]>
Commit | Line | Data |
---|---|---|
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ | |
2 | ||
3 | import 'mocha' | |
4 | import { expect } from 'chai' | |
5 | import { omit } from 'lodash' | |
6 | import { join } from 'path' | |
7 | import { User, UserRole, VideoImport, VideoImportState } from '../../../../shared' | |
8 | import { | |
9 | addVideoChannel, | |
10 | blockUser, | |
11 | cleanupTests, | |
12 | createUser, | |
13 | deleteMe, | |
14 | flushAndRunServer, | |
15 | getMyUserInformation, | |
16 | getMyUserVideoRating, | |
17 | getUsersList, | |
18 | immutableAssign, | |
19 | killallServers, | |
20 | makeGetRequest, | |
21 | makePostBodyRequest, | |
22 | makePutBodyRequest, | |
23 | makeUploadRequest, | |
24 | registerUser, | |
25 | removeUser, | |
26 | reRunServer, | |
27 | ServerInfo, | |
28 | setAccessTokensToServers, | |
29 | unblockUser, | |
30 | updateUser, | |
31 | uploadVideo, | |
32 | userLogin | |
33 | } from '../../../../shared/extra-utils' | |
34 | import { MockSmtpServer } from '../../../../shared/extra-utils/miscs/email' | |
35 | import { | |
36 | checkBadCountPagination, | |
37 | checkBadSortPagination, | |
38 | checkBadStartPagination | |
39 | } from '../../../../shared/extra-utils/requests/check-api-params' | |
40 | import { waitJobs } from '../../../../shared/extra-utils/server/jobs' | |
41 | import { getMagnetURI, getMyVideoImports, getGoodVideoUrl, importVideo } from '../../../../shared/extra-utils/videos/video-imports' | |
42 | import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model' | |
43 | import { VideoPrivacy } from '../../../../shared/models/videos' | |
44 | ||
45 | describe('Test users API validators', function () { | |
46 | const path = '/api/v1/users/' | |
47 | let userId: number | |
48 | let rootId: number | |
49 | let moderatorId: number | |
50 | let videoId: number | |
51 | let server: ServerInfo | |
52 | let serverWithRegistrationDisabled: ServerInfo | |
53 | let userAccessToken = '' | |
54 | let moderatorAccessToken = '' | |
55 | let emailPort: number | |
56 | let overrideConfig: Object | |
57 | ||
58 | // --------------------------------------------------------------- | |
59 | ||
60 | before(async function () { | |
61 | this.timeout(30000) | |
62 | ||
63 | const emails: object[] = [] | |
64 | emailPort = await MockSmtpServer.Instance.collectEmails(emails) | |
65 | ||
66 | overrideConfig = { signup: { limit: 8 } } | |
67 | ||
68 | { | |
69 | const res = await Promise.all([ | |
70 | flushAndRunServer(1, overrideConfig), | |
71 | flushAndRunServer(2) | |
72 | ]) | |
73 | ||
74 | server = res[0] | |
75 | serverWithRegistrationDisabled = res[1] | |
76 | ||
77 | await setAccessTokensToServers([ server ]) | |
78 | } | |
79 | ||
80 | { | |
81 | const user = { | |
82 | username: 'user1', | |
83 | password: 'my super password' | |
84 | } | |
85 | ||
86 | const videoQuota = 42000000 | |
87 | await createUser({ | |
88 | url: server.url, | |
89 | accessToken: server.accessToken, | |
90 | username: user.username, | |
91 | password: user.password, | |
92 | videoQuota: videoQuota | |
93 | }) | |
94 | userAccessToken = await userLogin(server, user) | |
95 | } | |
96 | ||
97 | { | |
98 | const moderator = { | |
99 | username: 'moderator1', | |
100 | password: 'super password' | |
101 | } | |
102 | ||
103 | await createUser({ | |
104 | url: server.url, | |
105 | accessToken: server.accessToken, | |
106 | username: moderator.username, | |
107 | password: moderator.password, | |
108 | role: UserRole.MODERATOR | |
109 | }) | |
110 | ||
111 | moderatorAccessToken = await userLogin(server, moderator) | |
112 | } | |
113 | ||
114 | { | |
115 | const moderator = { | |
116 | username: 'moderator2', | |
117 | password: 'super password' | |
118 | } | |
119 | ||
120 | await createUser({ | |
121 | url: server.url, | |
122 | accessToken: server.accessToken, | |
123 | username: moderator.username, | |
124 | password: moderator.password, | |
125 | role: UserRole.MODERATOR | |
126 | }) | |
127 | } | |
128 | ||
129 | { | |
130 | const res = await uploadVideo(server.url, server.accessToken, {}) | |
131 | videoId = res.body.video.id | |
132 | } | |
133 | ||
134 | { | |
135 | const res = await getUsersList(server.url, server.accessToken) | |
136 | const users: User[] = res.body.data | |
137 | ||
138 | userId = users.find(u => u.username === 'user1').id | |
139 | rootId = users.find(u => u.username === 'root').id | |
140 | moderatorId = users.find(u => u.username === 'moderator2').id | |
141 | } | |
142 | }) | |
143 | ||
144 | describe('When listing users', function () { | |
145 | it('Should fail with a bad start pagination', async function () { | |
146 | await checkBadStartPagination(server.url, path, server.accessToken) | |
147 | }) | |
148 | ||
149 | it('Should fail with a bad count pagination', async function () { | |
150 | await checkBadCountPagination(server.url, path, server.accessToken) | |
151 | }) | |
152 | ||
153 | it('Should fail with an incorrect sort', async function () { | |
154 | await checkBadSortPagination(server.url, path, server.accessToken) | |
155 | }) | |
156 | ||
157 | it('Should fail with a bad blocked/banned user filter', async function () { | |
