]>
Commit | Line | Data |
---|---|---|
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ | |
2 | ||
3 | import 'mocha' | |
4 | import * as chai from 'chai' | |
5 | import { HttpStatusCode } from '@shared/core-utils' | |
6 | import { | |
7 | addVideoCommentThread, | |
8 | blockUser, | |
9 | cleanupTests, | |
10 | closeAllSequelize, | |
11 | createUser, | |
12 | deleteMe, | |
13 | flushAndRunServer, | |
14 | getAccountRatings, | |
15 | getBlacklistedVideosList, | |
16 | getCustomConfig, | |
17 | getMyUserInformation, | |
18 | getMyUserVideoQuotaUsed, | |
19 | getMyUserVideoRating, | |
20 | getMyVideos, | |
21 | getUserInformation, | |
22 | getUsersList, | |
23 | getUsersListPaginationAndSort, | |
24 | getVideoChannel, | |
25 | getVideosList, | |
26 | installPlugin, | |
27 | killallServers, | |
28 | login, | |
29 | logout, | |
30 | makePutBodyRequest, | |
31 | rateVideo, | |
32 | refreshToken, | |
33 | registerUserWithChannel, | |
34 | removeUser, | |
35 | removeVideo, | |
36 | reRunServer, | |
37 | ServerInfo, | |
38 | setAccessTokensToServers, | |
39 | setTokenField, | |
40 | testImage, | |
41 | unblockUser, | |
42 | updateCustomSubConfig, | |
43 | updateMyAvatar, | |
44 | updateMyUser, | |
45 | updateUser, | |
46 | uploadVideo, | |
47 | userLogin, | |
48 | waitJobs | |
49 | } from '@shared/extra-utils' | |
50 | import { AbuseState, CustomConfig, MyUser, OAuth2ErrorCode, User, UserAdminFlag, UserRole, Video, VideoPlaylistType } from '@shared/models' | |
51 | ||
52 | const expect = chai.expect | |
53 | ||
54 | describe('Test users', function () { | |
55 | let server: ServerInfo | |
56 | let accessToken: string | |
57 | let accessTokenUser: string | |
58 | let videoId: number | |
59 | let userId: number | |
60 | const user = { | |
61 | username: 'user_1', | |
62 | password: 'super password' | |
63 | } | |
64 | ||
65 | before(async function () { | |
66 | this.timeout(30000) | |
67 | ||
68 | server = await flushAndRunServer(1, { | |
69 | rates_limit: { | |
70 | login: { | |
71 | max: 30 | |
72 | } | |
73 | } | |
74 | }) | |
75 | ||
76 | await setAccessTokensToServers([ server ]) | |
77 | ||
78 | await installPlugin({ url: server.url, accessToken: server.accessToken, npmName: 'peertube-theme-background-red' }) | |
79 | }) | |
80 | ||
81 | describe('OAuth client', function () { | |
82 | it('Should create a new client') | |
83 | ||
84 | it('Should return the first client') | |
85 | ||
86 | it('Should remove the last client') | |
87 | ||
88 | it('Should not login with an invalid client id', async function () { | |
89 | const client = { id: 'client', secret: server.client.secret } | |
90 | const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400) | |
91 | ||
92 | expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT) | |
93 | expect(res.body.error).to.contain('client is invalid') | |
94 | expect(res.body.type.startsWith('https://')).to.be.true | |
95 | expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT) | |
96 | }) | |
97 | ||
98 | it('Should not login with an invalid client secret', async function () { | |
99 | const client = { id: server.client.id, secret: 'coucou' } | |
100 | const res = await login(server.url, client, server.user, HttpStatusCode.BAD_REQUEST_400) | |
101 | ||
102 | expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT) | |
103 | expect(res.body.error).to.contain('client is invalid') | |
104 | expect(res.body.type.startsWith('https://')).to.be.true | |
105 | expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT) | |
106 | }) | |
107 | }) | |
108 | ||
109 | describe('Login', function () { | |
110 | ||
111 | it('Should not login with an invalid username', async function () { | |
112 | const user = { username: 'captain crochet', password: server.user.password } | |
113 | const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400) | |
114 | ||
115 | expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT) | |
116 | expect(res.body.error).to.contain('credentials are invalid') | |
117 | expect(res.body.type.startsWith('https://')).to.be.true | |
118 | expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT) | |
119 | }) | |
120 | ||
121 | it('Should not login with an invalid password', async function () { | |
122 | const user = { username: server.user.username, password: 'mew_three' } | |
123 | const res = await login(server.url, server.client, user, HttpStatusCode.BAD_REQUEST_400) | |
124 | ||
125 | expect(res.body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT) | |
126 | expect(res.body.error).to.contain('credentials are invalid') | |
127 | expect(res.body.type.startsWith('https://')).to.be.true | |
128 | expect(res.body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT) | |
129 | }) | |
130 | ||
131 | it('Should not be able to upload a video', async function () { | |
132 | accessToken = 'my_super_token' | |
133 | ||
134 | const videoAttributes = {} | |
