server/tests/api/check-params/users.ts

   1 /* tslint:disable:no-unused-expression */
   2
   3 import { omit } from 'lodash'
   4 import 'mocha'
   5 import { join } from 'path'
   6 import { UserRole, VideoImport, VideoImportState } from '../../../../shared'
   7
   8 import {
   9   addVideoChannel,
  10   blockUser,
  11   cleanupTests,
  12   createUser,
  13   deleteMe,
  14   flushAndRunServer,
  15   getMyUserInformation,
  16   getMyUserVideoRating,
  17   getUsersList,
  18   immutableAssign,
  19   makeGetRequest,
  20   makePostBodyRequest,
  21   makePutBodyRequest,
  22   makeUploadRequest,
  23   registerUser,
  24   removeUser,
  25   ServerInfo,
  26   setAccessTokensToServers,
  27   unblockUser,
  28   updateUser,
  29   uploadVideo,
  30   userLogin
  31 } from '../../../../shared/extra-utils'
  32 import {
  33   checkBadCountPagination,
  34   checkBadSortPagination,
  35   checkBadStartPagination
  36 } from '../../../../shared/extra-utils/requests/check-api-params'
  37 import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../../../shared/extra-utils/videos/video-imports'
  38 import { VideoPrivacy } from '../../../../shared/models/videos'
  39 import { waitJobs } from '../../../../shared/extra-utils/server/jobs'
  40 import { expect } from 'chai'
  41 import { UserAdminFlag } from '../../../../shared/models/users/user-flag.model'
  42
  43 describe('Test users API validators', function () {
  44   const path = '/api/v1/users/'
  45   let userId: number
  46   let rootId: number
  47   let videoId: number
  48   let server: ServerInfo
  49   let serverWithRegistrationDisabled: ServerInfo
  50   let userAccessToken = ''
  51   let channelId: number
  52   const user = {
  53     username: 'user1',
  54     password: 'my super password'
  55   }
  56
  57   // ---------------------------------------------------------------
  58
  59   before(async function () {
  60     this.timeout(30000)
  61
  62     server = await flushAndRunServer(1)
  63     serverWithRegistrationDisabled = await flushAndRunServer(2)
  64
  65     await setAccessTokensToServers([ server ])
  66
  67     const videoQuota = 42000000
  68     await createUser({
  69       url: server.url,
  70       accessToken: server.accessToken,
  71       username: user.username,
  72       password: user.password,
  73       videoQuota: videoQuota
  74     })
  75     userAccessToken = await userLogin(server, user)
  76
  77     {
  78       const res = await getMyUserInformation(server.url, server.accessToken)
  79       channelId = res.body.videoChannels[ 0 ].id
  80     }
  81
  82     {
  83       const res = await uploadVideo(server.url, server.accessToken, {})
  84       videoId = res.body.video.id
  85     }
  86   })
  87
  88   describe('When listing users', function () {
  89     it('Should fail with a bad start pagination', async function () {
  90       await checkBadStartPagination(server.url, path, server.accessToken)
  91     })
  92
  93     it('Should fail with a bad count pagination', async function () {
  94       await checkBadCountPagination(server.url, path, server.accessToken)
  95     })
  96
  97     it('Should fail with an incorrect sort', async function () {
  98       await checkBadSortPagination(server.url, path, server.accessToken)
  99     })
 100
 101     it('Should fail with a non authenticated user', async function () {
 102       await makeGetRequest({
 103         url: server.url,
 104         path,
 105         statusCodeExpected: 401
 106       })
 107     })
 108
 109     it('Should fail with a non admin user', async function () {
 110       await makeGetRequest({
 111         url: server.url,
 112         path,
 113         token: userAccessToken,
 114         statusCodeExpected: 403
 115       })
 116     })
 117   })
 118
 119   describe('When adding a new user', function () {
 120     const baseCorrectParams = {
 121       username: 'user2',
 122       email: 'test@example.com',
 123       password: 'my super password',
 124       videoQuota: -1,
 125       videoQuotaDaily: -1,
 126       role: UserRole.USER,
 127       adminFlags: UserAdminFlag.BY_PASS_VIDEO_AUTO_BLACKLIST
 128     }
 129
 130     it('Should fail with a too small username', async function () {
 131       const fields = immutableAssign(baseCorrectParams, { username: '' })
 132
 133       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 134     })
 135
 136     it('Should fail with a too long username', async function () {
 137       const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
 138
 139       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 140     })
 141
 142     it('Should fail with a not lowercase username', async function () {
 143       const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
 144
 145       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 146     })
 147
 148     it('Should fail with an incorrect username', async function () {
 149       const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
 150
 151       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 152     })
 153
 154     it('Should fail with a missing email', async function () {
 155       const fields = omit(baseCorrectParams, 'email')
 156
 157       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 158     })
 159
 160     it('Should fail with an invalid email', async function () {
 161       const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
 162
 163       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 164     })
 165
 166     it('Should fail with a too small password', async function () {
