to.equal('display')
afffe988 345
a7ba16b6
C		 346 expect(users[ 1 ].username).to.equal('user_1')
347 expect(users[ 1 ].email).to.equal('user_1@example.com')
0883b324 348 expect(users[ 1 ].nsfwPolicy).to.equal('display')
0e1dc3e7
C		 349 })
350
24b9417c
C		 351 it('Should search user by username', async function () {
352 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
353 const users = res.body.data as User[]
354
355 expect(res.body.total).to.equal(1)
356 expect(users.length).to.equal(1)
357
358 expect(users[ 0 ].username).to.equal('root')
359 })
360
361 it('Should search user by email', async function () {
362 {
363 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
364 const users = res.body.data as User[]
365
366 expect(res.body.total).to.equal(1)
367 expect(users.length).to.equal(1)
368
369 expect(users[ 0 ].username).to.equal('user_1')
370 expect(users[ 0 ].email).to.equal('user_1@example.com')
371 }
372
373 {
374 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
375 const users = res.body.data as User[]
376
377 expect(res.body.total).to.equal(2)
378 expect(users.length).to.equal(2)
379
380 expect(users[ 0 ].username).to.equal('root')
381 expect(users[ 1 ].username).to.equal('user_1')
382 }
383 })
384
5c98d3bf 385 it('Should update my password', async function () {
11ba2ab3
C		 386 await updateMyUser({
387 url: server.url,
388 accessToken: accessTokenUser,
a890d1e0 389 currentPassword: 'super password',
11ba2ab3
C		 390 newPassword: 'new password'
391 })
f8b8c36b 392 user.password = 'new password'
0e1dc3e7 393
f8b8c36b 394 await userLogin(server, user, 200)
0e1dc3e7
C		 395 })
396
397 it('Should be able to change the NSFW display attribute', async function () {
11ba2ab3
C		 398 await updateMyUser({
399 url: server.url,
400 accessToken: accessTokenUser,
0883b324 401 nsfwPolicy: 'do_not_list'
11ba2ab3 402 })
0e1dc3e7 403
5c98d3bf 404 const res = await getMyUserInformation(server.url, accessTokenUser)
0e1dc3e7
C		 405 const user = res.body
406
a7ba16b6
C		 407 expect(user.username).to.equal('user_1')
408 expect(user.email).to.equal('user_1@example.com')
0883b324 409 expect(user.nsfwPolicy).to.equal('do_not_list')
a7ba16b6
C		 410 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
411 expect(user.id).to.be.a('number')
ed56ad11 412 expect(user.account.displayName).to.equal('user_1')
2422c46b 413 expect(user.account.description).to.be.null
5c98d3bf
C		 414 })
415
7efe153b 416 it('Should be able to change the autoPlayVideo attribute', async function () {
11ba2ab3
C		 417 await updateMyUser({
418 url: server.url,
419 accessToken: accessTokenUser,
420 autoPlayVideo: false
421 })
7efe153b
AL		 422
423 const res = await getMyUserInformation(server.url, accessTokenUser)
424 const user = res.body
425
426 expect(user.autoPlayVideo).to.be.false
427 })
428
5c98d3bf 429 it('Should be able to change the email display attribute', async function () {
11ba2ab3
C		 430 await updateMyUser({
431 url: server.url,
432 accessToken: accessTokenUser,
433 email: 'updated@example.com'
434 })
5c98d3bf
C		 435
436 const res = await getMyUserInformation(server.url, accessTokenUser)
437 const user = res.body
438
a7ba16b6
C		 439 expect(user.username).to.equal('user_1')
440 expect(user.email).to.equal('updated@example.com')
0883b324 441 expect(user.nsfwPolicy).to.equal('do_not_list')
a7ba16b6
C		 442 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
443 expect(user.id).to.be.a('number')
ed56ad11 444 expect(user.account.displayName).to.equal('user_1')
2422c46b 445 expect(user.account.description).to.be.null
5c98d3bf
C		 446 })
447
c5911fd3
C		 448 it('Should be able to update my avatar', async function () {
449 const fixture = 'avatar.png'
450
451 await updateMyAvatar({
452 url: server.url,
453 accessToken: accessTokenUser,
454 fixture
455 })
456
457 const res = await getMyUserInformation(server.url, accessTokenUser)
458 const user = res.body
459
7b0956ec 460 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.png')
c5911fd3
C		 461 })
462
ed56ad11
C		 463 it('Should be able to update my display name', async function () {
464 await updateMyUser({
465 url: server.url,
466 accessToken: accessTokenUser,
467 displayName: 'new display name'
468 })
469
470 const res = await getMyUserInformation(server.url, accessTokenUser)
471 const user = res.body
472
473 expect(user.username).to.equal('user_1')
474 expect(user.email).to.equal('updated@example.com')
475 expect(user.nsfwPolicy).to.equal('do_not_list')
476 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
477 expect(user.id).to.be.a('number')
478 expect(user.account.displayName).to.equal('new display name')
479 expect(user.account.description).to.be.null
480 })
481
2422c46b
C		 482 it('Should be able to update my description', async function () {
483 await updateMyUser({
484 url: server.url,
485 accessToken: accessTokenUser,
486 description: 'my super description updated'
487 })
