]> git.immae.eu Git - github/Chocobozzz/PeerTube.git/blob - server/tests/api/check-params/users.ts
projects / github / Chocobozzz / PeerTube.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Use an object to represent a server
[github/Chocobozzz/PeerTube.git] / server / tests / api / check-params / users.ts
1 /* eslint-disable @typescript-eslint/no-unused-expressions,@typescript-eslint/require-await */
2
3 import 'mocha'
4 import { omit } from 'lodash'
5 import { HttpStatusCode } from '@shared/core-utils'
6 import {
7 buildAbsoluteFixturePath,
8 checkBadCountPagination,
9 checkBadSortPagination,
10 checkBadStartPagination,
11 cleanupTests,
12 createSingleServer,
13 killallServers,
14 makeGetRequest,
15 makePostBodyRequest,
16 makePutBodyRequest,
17 makeUploadRequest,
18 MockSmtpServer,
19 PeerTubeServer,
20 setAccessTokensToServers,
21 UsersCommand
22 } from '@shared/extra-utils'
23 import { UserAdminFlag, UserRole, VideoCreateResult } from '@shared/models'
24
25 describe('Test users API validators', function () {
26 const path = '/api/v1/users/'
27 let userId: number
28 let rootId: number
29 let moderatorId: number
30 let video: VideoCreateResult
31 let server: PeerTubeServer
32 let serverWithRegistrationDisabled: PeerTubeServer
33 let userToken = ''
34 let moderatorToken = ''
35 let emailPort: number
36 let overrideConfig: Object
37
38 // ---------------------------------------------------------------
39
40 before(async function () {
41 this.timeout(30000)
42
43 const emails: object[] = []
44 emailPort = await MockSmtpServer.Instance.collectEmails(emails)
45
46 overrideConfig = { signup: { limit: 8 } }
47
48 {
49 const res = await Promise.all([
50 createSingleServer(1, overrideConfig),
51 createSingleServer(2)
52 ])
53
54 server = res[0]
55 serverWithRegistrationDisabled = res[1]
56
57 await setAccessTokensToServers([ server ])
58 }
59
60 {
61 const user = { username: 'user1' }
62 await server.users.create({ ...user })
63 userToken = await server.login.getAccessToken(user)
64 }
65
66 {
67 const moderator = { username: 'moderator1' }
68 await server.users.create({ ...moderator, role: UserRole.MODERATOR })
69 moderatorToken = await server.login.getAccessToken(moderator)
70 }
71
72 {
73 const moderator = { username: 'moderator2' }
74 await server.users.create({ ...moderator, role: UserRole.MODERATOR })
75 }
76
77 {
78 video = await server.videos.upload()
79 }
80
81 {
82 const { data } = await server.users.list()
83 userId = data.find(u => u.username === 'user1').id
84 rootId = data.find(u => u.username === 'root').id
85 moderatorId = data.find(u => u.username === 'moderator2').id
86 }
87 })
88
89 describe('When listing users', function () {
90 it('Should fail with a bad start pagination', async function () {
91 await checkBadStartPagination(server.url, path, server.accessToken)
92 })
93
94 it('Should fail with a bad count pagination', async function () {
95 await checkBadCountPagination(server.url, path, server.accessToken)
96 })
97
98 it('Should fail with an incorrect sort', async function () {
99 await checkBadSortPagination(server.url, path, server.accessToken)
100 })
101
102 it('Should fail with a non authenticated user', async function () {
103 await makeGetRequest({
104 url: server.url,
105 path,
106 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
107 })
108 })
109
110 it('Should fail with a non admin user', async function () {
111 await makeGetRequest({
112 url: server.url,
113 path,
114 token: userToken,
115 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
116 })
117 })
118 })
119
120 describe('When adding a new user', function () {
121 const baseCorrectParams = {
122 username: 'user2',
123 email: 'test@example.com',
124 password: 'my super password',
125 videoQuota: -1,
126 videoQuotaDaily: -1,
127 role: UserRole.USER,
128 adminFlags: UserAdminFlag.BYPASS_VIDEO_AUTO_BLACKLIST
129 }
130
131 it('Should fail with a too small username', async function () {
132 const fields = { ...baseCorrectParams, username: '' }
133
134 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
135 })
136
137 it('Should fail with a too long username', async function () {
138 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
139
140 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
141 })
142
143 it('Should fail with a not lowercase username', async function () {
144 const fields = { ...baseCorrectParams, username: 'Toto' }
145
146 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
147 })
148
149 it('Should fail with an incorrect username', async function () {
150 const fields = { ...baseCorrectParams, username: 'my username' }
151
152 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
153 })
154
155 it('Should fail with a missing email', async function () {
156 const fields = omit(baseCorrectParams, 'email')
157
