1 /* tslint:disable:no-unused-expression */
3 import * as request from 'supertest'
14 loginAndGetAccessToken,
17 setAccessTokensToServers,
22 import { UserRole } from '../../../../shared'
24 describe('Test users API validators', function () {
25 const path = '/api/v1/users/'
29 let server: ServerInfo
30 let serverWithRegistrationDisabled: ServerInfo
31 let userAccessToken = ''
33 // ---------------------------------------------------------------
35 before(async function () {
40 server = await runServer(1)
41 serverWithRegistrationDisabled = await runServer(2)
43 await setAccessTokensToServers([ server ])
45 const username = 'user1'
46 const password = 'my super password'
47 const videoQuota = 42000000
48 await createUser(server.url, server.accessToken, username, password, videoQuota)
50 const videoAttributes = {}
51 await uploadVideo(server.url, server.accessToken, videoAttributes)
53 const res = await getVideosList(server.url)
54 const videos = res.body.data
55 videoId = videos[0].id
59 password: 'my super password'
61 userAccessToken = await getUserAccessToken(server, user)
64 describe('When listing users', function () {
65 it('Should fail with a bad start pagination', async function () {
66 await request(server.url)
68 .query({ start: 'hello' })
69 .set('Accept', 'application/json')
73 it('Should fail with a bad count pagination', async function () {
74 await request(server.url)
76 .query({ count: 'hello' })
77 .set('Accept', 'application/json')
81 it('Should fail with an incorrect sort', async function () {
82 await request(server.url)
84 .query({ sort: 'hello' })
85 .set('Accept', 'application/json')
90 describe('When adding a new user', function () {
91 it('Should fail with a too small username', async function () {
94 email: 'test@example.com',
95 password: 'my_super_password',
100 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
103 it('Should fail with a too long username', async function () {
105 username: 'my_super_username_which_is_very_long',
106 email: 'test@example.com',
107 password: 'my_super_password',
108 videoQuota: 42000000,
112 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
115 it('Should fail with a not lowercase username', async function () {
118 email: 'test@example.com',
119 password: 'my_super_password',
120 videoQuota: 42000000,
124 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
127 it('Should fail with an incorrect username', async function () {
129 username: 'my username',
130 email: 'test@example.com',
131 password: 'my_super_password',
132 videoQuota: 42000000,
136 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
139 it('Should fail with a missing email', async function () {
142 password: 'my_super_password',
143 videoQuota: 42000000,
147 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
150 it('Should fail with an invalid email', async function () {
152 username: 'my_super_username_which_is_very_long',
153 email: 'test_example.com',
154 password: 'my_super_password',
155 videoQuota: 42000000,
159 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
162 it('Should fail with a too small password', async function () {
164 username: 'my_username',
165 email: 'test@example.com',
167 videoQuota: 42000000,
171 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
174 it('Should fail with a too long password', async function () {
176 username: 'my_username',
177 email: 'test@example.com',
178 password: 'my super long password which is very very very very very very very very very very very very very very' +
179 'very very very very very very very very very very very very very very very veryv very very very very' +
180 'very very very very very very very very very very very very very very very very very very very very long',
181 videoQuota: 42000000,
185 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
188 it('Should fail with an non authenticated user', async function () {
190 username: 'my_username',
191 email: 'test@example.com',
192 password: 'my super password',
193 videoQuota: 42000000,
197 await makePostBodyRequest({ url: server.url, path, token: 'super token', fields, statusCodeExpected: 401 })
200 it('Should fail if we add a user with the same username', async function () {
203 email: 'test@example.com',
204 password: 'my super password',
205 videoQuota: 42000000,
209 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
212 it('Should fail if we add a user with the same email', async function () {
214 username: 'my_username',
215 email: 'user1@example.com',
216 password: 'my super password',
217 videoQuota: 42000000,
221 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
224 it('Should fail without a videoQuota', async function () {
226 username: 'my_username',
227 email: 'user1@example.com',
228 password: 'my super password',
232 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
235 it('Should fail with an invalid videoQuota', async function () {
237 username: 'my_username',
238 email: 'user1@example.com',
239 password: 'my super password',
