]>
Commit | Line | Data |
---|---|---|
1 | /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */ | |
2 | ||
3 | import { expect } from 'chai' | |
4 | import { testImage } from '@server/tests/shared' | |
5 | import { AbuseState, HttpStatusCode, OAuth2ErrorCode, UserAdminFlag, UserRole, VideoPlaylistType } from '@shared/models' | |
6 | import { | |
7 | cleanupTests, | |
8 | createSingleServer, | |
9 | killallServers, | |
10 | makePutBodyRequest, | |
11 | PeerTubeServer, | |
12 | setAccessTokensToServers | |
13 | } from '@shared/server-commands' | |
14 | ||
15 | describe('Test users', function () { | |
16 | let server: PeerTubeServer | |
17 | let token: string | |
18 | let userToken: string | |
19 | let videoId: number | |
20 | let userId: number | |
21 | const user = { | |
22 | username: 'user_1', | |
23 | password: 'super password' | |
24 | } | |
25 | ||
26 | before(async function () { | |
27 | this.timeout(30000) | |
28 | ||
29 | server = await createSingleServer(1, { | |
30 | rates_limit: { | |
31 | login: { | |
32 | max: 30 | |
33 | } | |
34 | } | |
35 | }) | |
36 | ||
37 | await setAccessTokensToServers([ server ]) | |
38 | ||
39 | await server.plugins.install({ npmName: 'peertube-theme-background-red' }) | |
40 | }) | |
41 | ||
42 | describe('OAuth client', function () { | |
43 | it('Should create a new client') | |
44 | ||
45 | it('Should return the first client') | |
46 | ||
47 | it('Should remove the last client') | |
48 | ||
49 | it('Should not login with an invalid client id', async function () { | |
50 | const client = { id: 'client', secret: server.store.client.secret } | |
51 | const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
52 | ||
53 | expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT) | |
54 | expect(body.error).to.contain('client is invalid') | |
55 | expect(body.type.startsWith('https://')).to.be.true | |
56 | expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT) | |
57 | }) | |
58 | ||
59 | it('Should not login with an invalid client secret', async function () { | |
60 | const client = { id: server.store.client.id, secret: 'coucou' } | |
61 | const body = await server.login.login({ client, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
62 | ||
63 | expect(body.code).to.equal(OAuth2ErrorCode.INVALID_CLIENT) | |
64 | expect(body.error).to.contain('client is invalid') | |
65 | expect(body.type.startsWith('https://')).to.be.true | |
66 | expect(body.type).to.contain(OAuth2ErrorCode.INVALID_CLIENT) | |
67 | }) | |
68 | }) | |
69 | ||
70 | describe('Login', function () { | |
71 | ||
72 | it('Should not login with an invalid username', async function () { | |
73 | const user = { username: 'captain crochet', password: server.store.user.password } | |
74 | const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
75 | ||
76 | expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT) | |
77 | expect(body.error).to.contain('credentials are invalid') | |
78 | expect(body.type.startsWith('https://')).to.be.true | |
79 | expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT) | |
80 | }) | |
81 | ||
82 | it('Should not login with an invalid password', async function () { | |
83 | const user = { username: server.store.user.username, password: 'mew_three' } | |
84 | const body = await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
85 | ||
86 | expect(body.code).to.equal(OAuth2ErrorCode.INVALID_GRANT) | |
87 | expect(body.error).to.contain('credentials are invalid') | |
88 | expect(body.type.startsWith('https://')).to.be.true | |
89 | expect(body.type).to.contain(OAuth2ErrorCode.INVALID_GRANT) | |
90 | }) | |
91 | ||
92 | it('Should not be able to upload a video', async function () { | |
93 | token = 'my_super_token' | |
94 | ||
95 | await server.videos.upload({ token, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
96 | }) | |
97 | ||
98 | it('Should not be able to follow', async function () { | |
