]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blame - server/tests/api/users/users.ts
projects / github / Chocobozzz / PeerTube.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Introduce blacklist command
[github/Chocobozzz/PeerTube.git] / server / tests / api / users / users.ts
CommitLineData
a1587156 1/* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
86d13ec2 2
afffe988 3import 'mocha'
4f32032f 4import * as chai from 'chai'
0c1a77e9 5import { HttpStatusCode } from '@shared/core-utils'
0e1dc3e7 6import {
e1c55031 7 addVideoCommentThread,
a890d1e0 8 blockUser,
7c3b7976 9 cleanupTests,
f43db2f4 10 closeAllSequelize,
a890d1e0
C		 11 createUser,
12 deleteMe,
7c3b7976 13 flushAndRunServer,
a890d1e0
C		 14 getMyUserInformation,
15 getMyUserVideoQuotaUsed,
16 getMyUserVideoRating,
0c1a77e9 17 getMyVideos,
a890d1e0
C		 18 getUserInformation,
19 getUsersList,
20 getUsersListPaginationAndSort,
1f20622f 21 getVideoChannel,
a1587156 22 getVideosList,
f43db2f4 23 killallServers,
a890d1e0 24 login,
0c1a77e9 25 logout,
a890d1e0
C		 26 makePutBodyRequest,
27 rateVideo,
0c1a77e9 28 refreshToken,
1f20622f 29 registerUserWithChannel,
a890d1e0
C		 30 removeUser,
31 removeVideo,
f43db2f4 32 reRunServer,
a890d1e0 33 ServerInfo,
0c1a77e9 34 setAccessTokensToServers,
f43db2f4 35 setTokenField,
a890d1e0
C		 36 testImage,
37 unblockUser,
38 updateMyAvatar,
39 updateMyUser,
40 updateUser,
41 uploadVideo,
76314386 42 userLogin,
e1c55031 43 waitJobs
0c1a77e9 44} from '@shared/extra-utils'
65e6e260 45import { AbuseState, MyUser, OAuth2ErrorCode, User, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models'
0e1dc3e7 46
afffe988
C		 47const expect = chai.expect
48
0e1dc3e7
C		 49describe('Test users', function () {
50 let server: ServerInfo
51 let accessToken: string
52 let accessTokenUser: string
53 let videoId: number
54 let userId: number
f8b8c36b
C		 55 const user = {
56 username: 'user_1',
57 password: 'super password'
58 }
0e1dc3e7
C		 59
60 before(async function () {
e212f887 61 this.timeout(30000)
e1c55031
C		 62
63 server = await flushAndRunServer(1, {
64 rates_limit: {
65 login: {
66 max: 30
67 }
68 }
69 })
86d13ec2
C		 70
71 await setAccessTokensToServers([ server ])
9b474844 72
ae2abfd3 73 await server.pluginsCommand.install({ npmName: 'peertube-theme-background-red' })
0e1dc3e7
C		 74 })
75
1eddc9a7
C		 76 describe('OAuth client', function () {
77 it('Should create a new client')
0e1dc3e7 78
1eddc9a7 79 it('Should return the first client')
0e1dc3e7 80
1eddc9a7 81 it('Should remove the last client')
0e1dc3e7 82
1eddc9a7
C		 83 it('Should not login with an invalid client id', async function () {
84 const client = { id: 'client', secret: server.client.secret }
2d53be02 85 const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
0e1dc3e7 86
81628e50 87 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
3866ea02
RK		 88 expect(res.body.error).to.contain('client is invalid')
89 expect(res.body.type.startsWith('https://')).to.be.true
81628e50 90 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
1eddc9a7 91 })
0e1dc3e7 92
1eddc9a7
C		 93 it('Should not login with an invalid client secret', async function () {
94 const client = { id: server.client.id, secret: 'coucou' }
2d53be02 95 const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400)
0e1dc3e7 96
81628e50 97 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT)
3866ea02
RK		 98 expect(res.body.error).to.contain('client is invalid')
99 expect(res.body.type.startsWith('https://')).to.be.true
81628e50 100 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT)
1eddc9a7 101 })
0e1dc3e7
C		 102 })
103
1eddc9a7 104 describe('Login', function () {
0e1dc3e7 105
1eddc9a7
C		 106 it('Should not login with an invalid username', async function () {
107 const user = { username: 'captain crochet', password: server.user.password }
2d53be02 108 const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
0e1dc3e7 109
81628e50 110 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
3866ea02
RK		 111 expect(res.body.error).to.contain('credentials are invalid')
112 expect(res.body.type.startsWith('https://')).to.be.true
81628e50 113 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
1eddc9a7 114 })
0e1dc3e7 115
1eddc9a7
C		 116 it('Should not login with an invalid password', async function () {
117 const user = { username: server.user.username, password: 'mew_three' }
2d53be02 118 const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400)
0e1dc3e7 119
81628e50 120 expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT)
3866ea02
RK		 121 expect(res.body.error).to.contain('credentials are invalid')