158 | await makeGetRequest({ | |
159 | url: server.url, | |
160 | path, | |
161 | query: { | |
162 | blocked: 42 | |
163 | }, | |
164 | token: server.accessToken, | |
165 | statusCodeExpected: 400 | |
166 | }) | |
167 | }) | |
168 | ||
169 | it('Should fail with a non authenticated user', async function () { | |
170 | await makeGetRequest({ | |
171 | url: server.url, | |
172 | path, | |
173 | statusCodeExpected: 401 | |
174 | }) | |
175 | }) | |
176 | ||
177 | it('Should fail with a non admin user', async function () { | |
178 | await makeGetRequest({ | |
179 | url: server.url, | |
180 | path, | |
181 | token: userAccessToken, | |
182 | statusCodeExpected: 403 | |
183 | }) | |
184 | }) | |
185 | }) | |
186 | ||
187 | describe('When adding a new user', function () { | |
188 | const baseCorrectParams = { | |
189 | username: 'user2', | |
190 | email: 'test@example.com', | |
191 | password: 'my super password', | |
192 | videoQuota: -1, | |
193 | videoQuotaDaily: -1, | |
194 | role: UserRole.USER, | |
195 | adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST | |
196 | } | |
197 | ||
198 | it('Should fail with a too small username', async function () { | |
199 | const fields = immutableAssign(baseCorrectParams, { username: '' }) | |
200 | ||
201 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
202 | }) | |
203 | ||
204 | it('Should fail with a too long username', async function () { | |
205 | const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) }) | |
206 | ||
207 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
208 | }) | |
209 | ||
210 | it('Should fail with a not lowercase username', async function () { | |
211 | const fields = immutableAssign(baseCorrectParams, { username: 'Toto' }) | |
212 | ||
213 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
214 | }) | |
215 | ||
216 | it('Should fail with an incorrect username', async function () { | |
217 | const fields = immutableAssign(baseCorrectParams, { username: 'my username' }) | |
218 | ||
219 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
220 | }) | |
221 | ||
222 | it('Should fail with a missing email', async function () { | |
223 | const fields = omit(baseCorrectParams, 'email') | |
224 | ||
225 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
226 | }) | |
227 | ||
228 | it('Should fail with an invalid email', async function () { | |
229 | const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' }) | |
230 | ||
231 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
232 | }) | |
233 | ||
234 | it('Should fail with a too small password', async function () { | |
235 | const fields = immutableAssign(baseCorrectParams, { password: 'bla' }) | |
236 | ||
237 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
238 | }) | |
239 | ||
240 | it('Should fail with a too long password', async function () { | |
241 | const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) }) | |
242 | ||
243 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
244 | }) | |
245 | ||
246 | it('Should fail with empty password and no smtp configured', async function () { | |
247 | const fields = immutableAssign(baseCorrectParams, { password: '' }) | |
248 | ||
249 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
250 | }) | |
251 | ||
252 | it('Should succeed with no password on a server with smtp enabled', async function () { | |
253 | this.timeout(10000) | |
254 | ||
255 | killallServers([ server ]) | |
256 | ||
257 | const config = immutableAssign(overrideConfig, { | |
258 | smtp: { | |
259 | hostname: 'localhost', | |
260 | port: emailPort | |
261 | } | |
262 | }) | |
263 | await reRunServer(server, config) | |
264 | ||
265 | const fields = immutableAssign(baseCorrectParams, { | |
266 | password: '', | |
267 | username: 'create_password', | |
268 | email: 'create_password@example.com' | |
269 | }) | |
270 | ||
271 | await makePostBodyRequest({ | |
272 | url: server.url, | |
273 | path: path, | |
274 | token: server.accessToken, | |
275 | fields, | |
276 | statusCodeExpected: 200 | |
277 | }) | |
278 | }) | |
279 | ||
280 | it('Should fail with invalid admin flags', async function () { | |
281 | const fields = immutableAssign(baseCorrectParams, { adminFlags: 'toto' }) | |
282 | ||
283 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
284 | }) | |
285 | ||
286 | it('Should fail with an non authenticated user', async function () { | |
287 | await makePostBodyRequest({ | |
288 | url: server.url, | |
289 | path, | |
290 | token: 'super token', | |
291 | fields: baseCorrectParams, | |
292 | statusCodeExpected: 401 | |
293 | }) | |
294 | }) | |
295 | ||
296 | it('Should fail if we add a user with the same username', async function () { | |
297 | const fields = immutableAssign(baseCorrectParams, { username: 'user1' }) | |
298 | ||
299 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
300 | }) | |
301 | ||
302 | it('Should fail if we add a user with the same email', async function () { | |
303 | const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' }) | |
304 | ||
305 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
306 | }) | |