 167       const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
 168
 169       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 170     })
 171
 172     it('Should fail with a too long password', async function () {
 173       const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
 174
 175       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 176     })
 177
 178     it('Should fail with invalid admin flags', async function () {
 179       const fields = immutableAssign(baseCorrectParams, { adminFlags: 'toto' })
 180
 181       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 182     })
 183
 184     it('Should fail with an non authenticated user', async function () {
 185       await makePostBodyRequest({
 186         url: server.url,
 187         path,
 188         token: 'super token',
 189         fields: baseCorrectParams,
 190         statusCodeExpected: 401
 191       })
 192     })
 193
 194     it('Should fail if we add a user with the same username', async function () {
 195       const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
 196
 197       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
 198     })
 199
 200     it('Should fail if we add a user with the same email', async function () {
 201       const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
 202
 203       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
 204     })
 205
 206     it('Should fail without a videoQuota', async function () {
 207       const fields = omit(baseCorrectParams, 'videoQuota')
 208
 209       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 210     })
 211
 212     it('Should fail without a videoQuotaDaily', async function () {
 213       const fields = omit(baseCorrectParams, 'videoQuotaDaily')
 214
 215       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 216     })
 217
 218     it('Should fail with an invalid videoQuota', async function () {
 219       const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
 220
 221       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 222     })
 223
 224     it('Should fail with an invalid videoQuotaDaily', async function () {
 225       const fields = immutableAssign(baseCorrectParams, { videoQuotaDaily: -7 })
 226
 227       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 228     })
 229
 230     it('Should fail without a user role', async function () {
 231       const fields = omit(baseCorrectParams, 'role')
 232
 233       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 234     })
 235
 236     it('Should fail with an invalid user role', async function () {
 237       const fields = immutableAssign(baseCorrectParams, { role: 88989 })
 238
 239       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 240     })
 241
 242     it('Should fail with a "peertube" username', async function () {
 243       const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
 244
 245       await makePostBodyRequest({
 246         url: server.url,
 247         path,
 248         token: server.accessToken,
 249         fields,
 250         statusCodeExpected: 409
 251       })
 252     })
 253
 254     it('Should succeed with the correct params', async function () {
 255       await makePostBodyRequest({
 256         url: server.url,
 257         path,
 258         token: server.accessToken,
 259         fields: baseCorrectParams,
 260         statusCodeExpected: 200
 261       })
 262     })
 263
 264     it('Should fail with a non admin user', async function () {
 265       const user = {
 266         username: 'user1',
 267         password: 'my super password'
 268       }
 269       userAccessToken = await userLogin(server, user)
 270
 271       const fields = {
 272         username: 'user3',
 273         email: 'test@example.com',
 274         password: 'my super password',
 275         videoQuota: 42000000
 276       }
 277       await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
 278     })
 279   })
 280
 281   describe('When updating my account', function () {
 282     it('Should fail with an invalid email attribute', async function () {
 283       const fields = {
 284         email: 'blabla'
 285       }
 286
 287       await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
 288     })
 289
 290     it('Should fail with a too small password', async function () {
 291       const fields = {
 292         currentPassword: 'my super password',
 293         password: 'bla'
 294       }
 295
 296       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
 297     })
 298
 299     it('Should fail with a too long password', async function () {
 300       const fields = {
 301         currentPassword: 'my super password',
 302         password: 'super'.repeat(61)
 303       }
 304
 305       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
 306     })
 307
 308     it('Should fail without the current password', async function () {
 309       const fields = {
 310         currentPassword: 'my super password',
 311         password: 'super'.repeat(61)
 312       }
 313
 314       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
 315     })
 316
 317     it('Should fail with an invalid current password', async function () {
 318       const fields = {
 319         currentPassword: 'my super password fail',
 320         password: 'super'.repeat(61)
 321       }
 322
 323       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 401 })
 324     })
 325
 326     it('Should fail with an invalid NSFW policy attribute', async function () {
 327       const fields = {