122 expect(res.body.type.startsWith('https://')).to.be.true
81628e50 123 expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT)
1eddc9a7 124 })
0e1dc3e7 125
1eddc9a7
C		 126 it('Should not be able to upload a video', async function () {
127 accessToken = 'my_super_token'
0e1dc3e7 128
1eddc9a7 129 const videoAttributes = {}
2d53be02 130 await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401)
1eddc9a7 131 })
0e1dc3e7 132
1eddc9a7
C		 133 it('Should not be able to follow', async function () {
134 accessToken = 'my_super_token'
c3d29f69
C		 135
136 await server.followsCommand.follow({
137 targets: [ 'http://example.com' ],
138 token: accessToken,
139 expectedStatus: HttpStatusCode.UNAUTHORIZED_401
140 })
1eddc9a7 141 })
0e1dc3e7 142
1eddc9a7 143 it('Should not be able to unfollow')
0e1dc3e7 144
1eddc9a7 145 it('Should be able to login', async function () {
2d53be02 146 const res = await login(server.url, server.client, server.user, HttpStatusCode.OK_200)
0e1dc3e7 147
1eddc9a7
C		 148 accessToken = res.body.access_token
149 })
50b4dcce
NB		 150
151 it('Should be able to login with an insensitive username', async function () {
152 const user = { username: 'RoOt', password: server.user.password }
2d53be02 153 await login(server.url, server.client, user, HttpStatusCode.OK_200)
50b4dcce
NB		 154
155 const user2 = { username: 'rOoT', password: server.user.password }
2d53be02 156 await login(server.url, server.client, user2, HttpStatusCode.OK_200)
50b4dcce
NB		 157
158 const user3 = { username: 'ROOt', password: server.user.password }
2d53be02 159 await login(server.url, server.client, user3, HttpStatusCode.OK_200)
50b4dcce 160 })
0e1dc3e7
C		 161 })
162
1eddc9a7 163 describe('Upload', function () {
0e1dc3e7 164
1eddc9a7
C		 165 it('Should upload the video with the correct token', async function () {
166 const videoAttributes = {}
167 await uploadVideo(server.url, accessToken, videoAttributes)
168 const res = await getVideosList(server.url)
a1587156 169 const video = res.body.data[0]
0e1dc3e7 170
1eddc9a7
C		 171 expect(video.account.name).to.equal('root')
172 videoId = video.id
173 })
174
175 it('Should upload the video again with the correct token', async function () {
176 const videoAttributes = {}
177 await uploadVideo(server.url, accessToken, videoAttributes)
178 })
0e1dc3e7
C		 179 })
180
1eddc9a7 181 describe('Ratings', function () {
22834691 182
1eddc9a7
C		 183 it('Should retrieve a video rating', async function () {
184 await rateVideo(server.url, accessToken, videoId, 'like')
185 const res = await getMyUserVideoRating(server.url, accessToken, videoId)
186 const rating = res.body
c100a614 187
1eddc9a7
C		 188 expect(rating.videoId).to.equal(videoId)
189 expect(rating.rating).to.equal('like')
190 })
c100a614 191
1eddc9a7
C		 192 it('Should retrieve ratings list', async function () {
193 await rateVideo(server.url, accessToken, videoId, 'like')
22834691 194
9fff08cf 195 const body = await server.accountsCommand.listRatings({ accountName: server.user.username })
0e1dc3e7 196
9fff08cf
C		 197 expect(body.total).to.equal(1)
198 expect(body.data[0].video.id).to.equal(videoId)
199 expect(body.data[0].rating).to.equal('like')
1eddc9a7 200 })
0e1dc3e7 201
1eddc9a7
C		 202 it('Should retrieve ratings list by rating type', async function () {
203 {
9fff08cf
C		 204 const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'like' })
205 expect(body.data.length).to.equal(1)
1eddc9a7
C		 206 }
207
208 {
9fff08cf
C		 209 const body = await server.accountsCommand.listRatings({ accountName: server.user.username, rating: 'dislike' })
210 expect(body.data.length).to.equal(0)
1eddc9a7
C		 211 }
212 })
0e1dc3e7
C		 213 })
214
1eddc9a7
C		 215 describe('Remove video', function () {
216 it('Should not be able to remove the video with an incorrect token', async function () {
2d53be02 217 await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401)
1eddc9a7 218 })
0e1dc3e7 219
1eddc9a7 220 it('Should not be able to remove the video with the token of another account')
0e1dc3e7 221
1eddc9a7
C		 222 it('Should be able to remove the video with the correct token', async function () {
223 await removeVideo(server.url, accessToken, videoId)
224 })
0e1dc3e7
C		 225 })
226
1eddc9a7 227 describe('Logout', function () {
7fed6375
C		 228 it('Should logout (revoke token)', async function () {
229 await logout(server.url, server.accessToken)
230 })
0e1dc3e7 231
7fed6375 232 it('Should not be able to get the user information', async function () {
2d53be02 233 await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401)
7fed6375 234 })
0e1dc3e7 235
7fed6375 236 it('Should not be able to upload a video', async function () {
