]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blame - server/tests/api/users/users.ts
projects / github / Chocobozzz / PeerTube.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Specify if we want to fallback to the server token
[github/Chocobozzz/PeerTube.git] / server / tests / api / users / users.ts
CommitLineData
a1587156 1/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
86d13ec2 2
afffe988 3import 'mocha'
4f32032f 4import * as chai from 'chai'
0c1a77e9 5import { HttpStatusCode } from '@shared/core-utils'
0e1dc3e7 6import {
e1c55031 7 addVideoCommentThread,
a890d1e0 8 blockUser,
7c3b7976 9 cleanupTests,
f43db2f4 10 closeAllSequelize,
a890d1e0
C		 11 createUser,
12 deleteMe,
7c3b7976 13 flushAndRunServer,
a890d1e0
C		 14 getBlacklistedVideosList,
15 getMyUserInformation,
16 getMyUserVideoQuotaUsed,
17 getMyUserVideoRating,
0c1a77e9 18 getMyVideos,
a890d1e0
C		 19 getUserInformation,
20 getUsersList,
21 getUsersListPaginationAndSort,
1f20622f 22 getVideoChannel,
a1587156 23 getVideosList,
f43db2f4 24 killallServers,
a890d1e0 25 login,
0c1a77e9 26 logout,
a890d1e0
C		 27 makePutBodyRequest,
28 rateVideo,
0c1a77e9 29 refreshToken,
1f20622f 30 registerUserWithChannel,
a890d1e0
C		 31 removeUser,
32 removeVideo,
f43db2f4 33 reRunServer,
a890d1e0 34 ServerInfo,
0c1a77e9 35 setAccessTokensToServers,
f43db2f4 36 setTokenField,
a890d1e0
C		 37 testImage,
38 unblockUser,
39 updateMyAvatar,
40 updateMyUser,
41 updateUser,
42 uploadVideo,
76314386 43 userLogin,
e1c55031 44 waitJobs
0c1a77e9 45} from '@shared/extra-utils'
65e6e260 46import { AbuseState, MyUser, OAuth2ErrorCode, User, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
0e1dc3e7 47
afffe988
C		 48const expect = chai.expect
49
0e1dc3e7
C		 50describe('Test users', function () {
51 let server: ServerInfo
52 let accessToken: string
53 let accessTokenUser: string
54 let videoId: number
55 let userId: number
f8b8c36b
C		 56 const user = {
57 username: 'user_1',
58 password: 'super password'
59 }
0e1dc3e7
C		 60
61 before(async function () {
e212f887 62 this.timeout(30000)
e1c55031
C		 63
64 server = await flushAndRunServer(1, {
65 rates_limit: {
66 login: {
67 max: 30
68 }
69 }
70 })
86d13ec2
C		 71
72 await setAccessTokensToServers([ server ])
9b474844 73
ae2abfd3 74 await server.pluginsCommand.install({ npmName: 'peertube-theme-background-red' })
0e1dc3e7
C		 75 })
76
1eddc9a7
C		 77 describe('OAuth client', function () {
78 it('Should create a new client')
0e1dc3e7 79
1eddc9a7 80 it('Should return the first client')
0e1dc3e7 81
1eddc9a7 82 it('Should remove the last client')
0e1dc3e7 83
1eddc9a7
C		 84 it('Should not login with an invalid client id', async function () {
85 const client = { id: 'client', secret: server.client.secret }
2d53be02 86 const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
0e1dc3e7 87
81628e50 88 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
3866ea02
RK		 89 expect(res.body.error).to.contain('client is invalid')
90 expect(res.body.type.startsWith('https://')).to.be.true
81628e50 91 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
1eddc9a7 92 })
0e1dc3e7 93
1eddc9a7
C		 94 it('Should not login with an invalid client secret', async function () {
95 const client = { id: server.client.id, secret: 'coucou' }
2d53be02 96 const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
0e1dc3e7 97
81628e50 98 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
3866ea02
RK		 99 expect(res.body.error).to.contain('client is invalid')
100 expect(res.body.type.startsWith('https://')).to.be.true
81628e50 101 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
1eddc9a7 102 })
0e1dc3e7
C		 103 })
104
1eddc9a7 105 describe('Login', function () {
0e1dc3e7 106
1eddc9a7
C		 107 it('Should not login with an invalid username', async function () {
108 const user = { username: 'captain crochet', password: server.user.password }
2d53be02 109 const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
0e1dc3e7 110
81628e50 111 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
3866ea02
RK		 112 expect(res.body.error).to.contain('credentials are invalid')
113 expect(res.body.type.startsWith('https://')).to.be.true
81628e50 114 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
1eddc9a7 115 })
0e1dc3e7 116
1eddc9a7
C		 117 it('Should not login with an invalid password', async function () {
118 const user = { username: server.user.username, password: 'mew_three' }
2d53be02 119 const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
0e1dc3e7 120
81628e50 121 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
3866ea02