244 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
247 it('Should fail without a user role', async function () {
249 username: 'my_username',
250 email: 'user1@example.com',
251 password: 'my super password',
255 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
258 it('Should fail with an invalid user role', async function () {
260 username: 'my_username',
261 email: 'user1@example.com',
262 password: 'my super password',
267 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
270 it('Should succeed with the correct params', async function () {
273 email: 'test@example.com',
274 password: 'my super password',
279 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
282 it('Should fail with a non admin user', async function () {
285 email: 'test@example.com',
286 password: 'my super password'
289 userAccessToken = await loginAndGetAccessToken(server)
292 email: 'test@example.com',
293 password: 'my super password',
296 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
300 describe('When updating my account', function () {
301 it('Should fail with an invalid email attribute', async function () {
306 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
309 it('Should fail with a too small password', async function () {
314 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
317 it('Should fail with a too long password', async function () {
319 password: 'my super long password which is very very very very very very very very very very very very very very' +
320 'very very very very very very very very very very very very very very very veryv very very very very' +
321 'very very very very very very very very very very very very very very very very very very very very long'
324 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
327 it('Should fail with an invalid display NSFW attribute', async function () {
332 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
335 it('Should fail with an non authenticated user', async function () {
337 password: 'my super password'
340 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
343 it('Should succeed with the correct params', async function () {
345 password: 'my super password',
347 email: 'super_email@example.com'
350 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
354 describe('When updating a user', function () {
356 before(async function () {
357 const res = await getUsersList(server.url)
359 userId = res.body.data[1].id
360 rootId = res.body.data[2].id
363 it('Should fail with an invalid email attribute', async function () {
368 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
371 it('Should fail with an invalid videoQuota attribute', async function () {
376 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
379 it('Should fail with an invalid user role attribute', async function () {
384 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
387 it('Should fail with an non authenticated user', async function () {
392 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
395 it('Should succeed with the correct params', async function () {
397 email: 'email@example.com',
399 role: UserRole.MODERATOR
402 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
406 describe('When getting my information', function () {
407 it('Should fail with a non authenticated user', async function () {
408 await request(server.url)
410 .set('Authorization', 'Bearer fake_token')
411 .set('Accept', 'application/json')
415 it('Should success with the correct parameters', async function () {
416 await request(server.url)
418 .set('Authorization', 'Bearer ' + userAccessToken)
419 .set('Accept', 'application/json')
424 describe('When getting my video rating', function () {
425 it('Should fail with a non authenticated user', async function () {
426 await request(server.url)
427 .get(path + 'me/videos/' + videoId + '/rating')
428 .set('Authorization', 'Bearer fake_token')
429 .set('Accept', 'application/json')
433 it('Should fail with an incorrect video uuid', async function () {
434 await request(server.url)
435 .get(path + 'me/videos/blabla/rating')
436 .set('Authorization', 'Bearer ' + userAccessToken)
437 .set('Accept', 'application/json')
441 it('Should fail with an unknown video', async function () {
442 await request(server.url)
443 .get(path + 'me/videos/4da6fde3-88f7-4d16-b119-108df5630b06/rating')
444 .set('Authorization', 'Bearer ' + userAccessToken)
445 .set('Accept', 'application/json')
449 it('Should success with the correct parameters', async function () {
450 await request(server.url)
451 .get(path + 'me/videos/' + videoId + '/rating')
452 .set('Authorization', 'Bearer ' + userAccessToken)
453 .set('Accept', 'application/json')
458 describe('When removing an user', function () {
459 it('Should fail with an incorrect id', async function () {
460 await request(server.url)
461 .delete(path + 'bla-bla')
462 .set('Authorization', 'Bearer ' + server.accessToken)
466 it('Should fail with the root user', async function () {
467 await request(server.url)
468 .delete(path + rootId)