2d53be02 237 await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401)
7fed6375 238 })
0e1dc3e7 239
1eddc9a7
C		 240 it('Should not be able to rate a video', async function () {
241 const path = '/api/v1/videos/'
242 const data = {
243 rating: 'likes'
244 }
0e1dc3e7 245
1eddc9a7
C		 246 const options = {
247 url: server.url,
248 path: path + videoId,
249 token: 'wrong token',
250 fields: data,
2d53be02 251 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
1eddc9a7
C		 252 }
253 await makePutBodyRequest(options)
254 })
0e1dc3e7 255
e1c55031 256 it('Should be able to login again', async function () {
f43db2f4
C		 257 const res = await login(server.url, server.client, server.user)
258 server.accessToken = res.body.access_token
259 server.refreshToken = res.body.refresh_token
260 })
261
262 it('Should be able to get my user information again', async function () {
263 await getMyUserInformation(server.url, server.accessToken)
264 })
265
266 it('Should have an expired access token', async function () {
267 this.timeout(15000)
268
269 await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString())
270 await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString())
271
272 killallServers([ server ])
273 await reRunServer(server)
274
275 await getMyUserInformation(server.url, server.accessToken, 401)
276 })
277
278 it('Should not be able to refresh an access token with an expired refresh token', async function () {
279 await refreshToken(server, server.refreshToken, 400)
e1c55031 280 })
0e1dc3e7 281
f43db2f4
C		 282 it('Should refresh the token', async function () {
283 this.timeout(15000)
284
285 const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString()
286 await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate)
0e1dc3e7 287
f43db2f4
C		 288 killallServers([ server ])
289 await reRunServer(server)
290
291 const res = await refreshToken(server, server.refreshToken)
292 server.accessToken = res.body.access_token
293 server.refreshToken = res.body.refresh_token
294 })
1eddc9a7 295
e1c55031
C		 296 it('Should be able to get my user information again', async function () {
297 await getMyUserInformation(server.url, server.accessToken)
298 })
0e1dc3e7
C		 299 })
300
1eddc9a7 301 describe('Creating a user', function () {
ce5496d6 302
1eddc9a7
C		 303 it('Should be able to create a new user', async function () {
304 await createUser({
305 url: server.url,
306 accessToken: accessToken,
307 username: user.username,
308 password: user.password,
309 videoQuota: 2 * 1024 * 1024,
3487330d 310 adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
1eddc9a7
C		 311 })
312 })
a76138ff 313
1eddc9a7
C		 314 it('Should be able to login with this user', async function () {
315 accessTokenUser = await userLogin(server, user)
316 })
a76138ff 317
1eddc9a7
C		 318 it('Should be able to get user information', async function () {
319 const res1 = await getMyUserInformation(server.url, accessTokenUser)
ac0868bc 320 const userMe: MyUser = res1.body
1eddc9a7 321
76314386 322 const res2 = await getUserInformation(server.url, server.accessToken, userMe.id, true)
1eddc9a7
C		 323 const userGet: User = res2.body
324
325 for (const user of [ userMe, userGet ]) {
326 expect(user.username).to.equal('user_1')
327 expect(user.email).to.equal('user_1@example.com')
328 expect(user.nsfwPolicy).to.equal('display')
329 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
330 expect(user.roleLabel).to.equal('User')
331 expect(user.id).to.be.a('number')
332 expect(user.account.displayName).to.equal('user_1')
333 expect(user.account.description).to.be.null
334 }
335
336 expect(userMe.adminFlags).to.be.undefined
3487330d 337 expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST)
29128b2f
RK		 338
339 expect(userMe.specialPlaylists).to.have.lengthOf(1)
ac0868bc 340 expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER)
76314386
RK		 341
342 // Check stats are included with withStats
343 expect(userGet.videosCount).to.be.a('number')
344 expect(userGet.videosCount).to.equal(0)
345 expect(userGet.videoCommentsCount).to.be.a('number')
346 expect(userGet.videoCommentsCount).to.equal(0)
4f32032f
C		 347 expect(userGet.abusesCount).to.be.a('number')
348 expect(userGet.abusesCount).to.equal(0)
349 expect(userGet.abusesAcceptedCount).to.be.a('number')
350 expect(userGet.abusesAcceptedCount).to.equal(0)
1eddc9a7 351 })
ce5496d6
C		 352 })
353
1eddc9a7 354 describe('My videos & quotas', function () {
11474c3c 355
1eddc9a7 356 it('Should be able to upload a video with this user', async function () {
5600def4 357 this.timeout(10000)
0e1dc3e7 358
1eddc9a7
C		 359 const videoAttributes = {
360 name: 'super user video',