99 | token = 'my_super_token' | |
100 | ||
101 | await server.follows.follow({ | |
102 | hosts: [ 'http://example.com' ], | |
103 | token, | |
104 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | |
105 | }) | |
106 | }) | |
107 | ||
108 | it('Should not be able to unfollow') | |
109 | ||
110 | it('Should be able to login', async function () { | |
111 | const body = await server.login.login({ expectedStatus: HttpStatusCode.OK_200 }) | |
112 | ||
113 | token = body.access_token | |
114 | }) | |
115 | ||
116 | it('Should be able to login with an insensitive username', async function () { | |
117 | const user = { username: 'RoOt', password: server.store.user.password } | |
118 | await server.login.login({ user, expectedStatus: HttpStatusCode.OK_200 }) | |
119 | ||
120 | const user2 = { username: 'rOoT', password: server.store.user.password } | |
121 | await server.login.login({ user: user2, expectedStatus: HttpStatusCode.OK_200 }) | |
122 | ||
123 | const user3 = { username: 'ROOt', password: server.store.user.password } | |
124 | await server.login.login({ user: user3, expectedStatus: HttpStatusCode.OK_200 }) | |
125 | }) | |
126 | }) | |
127 | ||
128 | describe('Logout', function () { | |
129 | it('Should logout (revoke token)', async function () { | |
130 | await server.login.logout({ token: server.accessToken }) | |
131 | }) | |
132 | ||
133 | it('Should not be able to get the user information', async function () { | |
134 | await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
135 | }) | |
136 | ||
137 | it('Should not be able to upload a video', async function () { | |
138 | await server.videos.upload({ attributes: { name: 'video' }, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
139 | }) | |
140 | ||
141 | it('Should not be able to rate a video', async function () { | |
142 | const path = '/api/v1/videos/' | |
143 | const data = { | |
144 | rating: 'likes' | |
145 | } | |
146 | ||
147 | const options = { | |
148 | url: server.url, | |
149 | path: path + videoId, | |
150 | token: 'wrong token', | |
151 | fields: data, | |
152 | expectedStatus: HttpStatusCode.UNAUTHORIZED_401 | |
153 | } | |
154 | await makePutBodyRequest(options) | |
155 | }) | |
156 | ||
157 | it('Should be able to login again', async function () { | |
158 | const body = await server.login.login() | |
159 | server.accessToken = body.access_token | |
160 | server.refreshToken = body.refresh_token | |
161 | }) | |
162 | ||
163 | it('Should be able to get my user information again', async function () { | |
164 | await server.users.getMyInfo() | |
165 | }) | |
166 | ||
167 | it('Should have an expired access token', async function () { | |
168 | this.timeout(60000) | |
169 | ||
170 | await server.sql.setTokenField(server.accessToken, 'accessTokenExpiresAt', new Date().toISOString()) | |
171 | await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', new Date().toISOString()) | |
172 | ||
173 | await killallServers([ server ]) | |
174 | await server.run() | |
175 | ||
176 | await server.users.getMyInfo({ expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
177 | }) | |
178 | ||
179 | it('Should not be able to refresh an access token with an expired refresh token', async function () { | |
180 | await server.login.refreshToken({ refreshToken: server.refreshToken, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
181 | }) | |
182 | ||
183 | it('Should refresh the token', async function () { | |
184 | this.timeout(50000) | |
185 | ||
186 | const futureDate = new Date(new Date().getTime() + 1000 * 60).toISOString() | |
187 | await server.sql.setTokenField(server.accessToken, 'refreshTokenExpiresAt', futureDate) | |
188 | ||
189 | await killallServers([ server ]) | |
190 | await server.run() | |
191 | ||
192 | const res = await server.login.refreshToken({ refreshToken: server.refreshToken }) | |