307 | ||
308 | it('Should fail without a videoQuota', async function () { | |
309 | const fields = omit(baseCorrectParams, 'videoQuota') | |
310 | ||
311 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
312 | }) | |
313 | ||
314 | it('Should fail without a videoQuotaDaily', async function () { | |
315 | const fields = omit(baseCorrectParams, 'videoQuotaDaily') | |
316 | ||
317 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
318 | }) | |
319 | ||
320 | it('Should fail with an invalid videoQuota', async function () { | |
321 | const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 }) | |
322 | ||
323 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
324 | }) | |
325 | ||
326 | it('Should fail with an invalid videoQuotaDaily', async function () { | |
327 | const fields = immutableAssign(baseCorrectParams, { videoQuotaDaily: -7 }) | |
328 | ||
329 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
330 | }) | |
331 | ||
332 | it('Should fail without a user role', async function () { | |
333 | const fields = omit(baseCorrectParams, 'role') | |
334 | ||
335 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
336 | }) | |
337 | ||
338 | it('Should fail with an invalid user role', async function () { | |
339 | const fields = immutableAssign(baseCorrectParams, { role: 88989 }) | |
340 | ||
341 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
342 | }) | |
343 | ||
344 | it('Should fail with a "peertube" username', async function () { | |
345 | const fields = immutableAssign(baseCorrectParams, { username: 'peertube' }) | |
346 | ||
347 | await makePostBodyRequest({ | |
348 | url: server.url, | |
349 | path, | |
350 | token: server.accessToken, | |
351 | fields, | |
352 | statusCodeExpected: 409 | |
353 | }) | |
354 | }) | |
355 | ||
356 | it('Should fail to create a moderator or an admin with a moderator', async function () { | |
357 | for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) { | |
358 | const fields = immutableAssign(baseCorrectParams, { role }) | |
359 | ||
360 | await makePostBodyRequest({ | |
361 | url: server.url, | |
362 | path, | |
363 | token: moderatorAccessToken, | |
364 | fields, | |
365 | statusCodeExpected: 403 | |
366 | }) | |
367 | } | |
368 | }) | |
369 | ||
370 | it('Should succeed to create a user with a moderator', async function () { | |
371 | const fields = immutableAssign(baseCorrectParams, { username: 'a4656', email: 'a4656@example.com', role: UserRole.USER }) | |
372 | ||
373 | await makePostBodyRequest({ | |
374 | url: server.url, | |
375 | path, | |
376 | token: moderatorAccessToken, | |
377 | fields, | |
378 | statusCodeExpected: 200 | |
379 | }) | |
380 | }) | |
381 | ||
382 | it('Should succeed with the correct params', async function () { | |
383 | await makePostBodyRequest({ | |
384 | url: server.url, | |
385 | path, | |
386 | token: server.accessToken, | |
387 | fields: baseCorrectParams, | |
388 | statusCodeExpected: 200 | |
389 | }) | |
390 | }) | |
391 | ||
392 | it('Should fail with a non admin user', async function () { | |
393 | const user = { | |
394 | username: 'user1', | |
395 | password: 'my super password' | |
396 | } | |
397 | userAccessToken = await userLogin(server, user) | |
398 | ||
399 | const fields = { | |
400 | username: 'user3', | |
401 | email: 'test@example.com', | |
402 | password: 'my super password', | |
403 | videoQuota: 42000000 | |
404 | } | |
405 | await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 }) | |
406 | }) | |
407 | }) | |
408 | ||
409 | describe('When updating my account', function () { | |
410 | it('Should fail with an invalid email attribute', async function () { | |
411 | const fields = { | |
412 | email: 'blabla' | |
413 | } | |
414 | ||
415 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields }) | |
416 | }) | |
417 | ||
418 | it('Should fail with a too small password', async function () { | |
419 | const fields = { | |
420 | currentPassword: 'my super password', | |
421 | password: 'bla' | |
422 | } | |
423 | ||
424 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
425 | }) | |
426 | ||
427 | it('Should fail with a too long password', async function () { | |
428 | const fields = { | |
429 | currentPassword: 'my super password', | |
430 | password: 'super'.repeat(61) | |
431 | } | |
432 | ||
433 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
434 | }) | |
435 | ||
436 | it('Should fail without the current password', async function () { | |
437 | const fields = { | |
438 | currentPassword: 'my super password', | |
439 | password: 'super'.repeat(61) | |
440 | } | |
441 | ||
442 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
443 | }) | |
444 | ||
445 | it('Should fail with an invalid current password', async function () { | |
446 | const fields = { | |
447 | currentPassword: 'my super password fail', | |
448 | password: 'super'.repeat(61) | |
449 | } | |
450 | ||
451 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 }) | |
452 | }) | |
453 | ||
454 | it('Should fail with an invalid NSFW policy attribute', async function () { | |
455 | const fields = { | |
456 | nsfwPolicy: 'hello' | |
457 | } | |
458 | ||