 328         nsfwPolicy: 'hello'
 329       }
 330
 331       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
 332     })
 333
 334     it('Should fail with an invalid autoPlayVideo attribute', async function () {
 335       const fields = {
 336         autoPlayVideo: -1
 337       }
 338
 339       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
 340     })
 341
 342     it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
 343       const fields = {
 344         videosHistoryEnabled: -1
 345       }
 346
 347       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
 348     })
 349
 350     it('Should fail with an non authenticated user', async function () {
 351       const fields = {
 352         currentPassword: 'my super password',
 353         password: 'my super password'
 354       }
 355
 356       await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
 357     })
 358
 359     it('Should fail with a too long description', async function () {
 360       const fields = {
 361         description: 'super'.repeat(201)
 362       }
 363
 364       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
 365     })
 366
 367     it('Should succeed to change password with the correct params', async function () {
 368       const fields = {
 369         currentPassword: 'my super password',
 370         password: 'my super password',
 371         nsfwPolicy: 'blur',
 372         autoPlayVideo: false,
 373         email: 'super_email@example.com'
 374       }
 375
 376       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
 377     })
 378
 379     it('Should succeed without password change with the correct params', async function () {
 380       const fields = {
 381         nsfwPolicy: 'blur',
 382         autoPlayVideo: false
 383       }
 384
 385       await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
 386     })
 387   })
 388
 389   describe('When updating my avatar', function () {
 390     it('Should fail without an incorrect input file', async function () {
 391       const fields = {}
 392       const attaches = {
 393         'avatarfile': join(__dirname, '..', '..', 'fixtures', 'video_short.mp4')
 394       }
 395       await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
 396     })
 397
 398     it('Should fail with a big file', async function () {
 399       const fields = {}
 400       const attaches = {
 401         'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar-big.png')
 402       }
 403       await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
 404     })
 405
 406     it('Should fail with an unauthenticated user', async function () {
 407       const fields = {}
 408       const attaches = {
 409         'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar.png')
 410       }
 411       await makeUploadRequest({
 412         url: server.url,
 413         path: path + '/me/avatar/pick',
 414         fields,
 415         attaches,
 416         statusCodeExpected: 401
 417       })
 418     })
 419
 420     it('Should succeed with the correct params', async function () {
 421       const fields = {}
 422       const attaches = {
 423         'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar.png')
 424       }
 425       await makeUploadRequest({
 426         url: server.url,
 427         path: path + '/me/avatar/pick',
 428         token: server.accessToken,
 429         fields,
 430         attaches,
 431         statusCodeExpected: 200
 432       })
 433     })
 434   })
 435
 436   describe('When getting a user', function () {
 437     before(async function () {
 438       const res = await getUsersList(server.url, server.accessToken)
 439
 440       userId = res.body.data[1].id
 441     })
 442
 443     it('Should fail with an non authenticated user', async function () {
 444       await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
 445     })
 446
 447     it('Should fail with a non admin user', async function () {
 448       await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
 449     })
 450
 451     it('Should succeed with the correct params', async function () {
 452       await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
 453     })
 454   })
 455
 456   describe('When updating a user', function () {
 457
 458     before(async function () {
 459       const res = await getUsersList(server.url, server.accessToken)
 460
 461       userId = res.body.data[1].id
 462       rootId = res.body.data[2].id
 463     })
 464
 465     it('Should fail with an invalid email attribute', async function () {
 466       const fields = {
 467         email: 'blabla'
 468       }
 469
 470       await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
 471     })
 472
 473     it('Should fail with an invalid emailVerified attribute', async function () {
 474       const fields = {
 475         emailVerified: 'yes'
 476       }
 477
 478       await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
 479     })
 480
 481     it('Should fail with an invalid videoQuota attribute', async function () {
 482       const fields = {
 483         videoQuota: -90
 484       }
 485
 486       await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
 487     })
 488
 489     it('Should fail with an invalid user role attribute', async function () {
 490       const fields = {
 491         role: 54878
 492       }
 493
 494       await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
 495     })
 496
 497     it('Should fail with a too small password', async function () {
 498       const fields = {
 499         currentPassword: 'my super password',