361 fixture: 'video_short.webm'
362 }
363 await uploadVideo(server.url, accessTokenUser, videoAttributes)
364 })
afffe988 365
1eddc9a7
C		 366 it('Should have video quota updated', async function () {
367 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
368 const data = res.body
0e1dc3e7 369
1eddc9a7 370 expect(data.videoQuotaUsed).to.equal(218910)
0e1dc3e7 371
1eddc9a7 372 const resUsers = await getUsersList(server.url, server.accessToken)
0e1dc3e7 373
1eddc9a7
C		 374 const users: User[] = resUsers.body.data
375 const tmpUser = users.find(u => u.username === user.username)
376 expect(tmpUser.videoQuotaUsed).to.equal(218910)
377 })
0e1dc3e7 378
1eddc9a7
C		 379 it('Should be able to list my videos', async function () {
380 const res = await getMyVideos(server.url, accessTokenUser, 0, 5)
381 expect(res.body.total).to.equal(1)
0e1dc3e7 382
1eddc9a7
C		 383 const videos = res.body.data
384 expect(videos).to.have.lengthOf(1)
afffe988 385
a1587156 386 const video: Video = videos[0]
a18f275d
C		 387 expect(video.name).to.equal('super user video')
388 expect(video.thumbnailPath).to.not.be.null
389 expect(video.previewPath).to.not.be.null
1eddc9a7 390 })
cca1e13b
C		 391
392 it('Should be able to search in my videos', async function () {
393 {
394 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video')
395 expect(res.body.total).to.equal(1)
396
397 const videos = res.body.data
398 expect(videos).to.have.lengthOf(1)
399 }
400
401 {
402 const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto')
403 expect(res.body.total).to.equal(0)
404
405 const videos = res.body.data
406 expect(videos).to.have.lengthOf(0)
407 }
408 })
5600def4
C		 409
410 it('Should disable webtorrent, enable HLS, and update my quota', async function () {
411 this.timeout(60000)
412
413 {
65e6e260 414 const config = await server.configCommand.getCustomConfig()
5600def4
C		 415 config.transcoding.webtorrent.enabled = false
416 config.transcoding.hls.enabled = true
417 config.transcoding.enabled = true
65e6e260 418 await server.configCommand.updateCustomSubConfig({ newConfig: config })
5600def4
C		 419 }
420
421 {
422 const videoAttributes = {
423 name: 'super user video 2',
424 fixture: 'video_short.webm'
425 }
426 await uploadVideo(server.url, accessTokenUser, videoAttributes)
427
428 await waitJobs([ server ])
429 }
430
431 {
432 const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser)
433 const data = res.body
434
435 expect(data.videoQuotaUsed).to.be.greaterThan(220000)
436 }
437 })
0e1dc3e7
C		 438 })
439
1eddc9a7 440 describe('Users listing', function () {
0e1dc3e7 441
1eddc9a7
C		 442 it('Should list all the users', async function () {
443 const res = await getUsersList(server.url, server.accessToken)
444 const result = res.body
445 const total = result.total
446 const users = result.data
afffe988 447
1eddc9a7
C		 448 expect(total).to.equal(2)
449 expect(users).to.be.an('array')
450 expect(users.length).to.equal(2)
0e1dc3e7 451
a1587156 452 const user = users[0]
1eddc9a7
C		 453 expect(user.username).to.equal('user_1')
454 expect(user.email).to.equal('user_1@example.com')
455 expect(user.nsfwPolicy).to.equal('display')
0e1dc3e7 456
a1587156 457 const rootUser = users[1]
1eddc9a7 458 expect(rootUser.username).to.equal('root')
48f07b4a 459 expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com')
1eddc9a7 460 expect(user.nsfwPolicy).to.equal('display')
afffe988 461
3cc665f4
C		 462 expect(rootUser.lastLoginDate).to.exist
463 expect(user.lastLoginDate).to.exist
464
1eddc9a7
C		 465 userId = user.id
466 })
0e1dc3e7 467
1eddc9a7
C		 468 it('Should list only the first user by username asc', async function () {
469 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username')
0e1dc3e7 470
1eddc9a7
C		 471 const result = res.body
472 const total = result.total
473 const users = result.data
a7ba16b6 474
1eddc9a7
C		 475 expect(total).to.equal(2)
476 expect(users.length).to.equal(1)
afffe988 477
a1587156 478 const user = users[0]
1eddc9a7 479 expect(user.username).to.equal('root')
48f07b4a 480 expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com')
1eddc9a7
C		 481 expect(user.roleLabel).to.equal('Administrator')
482 expect(user.nsfwPolicy).to.equal('display')
483 })
0e1dc3e7 484
1eddc9a7
C		 485 it('Should list only the first user by username desc', async function () {
486 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username')
487 const result = res.body
488 const total = result.total
489 const users = result.data
24b9417c 490
1eddc9a7
C		 491 expect(total).to.equal(2)
492 expect(users.length).to.equal(1)
24b9417c 493
a1587156 494 const user = users[0]
1eddc9a7