135 | await uploadVideo(server.url, accessToken, videoAttributes, HttpStatusCode.UNAUTHORIZED_401) | |
136 | }) | |
137 | ||
138 | it('Should not be able to follow', async function () { | |
139 | accessToken = 'my_super_token' | |
140 | ||
141 | await server.followsCommand.follow({ | |
142 | targets: [ 'http://example.com' ], | |
143 | token: accessToken, | |
144 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | |
145 | }) | |
146 | }) | |
147 | ||
148 | it('Should not be able to unfollow') | |
149 | ||
150 | it('Should be able to login', async function () { | |
151 | const res = await login(server.url, server.client, server.user, HttpStatusCode.OK_200) | |
152 | ||
153 | accessToken = res.body.access_token | |
154 | }) | |
155 | ||
156 | it('Should be able to login with an insensitive username', async function () { | |
157 | const user = { username: 'RoOt', password: server.user.password } | |
158 | await login(server.url, server.client, user, HttpStatusCode.OK_200) | |
159 | ||
160 | const user2 = { username: 'rOoT', password: server.user.password } | |
161 | await login(server.url, server.client, user2, HttpStatusCode.OK_200) | |
162 | ||
163 | const user3 = { username: 'ROOt', password: server.user.password } | |
164 | await login(server.url, server.client, user3, HttpStatusCode.OK_200) | |
165 | }) | |
166 | }) | |
167 | ||
168 | describe('Upload', function () { | |
169 | ||
170 | it('Should upload the video with the correct token', async function () { | |
171 | const videoAttributes = {} | |
172 | await uploadVideo(server.url, accessToken, videoAttributes) | |
173 | const res = await getVideosList(server.url) | |
174 | const video = res.body.data[0] | |
175 | ||
176 | expect(video.account.name).to.equal('root') | |
177 | videoId = video.id | |
178 | }) | |
179 | ||
180 | it('Should upload the video again with the correct token', async function () { | |
181 | const videoAttributes = {} | |
182 | await uploadVideo(server.url, accessToken, videoAttributes) | |
183 | }) | |
184 | }) | |
185 | ||
186 | describe('Ratings', function () { | |
187 | ||
188 | it('Should retrieve a video rating', async function () { | |
189 | await rateVideo(server.url, accessToken, videoId, 'like') | |
190 | const res = await getMyUserVideoRating(server.url, accessToken, videoId) | |
191 | const rating = res.body | |
192 | ||
193 | expect(rating.videoId).to.equal(videoId) | |
194 | expect(rating.rating).to.equal('like') | |
195 | }) | |
196 | ||
197 | it('Should retrieve ratings list', async function () { | |
198 | await rateVideo(server.url, accessToken, videoId, 'like') | |
199 | ||
200 | const res = await getAccountRatings(server.url, server.user.username, server.accessToken, null, HttpStatusCode.OK_200) | |
201 | const ratings = res.body | |
202 | ||
203 | expect(ratings.total).to.equal(1) | |
204 | expect(ratings.data[0].video.id).to.equal(videoId) | |
205 | expect(ratings.data[0].rating).to.equal('like') | |
206 | }) | |
207 | ||
208 | it('Should retrieve ratings list by rating type', async function () { | |
209 | { | |
210 | const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'like') | |
211 | const ratings = res.body | |
212 | expect(ratings.data.length).to.equal(1) | |
213 | } | |
214 | ||
215 | { | |
216 | const res = await getAccountRatings(server.url, server.user.username, server.accessToken, 'dislike') | |
217 | const ratings = res.body | |
218 | expect(ratings.data.length).to.equal(0) | |
219 | } | |
220 | }) | |
221 | }) | |
222 | ||
223 | describe('Remove video', function () { | |
224 | it('Should not be able to remove the video with an incorrect token', async function () { | |
225 | await removeVideo(server.url, 'bad_token', videoId, HttpStatusCode.UNAUTHORIZED_401) | |
226 | }) | |
227 | ||
228 | it('Should not be able to remove the video with the token of another account') | |
229 | ||
230 | it('Should be able to remove the video with the correct token', async function () { | |
231 | await removeVideo(server.url, accessToken, videoId) | |
232 | }) | |
233 | }) | |
234 | ||
235 | describe('Logout', function () { | |
236 | it('Should logout (revoke token)', async function () { | |
237 | await logout(server.url, server.accessToken) | |
238 | }) | |
239 | ||
240 | it('Should not be able to get the user information', async function () { | |
241 | await getMyUserInformation(server.url, server.accessToken, HttpStatusCode.UNAUTHORIZED_401) | |
242 | }) | |
243 | ||
244 | it('Should not be able to upload a video', async function () { | |
245 | await uploadVideo(server.url, server.accessToken, { name: 'video' }, HttpStatusCode.UNAUTHORIZED_401) | |
246 | }) | |
247 | ||
248 | it('Should not be able to rate a video', async function () { | |
249 | const path = '/api/v1/videos/' | |
250 | const data = { | |
251 | rating: 'likes' | |
252 | } | |
253 | ||
254 | const options = { | |
255 | url: server.url, | |
256 | path: path + videoId, | |
257 | token: 'wrong token', | |
258 | fields: data, | |