158 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
159 })
160
161 it('Should fail with an invalid email', async function () {
162 const fields = { ...baseCorrectParams, email: 'test_example.com' }
163
164 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
165 })
166
167 it('Should fail with a too small password', async function () {
168 const fields = { ...baseCorrectParams, password: 'bla' }
169
170 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
171 })
172
173 it('Should fail with a too long password', async function () {
174 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
175
176 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
177 })
178
179 it('Should fail with empty password and no smtp configured', async function () {
180 const fields = { ...baseCorrectParams, password: '' }
181
182 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
183 })
184
185 it('Should succeed with no password on a server with smtp enabled', async function () {
186 this.timeout(20000)
187
188 await killallServers([ server ])
189
190 const config = {
191 ...overrideConfig,
192
193 smtp: {
194 hostname: 'localhost',
195 port: emailPort
196 }
197 }
198 await server.run(config)
199
200 const fields = {
201 ...baseCorrectParams,
202
203 password: '',
204 username: 'create_password',
205 email: 'create_password@example.com'
206 }
207
208 await makePostBodyRequest({
209 url: server.url,
210 path: path,
211 token: server.accessToken,
212 fields,
213 statusCodeExpected: HttpStatusCode.OK_200
214 })
215 })
216
217 it('Should fail with invalid admin flags', async function () {
218 const fields = { ...baseCorrectParams, adminFlags: 'toto' }
219
220 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
221 })
222
223 it('Should fail with an non authenticated user', async function () {
224 await makePostBodyRequest({
225 url: server.url,
226 path,
227 token: 'super token',
228 fields: baseCorrectParams,
229 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
230 })
231 })
232
233 it('Should fail if we add a user with the same username', async function () {
234 const fields = { ...baseCorrectParams, username: 'user1' }
235
236 await makePostBodyRequest({
237 url: server.url,
238 path,
239 token: server.accessToken,
240 fields,
241 statusCodeExpected: HttpStatusCode.CONFLICT_409
242 })
243 })
244
245 it('Should fail if we add a user with the same email', async function () {
246 const fields = { ...baseCorrectParams, email: 'user1@example.com' }
247
248 await makePostBodyRequest({
249 url: server.url,
250 path,
251 token: server.accessToken,
252 fields,
253 statusCodeExpected: HttpStatusCode.CONFLICT_409
254 })
255 })
256
257 it('Should fail without a videoQuota', async function () {
258 const fields = omit(baseCorrectParams, 'videoQuota')
259
260 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
261 })
262
263 it('Should fail without a videoQuotaDaily', async function () {
264 const fields = omit(baseCorrectParams, 'videoQuotaDaily')
265
266 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
267 })
268
269 it('Should fail with an invalid videoQuota', async function () {
270 const fields = { ...baseCorrectParams, videoQuota: -5 }
271
272 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
273 })
274
275 it('Should fail with an invalid videoQuotaDaily', async function () {
276 const fields = { ...baseCorrectParams, videoQuotaDaily: -7 }
277
278 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
279 })
280
281 it('Should fail without a user role', async function () {
282 const fields = omit(baseCorrectParams, 'role')
283
284 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
285 })
286
287 it('Should fail with an invalid user role', async function () {
288 const fields = { ...baseCorrectParams, role: 88989 }
289
290 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
291 })
292
293 it('Should fail with a "peertube" username', async function () {
294 const fields = { ...baseCorrectParams, username: 'peertube' }
295
296 await makePostBodyRequest({
297 url: server.url,
298 path,
299 token: server.accessToken,
300 fields,
301 statusCodeExpected: HttpStatusCode.CONFLICT_409
302 })
303 })
304
305 it('Should fail to create a moderator or an admin with a moderator', async function () {
306 for (const role of [ UserRole.MODERATOR, UserRole.ADMINISTRATOR ]) {
307 const fields = { ...baseCorrectParams, role }
308
309 await makePostBodyRequest({
310 url: server.url,
311 path,
312 token: moderatorToken,
313 fields,
314 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
315 })
316 }
317 })
318
319 it('Should succeed to create a user with a moderator', async function () {
320 const fields = { ...baseCorrectParams, username: 'a4656', email: 'a4656@example.com', role: UserRole.USER }
321
322 await makePostBodyRequest({
323 url: server.url,
324 path,