C		 495 expect(user.username).to.equal('user_1')
496 expect(user.email).to.equal('user_1@example.com')
497 expect(user.nsfwPolicy).to.equal('display')
498 })
24b9417c 499
1eddc9a7
C		 500 it('Should list only the second user by createdAt desc', async function () {
501 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt')
502 const result = res.body
503 const total = result.total
504 const users = result.data
24b9417c 505
1eddc9a7 506 expect(total).to.equal(2)
24b9417c
C		 507 expect(users.length).to.equal(1)
508
a1587156 509 const user = users[0]
1eddc9a7
C		 510 expect(user.username).to.equal('user_1')
511 expect(user.email).to.equal('user_1@example.com')
512 expect(user.nsfwPolicy).to.equal('display')
513 })
24b9417c 514
1eddc9a7
C		 515 it('Should list all the users by createdAt asc', async function () {
516 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt')
517 const result = res.body
518 const total = result.total
519 const users = result.data
24b9417c 520
1eddc9a7 521 expect(total).to.equal(2)
24b9417c
C		 522 expect(users.length).to.equal(2)
523
a1587156
C		 524 expect(users[0].username).to.equal('root')
525 expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com')
526 expect(users[0].nsfwPolicy).to.equal('display')
24b9417c 527
a1587156
C		 528 expect(users[1].username).to.equal('user_1')
529 expect(users[1].email).to.equal('user_1@example.com')
530 expect(users[1].nsfwPolicy).to.equal('display')
11ba2ab3 531 })
0e1dc3e7 532
1eddc9a7
C		 533 it('Should search user by username', async function () {
534 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot')
535 const users = res.body.data as User[]
536
537 expect(res.body.total).to.equal(1)
538 expect(users.length).to.equal(1)
0e1dc3e7 539
a1587156 540 expect(users[0].username).to.equal('root')
11ba2ab3 541 })
0e1dc3e7 542
1eddc9a7
C		 543 it('Should search user by email', async function () {
544 {
545 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam')
546 const users = res.body.data as User[]
0e1dc3e7 547
1eddc9a7
C		 548 expect(res.body.total).to.equal(1)
549 expect(users.length).to.equal(1)
5c98d3bf 550
a1587156
C		 551 expect(users[0].username).to.equal('user_1')
552 expect(users[0].email).to.equal('user_1@example.com')
1eddc9a7 553 }
7efe153b 554
1eddc9a7
C		 555 {
556 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example')
557 const users = res.body.data as User[]
7efe153b 558
1eddc9a7
C		 559 expect(res.body.total).to.equal(2)
560 expect(users.length).to.equal(2)
7efe153b 561
a1587156
C		 562 expect(users[0].username).to.equal('root')
563 expect(users[1].username).to.equal('user_1')
1eddc9a7 564 }
11ba2ab3 565 })
5c98d3bf
C		 566 })
567
1eddc9a7
C		 568 describe('Update my account', function () {
569 it('Should update my password', async function () {
570 await updateMyUser({
571 url: server.url,
572 accessToken: accessTokenUser,
573 currentPassword: 'super password',
43d0ea7f 574 password: 'new password'
1eddc9a7
C		 575 })
576 user.password = 'new password'
c5911fd3 577
2d53be02 578 await userLogin(server, user, HttpStatusCode.OK_200)
c5911fd3
C		 579 })
580
1eddc9a7
C		 581 it('Should be able to change the NSFW display attribute', async function () {
582 await updateMyUser({
583 url: server.url,
584 accessToken: accessTokenUser,
585 nsfwPolicy: 'do_not_list'
586 })
587
588 const res = await getMyUserInformation(server.url, accessTokenUser)
589 const user = res.body
590
591 expect(user.username).to.equal('user_1')
592 expect(user.email).to.equal('user_1@example.com')
593 expect(user.nsfwPolicy).to.equal('do_not_list')
594 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
595 expect(user.id).to.be.a('number')
596 expect(user.account.displayName).to.equal('user_1')
597 expect(user.account.description).to.be.null
598 })
c5911fd3 599
1eddc9a7
C		 600 it('Should be able to change the autoPlayVideo attribute', async function () {
601 await updateMyUser({
602 url: server.url,
603 accessToken: accessTokenUser,
604 autoPlayVideo: false
605 })
c5911fd3 606
1eddc9a7
C		 607 const res = await getMyUserInformation(server.url, accessTokenUser)
608 const user = res.body
609
610 expect(user.autoPlayVideo).to.be.false
ed56ad11
C		 611 })
612
6aa54148
L		 613 it('Should be able to change the autoPlayNextVideo attribute', async function () {
614 await updateMyUser({
615 url: server.url,
616 accessToken: accessTokenUser,
617 autoPlayNextVideo: true
618 })
619
620 const res = await getMyUserInformation(server.url, accessTokenUser)
621 const user = res.body
622
623 expect(user.autoPlayNextVideo).to.be.true
624 })
625
675a8fc7 626 it('Should be able to change the email attribute', async function () {
1eddc9a7