259 | statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 | |
260 | } | |
261 | await makePutBodyRequest(options) | |
262 | }) | |
263 | ||
264 | it('Should be able to login again', async function () { | |
265 | const res = await login(server.url, server.client, server.user) | |
266 | server.accessToken = res.body.access_token | |
267 | server.refreshToken = res.body.refresh_token | |
268 | }) | |
269 | ||
270 | it('Should be able to get my user information again', async function () { | |
271 | await getMyUserInformation(server.url, server.accessToken) | |
272 | }) | |
273 | ||
274 | it('Should have an expired access token', async function () { | |
275 | this.timeout(15000) | |
276 | ||
277 | await setTokenField(server.internalServerNumber, server.accessToken, 'accessTokenExpiresAt', new Date().toISOString()) | |
278 | await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString()) | |
279 | ||
280 | killallServers([ server ]) | |
281 | await reRunServer(server) | |
282 | ||
283 | await getMyUserInformation(server.url, server.accessToken, 401) | |
284 | }) | |
285 | ||
286 | it('Should not be able to refresh an access token with an expired refresh token', async function () { | |
287 | await refreshToken(server, server.refreshToken, 400) | |
288 | }) | |
289 | ||
290 | it('Should refresh the token', async function () { | |
291 | this.timeout(15000) | |
292 | ||
293 | const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString() | |
294 | await setTokenField(server.internalServerNumber, server.accessToken, 'refreshTokenExpiresAt', futureDate) | |
295 | ||
296 | killallServers([ server ]) | |
297 | await reRunServer(server) | |
298 | ||
299 | const res = await refreshToken(server, server.refreshToken) | |
300 | server.accessToken = res.body.access_token | |
301 | server.refreshToken = res.body.refresh_token | |
302 | }) | |
303 | ||
304 | it('Should be able to get my user information again', async function () { | |
305 | await getMyUserInformation(server.url, server.accessToken) | |
306 | }) | |
307 | }) | |
308 | ||
309 | describe('Creating a user', function () { | |
310 | ||
311 | it('Should be able to create a new user', async function () { | |
312 | await createUser({ | |
313 | url: server.url, | |
314 | accessToken: accessToken, | |
315 | username: user.username, | |
316 | password: user.password, | |
317 | videoQuota: 2 * 1024 * 1024, | |
318 | adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST | |
319 | }) | |
320 | }) | |
321 | ||
322 | it('Should be able to login with this user', async function () { | |
323 | accessTokenUser = await userLogin(server, user) | |
324 | }) | |
325 | ||
326 | it('Should be able to get user information', async function () { | |
327 | const res1 = await getMyUserInformation(server.url, accessTokenUser) | |
328 | const userMe: MyUser = res1.body | |
329 | ||
330 | const res2 = await getUserInformation(server.url, server.accessToken, userMe.id, true) | |
331 | const userGet: User = res2.body | |
332 | ||
333 | for (const user of [ userMe, userGet ]) { | |
334 | expect(user.username).to.equal('user_1') | |
335 | expect(user.email).to.equal('user_1@example.com') | |
336 | expect(user.nsfwPolicy).to.equal('display') | |
337 | expect(user.videoQuota).to.equal(2 * 1024 * 1024) | |
338 | expect(user.roleLabel).to.equal('User') | |
339 | expect(user.id).to.be.a('number') | |
340 | expect(user.account.displayName).to.equal('user_1') | |
341 | expect(user.account.description).to.be.null | |
342 | } | |
343 | ||
344 | expect(userMe.adminFlags).to.be.undefined | |
345 | expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST) | |
346 | ||
347 | expect(userMe.specialPlaylists).to.have.lengthOf(1) | |
348 | expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER) | |
349 | ||
350 | // Check stats are included with withStats | |
351 | expect(userGet.videosCount).to.be.a('number') | |
352 | expect(userGet.videosCount).to.equal(0) | |
353 | expect(userGet.videoCommentsCount).to.be.a('number') | |
354 | expect(userGet.videoCommentsCount).to.equal(0) | |
355 | expect(userGet.abusesCount).to.be.a('number') | |
356 | expect(userGet.abusesCount).to.equal(0) | |
357 | expect(userGet.abusesAcceptedCount).to.be.a('number') | |
358 | expect(userGet.abusesAcceptedCount).to.equal(0) | |
359 | }) | |
360 | }) | |
361 | ||
362 | describe('My videos & quotas', function () { | |
363 | ||
364 | it('Should be able to upload a video with this user', async function () { | |
365 | this.timeout(10000) | |
366 | ||
367 | const videoAttributes = { | |
368 | name: 'super user video', | |
369 | fixture: 'video_short.webm' | |
370 | } | |
371 | await uploadVideo(server.url, accessTokenUser, videoAttributes) | |
372 | }) | |
373 | ||
374 | it('Should have video quota updated', async function () { | |
375 | const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser) | |
376 | const data = res.body | |
377 | ||
