]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/check-params/users.js
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add ability to limit user registrations
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.js
1 /* eslint-disable no-unused-expressions */
2
3 'use strict'
4
5 const request = require('supertest')
6 const series = require('async/series')
7
8 const loginUtils = require('../../utils/login')
9 const requestsUtils = require('../../utils/requests')
10 const serversUtils = require('../../utils/servers')
11 const usersUtils = require('../../utils/users')
12 const videosUtils = require('../../utils/videos')
13
14 describe('Test users API validators', function () {
15 const path = '/api/v1/users/'
16 let userId = null
17 let rootId = null
18 let videoId = null
19 let server = null
20 let serverWithRegistrationDisabled = null
21 let userAccessToken = null
22
23 // ---------------------------------------------------------------
24
25 before(function (done) {
26 this.timeout(120000)
27
28 series([
29 function (next) {
30 serversUtils.flushTests(next)
31 },
32 function (next) {
33 serversUtils.runServer(1, function (serverCreated) {
34 server = serverCreated
35
36 next()
37 })
38 },
39 function (next) {
40 serversUtils.runServer(2, function (serverCreated) {
41 serverWithRegistrationDisabled = serverCreated
42
43 next()
44 })
45 },
46 function (next) {
47 loginUtils.loginAndGetAccessToken(server, function (err, token) {
48 if (err) throw err
49 server.accessToken = token
50
51 next()
52 })
53 },
54 function (next) {
55 const username = 'user1'
56 const password = 'my super password'
57
58 usersUtils.createUser(server.url, server.accessToken, username, password, next)
59 },
60 function (next) {
61 const videoAttributes = {}
62 videosUtils.uploadVideo(server.url, server.accessToken, videoAttributes, next)
63 },
64 function (next) {
65 videosUtils.getVideosList(server.url, function (err, res) {
66 if (err) throw err
67
68 const videos = res.body.data
69 videoId = videos[0].id
70
71 next()
72 })
73 },
74 function (next) {
75 const user = {
76 username: 'user1',
77 password: 'my super password'
78 }
79
80 loginUtils.getUserAccessToken(server, user, function (err, accessToken) {
81 if (err) throw err
82
83 userAccessToken = accessToken
84
85 next()
86 })
87 }
88 ], done)
89 })
90
91 describe('When listing users', function () {
92 it('Should fail with a bad start pagination', function (done) {
93 request(server.url)
94 .get(path)
95 .query({ start: 'hello' })
96 .set('Accept', 'application/json')
97 .expect(400, done)
98 })
99
100 it('Should fail with a bad count pagination', function (done) {
101 request(server.url)
102 .get(path)
103 .query({ count: 'hello' })
104 .set('Accept', 'application/json')
105 .expect(400, done)
106 })
107
108 it('Should fail with an incorrect sort', function (done) {
109 request(server.url)
110 .get(path)
111 .query({ sort: 'hello' })
112 .set('Accept', 'application/json')
113 .expect(400, done)
114 })
115 })
116
117 describe('When adding a new user', function () {
118 it('Should fail with a too small username', function (done) {
119 const data = {
120 username: 'ji',
121 email: 'test@example.com',
122 password: 'mysuperpassword'
123 }
124
125 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
126 })
127
128 it('Should fail with a too long username', function (done) {
129 const data = {
130 username: 'mysuperusernamewhichisverylong',
131 email: 'test@example.com',
132 password: 'mysuperpassword'
133 }
134
135 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
136 })
137
138 it('Should fail with an incorrect username', function (done) {
139 const data = {
140 username: 'my username',
141 email: 'test@example.com',
142 password: 'mysuperpassword'
143 }
144
145 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
146 })
147
148 it('Should fail with a missing email', function (done) {
149 const data = {
150 username: 'ji',
151 password: 'mysuperpassword'
152 }
153
154 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
155 })
156
157 it('Should fail with an invalid email', function (done) {
158 const data = {
159 username: 'mysuperusernamewhichisverylong',
160 email: 'testexample.com',
161 password: 'mysuperpassword'
162 }
163
164 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
165 })
166
167 it('Should fail with a too small password', function (done) {
168 const data = {
169 username: 'myusername',
170 email: 'test@example.com',
171 password: 'bla'
172 }
173
174 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
175 })
176
177 it('Should fail with a too long password', function (done) {
178 const data = {
179 username: 'myusername',
180 email: 'test@example.com',
181 password: 'my super long password which is very very very very very very very very very very very very very very' +
182 'very very very very very very very very very very very very very very very veryv very very very very' +
183 'very very very very very very very very very very very very very very very very very very very very long'
184 }
185
186 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done)
187 })
188
189 it('Should fail with an non authenticated user', function (done) {
190 const data = {
191 username: 'myusername',
192 email: 'test@example.com',
193 password: 'my super password'