193 | server.accessToken = res.body.access_token | |
194 | server.refreshToken = res.body.refresh_token | |
195 | }) | |
196 | ||
197 | it('Should be able to get my user information again', async function () { | |
198 | await server.users.getMyInfo() | |
199 | }) | |
200 | }) | |
201 | ||
202 | describe('Creating a user', function () { | |
203 | ||
204 | it('Should be able to create a new user', async function () { | |
205 | await server.users.create({ ...user, videoQuota: 2 * 1024 * 1024, adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST }) | |
206 | }) | |
207 | ||
208 | it('Should be able to login with this user', async function () { | |
209 | userToken = await server.login.getAccessToken(user) | |
210 | }) | |
211 | ||
212 | it('Should be able to get user information', async function () { | |
213 | const userMe = await server.users.getMyInfo({ token: userToken }) | |
214 | ||
215 | const userGet = await server.users.get({ userId: userMe.id, withStats: true }) | |
216 | ||
217 | for (const user of [ userMe, userGet ]) { | |
218 | expect(user.username).to.equal('user_1') | |
219 | expect(user.email).to.equal('user_1@example.com') | |
220 | expect(user.nsfwPolicy).to.equal('display') | |
221 | expect(user.videoQuota).to.equal(2 * 1024 * 1024) | |
222 | expect(user.role.label).to.equal('User') | |
223 | expect(user.id).to.be.a('number') | |
224 | expect(user.account.displayName).to.equal('user_1') | |
225 | expect(user.account.description).to.be.null | |
226 | } | |
227 | ||
228 | expect(userMe.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST) | |
229 | expect(userGet.adminFlags).to.equal(UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST) | |
230 | ||
231 | expect(userMe.specialPlaylists).to.have.lengthOf(1) | |
232 | expect(userMe.specialPlaylists[0].type).to.equal(VideoPlaylistType.WATCH_LATER) | |
233 | ||
234 | // Check stats are included with withStats | |
235 | expect(userGet.videosCount).to.be.a('number') | |
236 | expect(userGet.videosCount).to.equal(0) | |
237 | expect(userGet.videoCommentsCount).to.be.a('number') | |
238 | expect(userGet.videoCommentsCount).to.equal(0) | |
239 | expect(userGet.abusesCount).to.be.a('number') | |
240 | expect(userGet.abusesCount).to.equal(0) | |
241 | expect(userGet.abusesAcceptedCount).to.be.a('number') | |
242 | expect(userGet.abusesAcceptedCount).to.equal(0) | |
243 | }) | |
244 | }) | |
245 | ||
246 | describe('Users listing', function () { | |
247 | ||
248 | it('Should list all the users', async function () { | |
249 | const { data, total } = await server.users.list() | |
250 | ||
251 | expect(total).to.equal(2) | |
252 | expect(data).to.be.an('array') | |
253 | expect(data.length).to.equal(2) | |
254 | ||
255 | const user = data[0] | |
256 | expect(user.username).to.equal('user_1') | |
257 | expect(user.email).to.equal('user_1@example.com') | |
258 | expect(user.nsfwPolicy).to.equal('display') | |
259 | ||
260 | const rootUser = data[1] | |
261 | expect(rootUser.username).to.equal('root') | |
262 | expect(rootUser.email).to.equal('admin' + server.internalServerNumber + '@example.com') | |
263 | expect(user.nsfwPolicy).to.equal('display') | |
264 | ||
265 | expect(rootUser.lastLoginDate).to.exist | |
266 | expect(user.lastLoginDate).to.exist | |
267 | ||
268 | userId = user.id | |
269 | }) | |
270 | ||
271 | it('Should list only the first user by username asc', async function () { | |
272 | const { total, data } = await server.users.list({ start: 0, count: 1, sort: 'username' }) | |
273 | ||
274 | expect(total).to.equal(2) | |
275 | expect(data.length).to.equal(1) | |
276 | ||
277 | const user = data[0] | |
278 | expect(user.username).to.equal('root') | |
279 | expect(user.email).to.equal('admin' + server.internalServerNumber + '@example.com') | |
280 | expect(user.role.label).to.equal('Administrator') | |
281 | expect(user.nsfwPolicy).to.equal('display') | |