469 .set('Authorization', 'Bearer ' + server.accessToken)
473 it('Should return 404 with a non existing id', async function () {
474 await request(server.url)
476 .set('Authorization', 'Bearer ' + server.accessToken)
481 describe('When removing an user', function () {
482 it('Should fail with an incorrect id', async function () {
483 await request(server.url)
484 .delete(path + 'bla-bla')
485 .set('Authorization', 'Bearer ' + server.accessToken)
489 it('Should fail with the root user', async function () {
490 await request(server.url)
491 .delete(path + rootId)
492 .set('Authorization', 'Bearer ' + server.accessToken)
496 it('Should return 404 with a non existing id', async function () {
497 await request(server.url)
499 .set('Authorization', 'Bearer ' + server.accessToken)
504 describe('When register a new user', function () {
505 const registrationPath = path + '/register'
507 it('Should fail with a too small username', async function () {
510 email: 'test@example.com',
511 password: 'my_super_password'
514 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
517 it('Should fail with a too long username', async function () {
519 username: 'my_super_username_which_is_very_long',
520 email: 'test@example.com',
521 password: 'my_super_password'
524 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
527 it('Should fail with an incorrect username', async function () {
529 username: 'my username',
530 email: 'test@example.com',
531 password: 'my_super_password'
534 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
537 it('Should fail with a missing email', async function () {
540 password: 'my_super_password'
543 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
546 it('Should fail with an invalid email', async function () {
548 username: 'my_super_username_which_is_very_long',
549 email: 'test_example.com',
550 password: 'my_super_password'
553 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
556 it('Should fail with a too small password', async function () {
558 username: 'my_username',
559 email: 'test@example.com',
563 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
566 it('Should fail with a too long password', async function () {
568 username: 'my_username',
569 email: 'test@example.com',
570 password: 'my super long password which is very very very very very very very very very very very very very very' +
571 'very very very very very very very very very very very very very very very veryv very very very very' +
572 'very very very very very very very very very very very very very very very very very very very very long'
575 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
578 it('Should fail if we register a user with the same username', async function () {
581 email: 'test@example.com',
582 password: 'my super password'
585 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
588 it('Should fail if we register a user with the same email', async function () {
590 username: 'my_username',
591 email: 'admin1@example.com',
592 password: 'my super password'
595 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 409 })
598 it('Should succeed with the correct params', async function () {
601 email: 'test3@example.com',
602 password: 'my super password'
605 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields, statusCodeExpected: 204 })
608 it('Should fail on a server with registration disabled', async function () {
611 email: 'test4@example.com',
612 password: 'my super password 4'
615 await makePostBodyRequest({
616 url: serverWithRegistrationDisabled.url,
617 path: registrationPath,
618 token: serverWithRegistrationDisabled.accessToken,
620 statusCodeExpected: 403
625 describe('When registering multiple users on a server with users limit', function () {
626 it('Should fail when after 3 registrations', async function () {
627 await registerUser(server.url, 'user42', 'super password', 403)
631 describe('When having a video quota', function () {
632 it('Should fail with a user having too many video', async function () {
637 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields, statusCodeExpected: 204 })
639 const videoAttributes = {}
640 await uploadVideo(server.url, server.accessToken, videoAttributes, 403)
643 it('Should fail with a registered user having too many video', async function () {
648 email: 'test3@example.com',
649 password: 'my super password'
651 userAccessToken = await loginAndGetAccessToken(server)
653 const videoAttributes = { fixture: 'video_short2.webm' }
654 await uploadVideo(server.url, userAccessToken, videoAttributes)
655 await uploadVideo(server.url, userAccessToken, videoAttributes)
656 await uploadVideo(server.url, userAccessToken, videoAttributes)
657 await uploadVideo(server.url, userAccessToken, videoAttributes)
658 await uploadVideo(server.url, userAccessToken, videoAttributes)
659 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
663 after(async function () {
664 killallServers([ server, serverWithRegistrationDisabled ])
666 // Keep the logs if the test failed