378 | expect(data.videoQuotaUsed).to.equal(218910) | |
379 | ||
380 | const resUsers = await getUsersList(server.url, server.accessToken) | |
381 | ||
382 | const users: User[] = resUsers.body.data | |
383 | const tmpUser = users.find(u => u.username === user.username) | |
384 | expect(tmpUser.videoQuotaUsed).to.equal(218910) | |
385 | }) | |
386 | ||
387 | it('Should be able to list my videos', async function () { | |
388 | const res = await getMyVideos(server.url, accessTokenUser, 0, 5) | |
389 | expect(res.body.total).to.equal(1) | |
390 | ||
391 | const videos = res.body.data | |
392 | expect(videos).to.have.lengthOf(1) | |
393 | ||
394 | const video: Video = videos[0] | |
395 | expect(video.name).to.equal('super user video') | |
396 | expect(video.thumbnailPath).to.not.be.null | |
397 | expect(video.previewPath).to.not.be.null | |
398 | }) | |
399 | ||
400 | it('Should be able to search in my videos', async function () { | |
401 | { | |
402 | const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'user video') | |
403 | expect(res.body.total).to.equal(1) | |
404 | ||
405 | const videos = res.body.data | |
406 | expect(videos).to.have.lengthOf(1) | |
407 | } | |
408 | ||
409 | { | |
410 | const res = await getMyVideos(server.url, accessTokenUser, 0, 5, '-createdAt', 'toto') | |
411 | expect(res.body.total).to.equal(0) | |
412 | ||
413 | const videos = res.body.data | |
414 | expect(videos).to.have.lengthOf(0) | |
415 | } | |
416 | }) | |
417 | ||
418 | it('Should disable webtorrent, enable HLS, and update my quota', async function () { | |
419 | this.timeout(60000) | |
420 | ||
421 | { | |
422 | const res = await getCustomConfig(server.url, server.accessToken) | |
423 | const config = res.body as CustomConfig | |
424 | config.transcoding.webtorrent.enabled = false | |
425 | config.transcoding.hls.enabled = true | |
426 | config.transcoding.enabled = true | |
427 | await updateCustomSubConfig(server.url, server.accessToken, config) | |
428 | } | |
429 | ||
430 | { | |
431 | const videoAttributes = { | |
432 | name: 'super user video 2', | |
433 | fixture: 'video_short.webm' | |
434 | } | |
435 | await uploadVideo(server.url, accessTokenUser, videoAttributes) | |
436 | ||
437 | await waitJobs([ server ]) | |
438 | } | |
439 | ||
440 | { | |
441 | const res = await getMyUserVideoQuotaUsed(server.url, accessTokenUser) | |
442 | const data = res.body | |
443 | ||
444 | expect(data.videoQuotaUsed).to.be.greaterThan(220000) | |
445 | } | |
446 | }) | |
447 | }) | |
448 | ||
449 | describe('Users listing', function () { | |
450 | ||
451 | it('Should list all the users', async function () { | |
452 | const res = await getUsersList(server.url, server.accessToken) | |
453 | const result = res.body | |
454 | const total = result.total | |
455 | const users = result.data | |
456 | ||
457 | expect(total).to.equal(2) | |
458 | expect(users).to.be.an('array') | |
459 | expect(users.length).to.equal(2) | |
460 | ||
461 | const user = users[0] | |
462 | expect(user.username).to.equal('user_1') | |
463 | expect(user.email).to.equal('user_1@example.com') | |
464 | expect(user.nsfwPolicy).to.equal('display') | |
465 | ||
466 | const rootUser = users[1] | |
467 | expect(rootUser.username).to.equal('root') | |
468 | expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com') | |
469 | expect(user.nsfwPolicy).to.equal('display') | |
470 | ||
471 | expect(rootUser.lastLoginDate).to.exist | |
472 | expect(user.lastLoginDate).to.exist | |
473 | ||
474 | userId = user.id | |
475 | }) | |
476 | ||
477 | it('Should list only the first user by username asc', async function () { | |
478 | const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, 'username') | |
479 | ||
480 | const result = res.body | |
481 | const total = result.total | |
482 | const users = result.data | |
483 | ||
484 | expect(total).to.equal(2) | |
485 | expect(users.length).to.equal(1) | |
486 | ||
487 | const user = users[0] | |
488 | expect(user.username).to.equal('root') | |
489 | expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com') | |
490 | expect(user.roleLabel).to.equal('Administrator') | |
491 | expect(user.nsfwPolicy).to.equal('display') | |
492 | }) | |
493 | ||
494 | it('Should list only the first user by username desc', async function () { | |
495 | const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-username') | |
496 | const result = res.body | |
497 | const total = result.total | |
498 | const users = result.data | |
499 | ||
500 | expect(total).to.equal(2) | |
501 | expect(users.length).to.equal(1) | |
502 | ||
503 | const user = users[0] | |
504 | expect(user.username).to.equal('user_1') | |
505 | expect(user.email).to.equal('user_1@example.com') | |
506 | expect(user.nsfwPolicy).to.equal('display') | |
507 | }) | |
508 | ||
509 | it('Should list only the second user by createdAt desc', async function () { | |
510 | const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 1, '-createdAt') | |