282 | }) | |
283 | ||
284 | it('Should list only the first user by username desc', async function () { | |
285 | const { total, data } = await server.users.list({ start: 0, count: 1, sort: '-username' }) | |
286 | ||
287 | expect(total).to.equal(2) | |
288 | expect(data.length).to.equal(1) | |
289 | ||
290 | const user = data[0] | |
291 | expect(user.username).to.equal('user_1') | |
292 | expect(user.email).to.equal('user_1@example.com') | |
293 | expect(user.nsfwPolicy).to.equal('display') | |
294 | }) | |
295 | ||
296 | it('Should list only the second user by createdAt desc', async function () { | |
297 | const { data, total } = await server.users.list({ start: 0, count: 1, sort: '-createdAt' }) | |
298 | expect(total).to.equal(2) | |
299 | ||
300 | expect(data.length).to.equal(1) | |
301 | ||
302 | const user = data[0] | |
303 | expect(user.username).to.equal('user_1') | |
304 | expect(user.email).to.equal('user_1@example.com') | |
305 | expect(user.nsfwPolicy).to.equal('display') | |
306 | }) | |
307 | ||
308 | it('Should list all the users by createdAt asc', async function () { | |
309 | const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt' }) | |
310 | ||
311 | expect(total).to.equal(2) | |
312 | expect(data.length).to.equal(2) | |
313 | ||
314 | expect(data[0].username).to.equal('root') | |
315 | expect(data[0].email).to.equal('admin' + server.internalServerNumber + '@example.com') | |
316 | expect(data[0].nsfwPolicy).to.equal('display') | |
317 | ||
318 | expect(data[1].username).to.equal('user_1') | |
319 | expect(data[1].email).to.equal('user_1@example.com') | |
320 | expect(data[1].nsfwPolicy).to.equal('display') | |
321 | }) | |
322 | ||
323 | it('Should search user by username', async function () { | |
324 | const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'oot' }) | |
325 | expect(total).to.equal(1) | |
326 | expect(data.length).to.equal(1) | |
327 | expect(data[0].username).to.equal('root') | |
328 | }) | |
329 | ||
330 | it('Should search user by email', async function () { | |
331 | { | |
332 | const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'r_1@exam' }) | |
333 | expect(total).to.equal(1) | |
334 | expect(data.length).to.equal(1) | |
335 | expect(data[0].username).to.equal('user_1') | |
336 | expect(data[0].email).to.equal('user_1@example.com') | |
337 | } | |
338 | ||
339 | { | |
340 | const { total, data } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', search: 'example' }) | |
341 | expect(total).to.equal(2) | |
342 | expect(data.length).to.equal(2) | |
343 | expect(data[0].username).to.equal('root') | |
344 | expect(data[1].username).to.equal('user_1') | |
345 | } | |
346 | }) | |
347 | }) | |
348 | ||
349 | describe('Update my account', function () { | |
350 | ||
351 | it('Should update my password', async function () { | |
352 | await server.users.updateMe({ | |
353 | token: userToken, | |
354 | currentPassword: 'super password', | |
355 | password: 'new password' | |
356 | }) | |
357 | user.password = 'new password' | |
358 | ||
359 | await server.login.login({ user }) | |
360 | }) | |
361 | ||
362 | it('Should be able to change the NSFW display attribute', async function () { | |
363 | await server.users.updateMe({ | |
364 | token: userToken, | |
365 | nsfwPolicy: 'do_not_list' | |
366 | }) | |
367 | ||
368 | const user = await server.users.getMyInfo({ token: userToken }) | |
369 | expect(user.username).to.equal('user_1') | |
370 | expect(user.email).to.equal('user_1@example.com') | |
371 | expect(user.nsfwPolicy).to.equal('do_not_list') | |
372 | expect(user.videoQuota).to.equal(2 * 1024 * 1024) | |
373 | expect(user.id).to.be.a('number') | |
374 | expect(user.account.displayName).to.equal('user_1') | |
375 | expect(user.account.description).to.be.null | |
376 | }) | |
377 | ||
378 | it('Should be able to change the autoPlayVideo attribute', async function () { | |