 500         password: 'bla'
 501       }
 502
 503       await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
 504     })
 505
 506     it('Should fail with a too long password', async function () {
 507       const fields = {
 508         currentPassword: 'my super password',
 509         password: 'super'.repeat(61)
 510       }
 511
 512       await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
 513     })
 514
 515     it('Should fail with an non authenticated user', async function () {
 516       const fields = {
 517         videoQuota: 42
 518       }
 519
 520       await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
 521     })
 522
 523     it('Should fail when updating root role', async function () {
 524       const fields = {
 525         role: UserRole.MODERATOR
 526       }
 527
 528       await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
 529     })
 530
 531     it('Should fail with invalid admin flags', async function () {
 532       const fields = { adminFlags: 'toto' }
 533
 534       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 535     })
 536
 537     it('Should succeed with the correct params', async function () {
 538       const fields = {
 539         email: 'email@example.com',
 540         emailVerified: true,
 541         videoQuota: 42,
 542         role: UserRole.USER
 543       }
 544
 545       await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
 546     })
 547   })
 548
 549   describe('When getting my information', function () {
 550     it('Should fail with a non authenticated user', async function () {
 551       await getMyUserInformation(server.url, 'fake_token', 401)
 552     })
 553
 554     it('Should success with the correct parameters', async function () {
 555       await getMyUserInformation(server.url, userAccessToken)
 556     })
 557   })
 558
 559   describe('When getting my video rating', function () {
 560     it('Should fail with a non authenticated user', async function () {
 561       await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
 562     })
 563
 564     it('Should fail with an incorrect video uuid', async function () {
 565       await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
 566     })
 567
 568     it('Should fail with an unknown video', async function () {
 569       await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
 570     })
 571
 572     it('Should succeed with the correct parameters', async function () {
 573       await getMyUserVideoRating(server.url, server.accessToken, videoId)
 574     })
 575   })
 576
 577   describe('When retrieving my global ratings', function () {
 578     const path = '/api/v1/accounts/user1/ratings'
 579
 580     it('Should fail with a bad start pagination', async function () {
 581       await checkBadStartPagination(server.url, path, userAccessToken)
 582     })
 583
 584     it('Should fail with a bad count pagination', async function () {
 585       await checkBadCountPagination(server.url, path, userAccessToken)
 586     })
 587
 588     it('Should fail with an incorrect sort', async function () {
 589       await checkBadSortPagination(server.url, path, userAccessToken)
 590     })
 591
 592     it('Should fail with a unauthenticated user', async function () {
 593       await makeGetRequest({ url: server.url, path, statusCodeExpected: 401 })
 594     })
 595
 596     it('Should fail with a another user', async function () {
 597       await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: 403 })
 598     })
 599
 600     it('Should fail with a bad type', async function () {
 601       await makeGetRequest({ url: server.url, path, token: userAccessToken, query: { rating: 'toto ' }, statusCodeExpected: 400 })
 602     })
 603
 604     it('Should succeed with the correct params', async function () {
 605       await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 200 })
 606     })
 607   })
 608
 609   describe('When blocking/unblocking/removing user', function () {
 610     it('Should fail with an incorrect id', async function () {
 611       await removeUser(server.url, 'blabla', server.accessToken, 400)
 612       await blockUser(server.url, 'blabla', server.accessToken, 400)
 613       await unblockUser(server.url, 'blabla', server.accessToken, 400)
 614     })
 615
 616     it('Should fail with the root user', async function () {
 617       await removeUser(server.url, rootId, server.accessToken, 400)
 618       await blockUser(server.url, rootId, server.accessToken, 400)
 619       await unblockUser(server.url, rootId, server.accessToken, 400)
 620     })
 621
 622     it('Should return 404 with a non existing id', async function () {
 623       await removeUser(server.url, 4545454, server.accessToken, 404)
 624       await blockUser(server.url, 4545454, server.accessToken, 404)
 625       await unblockUser(server.url, 4545454, server.accessToken, 404)
 626     })
 627
 628     it('Should fail with a non admin user', async function () {
 629       await removeUser(server.url, userId, userAccessToken, 403)
 630       await blockUser(server.url, userId, userAccessToken, 403)
 631       await unblockUser(server.url, userId, userAccessToken, 403)
 632     })
 633   })
 634
 635   describe('When deleting our account', function () {
 636     it('Should fail with with the root account', async function () {
 637       await deleteMe(server.url, server.accessToken, 400)
 638     })
 639   })
 640
 641   describe('When registering a new user', function () {
 642     const registrationPath = path + '/register'