511 | const result = res.body | |
512 | const total = result.total | |
513 | const users = result.data | |
514 | ||
515 | expect(total).to.equal(2) | |
516 | expect(users.length).to.equal(1) | |
517 | ||
518 | const user = users[0] | |
519 | expect(user.username).to.equal('user_1') | |
520 | expect(user.email).to.equal('user_1@example.com') | |
521 | expect(user.nsfwPolicy).to.equal('display') | |
522 | }) | |
523 | ||
524 | it('Should list all the users by createdAt asc', async function () { | |
525 | const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt') | |
526 | const result = res.body | |
527 | const total = result.total | |
528 | const users = result.data | |
529 | ||
530 | expect(total).to.equal(2) | |
531 | expect(users.length).to.equal(2) | |
532 | ||
533 | expect(users[0].username).to.equal('root') | |
534 | expect(users[0].email).to.equal('admin' + server.internalServerNumber + '@example.com') | |
535 | expect(users[0].nsfwPolicy).to.equal('display') | |
536 | ||
537 | expect(users[1].username).to.equal('user_1') | |
538 | expect(users[1].email).to.equal('user_1@example.com') | |
539 | expect(users[1].nsfwPolicy).to.equal('display') | |
540 | }) | |
541 | ||
542 | it('Should search user by username', async function () { | |
543 | const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'oot') | |
544 | const users = res.body.data as User[] | |
545 | ||
546 | expect(res.body.total).to.equal(1) | |
547 | expect(users.length).to.equal(1) | |
548 | ||
549 | expect(users[0].username).to.equal('root') | |
550 | }) | |
551 | ||
552 | it('Should search user by email', async function () { | |
553 | { | |
554 | const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'r_1@exam') | |
555 | const users = res.body.data as User[] | |
556 | ||
557 | expect(res.body.total).to.equal(1) | |
558 | expect(users.length).to.equal(1) | |
559 | ||
560 | expect(users[0].username).to.equal('user_1') | |
561 | expect(users[0].email).to.equal('user_1@example.com') | |
562 | } | |
563 | ||
564 | { | |
565 | const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', 'example') | |
566 | const users = res.body.data as User[] | |
567 | ||
568 | expect(res.body.total).to.equal(2) | |
569 | expect(users.length).to.equal(2) | |
570 | ||
571 | expect(users[0].username).to.equal('root') | |
572 | expect(users[1].username).to.equal('user_1') | |
573 | } | |
574 | }) | |
575 | }) | |
576 | ||
577 | describe('Update my account', function () { | |
578 | it('Should update my password', async function () { | |
579 | await updateMyUser({ | |
580 | url: server.url, | |
581 | accessToken: accessTokenUser, | |
582 | currentPassword: 'super password', | |
583 | password: 'new password' | |
584 | }) | |
585 | user.password = 'new password' | |
586 | ||
587 | await userLogin(server, user, HttpStatusCode.OK_200) | |
588 | }) | |
589 | ||
590 | it('Should be able to change the NSFW display attribute', async function () { | |
591 | await updateMyUser({ | |
592 | url: server.url, | |
593 | accessToken: accessTokenUser, | |
594 | nsfwPolicy: 'do_not_list' | |
595 | }) | |
596 | ||
597 | const res = await getMyUserInformation(server.url, accessTokenUser) | |
598 | const user = res.body | |
599 | ||
600 | expect(user.username).to.equal('user_1') | |
601 | expect(user.email).to.equal('user_1@example.com') | |
602 | expect(user.nsfwPolicy).to.equal('do_not_list') | |
603 | expect(user.videoQuota).to.equal(2 * 1024 * 1024) | |
604 | expect(user.id).to.be.a('number') | |
605 | expect(user.account.displayName).to.equal('user_1') | |
606 | expect(user.account.description).to.be.null | |
607 | }) | |
608 | ||
609 | it('Should be able to change the autoPlayVideo attribute', async function () { | |
610 | await updateMyUser({ | |
611 | url: server.url, | |
612 | accessToken: accessTokenUser, | |
613 | autoPlayVideo: false | |
614 | }) | |
615 | ||
616 | const res = await getMyUserInformation(server.url, accessTokenUser) | |
617 | const user = res.body | |
618 | ||
619 | expect(user.autoPlayVideo).to.be.false | |
620 | }) | |
621 | ||
622 | it('Should be able to change the autoPlayNextVideo attribute', async function () { | |
623 | await updateMyUser({ | |
624 | url: server.url, | |
625 | accessToken: accessTokenUser, | |
626 | autoPlayNextVideo: true | |
627 | }) | |
628 | ||
629 | const res = await getMyUserInformation(server.url, accessTokenUser) | |
630 | const user = res.body | |
631 | ||
632 | expect(user.autoPlayNextVideo).to.be.true | |
633 | }) | |
634 | ||
635 | it('Should be able to change the email attribute', async function () { | |
636 | await updateMyUser({ | |
637 | url: server.url, | |
638 | accessToken: accessTokenUser, | |
639 | currentPassword: 'new password', | |
640 | email: 'updated@example.com' | |
641 | }) | |
642 | ||
643 | const res = await getMyUserInformation(server.url, accessTokenUser) | |
644 | const user = res.body | |
645 | ||