RK		 122 expect(res.body.error).to.contain('credentials are invalid')
123 expect(res.body.type.startsWith('https://')).to.be.true
81628e50 124 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
1eddc9a7 125 })
0e1dc3e7 126
1eddc9a7
C		 127 it('Should not be able to upload a video', async function () {
128 accessToken = 'my_super_token'
0e1dc3e7 129
1eddc9a7 130 const videoAttributes = {}
2d53be02 131 await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401)
1eddc9a7 132 })
0e1dc3e7 133
1eddc9a7
C		 134 it('Should not be able to follow', async function () {
135 accessToken = 'my_super_token'
c3d29f69
C		 136
137 await server.followsCommand.follow({
138 targets: [ 'http://example.com' ],
139 token: accessToken,
140 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
141 })
1eddc9a7 142 })
0e1dc3e7 143
1eddc9a7 144 it('Should not be able to unfollow')
0e1dc3e7 145
1eddc9a7 146 it('Should be able to login', async function () {
2d53be02 147 const res = await login(server.url, server.client, server.user, HttpStatusCode.OK_200)
0e1dc3e7 148
1eddc9a7
C		 149 accessToken = res.body.access_token
150 })
50b4dcce
NB		 151
152 it('Should be able to login with an insensitive username', async function () {
153 const user = { username: 'RoOt', password: server.user.password }
2d53be02 154 await login(server.url, server.client, user, HttpStatusCode.OK_200)
50b4dcce
NB		 155
156 const user2 = { username: 'rOoT', password: server.user.password }
2d53be02 157 await login(server.url, server.client, user2, HttpStatusCode.OK_200)
50b4dcce
NB		 158
159 const user3 = { username: 'ROOt', password: server.user.password }
2d53be02 160 await login(server.url, server.client, user3, HttpStatusCode.OK_200)
50b4dcce 161 })
0e1dc3e7
C		 162 })
163
1eddc9a7 164 describe('Upload', function () {
0e1dc3e7 165
1eddc9a7
C		 166 it('Should upload the video with the correct token', async function () {
167 const videoAttributes = {}
168 await uploadVideo(server.url, accessToken, videoAttributes)
169 const res = await getVideosList(server.url)
a1587156 170 const video = res.body.data[0]
0e1dc3e7 171
1eddc9a7
C		 172 expect(video.account.name).to.equal('root')
173 videoId = video.id
174 })
175
176 it('Should upload the video again with the correct token', async function () {
177 const videoAttributes = {}
178 await uploadVideo(server.url, accessToken, videoAttributes)
179 })
0e1dc3e7
C		 180 })
181
1eddc9a7 182 describe('Ratings', function () {
22834691 183
1eddc9a7
C		 184 it('Should retrieve a video rating', async function () {
185 await rateVideo(server.url, accessToken, videoId, 'like')
186 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
187 const rating = res.body
c100a614 188
1eddc9a7
C		 189 expect(rating.videoId).to.equal(videoId)
190 expect(rating.rating).to.equal('like')
191 })
c100a614 192
1eddc9a7
C		 193 it('Should retrieve ratings list', async function () {
194 await rateVideo(server.url, accessToken, videoId, 'like')
22834691 195
9fff08cf 196 const body = await server.accountsCommand.listRatings({ accountName: server.user.username })
0e1dc3e7 197
9fff08cf
C		 198 expect(body.total).to.equal(1)
199 expect(body.data[0].video.id).to.equal(videoId)
200 expect(body.data[0].rating).to.equal('like')
1eddc9a7 201 })
0e1dc3e7 202
1eddc9a7
C		 203 it('Should retrieve ratings list by rating type', async function () {
204 {
9fff08cf
C		 205 const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'like' })
206 expect(body.data.length).to.equal(1)
1eddc9a7
C		 207 }
208
209 {
9fff08cf
C		 210 const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'dislike' })
211 expect(body.data.length).to.equal(0)
1eddc9a7
C		 212 }
213 })
0e1dc3e7
C		 214 })
215
1eddc9a7
C		 216 describe('Remove video', function () {
217 it('Should not be able to remove the video with an incorrect token', async function () {
2d53be02 218 await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401)
1eddc9a7 219 })
0e1dc3e7 220
1eddc9a7 221 it('Should not be able to remove the video with the token of another account')
0e1dc3e7 222
1eddc9a7
C		 223 it('Should be able to remove the video with the correct token', async function () {
224 await removeVideo(server.url, accessToken, videoId)
225 })
0e1dc3e7
C		 226 })
227
1eddc9a7 228 describe('Logout', function () {
7fed6375
C		 229 it('Should logout (revoke token)', async function () {
230 await logout(server.url, server.accessToken)
231 })
0e1dc3e7 232
7fed6375 233 it('Should not be able to get the user information', async function () {
2d53be02 234 await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401)
7fed6375 235 })
0e1dc3e7 236
7fed6375 237 it('Should not be able to upload a video', async function () {