459 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
460 | }) | |
461 | ||
462 | it('Should fail with an invalid autoPlayVideo attribute', async function () { | |
463 | const fields = { | |
464 | autoPlayVideo: -1 | |
465 | } | |
466 | ||
467 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
468 | }) | |
469 | ||
470 | it('Should fail with an invalid autoPlayNextVideo attribute', async function () { | |
471 | const fields = { | |
472 | autoPlayNextVideo: -1 | |
473 | } | |
474 | ||
475 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
476 | }) | |
477 | ||
478 | it('Should fail with an invalid videosHistoryEnabled attribute', async function () { | |
479 | const fields = { | |
480 | videosHistoryEnabled: -1 | |
481 | } | |
482 | ||
483 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
484 | }) | |
485 | ||
486 | it('Should fail with an non authenticated user', async function () { | |
487 | const fields = { | |
488 | currentPassword: 'my super password', | |
489 | password: 'my super password' | |
490 | } | |
491 | ||
492 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 }) | |
493 | }) | |
494 | ||
495 | it('Should fail with a too long description', async function () { | |
496 | const fields = { | |
497 | description: 'super'.repeat(201) | |
498 | } | |
499 | ||
500 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
501 | }) | |
502 | ||
503 | it('Should fail with an invalid videoLanguages attribute', async function () { | |
504 | { | |
505 | const fields = { | |
506 | videoLanguages: 'toto' | |
507 | } | |
508 | ||
509 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
510 | } | |
511 | ||
512 | { | |
513 | const languages = [] | |
514 | for (let i = 0; i < 1000; i++) { | |
515 | languages.push('fr') | |
516 | } | |
517 | ||
518 | const fields = { | |
519 | videoLanguages: languages | |
520 | } | |
521 | ||
522 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
523 | } | |
524 | }) | |
525 | ||
526 | it('Should fail with an invalid theme', async function () { | |
527 | const fields = { theme: 'invalid' } | |
528 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
529 | }) | |
530 | ||
531 | it('Should fail with an unknown theme', async function () { | |
532 | const fields = { theme: 'peertube-theme-unknown' } | |
533 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
534 | }) | |
535 | ||
536 | it('Should fail with an invalid noInstanceConfigWarningModal attribute', async function () { | |
537 | const fields = { | |
538 | noInstanceConfigWarningModal: -1 | |
539 | } | |
540 | ||
541 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
542 | }) | |
543 | ||
544 | it('Should fail with an invalid noWelcomeModal attribute', async function () { | |
545 | const fields = { | |
546 | noWelcomeModal: -1 | |
547 | } | |
548 | ||
549 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields }) | |
550 | }) | |
551 | ||
552 | it('Should succeed to change password with the correct params', async function () { | |
553 | const fields = { | |
554 | currentPassword: 'my super password', | |
555 | password: 'my super password', | |
556 | nsfwPolicy: 'blur', | |
557 | autoPlayVideo: false, | |
558 | email: 'super_email@example.com', | |
559 | theme: 'default', | |
560 | noInstanceConfigWarningModal: true, | |
561 | noWelcomeModal: true | |
562 | } | |
563 | ||
564 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) | |
565 | }) | |
566 | ||
567 | it('Should succeed without password change with the correct params', async function () { | |
568 | const fields = { | |
569 | nsfwPolicy: 'blur', | |
570 | autoPlayVideo: false | |
571 | } | |
572 | ||
573 | await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 }) | |
574 | }) | |
575 | }) | |
576 | ||
577 | describe('When updating my avatar', function () { | |
578 | it('Should fail without an incorrect input file', async function () { | |
579 | const fields = {} | |
580 | const attaches = { | |
581 | avatarfile: join(__dirname, '..', '..', 'fixtures', 'video_short.mp4') | |
582 | } | |
583 | await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches }) | |
584 | }) | |
585 | ||
586 | it('Should fail with a big file', async function () { | |
587 | const fields = {} | |
588 | const attaches = { | |
589 | avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar-big.png') | |
590 | } | |
591 | await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches }) | |
592 | }) | |
593 | ||
594 | it('Should fail with an unauthenticated user', async function () { | |
595 | const fields = {} | |
596 | const attaches = { | |
597 | avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png') | |
598 | } | |
599 | await makeUploadRequest({ | |
600 | url: server.url, | |
601 | path: path + '/me/avatar/pick', | |
602 | fields, | |
603 | attaches, | |
604 | statusCodeExpected: 401 | |
605 | }) | |
606 | }) | |
607 | ||
608 | it('Should succeed with the correct params', async function () { | |
609 | const fields = {} | |
610 | const attaches = { | |
611 | avatarfile: join(__dirname, '..', '..', 'fixtures', 'avatar.png') | |
612 | } | |
613 | await makeUploadRequest({ | |
614 | url: server.url, | |