C		 627 await updateMyUser({
628 url: server.url,
629 accessToken: accessTokenUser,
675a8fc7 630 currentPassword: 'new password',
1eddc9a7
C		 631 email: 'updated@example.com'
632 })
633
634 const res = await getMyUserInformation(server.url, accessTokenUser)
635 const user = res.body
636
637 expect(user.username).to.equal('user_1')
638 expect(user.email).to.equal('updated@example.com')
639 expect(user.nsfwPolicy).to.equal('do_not_list')
640 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
641 expect(user.id).to.be.a('number')
642 expect(user.account.displayName).to.equal('user_1')
643 expect(user.account.description).to.be.null
644 })
ed56ad11 645
f619de0e
C		 646 it('Should be able to update my avatar with a gif', async function () {
647 const fixture = 'avatar.gif'
ed56ad11 648
1eddc9a7
C		 649 await updateMyAvatar({
650 url: server.url,
651 accessToken: accessTokenUser,
652 fixture
653 })
2422c46b 654
1eddc9a7
C		 655 const res = await getMyUserInformation(server.url, accessTokenUser)
656 const user = res.body
2422c46b 657
f619de0e
C		 658 await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif')
659 })
660
661 it('Should be able to update my avatar with a gif, and then a png', async function () {
662 for (const extension of [ '.png', '.gif' ]) {
663 const fixture = 'avatar' + extension
664
665 await updateMyAvatar({
666 url: server.url,
667 accessToken: accessTokenUser,
668 fixture
669 })
670
671 const res = await getMyUserInformation(server.url, accessTokenUser)
672 const user = res.body
673
674 await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension)
675 }
1eddc9a7
C		 676 })
677
678 it('Should be able to update my display name', async function () {
679 await updateMyUser({
680 url: server.url,
681 accessToken: accessTokenUser,
682 displayName: 'new display name'
683 })
684
685 const res = await getMyUserInformation(server.url, accessTokenUser)
686 const user = res.body
687
688 expect(user.username).to.equal('user_1')
689 expect(user.email).to.equal('updated@example.com')
690 expect(user.nsfwPolicy).to.equal('do_not_list')
691 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
692 expect(user.id).to.be.a('number')
693 expect(user.account.displayName).to.equal('new display name')
694 expect(user.account.description).to.be.null
695 })
2422c46b 696
1eddc9a7
C		 697 it('Should be able to update my description', async function () {
698 await updateMyUser({
699 url: server.url,
700 accessToken: accessTokenUser,
701 description: 'my super description updated'
702 })
703
704 const res = await getMyUserInformation(server.url, accessTokenUser)
43d0ea7f 705 const user: User = res.body
1eddc9a7
C		 706
707 expect(user.username).to.equal('user_1')
708 expect(user.email).to.equal('updated@example.com')
709 expect(user.nsfwPolicy).to.equal('do_not_list')
710 expect(user.videoQuota).to.equal(2 * 1024 * 1024)
711 expect(user.id).to.be.a('number')
712 expect(user.account.displayName).to.equal('new display name')
713 expect(user.account.description).to.equal('my super description updated')
43d0ea7f
C		 714 expect(user.noWelcomeModal).to.be.false
715 expect(user.noInstanceConfigWarningModal).to.be.false
1eddc9a7 716 })
9b474844
C		 717
718 it('Should be able to update my theme', async function () {
719 for (const theme of [ 'background-red', 'default', 'instance-default' ]) {
720 await updateMyUser({
721 url: server.url,
722 accessToken: accessTokenUser,
723 theme
724 })
725
726 const res = await getMyUserInformation(server.url, accessTokenUser)
727 const body: User = res.body
728
729 expect(body.theme).to.equal(theme)
730 }
731 })
43d0ea7f
C		 732
733 it('Should be able to update my modal preferences', async function () {
734 await updateMyUser({
735 url: server.url,
736 accessToken: accessTokenUser,
737 noInstanceConfigWarningModal: true,
738 noWelcomeModal: true
739 })
740
741 const res = await getMyUserInformation(server.url, accessTokenUser)
742 const user: User = res.body
743
744 expect(user.noWelcomeModal).to.be.true
745 expect(user.noInstanceConfigWarningModal).to.be.true
746 })
0e1dc3e7
C		 747 })
748
1eddc9a7 749 describe('Updating another user', function () {
1eddc9a7
C		 750 it('Should be able to update another user', async function () {
751 await updateUser({
752 url: server.url,
753 userId,
754 accessToken,
755 email: 'updated2@example.com',
756 emailVerified: true,
757 videoQuota: 42,
758 role: UserRole.MODERATOR,
6d989edc
C		 759 adminFlags: UserAdminFlag.NONE,
760 pluginAuth: 'toto'
1eddc9a7
C		 761 })
762
763 const res = await getUserInformation(server.url, accessToken, userId)
6d989edc 764 const user = res.body as User
1eddc9a7
C		 765