2d53be02 238 await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401)
7fed6375 239 })
0e1dc3e7 240
1eddc9a7
C		 241 it('Should not be able to rate a video', async function () {
242 const path = '/api/v1/videos/'
243 const data = {
244 rating: 'likes'
245 }
0e1dc3e7 246
1eddc9a7
C		 247 const options = {
248 url: server.url,
249 path: path + videoId,
250 token: 'wrong token',
251 fields: data,
2d53be02 252 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
1eddc9a7
C		 253 }
254 await makePutBodyRequest(options)
255 })
0e1dc3e7 256
e1c55031 257 it('Should be able to login again', async function () {
f43db2f4
C		 258 const res = await login(server.url, server.client, server.user)
259 server.accessToken = res.body.access_token
260 server.refreshToken = res.body.refresh_token
261 })
262
263 it('Should be able to get my user information again', async function () {
264 await getMyUserInformation(server.url, server.accessToken)
265 })
266
267 it('Should have an expired access token', async function () {
268 this.timeout(15000)
269
270 await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
271 await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
272
273 killallServers([ server ])
274 await reRunServer(server)
275
276 await getMyUserInformation(server.url, server.accessToken, 401)
277 })
278
279 it('Should not be able to refresh an access token with an expired refresh token', async function () {
280 await refreshToken(server, server.refreshToken, 400)
e1c55031 281 })
0e1dc3e7 282
f43db2f4
C		 283 it('Should refresh the token', async function () {
284 this.timeout(15000)
285
286 const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
287 await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate)
0e1dc3e7 288
f43db2f4
C		 289 killallServers([ server ])
290 await reRunServer(server)
291
292 const res = await refreshToken(server, server.refreshToken)
293 server.accessToken = res.body.access_token
294 server.refreshToken = res.body.refresh_token
295 })
1eddc9a7 296
e1c55031
C		 297 it('Should be able to get my user information again', async function () {
298 await getMyUserInformation(server.url, server.accessToken)
299 })
0e1dc3e7
C		 300 })
301
1eddc9a7 302 describe('Creating a user', function () {
ce5496d6 303
1eddc9a7
C		 304 it('Should be able to create a new user', async function () {
305 await createUser({
306 url: server.url,
307 accessToken: accessToken,
308 username: user.username,
309 password: user.password,
310 videoQuota: 2 * 1024 * 1024,
3487330d 311 adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
1eddc9a7
C		 312 })
313 })
a76138ff 314
1eddc9a7
C		 315 it('Should be able to login with this user', async function () {
316 accessTokenUser = await userLogin(server, user)
317 })
a76138ff 318
1eddc9a7
C		 319 it('Should be able to get user information', async function () {
320 const res1 = await getMyUserInformation(server.url, accessTokenUser)
ac0868bc 321 const userMe: MyUser = res1.body
1eddc9a7 322
76314386 323 const res2 = await getUserInformation(server.url, server.accessToken, userMe.id, true)
1eddc9a7
C		 324 const userGet: User = res2.body
325
326 for (const user of [ userMe, userGet ]) {
327 expect(user.username).to.equal('user_1')
328 expect(user.email).to.equal('user_1@example.com')
329 expect(user.nsfwPolicy).to.equal('display')
330 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
331 expect(user.roleLabel).to.equal('User')
332 expect(user.id).to.be.a('number')
333 expect(user.account.displayName).to.equal('user_1')
334 expect(user.account.description).to.be.null
335 }
336
337 expect(userMe.adminFlags).to.be.undefined
3487330d 338 expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
29128b2f
RK		 339
340 expect(userMe.specialPlaylists).to.have.lengthOf(1)
ac0868bc 341 expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
76314386
RK		 342
343 // Check stats are included with withStats
344 expect(userGet.videosCount).to.be.a('number')
345 expect(userGet.videosCount).to.equal(0)
346 expect(userGet.videoCommentsCount).to.be.a('number')
347 expect(userGet.videoCommentsCount).to.equal(0)
4f32032f
C		 348 expect(userGet.abusesCount).to.be.a('number')
349 expect(userGet.abusesCount).to.equal(0)
350 expect(userGet.abusesAcceptedCount).to.be.a('number')
351 expect(userGet.abusesAcceptedCount).to.equal(0)
1eddc9a7 352 })
ce5496d6
C		 353 })
354
1eddc9a7 355 describe('My videos & quotas', function () {
11474c3c 356
1eddc9a7 357 it('Should be able to upload a video with this user', async function () {
5600def4 358 this.timeout(10000)
0e1dc3e7 359
1eddc9a7
