1 /* tslint:disable:no-unused-expression */
3 import { omit } from 'lodash'
5 import { join } from 'path'
6 import { UserRole, VideoImport, VideoImportState } from '../../../../shared'
9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
10 makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
11 updateUser, uploadVideo, userLogin, deleteMe
13 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
14 import { getMagnetURI, getMyVideoImports, getYoutubeVideoUrl, importVideo } from '../../utils/videos/video-imports'
15 import { VideoPrivacy } from '../../../../shared/models/videos'
16 import { waitJobs } from '../../utils/server/jobs'
17 import { expect } from 'chai'
19 describe('Test users API validators', function () {
20 const path = '/api/v1/users/'
24 let server: ServerInfo
25 let serverWithRegistrationDisabled: ServerInfo
26 let userAccessToken = ''
30 password: 'my super password'
33 // ---------------------------------------------------------------
35 before(async function () {
40 server = await runServer(1)
41 serverWithRegistrationDisabled = await runServer(2)
43 await setAccessTokensToServers([ server ])
45 const videoQuota = 42000000
46 await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
47 userAccessToken = await userLogin(server, user)
50 const res = await getMyUserInformation(server.url, server.accessToken)
51 channelId = res.body.videoChannels[ 0 ].id
55 const res = await uploadVideo(server.url, server.accessToken, {})
56 videoId = res.body.video.id
60 describe('When listing users', function () {
61 it('Should fail with a bad start pagination', async function () {
62 await checkBadStartPagination(server.url, path, server.accessToken)
65 it('Should fail with a bad count pagination', async function () {
66 await checkBadCountPagination(server.url, path, server.accessToken)
69 it('Should fail with an incorrect sort', async function () {
70 await checkBadSortPagination(server.url, path, server.accessToken)
73 it('Should fail with a non authenticated user', async function () {
74 await makeGetRequest({
77 statusCodeExpected: 401
81 it('Should fail with a non admin user', async function () {
82 await makeGetRequest({
85 token: userAccessToken,
86 statusCodeExpected: 403
91 describe('When adding a new user', function () {
92 const baseCorrectParams = {
94 email: 'test@example.com',
95 password: 'my super password',
100 it('Should fail with a too small username', async function () {
101 const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
103 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
106 it('Should fail with a too long username', async function () {
107 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
109 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
112 it('Should fail with a not lowercase username', async function () {
113 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
115 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
118 it('Should fail with an incorrect username', async function () {
119 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
121 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
124 it('Should fail with a missing email', async function () {
125 const fields = omit(baseCorrectParams, 'email')
127 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
130 it('Should fail with an invalid email', async function () {
131 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
133 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
136 it('Should fail with a too small password', async function () {
137 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
139 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
142 it('Should fail with a too long password', async function () {
143 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
145 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
148 it('Should fail with an non authenticated user', async function () {
149 await makePostBodyRequest({
152 token: 'super token',
153 fields: baseCorrectParams,
154 statusCodeExpected: 401
158 it('Should fail if we add a user with the same username', async function () {
159 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
161 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
164 it('Should fail if we add a user with the same email', async function () {
165 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
167 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
170 it('Should fail without a videoQuota', async function () {
171 const fields = omit(baseCorrectParams, 'videoQuota')
173 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
176 it('Should fail with an invalid videoQuota', async function () {
177 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
179 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
182 it('Should fail without a user role', async function () {
183 const fields = omit(baseCorrectParams, 'role')
185 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
188 it('Should fail with an invalid user role', async function () {
189 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
191 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
194 it('Should fail with a "peertube" username', async function () {
195 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
197 await makePostBodyRequest({
200 token: server.accessToken,
202 statusCodeExpected: 409
206 it('Should succeed with the correct params', async function () {
207 await makePostBodyRequest({
210 token: server.accessToken,
211 fields: baseCorrectParams,
212 statusCodeExpected: 200
216 it('Should fail with a non admin user', async function () {