 643     const baseCorrectParams = {
 644       username: 'user3',
 645       displayName: 'super user',
 646       email: 'test3@example.com',
 647       password: 'my super password'
 648     }
 649
 650     it('Should fail with a too small username', async function () {
 651       const fields = immutableAssign(baseCorrectParams, { username: '' })
 652
 653       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 654     })
 655
 656     it('Should fail with a too long username', async function () {
 657       const fields = immutableAssign(baseCorrectParams, { username: 'super'.repeat(50) })
 658
 659       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 660     })
 661
 662     it('Should fail with an incorrect username', async function () {
 663       const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
 664
 665       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 666     })
 667
 668     it('Should fail with a missing email', async function () {
 669       const fields = omit(baseCorrectParams, 'email')
 670
 671       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 672     })
 673
 674     it('Should fail with an invalid email', async function () {
 675       const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
 676
 677       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 678     })
 679
 680     it('Should fail with a too small password', async function () {
 681       const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
 682
 683       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 684     })
 685
 686     it('Should fail with a too long password', async function () {
 687       const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
 688
 689       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 690     })
 691
 692     it('Should fail if we register a user with the same username', async function () {
 693       const fields = immutableAssign(baseCorrectParams, { username: 'root' })
 694
 695       await makePostBodyRequest({
 696         url: server.url,
 697         path: registrationPath,
 698         token: server.accessToken,
 699         fields,
 700         statusCodeExpected: 409
 701       })
 702     })
 703
 704     it('Should fail with a "peertube" username', async function () {
 705       const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
 706
 707       await makePostBodyRequest({
 708         url: server.url,
 709         path: registrationPath,
 710         token: server.accessToken,
 711         fields,
 712         statusCodeExpected: 409
 713       })
 714     })
 715
 716     it('Should fail if we register a user with the same email', async function () {
 717       const fields = immutableAssign(baseCorrectParams, { email: 'admin' + server.internalServerNumber + '@example.com' })
 718
 719       await makePostBodyRequest({
 720         url: server.url,
 721         path: registrationPath,
 722         token: server.accessToken,
 723         fields,
 724         statusCodeExpected: 409
 725       })
 726     })
 727
 728     it('Should fail with a bad display name', async function () {
 729       const fields = immutableAssign(baseCorrectParams, { displayName: 'a'.repeat(150) })
 730
 731       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 732     })
 733
 734     it('Should fail with a bad channel name', async function () {
 735       const fields = immutableAssign(baseCorrectParams, { channel: { name: '[]azf', displayName: 'toto' } })
 736
 737       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 738     })
 739
 740     it('Should fail with a bad channel display name', async function () {
 741       const fields = immutableAssign(baseCorrectParams, { channel: { name: 'toto', displayName: '' } })
 742
 743       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 744     })
 745
 746     it('Should fail with a channel name that is the same than user username', async function () {
 747       const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
 748       const fields = immutableAssign(baseCorrectParams, source)
 749
 750       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
 751     })
 752
 753     it('Should fail with an existing channel', async function () {
 754       const videoChannelAttributesArg = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
 755       await addVideoChannel(server.url, server.accessToken, videoChannelAttributesArg)
 756
 757       const fields = immutableAssign(baseCorrectParams, { channel: { name: 'existing_channel', displayName: 'toto' } })
 758
 759       await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
 760     })
 761
 762     it('Should succeed with the correct params', async function () {
 763       const fields = immutableAssign(baseCorrectParams, { channel: { name: 'super_channel', displayName: 'toto' } })
 764
 765       await makePostBodyRequest({
 766         url: server.url,
 767         path: registrationPath,
 768         token: server.accessToken,
 769         fields: fields,
 770         statusCodeExpected: 204
 771       })
 772     })
 773
 774     it('Should fail on a server with registration disabled', async function () {
 775       const fields = {
 776         username: 'user4',
 777         email: 'test4@example.com',
 778         password: 'my super password 4'
 779       }
 780
 781       await makePostBodyRequest({
 782         url: serverWithRegistrationDisabled.url,
 783         path: registrationPath,
 784         token: serverWithRegistrationDisabled.accessToken,
 785         fields,
 786         statusCodeExpected: 403
 787       })