C		 360 const videoAttributes = {
361 name: 'super user video',
362 fixture: 'video_short.webm'
363 }
364 await uploadVideo(server.url, accessTokenUser, videoAttributes)
365 })
afffe988 366
1eddc9a7
C		 367 it('Should have video quota updated', async function () {
368 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
369 const data = res.body
0e1dc3e7 370
1eddc9a7 371 expect(data.videoQuotaUsed).to.equal(218910)
0e1dc3e7 372
1eddc9a7 373 const resUsers = await getUsersList(server.url, server.accessToken)
0e1dc3e7 374
1eddc9a7
C		 375 const users: User[] = resUsers.body.data
376 const tmpUser = users.find(u => u.username === user.username)
377 expect(tmpUser.videoQuotaUsed).to.equal(218910)
378 })
0e1dc3e7 379
1eddc9a7
C		 380 it('Should be able to list my videos', async function () {
381 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
382 expect(res.body.total).to.equal(1)
0e1dc3e7 383
1eddc9a7
C		 384 const videos = res.body.data
385 expect(videos).to.have.lengthOf(1)
afffe988 386
a1587156 387 const video: Video = videos[0]
a18f275d
C		 388 expect(video.name).to.equal('super user video')
389 expect(video.thumbnailPath).to.not.be.null
390 expect(video.previewPath).to.not.be.null
1eddc9a7 391 })
cca1e13b
C		 392
393 it('Should be able to search in my videos', async function () {
394 {
395 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
396 expect(res.body.total).to.equal(1)
397
398 const videos = res.body.data
399 expect(videos).to.have.lengthOf(1)
400 }
401
402 {
403 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
404 expect(res.body.total).to.equal(0)
405
406 const videos = res.body.data
407 expect(videos).to.have.lengthOf(0)
408 }
409 })
5600def4
C		 410
411 it('Should disable webtorrent, enable HLS, and update my quota', async function () {
412 this.timeout(60000)
413
414 {
65e6e260 415 const config = await server.configCommand.getCustomConfig()
5600def4
C		 416 config.transcoding.webtorrent.enabled = false
417 config.transcoding.hls.enabled = true
418 config.transcoding.enabled = true
65e6e260 419 await server.configCommand.updateCustomSubConfig({ newConfig: config })
5600def4
C		 420 }
421
422 {
423 const videoAttributes = {
424 name: 'super user video 2',
425 fixture: 'video_short.webm'
426 }
427 await uploadVideo(server.url, accessTokenUser, videoAttributes)
428
429 await waitJobs([ server ])
430 }
431
432 {
433 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
434 const data = res.body
435
436 expect(data.videoQuotaUsed).to.be.greaterThan(220000)
437 }
438 })
0e1dc3e7
C		 439 })
440
1eddc9a7 441 describe('Users listing', function () {
0e1dc3e7 442
1eddc9a7
C		 443 it('Should list all the users', async function () {
444 const res = await getUsersList(server.url, server.accessToken)
445 const result = res.body
446 const total = result.total
447 const users = result.data
afffe988 448
1eddc9a7
C		 449 expect(total).to.equal(2)
450 expect(users).to.be.an('array')
451 expect(users.length).to.equal(2)
0e1dc3e7 452
a1587156 453 const user = users[0]
1eddc9a7
C		 454 expect(user.username).to.equal('user_1')
455 expect(user.email).to.equal('user_1@example.com')
456 expect(user.nsfwPolicy).to.equal('display')
0e1dc3e7 457
a1587156 458 const rootUser = users[1]
1eddc9a7 459 expect(rootUser.username).to.equal('root')
48f07b4a 460 expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
1eddc9a7 461 expect(user.nsfwPolicy).to.equal('display')
afffe988 462
3cc665f4
C		 463 expect(rootUser.lastLoginDate).to.exist
464 expect(user.lastLoginDate).to.exist
465
1eddc9a7
C		 466 userId = user.id
467 })
0e1dc3e7 468
1eddc9a7
C		 469 it('Should list only the first user by username asc', async function () {
470 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
0e1dc3e7 471
1eddc9a7
C		 472 const result = res.body
473 const total = result.total
474 const users = result.data
a7ba16b6 475
1eddc9a7
C		 476 expect(total).to.equal(2)
477 expect(users.length).to.equal(1)
afffe988 478
a1587156 479 const user = users[0]
1eddc9a7 480 expect(user.username).to.equal('root')
48f07b4a 481 expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
1eddc9a7
C		 482 expect(user.roleLabel).to.equal('Administrator')
483 expect(user.nsfwPolicy).to.equal('display')
484 })
0e1dc3e7 485
1eddc9a7
C		 486 it('Should list only the first user by username desc', async function () {
487 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
488 const result = res.body
489 const total = result.total
490 const users = result.data
24b9417c 491
1eddc9a7
C		 492 expect(total).to.equal(2)
493 expect(users.length).to.equal(1)
24b9417c 494
a1587156 495 const user = users[0]
1eddc9a7