194 }
195
196 requestsUtils.makePostBodyRequest(server.url, path, 'super token', data, done, 401)
197 })
198
199 it('Should fail if we add a user with the same username', function (done) {
200 const data = {
201 username: 'user1',
202 email: 'test@example.com',
203 password: 'my super password'
204 }
205
206 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 409)
207 })
208
209 it('Should fail if we add a user with the same email', function (done) {
210 const data = {
211 username: 'myusername',
212 email: 'user1@example.com',
213 password: 'my super password'
214 }
215
216 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 409)
217 })
218
219 it('Should succeed with the correct params', function (done) {
220 const data = {
221 username: 'user2',
222 email: 'test@example.com',
223 password: 'my super password'
224 }
225
226 requestsUtils.makePostBodyRequest(server.url, path, server.accessToken, data, done, 204)
227 })
228
229 it('Should fail with a non admin user', function (done) {
230 server.user = {
231 username: 'user1',
232 email: 'test@example.com',
233 password: 'my super password'
234 }
235
236 loginUtils.loginAndGetAccessToken(server, function (err, accessToken) {
237 if (err) throw err
238
239 userAccessToken = accessToken
240
241 const data = {
242 username: 'user3',
243 email: 'test@example.com',
244 password: 'my super password'
245 }
246
247 requestsUtils.makePostBodyRequest(server.url, path, userAccessToken, data, done, 403)
248 })
249 })
250 })
251
252 describe('When updating a user', function () {
253 before(function (done) {
254 usersUtils.getUsersList(server.url, function (err, res) {
255 if (err) throw err
256
257 userId = res.body.data[1].id
258 rootId = res.body.data[2].id
259 done()
260 })
261 })
262
263 it('Should fail with a too small password', function (done) {
264 const data = {
265 password: 'bla'
266 }
267
268 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
269 })
270
271 it('Should fail with a too long password', function (done) {
272 const data = {
273 password: 'my super long password which is very very very very very very very very very very very very very very' +
274 'very very very very very very very very very very very very very very very veryv very very very very' +
275 'very very very very very very very very very very very very very very very very very very very very long'
276 }
277
278 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
279 })
280
281 it('Should fail with an invalid display NSFW attribute', function (done) {
282 const data = {
283 displayNSFW: -1
284 }
285
286 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done)
287 })
288
289 it('Should fail with an non authenticated user', function (done) {
290 const data = {
291 password: 'my super password'
292 }
293
294 requestsUtils.makePutBodyRequest(server.url, path + userId, 'super token', data, done, 401)
295 })
296
297 it('Should succeed with the correct params', function (done) {
298 const data = {
299 password: 'my super password',
300 displayNSFW: true
301 }
302
303 requestsUtils.makePutBodyRequest(server.url, path + userId, userAccessToken, data, done, 204)
304 })
305 })
306
307 describe('When getting my information', function () {
308 it('Should fail with a non authenticated user', function (done) {
309 request(server.url)
310 .get(path + 'me')
311 .set('Authorization', 'Bearer faketoken')
312 .set('Accept', 'application/json')
313 .expect(401, done)
314 })
315
316 it('Should success with the correct parameters', function (done) {
317 request(server.url)
318 .get(path + 'me')
319 .set('Authorization', 'Bearer ' + userAccessToken)
320 .set('Accept', 'application/json')
321 .expect(200, done)
322 })
323 })
324
325 describe('When getting my video rating', function () {
326 it('Should fail with a non authenticated user', function (done) {
327 request(server.url)
328 .get(path + 'me/videos/' + videoId + '/rating')
329 .set('Authorization', 'Bearer faketoken')
330 .set('Accept', 'application/json')
331 .expect(401, done)
332 })
333
334 it('Should fail with an incorrect video uuid', function (done) {
335 request(server.url)
336 .get(path + 'me/videos/blabla/rating')
337 .set('Authorization', 'Bearer ' + userAccessToken)
338 .set('Accept', 'application/json')
339 .expect(400, done)
340 })
341
342 it('Should fail with an unknown video', function (done) {
343 request(server.url)
344 .get(path + 'me/videos/4da6fde3-88f7-4d16-b119-108df5630b06/rating')
345 .set('Authorization', 'Bearer ' + userAccessToken)
346 .set('Accept', 'application/json')
347 .expect(404, done)
348 })
349
350 it('Should success with the correct parameters', function (done) {
351 request(server.url)
352 .get(path + 'me/videos/' + videoId + '/rating')
353 .set('Authorization', 'Bearer ' + userAccessToken)
354 .set('Accept', 'application/json')
355 .expect(200, done)
356 })
357 })
358
359 describe('When removing an user', function () {
360 it('Should fail with an incorrect id', function (done) {
361 request(server.url)
362 .delete(path + 'bla-bla')
363 .set('Authorization', 'Bearer ' + server.accessToken)
364 .expect(400, done)
365 })
366
367 it('Should fail with the root user', function (done) {
368 request(server.url)
369 .delete(path + rootId)
370 .set('Authorization', 'Bearer ' + server.accessToken)