766 expect(user.username).to.equal('user_1')
767 expect(user.email).to.equal('updated2@example.com')
768 expect(user.emailVerified).to.be.true
769 expect(user.nsfwPolicy).to.equal('do_not_list')
770 expect(user.videoQuota).to.equal(42)
771 expect(user.roleLabel).to.equal('Moderator')
772 expect(user.id).to.be.a('number')
773 expect(user.adminFlags).to.equal(UserAdminFlag.NONE)
6d989edc
C		 774 expect(user.pluginAuth).to.equal('toto')
775 })
776
777 it('Should reset the auth plugin', async function () {
778 await updateUser({ url: server.url, userId, accessToken, pluginAuth: null })
779
780 const res = await getUserInformation(server.url, accessToken, userId)
781 const user = res.body as User
782 expect(user.pluginAuth).to.be.null
1eddc9a7 783 })
f8b8c36b 784
1eddc9a7 785 it('Should have removed the user token', async function () {
2d53be02 786 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
f8b8c36b 787
1eddc9a7 788 accessTokenUser = await userLogin(server, user)
b426edd4
C		 789 })
790
1eddc9a7
C		 791 it('Should be able to update another user password', async function () {
792 await updateUser({
793 url: server.url,
794 userId,
795 accessToken,
796 password: 'password updated'
797 })
b426edd4 798
2d53be02 799 await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401)
b426edd4 800
2d53be02 801 await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
b426edd4 802
1eddc9a7
C		 803 user.password = 'password updated'
804 accessTokenUser = await userLogin(server, user)
805 })
757f0da3
C		 806 })
807
1eddc9a7
C		 808 describe('Video blacklists', function () {
809 it('Should be able to list video blacklist by a moderator', async function () {
e3d15a6a 810 await server.blacklistCommand.list({ token: accessTokenUser })
1eddc9a7 811 })
0e1dc3e7
C		 812 })
813
1eddc9a7
C		 814 describe('Remove a user', function () {
815 it('Should be able to remove this user', async function () {
816 await removeUser(server.url, userId, accessToken)
817 })
0e1dc3e7 818
1eddc9a7 819 it('Should not be able to login with this user', async function () {
2d53be02 820 await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400)
1eddc9a7 821 })
0e1dc3e7 822
1eddc9a7
C		 823 it('Should not have videos of this user', async function () {
824 const res = await getVideosList(server.url)
0e1dc3e7 825
1eddc9a7 826 expect(res.body.total).to.equal(1)
0e1dc3e7 827
a1587156 828 const video = res.body.data[0]
1eddc9a7
C		 829 expect(video.account.name).to.equal('root')
830 })
0e1dc3e7
C		 831 })
832
1eddc9a7 833 describe('Registering a new user', function () {
76314386
RK		 834 let user15AccessToken
835
1eddc9a7 836 it('Should register a new user', async function () {
1f20622f 837 const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' }
e590b4a5
C		 838 const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' }
839
840 await registerUserWithChannel({ url: server.url, user, channel })
1eddc9a7 841 })
0e1dc3e7 842
1eddc9a7
C		 843 it('Should be able to login with this registered user', async function () {
844 const user15 = {
845 username: 'user_15',
846 password: 'my super password'
847 }
5c98d3bf 848
76314386 849 user15AccessToken = await userLogin(server, user15)
1eddc9a7 850 })
5c98d3bf 851
1f20622f 852 it('Should have the correct display name', async function () {
76314386 853 const res = await getMyUserInformation(server.url, user15AccessToken)
1f20622f
C		 854 const user: User = res.body
855
856 expect(user.account.displayName).to.equal('super user 15')
857 })
858
1eddc9a7 859 it('Should have the correct video quota', async function () {
76314386 860 const res = await getMyUserInformation(server.url, user15AccessToken)
1eddc9a7 861 const user = res.body
0e1dc3e7 862
1eddc9a7
C		 863 expect(user.videoQuota).to.equal(5 * 1024 * 1024)
864 })
92b9d60c 865
e590b4a5
C		 866 it('Should have created the channel', async function () {
867 const res = await getVideoChannel(server.url, 'my_user_15_channel')
868
869 expect(res.body.displayName).to.equal('my channel rocks')
870 })
871
1eddc9a7
C		 872 it('Should remove me', async function () {
873 {
874 const res = await getUsersList(server.url, server.accessToken)
875 expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined
876 }
92b9d60c 877
76314386 878 await deleteMe(server.url, user15AccessToken)
1eddc9a7
C		 879
880 {
881 const res = await getUsersList(server.url, server.accessToken)
882 expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined
883 }
884 })
92b9d60c
C		 885 })
886
1eddc9a7 887 describe('User blocking', function () {
76314386
RK		 888 let user16Id
889 let user16AccessToken
8491293b
RK		 890 const user16 = {
891 username: 'user_16',
892 password: 'my super password'