646 | expect(user.username).to.equal('user_1') | |
647 | expect(user.email).to.equal('updated@example.com') | |
648 | expect(user.nsfwPolicy).to.equal('do_not_list') | |
649 | expect(user.videoQuota).to.equal(2 * 1024 * 1024) | |
650 | expect(user.id).to.be.a('number') | |
651 | expect(user.account.displayName).to.equal('user_1') | |
652 | expect(user.account.description).to.be.null | |
653 | }) | |
654 | ||
655 | it('Should be able to update my avatar with a gif', async function () { | |
656 | const fixture = 'avatar.gif' | |
657 | ||
658 | await updateMyAvatar({ | |
659 | url: server.url, | |
660 | accessToken: accessTokenUser, | |
661 | fixture | |
662 | }) | |
663 | ||
664 | const res = await getMyUserInformation(server.url, accessTokenUser) | |
665 | const user = res.body | |
666 | ||
667 | await testImage(server.url, 'avatar-resized', user.account.avatar.path, '.gif') | |
668 | }) | |
669 | ||
670 | it('Should be able to update my avatar with a gif, and then a png', async function () { | |
671 | for (const extension of [ '.png', '.gif' ]) { | |
672 | const fixture = 'avatar' + extension | |
673 | ||
674 | await updateMyAvatar({ | |
675 | url: server.url, | |
676 | accessToken: accessTokenUser, | |
677 | fixture | |
678 | }) | |
679 | ||
680 | const res = await getMyUserInformation(server.url, accessTokenUser) | |
681 | const user = res.body | |
682 | ||
683 | await testImage(server.url, 'avatar-resized', user.account.avatar.path, extension) | |
684 | } | |
685 | }) | |
686 | ||
687 | it('Should be able to update my display name', async function () { | |
688 | await updateMyUser({ | |
689 | url: server.url, | |
690 | accessToken: accessTokenUser, | |
691 | displayName: 'new display name' | |
692 | }) | |
693 | ||
694 | const res = await getMyUserInformation(server.url, accessTokenUser) | |
695 | const user = res.body | |
696 | ||
697 | expect(user.username).to.equal('user_1') | |
698 | expect(user.email).to.equal('updated@example.com') | |
699 | expect(user.nsfwPolicy).to.equal('do_not_list') | |
700 | expect(user.videoQuota).to.equal(2 * 1024 * 1024) | |
701 | expect(user.id).to.be.a('number') | |
702 | expect(user.account.displayName).to.equal('new display name') | |
703 | expect(user.account.description).to.be.null | |
704 | }) | |
705 | ||
706 | it('Should be able to update my description', async function () { | |
707 | await updateMyUser({ | |
708 | url: server.url, | |
709 | accessToken: accessTokenUser, | |
710 | description: 'my super description updated' | |
711 | }) | |
712 | ||
713 | const res = await getMyUserInformation(server.url, accessTokenUser) | |
714 | const user: User = res.body | |
715 | ||
716 | expect(user.username).to.equal('user_1') | |
717 | expect(user.email).to.equal('updated@example.com') | |
718 | expect(user.nsfwPolicy).to.equal('do_not_list') | |
719 | expect(user.videoQuota).to.equal(2 * 1024 * 1024) | |
720 | expect(user.id).to.be.a('number') | |
721 | expect(user.account.displayName).to.equal('new display name') | |
722 | expect(user.account.description).to.equal('my super description updated') | |
723 | expect(user.noWelcomeModal).to.be.false | |
724 | expect(user.noInstanceConfigWarningModal).to.be.false | |
725 | }) | |
726 | ||
727 | it('Should be able to update my theme', async function () { | |
728 | for (const theme of [ 'background-red', 'default', 'instance-default' ]) { | |
729 | await updateMyUser({ | |
730 | url: server.url, | |
731 | accessToken: accessTokenUser, | |
732 | theme | |
733 | }) | |
734 | ||
735 | const res = await getMyUserInformation(server.url, accessTokenUser) | |
736 | const body: User = res.body | |
737 | ||
738 | expect(body.theme).to.equal(theme) | |
739 | } | |
740 | }) | |
741 | ||
742 | it('Should be able to update my modal preferences', async function () { | |
743 | await updateMyUser({ | |
744 | url: server.url, | |
745 | accessToken: accessTokenUser, | |
746 | noInstanceConfigWarningModal: true, | |
747 | noWelcomeModal: true | |
748 | }) | |
749 | ||
750 | const res = await getMyUserInformation(server.url, accessTokenUser) | |
751 | const user: User = res.body | |
752 | ||
753 | expect(user.noWelcomeModal).to.be.true | |
754 | expect(user.noInstanceConfigWarningModal).to.be.true | |
755 | }) | |
756 | }) | |
757 | ||
758 | describe('Updating another user', function () { | |
759 | it('Should be able to update another user', async function () { | |
760 | await updateUser({ | |
761 | url: server.url, | |
762 | userId, | |
763 | accessToken, | |
764 | email: 'updated2@example.com', | |
765 | emailVerified: true, | |
766 | videoQuota: 42, | |
767 | role: UserRole.MODERATOR, | |
768 | adminFlags: UserAdminFlag.NONE, | |
769 | pluginAuth: 'toto' | |
770 | }) | |
771 | ||
772 | const res = await getUserInformation(server.url, accessToken, userId) | |
773 | const user = res.body as User | |
774 | ||
775 | expect(user.username).to.equal('user_1') | |