325 token: moderatorToken,
326 fields,
327 statusCodeExpected: HttpStatusCode.OK_200
328 })
329 })
330
331 it('Should succeed with the correct params', async function () {
332 await makePostBodyRequest({
333 url: server.url,
334 path,
335 token: server.accessToken,
336 fields: baseCorrectParams,
337 statusCodeExpected: HttpStatusCode.OK_200
338 })
339 })
340
341 it('Should fail with a non admin user', async function () {
342 const user = { username: 'user1' }
343 userToken = await server.login.getAccessToken(user)
344
345 const fields = {
346 username: 'user3',
347 email: 'test@example.com',
348 password: 'my super password',
349 videoQuota: 42000000
350 }
351 await makePostBodyRequest({ url: server.url, path, token: userToken, fields, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
352 })
353 })
354
355 describe('When updating my account', function () {
356
357 it('Should fail with an invalid email attribute', async function () {
358 const fields = {
359 email: 'blabla'
360 }
361
362 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
363 })
364
365 it('Should fail with a too small password', async function () {
366 const fields = {
367 currentPassword: 'password',
368 password: 'bla'
369 }
370
371 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
372 })
373
374 it('Should fail with a too long password', async function () {
375 const fields = {
376 currentPassword: 'password',
377 password: 'super'.repeat(61)
378 }
379
380 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
381 })
382
383 it('Should fail without the current password', async function () {
384 const fields = {
385 currentPassword: 'password',
386 password: 'super'.repeat(61)
387 }
388
389 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
390 })
391
392 it('Should fail with an invalid current password', async function () {
393 const fields = {
394 currentPassword: 'my super password fail',
395 password: 'super'.repeat(61)
396 }
397
398 await makePutBodyRequest({
399 url: server.url,
400 path: path + 'me',
401 token: userToken,
402 fields,
403 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
404 })
405 })
406
407 it('Should fail with an invalid NSFW policy attribute', async function () {
408 const fields = {
409 nsfwPolicy: 'hello'
410 }
411
412 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
413 })
414
415 it('Should fail with an invalid autoPlayVideo attribute', async function () {
416 const fields = {
417 autoPlayVideo: -1
418 }
419
420 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
421 })
422
423 it('Should fail with an invalid autoPlayNextVideo attribute', async function () {
424 const fields = {
425 autoPlayNextVideo: -1
426 }
427
428 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
429 })
430
431 it('Should fail with an invalid videosHistoryEnabled attribute', async function () {
432 const fields = {
433 videosHistoryEnabled: -1
434 }
435
436 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
437 })
438
439 it('Should fail with an non authenticated user', async function () {
440 const fields = {
441 currentPassword: 'password',
442 password: 'my super password'
443 }
444
445 await makePutBodyRequest({
446 url: server.url,
447 path: path + 'me',
448 token: 'super token',
449 fields,
450 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
451 })
452 })
453
454 it('Should fail with a too long description', async function () {
455 const fields = {
456 description: 'super'.repeat(201)
457 }
458
459 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
460 })
461
462 it('Should fail with an invalid videoLanguages attribute', async function () {
463 {
464 const fields = {
465 videoLanguages: 'toto'
466 }
467
468 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
469 }
470
471 {
472 const languages = []
473 for (let i = 0; i < 1000; i++) {
474 languages.push('fr')
475 }
476
477 const fields = {
478 videoLanguages: languages
479 }
480
481 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
482 }
483 })
484
485 it('Should fail with an invalid theme', async function () {
486 const fields = { theme: 'invalid' }
487 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
488 })
489
490 it('Should fail with an unknown theme', async function () {
491 const fields = { theme: 'peertube-theme-unknown' }
492 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
493 })
494
495 it('Should fail with an invalid noInstanceConfigWarningModal attribute', async function () {
496 const fields = {
497 noInstanceConfigWarningModal: -1
498 }
499
500 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
501 })
502
503 it('Should fail with an invalid noWelcomeModal attribute', async function () {
504 const fields = {
505 noWelcomeModal: -1
506 }
507
508 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userToken, fields })
509 })
510