C		 496 expect(user.username).to.equal('user_1')
497 expect(user.email).to.equal('user_1@example.com')
498 expect(user.nsfwPolicy).to.equal('display')
499 })
24b9417c 500
1eddc9a7
C		 501 it('Should list only the second user by createdAt desc', async function () {
502 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
503 const result = res.body
504 const total = result.total
505 const users = result.data
24b9417c 506
1eddc9a7 507 expect(total).to.equal(2)
24b9417c
C		 508 expect(users.length).to.equal(1)
509
a1587156 510 const user = users[0]
1eddc9a7
C		 511 expect(user.username).to.equal('user_1')
512 expect(user.email).to.equal('user_1@example.com')
513 expect(user.nsfwPolicy).to.equal('display')
514 })
24b9417c 515
1eddc9a7
C		 516 it('Should list all the users by createdAt asc', async function () {
517 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
518 const result = res.body
519 const total = result.total
520 const users = result.data
24b9417c 521
1eddc9a7 522 expect(total).to.equal(2)
24b9417c
C		 523 expect(users.length).to.equal(2)
524
a1587156
C		 525 expect(users[0].username).to.equal('root')
526 expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
527 expect(users[0].nsfwPolicy).to.equal('display')
24b9417c 528
a1587156
C		 529 expect(users[1].username).to.equal('user_1')
530 expect(users[1].email).to.equal('user_1@example.com')
531 expect(users[1].nsfwPolicy).to.equal('display')
11ba2ab3 532 })
0e1dc3e7 533
1eddc9a7
C		 534 it('Should search user by username', async function () {
535 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
536 const users = res.body.data as User[]
537
538 expect(res.body.total).to.equal(1)
539 expect(users.length).to.equal(1)
0e1dc3e7 540
a1587156 541 expect(users[0].username).to.equal('root')
11ba2ab3 542 })
0e1dc3e7 543
1eddc9a7
C		 544 it('Should search user by email', async function () {
545 {
546 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
547 const users = res.body.data as User[]
0e1dc3e7 548
1eddc9a7
C		 549 expect(res.body.total).to.equal(1)
550 expect(users.length).to.equal(1)
5c98d3bf 551
a1587156
C		 552 expect(users[0].username).to.equal('user_1')
553 expect(users[0].email).to.equal('user_1@example.com')
1eddc9a7 554 }
7efe153b 555
1eddc9a7
C		 556 {
557 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
558 const users = res.body.data as User[]
7efe153b 559
1eddc9a7
C		 560 expect(res.body.total).to.equal(2)
561 expect(users.length).to.equal(2)
7efe153b 562
a1587156
C		 563 expect(users[0].username).to.equal('root')
564 expect(users[1].username).to.equal('user_1')
1eddc9a7 565 }
11ba2ab3 566 })
5c98d3bf
C		 567 })
568
1eddc9a7
C		 569 describe('Update my account', function () {
570 it('Should update my password', async function () {
571 await updateMyUser({
572 url: server.url,
573 accessToken: accessTokenUser,
574 currentPassword: 'super password',
43d0ea7f 575 password: 'new password'
1eddc9a7
C		 576 })
577 user.password = 'new password'
c5911fd3 578
2d53be02 579 await userLogin(server, user, HttpStatusCode.OK_200)
c5911fd3
C		 580 })
581
1eddc9a7
C		 582 it('Should be able to change the NSFW display attribute', async function () {
583 await updateMyUser({
584 url: server.url,
585 accessToken: accessTokenUser,
586 nsfwPolicy: 'do_not_list'
587 })
588
589 const res = await getMyUserInformation(server.url, accessTokenUser)
590 const user = res.body
591
592 expect(user.username).to.equal('user_1')
593 expect(user.email).to.equal('user_1@example.com')
594 expect(user.nsfwPolicy).to.equal('do_not_list')
595 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
596 expect(user.id).to.be.a('number')
597 expect(user.account.displayName).to.equal('user_1')
598 expect(user.account.description).to.be.null
599 })
c5911fd3 600
1eddc9a7
C		 601 it('Should be able to change the autoPlayVideo attribute', async function () {
602 await updateMyUser({
603 url: server.url,
604 accessToken: accessTokenUser,
605 autoPlayVideo: false
606 })
c5911fd3 607
1eddc9a7
C		 608 const res = await getMyUserInformation(server.url, accessTokenUser)
609 const user = res.body
610
611 expect(user.autoPlayVideo).to.be.false
ed56ad11
C		 612 })
613
6aa54148
L		 614 it('Should be able to change the autoPlayNextVideo attribute', async function () {
615 await updateMyUser({
616 url: server.url,
617 accessToken: accessTokenUser,
618 autoPlayNextVideo: true
619 })
620
621 const res = await getMyUserInformation(server.url, accessTokenUser)
622 const user = res.body
623
624 expect(user.autoPlayNextVideo).to.be.true
625 })
626
675a8fc7 627 it('Should be able to change the email attribute', async function () {