379 | await server.users.updateMe({ | |
380 | token: userToken, | |
381 | autoPlayVideo: false | |
382 | }) | |
383 | ||
384 | const user = await server.users.getMyInfo({ token: userToken }) | |
385 | expect(user.autoPlayVideo).to.be.false | |
386 | }) | |
387 | ||
388 | it('Should be able to change the autoPlayNextVideo attribute', async function () { | |
389 | await server.users.updateMe({ | |
390 | token: userToken, | |
391 | autoPlayNextVideo: true | |
392 | }) | |
393 | ||
394 | const user = await server.users.getMyInfo({ token: userToken }) | |
395 | expect(user.autoPlayNextVideo).to.be.true | |
396 | }) | |
397 | ||
398 | it('Should be able to change the p2p attribute', async function () { | |
399 | { | |
400 | await server.users.updateMe({ | |
401 | token: userToken, | |
402 | webTorrentEnabled: false | |
403 | }) | |
404 | ||
405 | const user = await server.users.getMyInfo({ token: userToken }) | |
406 | expect(user.p2pEnabled).to.be.false | |
407 | } | |
408 | ||
409 | { | |
410 | await server.users.updateMe({ | |
411 | token: userToken, | |
412 | p2pEnabled: true | |
413 | }) | |
414 | ||
415 | const user = await server.users.getMyInfo({ token: userToken }) | |
416 | expect(user.p2pEnabled).to.be.true | |
417 | } | |
418 | }) | |
419 | ||
420 | it('Should be able to change the email attribute', async function () { | |
421 | await server.users.updateMe({ | |
422 | token: userToken, | |
423 | currentPassword: 'new password', | |
424 | email: 'updated@example.com' | |
425 | }) | |
426 | ||
427 | const user = await server.users.getMyInfo({ token: userToken }) | |
428 | expect(user.username).to.equal('user_1') | |
429 | expect(user.email).to.equal('updated@example.com') | |
430 | expect(user.nsfwPolicy).to.equal('do_not_list') | |
431 | expect(user.videoQuota).to.equal(2 * 1024 * 1024) | |
432 | expect(user.id).to.be.a('number') | |
433 | expect(user.account.displayName).to.equal('user_1') | |
434 | expect(user.account.description).to.be.null | |
435 | }) | |
436 | ||
437 | it('Should be able to update my avatar with a gif', async function () { | |
438 | const fixture = 'avatar.gif' | |
439 | ||
440 | await server.users.updateMyAvatar({ token: userToken, fixture }) | |
441 | ||
442 | const user = await server.users.getMyInfo({ token: userToken }) | |
443 | for (const avatar of user.account.avatars) { | |
444 | await testImage(server.url, `avatar-resized-${avatar.width}x${avatar.width}`, avatar.path, '.gif') | |
445 | } | |
446 | }) | |
447 | ||
448 | it('Should be able to update my avatar with a gif, and then a png', async function () { | |
449 | for (const extension of [ '.png', '.gif' ]) { | |
450 | const fixture = 'avatar' + extension | |
451 | ||
452 | await server.users.updateMyAvatar({ token: userToken, fixture }) | |
453 | ||
454 | const user = await server.users.getMyInfo({ token: userToken }) | |
455 | for (const avatar of user.account.avatars) { | |
456 | await testImage(server.url, `avatar-resized-${avatar.width}x${avatar.width}`, avatar.path, extension) | |
457 | } | |
458 | } | |
459 | }) | |
460 | ||
461 | it('Should be able to update my display name', async function () { | |
462 | await server.users.updateMe({ token: userToken, displayName: 'new display name' }) | |
463 | ||
464 | const user = await server.users.getMyInfo({ token: userToken }) | |
465 | expect(user.username).to.equal('user_1') | |
466 | expect(user.email).to.equal('updated@example.com') | |
467 | expect(user.nsfwPolicy).to.equal('do_not_list') | |
468 | expect(user.videoQuota).to.equal(2 * 1024 * 1024) | |
469 | expect(user.id).to.be.a('number') | |
470 | expect(user.account.displayName).to.equal('new display name') | |
471 | expect(user.account.description).to.be.null | |
472 | }) | |
473 | ||
474 | it('Should be able to update my description', async function () { | |
475 | await server.users.updateMe({ token: userToken, description: 'my super description updated' }) | |