511 it('Should succeed to change password with the correct params', async function () {
512 const fields = {
513 currentPassword: 'password',
514 password: 'my super password',
515 nsfwPolicy: 'blur',
516 autoPlayVideo: false,
517 email: 'super_email@example.com',
518 theme: 'default',
519 noInstanceConfigWarningModal: true,
520 noWelcomeModal: true
521 }
522
523 await makePutBodyRequest({
524 url: server.url,
525 path: path + 'me',
526 token: userToken,
527 fields,
528 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
529 })
530 })
531
532 it('Should succeed without password change with the correct params', async function () {
533 const fields = {
534 nsfwPolicy: 'blur',
535 autoPlayVideo: false
536 }
537
538 await makePutBodyRequest({
539 url: server.url,
540 path: path + 'me',
541 token: userToken,
542 fields,
543 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
544 })
545 })
546 })
547
548 describe('When updating my avatar', function () {
549 it('Should fail without an incorrect input file', async function () {
550 const fields = {}
551 const attaches = {
552 avatarfile: buildAbsoluteFixturePath('video_short.mp4')
553 }
554 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
555 })
556
557 it('Should fail with a big file', async function () {
558 const fields = {}
559 const attaches = {
560 avatarfile: buildAbsoluteFixturePath('avatar-big.png')
561 }
562 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
563 })
564
565 it('Should fail with an unauthenticated user', async function () {
566 const fields = {}
567 const attaches = {
568 avatarfile: buildAbsoluteFixturePath('avatar.png')
569 }
570 await makeUploadRequest({
571 url: server.url,
572 path: path + '/me/avatar/pick',
573 fields,
574 attaches,
575 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
576 })
577 })
578
579 it('Should succeed with the correct params', async function () {
580 const fields = {}
581 const attaches = {
582 avatarfile: buildAbsoluteFixturePath('avatar.png')
583 }
584 await makeUploadRequest({
585 url: server.url,
586 path: path + '/me/avatar/pick',
587 token: server.accessToken,
588 fields,
589 attaches,
590 statusCodeExpected: HttpStatusCode.OK_200
591 })
592 })
593 })
594
595 describe('When managing my scoped tokens', function () {
596
597 it('Should fail to get my scoped tokens with an non authenticated user', async function () {
598 await server.users.getMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
599 })
600
601 it('Should fail to get my scoped tokens with a bad token', async function () {
602 await server.users.getMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
603
604 })
605
606 it('Should succeed to get my scoped tokens', async function () {
607 await server.users.getMyScopedTokens()
608 })
609
610 it('Should fail to renew my scoped tokens with an non authenticated user', async function () {
611 await server.users.renewMyScopedTokens({ token: null, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
612 })
613
614 it('Should fail to renew my scoped tokens with a bad token', async function () {
615 await server.users.renewMyScopedTokens({ token: 'bad', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
616 })
617
618 it('Should succeed to renew my scoped tokens', async function () {
619 await server.users.renewMyScopedTokens()
620 })
621 })
622
623 describe('When getting a user', function () {
624
625 it('Should fail with an non authenticated user', async function () {
626 await makeGetRequest({
627 url: server.url,
628 path: path + userId,
629 token: 'super token',
630 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
631 })
632 })
633
634 it('Should fail with a non admin user', async function () {
635 await makeGetRequest({ url: server.url, path, token: userToken, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
636 })
637
638 it('Should succeed with the correct params', async function () {
639 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: HttpStatusCode.OK_200 })
640 })
641 })
642
643 describe('When updating a user', function () {
644
645 it('Should fail with an invalid email attribute', async function () {
646 const fields = {
647 email: 'blabla'
648 }
649
650 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
651 })
652
653 it('Should fail with an invalid emailVerified attribute', async function () {
654 const fields = {
655 emailVerified: 'yes'
656 }
657
658 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
659 })
660
661 it('Should fail with an invalid videoQuota attribute', async function () {
662 const fields = {
663 videoQuota: -90
664 }
665
666 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
667 })
668
669 it('Should fail with an invalid user role attribute', async function () {
670 const fields = {
671 role: 54878
672 }
673
674 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