1eddc9a7
C		 628 await updateMyUser({
629 url: server.url,
630 accessToken: accessTokenUser,
675a8fc7 631 currentPassword: 'new password',
1eddc9a7
C		 632 email: 'updated@example.com'
633 })
634
635 const res = await getMyUserInformation(server.url, accessTokenUser)
636 const user = res.body
637
638 expect(user.username).to.equal('user_1')
639 expect(user.email).to.equal('updated@example.com')
640 expect(user.nsfwPolicy).to.equal('do_not_list')
641 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
642 expect(user.id).to.be.a('number')
643 expect(user.account.displayName).to.equal('user_1')
644 expect(user.account.description).to.be.null
645 })
ed56ad11 646
f619de0e
C		 647 it('Should be able to update my avatar with a gif', async function () {
648 const fixture = 'avatar.gif'
ed56ad11 649
1eddc9a7
C		 650 await updateMyAvatar({
651 url: server.url,
652 accessToken: accessTokenUser,
653 fixture
654 })
2422c46b 655
1eddc9a7
C		 656 const res = await getMyUserInformation(server.url, accessTokenUser)
657 const user = res.body
2422c46b 658
f619de0e
C		 659 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
660 })
661
662 it('Should be able to update my avatar with a gif, and then a png', async function () {
663 for (const extension of [ '.png', '.gif' ]) {
664 const fixture = 'avatar' + extension
665
666 await updateMyAvatar({
667 url: server.url,
668 accessToken: accessTokenUser,
669 fixture
670 })
671
672 const res = await getMyUserInformation(server.url, accessTokenUser)
673 const user = res.body
674
675 await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
676 }
1eddc9a7
C		 677 })
678
679 it('Should be able to update my display name', async function () {
680 await updateMyUser({
681 url: server.url,
682 accessToken: accessTokenUser,
683 displayName: 'new display name'
684 })
685
686 const res = await getMyUserInformation(server.url, accessTokenUser)
687 const user = res.body
688
689 expect(user.username).to.equal('user_1')
690 expect(user.email).to.equal('updated@example.com')
691 expect(user.nsfwPolicy).to.equal('do_not_list')
692 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
693 expect(user.id).to.be.a('number')
694 expect(user.account.displayName).to.equal('new display name')
695 expect(user.account.description).to.be.null
696 })
2422c46b 697
1eddc9a7
C		 698 it('Should be able to update my description', async function () {
699 await updateMyUser({
700 url: server.url,
701 accessToken: accessTokenUser,
702 description: 'my super description updated'
703 })
704
705 const res = await getMyUserInformation(server.url, accessTokenUser)
43d0ea7f 706 const user: User = res.body
1eddc9a7
C		 707
708 expect(user.username).to.equal('user_1')
709 expect(user.email).to.equal('updated@example.com')
710 expect(user.nsfwPolicy).to.equal('do_not_list')
711 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
712 expect(user.id).to.be.a('number')
713 expect(user.account.displayName).to.equal('new display name')
714 expect(user.account.description).to.equal('my super description updated')
43d0ea7f
C		 715 expect(user.noWelcomeModal).to.be.false
716 expect(user.noInstanceConfigWarningModal).to.be.false
1eddc9a7 717 })
9b474844
C		 718
719 it('Should be able to update my theme', async function () {
720 for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
721 await updateMyUser({
722 url: server.url,
723 accessToken: accessTokenUser,
724 theme
725 })
726
727 const res = await getMyUserInformation(server.url, accessTokenUser)
728 const body: User = res.body
729
730 expect(body.theme).to.equal(theme)
731 }
732 })
43d0ea7f
C		 733
734 it('Should be able to update my modal preferences', async function () {
735 await updateMyUser({
736 url: server.url,
737 accessToken: accessTokenUser,
738 noInstanceConfigWarningModal: true,
739 noWelcomeModal: true
740 })
741
742 const res = await getMyUserInformation(server.url, accessTokenUser)
743 const user: User = res.body
744
745 expect(user.noWelcomeModal).to.be.true
746 expect(user.noInstanceConfigWarningModal).to.be.true
747 })
0e1dc3e7
C		 748 })
749
1eddc9a7 750 describe('Updating another user', function () {
1eddc9a7
C		 751 it('Should be able to update another user', async function () {
752 await updateUser({
753 url: server.url,
754 userId,
755 accessToken,
756 email: 'updated2@example.com',
757 emailVerified: true,
758 videoQuota: 42,
759 role: UserRole.MODERATOR,
6d989edc
C		 760 adminFlags: UserAdminFlag.NONE,
761 pluginAuth: 'toto'
1eddc9a7
C		 762 })
763
764 const res = await getUserInformation(server.url, accessToken, userId)
6d989edc 765 const user = res.body as User
1eddc9a7
C		 766