219 password: 'my super password'
221 userAccessToken = await userLogin(server, user)
225 email: 'test@example.com',
226 password: 'my super password',
229 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
233 describe('When updating my account', function () {
234 it('Should fail with an invalid email attribute', async function () {
239 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
242 it('Should fail with a too small password', async function () {
247 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
250 it('Should fail with a too long password', async function () {
252 password: 'super'.repeat(61)
255 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
258 it('Should fail with an invalid NSFW policy attribute', async function () {
263 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
266 it('Should fail with an invalid autoPlayVideo attribute', async function () {
271 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
274 it('Should fail with an non authenticated user', async function () {
276 password: 'my super password'
279 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
282 it('Should fail with a too long description', async function () {
284 description: 'super'.repeat(60)
287 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
290 it('Should succeed with the correct params', async function () {
292 password: 'my super password',
294 autoPlayVideo: false,
295 email: 'super_email@example.com'
298 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
302 describe('When updating my avatar', function () {
303 it('Should fail without an incorrect input file', async function () {
306 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'video_short.mp4')
308 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
311 it('Should fail with a big file', async function () {
314 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar-big.png')
316 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
319 it('Should fail with an unauthenticated user', async function () {
322 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar.png')
324 await makeUploadRequest({
326 path: path + '/me/avatar/pick',
329 statusCodeExpected: 401
333 it('Should succeed with the correct params', async function () {
336 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar.png')
338 await makeUploadRequest({
340 path: path + '/me/avatar/pick',
341 token: server.accessToken,
344 statusCodeExpected: 200
349 describe('When getting a user', function () {
350 before(async function () {
351 const res = await getUsersList(server.url, server.accessToken)
353 userId = res.body.data[1].id
356 it('Should fail with an non authenticated user', async function () {
357 await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
360 it('Should fail with a non admin user', async function () {
361 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
364 it('Should succeed with the correct params', async function () {
365 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
369 describe('When updating a user', function () {
371 before(async function () {
372 const res = await getUsersList(server.url, server.accessToken)
374 userId = res.body.data[1].id
375 rootId = res.body.data[2].id
378 it('Should fail with an invalid email attribute', async function () {
383 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
386 it('Should fail with an invalid videoQuota attribute', async function () {
391 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
394 it('Should fail with an invalid user role attribute', async function () {
399 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
402 it('Should fail with an non authenticated user', async function () {
407 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
410 it('Should fail when updating root role', async function () {
412 role: UserRole.MODERATOR
415 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
418 it('Should succeed with the correct params', async function () {
420 email: 'email@example.com',
422 role: UserRole.MODERATOR
425 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
426 userAccessToken = await userLogin(server, user)
430 describe('When getting my information', function () {
431 it('Should fail with a non authenticated user', async function () {
432 await getMyUserInformation(server.url, 'fake_token', 401)
435 it('Should success with the correct parameters', async function () {
436 await getMyUserInformation(server.url, userAccessToken)
440 describe('When getting my video rating', function () {
441 it('Should fail with a non authenticated user', async function () {
442 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
445 it('Should fail with an incorrect video uuid', async function () {
446 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
449 it('Should fail with an unknown video', async function () {
450 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
453 it('Should succeed with the correct parameters', async function () {
454 await getMyUserVideoRating(server.url, server.accessToken, videoId)
458 describe('When removing an user', function () {
459 it('Should fail with an incorrect id', async function () {
460 await removeUser(server.url, 'blabla', server.accessToken, 400)
463 it('Should fail with the root user', async function () {
464 await removeUser(server.url, rootId, server.accessToken, 400)
467 it('Should return 404 with a non existing id', async function () {
468 await removeUser(server.url, 4545454, server.accessToken, 404)
472 describe('When deleting our account', function () {
473 it('Should fail with with the root account', async function () {