675 })
676
677 it('Should fail with a too small password', async function () {
678 const fields = {
679 currentPassword: 'password',
680 password: 'bla'
681 }
682
683 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
684 })
685
686 it('Should fail with a too long password', async function () {
687 const fields = {
688 currentPassword: 'password',
689 password: 'super'.repeat(61)
690 }
691
692 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
693 })
694
695 it('Should fail with an non authenticated user', async function () {
696 const fields = {
697 videoQuota: 42
698 }
699
700 await makePutBodyRequest({
701 url: server.url,
702 path: path + userId,
703 token: 'super token',
704 fields,
705 statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401
706 })
707 })
708
709 it('Should fail when updating root role', async function () {
710 const fields = {
711 role: UserRole.MODERATOR
712 }
713
714 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
715 })
716
717 it('Should fail with invalid admin flags', async function () {
718 const fields = { adminFlags: 'toto' }
719
720 await makePutBodyRequest({ url: server.url, path, token: server.accessToken, fields })
721 })
722
723 it('Should fail to update an admin with a moderator', async function () {
724 const fields = {
725 videoQuota: 42
726 }
727
728 await makePutBodyRequest({
729 url: server.url,
730 path: path + moderatorId,
731 token: moderatorToken,
732 fields,
733 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
734 })
735 })
736
737 it('Should succeed to update a user with a moderator', async function () {
738 const fields = {
739 videoQuota: 42
740 }
741
742 await makePutBodyRequest({
743 url: server.url,
744 path: path + userId,
745 token: moderatorToken,
746 fields,
747 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
748 })
749 })
750
751 it('Should succeed with the correct params', async function () {
752 const fields = {
753 email: 'email@example.com',
754 emailVerified: true,
755 videoQuota: 42,
756 role: UserRole.USER
757 }
758
759 await makePutBodyRequest({
760 url: server.url,
761 path: path + userId,
762 token: server.accessToken,
763 fields,
764 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
765 })
766 })
767 })
768
769 describe('When getting my information', function () {
770 it('Should fail with a non authenticated user', async function () {
771 await server.users.getMyInfo({ token: 'fake_token', expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
772 })
773
774 it('Should success with the correct parameters', async function () {
775 await server.users.getMyInfo({ token: userToken })
776 })
777 })
778
779 describe('When getting my video rating', function () {
780 let command: UsersCommand
781
782 before(function () {
783 command = server.users
784 })
785
786 it('Should fail with a non authenticated user', async function () {
787 await command.getMyRating({ token: 'fake_token', videoId: video.id, expectedStatus: HttpStatusCode.UNAUTHORIZED_401 })
788 })
789
790 it('Should fail with an incorrect video uuid', async function () {
791 await command.getMyRating({ videoId: 'blabla', expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
792 })
793
794 it('Should fail with an unknown video', async function () {
795 await command.getMyRating({ videoId: '4da6fde3-88f7-4d16-b119-108df5630b06', expectedStatus: HttpStatusCode.NOT_FOUND_404 })
796 })
797
798 it('Should succeed with the correct parameters', async function () {
799 await command.getMyRating({ videoId: video.id })
800 await command.getMyRating({ videoId: video.uuid })
801 await command.getMyRating({ videoId: video.shortUUID })
802 })
803 })
804
805 describe('When retrieving my global ratings', function () {
806 const path = '/api/v1/accounts/user1/ratings'
807
808 it('Should fail with a bad start pagination', async function () {
809 await checkBadStartPagination(server.url, path, userToken)
810 })
811
812 it('Should fail with a bad count pagination', async function () {
813 await checkBadCountPagination(server.url, path, userToken)
814 })
815
816 it('Should fail with an incorrect sort', async function () {
817 await checkBadSortPagination(server.url, path, userToken)
818 })
819
820 it('Should fail with a unauthenticated user', async function () {
821 await makeGetRequest({ url: server.url, path, statusCodeExpected: HttpStatusCode.UNAUTHORIZED_401 })
822 })
823
824 it('Should fail with a another user', async function () {
825 await makeGetRequest({ url: server.url, path, token: server.accessToken, statusCodeExpected: HttpStatusCode.FORBIDDEN_403 })
826 })
827
828 it('Should fail with a bad type', async function () {
829 await makeGetRequest({
830 url: server.url,
831 path,
832 token: userToken,
833 query: { rating: 'toto ' },
834 statusCodeExpected: HttpStatusCode.BAD_REQUEST_400
835 })
