1 /* tslint:disable:no-unused-expression */
3 import { omit } from 'lodash'
5 import { join } from 'path'
6 import { UserRole } from '../../../../shared'
9 createUser, flushTests, getMyUserInformation, getMyUserVideoRating, getUsersList, immutableAssign, killallServers, makeGetRequest,
10 makePostBodyRequest, makeUploadRequest, makePutBodyRequest, registerUser, removeUser, runServer, ServerInfo, setAccessTokensToServers,
11 updateUser, uploadVideo, userLogin
13 import { checkBadCountPagination, checkBadSortPagination, checkBadStartPagination } from '../../utils/requests/check-api-params'
15 describe('Test users API validators', function () {
16 const path = '/api/v1/users/'
20 let server: ServerInfo
21 let serverWithRegistrationDisabled: ServerInfo
22 let userAccessToken = ''
25 password: 'my super password'
28 // ---------------------------------------------------------------
30 before(async function () {
35 server = await runServer(1)
36 serverWithRegistrationDisabled = await runServer(2)
38 await setAccessTokensToServers([ server ])
40 const videoQuota = 42000000
41 await createUser(server.url, server.accessToken, user.username, user.password, videoQuota)
42 userAccessToken = await userLogin(server, user)
44 const res = await uploadVideo(server.url, server.accessToken, {})
45 videoId = res.body.video.id
48 describe('When listing users', function () {
49 it('Should fail with a bad start pagination', async function () {
50 await checkBadStartPagination(server.url, path, server.accessToken)
53 it('Should fail with a bad count pagination', async function () {
54 await checkBadCountPagination(server.url, path, server.accessToken)
57 it('Should fail with an incorrect sort', async function () {
58 await checkBadSortPagination(server.url, path, server.accessToken)
61 it('Should fail with a non authenticated user', async function () {
62 await makeGetRequest({
65 statusCodeExpected: 401
69 it('Should fail with a non admin user', async function () {
70 await makeGetRequest({
73 token: userAccessToken,
74 statusCodeExpected: 403
79 describe('When adding a new user', function () {
80 const baseCorrectParams = {
82 email: 'test@example.com',
83 password: 'my super password',
88 it('Should fail with a too small username', async function () {
89 const fields = immutableAssign(baseCorrectParams, { username: 'fi' })
91 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
94 it('Should fail with a too long username', async function () {
95 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
97 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
100 it('Should fail with a not lowercase username', async function () {
101 const fields = immutableAssign(baseCorrectParams, { username: 'Toto' })
103 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
106 it('Should fail with an incorrect username', async function () {
107 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
109 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
112 it('Should fail with a missing email', async function () {
113 const fields = omit(baseCorrectParams, 'email')
115 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
118 it('Should fail with an invalid email', async function () {
119 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
121 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
124 it('Should fail with a too small password', async function () {
125 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
127 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
130 it('Should fail with a too long password', async function () {
131 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
133 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
136 it('Should fail with an non authenticated user', async function () {
137 await makePostBodyRequest({
140 token: 'super token',
141 fields: baseCorrectParams,
142 statusCodeExpected: 401
146 it('Should fail if we add a user with the same username', async function () {
147 const fields = immutableAssign(baseCorrectParams, { username: 'user1' })
149 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
152 it('Should fail if we add a user with the same email', async function () {
153 const fields = immutableAssign(baseCorrectParams, { email: 'user1@example.com' })
155 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 409 })
158 it('Should fail without a videoQuota', async function () {
159 const fields = omit(baseCorrectParams, 'videoQuota')
161 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
164 it('Should fail with an invalid videoQuota', async function () {
165 const fields = immutableAssign(baseCorrectParams, { videoQuota: -5 })
167 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
170 it('Should fail without a user role', async function () {
171 const fields = omit(baseCorrectParams, 'role')
173 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
176 it('Should fail with an invalid user role', async function () {
177 const fields = immutableAssign(baseCorrectParams, { role: 88989 })
179 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
182 it('Should fail with a "peertube" username', async function () {
183 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
185 await makePostBodyRequest({
188 token: server.accessToken,
190 statusCodeExpected: 409
194 it('Should succeed with the correct params', async function () {
195 await makePostBodyRequest({
198 token: server.accessToken,
199 fields: baseCorrectParams,
200 statusCodeExpected: 200
204 it('Should fail with a non admin user', async function () {
207 password: 'my super password'