 788     })
 789   })
 790
 791   describe('When registering multiple users on a server with users limit', function () {
 792     it('Should fail when after 3 registrations', async function () {
 793       await registerUser(server.url, 'user42', 'super password', 403)
 794     })
 795   })
 796
 797   describe('When having a video quota', function () {
 798     it('Should fail with a user having too many videos', async function () {
 799       await updateUser({
 800         url: server.url,
 801         userId: rootId,
 802         accessToken: server.accessToken,
 803         videoQuota: 42
 804       })
 805
 806       await uploadVideo(server.url, server.accessToken, {}, 403)
 807     })
 808
 809     it('Should fail with a registered user having too many videos', async function () {
 810       this.timeout(30000)
 811
 812       const user = {
 813         username: 'user3',
 814         password: 'my super password'
 815       }
 816       userAccessToken = await userLogin(server, user)
 817
 818       const videoAttributes = { fixture: 'video_short2.webm' }
 819       await uploadVideo(server.url, userAccessToken, videoAttributes)
 820       await uploadVideo(server.url, userAccessToken, videoAttributes)
 821       await uploadVideo(server.url, userAccessToken, videoAttributes)
 822       await uploadVideo(server.url, userAccessToken, videoAttributes)
 823       await uploadVideo(server.url, userAccessToken, videoAttributes)
 824       await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
 825     })
 826
 827     it('Should fail to import with HTTP/Torrent/magnet', async function () {
 828       this.timeout(120000)
 829
 830       const baseAttributes = {
 831         channelId: 1,
 832         privacy: VideoPrivacy.PUBLIC
 833       }
 834       await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { targetUrl: getYoutubeVideoUrl() }))
 835       await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { magnetUri: getMagnetURI() }))
 836       await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { torrentfile: 'video-720p.torrent' }))
 837
 838       await waitJobs([ server ])
 839
 840       const res = await getMyVideoImports(server.url, server.accessToken)
 841
 842       expect(res.body.total).to.equal(3)
 843       const videoImports: VideoImport[] = res.body.data
 844       expect(videoImports).to.have.lengthOf(3)
 845
 846       for (const videoImport of videoImports) {
 847         expect(videoImport.state.id).to.equal(VideoImportState.FAILED)
 848         expect(videoImport.error).not.to.be.undefined
 849         expect(videoImport.error).to.contain('user video quota is exceeded')
 850       }
 851     })
 852   })
 853
 854   describe('When having a daily video quota', function () {
 855     it('Should fail with a user having too many videos', async function () {
 856       await updateUser({
 857         url: server.url,
 858         userId: rootId,
 859         accessToken: server.accessToken,
 860         videoQuotaDaily: 42
 861       })
 862
 863       await uploadVideo(server.url, server.accessToken, {}, 403)
 864     })
 865   })
 866
 867   describe('When having an absolute and daily video quota', function () {
 868     it('Should fail if exceeding total quota', async function () {
 869       await updateUser({
 870         url: server.url,
 871         userId: rootId,
 872         accessToken: server.accessToken,
 873         videoQuota: 42,
 874         videoQuotaDaily: 1024 * 1024 * 1024
 875       })
 876
 877       await uploadVideo(server.url, server.accessToken, {}, 403)
 878     })
 879
 880     it('Should fail if exceeding daily quota', async function () {
 881       await updateUser({
 882         url: server.url,
 883         userId: rootId,
 884         accessToken: server.accessToken,
 885         videoQuota: 1024 * 1024 * 1024,
 886         videoQuotaDaily: 42
 887       })
 888
 889       await uploadVideo(server.url, server.accessToken, {}, 403)
 890     })
 891   })
 892
 893   describe('When asking a password reset', function () {
 894     const path = '/api/v1/users/ask-reset-password'
 895
 896     it('Should fail with a missing email', async function () {
 897       const fields = {}
 898
 899       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 900     })
 901
 902     it('Should fail with an invalid email', async function () {
 903       const fields = { email: 'hello' }
 904
 905       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 906     })
 907
 908     it('Should success with the correct params', async function () {
 909       const fields = { email: 'admin@example.com' }
 910
 911       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
 912     })
 913   })
 914
 915   describe('When asking for an account verification email', function () {
 916     const path = '/api/v1/users/ask-send-verify-email'
 917
 918     it('Should fail with a missing email', async function () {
 919       const fields = {}
 920
 921       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 922     })
 923
 924     it('Should fail with an invalid email', async function () {
 925       const fields = { email: 'hello' }
 926
 927       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
 928     })
 929
 930     it('Should succeed with the correct params', async function () {
 931       const fields = { email: 'admin@example.com' }
 932
 933       await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
 934     })
 935   })
 936
 937   after(async function () {
 938     await cleanupTests([ server, serverWithRegistrationDisabled ])
 939   })
 940 })