767 expect(user.username).to.equal('user_1')
768 expect(user.email).to.equal('updated2@example.com')
769 expect(user.emailVerified).to.be.true
770 expect(user.nsfwPolicy).to.equal('do_not_list')
771 expect(user.videoQuota).to.equal(42)
772 expect(user.roleLabel).to.equal('Moderator')
773 expect(user.id).to.be.a('number')
774 expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
6d989edc
C		 775 expect(user.pluginAuth).to.equal('toto')
776 })
777
778 it('Should reset the auth plugin', async function () {
779 await updateUser({ url: server.url, userId, accessToken, pluginAuth: null })
780
781 const res = await getUserInformation(server.url, accessToken, userId)
782 const user = res.body as User
783 expect(user.pluginAuth).to.be.null
1eddc9a7 784 })
f8b8c36b 785
1eddc9a7 786 it('Should have removed the user token', async function () {
2d53be02 787 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
f8b8c36b 788
1eddc9a7 789 accessTokenUser = await userLogin(server, user)
b426edd4
C		 790 })
791
1eddc9a7
C		 792 it('Should be able to update another user password', async function () {
793 await updateUser({
794 url: server.url,
795 userId,
796 accessToken,
797 password: 'password updated'
798 })
b426edd4 799
2d53be02 800 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
b426edd4 801
2d53be02 802 await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
b426edd4 803
1eddc9a7
C		 804 user.password = 'password updated'
805 accessTokenUser = await userLogin(server, user)
806 })
757f0da3
C		 807 })
808
1eddc9a7
C		 809 describe('Video blacklists', function () {
810 it('Should be able to list video blacklist by a moderator', async function () {
811 await getBlacklistedVideosList({ url: server.url, token: accessTokenUser })
812 })
0e1dc3e7
C		 813 })
814
1eddc9a7
C		 815 describe('Remove a user', function () {
816 it('Should be able to remove this user', async function () {
817 await removeUser(server.url, userId, accessToken)
818 })
0e1dc3e7 819
1eddc9a7 820 it('Should not be able to login with this user', async function () {
2d53be02 821 await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
1eddc9a7 822 })
0e1dc3e7 823
1eddc9a7
C		 824 it('Should not have videos of this user', async function () {
825 const res = await getVideosList(server.url)
0e1dc3e7 826
1eddc9a7 827 expect(res.body.total).to.equal(1)
0e1dc3e7 828
a1587156 829 const video = res.body.data[0]
1eddc9a7
C		 830 expect(video.account.name).to.equal('root')
831 })
0e1dc3e7
C		 832 })
833
1eddc9a7 834 describe('Registering a new user', function () {
76314386
RK		 835 let user15AccessToken
836
1eddc9a7 837 it('Should register a new user', async function () {
1f20622f 838 const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
e590b4a5
C		 839 const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
840
841 await registerUserWithChannel({ url: server.url, user, channel })
1eddc9a7 842 })
0e1dc3e7 843
1eddc9a7
C		 844 it('Should be able to login with this registered user', async function () {
845 const user15 = {
846 username: 'user_15',
847 password: 'my super password'
848 }
5c98d3bf 849
76314386 850 user15AccessToken = await userLogin(server, user15)
1eddc9a7 851 })
5c98d3bf 852
1f20622f 853 it('Should have the correct display name', async function () {
76314386 854 const res = await getMyUserInformation(server.url, user15AccessToken)
1f20622f
C		 855 const user: User = res.body
856
857 expect(user.account.displayName).to.equal('super user 15')
858 })
859
1eddc9a7 860 it('Should have the correct video quota', async function () {
76314386 861 const res = await getMyUserInformation(server.url, user15AccessToken)
1eddc9a7 862 const user = res.body
0e1dc3e7 863
1eddc9a7
C		 864 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
865 })
92b9d60c 866
e590b4a5
C		 867 it('Should have created the channel', async function () {
868 const res = await getVideoChannel(server.url, 'my_user_15_channel')
869
870 expect(res.body.displayName).to.equal('my channel rocks')
871 })
872
1eddc9a7
C		 873 it('Should remove me', async function () {
874 {
875 const res = await getUsersList(server.url, server.accessToken)
876 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
877 }
92b9d60c 878
76314386 879 await deleteMe(server.url, user15AccessToken)
1eddc9a7
C		 880
881 {
882 const res = await getUsersList(server.url, server.accessToken)
883 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
884 }
885 })
92b9d60c
C		 886 })
887
1eddc9a7 888 describe('User blocking', function () {
76314386
RK		 889 let user16Id
890 let user16AccessToken
8491293b
RK		 891 const user16 = {
892 username: 'user_16',