776 | expect(user.email).to.equal('updated2@example.com') | |
777 | expect(user.emailVerified).to.be.true | |
778 | expect(user.nsfwPolicy).to.equal('do_not_list') | |
779 | expect(user.videoQuota).to.equal(42) | |
780 | expect(user.roleLabel).to.equal('Moderator') | |
781 | expect(user.id).to.be.a('number') | |
782 | expect(user.adminFlags).to.equal(UserAdminFlag.NONE) | |
783 | expect(user.pluginAuth).to.equal('toto') | |
784 | }) | |
785 | ||
786 | it('Should reset the auth plugin', async function () { | |
787 | await updateUser({ url: server.url, userId, accessToken, pluginAuth: null }) | |
788 | ||
789 | const res = await getUserInformation(server.url, accessToken, userId) | |
790 | const user = res.body as User | |
791 | expect(user.pluginAuth).to.be.null | |
792 | }) | |
793 | ||
794 | it('Should have removed the user token', async function () { | |
795 | await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401) | |
796 | ||
797 | accessTokenUser = await userLogin(server, user) | |
798 | }) | |
799 | ||
800 | it('Should be able to update another user password', async function () { | |
801 | await updateUser({ | |
802 | url: server.url, | |
803 | userId, | |
804 | accessToken, | |
805 | password: 'password updated' | |
806 | }) | |
807 | ||
808 | await getMyUserVideoQuotaUsed(server.url, accessTokenUser, HttpStatusCode.UNAUTHORIZED_401) | |
809 | ||
810 | await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400) | |
811 | ||
812 | user.password = 'password updated' | |
813 | accessTokenUser = await userLogin(server, user) | |
814 | }) | |
815 | }) | |
816 | ||
817 | describe('Video blacklists', function () { | |
818 | it('Should be able to list video blacklist by a moderator', async function () { | |
819 | await getBlacklistedVideosList({ url: server.url, token: accessTokenUser }) | |
820 | }) | |
821 | }) | |
822 | ||
823 | describe('Remove a user', function () { | |
824 | it('Should be able to remove this user', async function () { | |
825 | await removeUser(server.url, userId, accessToken) | |
826 | }) | |
827 | ||
828 | it('Should not be able to login with this user', async function () { | |
829 | await userLogin(server, user, HttpStatusCode.BAD_REQUEST_400) | |
830 | }) | |
831 | ||
832 | it('Should not have videos of this user', async function () { | |
833 | const res = await getVideosList(server.url) | |
834 | ||
835 | expect(res.body.total).to.equal(1) | |
836 | ||
837 | const video = res.body.data[0] | |
838 | expect(video.account.name).to.equal('root') | |
839 | }) | |
840 | }) | |
841 | ||
842 | describe('Registering a new user', function () { | |
843 | let user15AccessToken | |
844 | ||
845 | it('Should register a new user', async function () { | |
846 | const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' } | |
847 | const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' } | |
848 | ||
849 | await registerUserWithChannel({ url: server.url, user, channel }) | |
850 | }) | |
851 | ||
852 | it('Should be able to login with this registered user', async function () { | |
853 | const user15 = { | |
854 | username: 'user_15', | |
855 | password: 'my super password' | |
856 | } | |
857 | ||
858 | user15AccessToken = await userLogin(server, user15) | |
859 | }) | |
860 | ||
861 | it('Should have the correct display name', async function () { | |
862 | const res = await getMyUserInformation(server.url, user15AccessToken) | |
863 | const user: User = res.body | |
864 | ||
865 | expect(user.account.displayName).to.equal('super user 15') | |
866 | }) | |
867 | ||
868 | it('Should have the correct video quota', async function () { | |
869 | const res = await getMyUserInformation(server.url, user15AccessToken) | |
870 | const user = res.body | |
871 | ||
872 | expect(user.videoQuota).to.equal(5 * 1024 * 1024) | |
873 | }) | |
874 | ||
875 | it('Should have created the channel', async function () { | |
876 | const res = await getVideoChannel(server.url, 'my_user_15_channel') | |
877 | ||
878 | expect(res.body.displayName).to.equal('my channel rocks') | |
879 | }) | |
880 | ||
881 | it('Should remove me', async function () { | |
882 | { | |
883 | const res = await getUsersList(server.url, server.accessToken) | |
884 | expect(res.body.data.find(u => u.username === 'user_15')).to.not.be.undefined | |
885 | } | |
886 | ||
887 | await deleteMe(server.url, user15AccessToken) | |
888 | ||
889 | { | |
890 | const res = await getUsersList(server.url, server.accessToken) | |
891 | expect(res.body.data.find(u => u.username === 'user_15')).to.be.undefined | |
892 | } | |
893 | }) | |
894 | }) | |
895 | ||
896 | describe('User blocking', function () { | |
897 | let user16Id | |
898 | let user16AccessToken | |
899 | const user16 = { | |
900 | username: 'user_16', | |
901 | password: 'my super password' | |
902 | } | |
903 | ||
904 | it('Should block a user', async function () { | |
905 | const resUser = await createUser({ | |
906 | url: server.url, | |