893 }
76314386 894
8491293b 895 it('Should block a user', async function () {
1eddc9a7
C		 896 const resUser = await createUser({
897 url: server.url,
898 accessToken: server.accessToken,
899 username: user16.username,
900 password: user16.password
901 })
76314386 902 user16Id = resUser.body.user.id
e6921918 903
76314386 904 user16AccessToken = await userLogin(server, user16)
e6921918 905
2d53be02 906 await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
1eddc9a7 907 await blockUser(server.url, user16Id, server.accessToken)
e6921918 908
2d53be02
RK		 909 await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.UNAUTHORIZED_401)
910 await userLogin(server, user16, HttpStatusCode.BAD_REQUEST_400)
8491293b
RK		 911 })
912
913 it('Should search user by banned status', async function () {
914 {
915 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, true)
916 const users = res.body.data as User[]
917
918 expect(res.body.total).to.equal(1)
919 expect(users.length).to.equal(1)
920
921 expect(users[0].username).to.equal(user16.username)
922 }
923
924 {
925 const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, false)
926 const users = res.body.data as User[]
927
928 expect(res.body.total).to.equal(1)
929 expect(users.length).to.equal(1)
930
931 expect(users[0].username).to.not.equal(user16.username)
932 }
933 })
e6921918 934
8491293b 935 it('Should unblock a user', async function () {
1eddc9a7 936 await unblockUser(server.url, user16Id, server.accessToken)
76314386 937 user16AccessToken = await userLogin(server, user16)
2d53be02 938 await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200)
76314386
RK		 939 })
940 })
941
942 describe('User stats', function () {
943 let user17Id
944 let user17AccessToken
945
946 it('Should report correct initial statistics about a user', async function () {
947 const user17 = {
948 username: 'user_17',
949 password: 'my super password'
950 }
951 const resUser = await createUser({
952 url: server.url,
953 accessToken: server.accessToken,
954 username: user17.username,
955 password: user17.password
956 })
957
958 user17Id = resUser.body.user.id
959 user17AccessToken = await userLogin(server, user17)
960
961 const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
962 const user: User = res.body
963
964 expect(user.videosCount).to.equal(0)
965 expect(user.videoCommentsCount).to.equal(0)
4f32032f
C		 966 expect(user.abusesCount).to.equal(0)
967 expect(user.abusesCreatedCount).to.equal(0)
968 expect(user.abusesAcceptedCount).to.equal(0)
76314386
RK		 969 })
970
971 it('Should report correct videos count', async function () {
972 const videoAttributes = {
973 name: 'video to test user stats'
974 }
975 await uploadVideo(server.url, user17AccessToken, videoAttributes)
976 const res1 = await getVideosList(server.url)
977 videoId = res1.body.data.find(video => video.name === videoAttributes.name).id
978
979 const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
980 const user: User = res2.body
981
982 expect(user.videosCount).to.equal(1)
983 })
984
985 it('Should report correct video comments for user', async function () {
986 const text = 'super comment'
987 await addVideoCommentThread(server.url, user17AccessToken, videoId, text)
988
989 const res = await getUserInformation(server.url, server.accessToken, user17Id, true)
990 const user: User = res.body
991
992 expect(user.videoCommentsCount).to.equal(1)
993 })
994
4f32032f 995 it('Should report correct abuses counts', async function () {
76314386 996 const reason = 'my super bad reason'
0c1a77e9 997 await server.abusesCommand.report({ token: user17AccessToken, videoId, reason })
76314386 998
0c1a77e9
C		 999 const body1 = await server.abusesCommand.getAdminList()
1000 const abuseId = body1.data[0].id
76314386
RK		 1001
1002 const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1003 const user2: User = res2.body
1004
4f32032f
C		 1005 expect(user2.abusesCount).to.equal(1) // number of incriminations
1006 expect(user2.abusesCreatedCount).to.equal(1) // number of reports created
76314386 1007
0c1a77e9 1008 await server.abusesCommand.update({ abuseId, body: { state: AbuseState.ACCEPTED } })
76314386
RK		 1009
1010 const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true)
1011 const user3: User = res3.body
1012
4f32032f 1013 expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted
1eddc9a7 1014 })
e6921918
C		 1015 })
1016
7c3b7976 1017 after(async function () {
f43db2f4 1018 await closeAllSequelize([ server ])
7c3b7976 1019 await cleanupTests([ server ])
0e1dc3e7
C		 1020 })
1021})
ActivityPub-federated video streaming platform using P2P directly in your web browser