1 /* tslint:disable:no-unused-expression */
3 import { omit } from 'lodash'
5 import { join } from 'path'
6 import { UserRole } from '../../../../shared'
9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
10 makePostBodyRequest, makePostUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
11 updateUser, uploadVideo, userLogin
13 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
15 describe('Test users API validators', function () {
16 const path = '/api/v1/users/'
20 let server: ServerInfo
21 let serverWithRegistrationDisabled: ServerInfo
22 let userAccessToken = ''
25 password: 'my super password'
28 // ---------------------------------------------------------------
30 before(async function () {
35 server = await runServer(1)
36 serverWithRegistrationDisabled = await runServer(2)
38 await setAccessTokensToServers([ server ])
40 const videoQuota = 42000000
41 await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
42 userAccessToken = await userLogin(server, user)
44 const res = await uploadVideo(server.url, server.accessToken, {})
45 videoId = res.body.video.id
48 describe('When listing users', function () {
49 it('Should fail with a bad start pagination', async function () {
50 await checkBadStartPagination(server.url, path, server.accessToken)
53 it('Should fail with a bad count pagination', async function () {
54 await checkBadCountPagination(server.url, path, server.accessToken)
57 it('Should fail with an incorrect sort', async function () {
58 await checkBadSortPagination(server.url, path, server.accessToken)
61 it('Should fail with a non authenticated user', async function () {
62 await makeGetRequest({
65 statusCodeExpected: 401
69 it('Should fail with a non admin user', async function () {
70 await makeGetRequest({
73 token: userAccessToken,
74 statusCodeExpected: 403
79 describe('When adding a new user', function () {
80 const baseCorrectParams = {
82 email: 'test@example.com',
83 password: 'my super password',
88 it('Should fail with a too small username', async function () {
89 const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
91 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
94 it('Should fail with a too long username', async function () {
95 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
97 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
100 it('Should fail with a not lowercase username', async function () {
101 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
103 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
106 it('Should fail with an incorrect username', async function () {
107 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
109 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
112 it('Should fail with a missing email', async function () {
113 const fields = omit(baseCorrectParams, 'email')
115 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
118 it('Should fail with an invalid email', async function () {
119 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
121 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
124 it('Should fail with a too small password', async function () {
125 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
127 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
130 it('Should fail with a too long password', async function () {
131 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
133 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
136 it('Should fail with an non authenticated user', async function () {
137 await makePostBodyRequest({
140 token: 'super token',
141 fields: baseCorrectParams,
142 statusCodeExpected: 401
146 it('Should fail if we add a user with the same username', async function () {
147 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
149 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
152 it('Should fail if we add a user with the same email', async function () {
153 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
155 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
158 it('Should fail without a videoQuota', async function () {
159 const fields = omit(baseCorrectParams, 'videoQuota')
161 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
164 it('Should fail with an invalid videoQuota', async function () {
165 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
167 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
170 it('Should fail without a user role', async function () {
171 const fields = omit(baseCorrectParams, 'role')
173 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
176 it('Should fail with an invalid user role', async function () {
177 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
179 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
182 it('Should succeed with the correct params', async function () {
183 await makePostBodyRequest({
186 token: server.accessToken,
187 fields: baseCorrectParams,
188 statusCodeExpected: 200
192 it('Should fail with a non admin user', async function () {
195 password: 'my super password'
197 userAccessToken = await userLogin(server, user)
201 email: 'test@example.com',
202 password: 'my super password',
205 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
209 describe('When updating my account', function () {
210 it('Should fail with an invalid email attribute', async function () {
215 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
218 it('Should fail with a too small password', async function () {
223 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
226 it('Should fail with a too long password', async function () {
228 password: 'super'.repeat(61)
231 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
234 it('Should fail with an invalid display NSFW attribute', async function () {
239 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
242 it('Should fail with an invalid autoPlayVideo attribute', async function () {
247 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
250 it('Should fail with an non authenticated user', async function () {
252 password: 'my super password'
255 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
258 it('Should succeed with the correct params', async function () {
260 password: 'my super password',
262 autoPlayVideo: false,
263 email: 'super_email@example.com'
266 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
270 describe('When updating my avatar', function () {
271 it('Should fail without an incorrect input file', async function () {
274 'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
276 await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
279 it('Should fail with a big file', async function () {