371 .expect(400, done)
372 })
373
374 it('Should return 404 with a non existing id', function (done) {
375 request(server.url)
376 .delete(path + '45')
377 .set('Authorization', 'Bearer ' + server.accessToken)
378 .expect(404, done)
379 })
380 })
381
382 describe('When removing an user', function () {
383 it('Should fail with an incorrect id', function (done) {
384 request(server.url)
385 .delete(path + 'bla-bla')
386 .set('Authorization', 'Bearer ' + server.accessToken)
387 .expect(400, done)
388 })
389
390 it('Should fail with the root user', function (done) {
391 request(server.url)
392 .delete(path + rootId)
393 .set('Authorization', 'Bearer ' + server.accessToken)
394 .expect(400, done)
395 })
396
397 it('Should return 404 with a non existing id', function (done) {
398 request(server.url)
399 .delete(path + '45')
400 .set('Authorization', 'Bearer ' + server.accessToken)
401 .expect(404, done)
402 })
403 })
404
405 describe('When register a new user', function () {
406 const registrationPath = path + '/register'
407
408 it('Should fail with a too small username', function (done) {
409 const data = {
410 username: 'ji',
411 email: 'test@example.com',
412 password: 'mysuperpassword'
413 }
414
415 requestsUtils.makePostBodyRequest(server.url, registrationPath, server.accessToken, data, done)
416 })
417
418 it('Should fail with a too long username', function (done) {
419 const data = {
420 username: 'mysuperusernamewhichisverylong',
421 email: 'test@example.com',
422 password: 'mysuperpassword'
423 }
424
425 requestsUtils.makePostBodyRequest(server.url, registrationPath, server.accessToken, data, done)
426 })
427
428 it('Should fail with an incorrect username', function (done) {
429 const data = {
430 username: 'my username',
431 email: 'test@example.com',
432 password: 'mysuperpassword'
433 }
434
435 requestsUtils.makePostBodyRequest(server.url, registrationPath, server.accessToken, data, done)
436 })
437
438 it('Should fail with a missing email', function (done) {
439 const data = {
440 username: 'ji',
441 password: 'mysuperpassword'
442 }
443
444 requestsUtils.makePostBodyRequest(server.url, registrationPath, server.accessToken, data, done)
445 })
446
447 it('Should fail with an invalid email', function (done) {
448 const data = {
449 username: 'mysuperusernamewhichisverylong',
450 email: 'testexample.com',
451 password: 'mysuperpassword'
452 }
453
454 requestsUtils.makePostBodyRequest(server.url, registrationPath, server.accessToken, data, done)
455 })
456
457 it('Should fail with a too small password', function (done) {
458 const data = {
459 username: 'myusername',
460 email: 'test@example.com',
461 password: 'bla'
462 }
463
464 requestsUtils.makePostBodyRequest(server.url, registrationPath, server.accessToken, data, done)
465 })
466
467 it('Should fail with a too long password', function (done) {
468 const data = {
469 username: 'myusername',
470 email: 'test@example.com',
471 password: 'my super long password which is very very very very very very very very very very very very very very' +
472 'very very very very very very very very very very very very very very very veryv very very very very' +
473 'very very very very very very very very very very very very very very very very very very very very long'
474 }
475
476 requestsUtils.makePostBodyRequest(server.url, registrationPath, server.accessToken, data, done)
477 })
478
479 it('Should fail if we register a user with the same username', function (done) {
480 const data = {
481 username: 'root',
482 email: 'test@example.com',
483 password: 'my super password'
484 }
485
486 requestsUtils.makePostBodyRequest(server.url, registrationPath, server.accessToken, data, done, 409)
487 })
488
489 it('Should fail if we register a user with the same email', function (done) {
490 const data = {
491 username: 'myusername',
492 email: 'admin1@example.com',
493 password: 'my super password'
494 }
495
496 requestsUtils.makePostBodyRequest(server.url, registrationPath, server.accessToken, data, done, 409)
497 })
498
499 it('Should succeed with the correct params', function (done) {
500 const data = {
501 username: 'user3',
502 email: 'test3@example.com',
503 password: 'my super password'
504 }
505
506 requestsUtils.makePostBodyRequest(server.url, registrationPath, server.accessToken, data, done, 204)
507 })
508
509 it('Should fail on a server with registration disabled', function (done) {
510 const data = {
511 username: 'user4',
512 email: 'test4@example.com',
513 password: 'my super password 4'
514 }
515
516 requestsUtils.makePostBodyRequest(serverWithRegistrationDisabled.url, registrationPath, serverWithRegistrationDisabled.accessToken, data, done, 403)
517 })
518 })
519
520 describe('When registering multiple users on a server with users limit', function () {
521 it('Should fail when after 3 registrations', function (done) {
522 usersUtils.registerUser(server.url, 'user42', 'super password', 403, done)
523 })
524 })
525
526 after(function (done) {
527 process.kill(-server.app.pid)
528 process.kill(-serverWithRegistrationDisabled.app.pid)
529
530 // Keep the logs if the test failed
531 if (this.ok) {
532 serversUtils.flushTests(done)
533 } else {
534 done()
535 }
536 })
537 })
ActivityPub-federated video streaming platform using P2P directly in your web browser