836 })
837
838 it('Should succeed with the correct params', async function () {
839 await makeGetRequest({ url: server.url, path, token: userToken, statusCodeExpected: HttpStatusCode.OK_200 })
840 })
841 })
842
843 describe('When blocking/unblocking/removing user', function () {
844
845 it('Should fail with an incorrect id', async function () {
846 const options = { userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
847
848 await server.users.remove(options)
849 await server.users.banUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
850 await server.users.unbanUser({ userId: 'blabla' as any, expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
851 })
852
853 it('Should fail with the root user', async function () {
854 const options = { userId: rootId, expectedStatus: HttpStatusCode.BAD_REQUEST_400 }
855
856 await server.users.remove(options)
857 await server.users.banUser(options)
858 await server.users.unbanUser(options)
859 })
860
861 it('Should return 404 with a non existing id', async function () {
862 const options = { userId: 4545454, expectedStatus: HttpStatusCode.NOT_FOUND_404 }
863
864 await server.users.remove(options)
865 await server.users.banUser(options)
866 await server.users.unbanUser(options)
867 })
868
869 it('Should fail with a non admin user', async function () {
870 const options = { userId, token: userToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
871
872 await server.users.remove(options)
873 await server.users.banUser(options)
874 await server.users.unbanUser(options)
875 })
876
877 it('Should fail on a moderator with a moderator', async function () {
878 const options = { userId: moderatorId, token: moderatorToken, expectedStatus: HttpStatusCode.FORBIDDEN_403 }
879
880 await server.users.remove(options)
881 await server.users.banUser(options)
882 await server.users.unbanUser(options)
883 })
884
885 it('Should succeed on a user with a moderator', async function () {
886 const options = { userId, token: moderatorToken }
887
888 await server.users.banUser(options)
889 await server.users.unbanUser(options)
890 })
891 })
892
893 describe('When deleting our account', function () {
894 it('Should fail with with the root account', async function () {
895 await server.users.deleteMe({ expectedStatus: HttpStatusCode.BAD_REQUEST_400 })
896 })
897 })
898
899 describe('When registering a new user', function () {
900 const registrationPath = path + '/register'
901 const baseCorrectParams = {
902 username: 'user3',
903 displayName: 'super user',
904 email: 'test3@example.com',
905 password: 'my super password'
906 }
907
908 it('Should fail with a too small username', async function () {
909 const fields = { ...baseCorrectParams, username: '' }
910
911 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
912 })
913
914 it('Should fail with a too long username', async function () {
915 const fields = { ...baseCorrectParams, username: 'super'.repeat(50) }
916
917 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
918 })
919
920 it('Should fail with an incorrect username', async function () {
921 const fields = { ...baseCorrectParams, username: 'my username' }
922
923 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
924 })
925
926 it('Should fail with a missing email', async function () {
927 const fields = omit(baseCorrectParams, 'email')
928
929 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
930 })
931
932 it('Should fail with an invalid email', async function () {
933 const fields = { ...baseCorrectParams, email: 'test_example.com' }
934
935 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
936 })
937
938 it('Should fail with a too small password', async function () {
939 const fields = { ...baseCorrectParams, password: 'bla' }
940
941 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
942 })
943
944 it('Should fail with a too long password', async function () {
945 const fields = { ...baseCorrectParams, password: 'super'.repeat(61) }
946
947 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
948 })
949
950 it('Should fail if we register a user with the same username', async function () {
951 const fields = { ...baseCorrectParams, username: 'root' }
952
953 await makePostBodyRequest({
954 url: server.url,
955 path: registrationPath,
956 token: server.accessToken,
957 fields,
958 statusCodeExpected: HttpStatusCode.CONFLICT_409
959 })
960 })
961
962 it('Should fail with a "peertube" username', async function () {
963 const fields = { ...baseCorrectParams, username: 'peertube' }
964
965 await makePostBodyRequest({
966 url: server.url,
967 path: registrationPath,
968 token: server.accessToken,
969 fields,
970 statusCodeExpected: HttpStatusCode.CONFLICT_409
971 })
972 })
973
974 it('Should fail if we register a user with the same email', async function () {