282 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar-big.png')
284 await makePostUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
287 it('Should succeed with the correct params', async function () {
290 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
292 await makePostUploadRequest({
294 path: path + '/me/avatar/pick',
295 token: server.accessToken,
298 statusCodeExpected: 200
303 describe('When updating a user', function () {
305 before(async function () {
306 const res = await getUsersList(server.url, server.accessToken)
308 userId = res.body.data[1].id
309 rootId = res.body.data[2].id
312 it('Should fail with an invalid email attribute', async function () {
317 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
320 it('Should fail with an invalid videoQuota attribute', async function () {
325 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
328 it('Should fail with an invalid user role attribute', async function () {
333 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
336 it('Should fail with an non authenticated user', async function () {
341 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
344 it('Should fail when updating root role', async function () {
346 role: UserRole.MODERATOR
349 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
352 it('Should succeed with the correct params', async function () {
354 email: 'email@example.com',
356 role: UserRole.MODERATOR
359 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
360 userAccessToken = await userLogin(server, user)
364 describe('When getting my information', function () {
365 it('Should fail with a non authenticated user', async function () {
366 await getMyUserInformation(server.url, 'fake_token', 401)
369 it('Should success with the correct parameters', async function () {
370 await getMyUserInformation(server.url, userAccessToken)
374 describe('When getting my video rating', function () {
375 it('Should fail with a non authenticated user', async function () {
376 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
379 it('Should fail with an incorrect video uuid', async function () {
380 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
383 it('Should fail with an unknown video', async function () {
384 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
387 it('Should succeed with the correct parameters', async function () {
388 await getMyUserVideoRating(server.url, server.accessToken, videoId)
392 describe('When removing an user', function () {
393 it('Should fail with an incorrect id', async function () {
394 await removeUser(server.url, 'blabla', server.accessToken, 400)
397 it('Should fail with the root user', async function () {
398 await removeUser(server.url, rootId, server.accessToken, 400)
401 it('Should return 404 with a non existing id', async function () {
402 await removeUser(server.url, 4545454, server.accessToken, 404)
406 describe('When register a new user', function () {
407 const registrationPath = path + '/register'
408 const baseCorrectParams = {
410 email: 'test3@example.com',
411 password: 'my super password'
414 it('Should fail with a too small username', async function () {
415 const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
417 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
420 it('Should fail with a too long username', async function () {
421 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
423 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
426 it('Should fail with an incorrect username', async function () {
427 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
429 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
432 it('Should fail with a missing email', async function () {
433 const fields = omit(baseCorrectParams, 'email')
435 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
438 it('Should fail with an invalid email', async function () {
439 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
441 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
444 it('Should fail with a too small password', async function () {
445 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
447 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
450 it('Should fail with a too long password', async function () {
451 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
453 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
456 it('Should fail if we register a user with the same username', async function () {
457 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
459 await makePostBodyRequest({
461 path: registrationPath,
462 token: server.accessToken,
464 statusCodeExpected: 409
468 it('Should fail if we register a user with the same email', async function () {
469 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
471 await makePostBodyRequest({
473 path: registrationPath,
474 token: server.accessToken,
476 statusCodeExpected: 409
480 it('Should succeed with the correct params', async function () {
481 await makePostBodyRequest({
483 path: registrationPath,
484 token: server.accessToken,
485 fields: baseCorrectParams,
486 statusCodeExpected: 204
490 it('Should fail on a server with registration disabled', async function () {
493 email: 'test4@example.com',
494 password: 'my super password 4'
497 await makePostBodyRequest({
498 url: serverWithRegistrationDisabled.url,
499 path: registrationPath,
500 token: serverWithRegistrationDisabled.accessToken,
502 statusCodeExpected: 403
507 describe('When registering multiple users on a server with users limit', function () {
508 it('Should fail when after 3 registrations', async function () {
509 await registerUser(server.url, 'user42', 'super password', 403)
513 describe('When having a video quota', function () {
514 it('Should fail with a user having too many video', async function () {
518 accessToken: server.accessToken,
522 await uploadVideo(server.url, server.accessToken, {}, 403)
525 it('Should fail with a registered user having too many video', async function () {
530 password: 'my super password'
532 userAccessToken = await userLogin(server, user)
534 const videoAttributes = { fixture: 'video_short2.webm' }
535 await uploadVideo(server.url, userAccessToken, videoAttributes)
536 await uploadVideo(server.url, userAccessToken, videoAttributes)
537 await uploadVideo(server.url, userAccessToken, videoAttributes)
538 await uploadVideo(server.url, userAccessToken, videoAttributes)
539 await uploadVideo(server.url, userAccessToken, videoAttributes)
540 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
544 after(async function () {
545 killallServers([ server, serverWithRegistrationDisabled ])
547 // Keep the logs if the test failed