476 | ||
477 | const user = await server.users.getMyInfo({ token: userToken }) | |
478 | expect(user.username).to.equal('user_1') | |
479 | expect(user.email).to.equal('updated@example.com') | |
480 | expect(user.nsfwPolicy).to.equal('do_not_list') | |
481 | expect(user.videoQuota).to.equal(2 * 1024 * 1024) | |
482 | expect(user.id).to.be.a('number') | |
483 | expect(user.account.displayName).to.equal('new display name') | |
484 | expect(user.account.description).to.equal('my super description updated') | |
485 | expect(user.noWelcomeModal).to.be.false | |
486 | expect(user.noInstanceConfigWarningModal).to.be.false | |
487 | expect(user.noAccountSetupWarningModal).to.be.false | |
488 | }) | |
489 | ||
490 | it('Should be able to update my theme', async function () { | |
491 | for (const theme of [ 'background-red', 'default', 'instance-default' ]) { | |
492 | await server.users.updateMe({ token: userToken, theme }) | |
493 | ||
494 | const user = await server.users.getMyInfo({ token: userToken }) | |
495 | expect(user.theme).to.equal(theme) | |
496 | } | |
497 | }) | |
498 | ||
499 | it('Should be able to update my modal preferences', async function () { | |
500 | await server.users.updateMe({ | |
501 | token: userToken, | |
502 | noInstanceConfigWarningModal: true, | |
503 | noWelcomeModal: true, | |
504 | noAccountSetupWarningModal: true | |
505 | }) | |
506 | ||
507 | const user = await server.users.getMyInfo({ token: userToken }) | |
508 | expect(user.noWelcomeModal).to.be.true | |
509 | expect(user.noInstanceConfigWarningModal).to.be.true | |
510 | expect(user.noAccountSetupWarningModal).to.be.true | |
511 | }) | |
512 | }) | |
513 | ||
514 | describe('Updating another user', function () { | |
515 | it('Should be able to update another user', async function () { | |
516 | await server.users.update({ | |
517 | userId, | |
518 | token, | |
519 | email: 'updated2@example.com', | |
520 | emailVerified: true, | |
521 | videoQuota: 42, | |
522 | role: UserRole.MODERATOR, | |
523 | adminFlags: UserAdminFlag.NONE, | |
524 | pluginAuth: 'toto' | |
525 | }) | |
526 | ||
527 | const user = await server.users.get({ token, userId }) | |
528 | ||
529 | expect(user.username).to.equal('user_1') | |
530 | expect(user.email).to.equal('updated2@example.com') | |
531 | expect(user.emailVerified).to.be.true | |
532 | expect(user.nsfwPolicy).to.equal('do_not_list') | |
533 | expect(user.videoQuota).to.equal(42) | |
534 | expect(user.role.label).to.equal('Moderator') | |
535 | expect(user.id).to.be.a('number') | |
536 | expect(user.adminFlags).to.equal(UserAdminFlag.NONE) | |
537 | expect(user.pluginAuth).to.equal('toto') | |
538 | }) | |
539 | ||
540 | it('Should reset the auth plugin', async function () { | |
541 | await server.users.update({ userId, token, pluginAuth: null }) | |
542 | ||
543 | const user = await server.users.get({ token, userId }) | |
544 | expect(user.pluginAuth).to.be.null | |
545 | }) | |
546 | ||
547 | it('Should have removed the user token', async function () { | |
548 | await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
549 | ||
550 | userToken = await server.login.getAccessToken(user) | |
551 | }) | |
552 | ||
553 | it('Should be able to update another user password', async function () { | |
554 | await server.users.update({ userId, token, password: 'password updated' }) | |
555 | ||
556 | await server.users.getMyQuotaUsed({ token: userToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
557 | ||
558 | await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
559 | ||
560 | user.password = 'password updated' | |
561 | userToken = await server.login.getAccessToken(user) | |
562 | }) | |
563 | }) | |
564 | ||
565 | describe('Video blacklists', function () { | |
566 | ||
567 | it('Should be able to list my video blacklist', async function () { | |