488
489 const res = await getMyUserInformation(server.url, accessTokenUser)
490 const user = res.body
491
492 expect(user.username).to.equal('user_1')
493 expect(user.email).to.equal('updated@example.com')
0883b324 494 expect(user.nsfwPolicy).to.equal('do_not_list')
2422c46b
C		 495 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
496 expect(user.id).to.be.a('number')
ed56ad11 497 expect(user.account.displayName).to.equal('new display name')
2422c46b
C		 498 expect(user.account.description).to.equal('my super description updated')
499 })
500
5c98d3bf 501 it('Should be able to update another user', async function () {
11ba2ab3
C		 502 await updateUser({
503 url: server.url,
504 userId,
505 accessToken,
506 email: 'updated2@example.com',
fc2ec87a 507 emailVerified: true,
11ba2ab3
C		 508 videoQuota: 42,
509 role: UserRole.MODERATOR
510 })
5c98d3bf 511
77a5501f 512 const res = await getUserInformation(server.url, accessToken, userId)
5c98d3bf
C		 513 const user = res.body
514
a7ba16b6
C		 515 expect(user.username).to.equal('user_1')
516 expect(user.email).to.equal('updated2@example.com')
fc2ec87a 517 expect(user.emailVerified).to.be.true
0883b324 518 expect(user.nsfwPolicy).to.equal('do_not_list')
a7ba16b6
C		 519 expect(user.videoQuota).to.equal(42)
520 expect(user.roleLabel).to.equal('Moderator')
521 expect(user.id).to.be.a('number')
0e1dc3e7
C		 522 })
523
f8b8c36b
C		 524 it('Should have removed the user token', async function () {
525 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
526
527 accessTokenUser = await userLogin(server, user)
528 })
529
b426edd4
C		 530 it('Should be able to update another user password', async function () {
531 await updateUser({
532 url: server.url,
533 userId,
534 accessToken,
535 password: 'password updated'
536 })
537
538 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, 401)
539
540 await userLogin(server, user, 400)
541
542 user.password = 'password updated'
543 accessTokenUser = await userLogin(server, user)
544 })
545
757f0da3
C		 546 it('Should be able to list video blacklist by a moderator', async function () {
547 await getBlacklistedVideosList(server.url, accessTokenUser)
548 })
549
0e1dc3e7
C		 550 it('Should be able to remove this user', async function () {
551 await removeUser(server.url, userId, accessToken)
552 })
553
554 it('Should not be able to login with this user', async function () {
f8b8c36b 555 await userLogin(server, user, 400)
0e1dc3e7
C		 556 })
557
558 it('Should not have videos of this user', async function () {
559 const res = await getVideosList(server.url)
560
a7ba16b6 561 expect(res.body.total).to.equal(1)
0e1dc3e7 562
afffe988 563 const video = res.body.data[ 0 ]
b64c950a 564 expect(video.account.name).to.equal('root')
0e1dc3e7
C		 565 })
566
567 it('Should register a new user', async function () {
568 await registerUser(server.url, 'user_15', 'my super password')
569 })
570
571 it('Should be able to login with this registered user', async function () {
f8b8c36b 572 const user15 = {
0e1dc3e7
C		 573 username: 'user_15',
574 password: 'my super password'
575 }
576
f8b8c36b 577 accessToken = await userLogin(server, user15)
5c98d3bf
C		 578 })
579
580 it('Should have the correct video quota', async function () {
581 const res = await getMyUserInformation(server.url, accessToken)
582 const user = res.body
583
a7ba16b6 584 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
0e1dc3e7
C		 585 })
586
92b9d60c
C		 587 it('Should remove me', async function () {
588 {
589 const res = await getUsersList(server.url, server.accessToken)
590 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
591 }
592
593 await deleteMe(server.url, accessToken)
594
595 {
596 const res = await getUsersList(server.url, server.accessToken)
597 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
598 }
599 })
600
e6921918
C		 601 it('Should block and unblock a user', async function () {
602 const user16 = {
603 username: 'user_16',
604 password: 'my super password'
605 }
606 const resUser = await createUser(server.url, server.accessToken, user16.username, user16.password)
607 const user16Id = resUser.body.user.id
608
609 accessToken = await userLogin(server, user16)
610
611 await getMyUserInformation(server.url, accessToken, 200)
612 await blockUser(server.url, user16Id, server.accessToken)
613
614 await getMyUserInformation(server.url, accessToken, 401)
615 await userLogin(server, user16, 400)
616
617 await unblockUser(server.url, user16Id, server.accessToken)
618 accessToken = await userLogin(server, user16)
619 await getMyUserInformation(server.url, accessToken, 200)
620 })
621
0e1dc3e7
C		 622 after(async function () {
623 killallServers([ server ])
624
625 // Keep the logs if the test failed
afffe988 626 if (this[ 'ok' ]) {
0e1dc3e7
C		 627 await flushTests()
628 }
629 })
630})
ActivityPub-federated video streaming platform using P2P directly in your web browser