615 | path: path + '/me/avatar/pick', | |
616 | token: server.accessToken, | |
617 | fields, | |
618 | attaches, | |
619 | statusCodeExpected: 200 | |
620 | }) | |
621 | }) | |
622 | }) | |
623 | ||
624 | describe('When getting a user', function () { | |
625 | ||
626 | it('Should fail with an non authenticated user', async function () { | |
627 | await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 }) | |
628 | }) | |
629 | ||
630 | it('Should fail with a non admin user', async function () { | |
631 | await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 }) | |
632 | }) | |
633 | ||
634 | it('Should succeed with the correct params', async function () { | |
635 | await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 }) | |
636 | }) | |
637 | }) | |
638 | ||
639 | describe('When updating a user', function () { | |
640 | ||
641 | it('Should fail with an invalid email attribute', async function () { | |
642 | const fields = { | |
643 | email: 'blabla' | |
644 | } | |
645 | ||
646 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
647 | }) | |
648 | ||
649 | it('Should fail with an invalid emailVerified attribute', async function () { | |
650 | const fields = { | |
651 | emailVerified: 'yes' | |
652 | } | |
653 | ||
654 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
655 | }) | |
656 | ||
657 | it('Should fail with an invalid videoQuota attribute', async function () { | |
658 | const fields = { | |
659 | videoQuota: -90 | |
660 | } | |
661 | ||
662 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
663 | }) | |
664 | ||
665 | it('Should fail with an invalid user role attribute', async function () { | |
666 | const fields = { | |
667 | role: 54878 | |
668 | } | |
669 | ||
670 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
671 | }) | |
672 | ||
673 | it('Should fail with a too small password', async function () { | |
674 | const fields = { | |
675 | currentPassword: 'my super password', | |
676 | password: 'bla' | |
677 | } | |
678 | ||
679 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
680 | }) | |
681 | ||
682 | it('Should fail with a too long password', async function () { | |
683 | const fields = { | |
684 | currentPassword: 'my super password', | |
685 | password: 'super'.repeat(61) | |
686 | } | |
687 | ||
688 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields }) | |
689 | }) | |
690 | ||
691 | it('Should fail with an non authenticated user', async function () { | |
692 | const fields = { | |
693 | videoQuota: 42 | |
694 | } | |
695 | ||
696 | await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 }) | |
697 | }) | |
698 | ||
699 | it('Should fail when updating root role', async function () { | |
700 | const fields = { | |
701 | role: UserRole.MODERATOR | |
702 | } | |
703 | ||
704 | await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields }) | |
705 | }) | |
706 | ||
707 | it('Should fail with invalid admin flags', async function () { | |
708 | const fields = { adminFlags: 'toto' } | |
709 | ||
710 | await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
711 | }) | |
712 | ||
713 | it('Should fail to update an admin with a moderator', async function () { | |
714 | const fields = { | |
715 | videoQuota: 42 | |
716 | } | |
717 | ||
718 | await makePutBodyRequest({ | |
719 | url: server.url, | |
720 | path: path + moderatorId, | |
721 | token: moderatorAccessToken, | |
722 | fields, | |
723 | statusCodeExpected: 403 | |
724 | }) | |
725 | }) | |
726 | ||
727 | it('Should succeed to update a user with a moderator', async function () { | |
728 | const fields = { | |
729 | videoQuota: 42 | |
730 | } | |
731 | ||
732 | await makePutBodyRequest({ | |
733 | url: server.url, | |
734 | path: path + userId, | |
735 | token: moderatorAccessToken, | |
736 | fields, | |
737 | statusCodeExpected: 204 | |
738 | }) | |
739 | }) | |
740 | ||
741 | it('Should succeed with the correct params', async function () { | |
742 | const fields = { | |
743 | email: 'email@example.com', | |
744 | emailVerified: true, | |
745 | videoQuota: 42, | |
746 | role: UserRole.USER | |
747 | } | |
748 | ||
749 | await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
750 | }) | |
751 | }) | |
752 | ||
753 | describe('When getting my information', function () { | |
754 | it('Should fail with a non authenticated user', async function () { | |
755 | await getMyUserInformation(server.url, 'fake_token', 401) | |
756 | }) | |
757 | ||
758 | it('Should success with the correct parameters', async function () { | |
759 | await getMyUserInformation(server.url, userAccessToken) | |
760 | }) | |
761 | }) | |
762 | ||
763 | describe('When getting my video rating', function () { | |
764 | it('Should fail with a non authenticated user', async function () { | |
765 | await getMyUserVideoRating(server.url, 'fake_token', videoId, 401) | |
766 | }) | |
767 | ||
768 | it('Should fail with an incorrect video uuid', async function () { | |
769 | await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400) | |
770 | }) | |
771 | ||
772 | it('Should fail with an unknown video', async function () { | |
773 | await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404) | |