568 | await server.blacklist.list({ token: userToken }) | |
569 | }) | |
570 | }) | |
571 | ||
572 | describe('Remove a user', function () { | |
573 | ||
574 | before(async function () { | |
575 | await server.users.update({ | |
576 | userId, | |
577 | token, | |
578 | videoQuota: 2 * 1024 * 1024 | |
579 | }) | |
580 | ||
581 | await server.videos.quickUpload({ name: 'user video', token: userToken, fixture: 'video_short.webm' }) | |
582 | await server.videos.quickUpload({ name: 'root video' }) | |
583 | ||
584 | const { total } = await server.videos.list() | |
585 | expect(total).to.equal(2) | |
586 | }) | |
587 | ||
588 | it('Should be able to remove this user', async function () { | |
589 | await server.users.remove({ userId, token }) | |
590 | }) | |
591 | ||
592 | it('Should not be able to login with this user', async function () { | |
593 | await server.login.login({ user, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
594 | }) | |
595 | ||
596 | it('Should not have videos of this user', async function () { | |
597 | const { data, total } = await server.videos.list() | |
598 | expect(total).to.equal(1) | |
599 | ||
600 | const video = data[0] | |
601 | expect(video.account.name).to.equal('root') | |
602 | }) | |
603 | }) | |
604 | ||
605 | describe('Registering a new user', function () { | |
606 | let user15AccessToken: string | |
607 | ||
608 | it('Should register a new user', async function () { | |
609 | const user = { displayName: 'super user 15', username: 'user_15', password: 'my super password' } | |
610 | const channel = { name: 'my_user_15_channel', displayName: 'my channel rocks' } | |
611 | ||
612 | await server.users.register({ ...user, channel }) | |
613 | }) | |
614 | ||
615 | it('Should be able to login with this registered user', async function () { | |
616 | const user15 = { | |
617 | username: 'user_15', | |
618 | password: 'my super password' | |
619 | } | |
620 | ||
621 | user15AccessToken = await server.login.getAccessToken(user15) | |
622 | }) | |
623 | ||
624 | it('Should have the correct display name', async function () { | |
625 | const user = await server.users.getMyInfo({ token: user15AccessToken }) | |
626 | expect(user.account.displayName).to.equal('super user 15') | |
627 | }) | |
628 | ||
629 | it('Should have the correct video quota', async function () { | |
630 | const user = await server.users.getMyInfo({ token: user15AccessToken }) | |
631 | expect(user.videoQuota).to.equal(5 * 1024 * 1024) | |
632 | }) | |
633 | ||
634 | it('Should have created the channel', async function () { | |
635 | const { displayName } = await server.channels.get({ channelName: 'my_user_15_channel' }) | |
636 | ||
637 | expect(displayName).to.equal('my channel rocks') | |
638 | }) | |
639 | ||
640 | it('Should remove me', async function () { | |
641 | { | |
642 | const { data } = await server.users.list() | |
643 | expect(data.find(u => u.username === 'user_15')).to.not.be.undefined | |
644 | } | |
645 | ||
646 | await server.users.deleteMe({ token: user15AccessToken }) | |
647 | ||
648 | { | |
649 | const { data } = await server.users.list() | |
650 | expect(data.find(u => u.username === 'user_15')).to.be.undefined | |
651 | } | |
652 | }) | |
653 | }) | |
654 | ||
655 | describe('User blocking', function () { | |
656 | let user16Id | |
657 | let user16AccessToken | |
658 | const user16 = { | |
659 | username: 'user_16', | |
660 | password: 'my super password' | |
661 | } | |
662 | ||
663 | it('Should block a user', async function () { | |
664 | const user = await server.users.create({ ...user16 }) | |
665 | user16Id = user.id | |
666 | ||
667 | user16AccessToken = await server.login.getAccessToken(user16) | |
668 | ||
669 | await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 }) | |
670 | await server.users.banUser({ userId: user16Id }) | |
671 | ||
672 | await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 }) | |