907 | accessToken: server.accessToken, | |
908 | username: user16.username, | |
909 | password: user16.password | |
910 | }) | |
911 | user16Id = resUser.body.user.id | |
912 | ||
913 | user16AccessToken = await userLogin(server, user16) | |
914 | ||
915 | await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200) | |
916 | await blockUser(server.url, user16Id, server.accessToken) | |
917 | ||
918 | await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.UNAUTHORIZED_401) | |
919 | await userLogin(server, user16, HttpStatusCode.BAD_REQUEST_400) | |
920 | }) | |
921 | ||
922 | it('Should search user by banned status', async function () { | |
923 | { | |
924 | const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, true) | |
925 | const users = res.body.data as User[] | |
926 | ||
927 | expect(res.body.total).to.equal(1) | |
928 | expect(users.length).to.equal(1) | |
929 | ||
930 | expect(users[0].username).to.equal(user16.username) | |
931 | } | |
932 | ||
933 | { | |
934 | const res = await getUsersListPaginationAndSort(server.url, server.accessToken, 0, 2, 'createdAt', undefined, false) | |
935 | const users = res.body.data as User[] | |
936 | ||
937 | expect(res.body.total).to.equal(1) | |
938 | expect(users.length).to.equal(1) | |
939 | ||
940 | expect(users[0].username).to.not.equal(user16.username) | |
941 | } | |
942 | }) | |
943 | ||
944 | it('Should unblock a user', async function () { | |
945 | await unblockUser(server.url, user16Id, server.accessToken) | |
946 | user16AccessToken = await userLogin(server, user16) | |
947 | await getMyUserInformation(server.url, user16AccessToken, HttpStatusCode.OK_200) | |
948 | }) | |
949 | }) | |
950 | ||
951 | describe('User stats', function () { | |
952 | let user17Id | |
953 | let user17AccessToken | |
954 | ||
955 | it('Should report correct initial statistics about a user', async function () { | |
956 | const user17 = { | |
957 | username: 'user_17', | |
958 | password: 'my super password' | |
959 | } | |
960 | const resUser = await createUser({ | |
961 | url: server.url, | |
962 | accessToken: server.accessToken, | |
963 | username: user17.username, | |
964 | password: user17.password | |
965 | }) | |
966 | ||
967 | user17Id = resUser.body.user.id | |
968 | user17AccessToken = await userLogin(server, user17) | |
969 | ||
970 | const res = await getUserInformation(server.url, server.accessToken, user17Id, true) | |
971 | const user: User = res.body | |
972 | ||
973 | expect(user.videosCount).to.equal(0) | |
974 | expect(user.videoCommentsCount).to.equal(0) | |
975 | expect(user.abusesCount).to.equal(0) | |
976 | expect(user.abusesCreatedCount).to.equal(0) | |
977 | expect(user.abusesAcceptedCount).to.equal(0) | |
978 | }) | |
979 | ||
980 | it('Should report correct videos count', async function () { | |
981 | const videoAttributes = { | |
982 | name: 'video to test user stats' | |
983 | } | |
984 | await uploadVideo(server.url, user17AccessToken, videoAttributes) | |
985 | const res1 = await getVideosList(server.url) | |
986 | videoId = res1.body.data.find(video => video.name === videoAttributes.name).id | |
987 | ||
988 | const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true) | |
989 | const user: User = res2.body | |
990 | ||
991 | expect(user.videosCount).to.equal(1) | |
992 | }) | |
993 | ||
994 | it('Should report correct video comments for user', async function () { | |
995 | const text = 'super comment' | |
996 | await addVideoCommentThread(server.url, user17AccessToken, videoId, text) | |
997 | ||
998 | const res = await getUserInformation(server.url, server.accessToken, user17Id, true) | |
999 | const user: User = res.body | |
1000 | ||
1001 | expect(user.videoCommentsCount).to.equal(1) | |
1002 | }) | |
1003 | ||
1004 | it('Should report correct abuses counts', async function () { | |
1005 | const reason = 'my super bad reason' | |
1006 | await server.abusesCommand.report({ token: user17AccessToken, videoId, reason }) | |
1007 | ||
1008 | const body1 = await server.abusesCommand.getAdminList() | |
1009 | const abuseId = body1.data[0].id | |
1010 | ||
1011 | const res2 = await getUserInformation(server.url, server.accessToken, user17Id, true) | |
1012 | const user2: User = res2.body | |
1013 | ||
1014 | expect(user2.abusesCount).to.equal(1) // number of incriminations | |
1015 | expect(user2.abusesCreatedCount).to.equal(1) // number of reports created | |
1016 | ||
1017 | await server.abusesCommand.update({ abuseId, body: { state: AbuseState.ACCEPTED } }) | |
1018 | ||
1019 | const res3 = await getUserInformation(server.url, server.accessToken, user17Id, true) | |
1020 | const user3: User = res3.body | |
1021 | ||
1022 | expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted | |
1023 | }) | |
1024 | }) | |
1025 | ||
1026 | after(async function () { | |
1027 | await closeAllSequelize([ server ]) | |
1028 | await cleanupTests([ server ]) | |
1029 | }) | |
1030 | }) |