774 | }) | |
775 | ||
776 | it('Should succeed with the correct parameters', async function () { | |
777 | await getMyUserVideoRating(server.url, server.accessToken, videoId) | |
778 | }) | |
779 | }) | |
780 | ||
781 | describe('When retrieving my global ratings', function () { | |
782 | const path = '/api/v1/accounts/user1/ratings' | |
783 | ||
784 | it('Should fail with a bad start pagination', async function () { | |
785 | await checkBadStartPagination(server.url, path, userAccessToken) | |
786 | }) | |
787 | ||
788 | it('Should fail with a bad count pagination', async function () { | |
789 | await checkBadCountPagination(server.url, path, userAccessToken) | |
790 | }) | |
791 | ||
792 | it('Should fail with an incorrect sort', async function () { | |
793 | await checkBadSortPagination(server.url, path, userAccessToken) | |
794 | }) | |
795 | ||
796 | it('Should fail with a unauthenticated user', async function () { | |
797 | await makeGetRequest({ url: server.url, path, statusCodeExpected: 401 }) | |
798 | }) | |
799 | ||
800 | it('Should fail with a another user', async function () { | |
801 | await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 403 }) | |
802 | }) | |
803 | ||
804 | it('Should fail with a bad type', async function () { | |
805 | await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { rating: 'toto ' }, statusCodeExpected: 400 }) | |
806 | }) | |
807 | ||
808 | it('Should succeed with the correct params', async function () { | |
809 | await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 200 }) | |
810 | }) | |
811 | }) | |
812 | ||
813 | describe('When blocking/unblocking/removing user', function () { | |
814 | it('Should fail with an incorrect id', async function () { | |
815 | await removeUser(server.url, 'blabla', server.accessToken, 400) | |
816 | await blockUser(server.url, 'blabla', server.accessToken, 400) | |
817 | await unblockUser(server.url, 'blabla', server.accessToken, 400) | |
818 | }) | |
819 | ||
820 | it('Should fail with the root user', async function () { | |
821 | await removeUser(server.url, rootId, server.accessToken, 400) | |
822 | await blockUser(server.url, rootId, server.accessToken, 400) | |
823 | await unblockUser(server.url, rootId, server.accessToken, 400) | |
824 | }) | |
825 | ||
826 | it('Should return 404 with a non existing id', async function () { | |
827 | await removeUser(server.url, 4545454, server.accessToken, 404) | |
828 | await blockUser(server.url, 4545454, server.accessToken, 404) | |
829 | await unblockUser(server.url, 4545454, server.accessToken, 404) | |
830 | }) | |
831 | ||
832 | it('Should fail with a non admin user', async function () { | |
833 | await removeUser(server.url, userId, userAccessToken, 403) | |
834 | await blockUser(server.url, userId, userAccessToken, 403) | |
835 | await unblockUser(server.url, userId, userAccessToken, 403) | |
836 | }) | |
837 | ||
838 | it('Should fail on a moderator with a moderator', async function () { | |
839 | await removeUser(server.url, moderatorId, moderatorAccessToken, 403) | |
840 | await blockUser(server.url, moderatorId, moderatorAccessToken, 403) | |
841 | await unblockUser(server.url, moderatorId, moderatorAccessToken, 403) | |
842 | }) | |
843 | ||
844 | it('Should succeed on a user with a moderator', async function () { | |
845 | await blockUser(server.url, userId, moderatorAccessToken) | |
846 | await unblockUser(server.url, userId, moderatorAccessToken) | |
847 | }) | |
848 | }) | |
849 | ||
850 | describe('When deleting our account', function () { | |
851 | it('Should fail with with the root account', async function () { | |
852 | await deleteMe(server.url, server.accessToken, 400) | |
853 | }) | |
854 | }) | |
855 | ||
856 | describe('When registering a new user', function () { | |
857 | const registrationPath = path + '/register' | |
858 | const baseCorrectParams = { | |
859 | username: 'user3', | |
860 | displayName: 'super user', | |
861 | email: 'test3@example.com', | |
862 | password: 'my super password' | |
863 | } | |
864 | ||
865 | it('Should fail with a too small username', async function () { | |
866 | const fields = immutableAssign(baseCorrectParams, { username: '' }) | |
867 | ||
868 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
869 | }) | |
870 | ||
871 | it('Should fail with a too long username', async function () { | |
872 | const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) }) | |
873 | ||
874 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
875 | }) | |
876 | ||
877 | it('Should fail with an incorrect username', async function () { | |
878 | const fields = immutableAssign(baseCorrectParams, { username: 'my username' }) | |
879 | ||
880 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
881 | }) | |
882 | ||
883 | it('Should fail with a missing email', async function () { | |
884 | const fields = omit(baseCorrectParams, 'email') | |
885 | ||
886 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
887 | }) | |
888 | ||
889 | it('Should fail with an invalid email', async function () { | |
890 | const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' }) | |