673 | await server.login.login({ user: user16, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }) | |
674 | }) | |
675 | ||
676 | it('Should search user by banned status', async function () { | |
677 | { | |
678 | const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: true }) | |
679 | expect(total).to.equal(1) | |
680 | expect(data.length).to.equal(1) | |
681 | ||
682 | expect(data[0].username).to.equal(user16.username) | |
683 | } | |
684 | ||
685 | { | |
686 | const { data, total } = await server.users.list({ start: 0, count: 2, sort: 'createdAt', blocked: false }) | |
687 | expect(total).to.equal(1) | |
688 | expect(data.length).to.equal(1) | |
689 | ||
690 | expect(data[0].username).to.not.equal(user16.username) | |
691 | } | |
692 | }) | |
693 | ||
694 | it('Should unblock a user', async function () { | |
695 | await server.users.unbanUser({ userId: user16Id }) | |
696 | user16AccessToken = await server.login.getAccessToken(user16) | |
697 | await server.users.getMyInfo({ token: user16AccessToken, expectedStatus: HttpStatusCode.OK_200 }) | |
698 | }) | |
699 | }) | |
700 | ||
701 | describe('User stats', function () { | |
702 | let user17Id: number | |
703 | let user17AccessToken: string | |
704 | ||
705 | it('Should report correct initial statistics about a user', async function () { | |
706 | const user17 = { | |
707 | username: 'user_17', | |
708 | password: 'my super password' | |
709 | } | |
710 | const created = await server.users.create({ ...user17 }) | |
711 | ||
712 | user17Id = created.id | |
713 | user17AccessToken = await server.login.getAccessToken(user17) | |
714 | ||
715 | const user = await server.users.get({ userId: user17Id, withStats: true }) | |
716 | expect(user.videosCount).to.equal(0) | |
717 | expect(user.videoCommentsCount).to.equal(0) | |
718 | expect(user.abusesCount).to.equal(0) | |
719 | expect(user.abusesCreatedCount).to.equal(0) | |
720 | expect(user.abusesAcceptedCount).to.equal(0) | |
721 | }) | |
722 | ||
723 | it('Should report correct videos count', async function () { | |
724 | const attributes = { name: 'video to test user stats' } | |
725 | await server.videos.upload({ token: user17AccessToken, attributes }) | |
726 | ||
727 | const { data } = await server.videos.list() | |
728 | videoId = data.find(video => video.name === attributes.name).id | |
729 | ||
730 | const user = await server.users.get({ userId: user17Id, withStats: true }) | |
731 | expect(user.videosCount).to.equal(1) | |
732 | }) | |
733 | ||
734 | it('Should report correct video comments for user', async function () { | |
735 | const text = 'super comment' | |
736 | await server.comments.createThread({ token: user17AccessToken, videoId, text }) | |
737 | ||
738 | const user = await server.users.get({ userId: user17Id, withStats: true }) | |
739 | expect(user.videoCommentsCount).to.equal(1) | |
740 | }) | |
741 | ||
742 | it('Should report correct abuses counts', async function () { | |
743 | const reason = 'my super bad reason' | |
744 | await server.abuses.report({ token: user17AccessToken, videoId, reason }) | |
745 | ||
746 | const body1 = await server.abuses.getAdminList() | |
747 | const abuseId = body1.data[0].id | |
748 | ||
749 | const user2 = await server.users.get({ userId: user17Id, withStats: true }) | |
750 | expect(user2.abusesCount).to.equal(1) // number of incriminations | |
751 | expect(user2.abusesCreatedCount).to.equal(1) // number of reports created | |
752 | ||
753 | await server.abuses.update({ abuseId, body: { state: AbuseState.ACCEPTED } }) | |
754 | ||
755 | const user3 = await server.users.get({ userId: user17Id, withStats: true }) | |
756 | expect(user3.abusesAcceptedCount).to.equal(1) // number of reports created accepted | |
757 | }) | |
758 | }) | |
759 | ||
760 | after(async function () { | |
761 | await cleanupTests([ server ]) | |
762 | }) | |
763 | }) |