893 password: 'my super password'
894 }
76314386 895
8491293b 896 it('Should block a user', async function () {
1eddc9a7
C		 897 const resUser = await createUser({
898 url: server.url,
899 accessToken: server.accessToken,
900 username: user16.username,
901 password: user16.password
902 })
76314386 903 user16Id = resUser.body.user.id
e6921918 904
76314386 905 user16AccessToken = await userLogin(server, user16)
e6921918 906
2d53be02 907 await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
1eddc9a7 908 await blockUser(server.url, user16Id, server.accessToken)
e6921918 909
2d53be02
RK		 910 await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.UNAUTHORIZED_401)
911 await userLogin(server, user16, HttpStatusCode.BAD_REQUEST_400)
8491293b
RK		 912 })
913
914 it('Should search user by banned status', async function () {
915 {
916 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, true)
917 const users = res.body.data as User[]
918
919 expect(res.body.total).to.equal(1)
920 expect(users.length).to.equal(1)
921
922 expect(users[0].username).to.equal(user16.username)
923 }
924
925 {
926 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, false)
927 const users = res.body.data as User[]
928
929 expect(res.body.total).to.equal(1)
930 expect(users.length).to.equal(1)
931
932 expect(users[0].username).to.not.equal(user16.username)
933 }
934 })
e6921918 935
8491293b 936 it('Should unblock a user', async function () {
1eddc9a7 937 await unblockUser(server.url, user16Id, server.accessToken)
76314386 938 user16AccessToken = await userLogin(server, user16)
2d53be02 939 await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
76314386
RK		 940 })
941 })
942
943 describe('User stats', function () {
944 let user17Id
945 let user17AccessToken
946
947 it('Should report correct initial statistics about a user', async function () {
948 const user17 = {
949 username: 'user_17',
950 password: 'my super password'
951 }
952 const resUser = await createUser({
953 url: server.url,
954 accessToken: server.accessToken,
955 username: user17.username,
956 password: user17.password
957 })
958
959 user17Id = resUser.body.user.id
960 user17AccessToken = await userLogin(server, user17)
961
962 const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
963 const user: User = res.body
964
965 expect(user.videosCount).to.equal(0)
966 expect(user.videoCommentsCount).to.equal(0)
4f32032f
C		 967 expect(user.abusesCount).to.equal(0)
968 expect(user.abusesCreatedCount).to.equal(0)
969 expect(user.abusesAcceptedCount).to.equal(0)
76314386
RK		 970 })
971
972 it('Should report correct videos count', async function () {
973 const videoAttributes = {
974 name: 'video to test user stats'
975 }
976 await uploadVideo(server.url, user17AccessToken, videoAttributes)
977 const res1 = await getVideosList(server.url)
978 videoId = res1.body.data.find(video => video.name === videoAttributes.name).id
979
980 const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
981 const user: User = res2.body
982
983 expect(user.videosCount).to.equal(1)
984 })
985
986 it('Should report correct video comments for user', async function () {
987 const text = 'super comment'
988 await addVideoCommentThread(server.url, user17AccessToken, videoId, text)
989
990 const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
991 const user: User = res.body
992
993 expect(user.videoCommentsCount).to.equal(1)
994 })
995
4f32032f 996 it('Should report correct abuses counts', async function () {
76314386 997 const reason = 'my super bad reason'
0c1a77e9 998 await server.abusesCommand.report({ token: user17AccessToken, videoId, reason })
76314386 999
0c1a77e9
C		 1000 const body1 = await server.abusesCommand.getAdminList()
1001 const abuseId = body1.data[0].id
76314386
RK		 1002
1003 const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1004 const user2: User = res2.body
1005
4f32032f
C		 1006 expect(user2.abusesCount).to.equal(1) // number of incriminations
1007 expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
76314386 1008
0c1a77e9 1009 await server.abusesCommand.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
76314386
RK		 1010
1011 const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1012 const user3: User = res3.body
1013
4f32032f 1014 expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
1eddc9a7 1015 })
e6921918
C		 1016 })
1017
7c3b7976 1018 after(async function () {
f43db2f4 1019 await closeAllSequelize([ server ])
7c3b7976 1020 await cleanupTests([ server ])
0e1dc3e7
C		 1021 })
1022})
ActivityPub-federated video streaming platform using P2P directly in your web browser