975 const fields = { ...baseCorrectParams, email: 'admin' + server.internalServerNumber + '@example.com' }
976
977 await makePostBodyRequest({
978 url: server.url,
979 path: registrationPath,
980 token: server.accessToken,
981 fields,
982 statusCodeExpected: HttpStatusCode.CONFLICT_409
983 })
984 })
985
986 it('Should fail with a bad display name', async function () {
987 const fields = { ...baseCorrectParams, displayName: 'a'.repeat(150) }
988
989 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
990 })
991
992 it('Should fail with a bad channel name', async function () {
993 const fields = { ...baseCorrectParams, channel: { name: '[]azf', displayName: 'toto' } }
994
995 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
996 })
997
998 it('Should fail with a bad channel display name', async function () {
999 const fields = { ...baseCorrectParams, channel: { name: 'toto', displayName: '' } }
1000
1001 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1002 })
1003
1004 it('Should fail with a channel name that is the same as username', async function () {
1005 const source = { username: 'super_user', channel: { name: 'super_user', displayName: 'display name' } }
1006 const fields = { ...baseCorrectParams, ...source }
1007
1008 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
1009 })
1010
1011 it('Should fail with an existing channel', async function () {
1012 const attributes = { name: 'existing_channel', displayName: 'hello', description: 'super description' }
1013 await server.channels.create({ attributes })
1014
1015 const fields = { ...baseCorrectParams, channel: { name: 'existing_channel', displayName: 'toto' } }
1016
1017 await makePostBodyRequest({
1018 url: server.url,
1019 path: registrationPath,
1020 token: server.accessToken,
1021 fields,
1022 statusCodeExpected: HttpStatusCode.CONFLICT_409
1023 })
1024 })
1025
1026 it('Should succeed with the correct params', async function () {
1027 const fields = { ...baseCorrectParams, channel: { name: 'super_channel', displayName: 'toto' } }
1028
1029 await makePostBodyRequest({
1030 url: server.url,
1031 path: registrationPath,
1032 token: server.accessToken,
1033 fields: fields,
1034 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1035 })
1036 })
1037
1038 it('Should fail on a server with registration disabled', async function () {
1039 const fields = {
1040 username: 'user4',
1041 email: 'test4@example.com',
1042 password: 'my super password 4'
1043 }
1044
1045 await makePostBodyRequest({
1046 url: serverWithRegistrationDisabled.url,
1047 path: registrationPath,
1048 token: serverWithRegistrationDisabled.accessToken,
1049 fields,
1050 statusCodeExpected: HttpStatusCode.FORBIDDEN_403
1051 })
1052 })
1053 })
1054
1055 describe('When registering multiple users on a server with users limit', function () {
1056 it('Should fail when after 3 registrations', async function () {
1057 await server.users.register({ username: 'user42', expectedStatus: HttpStatusCode.FORBIDDEN_403 })
1058 })
1059 })
1060
1061 describe('When asking a password reset', function () {
1062 const path = '/api/v1/users/ask-reset-password'
1063
1064 it('Should fail with a missing email', async function () {
1065 const fields = {}
1066
1067 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1068 })
1069
1070 it('Should fail with an invalid email', async function () {
1071 const fields = { email: 'hello' }
1072
1073 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1074 })
1075
1076 it('Should success with the correct params', async function () {
1077 const fields = { email: 'admin@example.com' }
1078
1079 await makePostBodyRequest({
1080 url: server.url,
1081 path,
1082 token: server.accessToken,
1083 fields,
1084 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1085 })
1086 })
1087 })
1088
1089 describe('When asking for an account verification email', function () {
1090 const path = '/api/v1/users/ask-send-verify-email'
1091
1092 it('Should fail with a missing email', async function () {
1093 const fields = {}
1094
1095 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1096 })
1097
1098 it('Should fail with an invalid email', async function () {
1099 const fields = { email: 'hello' }
1100
1101 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
1102 })
1103
1104 it('Should succeed with the correct params', async function () {
1105 const fields = { email: 'admin@example.com' }
1106
1107 await makePostBodyRequest({
1108 url: server.url,
1109 path,
1110 token: server.accessToken,
1111 fields,
1112 statusCodeExpected: HttpStatusCode.NO_CONTENT_204
1113 })
1114 })
1115 })
1116
1117 after(async function () {
1118 MockSmtpServer.Instance.kill()
1119
1120 await cleanupTests([ server, serverWithRegistrationDisabled ])
1121 })
1122 })
ActivityPub-federated video streaming platform using P2P directly in your web browser