209 userAccessToken = await userLogin(server, user)
213 email: 'test@example.com',
214 password: 'my super password',
217 await makePostBodyRequest({ url: server.url, path, token: userAccessToken, fields, statusCodeExpected: 403 })
221 describe('When updating my account', function () {
222 it('Should fail with an invalid email attribute', async function () {
227 await makePutBodyRequest({ url: server.url, path: path + 'me', token: server.accessToken, fields })
230 it('Should fail with a too small password', async function () {
235 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
238 it('Should fail with a too long password', async function () {
240 password: 'super'.repeat(61)
243 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
246 it('Should fail with an invalid NSFW policy attribute', async function () {
251 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
254 it('Should fail with an invalid autoPlayVideo attribute', async function () {
259 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
262 it('Should fail with an non authenticated user', async function () {
264 password: 'my super password'
267 await makePutBodyRequest({ url: server.url, path: path + 'me', token: 'super token', fields, statusCodeExpected: 401 })
270 it('Should fail with a too long description', async function () {
272 description: 'super'.repeat(60)
275 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields })
278 it('Should succeed with the correct params', async function () {
280 password: 'my super password',
282 autoPlayVideo: false,
283 email: 'super_email@example.com'
286 await makePutBodyRequest({ url: server.url, path: path + 'me', token: userAccessToken, fields, statusCodeExpected: 204 })
290 describe('When updating my avatar', function () {
291 it('Should fail without an incorrect input file', async function () {
294 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'video_short.mp4')
296 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
299 it('Should fail with a big file', async function () {
302 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar-big.png')
304 await makeUploadRequest({ url: server.url, path: path + '/me/avatar/pick', token: server.accessToken, fields, attaches })
307 it('Should fail with an unauthenticated user', async function () {
310 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar.png')
312 await makeUploadRequest({
314 path: path + '/me/avatar/pick',
317 statusCodeExpected: 401
321 it('Should succeed with the correct params', async function () {
324 'avatarfile': join(__dirname, '..', '..', 'fixtures', 'avatar.png')
326 await makeUploadRequest({
328 path: path + '/me/avatar/pick',
329 token: server.accessToken,
332 statusCodeExpected: 200
337 describe('When getting a user', function () {
338 before(async function () {
339 const res = await getUsersList(server.url, server.accessToken)
341 userId = res.body.data[1].id
344 it('Should fail with an non authenticated user', async function () {
345 await makeGetRequest({ url: server.url, path: path + userId, token: 'super token', statusCodeExpected: 401 })
348 it('Should fail with a non admin user', async function () {
349 await makeGetRequest({ url: server.url, path, token: userAccessToken, statusCodeExpected: 403 })
352 it('Should succeed with the correct params', async function () {
353 await makeGetRequest({ url: server.url, path: path + userId, token: server.accessToken, statusCodeExpected: 200 })
357 describe('When updating a user', function () {
359 before(async function () {
360 const res = await getUsersList(server.url, server.accessToken)
362 userId = res.body.data[1].id
363 rootId = res.body.data[2].id
366 it('Should fail with an invalid email attribute', async function () {
371 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
374 it('Should fail with an invalid videoQuota attribute', async function () {
379 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
382 it('Should fail with an invalid user role attribute', async function () {
387 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields })
390 it('Should fail with an non authenticated user', async function () {
395 await makePutBodyRequest({ url: server.url, path: path + userId, token: 'super token', fields, statusCodeExpected: 401 })
398 it('Should fail when updating root role', async function () {
400 role: UserRole.MODERATOR
403 await makePutBodyRequest({ url: server.url, path: path + rootId, token: server.accessToken, fields })
406 it('Should succeed with the correct params', async function () {
408 email: 'email@example.com',
410 role: UserRole.MODERATOR
413 await makePutBodyRequest({ url: server.url, path: path + userId, token: server.accessToken, fields, statusCodeExpected: 204 })
414 userAccessToken = await userLogin(server, user)
418 describe('When getting my information', function () {
419 it('Should fail with a non authenticated user', async function () {
420 await getMyUserInformation(server.url, 'fake_token', 401)
423 it('Should success with the correct parameters', async function () {
424 await getMyUserInformation(server.url, userAccessToken)
428 describe('When getting my video rating', function () {
429 it('Should fail with a non authenticated user', async function () {
430 await getMyUserVideoRating(server.url, 'fake_token', videoId, 401)
433 it('Should fail with an incorrect video uuid', async function () {
434 await getMyUserVideoRating(server.url, server.accessToken, 'blabla', 400)
437 it('Should fail with an unknown video', async function () {
