1 /* tslint:disable:no-unused-expression */
3 import { omit } from 'lodash'
5 import { join } from 'path'
6 import { UserRole } from '../../../../shared'
9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
10 makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
11 updateUser, uploadVideo, userLogin
13 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
15 describe('Test users API validators', function () {
16 const path = '/api/v1/users/'
20 let server: ServerInfo
21 let serverWithRegistrationDisabled: ServerInfo
22 let userAccessToken = ''
25 password: 'my super password'
28 // ---------------------------------------------------------------
30 before(async function () {
35 server = await runServer(1)
36 serverWithRegistrationDisabled = await runServer(2)
38 await setAccessTokensToServers([ server ])
40 const videoQuota = 42000000
41 await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
42 userAccessToken = await userLogin(server, user)
44 const res = await uploadVideo(server.url, server.accessToken, {})
45 videoId = res.body.video.id
48 describe('When listing users', function () {
49 it('Should fail with a bad start pagination', async function () {
50 await checkBadStartPagination(server.url, path, server.accessToken)
53 it('Should fail with a bad count pagination', async function () {
54 await checkBadCountPagination(server.url, path, server.accessToken)
57 it('Should fail with an incorrect sort', async function () {
58 await checkBadSortPagination(server.url, path, server.accessToken)
61 it('Should fail with a non authenticated user', async function () {
62 await makeGetRequest({
65 statusCodeExpected: 401
69 it('Should fail with a non admin user', async function () {
70 await makeGetRequest({
73 token: userAccessToken,
74 statusCodeExpected: 403
79 describe('When adding a new user', function () {
80 const baseCorrectParams = {
82 email: 'test@example.com',
83 password: 'my super password',
88 it('Should fail with a too small username', async function () {
89 const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
91 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
94 it('Should fail with a too long username', async function () {
95 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
97 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
100 it('Should fail with a not lowercase username', async function () {
101 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
103 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
106 it('Should fail with an incorrect username', async function () {
107 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
109 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
112 it('Should fail with a missing email', async function () {
113 const fields = omit(baseCorrectParams, 'email')
115 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
118 it('Should fail with an invalid email', async function () {
119 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
121 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
124 it('Should fail with a too small password', async function () {
125 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
127 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
130 it('Should fail with a too long password', async function () {
131 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
133 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
136 it('Should fail with an non authenticated user', async function () {
137 await makePostBodyRequest({
140 token: 'super token',
141 fields: baseCorrectParams,
142 statusCodeExpected: 401
146 it('Should fail if we add a user with the same username', async function () {
147 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
149 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
152 it('Should fail if we add a user with the same email', async function () {
153 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
155 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
158 it('Should fail without a videoQuota', async function () {
159 const fields = omit(baseCorrectParams, 'videoQuota')
161 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
164 it('Should fail with an invalid videoQuota', async function () {
165 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
167 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
170 it('Should fail without a user role', async function () {
171 const fields = omit(baseCorrectParams, 'role')
173 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
176 it('Should fail with an invalid user role', async function () {
177 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
179 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
182 it('Should succeed with the correct params', async function () {
183 await makePostBodyRequest({
186 token: server.accessToken,
187 fields: baseCorrectParams,
188 statusCodeExpected: 200
192 it('Should fail with a non admin user', async function () {
195 password: 'my super password'
197 userAccessToken = await userLogin(server, user)
201 email: 'test@example.com',
202 password: 'my super password',
205 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
209 describe('When updating my account', function () {
210 it('Should fail with an invalid email attribute', async function () {
215 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
218 it('Should fail with a too small password', async function () {
223 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
226 it('Should fail with a too long password', async function () {
228 password: 'super'.repeat(61)
231 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
234 it('Should fail with an invalid display NSFW attribute', async function () {
239 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
242 it('Should fail with an invalid autoPlayVideo attribute', async function () {
247 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
250 it('Should fail with an non authenticated user', async function () {
252 password: 'my super password'
255 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
258 it('Should fail with a too long description', async function () {
260 description: 'super'.repeat(60)
263 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
266 it('Should succeed with the correct params', async function () {
268 password: 'my super password',
270 autoPlayVideo: false,
271 email: 'super_email@example.com'
274 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
278 describe('When updating my avatar', function () {
279 it('Should fail without an incorrect input file', async function () {
282 'avatarfile': join(__dirname, '..', 'fixtures', 'video_short.mp4')
284 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
287 it('Should fail with a big file', async function () {
290 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar-big.png')
292 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
295 it('Should succeed with the correct params', async function () {
298 'avatarfile': join(__dirname, '..', 'fixtures', 'avatar.png')
300 await makeUploadRequest({
302 path: path + '/me/avatar/pick',
303 token: server.accessToken,
306 statusCodeExpected: 200
311 describe('When getting a user', function () {
312 before(async function () {
313 const res = await getUsersList(server.url, server.accessToken)