891 | ||
892 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
893 | }) | |
894 | ||
895 | it('Should fail with a too small password', async function () { | |
896 | const fields = immutableAssign(baseCorrectParams, { password: 'bla' }) | |
897 | ||
898 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
899 | }) | |
900 | ||
901 | it('Should fail with a too long password', async function () { | |
902 | const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) }) | |
903 | ||
904 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
905 | }) | |
906 | ||
907 | it('Should fail if we register a user with the same username', async function () { | |
908 | const fields = immutableAssign(baseCorrectParams, { username: 'root' }) | |
909 | ||
910 | await makePostBodyRequest({ | |
911 | url: server.url, | |
912 | path: registrationPath, | |
913 | token: server.accessToken, | |
914 | fields, | |
915 | statusCodeExpected: 409 | |
916 | }) | |
917 | }) | |
918 | ||
919 | it('Should fail with a "peertube" username', async function () { | |
920 | const fields = immutableAssign(baseCorrectParams, { username: 'peertube' }) | |
921 | ||
922 | await makePostBodyRequest({ | |
923 | url: server.url, | |
924 | path: registrationPath, | |
925 | token: server.accessToken, | |
926 | fields, | |
927 | statusCodeExpected: 409 | |
928 | }) | |
929 | }) | |
930 | ||
931 | it('Should fail if we register a user with the same email', async function () { | |
932 | const fields = immutableAssign(baseCorrectParams, { email: 'admin' + server.internalServerNumber + '@example.com' }) | |
933 | ||
934 | await makePostBodyRequest({ | |
935 | url: server.url, | |
936 | path: registrationPath, | |
937 | token: server.accessToken, | |
938 | fields, | |
939 | statusCodeExpected: 409 | |
940 | }) | |
941 | }) | |
942 | ||
943 | it('Should fail with a bad display name', async function () { | |
944 | const fields = immutableAssign(baseCorrectParams, { displayName: 'a'.repeat(150) }) | |
945 | ||
946 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
947 | }) | |
948 | ||
949 | it('Should fail with a bad channel name', async function () { | |
950 | const fields = immutableAssign(baseCorrectParams, { channel: { name: '[]azf', displayName: 'toto' } }) | |
951 | ||
952 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
953 | }) | |
954 | ||
955 | it('Should fail with a bad channel display name', async function () { | |
956 | const fields = immutableAssign(baseCorrectParams, { channel: { name: 'toto', displayName: '' } }) | |
957 | ||
958 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
959 | }) | |
960 | ||
961 | it('Should fail with a channel name that is the same as username', async function () { | |
962 | const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } } | |
963 | const fields = immutableAssign(baseCorrectParams, source) | |
964 | ||
965 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields }) | |
966 | }) | |
967 | ||
968 | it('Should fail with an existing channel', async function () { | |
969 | const videoChannelAttributesArg = { name: 'existing_channel', displayName: 'hello', description: 'super description' } | |
970 | await addVideoChannel(server.url, server.accessToken, videoChannelAttributesArg) | |
971 | ||
972 | const fields = immutableAssign(baseCorrectParams, { channel: { name: 'existing_channel', displayName: 'toto' } }) | |
973 | ||
974 | await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 }) | |
975 | }) | |
976 | ||
977 | it('Should succeed with the correct params', async function () { | |
978 | const fields = immutableAssign(baseCorrectParams, { channel: { name: 'super_channel', displayName: 'toto' } }) | |
979 | ||
980 | await makePostBodyRequest({ | |
981 | url: server.url, | |
982 | path: registrationPath, | |
983 | token: server.accessToken, | |
984 | fields: fields, | |
985 | statusCodeExpected: 204 | |
986 | }) | |
987 | }) | |
988 | ||
989 | it('Should fail on a server with registration disabled', async function () { | |
990 | const fields = { | |
991 | username: 'user4', | |
992 | email: 'test4@example.com', | |
993 | password: 'my super password 4' | |
994 | } | |
995 | ||
996 | await makePostBodyRequest({ | |
997 | url: serverWithRegistrationDisabled.url, | |
998 | path: registrationPath, | |
999 | token: serverWithRegistrationDisabled.accessToken, | |
1000 | fields, | |
1001 | statusCodeExpected: 403 | |
1002 | }) | |
1003 | }) | |
1004 | }) | |
1005 | ||
1006 | describe('When registering multiple users on a server with users limit', function () { | |
1007 | it('Should fail when after 3 registrations', async function () { | |
1008 | await registerUser(server.url, 'user42', 'super password', 403) | |
1009 | }) | |
1010 | }) | |
1011 | ||
1012 | describe('When having a video quota', function () { | |
1013 | it('Should fail with a user having too many videos', async function () { | |
1014 | await updateUser({ | |
1015 | url: server.url, | |
1016 | userId: rootId, | |
1017 | accessToken: server.accessToken, | |
1018 | videoQuota: 42 | |
1019 | }) | |
1020 | ||
1021 | await uploadVideo(server.url, server.accessToken, {}, 403) | |