438 await getMyUserVideoRating(server.url, server.accessToken, '4da6fde3-88f7-4d16-b119-108df5630b06', 404)
441 it('Should succeed with the correct parameters', async function () {
442 await getMyUserVideoRating(server.url, server.accessToken, videoId)
446 describe('When removing an user', function () {
447 it('Should fail with an incorrect id', async function () {
448 await removeUser(server.url, 'blabla', server.accessToken, 400)
451 it('Should fail with the root user', async function () {
452 await removeUser(server.url, rootId, server.accessToken, 400)
455 it('Should return 404 with a non existing id', async function () {
456 await removeUser(server.url, 4545454, server.accessToken, 404)
460 describe('When register a new user', function () {
461 const registrationPath = path + '/register'
462 const baseCorrectParams = {
464 email: 'test3@example.com',
465 password: 'my super password'
468 it('Should fail with a too small username', async function () {
469 const fields = immutableAssign(baseCorrectParams, { username: 'ji' })
471 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
474 it('Should fail with a too long username', async function () {
475 const fields = immutableAssign(baseCorrectParams, { username: 'my_super_username_which_is_very_long' })
477 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
480 it('Should fail with an incorrect username', async function () {
481 const fields = immutableAssign(baseCorrectParams, { username: 'my username' })
483 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
486 it('Should fail with a missing email', async function () {
487 const fields = omit(baseCorrectParams, 'email')
489 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
492 it('Should fail with an invalid email', async function () {
493 const fields = immutableAssign(baseCorrectParams, { email: 'test_example.com' })
495 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
498 it('Should fail with a too small password', async function () {
499 const fields = immutableAssign(baseCorrectParams, { password: 'bla' })
501 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
504 it('Should fail with a too long password', async function () {
505 const fields = immutableAssign(baseCorrectParams, { password: 'super'.repeat(61) })
507 await makePostBodyRequest({ url: server.url, path: registrationPath, token: server.accessToken, fields })
510 it('Should fail if we register a user with the same username', async function () {
511 const fields = immutableAssign(baseCorrectParams, { username: 'root' })
513 await makePostBodyRequest({
515 path: registrationPath,
516 token: server.accessToken,
518 statusCodeExpected: 409
522 it('Should fail with a "peertube" username', async function () {
523 const fields = immutableAssign(baseCorrectParams, { username: 'peertube' })
525 await makePostBodyRequest({
527 path: registrationPath,
528 token: server.accessToken,
530 statusCodeExpected: 409
534 it('Should fail if we register a user with the same email', async function () {
535 const fields = immutableAssign(baseCorrectParams, { email: 'admin1@example.com' })
537 await makePostBodyRequest({
539 path: registrationPath,
540 token: server.accessToken,
542 statusCodeExpected: 409
546 it('Should succeed with the correct params', async function () {
547 await makePostBodyRequest({
549 path: registrationPath,
550 token: server.accessToken,
551 fields: baseCorrectParams,
552 statusCodeExpected: 204
556 it('Should fail on a server with registration disabled', async function () {
559 email: 'test4@example.com',
560 password: 'my super password 4'
563 await makePostBodyRequest({
564 url: serverWithRegistrationDisabled.url,
565 path: registrationPath,
566 token: serverWithRegistrationDisabled.accessToken,
568 statusCodeExpected: 403
573 describe('When registering multiple users on a server with users limit', function () {
574 it('Should fail when after 3 registrations', async function () {
575 await registerUser(server.url, 'user42', 'super password', 403)
579 describe('When having a video quota', function () {
580 it('Should fail with a user having too many video', async function () {
584 accessToken: server.accessToken,
588 await uploadVideo(server.url, server.accessToken, {}, 403)
591 it('Should fail with a registered user having too many video', async function () {
596 password: 'my super password'
598 userAccessToken = await userLogin(server, user)
600 const videoAttributes = { fixture: 'video_short2.webm' }
601 await uploadVideo(server.url, userAccessToken, videoAttributes)
602 await uploadVideo(server.url, userAccessToken, videoAttributes)
603 await uploadVideo(server.url, userAccessToken, videoAttributes)
604 await uploadVideo(server.url, userAccessToken, videoAttributes)
605 await uploadVideo(server.url, userAccessToken, videoAttributes)
606 await uploadVideo(server.url, userAccessToken, videoAttributes, 403)
610 describe('When asking a password reset', function () {
611 const path = '/api/v1/users/ask-reset-password'
613 it('Should fail with a missing email', async function () {
616 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
619 it('Should fail with an invalid email', async function () {
620 const fields = { email: 'hello' }
622 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
625 it('Should success with the correct params', async function () {
626 const fields = { email: 'admin@example.com' }
628 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields, statusCodeExpected: 204 })
632 after(async function () {
633 killallServers([ server, serverWithRegistrationDisabled ])
635 // Keep the logs if the test failed