474 await deleteMe(server.url, server.accessToken, 400)
478 describe('When register a new user', function () {
479 const registrationPath = path + '/register'
480 const baseCorrectParams = {
482 email: 'test3@example.com',
483 password: 'my super password'
486 it('Should fail with a too small username', async function () {
487 const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
489 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
492 it('Should fail with a too long username', async function () {
493 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
495 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
498 it('Should fail with an incorrect username', async function () {
499 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
501 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
504 it('Should fail with a missing email', async function () {
505 const fields = omit(baseCorrectParams, 'email')
507 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
510 it('Should fail with an invalid email', async function () {
511 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
513 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
516 it('Should fail with a too small password', async function () {
517 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
519 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
522 it('Should fail with a too long password', async function () {
523 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
525 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
528 it('Should fail if we register a user with the same username', async function () {
529 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
531 await makePostBodyRequest({
533 path: registrationPath,
534 token: server.accessToken,
536 statusCodeExpected: 409
540 it('Should fail with a "peertube" username', async function () {
541 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
543 await makePostBodyRequest({
545 path: registrationPath,
546 token: server.accessToken,
548 statusCodeExpected: 409
552 it('Should fail if we register a user with the same email', async function () {
553 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
555 await makePostBodyRequest({
557 path: registrationPath,
558 token: server.accessToken,
560 statusCodeExpected: 409
564 it('Should succeed with the correct params', async function () {
565 await makePostBodyRequest({
567 path: registrationPath,
568 token: server.accessToken,
569 fields: baseCorrectParams,
570 statusCodeExpected: 204
574 it('Should fail on a server with registration disabled', async function () {
577 email: 'test4@example.com',
578 password: 'my super password 4'
581 await makePostBodyRequest({
582 url: serverWithRegistrationDisabled.url,
583 path: registrationPath,
584 token: serverWithRegistrationDisabled.accessToken,
586 statusCodeExpected: 403
591 describe('When registering multiple users on a server with users limit', function () {
592 it('Should fail when after 3 registrations', async function () {
593 await registerUser(server.url, 'user42', 'super password', 403)
597 describe('When having a video quota', function () {
598 it('Should fail with a user having too many video', async function () {
602 accessToken: server.accessToken,
606 await uploadVideo(server.url, server.accessToken, {}, 403)
609 it('Should fail with a registered user having too many video', async function () {
614 password: 'my super password'
616 userAccessToken = await userLogin(server, user)
618 const videoAttributes = { fixture: 'video_short2.webm' }
619 await uploadVideo(server.url, userAccessToken, videoAttributes)
620 await uploadVideo(server.url, userAccessToken, videoAttributes)
621 await uploadVideo(server.url, userAccessToken, videoAttributes)
622 await uploadVideo(server.url, userAccessToken, videoAttributes)
623 await uploadVideo(server.url, userAccessToken, videoAttributes)
624 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
627 it('Should fail to import with HTTP/Torrent/magnet', async function () {
630 const baseAttributes = {
632 privacy: VideoPrivacy.PUBLIC
634 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { targetUrl: getYoutubeVideoUrl() }))
635 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { magnetUri: getMagnetURI() }))
636 await importVideo(server.url, server.accessToken, immutableAssign(baseAttributes, { torrentfile: 'video-720p.torrent' }))
638 await waitJobs([ server ])
640 const res = await getMyVideoImports(server.url, server.accessToken)
642 expect(res.body.total).to.equal(3)
643 const videoImports: VideoImport[] = res.body.data
644 expect(videoImports).to.have.lengthOf(3)
646 for (const videoImport of videoImports) {
647 expect(videoImport.state.id).to.equal(VideoImportState.FAILED)
648 expect(videoImport.error).not.to.be.undefined
649 expect(videoImport.error).to.contain('user video quota is exceeded')
654 describe('When asking a password reset', function () {
655 const path = '/api/v1/users/ask-reset-password'
657 it('Should fail with a missing email', async function () {
660 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
663 it('Should fail with an invalid email', async function () {
664 const fields = { email: 'hello' }
666 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
669 it('Should success with the correct params', async function () {
670 const fields = { email: 'admin@example.com' }
672 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
676 after(async function () {
677 killallServers([ server, serverWithRegistrationDisabled ])
679 // Keep the logs if the test failed