315 userId = res.body.data[1].id
318 it('Should fail with an non authenticated user', async function () {
319 await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
322 it('Should fail with a non admin user', async function () {
323 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
326 it('Should succeed with the correct params', async function () {
327 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
331 describe('When updating a user', function () {
333 before(async function () {
334 const res = await getUsersList(server.url, server.accessToken)
336 userId = res.body.data[1].id
337 rootId = res.body.data[2].id
340 it('Should fail with an invalid email attribute', async function () {
345 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
348 it('Should fail with an invalid videoQuota attribute', async function () {
353 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
356 it('Should fail with an invalid user role attribute', async function () {
361 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
364 it('Should fail with an non authenticated user', async function () {
369 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
372 it('Should fail when updating root role', async function () {
374 role: UserRole.MODERATOR
377 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
380 it('Should succeed with the correct params', async function () {
382 email: 'email@example.com',
384 role: UserRole.MODERATOR
387 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
388 userAccessToken = await userLogin(server, user)
392 describe('When getting my information', function () {
393 it('Should fail with a non authenticated user', async function () {
394 await getMyUserInformation(server.url, 'fake_token', 401)
397 it('Should success with the correct parameters', async function () {
398 await getMyUserInformation(server.url, userAccessToken)
402 describe('When getting my video rating', function () {
403 it('Should fail with a non authenticated user', async function () {
404 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
407 it('Should fail with an incorrect video uuid', async function () {
408 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
411 it('Should fail with an unknown video', async function () {
412 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
415 it('Should succeed with the correct parameters', async function () {
416 await getMyUserVideoRating(server.url, server.accessToken, videoId)
420 describe('When removing an user', function () {
421 it('Should fail with an incorrect id', async function () {
422 await removeUser(server.url, 'blabla', server.accessToken, 400)
425 it('Should fail with the root user', async function () {
426 await removeUser(server.url, rootId, server.accessToken, 400)
429 it('Should return 404 with a non existing id', async function () {
430 await removeUser(server.url, 4545454, server.accessToken, 404)
434 describe('When register a new user', function () {
435 const registrationPath = path + '/register'
436 const baseCorrectParams = {
438 email: 'test3@example.com',
439 password: 'my super password'
442 it('Should fail with a too small username', async function () {
443 const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
445 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
448 it('Should fail with a too long username', async function () {
449 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
451 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
454 it('Should fail with an incorrect username', async function () {
455 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
457 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
460 it('Should fail with a missing email', async function () {
461 const fields = omit(baseCorrectParams, 'email')
463 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
466 it('Should fail with an invalid email', async function () {
467 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
469 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
472 it('Should fail with a too small password', async function () {
473 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
475 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
478 it('Should fail with a too long password', async function () {
479 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
481 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
484 it('Should fail if we register a user with the same username', async function () {
485 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
487 await makePostBodyRequest({
489 path: registrationPath,
490 token: server.accessToken,
492 statusCodeExpected: 409
496 it('Should fail if we register a user with the same email', async function () {
497 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
499 await makePostBodyRequest({
501 path: registrationPath,
502 token: server.accessToken,
504 statusCodeExpected: 409
508 it('Should succeed with the correct params', async function () {
509 await makePostBodyRequest({
511 path: registrationPath,
512 token: server.accessToken,
513 fields: baseCorrectParams,
514 statusCodeExpected: 204
518 it('Should fail on a server with registration disabled', async function () {
521 email: 'test4@example.com',
522 password: 'my super password 4'
525 await makePostBodyRequest({
526 url: serverWithRegistrationDisabled.url,
527 path: registrationPath,
528 token: serverWithRegistrationDisabled.accessToken,
530 statusCodeExpected: 403
535 describe('When registering multiple users on a server with users limit', function () {
536 it('Should fail when after 3 registrations', async function () {
537 await registerUser(server.url, 'user42', 'super password', 403)
541 describe('When having a video quota', function () {
542 it('Should fail with a user having too many video', async function () {
546 accessToken: server.accessToken,
550 await uploadVideo(server.url, server.accessToken, {}, 403)
553 it('Should fail with a registered user having too many video', async function () {
558 password: 'my super password'
560 userAccessToken = await userLogin(server, user)
562 const videoAttributes = { fixture: 'video_short2.webm' }
563 await uploadVideo(server.url, userAccessToken, videoAttributes)
564 await uploadVideo(server.url, userAccessToken, videoAttributes)
565 await uploadVideo(server.url, userAccessToken, videoAttributes)
566 await uploadVideo(server.url, userAccessToken, videoAttributes)
567 await uploadVideo(server.url, userAccessToken, videoAttributes)
568 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
572 describe('When asking a password reset', function () {
573 const path = '/api/v1/users/ask-reset-password'
575 it('Should fail with a missing email', async function () {
578 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
581 it('Should fail with an invalid email', async function () {
582 const fields = { email: 'hello' }
584 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
587 it('Should success with the correct params', async function () {
588 const fields = { email: 'admin@example.com' }
590 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
594 after(async function () {
595 killallServers([ server, serverWithRegistrationDisabled ])
597 // Keep the logs if the test failed