1022 | }) | |
1023 | ||
1024 | it('Should fail with a registered user having too many videos', async function () { | |
1025 | this.timeout(30000) | |
1026 | ||
1027 | const user = { | |
1028 | username: 'user3', | |
1029 | password: 'my super password' | |
1030 | } | |
1031 | userAccessToken = await userLogin(server, user) | |
1032 | ||
1033 | const videoAttributes = { fixture: 'video_short2.webm' } | |
1034 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
1035 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
1036 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
1037 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
1038 | await uploadVideo(server.url, userAccessToken, videoAttributes) | |
1039 | await uploadVideo(server.url, userAccessToken, videoAttributes, 403) | |
1040 | }) | |
1041 | ||
1042 | it('Should fail to import with HTTP/Torrent/magnet', async function () { | |
1043 | this.timeout(120000) | |
1044 | ||
1045 | const baseAttributes = { | |
1046 | channelId: 1, | |
1047 | privacy: VideoPrivacy.PUBLIC | |
1048 | } | |
1049 | await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { targetUrl: getGoodVideoUrl() })) | |
1050 | await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { magnetUri: getMagnetURI() })) | |
1051 | await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { torrentfile: 'video-720p.torrent' as any })) | |
1052 | ||
1053 | await waitJobs([ server ]) | |
1054 | ||
1055 | const res = await getMyVideoImports(server.url, server.accessToken) | |
1056 | ||
1057 | expect(res.body.total).to.equal(3) | |
1058 | const videoImports: VideoImport[] = res.body.data | |
1059 | expect(videoImports).to.have.lengthOf(3) | |
1060 | ||
1061 | for (const videoImport of videoImports) { | |
1062 | expect(videoImport.state.id).to.equal(VideoImportState.FAILED) | |
1063 | expect(videoImport.error).not.to.be.undefined | |
1064 | expect(videoImport.error).to.contain('user video quota is exceeded') | |
1065 | } | |
1066 | }) | |
1067 | }) | |
1068 | ||
1069 | describe('When having a daily video quota', function () { | |
1070 | it('Should fail with a user having too many videos', async function () { | |
1071 | await updateUser({ | |
1072 | url: server.url, | |
1073 | userId: rootId, | |
1074 | accessToken: server.accessToken, | |
1075 | videoQuotaDaily: 42 | |
1076 | }) | |
1077 | ||
1078 | await uploadVideo(server.url, server.accessToken, {}, 403) | |
1079 | }) | |
1080 | }) | |
1081 | ||
1082 | describe('When having an absolute and daily video quota', function () { | |
1083 | it('Should fail if exceeding total quota', async function () { | |
1084 | await updateUser({ | |
1085 | url: server.url, | |
1086 | userId: rootId, | |
1087 | accessToken: server.accessToken, | |
1088 | videoQuota: 42, | |
1089 | videoQuotaDaily: 1024 * 1024 * 1024 | |
1090 | }) | |
1091 | ||
1092 | await uploadVideo(server.url, server.accessToken, {}, 403) | |
1093 | }) | |
1094 | ||
1095 | it('Should fail if exceeding daily quota', async function () { | |
1096 | await updateUser({ | |
1097 | url: server.url, | |
1098 | userId: rootId, | |
1099 | accessToken: server.accessToken, | |
1100 | videoQuota: 1024 * 1024 * 1024, | |
1101 | videoQuotaDaily: 42 | |
1102 | }) | |
1103 | ||
1104 | await uploadVideo(server.url, server.accessToken, {}, 403) | |
1105 | }) | |
1106 | }) | |
1107 | ||
1108 | describe('When asking a password reset', function () { | |
1109 | const path = '/api/v1/users/ask-reset-password' | |
1110 | ||
1111 | it('Should fail with a missing email', async function () { | |
1112 | const fields = {} | |
1113 | ||
1114 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
1115 | }) | |
1116 | ||
1117 | it('Should fail with an invalid email', async function () { | |
1118 | const fields = { email: 'hello' } | |
1119 | ||
1120 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
1121 | }) | |
1122 | ||
1123 | it('Should success with the correct params', async function () { | |
1124 | const fields = { email: 'admin@example.com' } | |
1125 | ||
1126 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
1127 | }) | |
1128 | }) | |
1129 | ||
1130 | describe('When asking for an account verification email', function () { | |
1131 | const path = '/api/v1/users/ask-send-verify-email' | |
1132 | ||
1133 | it('Should fail with a missing email', async function () { | |
1134 | const fields = {} | |
1135 | ||
1136 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
1137 | }) | |
1138 | ||
1139 | it('Should fail with an invalid email', async function () { | |
1140 | const fields = { email: 'hello' } | |
1141 | ||
1142 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) | |
1143 | }) | |
1144 | ||
1145 | it('Should succeed with the correct params', async function () { | |
1146 | const fields = { email: 'admin@example.com' } | |
1147 | ||
1148 | await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 }) | |
1149 | }) | |
1150 | }) | |
1151 | ||
1152 | after(async function () { | |
1153 | MockSmtpServer.Instance.kill() | |
1154 | ||
1155 | await cleanupTests([ server, serverWithRegistrationDisabled ]) | |
1156 | }) | |
1157 | }) |